Trojaner-Board - Erst Fehlermeldungen und nun keine Daten mehr und leerer Desktop.

so, das ist jetzt das Ergebnis:

Code:

OTL logfile created on: 22.03.2012 13:36:33 - Run 10

OTL by OldTimer - Version 3.2.39.1     Folder = C:\Users\Nine\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6002.18005)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,00 Gb Total Physical Memory | 1,85 Gb Available Physical Memory | 61,77% Memory free

6,23 Gb Paging File | 5,13 Gb Available in Paging File | 82,43% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 149,04 Gb Total Space | 54,32 Gb Free Space | 36,45% Space Free | Partition Type: NTFS

Drive D: | 137,33 Gb Total Space | 42,55 Gb Free Space | 30,98% Space Free | Partition Type: NTFS

Drive G: | 3,73 Gb Total Space | 2,68 Gb Free Space | 71,77% Space Free | Partition Type: FAT32

 

Computer Name: NINE-PC | User Name: Nine | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Users\Nine\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)

PRC - C:\Windows\System32\TUProgSt.exe (TuneUp Software)

PRC - C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)

PRC - C:\Program Files\FRITZ!DSL\IGDCTRL.EXE (AVM Berlin)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)

PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

PRC - C:\Windows\System32\ASTSRV.EXE (Nalpeiron Ltd.)

PRC - C:\Program Files\SBPaper\paper.exe ()

PRC - C:\Program Files\ATK Hotkey\HControl.exe (ATK0100)

PRC - C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()

PRC - C:\Program Files\ATK Hotkey\ATKOSD.exe ()

PRC - C:\CK Popup Killer\PKILL.EXE (CK Software)

 

 
 ========== Modules (No Company Name) ==========

 

MOD - C:\Program Files\FileZilla FTP Client\fzshellext.dll ()

MOD - C:\WinRAR\RarExt.dll ()

MOD - C:\Windows\System32\atitmmxx.dll ()

MOD - C:\Program Files\SBPaper\paper.exe ()

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - (NMIndexingService) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe File not found

SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)

SRV - (TuneUp.ProgramStatisticsSvc) -- C:\Windows\System32\TUProgSt.exe (TuneUp Software)

SRV - (TuneUp.Defrag) -- C:\Windows\System32\TuneUpDefragService.exe (TuneUp Software)

SRV - (IGDCTRL) -- C:\Program Files\FRITZ!DSL\IGDCTRL.EXE (AVM Berlin)

SRV - (UPnPService) -- C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe (Magix AG)

SRV - (ASTSRV) -- C:\Windows\System32\ASTSRV.EXE (Nalpeiron Ltd.)

SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV - (ASLDRService) -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - (catchme) -- C:\Users\Nine\AppData\Local\Temp\catchme.sys File not found

DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)

DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)

DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)

DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()

DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()

DRV - (ivusb) -- C:\Windows\System32\drivers\ivusb.sys (Initio Corporation)

DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)

DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)

DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)

DRV - (SiSGbeLH) -- C:\Windows\System32\drivers\SiSGB6.sys (Silicon Integrated Systems Corp.)

DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)

DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)

DRV - (sscdmdm) -- C:\Windows\System32\drivers\sscdmdm.sys (MCCI)

DRV - (sscdmdfl) -- C:\Windows\System32\drivers\sscdmdfl.sys (MCCI)

DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\Windows\System32\drivers\sscdbus.sys (MCCI)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=102&systemid=406&q={searchTerms}

IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-2684614725-1401231723-2353267314-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchqu.com/406

IE - HKU\S-1-5-21-2684614725-1401231723-2353267314-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKU\S-1-5-21-2684614725-1401231723-2353267314-1000\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

IE - HKU\S-1-5-21-2684614725-1401231723-2353267314-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKU\S-1-5-21-2684614725-1401231723-2353267314-1000\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=wbst&s={searchTerms}&f=4

IE - HKU\S-1-5-21-2684614725-1401231723-2353267314-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&ai=13054

IE - HKU\S-1-5-21-2684614725-1401231723-2353267314-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=102&systemid=406&q={searchTerms}

IE - HKU\S-1-5-21-2684614725-1401231723-2353267314-1000\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = hxxp://www.daemon-search.com/search/web?q={searchTerms}

IE - HKU\S-1-5-21-2684614725-1401231723-2353267314-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050

IE - HKU\S-1-5-21-2684614725-1401231723-2353267314-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "Search Results"

FF - prefs.js..browser.search.defaultthis.engineName: "Search"

FF - prefs.js..browser.search.defaulturl: "hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&ai=13054"

FF - prefs.js..browser.search.order.1: "Search Results"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.search.suggest.enabled: false

FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"

FF - prefs.js..extensions.enabledItems: {464F169E-ACE1-4C5F-A778-A433A3DABBAE}:1.0

FF - prefs.js..extensions.enabledItems: fbchathistory@firechm.com:1.1.5

FF - prefs.js..extensions.enabledItems: firefox@facebook.com:1.6

FF - prefs.js..extensions.enabledItems: {2122962a-1424-fffe-19af-bba2ef3eff4a}:1.0

FF - prefs.js..extensions.enabledItems: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}:2.5.6.0

FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.1

FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&appid=102&systemid=406&q="

FF - prefs.js..network.proxy.type: 0

 

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.0: C:\Users\Nine\AppData\Roaming\Facebook\npfbplugin_1_0_0.dll File not found

FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Users\Nine\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll File not found

FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Nine\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll File not found

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\2.bin

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Mozilla Firefox\components [2012.03.18 13:50:34 | 000,000,000 | -H-D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Mozilla Firefox\plugins [2011.11.28 08:35:00 | 000,000,000 | -H-D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Components: C:\program files\Mozilla Thunderbird\components [2011.11.08 16:40:20 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Mozilla Firefox\components [2012.03.18 13:50:34 | 000,000,000 | -H-D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Mozilla Firefox\plugins [2011.11.28 08:35:00 | 000,000,000 | -H-D | M]

 

[2011.06.21 19:26:30 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Nine\AppData\Roaming\mozilla\Extensions

[2010.02.10 11:26:45 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Nine\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2010.01.09 15:37:46 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Nine\AppData\Roaming\mozilla\Extensions\postbox@postbox-inc.com

[2012.01.11 10:04:19 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Nine\AppData\Roaming\mozilla\Firefox\Profiles\cmswdcip.default\extensions

[2011.12.25 11:59:03 | 000,000,000 | -H-D | M] (DownloadHelper) -- C:\Users\Nine\AppData\Roaming\mozilla\Firefox\Profiles\cmswdcip.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2012.01.10 00:01:51 | 000,000,933 | -H-- | M] () -- C:\Users\Nine\AppData\Roaming\Mozilla\Firefox\Profiles\cmswdcip.default\searchplugins\11-suche.xml

[2012.01.10 00:01:52 | 000,002,419 | -H-- | M] () -- C:\Users\Nine\AppData\Roaming\Mozilla\Firefox\Profiles\cmswdcip.default\searchplugins\englische-ergebnisse.xml

[2012.01.10 00:01:51 | 000,010,525 | -H-- | M] () -- C:\Users\Nine\AppData\Roaming\Mozilla\Firefox\Profiles\cmswdcip.default\searchplugins\gmx-suche.xml

[2012.01.10 00:01:51 | 000,002,457 | -H-- | M] () -- C:\Users\Nine\AppData\Roaming\Mozilla\Firefox\Profiles\cmswdcip.default\searchplugins\lastminute.xml

[2012.01.10 00:01:51 | 000,005,508 | -H-- | M] () -- C:\Users\Nine\AppData\Roaming\Mozilla\Firefox\Profiles\cmswdcip.default\searchplugins\webde-suche.xml

[2010.04.24 09:59:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2010.03.10 16:00:26 | 000,002,025 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml

 

O1 HOSTS File: ([2011.05.04 11:27:51 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

O2 - BHO: (VMLoadHBO Class) - {C17C7688-31D1-46D7-8C9B-5D253E4F5D5E} - C:\Users\Nine\AppData\Roaming\VMLoad\addin\VMLoad.dll (TODO: <Company name>)

O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O3 - HKU\S-1-5-21-2684614725-1401231723-2353267314-1000\..\Toolbar\WebBrowser: (no name) - {00000000-0000-0000-0000-000000000000} - No CLSID value found.

O3 - HKU\S-1-5-21-2684614725-1401231723-2353267314-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

O4 - HKU\S-1-5-21-2684614725-1401231723-2353267314-1000..\Run: [CK POPUP KILLER] C:\CK Popup Killer\PKILL.EXE (CK Software)

O4 - HKU\S-1-5-21-2684614725-1401231723-2353267314-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKU\S-1-5-21-2684614725-1401231723-2353267314-1000..\Run: [ScottsPaperManager] C:\Program Files\SBPaper\paper.exe ()

O4 - Startup: C:\Users\Nine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Nine\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

O4 - Startup: C:\Users\Nine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Stardock\ObjectDock\ObjectDock.exe (Stardock)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-2684614725-1401231723-2353267314-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-2684614725-1401231723-2353267314-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0

O7 - HKU\S-1-5-21-2684614725-1401231723-2353267314-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\FRITZ!DSL\\sarah.dll ()

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)

O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)

O15 - HKU\S-1-5-21-2684614725-1401231723-2353267314-1000\..Trusted Domains: everestpoker.com ([account] https in Vertrauenswürdige Sites)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{899604F5-EF7C-477D-BCE8-8665CB9B0390}: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BCE83FC1-A859-4511-824F-32EA70FF7493}: DhcpNameServer = 192.168.178.1

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O24 - Desktop WallPaper: 

O24 - Desktop BackupWallPaper: 

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: FastUserSwitchingCompatibility -  File not found

NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)

NetSvcs: Nla -  File not found

NetSvcs: Ntmssvc -  File not found

NetSvcs: NWCWorkstation -  File not found

NetSvcs: Nwsapagent -  File not found

NetSvcs: SRService -  File not found

NetSvcs: WmdmPmSp -  File not found

NetSvcs: LogonHours -  File not found

NetSvcs: PCAudit -  File not found

NetSvcs: helpsvc -  File not found

NetSvcs: uploadmgr -  File not found

 

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk -  - File not found

MsConfig - StartUpFolder: C:^Users^Nine^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk - C:\Users\Nine\AppData\Roaming\Dropbox\bin\Dropbox.exe - (Dropbox, Inc.)

MsConfig - StartUpReg: CK POPUP KILLER - hkey= - key= - C:\CK Popup Killer\PKILL.EXE (CK Software)

MsConfig - StartUpReg: HP Software Update - hkey= - key= - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)

MsConfig - StartUpReg: hpqSRMon - hkey= - key= -  File not found

MsConfig - StartUpReg: Malwarebytes' Anti-Malware - hkey= - key= - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

MsConfig - StartUpReg: Malwarebytes' Anti-Malware (reboot) - hkey= - key= - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)

MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)

MsConfig - StartUpReg: StartCCC - hkey= - key= - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

 

SafeBootMin: 88773322.sys - Driver

SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: NTDS -  File not found

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

SafeBootNet: 88773322.sys - Driver

SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: Messenger - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: NTDS -  File not found

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SafeBootNet: WudfPf - Driver

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0

ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework

ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6446BBBF-7E00-2674-BDC7-DED62B620299} - Microsoft Windows Media Player 11.0

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

 

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)

Drivers32: vidc.i420 - C:\Windows\System32\i420vfw.dll (www.helixcommunity.org)

Drivers32: vidc.yv12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.03.21 22:17:17 | 000,000,000 | ---D | C] -- C:\Program Files\ESET

[2012.03.21 22:16:37 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Nine\Desktop\esetsmartinstaller_enu.exe

[2012.03.21 19:30:49 | 000,000,000 | ---D | C] -- C:\Users\Nine\Desktop\Malwarebytes' Anti-Malware

[2012.03.20 19:16:58 | 000,594,432 | ---- | C] (OldTimer Tools) -- C:\Users\Nine\Desktop\OTL.exe

[2012.03.20 18:43:19 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine

[2012.03.20 18:38:51 | 002,063,920 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Nine\Desktop\tdsskiller.exe

[2012.03.20 13:43:21 | 000,000,000 | -H-D | C] -- C:\Users\Nine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check

[2012.03.15 19:39:21 | 000,000,000 | -H-D | C] -- C:\ProgramData\HP Photo Creations

[2012.03.15 19:39:21 | 000,000,000 | ---D | C] -- C:\Program Files\HP Photo Creations

[2012.02.24 22:44:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.03.22 13:33:18 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2012.03.22 13:33:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.03.22 09:28:00 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012.03.22 01:20:54 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2012.03.22 01:20:54 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2012.03.21 22:15:26 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Nine\Desktop\esetsmartinstaller_enu.exe

[2012.03.21 19:28:20 | 000,639,210 | ---- | M] () -- C:\Windows\System32\perfh007.dat

[2012.03.21 19:28:20 | 000,604,764 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2012.03.21 19:28:20 | 000,131,218 | ---- | M] () -- C:\Windows\System32\perfc007.dat

[2012.03.21 19:28:20 | 000,108,096 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2012.03.21 19:20:47 | 3220,463,616 | -HS- | M] () -- C:\hiberfil.sys

[2012.03.20 19:16:22 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Users\Nine\Desktop\OTL.exe

[2012.03.20 18:26:36 | 002,063,920 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Nine\Desktop\tdsskiller.exe

[2012.03.20 18:19:20 | 001,008,141 | ---- | M] () -- C:\Users\Nine\Desktop\rkill.com

[2012.03.20 13:51:19 | 000,000,448 | -H-- | M] () -- C:\ProgramData\lawJN9WIPzleuA

[2012.03.20 13:48:08 | 000,000,264 | -H-- | M] () -- C:\ProgramData\~lawJN9WIPzleuA

[2012.03.20 13:48:08 | 000,000,176 | -H-- | M] () -- C:\ProgramData\~lawJN9WIPzleuAr

[2012.03.20 13:43:23 | 000,000,612 | -H-- | M] () -- C:\Users\Nine\Desktop\System Check.lnk

[2012.03.19 22:21:01 | 000,164,289 | -H-- | M] () -- C:\Users\Nine\Desktop\1311166303-476.jpg

[2012.03.19 22:19:05 | 000,078,727 | -H-- | M] () -- C:\Users\Nine\Desktop\1312539364-905.jpg

[2012.03.19 22:04:16 | 000,718,319 | -H-- | M] () -- C:\Users\Nine\Desktop\Sarouel_poche_genoulliere.pdf

[2012.03.19 22:04:00 | 000,639,226 | -H-- | M] () -- C:\Users\Nine\Desktop\Sarouel_entrejambes.pdf

[2012.03.19 22:00:16 | 000,003,674 | -H-- | M] () -- C:\Users\Nine\Desktop\hose-einfach-abb1.gif

[2012.03.17 22:09:11 | 000,203,264 | -H-- | M] () -- C:\Users\Nine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012.03.17 02:00:46 | 553,071,814 | -H-- | M] () -- C:\Users\Nine\Desktop\MVI_7962.AVI

[2012.03.15 03:22:53 | 002,195,408 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2012.03.12 10:15:01 | 000,000,903 | -H-- | M] () -- C:\Users\Nine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

[2012.03.11 17:11:56 | 000,178,260 | -H-- | M] () -- C:\Users\Nine\Desktop\gewa1_online.pdf

[2012.03.06 22:41:01 | 000,000,680 | -H-- | M] () -- C:\Users\Nine\AppData\Local\d3d9caps.dat

 
 ========== Files Created - No Company Name ==========

 

[2012.03.20 18:36:26 | 3220,463,616 | -HS- | C] () -- C:\hiberfil.sys

[2012.03.20 18:20:57 | 001,008,141 | ---- | C] () -- C:\Users\Nine\Desktop\rkill.com

[2012.03.20 13:43:24 | 000,000,264 | -H-- | C] () -- C:\ProgramData\~lawJN9WIPzleuA

[2012.03.20 13:43:24 | 000,000,176 | -H-- | C] () -- C:\ProgramData\~lawJN9WIPzleuAr

[2012.03.20 13:43:23 | 000,000,612 | -H-- | C] () -- C:\Users\Nine\Desktop\System Check.lnk

[2012.03.20 13:43:15 | 000,000,448 | -H-- | C] () -- C:\ProgramData\lawJN9WIPzleuA

[2012.03.19 22:21:00 | 000,164,289 | -H-- | C] () -- C:\Users\Nine\Desktop\1311166303-476.jpg

[2012.03.19 22:19:05 | 000,078,727 | -H-- | C] () -- C:\Users\Nine\Desktop\1312539364-905.jpg

[2012.03.19 22:04:16 | 000,718,319 | -H-- | C] () -- C:\Users\Nine\Desktop\Sarouel_poche_genoulliere.pdf

[2012.03.19 22:04:00 | 000,639,226 | -H-- | C] () -- C:\Users\Nine\Desktop\Sarouel_entrejambes.pdf

[2012.03.19 22:00:16 | 000,003,674 | -H-- | C] () -- C:\Users\Nine\Desktop\hose-einfach-abb1.gif

[2012.03.18 20:22:41 | 553,071,814 | -H-- | C] () -- C:\Users\Nine\Desktop\MVI_7962.AVI

[2012.03.11 17:11:56 | 000,178,260 | -H-- | C] () -- C:\Users\Nine\Desktop\gewa1_online.pdf

[2011.07.06 19:33:51 | 000,000,164 | -H-- | C] () -- C:\ProgramData\{701ACAF9-F102-47c2-8907-36246F4DFB51}

[2011.03.07 11:30:56 | 000,000,109 | ---- | C] () -- C:\Windows\GMouse.ini

[2010.12.22 00:04:07 | 000,000,092 | -H-- | C] () -- C:\Users\Nine\AppData\Local\fusioncache.dat

[2010.10.12 16:59:35 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys

[2010.10.12 16:59:34 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys

[2010.08.12 14:51:44 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe

[2010.08.12 14:51:44 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2010.08.12 14:51:44 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe

[2010.08.12 14:51:44 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2010.08.12 14:51:44 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2010.08.10 20:30:36 | 000,001,745 | ---- | C] () -- C:\Windows\lsrslt.ini

 
 ========== LOP Check ==========

 

[2010.02.25 16:29:55 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Alien Skin

[2010.11.07 22:52:30 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Ashampoo

[2010.11.16 11:13:07 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Astroburn Pro

[2010.01.30 14:53:10 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\avidemux

[2011.10.11 12:09:02 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Azureus

[2011.09.17 09:46:27 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Canneverbe Limited

[2010.11.16 11:05:43 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\DAEMON Tools Lite

[2011.07.06 19:32:11 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Degener

[2012.03.20 09:08:19 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Dropbox

[2011.04.13 21:47:12 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\DVDVideoSoft

[2010.07.26 22:13:17 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\DVDVideoSoftIEHelpers

[2011.05.04 09:39:29 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Egyh

[2011.06.19 13:17:44 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\FileZilla

[2011.03.03 08:54:08 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\FRITZ!

[2011.02.10 20:39:51 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\GetRightToGo

[2010.08.30 18:39:48 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Image Zone Express

[2010.12.22 00:11:39 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Imaxel

[2010.04.23 17:58:55 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\MAXON

[2010.10.01 11:14:10 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\NCH Swift Sound

[2010.08.12 17:17:51 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Online Solutions

[2010.05.12 16:25:52 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\OpenOffice.org

[2010.08.08 19:37:06 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Opera

[2010.02.01 17:05:56 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Passware

[2010.01.09 15:37:45 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Postbox

[2010.02.13 16:48:18 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Printer Info Cache

[2011.06.19 15:16:06 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\ScummVM

[2011.10.13 09:13:33 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\SharePod

[2010.05.31 15:46:01 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Spesoft Audio Converter

[2012.03.20 00:19:27 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\temp

[2010.02.10 11:26:45 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Thunderbird

[2012.02.24 22:46:01 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\TuneUp Software

[2011.06.05 09:07:24 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\uTorrent

[2011.05.04 09:51:32 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Uwwiqy

[2010.05.25 12:32:39 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\VMLoad

[2012.03.20 20:21:08 | 000,032,642 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 
 < %ALLUSERSPROFILE%\Application Data\*. >

 
 < %ALLUSERSPROFILE%\Application Data\*.exe /s >

 
 < %APPDATA%\*. >

[2012.03.19 16:41:05 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Adobe

[2009.12.13 19:48:43 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Ahead

[2010.02.25 16:29:55 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Alien Skin

[2009.12.18 10:45:34 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Apple Computer

[2010.11.07 22:52:30 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Ashampoo

[2010.11.16 11:13:07 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Astroburn Pro

[2009.12.07 17:59:52 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\ATI

[2010.01.30 14:53:10 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\avidemux

[2010.08.11 23:01:44 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Avira

[2011.10.11 12:09:02 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Azureus

[2011.09.17 09:46:27 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Canneverbe Limited

[2010.11.16 11:05:43 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\DAEMON Tools Lite

[2011.07.06 19:32:11 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Degener

[2010.03.22 20:32:54 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\DivX

[2010.11.09 13:32:16 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Download Manager

[2012.03.20 09:08:19 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Dropbox

[2011.04.13 21:47:12 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\DVDVideoSoft

[2010.07.26 22:13:17 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\DVDVideoSoftIEHelpers

[2011.05.04 09:39:29 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Egyh

[2011.06.19 13:17:44 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\FileZilla

[2011.03.03 08:54:08 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\FRITZ!

[2011.02.10 20:39:51 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\GetRightToGo

[2010.02.04 16:29:04 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\HP

[2011.10.28 10:50:23 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Identities

[2010.08.30 18:39:48 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Image Zone Express

[2010.12.22 00:11:39 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Imaxel

[2009.12.17 17:07:00 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\InstallShield

[2009.12.07 20:00:50 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Macromedia

[2010.08.11 09:11:43 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Malwarebytes

[2010.04.23 17:58:55 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\MAXON

[2006.11.02 13:37:34 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Media Center Programs

[2009.12.09 16:45:43 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Media Player Classic

[2010.12.26 22:26:05 | 000,000,000 | --SD | M] -- C:\Users\Nine\AppData\Roaming\Microsoft

[2009.12.07 18:20:06 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Mozilla

[2010.10.01 11:14:10 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\NCH Swift Sound

[2010.09.04 13:35:38 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Nero

[2010.08.12 17:17:51 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Online Solutions

[2010.05.12 16:25:52 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\OpenOffice.org

[2010.08.08 19:37:06 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Opera

[2010.02.01 17:05:56 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Passware

[2010.01.09 15:37:45 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Postbox

[2010.02.13 16:48:18 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Printer Info Cache

[2011.06.19 15:16:06 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\ScummVM

[2011.05.16 21:40:23 | 000,000,000 | RH-D | M] -- C:\Users\Nine\AppData\Roaming\SecuROM

[2011.10.13 09:13:33 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\SharePod

[2012.01.10 23:55:34 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Skype

[2011.06.13 07:01:14 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\skypePM

[2010.05.31 15:46:01 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Spesoft Audio Converter

[2012.03.20 00:19:27 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\temp

[2010.02.10 11:26:45 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Thunderbird

[2012.02.24 22:46:01 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\TuneUp Software

[2011.06.05 09:07:24 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\uTorrent

[2011.05.04 09:51:32 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\Uwwiqy

[2010.05.25 12:32:39 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\VMLoad

[2009.12.08 00:24:00 | 000,000,000 | -H-D | M] -- C:\Users\Nine\AppData\Roaming\WinRAR

 
 < %APPDATA%\*.exe /s >

[2010.10.04 07:56:04 | 000,310,208 | -H-- | M] (Georgia Institute of Technology) -- C:\Users\Nine\AppData\Roaming\Azureus\plugins\mlab\ShaperProbeC.exe

[2011.10.11 11:53:17 | 009,077,688 | -H-- | M] (Vuze Inc.) -- C:\Users\Nine\AppData\Roaming\Azureus\tmp\AZU6912415733898544045.tmp\Vuze_4.7.0.0a_win32.exe

[2012.02.15 00:03:14 | 024,246,216 | -H-- | M] (Dropbox, Inc.) -- C:\Users\Nine\AppData\Roaming\Dropbox\bin\Dropbox.exe

[2012.02.15 00:03:44 | 000,174,752 | -H-- | M] (Dropbox, Inc.) -- C:\Users\Nine\AppData\Roaming\Dropbox\bin\Uninstall.exe

[2010.10.04 08:59:18 | 000,038,208 | -H-- | M] () -- C:\Users\Nine\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe

[2010.12.26 22:26:05 | 000,010,134 | RH-- | M] () -- C:\Users\Nine\AppData\Roaming\Microsoft\Installer\{D98C9637-93DA-44DB-B73A-B11A1192AB26}\ARPPRODUCTICON.exe

[2010.12.26 22:26:05 | 000,045,056 | RH-- | M] (InstallShield Software Corp.) -- C:\Users\Nine\AppData\Roaming\Microsoft\Installer\{D98C9637-93DA-44DB-B73A-B11A1192AB26}\GameShadow.exe1_D9316813509243FDA4C292F72F483E61.exe

[2010.12.26 22:26:05 | 000,045,056 | RH-- | M] (InstallShield Software Corp.) -- C:\Users\Nine\AppData\Roaming\Microsoft\Installer\{D98C9637-93DA-44DB-B73A-B11A1192AB26}\GameShadow.exe_D9316813509243FDA4C292F72F483E61.exe

[2010.12.26 22:26:05 | 000,040,960 | RH-- | M] (InstallShield Software Corp.) -- C:\Users\Nine\AppData\Roaming\Microsoft\Installer\{D98C9637-93DA-44DB-B73A-B11A1192AB26}\GSDR.exe_D9316813509243FDA4C292F72F483E61.exe

[2010.12.26 22:26:05 | 000,008,854 | RH-- | M] () -- C:\Users\Nine\AppData\Roaming\Microsoft\Installer\{D98C9637-93DA-44DB-B73A-B11A1192AB26}\NewShortcut1_D98C963793DA44DBB73AB11A1192AB26.exe

 
 < %SYSTEMDRIVE%\*.exe >

 
 < MD5 for: AGP440.SYS  >

[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\ERDNT\cache\agp440.sys

[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\agp440.sys

[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys

[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys

[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys

[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys

[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

 
 < MD5 for: ATAPI.SYS  >

[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\ERDNT\cache\atapi.sys

[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys

[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys

[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys

[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys

[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys

[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

 
 < MD5 for: CNGAUDIT.DLL  >

[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\ERDNT\cache\cngaudit.dll

[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll

[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

 
 < MD5 for: IASTORV.SYS  >

[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys

[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys

[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys

[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

 
 < MD5 for: NETLOGON.DLL  >

[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\ERDNT\cache\netlogon.dll

[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll

[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll

[2008.01.21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

 
 < MD5 for: NVSTOR.SYS  >

[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys

[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys

[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys

[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

 
 < MD5 for: SCECLI.DLL  >

[2008.01.21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll

[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\ERDNT\cache\scecli.dll

[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll

[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\ERDNT\cache\user32.dll

[2008.01.21 03:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll

[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll

[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe

[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe

[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

[2009.05.26 18:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Users\Nine\AppData\Local\temp\RarSFX1\userinit.exe

 
 < MD5 for: WININIT.EXE  >

[2008.01.21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\ERDNT\cache\wininit.exe

[2008.01.21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe

[2008.01.21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

[2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Users\Nine\Desktop\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\ERDNT\cache\winlogon.exe

[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe

[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe

[2009.05.26 18:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Users\Nine\AppData\Local\temp\RarSFX1\winlogon.exe

[2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys

[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

[2008.01.21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV

[2008.01.21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV

[2008.01.21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV

[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV

[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

 
 < %systemroot%\*. /mp /s >

 
 < %systemroot%\system32\*.dll /lockedfiles >

 
 <           >
 

< End of report >

hab ich gemacht, jetzt hat er mehr gefunden:

Code:

20:42:53.0884 2032        TDSS rootkit removing tool 2.7.22.0 Mar 21 2012 17:40:00

20:42:54.0056 2032        ============================================================

20:42:54.0056 2032        Current date / time: 2012/03/23 20:42:54.0056

20:42:54.0056 2032        SystemInfo:

20:42:54.0056 2032        

20:42:54.0056 2032        OS Version: 6.0.6002 ServicePack: 2.0

20:42:54.0056 2032        Product type: Workstation

20:42:54.0056 2032        ComputerName: NINE-PC

20:42:54.0056 2032        UserName: Nine

20:42:54.0056 2032        Windows directory: C:\Windows

20:42:54.0056 2032        System windows directory: C:\Windows

20:42:54.0056 2032        Processor architecture: Intel x86

20:42:54.0056 2032        Number of processors: 2

20:42:54.0056 2032        Page size: 0x1000

20:42:54.0056 2032        Boot type: Normal boot

20:42:54.0056 2032        ============================================================

20:42:55.0959 2032        Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

20:42:55.0959 2032        Drive \Device\Harddisk1\DR4 - Size: 0xEF000000 (3.73 Gb), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

20:42:55.0959 2032        \Device\Harddisk0\DR0:

20:42:55.0959 2032        MBR used

20:42:55.0959 2032        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1770D7A, BlocksNum 0x12A14C00

20:42:55.0990 2032        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x141859B9, BlocksNum 0x112A7D08

20:42:55.0990 2032        \Device\Harddisk1\DR4:

20:42:55.0990 2032        MBR used

20:42:55.0990 2032        \Device\Harddisk1\DR4\Partition0: MBR, Type 0xC, StartLBA 0x28, BlocksNum 0x777FD7

20:42:56.0193 2032        Initialize success

20:42:56.0193 2032        ============================================================

20:43:20.0248 1240        ============================================================

20:43:20.0248 1240        Scan started

20:43:20.0248 1240        Mode: Manual; 

20:43:20.0248 1240        ============================================================

20:43:21.0200 1240        ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

20:43:21.0215 1240        ACPI - ok

20:43:21.0387 1240        adp94xx         (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys

20:43:21.0403 1240        adp94xx - ok

20:43:21.0481 1240        adpahci         (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys

20:43:21.0481 1240        adpahci - ok

20:43:21.0590 1240        adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys

20:43:21.0590 1240        adpu160m - ok

20:43:21.0652 1240        adpu320         (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys

20:43:21.0668 1240        adpu320 - ok

20:43:21.0824 1240        AeLookupSvc     (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll

20:43:21.0839 1240        AeLookupSvc - ok

20:43:21.0964 1240        AFD             (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys

20:43:21.0964 1240        AFD - ok

20:43:22.0011 1240        agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys

20:43:22.0027 1240        agp440 - ok

20:43:22.0073 1240        aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

20:43:22.0089 1240        aic78xx - ok

20:43:22.0120 1240        ALG             (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe

20:43:22.0120 1240        ALG - ok

20:43:22.0167 1240        aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys

20:43:22.0167 1240        aliide - ok

20:43:22.0198 1240        amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys

20:43:22.0198 1240        amdagp - ok

20:43:22.0229 1240        amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys

20:43:22.0229 1240        amdide - ok

20:43:22.0339 1240        AmdK7           (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys

20:43:22.0339 1240        AmdK7 - ok

20:43:22.0385 1240        AmdK8           (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys

20:43:22.0385 1240        AmdK8 - ok

20:43:22.0651 1240        AntiVirSchedulerService (c27d46b06d340293670450fce9dfb166) C:\Program Files\Avira\AntiVir Desktop\sched.exe

20:43:22.0666 1240        AntiVirSchedulerService - ok

20:43:22.0744 1240        AntiVirService  (72d90e56563165984224493069c69ed4) C:\Program Files\Avira\AntiVir Desktop\avguard.exe

20:43:22.0744 1240        AntiVirService - ok

20:43:23.0119 1240        Appinfo         (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll

20:43:23.0119 1240        Appinfo - ok

20:43:23.0368 1240        Apple Mobile Device (4b5ae15e5c73eb4dc8dbec2788230d41) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

20:43:23.0415 1240        Apple Mobile Device - ok

20:43:23.0711 1240        arc             (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys

20:43:23.0758 1240        arc - ok

20:43:23.0805 1240        arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys

20:43:23.0805 1240        arcsas - ok

20:43:23.0914 1240        ASLDRService    (66597ad6098352d11239c0c42100b176) C:\Program Files\ATK Hotkey\ASLDRSrv.exe

20:43:23.0961 1240        ASLDRService - ok

20:43:24.0070 1240        aspnet_state    (40c145f12ff461a0220303bda134f598) C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

20:43:24.0117 1240        aspnet_state - ok

20:43:24.0335 1240        ASTSRV          (0c83fc56707bf68db04947052a8188b1) C:\Windows\system32\ASTSRV.EXE

20:43:24.0351 1240        ASTSRV - ok

20:43:24.0538 1240        AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

20:43:24.0538 1240        AsyncMac - ok

20:43:24.0694 1240        atapi           (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

20:43:24.0710 1240        atapi - ok

20:43:24.0991 1240        athr            (2846f5ee802889d500fcf5cc48b28381) C:\Windows\system32\DRIVERS\athr.sys

20:43:25.0022 1240        athr - ok

20:43:25.0256 1240        Ati External Event Utility (2039e24fe00639a9123dcd6f22d42d74) C:\Windows\system32\Ati2evxx.exe

20:43:25.0334 1240        Ati External Event Utility - ok

20:43:25.0677 1240        atikmdag        (d2e9acb68fa61c911cc21e07f87705bf) C:\Windows\system32\DRIVERS\atikmdag.sys

20:43:25.0771 1240        atikmdag - ok

20:43:26.0051 1240        atksgt          (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys

20:43:26.0067 1240        atksgt - ok

20:43:26.0192 1240        AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll

20:43:26.0254 1240        AudioEndpointBuilder - ok

20:43:26.0285 1240        Audiosrv        (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll

20:43:26.0285 1240        Audiosrv - ok

20:43:26.0441 1240        avgntflt        (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys

20:43:26.0473 1240        avgntflt - ok

20:43:26.0535 1240        avipbb          (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys

20:43:26.0535 1240        avipbb - ok

20:43:26.0582 1240        Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

20:43:26.0582 1240        Beep - ok

20:43:26.0675 1240        BFE             (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll

20:43:26.0691 1240        BFE - ok

20:43:26.0894 1240        BITS            (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll

20:43:26.0956 1240        BITS - ok

20:43:27.0190 1240        blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys

20:43:27.0206 1240        blbdrive - ok

20:43:27.0377 1240        Bonjour Service (3f56903e124e820aeece6d471583c6c1) C:\Program Files\Bonjour\mDNSResponder.exe

20:43:27.0377 1240        Bonjour Service - ok

20:43:27.0830 1240        bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys

20:43:27.0845 1240        bowser - ok

20:43:27.0986 1240        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

20:43:28.0001 1240        BrFiltLo - ok

20:43:28.0048 1240        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

20:43:28.0048 1240        BrFiltUp - ok

20:43:28.0142 1240        Browser         (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll

20:43:28.0157 1240        Browser - ok

20:43:28.0189 1240        Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

20:43:28.0189 1240        Brserid - ok

20:43:28.0267 1240        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

20:43:28.0267 1240        BrSerWdm - ok

20:43:28.0313 1240        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

20:43:28.0313 1240        BrUsbMdm - ok

20:43:28.0329 1240        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

20:43:28.0345 1240        BrUsbSer - ok

20:43:28.0391 1240        BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

20:43:28.0391 1240        BTHMODEM - ok

20:43:28.0532 1240        catchme - ok

20:43:28.0797 1240        cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

20:43:28.0813 1240        cdfs - ok

20:43:29.0047 1240        cdrom           (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

20:43:29.0093 1240        cdrom - ok

20:43:29.0140 1240        CertPropSvc     (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll

20:43:29.0140 1240        CertPropSvc - ok

20:43:29.0171 1240        circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys

20:43:29.0171 1240        circlass - ok

20:43:29.0234 1240        CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

20:43:29.0343 1240        CLFS - ok

20:43:29.0515 1240        clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

20:43:29.0546 1240        clr_optimization_v2.0.50727_32 - ok

20:43:29.0608 1240        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

20:43:29.0733 1240        clr_optimization_v4.0.30319_32 - ok

20:43:29.0827 1240        CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

20:43:29.0827 1240        CmBatt - ok

20:43:29.0858 1240        cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys

20:43:29.0920 1240        cmdide - ok

20:43:29.0998 1240        Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

20:43:29.0998 1240        Compbatt - ok

20:43:30.0014 1240        Scan interrupted by user!

20:43:30.0014 1240        Scan interrupted by user!

20:43:30.0014 1240        Scan interrupted by user!

20:43:30.0014 1240        ============================================================

20:43:30.0014 1240        Scan finished

20:43:30.0014 1240        ============================================================

20:43:30.0029 1256        Detected object count: 0

20:43:30.0029 1256        Actual detected object count: 0

20:43:40.0497 4060        ============================================================

20:43:40.0497 4060        Scan started

20:43:40.0497 4060        Mode: Manual; SigCheck; TDLFS; 

20:43:40.0497 4060        ============================================================

20:43:41.0308 4060        ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

20:43:41.0433 4060        ACPI - ok

20:43:41.0605 4060        adp94xx         (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys

20:43:41.0636 4060        adp94xx - ok

20:43:41.0698 4060        adpahci         (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys

20:43:41.0714 4060        adpahci - ok

20:43:41.0776 4060        adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys

20:43:41.0776 4060        adpu160m - ok

20:43:41.0823 4060        adpu320         (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys

20:43:41.0839 4060        adpu320 - ok

20:43:41.0948 4060        AeLookupSvc     (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll

20:43:42.0104 4060        AeLookupSvc - ok

20:43:42.0369 4060        AFD             (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys

20:43:42.0509 4060        AFD - ok

20:43:42.0837 4060        agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys

20:43:42.0853 4060        agp440 - ok

20:43:43.0071 4060        aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

20:43:43.0087 4060        aic78xx - ok

20:43:43.0180 4060        ALG             (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe

20:43:43.0383 4060        ALG - ok

20:43:43.0726 4060        aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys

20:43:43.0742 4060        aliide - ok

20:43:43.0789 4060        amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys

20:43:43.0804 4060        amdagp - ok

20:43:43.0835 4060        amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys

20:43:43.0851 4060        amdide - ok

20:43:43.0882 4060        AmdK7           (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys

20:43:43.0960 4060        AmdK7 - ok

20:43:44.0007 4060        AmdK8           (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys

20:43:44.0085 4060        AmdK8 - ok

20:43:44.0303 4060        AntiVirSchedulerService (c27d46b06d340293670450fce9dfb166) C:\Program Files\Avira\AntiVir Desktop\sched.exe

20:43:44.0335 4060        AntiVirSchedulerService - ok

20:43:44.0350 4060        AntiVirService  (72d90e56563165984224493069c69ed4) C:\Program Files\Avira\AntiVir Desktop\avguard.exe

20:43:44.0366 4060        AntiVirService - ok

20:43:44.0553 4060        Appinfo         (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll

20:43:44.0771 4060        Appinfo - ok

20:43:44.0927 4060        Apple Mobile Device (4b5ae15e5c73eb4dc8dbec2788230d41) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

20:43:44.0943 4060        Apple Mobile Device - ok

20:43:45.0302 4060        arc             (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys

20:43:45.0317 4060        arc - ok

20:43:45.0442 4060        arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys

20:43:45.0442 4060        arcsas - ok

20:43:45.0739 4060        ASLDRService    (66597ad6098352d11239c0c42100b176) C:\Program Files\ATK Hotkey\ASLDRSrv.exe

20:43:45.0770 4060        ASLDRService ( UnsignedFile.Multi.Generic ) - warning

20:43:45.0770 4060        ASLDRService - detected UnsignedFile.Multi.Generic (1)

20:43:45.0957 4060        aspnet_state    (40c145f12ff461a0220303bda134f598) C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

20:43:45.0973 4060        aspnet_state - ok

20:43:46.0363 4060        ASTSRV          (0c83fc56707bf68db04947052a8188b1) C:\Windows\system32\ASTSRV.EXE

20:43:46.0378 4060        ASTSRV ( UnsignedFile.Multi.Generic ) - warning

20:43:46.0378 4060        ASTSRV - detected UnsignedFile.Multi.Generic (1)

20:43:46.0628 4060        AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

20:43:46.0675 4060        AsyncMac - ok

20:43:46.0971 4060        atapi           (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

20:43:46.0987 4060        atapi - ok

20:43:47.0361 4060        athr            (2846f5ee802889d500fcf5cc48b28381) C:\Windows\system32\DRIVERS\athr.sys

20:43:47.0501 4060        athr - ok

20:43:47.0923 4060        Ati External Event Utility (2039e24fe00639a9123dcd6f22d42d74) C:\Windows\system32\Ati2evxx.exe

20:43:48.0047 4060        Ati External Event Utility - ok

20:43:48.0469 4060        atikmdag        (d2e9acb68fa61c911cc21e07f87705bf) C:\Windows\system32\DRIVERS\atikmdag.sys

20:43:49.0233 4060        atikmdag - ok

20:43:49.0592 4060        atksgt          (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys

20:43:49.0841 4060        atksgt - ok

20:43:50.0091 4060        AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll

20:43:50.0138 4060        AudioEndpointBuilder - ok

20:43:50.0247 4060        Audiosrv        (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll

20:43:50.0278 4060        Audiosrv - ok

20:43:50.0575 4060        avgntflt        (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys

20:43:50.0606 4060        avgntflt - ok

20:43:50.0715 4060        avipbb          (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys

20:43:50.0731 4060        avipbb - ok

20:43:50.0777 4060        Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

20:43:50.0918 4060        Beep - ok

20:43:51.0074 4060        BFE             (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll

20:43:51.0152 4060        BFE - ok

20:43:51.0620 4060        BITS            (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll

20:43:51.0698 4060        BITS - ok

20:43:51.0838 4060        blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys

20:43:51.0947 4060        blbdrive - ok

20:43:52.0150 4060        Bonjour Service (3f56903e124e820aeece6d471583c6c1) C:\Program Files\Bonjour\mDNSResponder.exe

20:43:52.0166 4060        Bonjour Service - ok

20:43:52.0571 4060        bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys

20:43:52.0649 4060        bowser - ok

20:43:53.0024 4060        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

20:43:53.0055 4060        BrFiltLo - ok

20:43:53.0383 4060        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

20:43:53.0476 4060        BrFiltUp - ok

20:43:53.0663 4060        Browser         (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll

20:43:53.0773 4060        Browser - ok

20:43:53.0991 4060        Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

20:43:54.0225 4060        Brserid - ok

20:43:54.0475 4060        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

20:43:54.0553 4060        BrSerWdm - ok

20:43:54.0833 4060        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

20:43:54.0943 4060        BrUsbMdm - ok

20:43:55.0301 4060        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

20:43:55.0395 4060        BrUsbSer - ok

20:43:55.0567 4060        BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

20:43:55.0691 4060        BTHMODEM - ok

20:43:55.0832 4060        catchme - ok

20:43:56.0206 4060        cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

20:43:56.0300 4060        cdfs - ok

20:43:56.0565 4060        cdrom           (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

20:43:56.0643 4060        cdrom - ok

20:43:56.0830 4060        CertPropSvc     (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll

20:43:56.0924 4060        CertPropSvc - ok

20:43:57.0236 4060        circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys

20:43:57.0283 4060        circlass - ok

20:43:57.0517 4060        CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

20:43:57.0548 4060        CLFS - ok

20:43:57.0704 4060        clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

20:43:57.0719 4060        clr_optimization_v2.0.50727_32 - ok

20:43:57.0844 4060        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

20:43:57.0860 4060        clr_optimization_v4.0.30319_32 - ok

20:43:58.0297 4060        CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

20:43:58.0359 4060        CmBatt - ok

20:43:58.0499 4060        cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys

20:43:58.0515 4060        cmdide - ok

20:43:58.0624 4060        Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

20:43:58.0640 4060        Compbatt - ok

20:43:58.0718 4060        COMSysApp - ok

20:43:58.0733 4060        crcdisk         (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys

20:43:58.0749 4060        crcdisk - ok

20:43:58.0765 4060        Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys

20:43:58.0827 4060        Crusoe - ok

20:43:59.0030 4060        CryptSvc        (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll

20:43:59.0123 4060        CryptSvc - ok

20:43:59.0404 4060        DcomLaunch      (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll

20:43:59.0482 4060        DcomLaunch - ok

20:43:59.0685 4060        DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys

20:43:59.0794 4060        DfsC - ok

20:44:00.0137 4060        DFSR            (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe

20:44:00.0371 4060        DFSR - ok

20:44:00.0621 4060        Dhcp            (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll

20:44:00.0683 4060        Dhcp - ok

20:44:00.0793 4060        disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

20:44:00.0808 4060        disk - ok

20:44:00.0902 4060        Dnscache        (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll

20:44:00.0995 4060        Dnscache - ok

20:44:01.0058 4060        dot3svc         (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll

20:44:01.0073 4060        dot3svc - ok

20:44:01.0136 4060        Dot4            (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys

20:44:01.0214 4060        Dot4 - ok

20:44:01.0292 4060        Dot4Print       (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys

20:44:01.0339 4060        Dot4Print - ok

20:44:01.0432 4060        dot4usb         (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys

20:44:01.0526 4060        dot4usb - ok

20:44:01.0651 4060        DPS             (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll

20:44:01.0744 4060        DPS - ok

20:44:01.0869 4060        drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

20:44:01.0947 4060        drmkaud - ok

20:44:02.0056 4060        DXGKrnl         (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys

20:44:02.0165 4060        DXGKrnl - ok

20:44:02.0431 4060        E1G60           (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys

20:44:02.0524 4060        E1G60 - ok

20:44:02.0883 4060        EapHost         (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll

20:44:02.0961 4060        EapHost - ok

20:44:03.0304 4060        Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

20:44:03.0320 4060        Ecache - ok

20:44:03.0507 4060        ehRecvr         (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe

20:44:03.0601 4060        ehRecvr - ok

20:44:03.0663 4060        ehSched         (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe

20:44:03.0788 4060        ehSched - ok

20:44:03.0803 4060        ehstart         (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll

20:44:03.0835 4060        ehstart - ok

20:44:03.0928 4060        elxstor         (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys

20:44:03.0991 4060        elxstor - ok

20:44:04.0178 4060        EMDMgmt         (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll

20:44:04.0303 4060        EMDMgmt - ok

20:44:04.0646 4060        ErrDev          (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys

20:44:04.0724 4060        ErrDev - ok

20:44:04.0833 4060        EventSystem     (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll

20:44:04.0880 4060        EventSystem - ok

20:44:05.0005 4060        exfat           (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

20:44:05.0129 4060        exfat - ok

20:44:05.0239 4060        fastfat         (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

20:44:05.0301 4060        fastfat - ok

20:44:05.0332 4060        fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys

20:44:05.0395 4060        fdc - ok

20:44:05.0582 4060        fdPHost         (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll

20:44:05.0629 4060        fdPHost - ok

20:44:05.0675 4060        FDResPub        (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll

20:44:05.0800 4060        FDResPub - ok

20:44:06.0221 4060        FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

20:44:06.0253 4060        FileInfo - ok

20:44:06.0487 4060        Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

20:44:06.0565 4060        Filetrace - ok

20:44:06.0689 4060        FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

20:44:06.0908 4060        FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning

20:44:06.0908 4060        FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)

20:44:07.0220 4060        flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

20:44:07.0313 4060        flpydisk - ok

20:44:07.0469 4060        FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

20:44:07.0485 4060        FltMgr - ok

20:44:07.0735 4060        FontCache       (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll

20:44:07.0875 4060        FontCache - ok

20:44:08.0109 4060        FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

20:44:08.0140 4060        FontCache3.0.0.0 - ok

20:44:08.0359 4060        Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

20:44:08.0437 4060        Fs_Rec - ok

20:44:08.0702 4060        gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys

20:44:08.0717 4060        gagp30kx - ok

20:44:09.0029 4060        GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

20:44:09.0061 4060        GEARAspiWDM - ok

20:44:09.0404 4060        gpsvc           (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll

20:44:09.0560 4060        gpsvc - ok

20:44:09.0778 4060        gupdate         (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe

20:44:09.0825 4060        gupdate - ok

20:44:09.0872 4060        gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe

20:44:09.0887 4060        gupdatem - ok

20:44:10.0043 4060        HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys

20:44:10.0215 4060        HdAudAddService - ok

20:44:10.0496 4060        HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys

20:44:10.0730 4060        HDAudBus - ok

20:44:10.0917 4060        HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

20:44:10.0995 4060        HidBth - ok

20:44:11.0198 4060        HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

20:44:11.0291 4060        HidIr - ok

20:44:11.0510 4060        hidserv         (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll

20:44:11.0541 4060        hidserv - ok

20:44:11.0619 4060        HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys

20:44:11.0666 4060        HidUsb - ok

20:44:11.0853 4060        hkmsvc          (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll

20:44:11.0915 4060        hkmsvc - ok

20:44:12.0118 4060        HpCISSs         (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys

20:44:12.0149 4060        HpCISSs - ok

20:44:12.0274 4060        HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys

20:44:12.0368 4060        HTTP - ok

20:44:12.0711 4060        i2omp           (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys

20:44:12.0727 4060        i2omp - ok

20:44:12.0992 4060        i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

20:44:13.0023 4060        i8042prt - ok

20:44:13.0569 4060        iaStorV         (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys

20:44:13.0631 4060        iaStorV - ok

20:44:13.0865 4060        idsvc           (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

20:44:14.0068 4060        idsvc - ok

20:44:14.0224 4060        IGDCTRL         (506801c7d47be8cd1cf342bf28eb17ec) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE

20:44:14.0240 4060        IGDCTRL - ok

20:44:14.0443 4060        iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

20:44:14.0458 4060        iirsp - ok

20:44:14.0536 4060        IKEEXT          (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll

20:44:14.0599 4060        IKEEXT - ok

20:44:14.0973 4060        IntcAzAudAddService (d9b869a909cc93aec507d4f7dfa24434) C:\Windows\system32\drivers\RTKVHDA.sys

20:44:15.0160 4060        IntcAzAudAddService - ok

20:44:15.0488 4060        intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

20:44:15.0519 4060        intelide - ok

20:44:15.0800 4060        intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

20:44:15.0909 4060        intelppm - ok

20:44:16.0112 4060        IPBusEnum       (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll

20:44:16.0174 4060        IPBusEnum - ok

20:44:16.0361 4060        IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

20:44:16.0424 4060        IpFilterDriver - ok

20:44:16.0549 4060        iphlpsvc        (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll

20:44:16.0611 4060        iphlpsvc - ok

20:44:16.0829 4060        IPMIDRV         (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys

20:44:16.0892 4060        IPMIDRV - ok

20:44:17.0017 4060        IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

20:44:17.0063 4060        IPNAT - ok

20:44:17.0297 4060        iPod Service    (7a3611564fce7c8be50b03f58cb3eb7d) C:\Program Files\iPod\bin\iPodService.exe

20:44:17.0438 4060        iPod Service - ok

20:44:17.0719 4060        IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

20:44:17.0765 4060        IRENUM - ok

20:44:17.0968 4060        isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys

20:44:17.0984 4060        isapnp - ok

20:44:18.0311 4060        iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

20:44:18.0389 4060        iScsiPrt - ok

20:44:18.0592 4060        iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

20:44:18.0608 4060        iteatapi - ok

20:44:18.0779 4060        iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

20:44:18.0795 4060        iteraid - ok

20:44:18.0967 4060        ivusb           (67390c4565772d4bfa996c40d8319954) C:\Windows\system32\DRIVERS\ivusb.sys

20:44:18.0967 4060        ivusb - ok

20:44:19.0107 4060        kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

20:44:19.0107 4060        kbdclass - ok

20:44:19.0216 4060        kbdhid          (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys

20:44:19.0263 4060        kbdhid - ok

20:44:19.0559 4060        KeyIso          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe

20:44:19.0591 4060        KeyIso - ok

20:44:19.0996 4060        KSecDD          (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys

20:44:20.0027 4060        KSecDD - ok

20:44:20.0433 4060        KtmRm           (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll

20:44:20.0589 4060        KtmRm - ok

20:44:20.0854 4060        LanmanServer    (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll

20:44:20.0932 4060        LanmanServer - ok

20:44:21.0041 4060        LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll

20:44:21.0104 4060        LanmanWorkstation - ok

20:44:21.0229 4060        lirsgt          (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys

20:44:21.0244 4060        lirsgt - ok

20:44:21.0400 4060        lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

20:44:21.0447 4060        lltdio - ok

20:44:21.0650 4060        lltdsvc         (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll

20:44:21.0743 4060        lltdsvc - ok

20:44:21.0868 4060        lmhosts         (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll

20:44:21.0946 4060        lmhosts - ok

20:44:22.0118 4060        LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys

20:44:22.0133 4060        LSI_FC - ok

20:44:22.0445 4060        LSI_SAS         (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys

20:44:22.0492 4060        LSI_SAS - ok

20:44:22.0742 4060        LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys

20:44:22.0773 4060        LSI_SCSI - ok

20:44:22.0929 4060        luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

20:44:23.0038 4060        luafv - ok

20:44:23.0272 4060        MBAMProtector   (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys

20:44:23.0288 4060        MBAMProtector - ok

20:44:23.0413 4060        MBAMService     (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

20:44:23.0459 4060        MBAMService - ok

20:44:23.0678 4060        Mcx2Svc         (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll

20:44:23.0709 4060        Mcx2Svc - ok

20:44:23.0865 4060        megasas         (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys

20:44:23.0881 4060        megasas - ok

20:44:24.0083 4060        MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys

20:44:24.0177 4060        MegaSR - ok

20:44:24.0520 4060        MMCSS           (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll

20:44:24.0614 4060        MMCSS - ok

20:44:24.0832 4060        Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

20:44:24.0910 4060        Modem - ok

20:44:25.0207 4060        monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

20:44:25.0285 4060        monitor - ok

20:44:25.0581 4060        mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

20:44:25.0612 4060        mouclass - ok

20:44:25.0877 4060        mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

20:44:25.0971 4060        mouhid - ok

20:44:26.0096 4060        MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

20:44:26.0174 4060        MountMgr - ok

20:44:26.0267 4060        mpio            (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys

20:44:26.0283 4060        mpio - ok

20:44:26.0470 4060        mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

20:44:26.0501 4060        mpsdrv - ok

20:44:26.0642 4060        MpsSvc          (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll

20:44:26.0704 4060        MpsSvc - ok

20:44:26.0985 4060        Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

20:44:27.0001 4060        Mraid35x - ok

20:44:27.0047 4060        MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

20:44:27.0094 4060        MRxDAV - ok

20:44:27.0125 4060        mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys

20:44:27.0157 4060        mrxsmb - ok

20:44:27.0203 4060        mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys

20:44:27.0235 4060        mrxsmb10 - ok

20:44:27.0266 4060        mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

20:44:27.0359 4060        mrxsmb20 - ok

20:44:27.0406 4060        msahci          (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys

20:44:27.0469 4060        msahci - ok

20:44:27.0500 4060        msdsm           (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys

20:44:27.0515 4060        msdsm - ok

20:44:27.0562 4060        MSDTC           (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe

20:44:27.0609 4060        MSDTC - ok

20:44:27.0640 4060        Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

20:44:27.0671 4060        Msfs - ok

20:44:27.0718 4060        msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

20:44:27.0749 4060        msisadrv - ok

20:44:27.0952 4060        MSiSCSI         (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll

20:44:28.0061 4060        MSiSCSI - ok

20:44:28.0171 4060        msiserver - ok

20:44:28.0389 4060        MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

20:44:28.0451 4060        MSKSSRV - ok

20:44:28.0545 4060        MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

20:44:28.0639 4060        MSPCLOCK - ok

20:44:28.0888 4060        MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

20:44:28.0935 4060        MSPQM - ok

20:44:29.0153 4060        MsRPC           (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

20:44:29.0169 4060        MsRPC - ok

20:44:29.0294 4060        mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

20:44:29.0309 4060        mssmbios - ok

20:44:29.0372 4060        MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

20:44:29.0419 4060        MSTEE - ok

20:44:29.0621 4060        MTsensor        (97affa9d95ffe20eee6229bc6be166cf) C:\Windows\system32\DRIVERS\ATKACPI.sys

20:44:29.0668 4060        MTsensor - ok

20:44:29.0933 4060        Mup             (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

20:44:29.0965 4060        Mup - ok

20:44:30.0167 4060        napagent        (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll

20:44:30.0245 4060        napagent - ok

20:44:30.0541 4060        NativeWifiP     (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

20:44:30.0603 4060        NativeWifiP - ok

20:44:30.0993 4060        NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

20:44:31.0040 4060        NDIS - ok

20:44:31.0337 4060        NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

20:44:31.0399 4060        NdisTapi - ok

20:44:31.0602 4060        Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

20:44:31.0664 4060        Ndisuio - ok

20:44:31.0789 4060        NdisWan         (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

20:44:31.0836 4060        NdisWan - ok

20:44:32.0007 4060        NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

20:44:32.0039 4060        NDProxy - ok

20:44:32.0117 4060        Net Driver HPZ12 (51c6d8bfbd4ea5b62a1ba7f4469250d3) C:\Windows\system32\HPZinw12.dll

20:44:32.0148 4060        Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

20:44:32.0148 4060        Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

20:44:32.0226 4060        NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

20:44:32.0288 4060        NetBIOS - ok

20:44:32.0553 4060        netbt           (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

20:44:32.0585 4060        netbt - ok

20:44:32.0897 4060        Netlogon        (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe

20:44:32.0912 4060        Netlogon - ok

20:44:33.0053 4060        Netman          (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll

20:44:33.0115 4060        Netman - ok

20:44:33.0162 4060        netprofm        (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll

20:44:33.0255 4060        netprofm - ok

20:44:33.0365 4060        NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

20:44:33.0380 4060        NetTcpPortSharing - ok

20:44:33.0552 4060        nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

20:44:33.0567 4060        nfrd960 - ok

20:44:33.0786 4060        NlaSvc          (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll

20:44:33.0864 4060        NlaSvc - ok

20:44:34.0020 4060        NMIndexingService - ok

20:44:34.0316 4060        Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

20:44:34.0379 4060        Npfs - ok

20:44:34.0566 4060        nsi             (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll

20:44:34.0644 4060        nsi - ok

20:44:34.0800 4060        nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

20:44:34.0862 4060        nsiproxy - ok

20:44:35.0268 4060        Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

20:44:35.0393 4060        Ntfs - ok

20:44:35.0642 4060        ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

20:44:35.0736 4060        ntrigdigi - ok

20:44:35.0767 4060        Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

20:44:35.0829 4060        Null - ok

20:44:35.0861 4060        nvraid          (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys

20:44:35.0876 4060        nvraid - ok

20:44:35.0907 4060        nvstor          (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys

20:44:35.0954 4060        nvstor - ok

20:44:36.0001 4060        nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys

20:44:36.0017 4060        nv_agp - ok

20:44:36.0110 4060        ohci1394        (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys

20:44:36.0157 4060        ohci1394 - ok

20:44:36.0344 4060        p2pimsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll

20:44:36.0500 4060        p2pimsvc - ok

20:44:36.0750 4060        p2psvc          (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll

20:44:36.0797 4060        p2psvc - ok

20:44:37.0046 4060        Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

20:44:37.0140 4060        Parport - ok

20:44:37.0389 4060        partmgr         (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys

20:44:37.0405 4060        partmgr - ok

20:44:37.0561 4060        Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

20:44:37.0655 4060        Parvdm - ok

20:44:37.0982 4060        PcaSvc          (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll

20:44:38.0076 4060        PcaSvc - ok

20:44:38.0325 4060        pci             (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

20:44:38.0341 4060        pci - ok

20:44:38.0856 4060        pciide          (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys

20:44:38.0903 4060        pciide - ok

20:44:39.0277 4060        pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

20:44:39.0339 4060        pcmcia - ok

20:44:39.0698 4060        PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

20:44:40.0010 4060        PEAUTH - ok

20:44:40.0275 4060        pla             (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll

20:44:40.0385 4060        pla - ok

20:44:40.0541 4060        PlugPlay        (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll

20:44:40.0603 4060        PlugPlay - ok

20:44:40.0712 4060        Pml Driver HPZ12 (79834aa2fbf9fe81eebb229024f6f7fc) C:\Windows\system32\HPZipm12.dll

20:44:40.0775 4060        Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

20:44:40.0775 4060        Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

20:44:40.0821 4060        PNRPAutoReg     (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll

20:44:40.0868 4060        PNRPAutoReg - ok

20:44:40.0899 4060        PNRPsvc         (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll

20:44:40.0977 4060        PNRPsvc - ok

20:44:41.0165 4060        PolicyAgent     (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll

20:44:41.0289 4060        PolicyAgent - ok

20:44:41.0399 4060        PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

20:44:41.0477 4060        PptpMiniport - ok

20:44:41.0555 4060        Processor       (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys

20:44:41.0664 4060        Processor - ok

20:44:41.0851 4060        ProfSvc         (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll

20:44:41.0945 4060        ProfSvc - ok

20:44:42.0085 4060        ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe

20:44:42.0101 4060        ProtectedStorage - ok

20:44:42.0272 4060        PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

20:44:42.0335 4060        PSched - ok

20:44:42.0615 4060        ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys

20:44:42.0974 4060        ql2300 - ok

20:44:43.0208 4060        ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

20:44:43.0286 4060        ql40xx - ok

20:44:43.0380 4060        QWAVE           (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll

20:44:43.0411 4060        QWAVE - ok

20:44:43.0442 4060        QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

20:44:43.0458 4060        QWAVEdrv - ok

20:44:43.0489 4060        RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

20:44:43.0536 4060        RasAcd - ok

20:44:43.0614 4060        RasAuto         (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll

20:44:43.0707 4060        RasAuto - ok

20:44:43.0785 4060        Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

20:44:43.0817 4060        Rasl2tp - ok

20:44:44.0175 4060        RasMan          (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll

20:44:44.0238 4060        RasMan - ok

20:44:44.0409 4060        RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

20:44:44.0503 4060        RasPppoe - ok

20:44:44.0706 4060        RasSstp         (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

20:44:44.0721 4060        RasSstp - ok

20:44:45.0065 4060        rdbss           (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

20:44:45.0330 4060        rdbss - ok

20:44:45.0829 4060        RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

20:44:45.0891 4060        RDPCDD - ok

20:44:46.0094 4060        rdpdr           (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys

20:44:46.0141 4060        rdpdr - ok

20:44:46.0297 4060        RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

20:44:46.0359 4060        RDPENCDD - ok

20:44:46.0671 4060        RDPWD           (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys

20:44:46.0765 4060        RDPWD - ok

20:44:46.0952 4060        RemoteAccess    (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll

20:44:47.0015 4060        RemoteAccess - ok

20:44:47.0217 4060        RemoteRegistry  (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll

20:44:47.0264 4060        RemoteRegistry - ok

20:44:47.0498 4060        RpcLocator      (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe

20:44:47.0623 4060        RpcLocator - ok

20:44:47.0857 4060        RpcSs           (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll

20:44:47.0935 4060        RpcSs - ok

20:44:48.0185 4060        rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

20:44:48.0309 4060        rspndr - ok

20:44:48.0575 4060        SamSs           (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe

20:44:48.0590 4060        SamSs - ok

20:44:48.0918 4060        sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

20:44:48.0949 4060        sbp2port - ok

20:44:49.0058 4060        SCardSvr        (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll

20:44:49.0105 4060        SCardSvr - ok

20:44:49.0417 4060        Schedule        (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll

20:44:49.0604 4060        Schedule - ok

20:44:49.0979 4060        SCPolicySvc     (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll

20:44:50.0010 4060        SCPolicySvc - ok

20:44:50.0369 4060        sdbus           (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys

20:44:50.0447 4060        sdbus - ok

20:44:50.0571 4060        SDRSVC          (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll

20:44:50.0618 4060        SDRSVC - ok

20:44:50.0821 4060        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

20:44:50.0915 4060        secdrv - ok

20:44:50.0993 4060        seclogon        (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll

20:44:51.0086 4060        seclogon - ok

20:44:51.0180 4060        SENS            (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll

20:44:51.0227 4060        SENS - ok

20:44:51.0414 4060        Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

20:44:51.0570 4060        Serenum - ok

20:44:51.0913 4060        Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

20:44:52.0022 4060        Serial - ok

20:44:52.0443 4060        sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

20:44:52.0537 4060        sermouse - ok

20:44:52.0927 4060        SessionEnv      (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll

20:44:52.0974 4060        SessionEnv - ok

20:44:53.0333 4060        sffdisk         (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys

20:44:53.0395 4060        sffdisk - ok

20:44:53.0613 4060        sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys

20:44:53.0676 4060        sffp_mmc - ok

20:44:53.0832 4060        sffp_sd         (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys

20:44:53.0910 4060        sffp_sd - ok

20:44:53.0941 4060        sfloppy         (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys

20:44:54.0019 4060        sfloppy - ok

20:44:54.0191 4060        SharedAccess    (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll

20:44:54.0269 4060        SharedAccess - ok

20:44:54.0503 4060        ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll

20:44:54.0596 4060        ShellHWDetection - ok

20:44:54.0783 4060        sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys

20:44:54.0799 4060        sisagp - ok

20:44:54.0893 4060        SiSGbeLH        (f7da61bd62a16510227656c3477e2b52) C:\Windows\system32\DRIVERS\SiSGB6.sys

20:44:54.0924 4060        SiSGbeLH - ok

20:44:54.0971 4060        SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys

20:44:54.0986 4060        SiSRaid2 - ok

20:44:55.0017 4060        SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys

20:44:55.0049 4060        SiSRaid4 - ok

20:44:55.0345 4060        slsvc           (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe

20:44:55.0704 4060        slsvc - ok

20:44:55.0938 4060        SLUINotify      (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll

20:44:56.0016 4060        SLUINotify - ok

20:44:56.0328 4060        Smb             (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

20:44:56.0421 4060        Smb - ok

20:44:56.0843 4060        smserial        (c8a58fc905c9184fa70e37f71060c64d) C:\Windows\system32\DRIVERS\smserial.sys

20:44:57.0186 4060        smserial - ok

20:44:57.0373 4060        SNMPTRAP        (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe

20:44:57.0420 4060        SNMPTRAP - ok

20:44:57.0545 4060        spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

20:44:57.0576 4060        spldr - ok

20:44:57.0716 4060        Spooler         (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe

20:44:57.0763 4060        Spooler - ok

20:44:58.0028 4060        srv             (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys

20:44:58.0106 4060        srv - ok

20:44:58.0356 4060        srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys

20:44:58.0418 4060        srv2 - ok

20:44:58.0699 4060        srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys

20:44:58.0793 4060        srvnet - ok

20:44:59.0073 4060        sscdbus         (d5dffeaa1e15d4effabb9d9a3068ac5b) C:\Windows\system32\DRIVERS\sscdbus.sys

20:44:59.0167 4060        sscdbus - ok

20:44:59.0276 4060        sscdmdfl        (8a1be0c347814f482f493aea619d57f6) C:\Windows\system32\DRIVERS\sscdmdfl.sys

20:44:59.0339 4060        sscdmdfl - ok

20:44:59.0432 4060        sscdmdm         (5ab0b1987f682a59b15b78f84c6ad7d0) C:\Windows\system32\DRIVERS\sscdmdm.sys

20:44:59.0479 4060        sscdmdm - ok

20:44:59.0697 4060        SSDPSRV         (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll

20:44:59.0838 4060        SSDPSRV - ok

20:44:59.0963 4060        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys

20:44:59.0978 4060        ssmdrv - ok

20:45:00.0103 4060        SstpSvc         (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll

20:45:00.0150 4060        SstpSvc - ok

20:45:00.0477 4060        stisvc          (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll

20:45:00.0680 4060        stisvc - ok

20:45:01.0070 4060        swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

20:45:01.0086 4060        swenum - ok

20:45:01.0289 4060        swprv           (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll

20:45:01.0367 4060        swprv - ok

20:45:01.0866 4060        Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

20:45:01.0881 4060        Symc8xx - ok

20:45:02.0256 4060        Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

20:45:02.0287 4060        Sym_hi - ok

20:45:02.0459 4060        Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

20:45:02.0490 4060        Sym_u3 - ok

20:45:02.0615 4060        SysMain         (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll

20:45:02.0755 4060        SysMain - ok

20:45:03.0223 4060        TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll

20:45:03.0301 4060        TabletInputService - ok

20:45:03.0535 4060        TapiSrv         (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll

20:45:03.0613 4060        TapiSrv - ok

20:45:03.0785 4060        TBS             (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll

20:45:03.0831 4060        TBS - ok

20:45:04.0487 4060        Tcpip           (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys

20:45:04.0565 4060        Tcpip - ok

20:45:04.0861 4060        Tcpip6          (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys

20:45:04.0955 4060        Tcpip6 - ok

20:45:05.0173 4060        tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys

20:45:05.0220 4060        tcpipreg - ok

20:45:05.0329 4060        TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

20:45:05.0360 4060        TDPIPE - ok

20:45:05.0423 4060        TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

20:45:05.0501 4060        TDTCP - ok

20:45:05.0625 4060        tdx             (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

20:45:05.0719 4060        tdx - ok

20:45:05.0828 4060        TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

20:45:05.0844 4060        TermDD - ok

20:45:05.0937 4060        TermService     (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll

20:45:06.0015 4060        TermService - ok

20:45:06.0218 4060        Themes          (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll

20:45:06.0234 4060        Themes - ok

20:45:06.0390 4060        THREADORDER     (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll

20:45:06.0421 4060        THREADORDER - ok

20:45:06.0639 4060        TrkWks          (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll

20:45:06.0702 4060        TrkWks - ok

20:45:06.0811 4060        TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe

20:45:06.0858 4060        TrustedInstaller - ok

20:45:06.0951 4060        tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

20:45:07.0092 4060        tssecsrv - ok

20:45:07.0341 4060        TuneUp.Defrag   (4196d7bc21786883201747dcc0dc84a0) C:\Windows\System32\TuneUpDefragService.exe

20:45:07.0451 4060        TuneUp.Defrag - ok

20:45:07.0638 4060        TuneUp.ProgramStatisticsSvc (02e5f68a55cd413c5bfb9f2df677dd01) C:\Windows\System32\TUProgSt.exe

20:45:07.0700 4060        TuneUp.ProgramStatisticsSvc - ok

20:45:07.0841 4060        tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

20:45:07.0887 4060        tunmp - ok

20:45:08.0028 4060        tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys

20:45:08.0090 4060        tunnel - ok

20:45:08.0168 4060        uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys

20:45:08.0215 4060        uagp35 - ok

20:45:08.0262 4060        udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

20:45:08.0293 4060        udfs - ok

20:45:08.0355 4060        UI0Detect       (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe

20:45:08.0449 4060        UI0Detect - ok

20:45:08.0527 4060        uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys

20:45:08.0605 4060        uliagpkx - ok

20:45:08.0683 4060        uliahci         (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys

20:45:08.0730 4060        uliahci - ok

20:45:08.0777 4060        UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

20:45:08.0792 4060        UlSata - ok

20:45:08.0823 4060        ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

20:45:08.0933 4060        ulsata2 - ok

20:45:08.0964 4060        umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

20:45:09.0026 4060        umbus - ok

20:45:09.0089 4060        upnphost        (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll

20:45:09.0167 4060        upnphost - ok

20:45:09.0323 4060        UPnPService     (d4531b9b73b990dc53b4a765e3bd070a) C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe

20:45:09.0510 4060        UPnPService ( UnsignedFile.Multi.Generic ) - warning

20:45:09.0510 4060        UPnPService - detected UnsignedFile.Multi.Generic (1)

20:45:09.0713 4060        USBAAPL         (1df89c499bf45d878b87ebd4421d462d) C:\Windows\system32\Drivers\usbaapl.sys

20:45:09.0775 4060        USBAAPL - ok

20:45:09.0915 4060        usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

20:45:09.0993 4060        usbccgp - ok

20:45:10.0040 4060        usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

20:45:10.0134 4060        usbcir - ok

20:45:10.0368 4060        usbehci         (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

20:45:10.0415 4060        usbehci - ok

20:45:10.0571 4060        usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

20:45:10.0617 4060        usbhub - ok

20:45:10.0680 4060        usbohci         (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys

20:45:10.0711 4060        usbohci - ok

20:45:10.0789 4060        usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

20:45:10.0898 4060        usbprint - ok

20:45:10.0992 4060        usbscan         (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys

20:45:11.0070 4060        usbscan - ok

20:45:11.0132 4060        USBSTOR         (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

20:45:11.0226 4060        USBSTOR - ok

20:45:11.0257 4060        usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

20:45:11.0304 4060        usbuhci - ok

20:45:11.0335 4060        usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys

20:45:11.0382 4060        usbvideo - ok

20:45:11.0538 4060        UxSms           (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll

20:45:11.0631 4060        UxSms - ok

20:45:11.0834 4060        vds             (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe

20:45:11.0943 4060        vds - ok

20:45:12.0053 4060        vga             (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys

20:45:12.0146 4060        vga - ok

20:45:12.0177 4060        VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

20:45:12.0224 4060        VgaSave - ok

20:45:12.0240 4060        viaagp          (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys

20:45:12.0255 4060        viaagp - ok

20:45:12.0271 4060        ViaC7           (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys

20:45:12.0333 4060        ViaC7 - ok

20:45:12.0365 4060        viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys

20:45:12.0427 4060        viaide - ok

20:45:12.0489 4060        volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

20:45:12.0505 4060        volmgr - ok

20:45:12.0583 4060        volmgrx         (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

20:45:12.0630 4060        volmgrx - ok

20:45:12.0801 4060        volsnap         (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

20:45:12.0833 4060        volsnap - ok

20:45:12.0989 4060        vsmraid         (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys

20:45:13.0020 4060        vsmraid - ok

20:45:13.0238 4060        VSS             (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe

20:45:13.0410 4060        VSS - ok

20:45:13.0472 4060        W32Time         (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll

20:45:13.0550 4060        W32Time - ok

20:45:13.0628 4060        WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

20:45:13.0722 4060        WacomPen - ok

20:45:13.0784 4060        Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

20:45:13.0815 4060        Wanarp - ok

20:45:13.0831 4060        Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

20:45:13.0862 4060        Wanarpv6 - ok

20:45:13.0987 4060        wcncsvc         (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll

20:45:14.0081 4060        wcncsvc - ok

20:45:14.0346 4060        WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll

20:45:14.0424 4060        WcsPlugInService - ok

20:45:14.0595 4060        Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys

20:45:14.0611 4060        Wd - ok

20:45:14.0814 4060        Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

20:45:14.0892 4060        Wdf01000 - ok

20:45:14.0970 4060        WdiServiceHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll

20:45:15.0063 4060        WdiServiceHost - ok

20:45:15.0110 4060        WdiSystemHost   (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll

20:45:15.0157 4060        WdiSystemHost - ok

20:45:15.0344 4060        WebClient       (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll

20:45:15.0391 4060        WebClient - ok

20:45:15.0641 4060        Wecsvc          (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll

20:45:15.0703 4060        Wecsvc - ok

20:45:15.0828 4060        wercplsupport   (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll

20:45:15.0875 4060        wercplsupport - ok

20:45:16.0109 4060        WerSvc          (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll

20:45:16.0140 4060        WerSvc - ok

20:45:16.0296 4060        WinDefend       (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll

20:45:16.0327 4060        WinDefend - ok

20:45:16.0327 4060        WinHttpAutoProxySvc - ok

20:45:16.0592 4060        Winmgmt         (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll

20:45:16.0623 4060        Winmgmt - ok

20:45:17.0060 4060        WinRM           (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll

20:45:17.0185 4060        WinRM - ok

20:45:17.0279 4060        Wlansvc         (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll

20:45:17.0435 4060        Wlansvc - ok

20:45:17.0715 4060        WmiAcpi         (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys

20:45:17.0793 4060        WmiAcpi - ok

20:45:17.0965 4060        wmiApSrv        (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe

20:45:18.0012 4060        wmiApSrv - ok

20:45:18.0152 4060        WMPNetworkSvc   (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe

20:45:18.0339 4060        WMPNetworkSvc - ok

20:45:18.0433 4060        WPCSvc          (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll

20:45:18.0527 4060        WPCSvc - ok

20:45:18.0901 4060        WPDBusEnum      (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll

20:45:18.0979 4060        WPDBusEnum - ok

20:45:19.0104 4060        WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys

20:45:19.0182 4060        WpdUsb - ok

20:45:19.0603 4060        WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

20:45:19.0712 4060        WPFFontCache_v0400 - ok

20:45:19.0962 4060        ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

20:45:20.0071 4060        ws2ifsl - ok

20:45:20.0180 4060        wscsvc          (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll

20:45:20.0196 4060        wscsvc - ok

20:45:20.0211 4060        WSearch - ok

20:45:20.0570 4060        wuauserv        (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll

20:45:20.0913 4060        wuauserv - ok

20:45:21.0085 4060        WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

20:45:21.0179 4060        WUDFRd - ok

20:45:21.0319 4060        wudfsvc         (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll

20:45:21.0366 4060        wudfsvc - ok

20:45:21.0475 4060        yukonwlh        (7d1f3b131d503ef43ee594b5a2b9b427) C:\Windows\system32\DRIVERS\yk60x86.sys

20:45:21.0584 4060        yukonwlh - ok

20:45:21.0600 4060        MBR (0x1B8)     (64b1e91c5c6c2157642651010728f90f) \Device\Harddisk0\DR0

20:45:21.0756 4060        \Device\Harddisk0\DR0 ( TDSS File System ) - warning

20:45:21.0756 4060        \Device\Harddisk0\DR0 - detected TDSS File System (1)

20:45:21.0771 4060        MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR4

20:45:24.0673 4060        \Device\Harddisk1\DR4 - ok

20:45:24.0704 4060        Boot (0x1200)   (77747511e96e7e2a35f498d25bd6a3f6) \Device\Harddisk0\DR0\Partition0

20:45:24.0720 4060        \Device\Harddisk0\DR0\Partition0 - ok

20:45:24.0751 4060        Boot (0x1200)   (bb38b48b16f28b4fb72578c1a3a97c4d) \Device\Harddisk0\DR0\Partition1

20:45:24.0767 4060        \Device\Harddisk0\DR0\Partition1 - ok

20:45:24.0767 4060        Boot (0x1200)   (2838daf1a414f42466cfc138277a4fde) \Device\Harddisk1\DR4\Partition0

20:45:24.0767 4060        \Device\Harddisk1\DR4\Partition0 - ok

20:45:24.0767 4060        ============================================================

20:45:24.0767 4060        Scan finished

20:45:24.0767 4060        ============================================================

20:45:24.0798 3028        Detected object count: 7

20:45:24.0798 3028        Actual detected object count: 7