Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   malwarebytes startet nicht (https://www.trojaner-board.de/120619-malwarebytes-startet.html)

sissi_a 28.07.2012 13:05
malwarebytes startet nicht
 
etwas vorschnell hab ich heute morgen auf die Mail eines Freundes geklickt, der mir einen Link geschickt hat.
Nun hab ich erfahren, dass sein Email-Account von jemand aus Japan geknackt war - und er selber die Mail gar nicht geschickt hat.

Ich hab nix im Web gefunden über diese Adresse. Kann ich mir da durch das gehen auf diese Seite was eingefangen haben?

hxxp://www.oxleypartners.com.au/anaoler.html?is=pumzis

Zur Sicherheit wollte ich den PC mit Malewarebytes scannen. (ich hab die free version 1.62.0.1300)
Aber nach "perform full scan" krieg ich noch die Nachricht "zähle Registrierungsobjekte vor dem Scan" und dann hört Malwarebytes einfach auf. Ohne Fehler schliesst es sich einfach.

Emsisoft hat nach dem fullscan nichts gefunden.

Muss ich mir Sorgen machen?

Danke für jeden Hinweis
Sissi

cosinus 30.07.2012 12:30
Probier den Vollscan mit Malwarebytes doch mal im abgesicherten Modus mit Netzwerktreibern

sissi_a 30.07.2012 18:51
DANKE für den Tipp
So hat es funktioniert -- und er PC scheint sauber zu sein.

Aber was ist bei mir verstrubbelt, dass es im normalen Modus nicht mehr funktioniert ? Ich hatte MWB schon de- und wieder neu installiert ?
Ne Idee?

cosinus 30.07.2012 20:47
Trotzdem bitte alle Logs davon posten
Die Logs enthalten ein paar mehr Infos als nur Fund oder kein Fund.

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

sissi_a 30.07.2012 21:31
Sieht doch richtig gut aus ......... :-) Bin ich froh......
Aber wieso sagt MWB "Internet Explorer 9.0.8112.16421" --- und Secunia detected 9.0.8112.16447 ?


Code:
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.28.04

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
WEBSurfer :: HP-HP [limited]

30.07.2012 18:44:25
mbam-log-2012-07-30 (18-44-25).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 489760
Time elapsed: 55 minute(s), 16 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

cosinus 31.07.2012 07:56
Guck, deswegen will ich immer die Logs sehen!

Code:
Database version: v2012.07.28.04
WEBSurfer :: HP-HP [limited]
Du hast Malwarebytes vorher nicht aktualisiert und dann nur mit eingeschränkten gescannt, ohne Adminrechte macht das keinen Sinn da du sonst nicht auf jedes Verzeichnis Zugriff hast!
Und im abgesicherten Modus mit Netzwerktreibern solltest du auch eine Internetverbindung haben zur Aktualisierung oder nicht?

sissi_a 31.07.2012 17:27
Wie doof bin ich eigentlich ?!? Danke für den Hinweis.

Aber es hat sich in mir mittlerweile so eingebrannt, nichts als Admin zu machen, dass ich da gar nicht drangedacht hab.
(Dank Eurer Hinweise übrigens) Seit meinem letzten Befall hab ich das System genauso aufgesetzt, wie ihr es empfehlt.
Mit einer Ausnahme: Das mit der Sandbox hat mir soviele Probleme gemacht (v.a. im Zusammenhang mit Secunia und Filehippo) dass ich das jetzt lasse.

aber es scheint ja wirklich alles ok zu sein?
Bleibt nur die Frage, warum sich MWB nicht mehr im normalen Modus starten lässt (auch nicht als Admin)


Code:
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.31.09

Windows 7 Service Pack 1 x64 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 9.0.8112.16421
HP :: HP-HP [Administrator]

31.07.2012 17:08:31
mbam-log-2012-07-31 (17-08-31).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 582103
Laufzeit: 57 Minute(n), 12 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

cosinus 01.08.2012 16:17
Führ bitte auch ESET aus, danach sehen wir weiter.

Hinweis: ESET zeigt durchaus öfter ein paar Fehlalarme. Deswegen soll auch von ESET immer nur erst das Log gepostet und nichts entfernt werden.

ESET Online Scanner
Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten! Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten.
  • Anmerkung für Vista und Win7 User: Bitte den Browser unbedingt so öffnen: per Rechtsklick => als Administrator ausführen
  • Dein Anti-Virus-Programm während des Scans deaktivieren.

    Button http://img695.imageshack.us/img695/1599/eset1l.jpg (<< klick) drücken.
    • Firefox-User:
      Bitte esetsmartinstaller_enu.exe downloaden.Das Firefox-Addon auf dem Desktop speichern und dann installieren.
    • IE-User:
      müssen das Installieren eines ActiveX Elements erlauben.
  • Setze den einen Haken bei Yes, i accept the Terms of Use.
  • Drücke den http://img707.imageshack.us/img707/687/starteg.jpg Button.
  • Warte bis die Komponenten herunter geladen wurden.
  • Setze einen Haken bei "Scan archives".
  • Gehe sicher das bei Remove Found Threats kein Hacken gesetzt ist.
  • http://img707.imageshack.us/img707/687/starteg.jpg drücken.
  • Die Signaturen werden herunter geladen.Der Scan beginnt automatisch.
Wenn der Scan beendet wurde
  • Klicke Finish.
  • Browser schließen.
Drücke bitte die http://larusso.trojaner-board.de/Images/windows.jpg + R Taste und kopiere folgenden Text in das Ausführen Fenster.
Code:
"%PROGRAMFILES%\Eset\Eset Online Scanner\log.txt"
Hinweis: Falls du ein 64-Bit-Windows einsetzt, lautet der Pfad so:

Code:
"%PROGRAMFILES(X86)%\Eset\Eset Online Scanner\log.txt"
Poste nun den Inhalt der log.txt.

sissi_a 02.08.2012 21:24
mein ESET-log --- weil ich die Firewall und all alle Wächter aus hatte, hab ich den PC während dem Scan vom Netz getrennt gehabt. ok?

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=78908db67937ff4fbf2098d1919f0773
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-08-01 07:15:02
# local_time=2012-08-01 09:15:02 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 3093 95478257 0 0
# compatibility_mode=8192 67108863 100 0 100 100 0 0
# scanned=2174
# found=0
# cleaned=0
# scan_time=95
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=78908db67937ff4fbf2098d1919f0773
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-08-01 08:09:20
# local_time=2012-08-01 10:09:20 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=5893 16776573 100 94 3330 95478494 0 0
# compatibility_mode=8192 67108863 100 0 337 337 0 0
# scanned=186723
# found=5
# cleaned=0
# scan_time=3116
C:\00 Download software\avc-free.exe        Win32/OpenCandy application (unable to clean)        00000000000000000000000000000000        I
C:\Lokaler Datenträger - Kopie von Festplatte\Downloads\avc-free.exe        Win32/OpenCandy application (unable to clean)        00000000000000000000000000000000        I
C:\Lokaler Datenträger - Kopie von Festplatte\Downloads\BestVideoDownloaderSetup-TurboUpgrade.exe        Win32/Adware.Yontoo application (unable to clean)        00000000000000000000000000000000        I
C:\Lokaler Datenträger - Kopie von Festplatte\System Volume Information\_restore{4575C064-815F-4CF5-AA07-D65BC4E432AD}\RP154\A0026237.msi        probably a variant of Win32/Toolbar.Widgi application (unable to clean)        00000000000000000000000000000000        I
C:\Lokaler Datenträger - Kopie von Festplatte\System Volume Information\_restore{4575C064-815F-4CF5-AA07-D65BC4E432AD}\RP261\A0052977.exe        Win32/OpenCandy application (unable to clean)        00000000000000000000000000000000        I
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internet

cosinus 03.08.2012 18:12
adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Search.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

sissi_a 04.08.2012 09:15
Sind die beiden Tools ESES online Scan und AdwCleaner eigentlich Dinge, die zukünftig regelmässig laufen lassen sollte?


Code:
# AdwCleaner v1.800 - Logfile created 08/04/2012 at 10:12:23
# Updated 01/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : HP - HP-HP
# Running from : C:\Users\WEBSurfer\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Daten\Firefox\Profiles\blq211t5.default\extensions\toolbar@ask.com
Folder Found : C:\Users\ohne Web\AppData\Roaming\Mozilla\Firefox\Profiles\f63e06x8.default\extensions\staged
File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

***** [Registry] *****


***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\7pr9u88o.default\prefs.js

[OK] File is clean.

Profile name : Standard-Benutzer [Profil par défaut]
File : C:\Daten\Firefox\Profiles\blq211t5.default\prefs.js

Found : user_pref("extensions.asktb.cbid", "F4");
Found : user_pref("extensions.asktb.crumb", "2010.11.13+11.40.19-toolbar008iad-DE-U3R1dHRnYXJ0LEdlcm1hbnk%3D[...]
Found : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}[...]
Found : user_pref("extensions.asktb.dtid", "YYYYYYYYDE");
Found : user_pref("extensions.asktb.l", "dis");
Found : user_pref("extensions.asktb.last-config-req", "1298899188409");
Found : user_pref("extensions.asktb.locale", "en_US");
Found : user_pref("extensions.asktb.o", "101699");
Found : user_pref("extensions.asktb.qsrc", "2871");
Found : user_pref("extensions.asktb.search-suggestions-enabled", true);

Profile name : default
File : C:\Users\ohne Web\AppData\Roaming\Mozilla\Firefox\Profiles\f63e06x8.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v20.0.1132.57

File : C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\WEBSurfer\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2179 octets] - [04/08/2012 10:12:23]

########## EOF - \AdwCleaner[R1].txt - [2307 octets] ##########

cosinus 04.08.2012 14:22
adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Delete.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.

sissi_a 05.08.2012 18:37
Code:
# AdwCleaner v1.800 - Logfile created 08/05/2012 at 19:29:32
# Updated 01/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : HP - HP-HP
# Running from : C:\Users\WEBSurfer\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Daten\Firefox\Profiles\blq211t5.default\extensions\toolbar@ask.com
Folder Deleted : C:\Users\ohne Web\AppData\Roaming\Mozilla\Firefox\Profiles\f63e06x8.default\extensions\staged
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

***** [Registry] *****


***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\7pr9u88o.default\prefs.js

[OK] File is clean.

Profile name : Standard-Benutzer [Profil par défaut]
File : C:\Daten\Firefox\Profiles\blq211t5.default\prefs.js

Deleted : user_pref("extensions.asktb.cbid", "F4");
Deleted : user_pref("extensions.asktb.crumb", "2010.11.13+11.40.19-toolbar008iad-DE-U3R1dHRnYXJ0LEdlcm1hbnk%3D[...]
Deleted : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}[...]
Deleted : user_pref("extensions.asktb.dtid", "YYYYYYYYDE");
Deleted : user_pref("extensions.asktb.l", "dis");
Deleted : user_pref("extensions.asktb.last-config-req", "1298899188409");
Deleted : user_pref("extensions.asktb.locale", "en_US");
Deleted : user_pref("extensions.asktb.o", "101699");
Deleted : user_pref("extensions.asktb.qsrc", "2871");
Deleted : user_pref("extensions.asktb.search-suggestions-enabled", true);

Profile name : default
File : C:\Users\ohne Web\AppData\Roaming\Mozilla\Firefox\Profiles\f63e06x8.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v20.0.1132.57

File : C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\WEBSurfer\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [2205 octets] - [05/08/2012 19:29:32]
AdwCleaner[R1].txt - [2306 octets] - [04/08/2012 10:12:23]

########## EOF - \AdwCleaner[S1].txt - [2393 octets] ##########

Hi cosinus
ich bin selber informatikerin (allerdings mit wenig PC-Wissen, sondern DB-Wissen) -- aber mich würd immer schon interessieren, welche Schlüsse Du aus meinen Log-Files ziehst. Wo potentielle Probleme sind usw. Könntest Du noch ein paar Zeilen Info schreiben. Bitte...... Danke aber erstmal für Deine Hilfe

cosinus 05.08.2012 19:02
Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

sissi_a 05.08.2012 20:07
1) ja, der normale Modus funktioniert ohne Probleme.
Das einzige Problem das ich (immer noch) hab, ist dass sich Malwarebytes sofort nach dem Zählen der Registry-Einträge beendet bevor er mit dem Scan beginnt

2) in jedem Ordner unter "alle Programme" ist was drin.

Grüße
Sissi

cosinus 06.08.2012 10:09
Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log
CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

sissi_a 06.08.2012 20:59
was kann man nun aus diesem log rauslesen? Gibt es da irgendwo auch extended help beim Verstehen von solchen logs ?
OTL Logfile:
Code:
OTL logfile created on: 8/6/2012 9:35:17 PM - Run 1
OTL by OldTimer - Version 3.2.56.0    Folder = C:\Users\WEBSurfer\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.96 Gb Total Physical Memory | 3.03 Gb Available Physical Memory | 76.56% Memory free
7.92 Gb Paging File | 5.95 Gb Available in Paging File | 75.19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917.75 Gb Total Space | 502.41 Gb Free Space | 54.74% Space Free | Partition Type: NTFS
Drive D: | 13.66 Gb Total Space | 1.75 Gb Free Space | 12.78% Space Free | Partition Type: NTFS
Drive E: | 731.35 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive I: | 14.83 Gb Total Space | 14.80 Gb Free Space | 99.82% Space Free | Partition Type: FAT32
 
Computer Name: HP-HP | User Name: HP | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012/08/06 21:23:07 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\WEBSurfer\Downloads\OTL.exe
PRC - [2012/07/30 16:47:25 | 003,075,920 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
PRC - [2012/07/30 16:47:24 | 003,408,288 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
PRC - [2012/07/21 11:04:08 | 001,193,176 | ---- | M] () -- C:\Users\WEBSurfer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012/04/19 08:50:10 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2012/04/19 08:50:10 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2012/02/08 20:34:12 | 001,516,496 | ---- | M] (TrueCrypt Foundation) -- C:\Program Files\TrueCrypt\TrueCrypt.exe
PRC - [2012/01/03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/10/14 08:01:50 | 000,994,360 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psia.exe
PRC - [2011/10/14 08:01:46 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
PRC - [2011/08/05 01:03:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2010/08/20 10:57:06 | 000,107,816 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2010/04/23 22:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/03/04 06:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/04 06:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/02/03 01:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2010/01/18 20:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
PRC - [2009/10/15 01:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2009/10/01 06:02:50 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009/10/01 06:02:48 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/09/23 17:45:50 | 001,287,176 | ---- | M] (Panda Security) -- C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
PRC - [2008/11/20 20:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012/07/21 11:04:08 | 001,193,176 | ---- | M] () -- C:\Users\WEBSurfer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
MOD - [2012/06/13 18:36:45 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012/06/13 18:36:25 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/13 18:36:20 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/05/29 09:01:36 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/29 09:01:35 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/05/29 09:01:33 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\f8b2a1f4d134b1bbb0f78daa5d3ef532\IAStorUtil.ni.dll
MOD - [2012/05/29 09:00:58 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/29 09:00:55 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/29 09:00:54 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/29 09:00:48 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/04/13 12:04:32 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2012/04/13 12:00:04 | 000,170,496 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll
MOD - [2010/11/18 14:09:49 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010/11/13 02:08:41 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/08/20 10:57:06 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2010/08/20 10:57:00 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2010/01/18 20:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2012/04/10 12:17:16 | 000,097,552 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2012/08/02 22:57:20 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/30 16:47:25 | 003,075,920 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2012/07/14 02:17:12 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/05/03 08:31:10 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/01/03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/14 08:01:50 | 000,994,360 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2011/10/14 08:01:48 | 000,399,416 | ---- | M] (Secunia) [Auto | Stopped] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011/08/05 01:03:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010/10/22 13:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\Hp\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/04 06:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009/10/15 01:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2009/10/01 06:02:50 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/10/01 06:02:48 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012/04/10 12:17:14 | 000,164,528 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/08 20:34:14 | 000,231,376 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt)
DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/01 10:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)
DRV:64bit: - [2010/06/22 03:07:38 | 000,131,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010/03/04 16:43:00 | 000,346,144 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/03/04 05:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/02/06 04:04:06 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/02/06 04:04:04 | 000,070,712 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/01/22 19:22:22 | 000,180,224 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/01/22 19:22:18 | 000,077,824 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009/10/06 21:49:14 | 000,230,456 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ahcix64s.sys -- (ahcix64s)
DRV:64bit: - [2009/09/17 22:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012/06/18 18:09:21 | 000,066,320 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys -- (a2acc)
DRV - [2012/06/18 18:09:21 | 000,044,688 | ---- | M] (Emsisoft GmbH) [File_System | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys -- (a2injectiondriver)
DRV - [2011/05/19 14:10:34 | 000,023,208 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys -- (A2DDA)
DRV - [2010/05/05 09:40:54 | 000,014,720 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys -- (a2util)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {183A5A56-C5B2-4507-9A8B-3A3A4AAAABCC}
IE:64bit: - HKLM\..\SearchScopes\{183A5A56-C5B2-4507-9A8B-3A3A4AAAABCC}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{3DAB0DF8-C3AE-48A7-AB24-7F656E24D8A4}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
IE:64bit: - HKLM\..\SearchScopes\{9440539B-CF7A-4689-B338-652A651F00AD}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4
IE - HKLM\..\SearchScopes,DefaultScope = {183A5A56-C5B2-4507-9A8B-3A3A4AAAABCC}
IE - HKLM\..\SearchScopes\{183A5A56-C5B2-4507-9A8B-3A3A4AAAABCC}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{3DAB0DF8-C3AE-48A7-AB24-7F656E24D8A4}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
IE - HKLM\..\SearchScopes\{9440539B-CF7A-4689-B338-652A651F00AD}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3296383076-2837157344-2558239909-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE - HKU\S-1-5-21-3296383076-2837157344-2558239909-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3296383076-2837157344-2558239909-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3296383076-2837157344-2558239909-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-3296383076-2837157344-2558239909-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4
IE - HKU\S-1-5-21-3296383076-2837157344-2558239909-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3296383076-2837157344-2558239909-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3296383076-2837157344-2558239909-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689
IE - HKU\S-1-5-21-3296383076-2837157344-2558239909-1000\..\SearchScopes\{183A5A56-C5B2-4507-9A8B-3A3A4AAAABCC}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-3296383076-2837157344-2558239909-1000\..\SearchScopes\{3DAB0DF8-C3AE-48A7-AB24-7F656E24D8A4}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
IE - HKU\S-1-5-21-3296383076-2837157344-2558239909-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={sear
IE - HKU\S-1-5-21-3296383076-2837157344-2558239909-1000\..\SearchScopes\{9440539B-CF7A-4689-B338-652A651F00AD}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKU\S-1-5-21-3296383076-2837157344-2558239909-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-3296383076-2837157344-2558239909-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE - HKU\S-1-5-21-3296383076-2837157344-2558239909-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4
IE - HKU\S-1-5-21-3296383076-2837157344-2558239909-1003\..\SearchScopes,DefaultScope = {183A5A56-C5B2-4507-9A8B-3A3A4AAAABCC}
IE - HKU\S-1-5-21-3296383076-2837157344-2558239909-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-3296383076-2837157344-2558239909-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE - HKU\S-1-5-21-3296383076-2837157344-2558239909-1004\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPDSK/4
IE - HKU\S-1-5-21-3296383076-2837157344-2558239909-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/28 10:21:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/28 10:21:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/28 10:21:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/07/28 10:20:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2012/02/04 21:40:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HP\AppData\Roaming\mozilla\Extensions
[2012/08/02 18:01:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HP\AppData\Roaming\mozilla\Firefox\Profiles\7pr9u88o.default\extensions
[2012/04/06 11:47:20 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\HP\AppData\Roaming\mozilla\Firefox\Profiles\7pr9u88o.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012/07/28 10:21:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/05/21 18:10:40 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/06/20 20:05:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/08/02 18:01:06 | 000,564,925 | ---- | M] () (No name found) -- C:\USERS\HP\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7PR9U88O.DEFAULT\EXTENSIONS\TOOLBAR@GMX.NET.XPI
[2012/07/14 02:17:47 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/07/14 02:16:36 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/07/14 02:16:36 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U32 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: AdBlock = C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.32_0\
CHR - Extension: Ghostery = C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\3.0.0_0\
 
O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKU\S-1-5-21-3296383076-2837157344-2558239909-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe File not found
O4 - HKLM..\Run: [emsisoft anti-malware] c:\program files (x86)\emsisoft anti-malware\a2guard.exe (Emsisoft GmbH)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3296383076-2837157344-2558239909-1000..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKU\S-1-5-21-3296383076-2837157344-2558239909-1003..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKU\S-1-5-21-3296383076-2837157344-2558239909-1003..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe File not found
O4 - HKU\S-1-5-21-3296383076-2837157344-2558239909-1003..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKU\S-1-5-21-3296383076-2837157344-2558239909-1003..\Run: [Spotify Web Helper] C:\Users\WEBSurfer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKU\S-1-5-21-3296383076-2837157344-2558239909-1004..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe File not found
O4 - HKU\S-1-5-21-3296383076-2837157344-2558239909-1004..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3296383076-2837157344-2558239909-1003..\RunOnce: [Application Restart #1] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\S-1-5-21-3296383076-2837157344-2558239909-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\WEBSurfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\WEBSurfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKU\S-1-5-21-3296383076-2837157344-2558239909-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3296383076-2837157344-2558239909-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-3296383076-2837157344-2558239909-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKU\S-1-5-21-3296383076-2837157344-2558239909-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3296383076-2837157344-2558239909-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-3296383076-2837157344-2558239909-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKU\S-1-5-21-3296383076-2837157344-2558239909-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-3296383076-2837157344-2558239909-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\HP\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\HP\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3296383076-2837157344-2558239909-1003\..Trusted Domains: web.de ([navigator] https in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-3296383076-2837157344-2558239909-1003\..Trusted Domains: web.de ([onlinechat] https in Vertrauenswürdige Sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 10.5.0)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 1.7.0_04)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 10.5.0)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3664F473-CF12-490A-AB39-2916706EEF67}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2010/02/03 12:03:59 | 000,000,064 | R--- | M] () - E:\Autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 
MsConfig:64bit - StartUpReg: HPAdvisorDock - hkey= - key= -  File not found
MsConfig:64bit - State: "startup" - Reg Error: Key error.
 
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/08/02 18:00:39 | 000,000,000 | ---D | C] -- C:\Users\HP\AppData\Roaming\Skype
[2012/08/02 18:00:30 | 000,000,000 | ---D | C] -- C:\Users\HP\AppData\Local\Power2Go
[2012/08/01 21:11:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012/07/31 17:08:52 | 000,000,000 | ---D | C] -- C:\Users\HP\AppData\Local\Macromedia
[2012/07/28 13:53:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/28 13:53:03 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/07/28 13:53:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/07/14 22:16:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
 
========== Files - Modified Within 30 Days ==========
 
[2012/08/06 21:33:00 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/06 21:17:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/06 20:57:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/06 19:09:28 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/05 19:39:43 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/05 19:39:43 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/05 19:32:05 | 3189,067,776 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/03 22:48:50 | 001,800,066 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/08/03 22:48:50 | 000,763,004 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012/08/03 22:48:50 | 000,718,322 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/08/03 22:48:50 | 000,173,390 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012/08/03 22:48:50 | 000,146,344 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/29 09:19:58 | 000,005,104 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2012/07/28 13:53:05 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/28 10:21:37 | 000,001,096 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/07/28 10:20:58 | 000,002,052 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2012/07/14 22:17:15 | 000,001,072 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2012/07/12 23:09:28 | 000,383,192 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2012/07/28 13:53:05 | 000,001,075 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/14 22:17:15 | 000,001,072 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2012/05/28 20:25:46 | 001,776,344 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/02/18 14:22:24 | 000,234,986 | ---- | C] () -- C:\Windows\hpoins21.dat
[2012/02/18 14:22:24 | 000,005,474 | ---- | C] () -- C:\Windows\hpomdl21.dat
[2012/02/03 00:11:14 | 000,005,104 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2012/01/30 22:51:39 | 000,000,680 | RHS- | C] () -- C:\Users\HP\ntuser.pol
[2011/05/25 23:00:39 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010/11/18 13:54:02 | 000,009,988 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
 
========== LOP Check ==========
 
[2012/02/21 10:21:04 | 000,000,000 | ---D | M] -- C:\Users\ohne Web\AppData\Roaming\Thunderbird
[2012/04/06 11:47:33 | 000,000,000 | ---D | M] -- C:\Users\WEBSurfer\AppData\Roaming\DVDVideoSoft
[2012/03/18 10:33:58 | 000,000,000 | ---D | M] -- C:\Users\WEBSurfer\AppData\Roaming\fotobuch.de AG
[2012/04/09 11:28:28 | 000,000,000 | ---D | M] -- C:\Users\WEBSurfer\AppData\Roaming\GetRightToGo
[2012/04/29 19:13:18 | 000,000,000 | ---D | M] -- C:\Users\WEBSurfer\AppData\Roaming\IrfanView
[2012/02/04 20:13:22 | 000,000,000 | ---D | M] -- C:\Users\WEBSurfer\AppData\Roaming\OpenOffice.org
[2012/05/13 13:34:43 | 000,000,000 | ---D | M] -- C:\Users\WEBSurfer\AppData\Roaming\PDF Writer
[2012/08/05 22:04:20 | 000,000,000 | ---D | M] -- C:\Users\WEBSurfer\AppData\Roaming\Spotify
[2012/02/03 23:27:49 | 000,000,000 | ---D | M] -- C:\Users\WEBSurfer\AppData\Roaming\Thunderbird
[2012/02/14 21:27:11 | 000,000,000 | ---D | M] -- C:\Users\WEBSurfer\AppData\Roaming\TrueCrypt
[2012/02/07 15:03:05 | 000,000,000 | ---D | M] -- C:\Users\WEBSurfer\AppData\Roaming\WildTangent
[2012/02/07 13:32:19 | 000,000,000 | ---D | M] -- C:\Users\WEBSurfer\AppData\Roaming\_MDLogs
[2009/07/14 07:08:49 | 000,018,270 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2011/11/19 01:56:02 | 000,000,000 | ---D | M] -- C:\Users\HP\AppData\Roaming\Adobe
[2012/03/06 19:59:25 | 000,000,000 | ---D | M] -- C:\Users\HP\AppData\Roaming\CyberLink
[2012/04/06 11:47:23 | 000,000,000 | ---D | M] -- C:\Users\HP\AppData\Roaming\DVDVideoSoft
[2012/04/06 11:47:19 | 000,000,000 | ---D | M] -- C:\Users\HP\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/02/07 23:58:35 | 000,000,000 | ---D | M] -- C:\Users\HP\AppData\Roaming\fotobuch.de AG
[2011/05/25 23:07:00 | 000,000,000 | ---D | M] -- C:\Users\HP\AppData\Roaming\Hewlett-Packard
[2012/02/18 14:31:33 | 000,000,000 | ---D | M] -- C:\Users\HP\AppData\Roaming\HP
[2012/01/30 22:39:25 | 000,000,000 | ---D | M] -- C:\Users\HP\AppData\Roaming\HpUpdate
[2011/05/25 23:06:47 | 000,000,000 | ---D | M] -- C:\Users\HP\AppData\Roaming\Identities
[2011/05/25 23:07:00 | 000,000,000 | ---D | M] -- C:\Users\HP\AppData\Roaming\Intel Corporation
[2011/11/19 01:56:06 | 000,000,000 | ---D | M] -- C:\Users\HP\AppData\Roaming\Macromedia
[2012/02/04 17:57:10 | 000,000,000 | ---D | M] -- C:\Users\HP\AppData\Roaming\Malwarebytes
[2009/07/14 09:44:38 | 000,000,000 | ---D | M] -- C:\Users\HP\AppData\Roaming\Media Center Programs
[2012/07/31 17:08:52 | 000,000,000 | --SD | M] -- C:\Users\HP\AppData\Roaming\Microsoft
[2012/02/04 21:40:03 | 000,000,000 | ---D | M] -- C:\Users\HP\AppData\Roaming\Mozilla
[2012/08/02 18:04:52 | 000,000,000 | ---D | M] -- C:\Users\HP\AppData\Roaming\Skype
[2012/01/30 23:30:08 | 000,000,000 | ---D | M] -- C:\Users\HP\AppData\Roaming\Thunderbird
 
< %APPDATA%\*.exe /s >
 
< %SYSTEMDRIVE%\*.exe >
[2008/04/11 08:03:48 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
 
< MD5 for: AGP440.SYS  >
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2008/06/06 15:03:52 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\CyberLink\PowerDirector\EventLog.dll
 
< MD5 for: IASTOR.SYS  >
[2010/03/04 05:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\swsetup\DRV\Storage\Intel\RST\9.6\x64\iaStor.sys
[2010/03/04 05:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysNative\drivers\iaStor.sys
[2010/03/04 05:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_78ebae21a80aa2b4\iaStor.sys
[2010/03/04 05:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysNative\DriverStore\FileRepository\iastor.inf_amd64_neutral_d73865c94450cce1\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2010/11/20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2010/11/18 14:26:16 | 000,410,504 | ---- | M] (Intel Corporation) MD5=513DC087CFED7D2BB82F005385D3531F -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16592_none_0af87721a183cb70\iaStorV.sys
[2011/03/11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011/03/11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011/03/11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009/07/14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
[2010/11/18 14:26:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=E353CF970C5D4D6A092911E15FB78C07 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20712_none_0bd89532ba6088d9\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009/07/14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010/11/20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2010/11/18 14:26:16 | 000,166,280 | ---- | M] (NVIDIA Corporation) MD5=0AF7B8136794E23E87BE138992880E64 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16592_none_95c1e7d0d8ba7548\nvstor.sys
[2009/07/14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011/03/11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011/03/11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2010/11/18 14:26:16 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=CE76755AF933E728CEBA6C7A970838A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20712_none_96a205e1f19732b1\nvstor.sys
[2011/03/11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010/11/20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010/11/20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009/07/14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009/07/14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010/11/20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010/11/20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010/11/18 14:19:39 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010/11/18 14:19:39 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009/07/14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009/07/14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >

< End of report >
--- --- ---

cosinus 07.08.2012 15:31
Ziemlich unaufällig

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

sissi_a 07.08.2012 16:38
Code:

17:33:30.0468 6356        TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
17:33:30.0668 6356        ============================================================
17:33:30.0668 6356        Current date / time: 2012/08/07 17:33:30.0668
17:33:30.0668 6356        SystemInfo:
17:33:30.0668 6356       
17:33:30.0668 6356        OS Version: 6.1.7601 ServicePack: 1.0
17:33:30.0668 6356        Product type: Workstation
17:33:30.0668 6356        ComputerName: HP-HP
17:33:30.0668 6356        UserName: HP
17:33:30.0668 6356        Windows directory: C:\Windows
17:33:30.0668 6356        System windows directory: C:\Windows
17:33:30.0668 6356        Running under WOW64
17:33:30.0668 6356        Processor architecture: Intel x64
17:33:30.0668 6356        Number of processors: 4
17:33:30.0668 6356        Page size: 0x1000
17:33:30.0668 6356        Boot type: Normal boot
17:33:30.0668 6356        ============================================================
17:33:31.0613 6356        Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:33:31.0639 6356        ============================================================
17:33:31.0639 6356        \Device\Harddisk0\DR0:
17:33:31.0639 6356        MBR partitions:
17:33:31.0639 6356        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:33:31.0639 6356        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72B80000
17:33:31.0639 6356        \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x72BB2800, BlocksNum 0x1B53800
17:33:31.0639 6356        ============================================================
17:33:31.0661 6356        C: <-> \Device\Harddisk0\DR0\Partition1
17:33:31.0715 6356        D: <-> \Device\Harddisk0\DR0\Partition2
17:33:31.0715 6356        ============================================================
17:33:31.0715 6356        Initialize success
17:33:31.0715 6356        ============================================================
17:33:51.0051 2644        ============================================================
17:33:51.0052 2644        Scan started
17:33:51.0052 2644        Mode: Manual; SigCheck; TDLFS;
17:33:51.0052 2644        ============================================================
17:33:52.0183 2644        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
17:33:52.0638 2644        1394ohci - ok
17:33:52.0708 2644        a2acc          (2d6434e957f7cfa0035c20890f77bbc6) C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
17:33:52.0791 2644        a2acc - ok
17:33:53.0039 2644        a2AntiMalware  (0d050186cf421131b43d00024bd9b8bb) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
17:33:53.0079 2644        a2AntiMalware - ok
17:33:53.0109 2644        A2DDA          (3044d0f3feb9ffe8bc953d8f34b5b504) C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys
17:33:53.0117 2644        A2DDA - ok
17:33:53.0143 2644        a2injectiondriver (3d55ce53128c81e06cd6b024c3b9fac3) C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys
17:33:53.0151 2644        a2injectiondriver - ok
17:33:53.0172 2644        a2util          (e41d79682a209f72f4f578cfd4a53952) C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys
17:33:53.0180 2644        a2util - ok
17:33:53.0330 2644        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:33:53.0356 2644        ACPI - ok
17:33:53.0377 2644        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:33:53.0445 2644        AcpiPmi - ok
17:33:53.0498 2644        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:33:53.0512 2644        AdobeARMservice - ok
17:33:53.0661 2644        AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:33:53.0681 2644        AdobeFlashPlayerUpdateSvc - ok
17:33:53.0740 2644        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
17:33:53.0768 2644        adp94xx - ok
17:33:53.0798 2644        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
17:33:53.0812 2644        adpahci - ok
17:33:53.0827 2644        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
17:33:53.0840 2644        adpu320 - ok
17:33:53.0858 2644        AeLookupSvc    (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
17:33:53.0988 2644        AeLookupSvc - ok
17:33:54.0057 2644        AFD            (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
17:33:54.0140 2644        AFD - ok
17:33:54.0175 2644        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:33:54.0194 2644        agp440 - ok
17:33:54.0247 2644        ahcix64s        (aa3f73ccbf498bd56800f840d75e40e4) C:\Windows\system32\DRIVERS\ahcix64s.sys
17:33:54.0267 2644        ahcix64s - ok
17:33:54.0291 2644        ALG            (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
17:33:54.0340 2644        ALG - ok
17:33:54.0361 2644        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:33:54.0379 2644        aliide - ok
17:33:54.0383 2644        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:33:54.0397 2644        amdide - ok
17:33:54.0424 2644        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
17:33:54.0463 2644        AmdK8 - ok
17:33:54.0481 2644        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:33:54.0535 2644        AmdPPM - ok
17:33:54.0572 2644        amdsata        (f747497a0ee5498f79b207f215b3d2d8) C:\Windows\system32\DRIVERS\amdsata.sys
17:33:54.0588 2644        amdsata - ok
17:33:54.0620 2644        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
17:33:54.0647 2644        amdsbs - ok
17:33:54.0652 2644        amdxata        (2946d695e158615baaa16248e63c7adb) C:\Windows\system32\DRIVERS\amdxata.sys
17:33:54.0665 2644        amdxata - ok
17:33:54.0717 2644        AppID          (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:33:54.0858 2644        AppID - ok
17:33:54.0873 2644        AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
17:33:54.0950 2644        AppIDSvc - ok
17:33:55.0022 2644        Appinfo        (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
17:33:55.0089 2644        Appinfo - ok
17:33:55.0113 2644        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
17:33:55.0123 2644        arc - ok
17:33:55.0132 2644        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
17:33:55.0142 2644        arcsas - ok
17:33:55.0242 2644        aspnet_state    (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:33:55.0260 2644        aspnet_state - ok
17:33:55.0291 2644        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:33:55.0360 2644        AsyncMac - ok
17:33:55.0400 2644        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:33:55.0409 2644        atapi - ok
17:33:55.0516 2644        AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:33:55.0586 2644        AudioEndpointBuilder - ok
17:33:55.0592 2644        AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:33:55.0621 2644        AudioSrv - ok
17:33:55.0671 2644        AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
17:33:55.0755 2644        AxInstSV - ok
17:33:55.0828 2644        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
17:33:55.0900 2644        b06bdrv - ok
17:33:55.0947 2644        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:33:55.0977 2644        b57nd60a - ok
17:33:56.0024 2644        BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
17:33:56.0059 2644        BDESVC - ok
17:33:56.0066 2644        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:33:56.0137 2644        Beep - ok
17:33:56.0252 2644        BFE            (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
17:33:56.0300 2644        BFE - ok
17:33:56.0398 2644        BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
17:33:56.0473 2644        BITS - ok
17:33:56.0526 2644        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:33:56.0556 2644        blbdrive - ok
17:33:56.0586 2644        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:33:56.0620 2644        bowser - ok
17:33:56.0643 2644        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:33:56.0705 2644        BrFiltLo - ok
17:33:56.0717 2644        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:33:56.0740 2644        BrFiltUp - ok
17:33:56.0793 2644        Browser        (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
17:33:56.0857 2644        Browser - ok
17:33:56.0901 2644        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:33:56.0951 2644        Brserid - ok
17:33:56.0968 2644        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:33:56.0998 2644        BrSerWdm - ok
17:33:57.0014 2644        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:33:57.0062 2644        BrUsbMdm - ok
17:33:57.0088 2644        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:33:57.0120 2644        BrUsbSer - ok
17:33:57.0148 2644        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
17:33:57.0179 2644        BTHMODEM - ok
17:33:57.0221 2644        bthserv        (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
17:33:57.0264 2644        bthserv - ok
17:33:57.0287 2644        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:33:57.0321 2644        cdfs - ok
17:33:57.0359 2644        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
17:33:57.0392 2644        cdrom - ok
17:33:57.0460 2644        CertPropSvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:33:57.0523 2644        CertPropSvc - ok
17:33:57.0557 2644        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
17:33:57.0577 2644        circlass - ok
17:33:57.0632 2644        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:33:57.0661 2644        CLFS - ok
17:33:57.0721 2644        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:33:57.0739 2644        clr_optimization_v2.0.50727_32 - ok
17:33:57.0785 2644        clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:33:57.0803 2644        clr_optimization_v2.0.50727_64 - ok
17:33:57.0891 2644        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:33:57.0910 2644        clr_optimization_v4.0.30319_32 - ok
17:33:57.0942 2644        clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:33:57.0960 2644        clr_optimization_v4.0.30319_64 - ok
17:33:57.0989 2644        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
17:33:58.0033 2644        CmBatt - ok
17:33:58.0067 2644        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:33:58.0087 2644        cmdide - ok
17:33:58.0172 2644        CNG            (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
17:33:58.0209 2644        CNG - ok
17:33:58.0218 2644        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
17:33:58.0227 2644        Compbatt - ok
17:33:58.0271 2644        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
17:33:58.0319 2644        CompositeBus - ok
17:33:58.0342 2644        COMSysApp - ok
17:33:58.0361 2644        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
17:33:58.0381 2644        crcdisk - ok
17:33:58.0442 2644        CryptSvc        (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
17:33:58.0506 2644        CryptSvc - ok
17:33:58.0589 2644        DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:33:58.0650 2644        DcomLaunch - ok
17:33:58.0699 2644        defragsvc      (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
17:33:58.0783 2644        defragsvc - ok
17:33:58.0849 2644        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:33:58.0901 2644        DfsC - ok
17:33:58.0982 2644        Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
17:33:59.0048 2644        Dhcp - ok
17:33:59.0068 2644        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:33:59.0097 2644        discache - ok
17:33:59.0129 2644        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
17:33:59.0147 2644        Disk - ok
17:33:59.0177 2644        Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
17:33:59.0217 2644        Dnscache - ok
17:33:59.0275 2644        dot3svc        (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
17:33:59.0322 2644        dot3svc - ok
17:33:59.0376 2644        DPS            (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
17:33:59.0425 2644        DPS - ok
17:33:59.0452 2644        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:33:59.0482 2644        drmkaud - ok
17:33:59.0594 2644        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:33:59.0627 2644        DXGKrnl - ok
17:33:59.0650 2644        EapHost        (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
17:33:59.0696 2644        EapHost - ok
17:33:59.0930 2644        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
17:33:59.0984 2644        ebdrv - ok
17:34:00.0096 2644        EFS            (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
17:34:00.0154 2644        EFS - ok
17:34:00.0245 2644        ehRecvr        (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
17:34:00.0289 2644        ehRecvr - ok
17:34:00.0322 2644        ehSched        (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
17:34:00.0346 2644        ehSched - ok
17:34:00.0426 2644        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
17:34:00.0455 2644        elxstor - ok
17:34:00.0475 2644        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:34:00.0494 2644        ErrDev - ok
17:34:00.0544 2644        EventSystem    (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
17:34:00.0579 2644        EventSystem - ok
17:34:00.0605 2644        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:34:00.0673 2644        exfat - ok
17:34:00.0699 2644        ezSharedSvc - ok
17:34:00.0719 2644        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:34:00.0747 2644        fastfat - ok
17:34:00.0822 2644        Fax            (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
17:34:00.0886 2644        Fax - ok
17:34:00.0919 2644        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
17:34:00.0947 2644        fdc - ok
17:34:00.0969 2644        fdPHost        (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
17:34:01.0017 2644        fdPHost - ok
17:34:01.0029 2644        FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
17:34:01.0055 2644        FDResPub - ok
17:34:01.0074 2644        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:34:01.0082 2644        FileInfo - ok
17:34:01.0103 2644        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:34:01.0158 2644        Filetrace - ok
17:34:01.0167 2644        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
17:34:01.0178 2644        flpydisk - ok
17:34:01.0244 2644        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:34:01.0266 2644        FltMgr - ok
17:34:01.0332 2644        FontCache      (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
17:34:01.0373 2644        FontCache - ok
17:34:01.0446 2644        FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:34:01.0462 2644        FontCache3.0.0.0 - ok
17:34:01.0503 2644        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:34:01.0515 2644        FsDepends - ok
17:34:01.0529 2644        Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
17:34:01.0538 2644        Fs_Rec - ok
17:34:01.0597 2644        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:34:01.0610 2644        fvevol - ok
17:34:01.0631 2644        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:34:01.0640 2644        gagp30kx - ok
17:34:01.0734 2644        gpsvc          (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
17:34:01.0788 2644        gpsvc - ok
17:34:01.0861 2644        gupdate        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:34:01.0868 2644        gupdate - ok
17:34:01.0870 2644        gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:34:01.0877 2644        gupdatem - ok
17:34:01.0924 2644        gusvc          (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:34:01.0935 2644        gusvc - ok
17:34:01.0968 2644        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:34:02.0008 2644        hcw85cir - ok
17:34:02.0049 2644        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
17:34:02.0064 2644        HdAudAddService - ok
17:34:02.0110 2644        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
17:34:02.0131 2644        HDAudBus - ok
17:34:02.0167 2644        HECIx64        (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
17:34:02.0175 2644        HECIx64 - ok
17:34:02.0196 2644        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
17:34:02.0206 2644        HidBatt - ok
17:34:02.0226 2644        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
17:34:02.0252 2644        HidBth - ok
17:34:02.0274 2644        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
17:34:02.0322 2644        HidIr - ok
17:34:02.0351 2644        hidserv        (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
17:34:02.0376 2644        hidserv - ok
17:34:02.0407 2644        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
17:34:02.0426 2644        HidUsb - ok
17:34:02.0467 2644        hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
17:34:02.0513 2644        hkmsvc - ok
17:34:02.0573 2644        HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
17:34:02.0628 2644        HomeGroupListener - ok
17:34:02.0667 2644        HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
17:34:02.0688 2644        HomeGroupProvider - ok
17:34:02.0757 2644        HP Health Check Service (f859f81a4c3aa52fbd734434dafe1647) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
17:34:02.0763 2644        HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
17:34:02.0763 2644        HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
17:34:02.0840 2644        hpqcxs08        (1dae5c46d42b02a6d5862e1482efb390) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:34:02.0869 2644        hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
17:34:02.0869 2644        hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
17:34:02.0896 2644        hpqddsvc        (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:34:02.0900 2644        hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
17:34:02.0900 2644        hpqddsvc - detected UnsignedFile.Multi.Generic (1)
17:34:02.0936 2644        hpqwmiex        (ef3ea06057132138b4e5895a61601dbe) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
17:34:02.0946 2644        hpqwmiex - ok
17:34:02.0999 2644        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:34:03.0010 2644        HpSAMD - ok
17:34:03.0101 2644        HPSLPSVC        (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
17:34:03.0132 2644        HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
17:34:03.0132 2644        HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
17:34:03.0207 2644        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:34:03.0245 2644        HTTP - ok
17:34:03.0287 2644        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:34:03.0305 2644        hwpolicy - ok
17:34:03.0333 2644        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
17:34:03.0343 2644        i8042prt - ok
17:34:03.0381 2644        iaStor          (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys
17:34:03.0392 2644        iaStor - ok
17:34:03.0463 2644        IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:34:03.0469 2644        IAStorDataMgrSvc - ok
17:34:03.0527 2644        iaStorV        (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:34:03.0552 2644        iaStorV - ok
17:34:03.0645 2644        idsvc          (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:34:03.0664 2644        idsvc - ok
17:34:03.0683 2644        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
17:34:03.0692 2644        iirsp - ok
17:34:03.0801 2644        IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
17:34:03.0859 2644        IKEEXT - ok
17:34:03.0974 2644        IntcAzAudAddService (3c4b4ee54febb09f7e9f58776de96dca) C:\Windows\system32\drivers\RTKVHD64.sys
17:34:04.0016 2644        IntcAzAudAddService - ok
17:34:04.0107 2644        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:34:04.0117 2644        intelide - ok
17:34:04.0143 2644        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:34:04.0159 2644        intelppm - ok
17:34:04.0177 2644        IPBusEnum      (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
17:34:04.0214 2644        IPBusEnum - ok
17:34:04.0263 2644        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:34:04.0328 2644        IpFilterDriver - ok
17:34:04.0378 2644        iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
17:34:04.0417 2644        iphlpsvc - ok
17:34:04.0445 2644        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:34:04.0472 2644        IPMIDRV - ok
17:34:04.0503 2644        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:34:04.0566 2644        IPNAT - ok
17:34:04.0583 2644        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:34:04.0620 2644        IRENUM - ok
17:34:04.0644 2644        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:34:04.0653 2644        isapnp - ok
17:34:04.0692 2644        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:34:04.0704 2644        iScsiPrt - ok
17:34:04.0724 2644        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
17:34:04.0733 2644        kbdclass - ok
17:34:04.0768 2644        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
17:34:04.0787 2644        kbdhid - ok
17:34:04.0819 2644        KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:34:04.0835 2644        KeyIso - ok
17:34:04.0882 2644        KSecDD          (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
17:34:04.0902 2644        KSecDD - ok
17:34:04.0953 2644        KSecPkg        (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
17:34:04.0976 2644        KSecPkg - ok
17:34:04.0990 2644        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:34:05.0030 2644        ksthunk - ok
17:34:05.0071 2644        KtmRm          (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
17:34:05.0137 2644        KtmRm - ok
17:34:05.0225 2644        LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
17:34:05.0268 2644        LanmanServer - ok
17:34:05.0319 2644        LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
17:34:05.0385 2644        LanmanWorkstation - ok
17:34:05.0479 2644        LightScribeService (6e7b4e75e8a226edc8a9a8b1c3510f9b) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
17:34:05.0491 2644        LightScribeService ( UnsignedFile.Multi.Generic ) - warning
17:34:05.0491 2644        LightScribeService - detected UnsignedFile.Multi.Generic (1)
17:34:05.0534 2644        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:34:05.0601 2644        lltdio - ok
17:34:05.0657 2644        lltdsvc        (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
17:34:05.0737 2644        lltdsvc - ok
17:34:05.0767 2644        lmhosts        (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
17:34:05.0822 2644        lmhosts - ok
17:34:05.0875 2644        LMS            (e38775922d4a4c05b5d96733ab4ce169) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:34:05.0892 2644        LMS - ok
17:34:05.0927 2644        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
17:34:05.0944 2644        LSI_FC - ok
17:34:05.0955 2644        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
17:34:05.0971 2644        LSI_SAS - ok
17:34:05.0978 2644        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:34:05.0989 2644        LSI_SAS2 - ok
17:34:05.0999 2644        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:34:06.0011 2644        LSI_SCSI - ok
17:34:06.0036 2644        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:34:06.0082 2644        luafv - ok
17:34:06.0132 2644        Mcx2Svc        (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
17:34:06.0162 2644        Mcx2Svc - ok
17:34:06.0169 2644        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
17:34:06.0185 2644        megasas - ok
17:34:06.0205 2644        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
17:34:06.0219 2644        MegaSR - ok
17:34:06.0248 2644        MMCSS          (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:34:06.0298 2644        MMCSS - ok
17:34:06.0327 2644        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:34:06.0376 2644        Modem - ok
17:34:06.0400 2644        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:34:06.0419 2644        monitor - ok
17:34:06.0448 2644        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
17:34:06.0465 2644        mouclass - ok
17:34:06.0479 2644        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:34:06.0497 2644        mouhid - ok
17:34:06.0558 2644        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:34:06.0579 2644        mountmgr - ok
17:34:06.0677 2644        MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:34:06.0696 2644        MozillaMaintenance - ok
17:34:06.0743 2644        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:34:06.0764 2644        mpio - ok
17:34:06.0789 2644        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:34:06.0848 2644        mpsdrv - ok
17:34:06.0946 2644        MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
17:34:06.0997 2644        MpsSvc - ok
17:34:07.0055 2644        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:34:07.0096 2644        MRxDAV - ok
17:34:07.0135 2644        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:34:07.0198 2644        mrxsmb - ok
17:34:07.0240 2644        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:34:07.0266 2644        mrxsmb10 - ok
17:34:07.0281 2644        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:34:07.0296 2644        mrxsmb20 - ok
17:34:07.0309 2644        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:34:07.0322 2644        msahci - ok
17:34:07.0360 2644        msdsm          (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:34:07.0383 2644        msdsm - ok
17:34:07.0413 2644        MSDTC          (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
17:34:07.0463 2644        MSDTC - ok
17:34:07.0506 2644        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:34:07.0549 2644        Msfs - ok
17:34:07.0566 2644        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:34:07.0605 2644        mshidkmdf - ok
17:34:07.0622 2644        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:34:07.0633 2644        msisadrv - ok
17:34:07.0668 2644        MSiSCSI        (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
17:34:07.0704 2644        MSiSCSI - ok
17:34:07.0706 2644        msiserver - ok
17:34:07.0727 2644        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:34:07.0783 2644        MSKSSRV - ok
17:34:07.0795 2644        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:34:07.0838 2644        MSPCLOCK - ok
17:34:07.0857 2644        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:34:07.0891 2644        MSPQM - ok
17:34:07.0966 2644        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:34:07.0990 2644        MsRPC - ok
17:34:08.0014 2644        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
17:34:08.0027 2644        mssmbios - ok
17:34:08.0110 2644        MSSQL$SQLEXPRESS - ok
17:34:08.0210 2644        MSSQLServerADHelper100 (7a2a8c975356858eb38466a6b1592e8d) c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
17:34:08.0242 2644        MSSQLServerADHelper100 - ok
17:34:08.0273 2644        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:34:08.0322 2644        MSTEE - ok
17:34:08.0337 2644        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
17:34:08.0377 2644        MTConfig - ok
17:34:08.0395 2644        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:34:08.0414 2644        Mup - ok
17:34:08.0492 2644        napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
17:34:08.0543 2644        napagent - ok
17:34:08.0589 2644        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:34:08.0630 2644        NativeWifiP - ok
17:34:08.0720 2644        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
17:34:08.0762 2644        NDIS - ok
17:34:08.0786 2644        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:34:08.0834 2644        NdisCap - ok
17:34:08.0852 2644        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:34:08.0879 2644        NdisTapi - ok
17:34:08.0931 2644        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:34:08.0985 2644        Ndisuio - ok
17:34:09.0038 2644        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:34:09.0086 2644        NdisWan - ok
17:34:09.0138 2644        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:34:09.0187 2644        NDProxy - ok
17:34:09.0259 2644        Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
17:34:09.0268 2644        Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:34:09.0268 2644        Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:34:09.0293 2644        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:34:09.0347 2644        NetBIOS - ok
17:34:09.0408 2644        NetBT          (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:34:09.0458 2644        NetBT - ok
17:34:09.0487 2644        Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:34:09.0497 2644        Netlogon - ok
17:34:09.0548 2644        Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
17:34:09.0602 2644        Netman - ok
17:34:09.0680 2644        NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:34:09.0698 2644        NetMsmqActivator - ok
17:34:09.0702 2644        NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:34:09.0717 2644        NetPipeActivator - ok
17:34:09.0749 2644        netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
17:34:09.0809 2644        netprofm - ok
17:34:09.0812 2644        NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:34:09.0820 2644        NetTcpActivator - ok
17:34:09.0822 2644        NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:34:09.0829 2644        NetTcpPortSharing - ok
17:34:09.0883 2644        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
17:34:09.0903 2644        nfrd960 - ok
17:34:09.0983 2644        NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
17:34:10.0051 2644        NlaSvc - ok
17:34:10.0068 2644        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:34:10.0095 2644        Npfs - ok
17:34:10.0117 2644        nsi            (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
17:34:10.0184 2644        nsi - ok
17:34:10.0206 2644        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:34:10.0240 2644        nsiproxy - ok
17:34:10.0370 2644        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:34:10.0415 2644        Ntfs - ok
17:34:10.0524 2644        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:34:10.0580 2644        Null - ok
17:34:10.0614 2644        nusb3hub        (8ebcb9165ee7f1571842f4d9d624a74c) C:\Windows\system32\DRIVERS\nusb3hub.sys
17:34:10.0648 2644        nusb3hub - ok
17:34:10.0685 2644        nusb3xhc        (5d54dbb12bbfe07cc283fd39f2cd6d63) C:\Windows\system32\DRIVERS\nusb3xhc.sys
17:34:10.0715 2644        nusb3xhc - ok
17:34:10.0753 2644        NVHDA          (e20abd5b229760158f753ca90b97e090) C:\Windows\system32\drivers\nvhda64v.sys
17:34:10.0769 2644        NVHDA - ok
17:34:11.0724 2644        nvlddmkm        (cd90d63b7161ce9f5a3066f320999ab8) C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:34:11.0939 2644        nvlddmkm - ok
17:34:12.0088 2644        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:34:12.0110 2644        nvraid - ok
17:34:12.0125 2644        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:34:12.0140 2644        nvstor - ok
17:34:12.0180 2644        nvstor64        (1e45f96342429d63dc30e0d9117da3d8) C:\Windows\system32\DRIVERS\nvstor64.sys
17:34:12.0200 2644        nvstor64 - ok
17:34:12.0308 2644        nvsvc          (b014b7050a2beae115bfcb3a91803d73) C:\Windows\system32\nvvsvc.exe
17:34:12.0340 2644        nvsvc - ok
17:34:12.0581 2644        nvUpdatusService (ff7e8bc3a8b90f03bd20588b5840154f) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
17:34:12.0632 2644        nvUpdatusService - ok
17:34:12.0780 2644        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:34:12.0803 2644        nv_agp - ok
17:34:12.0835 2644        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:34:12.0864 2644        ohci1394 - ok
17:34:12.0917 2644        p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:34:12.0956 2644        p2pimsvc - ok
17:34:13.0008 2644        p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
17:34:13.0040 2644        p2psvc - ok
17:34:13.0071 2644        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
17:34:13.0092 2644        Parport - ok
17:34:13.0137 2644        partmgr        (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
17:34:13.0156 2644        partmgr - ok
17:34:13.0194 2644        PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
17:34:13.0231 2644        PcaSvc - ok
17:34:13.0269 2644        pci            (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:34:13.0293 2644        pci - ok
17:34:13.0316 2644        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:34:13.0334 2644        pciide - ok
17:34:13.0369 2644        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
17:34:13.0392 2644        pcmcia - ok
17:34:13.0411 2644        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:34:13.0430 2644        pcw - ok
17:34:13.0463 2644        pdfcDispatcher - ok
17:34:13.0522 2644        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:34:13.0586 2644        PEAUTH - ok
17:34:13.0651 2644        PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
17:34:13.0686 2644        PerfHost - ok
17:34:13.0833 2644        pla            (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
17:34:13.0912 2644        pla - ok
17:34:13.0978 2644        PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
17:34:14.0025 2644        PlugPlay - ok
17:34:14.0093 2644        Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
17:34:14.0102 2644        Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:34:14.0102 2644        Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:34:14.0130 2644        PNRPAutoReg    (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
17:34:14.0151 2644        PNRPAutoReg - ok
17:34:14.0183 2644        PNRPsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:34:14.0207 2644        PNRPsvc - ok
17:34:14.0291 2644        PolicyAgent    (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
17:34:14.0351 2644        PolicyAgent - ok
17:34:14.0383 2644        Power          (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
17:34:14.0439 2644        Power - ok
17:34:14.0524 2644        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:34:14.0590 2644        PptpMiniport - ok
17:34:14.0618 2644        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
17:34:14.0637 2644        Processor - ok
17:34:14.0700 2644        ProfSvc        (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
17:34:14.0748 2644        ProfSvc - ok
17:34:14.0779 2644        ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:34:14.0799 2644        ProtectedStorage - ok
17:34:14.0854 2644        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:34:14.0904 2644        Psched - ok
17:34:14.0932 2644        PSI            (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys
17:34:14.0939 2644        PSI - ok
17:34:15.0078 2644        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
17:34:15.0118 2644        ql2300 - ok
17:34:15.0231 2644        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
17:34:15.0253 2644        ql40xx - ok
17:34:15.0289 2644        QWAVE          (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
17:34:15.0320 2644        QWAVE - ok
17:34:15.0332 2644        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:34:15.0379 2644        QWAVEdrv - ok
17:34:15.0405 2644        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:34:15.0457 2644        RasAcd - ok
17:34:15.0490 2644        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:34:15.0531 2644        RasAgileVpn - ok
17:34:15.0546 2644        RasAuto        (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
17:34:15.0582 2644        RasAuto - ok
17:34:15.0632 2644        Rasl2tp        (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:34:15.0694 2644        Rasl2tp - ok
17:34:15.0745 2644        RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
17:34:15.0792 2644        RasMan - ok
17:34:15.0827 2644        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:34:15.0861 2644        RasPppoe - ok
17:34:15.0876 2644        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:34:15.0909 2644        RasSstp - ok
17:34:15.0974 2644        rdbss          (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:34:16.0034 2644        rdbss - ok
17:34:16.0050 2644        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
17:34:16.0064 2644        rdpbus - ok
17:34:16.0091 2644        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:34:16.0122 2644        RDPCDD - ok
17:34:16.0134 2644        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:34:16.0164 2644        RDPENCDD - ok
17:34:16.0176 2644        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:34:16.0201 2644        RDPREFMP - ok
17:34:16.0258 2644        RDPWD          (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
17:34:16.0306 2644        RDPWD - ok
17:34:16.0380 2644        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:34:16.0405 2644        rdyboost - ok
17:34:16.0434 2644        RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
17:34:16.0501 2644        RemoteAccess - ok
17:34:16.0548 2644        RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
17:34:16.0600 2644        RemoteRegistry - ok
17:34:16.0730 2644        RichVideo      (15ac7f45ba1529515dba8989a45b73cf) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
17:34:16.0742 2644        RichVideo ( UnsignedFile.Multi.Generic ) - warning
17:34:16.0742 2644        RichVideo - detected UnsignedFile.Multi.Generic (1)
17:34:16.0813 2644        RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
17:34:16.0891 2644        RpcEptMapper - ok
17:34:16.0919 2644        RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
17:34:16.0945 2644        RpcLocator - ok
17:34:17.0028 2644        RpcSs          (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:34:17.0073 2644        RpcSs - ok
17:34:17.0182 2644        RsFx0103        (cd553b8633466a6d1c115812f2619f1f) C:\Windows\system32\DRIVERS\RsFx0103.sys
17:34:17.0203 2644        RsFx0103 - ok
17:34:17.0232 2644        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:34:17.0282 2644        rspndr - ok
17:34:17.0336 2644        RTL8167        (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys
17:34:17.0357 2644        RTL8167 - ok
17:34:17.0379 2644        SamSs          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:34:17.0396 2644        SamSs - ok
17:34:17.0474 2644        SbieDrv        (0fe05dd9bbf0782e2bbf0977f2034616) C:\Program Files\Sandboxie\SbieDrv.sys
17:34:17.0497 2644        SbieDrv - ok
17:34:17.0518 2644        SbieSvc        (c970c7b2fd2e811525d4578d50b535f5) C:\Program Files\Sandboxie\SbieSvc.exe
17:34:17.0530 2644        SbieSvc - ok
17:34:17.0566 2644        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:34:17.0581 2644        sbp2port - ok
17:34:17.0624 2644        SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
17:34:17.0683 2644        SCardSvr - ok
17:34:17.0732 2644        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:34:17.0780 2644        scfilter - ok
17:34:17.0904 2644        Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
17:34:17.0977 2644        Schedule - ok
17:34:18.0018 2644        SCPolicySvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:34:18.0059 2644        SCPolicySvc - ok
17:34:18.0114 2644        SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
17:34:18.0155 2644        SDRSVC - ok
17:34:18.0222 2644        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:34:18.0266 2644        secdrv - ok
17:34:18.0302 2644        seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
17:34:18.0370 2644        seclogon - ok
17:34:18.0496 2644        Secunia PSI Agent (5b66db4877bbac9f7493aa8d84421e49) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
17:34:18.0525 2644        Secunia PSI Agent - ok
17:34:18.0567 2644        Secunia Update Agent (0e88fdf474f2cdd370a4a6ce77d018f0) C:\Program Files (x86)\Secunia\PSI\sua.exe
17:34:18.0585 2644        Secunia Update Agent - ok
17:34:18.0697 2644        SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
17:34:18.0757 2644        SENS - ok
17:34:18.0834 2644        SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
17:34:18.0906 2644        SensrSvc - ok
17:34:18.0934 2644        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
17:34:18.0967 2644        Serenum - ok
17:34:18.0989 2644        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
17:34:19.0019 2644        Serial - ok
17:34:19.0040 2644        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
17:34:19.0083 2644        sermouse - ok
17:34:19.0142 2644        SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
17:34:19.0197 2644        SessionEnv - ok
17:34:19.0232 2644        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:34:19.0325 2644        sffdisk - ok
17:34:19.0339 2644        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:34:19.0358 2644        sffp_mmc - ok
17:34:19.0362 2644        sffp_sd        (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:34:19.0384 2644        sffp_sd - ok
17:34:19.0404 2644        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
17:34:19.0440 2644        sfloppy - ok
17:34:19.0504 2644        SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
17:34:19.0551 2644        SharedAccess - ok
17:34:19.0626 2644        ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
17:34:19.0689 2644        ShellHWDetection - ok
17:34:19.0712 2644        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:34:19.0721 2644        SiSRaid2 - ok
17:34:19.0750 2644        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
17:34:19.0760 2644        SiSRaid4 - ok
17:34:19.0831 2644        SkypeUpdate    (579ba0a911ff5ea70cb604cd3b744b0a) C:\Program Files (x86)\Skype\Updater\Updater.exe
17:34:19.0849 2644        SkypeUpdate - ok
17:34:19.0876 2644        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:34:19.0935 2644        Smb - ok
17:34:19.0968 2644        SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
17:34:19.0981 2644        SNMPTRAP - ok
17:34:20.0006 2644        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:34:20.0017 2644        spldr - ok
17:34:20.0103 2644        Spooler        (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
17:34:20.0156 2644        Spooler - ok
17:34:20.0437 2644        sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
17:34:20.0520 2644        sppsvc - ok
17:34:20.0624 2644        sppuinotify    (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
17:34:20.0679 2644        sppuinotify - ok
17:34:20.0794 2644        SQLAgent$SQLEXPRESS (12e6d95cde974b131defaa44bab8b056) c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
17:34:20.0820 2644        SQLAgent$SQLEXPRESS - ok
17:34:20.0900 2644        SQLBrowser      (b54b48f6d92423440c264e91225c5ff1) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
17:34:20.0921 2644        SQLBrowser - ok
17:34:20.0978 2644        SQLWriter      (6d65985945b03ca59b67d0b73702fc7b) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
17:34:20.0998 2644        SQLWriter - ok
17:34:21.0081 2644        srv            (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:34:21.0121 2644        srv - ok
17:34:21.0161 2644        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:34:21.0194 2644        srv2 - ok
17:34:21.0220 2644        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:34:21.0244 2644        srvnet - ok
17:34:21.0286 2644        SSDPSRV        (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
17:34:21.0340 2644        SSDPSRV - ok
17:34:21.0350 2644        SstpSvc        (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
17:34:21.0377 2644        SstpSvc - ok
17:34:21.0396 2644        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
17:34:21.0406 2644        stexstor - ok
17:34:21.0439 2644        StillCam        (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
17:34:21.0482 2644        StillCam - ok
17:34:21.0566 2644        stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
17:34:21.0606 2644        stisvc - ok
17:34:21.0627 2644        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
17:34:21.0645 2644        swenum - ok
17:34:21.0704 2644        swprv          (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
17:34:21.0750 2644        swprv - ok
17:34:21.0917 2644        SysMain        (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
17:34:21.0967 2644        SysMain - ok
17:34:22.0101 2644        TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
17:34:22.0141 2644        TabletInputService - ok
17:34:22.0181 2644        TapiSrv        (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
17:34:22.0242 2644        TapiSrv - ok
17:34:22.0263 2644        TBS            (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
17:34:22.0298 2644        TBS - ok
17:34:22.0508 2644        Tcpip          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
17:34:22.0557 2644        Tcpip - ok
17:34:22.0774 2644        TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
17:34:22.0815 2644        TCPIP6 - ok
17:34:22.0917 2644        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:34:22.0988 2644        tcpipreg - ok
17:34:23.0024 2644        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:34:23.0073 2644        TDPIPE - ok
17:34:23.0108 2644        TDTCP          (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
17:34:23.0137 2644        TDTCP - ok
17:34:23.0188 2644        tdx            (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:34:23.0254 2644        tdx - ok
17:34:23.0286 2644        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
17:34:23.0306 2644        TermDD - ok
17:34:23.0406 2644        TermService    (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
17:34:23.0461 2644        TermService - ok
17:34:23.0482 2644        Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
17:34:23.0513 2644        Themes - ok
17:34:23.0531 2644        THREADORDER    (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:34:23.0564 2644        THREADORDER - ok
17:34:23.0592 2644        TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
17:34:23.0629 2644        TrkWks - ok
17:34:23.0698 2644        truecrypt      (370a6907ddf79532a39319492b1fa38a) C:\Windows\system32\drivers\truecrypt.sys
17:34:23.0719 2644        truecrypt - ok
17:34:23.0810 2644        TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
17:34:23.0866 2644        TrustedInstaller - ok
17:34:23.0926 2644        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:34:24.0009 2644        tssecsrv - ok
17:34:24.0054 2644        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:34:24.0109 2644        TsUsbFlt - ok
17:34:24.0183 2644        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:34:24.0247 2644        tunnel - ok
17:34:24.0276 2644        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
17:34:24.0286 2644        uagp35 - ok
17:34:24.0358 2644        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:34:24.0400 2644        udfs - ok
17:34:24.0420 2644        UI0Detect      (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
17:34:24.0440 2644        UI0Detect - ok
17:34:24.0476 2644        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:34:24.0485 2644        uliagpkx - ok
17:34:24.0510 2644        umbus          (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
17:34:24.0527 2644        umbus - ok
17:34:24.0546 2644        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
17:34:24.0569 2644        UmPass - ok
17:34:24.0799 2644        UNS            (02c298382359653bec4c737c2ab7f9c5) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:34:24.0857 2644        UNS - ok
17:34:24.0982 2644        upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
17:34:25.0059 2644        upnphost - ok
17:34:25.0102 2644        usbccgp        (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
17:34:25.0124 2644        usbccgp - ok
17:34:25.0169 2644        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:34:25.0193 2644        usbcir - ok
17:34:25.0220 2644        usbehci        (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
17:34:25.0250 2644        usbehci - ok
17:34:25.0312 2644        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
17:34:25.0342 2644        usbhub - ok
17:34:25.0369 2644        usbohci        (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
17:34:25.0404 2644        usbohci - ok
17:34:25.0431 2644        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:34:25.0463 2644        usbprint - ok
17:34:25.0483 2644        USBSTOR        (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:34:25.0515 2644        USBSTOR - ok
17:34:25.0529 2644        usbuhci        (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
17:34:25.0561 2644        usbuhci - ok
17:34:25.0580 2644        UxSms          (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
17:34:25.0636 2644        UxSms - ok
17:34:25.0662 2644        VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:34:25.0674 2644        VaultSvc - ok
17:34:25.0700 2644        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:34:25.0711 2644        vdrvroot - ok
17:34:25.0794 2644        vds            (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
17:34:25.0871 2644        vds - ok
17:34:25.0904 2644        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:34:25.0917 2644        vga - ok
17:34:25.0920 2644        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:34:25.0956 2644        VgaSave - ok
17:34:25.0995 2644        vhdmp          (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:34:26.0017 2644        vhdmp - ok
17:34:26.0033 2644        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:34:26.0043 2644        viaide - ok
17:34:26.0066 2644        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:34:26.0077 2644        volmgr - ok
17:34:26.0145 2644        volmgrx        (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:34:26.0168 2644        volmgrx - ok
17:34:26.0199 2644        volsnap        (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:34:26.0214 2644        volsnap - ok
17:34:26.0248 2644        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
17:34:26.0263 2644        vsmraid - ok
17:34:26.0429 2644        VSS            (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
17:34:26.0487 2644        VSS - ok
17:34:26.0591 2644        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
17:34:26.0623 2644        vwifibus - ok
17:34:26.0676 2644        W32Time        (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
17:34:26.0722 2644        W32Time - ok
17:34:26.0747 2644        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
17:34:26.0758 2644        WacomPen - ok
17:34:26.0813 2644        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:34:26.0860 2644        WANARP - ok
17:34:26.0867 2644        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:34:26.0891 2644        Wanarpv6 - ok
17:34:27.0020 2644        wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
17:34:27.0084 2644        wbengine - ok
17:34:27.0211 2644        WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
17:34:27.0244 2644        WbioSrvc - ok
17:34:27.0308 2644        wcncsvc        (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
17:34:27.0364 2644        wcncsvc - ok
17:34:27.0395 2644        WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
17:34:27.0423 2644        WcsPlugInService - ok
17:34:27.0457 2644        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
17:34:27.0477 2644        Wd - ok
17:34:27.0539 2644        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:34:27.0576 2644        Wdf01000 - ok
17:34:27.0595 2644        WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:34:27.0668 2644        WdiServiceHost - ok
17:34:27.0671 2644        WdiSystemHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:34:27.0694 2644        WdiSystemHost - ok
17:34:27.0747 2644        WebClient      (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
17:34:27.0787 2644        WebClient - ok
17:34:27.0828 2644        Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
17:34:27.0906 2644        Wecsvc - ok
17:34:27.0938 2644        wercplsupport  (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
17:34:27.0987 2644        wercplsupport - ok
17:34:28.0012 2644        WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
17:34:28.0048 2644        WerSvc - ok
17:34:28.0096 2644        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:34:28.0151 2644        WfpLwf - ok
17:34:28.0161 2644        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:34:28.0170 2644        WIMMount - ok
17:34:28.0200 2644        WinDefend - ok
17:34:28.0206 2644        WinHttpAutoProxySvc - ok
17:34:28.0266 2644        Winmgmt        (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
17:34:28.0326 2644        Winmgmt - ok
17:34:28.0513 2644        WinRM          (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
17:34:28.0596 2644        WinRM - ok
17:34:28.0784 2644        Wlansvc        (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
17:34:28.0867 2644        Wlansvc - ok
17:34:28.0899 2644        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
17:34:28.0931 2644        WmiAcpi - ok
17:34:28.0990 2644        wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
17:34:29.0022 2644        wmiApSrv - ok
17:34:29.0055 2644        WMPNetworkSvc - ok
17:34:29.0080 2644        WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
17:34:29.0108 2644        WPCSvc - ok
17:34:29.0160 2644        WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
17:34:29.0204 2644        WPDBusEnum - ok
17:34:29.0218 2644        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:34:29.0272 2644        ws2ifsl - ok
17:34:29.0298 2644        wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
17:34:29.0316 2644        wscsvc - ok
17:34:29.0318 2644        WSearch - ok
17:34:29.0518 2644        wuauserv        (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
17:34:29.0557 2644        wuauserv - ok
17:34:29.0684 2644        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:34:29.0739 2644        WudfPf - ok
17:34:29.0753 2644        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:34:29.0785 2644        WUDFRd - ok
17:34:29.0833 2644        wudfsvc        (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
17:34:29.0887 2644        wudfsvc - ok
17:34:29.0922 2644        WwanSvc        (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
17:34:29.0961 2644        WwanSvc - ok
17:34:29.0980 2644        MBR (0x1B8)    (7dd57f3d4b883cb302004529a784c70c) \Device\Harddisk0\DR0
17:34:30.0346 2644        \Device\Harddisk0\DR0 - ok
17:34:30.0349 2644        Boot (0x1200)  (124b406038776afd594e7c139f0c199a) \Device\Harddisk0\DR0\Partition0
17:34:30.0351 2644        \Device\Harddisk0\DR0\Partition0 - ok
17:34:30.0384 2644        Boot (0x1200)  (64d3d9a996f4d3fc14433401be455525) \Device\Harddisk0\DR0\Partition1
17:34:30.0386 2644        \Device\Harddisk0\DR0\Partition1 - ok
17:34:30.0421 2644        Boot (0x1200)  (cb9aa4853ff475ad7c765ff3d716b27a) \Device\Harddisk0\DR0\Partition2
17:34:30.0424 2644        \Device\Harddisk0\DR0\Partition2 - ok
17:34:30.0425 2644        ============================================================
17:34:30.0425 2644        Scan finished
17:34:30.0425 2644        ============================================================
17:34:30.0436 7848        Detected object count: 8
17:34:30.0436 7848        Actual detected object count: 8
17:34:40.0711 7848        HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:34:40.0711 7848        HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:34:40.0713 7848        hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
17:34:40.0713 7848        hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:34:40.0715 7848        hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:34:40.0715 7848        hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:34:40.0716 7848        HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
17:34:40.0716 7848        HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:34:40.0718 7848        LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
17:34:40.0718 7848        LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:34:40.0720 7848        Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:34:40.0720 7848        Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:34:40.0721 7848        Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:34:40.0721 7848        Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:34:40.0723 7848        RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
17:34:40.0723 7848        RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:35:08.0014 4596        ============================================================
17:35:08.0014 4596        Scan started
17:35:08.0014 4596        Mode: Manual; SigCheck; TDLFS;
17:35:08.0014 4596        ============================================================
17:35:08.0368 4596        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
17:35:08.0393 4596        1394ohci - ok
17:35:08.0454 4596        a2acc          (2d6434e957f7cfa0035c20890f77bbc6) C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
17:35:08.0463 4596        a2acc - ok
17:35:08.0609 4596        a2AntiMalware  (0d050186cf421131b43d00024bd9b8bb) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
17:35:08.0647 4596        a2AntiMalware - ok
17:35:08.0666 4596        A2DDA          (3044d0f3feb9ffe8bc953d8f34b5b504) C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys
17:35:08.0673 4596        A2DDA - ok
17:35:08.0682 4596        a2injectiondriver (3d55ce53128c81e06cd6b024c3b9fac3) C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys
17:35:08.0690 4596        a2injectiondriver - ok
17:35:08.0696 4596        a2util          (e41d79682a209f72f4f578cfd4a53952) C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys
17:35:08.0702 4596        a2util - ok
17:35:08.0798 4596        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:35:08.0809 4596        ACPI - ok
17:35:08.0826 4596        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:35:08.0837 4596        AcpiPmi - ok
17:35:08.0881 4596        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:35:08.0889 4596        AdobeARMservice - ok
17:35:08.0970 4596        AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:35:08.0979 4596        AdobeFlashPlayerUpdateSvc - ok
17:35:09.0018 4596        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
17:35:09.0032 4596        adp94xx - ok
17:35:09.0048 4596        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
17:35:09.0060 4596        adpahci - ok
17:35:09.0070 4596        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
17:35:09.0079 4596        adpu320 - ok
17:35:09.0131 4596        AeLookupSvc    (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
17:35:09.0157 4596        AeLookupSvc - ok
17:35:09.0195 4596        AFD            (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
17:35:09.0208 4596        AFD - ok
17:35:09.0230 4596        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:35:09.0238 4596        agp440 - ok
17:35:09.0270 4596        ahcix64s        (aa3f73ccbf498bd56800f840d75e40e4) C:\Windows\system32\DRIVERS\ahcix64s.sys
17:35:09.0278 4596        ahcix64s - ok
17:35:09.0286 4596        ALG            (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
17:35:09.0296 4596        ALG - ok
17:35:09.0316 4596        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:35:09.0324 4596        aliide - ok
17:35:09.0336 4596        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:35:09.0344 4596        amdide - ok
17:35:09.0364 4596        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
17:35:09.0374 4596        AmdK8 - ok
17:35:09.0389 4596        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:35:09.0398 4596        AmdPPM - ok
17:35:09.0418 4596        amdsata        (f747497a0ee5498f79b207f215b3d2d8) C:\Windows\system32\DRIVERS\amdsata.sys
17:35:09.0424 4596        amdsata - ok
17:35:09.0443 4596        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
17:35:09.0453 4596        amdsbs - ok
17:35:09.0456 4596        amdxata        (2946d695e158615baaa16248e63c7adb) C:\Windows\system32\DRIVERS\amdxata.sys
17:35:09.0462 4596        amdxata - ok
17:35:09.0505 4596        AppID          (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:35:09.0530 4596        AppID - ok
17:35:09.0546 4596        AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
17:35:09.0570 4596        AppIDSvc - ok
17:35:09.0614 4596        Appinfo        (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
17:35:09.0666 4596        Appinfo - ok
17:35:09.0679 4596        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
17:35:09.0687 4596        arc - ok
17:35:09.0694 4596        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
17:35:09.0703 4596        arcsas - ok
17:35:09.0781 4596        aspnet_state    (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:35:09.0788 4596        aspnet_state - ok
17:35:09.0798 4596        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:35:09.0822 4596        AsyncMac - ok
17:35:09.0842 4596        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:35:09.0850 4596        atapi - ok
17:35:09.0918 4596        AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:35:09.0947 4596        AudioEndpointBuilder - ok
17:35:09.0951 4596        AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:35:09.0980 4596        AudioSrv - ok
17:35:10.0023 4596        AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
17:35:10.0035 4596        AxInstSV - ok
17:35:10.0069 4596        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
17:35:10.0080 4596        b06bdrv - ok
17:35:10.0112 4596        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:35:10.0134 4596        b57nd60a - ok
17:35:10.0161 4596        BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
17:35:10.0171 4596        BDESVC - ok
17:35:10.0182 4596        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:35:10.0207 4596        Beep - ok
17:35:10.0273 4596        BFE            (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
17:35:10.0301 4596        BFE - ok
17:35:10.0408 4596        BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
17:35:10.0455 4596        BITS - ok
17:35:10.0491 4596        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:35:10.0501 4596        blbdrive - ok
17:35:10.0527 4596        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:35:10.0539 4596        bowser - ok
17:35:10.0551 4596        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:35:10.0565 4596        BrFiltLo - ok
17:35:10.0575 4596        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:35:10.0589 4596        BrFiltUp - ok
17:35:10.0634 4596        Browser        (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
17:35:10.0676 4596        Browser - ok
17:35:10.0708 4596        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:35:10.0720 4596        Brserid - ok
17:35:10.0725 4596        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:35:10.0736 4596        BrSerWdm - ok
17:35:10.0747 4596        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:35:10.0759 4596        BrUsbMdm - ok
17:35:10.0777 4596        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:35:10.0789 4596        BrUsbSer - ok
17:35:10.0804 4596        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
17:35:10.0819 4596        BTHMODEM - ok
17:35:10.0845 4596        bthserv        (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
17:35:10.0878 4596        bthserv - ok
17:35:10.0896 4596        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:35:10.0928 4596        cdfs - ok
17:35:10.0950 4596        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
17:35:10.0962 4596        cdrom - ok
17:35:11.0009 4596        CertPropSvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:35:11.0051 4596        CertPropSvc - ok
17:35:11.0061 4596        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
17:35:11.0073 4596        circlass - ok
17:35:11.0114 4596        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:35:11.0137 4596        CLFS - ok
17:35:11.0205 4596        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:35:11.0222 4596        clr_optimization_v2.0.50727_32 - ok
17:35:11.0268 4596        clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:35:11.0285 4596        clr_optimization_v2.0.50727_64 - ok
17:35:11.0350 4596        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:35:11.0367 4596        clr_optimization_v4.0.30319_32 - ok
17:35:11.0399 4596        clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:35:11.0413 4596        clr_optimization_v4.0.30319_64 - ok
17:35:11.0438 4596        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
17:35:11.0456 4596        CmBatt - ok
17:35:11.0475 4596        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:35:11.0486 4596        cmdide - ok
17:35:11.0564 4596        CNG            (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
17:35:11.0594 4596        CNG - ok
17:35:11.0610 4596        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
17:35:11.0620 4596        Compbatt - ok
17:35:11.0637 4596        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
17:35:11.0651 4596        CompositeBus - ok
17:35:11.0653 4596        COMSysApp - ok
17:35:11.0670 4596        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
17:35:11.0680 4596        crcdisk - ok
17:35:11.0740 4596        CryptSvc        (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
17:35:11.0763 4596        CryptSvc - ok
17:35:11.0846 4596        DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:35:11.0892 4596        DcomLaunch - ok
17:35:11.0935 4596        defragsvc      (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
17:35:11.0968 4596        defragsvc - ok
17:35:12.0015 4596        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:35:12.0066 4596        DfsC - ok
17:35:12.0105 4596        Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
17:35:12.0131 4596        Dhcp - ok
17:35:12.0151 4596        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:35:12.0180 4596        discache - ok
17:35:12.0195 4596        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
17:35:12.0203 4596        Disk - ok
17:35:12.0235 4596        Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
17:35:12.0245 4596        Dnscache - ok
17:35:12.0301 4596        dot3svc        (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
17:35:12.0340 4596        dot3svc - ok
17:35:12.0392 4596        DPS            (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
17:35:12.0433 4596        DPS - ok
17:35:12.0443 4596        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:35:12.0454 4596        drmkaud - ok
17:35:12.0569 4596        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:35:12.0605 4596        DXGKrnl - ok
17:35:12.0625 4596        EapHost        (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
17:35:12.0654 4596        EapHost - ok
17:35:12.0941 4596        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
17:35:12.0984 4596        ebdrv - ok
17:35:13.0121 4596        EFS            (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
17:35:13.0141 4596        EFS - ok
17:35:13.0240 4596        ehRecvr        (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
17:35:13.0267 4596        ehRecvr - ok
17:35:13.0295 4596        ehSched        (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
17:35:13.0307 4596        ehSched - ok
17:35:13.0376 4596        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
17:35:13.0404 4596        elxstor - ok
17:35:13.0425 4596        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:35:13.0436 4596        ErrDev - ok
17:35:13.0495 4596        EventSystem    (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
17:35:13.0543 4596        EventSystem - ok
17:35:13.0572 4596        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:35:13.0599 4596        exfat - ok
17:35:13.0602 4596        ezSharedSvc - ok
17:35:13.0628 4596        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:35:13.0653 4596        fastfat - ok
17:35:13.0749 4596        Fax            (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
17:35:13.0777 4596        Fax - ok
17:35:13.0795 4596        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
17:35:13.0807 4596        fdc - ok
17:35:13.0827 4596        fdPHost        (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
17:35:13.0860 4596        fdPHost - ok
17:35:13.0872 4596        FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
17:35:13.0897 4596        FDResPub - ok
17:35:13.0910 4596        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:35:13.0918 4596        FileInfo - ok
17:35:13.0928 4596        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:35:13.0951 4596        Filetrace - ok
17:35:13.0959 4596        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
17:35:13.0967 4596        flpydisk - ok
17:35:14.0032 4596        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:35:14.0051 4596        FltMgr - ok
17:35:14.0151 4596        FontCache      (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
17:35:14.0179 4596        FontCache - ok
17:35:14.0263 4596        FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:35:14.0278 4596        FontCache3.0.0.0 - ok
17:35:14.0321 4596        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:35:14.0341 4596        FsDepends - ok
17:35:14.0355 4596        Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
17:35:14.0366 4596        Fs_Rec - ok
17:35:14.0423 4596        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:35:14.0450 4596        fvevol - ok
17:35:14.0467 4596        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:35:14.0479 4596        gagp30kx - ok
17:35:14.0586 4596        gpsvc          (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
17:35:14.0629 4596        gpsvc - ok
17:35:14.0711 4596        gupdate        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:35:14.0727 4596        gupdate - ok
17:35:14.0731 4596        gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:35:14.0741 4596        gupdatem - ok
17:35:14.0783 4596        gusvc          (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:35:14.0794 4596        gusvc - ok
17:35:14.0826 4596        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:35:14.0846 4596        hcw85cir - ok
17:35:14.0891 4596        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
17:35:14.0916 4596        HdAudAddService - ok
17:35:14.0950 4596        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
17:35:14.0974 4596        HDAudBus - ok
17:35:15.0001 4596        HECIx64        (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
17:35:15.0015 4596        HECIx64 - ok
17:35:15.0020 4596        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
17:35:15.0037 4596        HidBatt - ok
17:35:15.0059 4596        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
17:35:15.0073 4596        HidBth - ok
17:35:15.0083 4596        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
17:35:15.0096 4596        HidIr - ok
17:35:15.0120 4596        hidserv        (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
17:35:15.0162 4596        hidserv - ok
17:35:15.0175 4596        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
17:35:15.0185 4596        HidUsb - ok
17:35:15.0211 4596        hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
17:35:15.0253 4596        hkmsvc - ok
17:35:15.0294 4596        HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
17:35:15.0306 4596        HomeGroupListener - ok
17:35:15.0326 4596        HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
17:35:15.0341 4596        HomeGroupProvider - ok
17:35:15.0398 4596        HP Health Check Service (f859f81a4c3aa52fbd734434dafe1647) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
17:35:15.0406 4596        HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
17:35:15.0406 4596        HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
17:35:15.0498 4596        hpqcxs08        (1dae5c46d42b02a6d5862e1482efb390) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:35:15.0508 4596        hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
17:35:15.0508 4596        hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
17:35:15.0528 4596        hpqddsvc        (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:35:15.0535 4596        hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
17:35:15.0535 4596        hpqddsvc - detected UnsignedFile.Multi.Generic (1)
17:35:15.0580 4596        hpqwmiex        (ef3ea06057132138b4e5895a61601dbe) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
17:35:15.0601 4596        hpqwmiex - ok
17:35:15.0652 4596        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:35:15.0671 4596        HpSAMD - ok
17:35:15.0784 4596        HPSLPSVC        (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
17:35:15.0806 4596        HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
17:35:15.0806 4596        HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
17:35:15.0901 4596        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:35:15.0946 4596        HTTP - ok
17:35:15.0987 4596        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:35:15.0995 4596        hwpolicy - ok
17:35:16.0021 4596        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
17:35:16.0032 4596        i8042prt - ok
17:35:16.0093 4596        iaStor          (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys
17:35:16.0116 4596        iaStor - ok
17:35:16.0164 4596        IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:35:16.0176 4596        IAStorDataMgrSvc - ok
17:35:16.0234 4596        iaStorV        (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:35:16.0262 4596        iaStorV - ok
17:35:16.0391 4596        idsvc          (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:35:16.0418 4596        idsvc - ok
17:35:16.0443 4596        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
17:35:16.0453 4596        iirsp - ok
17:35:16.0550 4596        IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
17:35:16.0597 4596        IKEEXT - ok
17:35:16.0799 4596        IntcAzAudAddService (3c4b4ee54febb09f7e9f58776de96dca) C:\Windows\system32\drivers\RTKVHD64.sys
17:35:16.0836 4596        IntcAzAudAddService - ok
17:35:16.0950 4596        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:35:16.0968 4596        intelide - ok
17:35:16.0997 4596        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:35:17.0018 4596        intelppm - ok
17:35:17.0049 4596        IPBusEnum      (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
17:35:17.0091 4596        IPBusEnum - ok
17:35:17.0138 4596        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:35:17.0178 4596        IpFilterDriver - ok
17:35:17.0259 4596        iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
17:35:17.0302 4596        iphlpsvc - ok
17:35:17.0340 4596        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:35:17.0358 4596        IPMIDRV - ok
17:35:17.0395 4596        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:35:17.0442 4596        IPNAT - ok
17:35:17.0450 4596        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:35:17.0463 4596        IRENUM - ok
17:35:17.0487 4596        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:35:17.0495 4596        isapnp - ok
17:35:17.0537 4596        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:35:17.0557 4596        iScsiPrt - ok
17:35:17.0579 4596        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
17:35:17.0590 4596        kbdclass - ok
17:35:17.0610 4596        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
17:35:17.0623 4596        kbdhid - ok
17:35:17.0645 4596        KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:35:17.0658 4596        KeyIso - ok
17:35:17.0687 4596        KSecDD          (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
17:35:17.0700 4596        KSecDD - ok
17:35:17.0736 4596        KSecPkg        (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
17:35:17.0758 4596        KSecPkg - ok
17:35:17.0773 4596        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:35:17.0800 4596        ksthunk - ok
17:35:17.0846 4596        KtmRm          (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
17:35:17.0879 4596        KtmRm - ok
17:35:17.0909 4596        LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
17:35:17.0943 4596        LanmanServer - ok
17:35:17.0992 4596        LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
17:35:18.0020 4596        LanmanWorkstation - ok
17:35:18.0087 4596        LightScribeService (6e7b4e75e8a226edc8a9a8b1c3510f9b) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
17:35:18.0094 4596        LightScribeService ( UnsignedFile.Multi.Generic ) - warning
17:35:18.0094 4596        LightScribeService - detected UnsignedFile.Multi.Generic (1)
17:35:18.0109 4596        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:35:18.0158 4596        lltdio - ok
17:35:18.0189 4596        lltdsvc        (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
17:35:18.0215 4596        lltdsvc - ok
17:35:18.0226 4596        lmhosts        (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
17:35:18.0250 4596        lmhosts - ok
17:35:18.0299 4596        LMS            (e38775922d4a4c05b5d96733ab4ce169) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:35:18.0309 4596        LMS - ok
17:35:18.0334 4596        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
17:35:18.0346 4596        LSI_FC - ok
17:35:18.0355 4596        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
17:35:18.0366 4596        LSI_SAS - ok
17:35:18.0373 4596        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:35:18.0381 4596        LSI_SAS2 - ok
17:35:18.0391 4596        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:35:18.0400 4596        LSI_SCSI - ok
17:35:18.0419 4596        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:35:18.0448 4596        luafv - ok
17:35:18.0499 4596        Mcx2Svc        (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
17:35:18.0520 4596        Mcx2Svc - ok
17:35:18.0526 4596        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
17:35:18.0544 4596        megasas - ok
17:35:18.0565 4596        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
17:35:18.0580 4596        MegaSR - ok
17:35:18.0605 4596        MMCSS          (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:35:18.0638 4596        MMCSS - ok
17:35:18.0643 4596        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:35:18.0667 4596        Modem - ok
17:35:18.0683 4596        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:35:18.0695 4596        monitor - ok
17:35:18.0714 4596        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
17:35:18.0723 4596        mouclass - ok
17:35:18.0745 4596        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:35:18.0755 4596        mouhid - ok
17:35:18.0800 4596        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:35:18.0819 4596        mountmgr - ok
17:35:18.0911 4596        MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:35:18.0929 4596        MozillaMaintenance - ok
17:35:18.0977 4596        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:35:18.0999 4596        mpio - ok
17:35:19.0020 4596        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:35:19.0062 4596        mpsdrv - ok
17:35:19.0163 4596        MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
17:35:19.0213 4596        MpsSvc - ok
17:35:19.0271 4596        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:35:19.0298 4596        MRxDAV - ok
17:35:19.0327 4596        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:35:19.0341 4596        mrxsmb - ok
17:35:19.0370 4596        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:35:19.0387 4596        mrxsmb10 - ok
17:35:19.0407 4596        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:35:19.0422 4596        mrxsmb20 - ok
17:35:19.0443 4596        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:35:19.0456 4596        msahci - ok
17:35:19.0493 4596        msdsm          (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:35:19.0509 4596        msdsm - ok
17:35:19.0538 4596        MSDTC          (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
17:35:19.0556 4596        MSDTC - ok
17:35:19.0580 4596        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:35:19.0605 4596        Msfs - ok
17:35:19.0616 4596        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:35:19.0640 4596        mshidkmdf - ok
17:35:19.0647 4596        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:35:19.0655 4596        msisadrv - ok
17:35:19.0694 4596        MSiSCSI        (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
17:35:19.0735 4596        MSiSCSI - ok
17:35:19.0737 4596        msiserver - ok
17:35:19.0752 4596        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:35:19.0776 4596        MSKSSRV - ok
17:35:19.0786 4596        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:35:19.0810 4596        MSPCLOCK - ok
17:35:19.0813 4596        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:35:19.0837 4596        MSPQM - ok
17:35:19.0907 4596        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:35:19.0929 4596        MsRPC - ok
17:35:19.0947 4596        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
17:35:19.0958 4596        mssmbios - ok
17:35:20.0036 4596        MSSQL$SQLEXPRESS - ok
17:35:20.0136 4596        MSSQLServerADHelper100 (7a2a8c975356858eb38466a6b1592e8d) c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
17:35:20.0154 4596        MSSQLServerADHelper100 - ok
17:35:20.0174 4596        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:35:20.0208 4596        MSTEE - ok
17:35:20.0220 4596        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
17:35:20.0232 4596        MTConfig - ok
17:35:20.0245 4596        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:35:20.0256 4596        Mup - ok
17:35:20.0336 4596        napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
17:35:20.0382 4596        napagent - ok
17:35:20.0423 4596        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:35:20.0438 4596        NativeWifiP - ok
17:35:20.0558 4596        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
17:35:20.0590 4596        NDIS - ok
17:35:20.0611 4596        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:35:20.0635 4596        NdisCap - ok
17:35:20.0653 4596        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:35:20.0677 4596        NdisTapi - ok
17:35:20.0724 4596        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:35:20.0765 4596        Ndisuio - ok
17:35:20.0823 4596        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:35:20.0865 4596        NdisWan - ok
17:35:20.0913 4596        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:35:20.0954 4596        NDProxy - ok
17:35:21.0001 4596        Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
17:35:21.0005 4596        Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:35:21.0005 4596        Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:35:21.0028 4596        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:35:21.0069 4596        NetBIOS - ok
17:35:21.0133 4596        NetBT          (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:35:21.0169 4596        NetBT - ok
17:35:21.0187 4596        Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:35:21.0197 4596        Netlogon - ok
17:35:21.0239 4596        Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
17:35:21.0266 4596        Netman - ok
17:35:21.0340 4596        NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:35:21.0357 4596        NetMsmqActivator - ok
17:35:21.0361 4596        NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:35:21.0371 4596        NetPipeActivator - ok
17:35:21.0407 4596        netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
17:35:21.0440 4596        netprofm - ok
17:35:21.0442 4596        NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:35:21.0449 4596        NetTcpActivator - ok
17:35:21.0451 4596        NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:35:21.0459 4596        NetTcpPortSharing - ok
17:35:21.0517 4596        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
17:35:21.0536 4596        nfrd960 - ok
17:35:21.0608 4596        NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
17:35:21.0650 4596        NlaSvc - ok
17:35:21.0660 4596        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:35:21.0684 4596        Npfs - ok
17:35:21.0700 4596        nsi            (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
17:35:21.0725 4596        nsi - ok
17:35:21.0731 4596        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:35:21.0754 4596        nsiproxy - ok
17:35:21.0860 4596        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:35:21.0892 4596        Ntfs - ok
17:35:21.0991 4596        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:35:22.0034 4596        Null - ok
17:35:22.0063 4596        nusb3hub        (8ebcb9165ee7f1571842f4d9d624a74c) C:\Windows\system32\DRIVERS\nusb3hub.sys
17:35:22.0071 4596        nusb3hub - ok
17:35:22.0107 4596        nusb3xhc        (5d54dbb12bbfe07cc283fd39f2cd6d63) C:\Windows\system32\DRIVERS\nusb3xhc.sys
17:35:22.0118 4596        nusb3xhc - ok
17:35:22.0152 4596        NVHDA          (e20abd5b229760158f753ca90b97e090) C:\Windows\system32\drivers\nvhda64v.sys
17:35:22.0163 4596        NVHDA - ok
17:35:23.0052 4596        nvlddmkm        (cd90d63b7161ce9f5a3066f320999ab8) C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:35:23.0182 4596        nvlddmkm - ok
17:35:23.0305 4596        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:35:23.0324 4596        nvraid - ok
17:35:23.0336 4596        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:35:23.0349 4596        nvstor - ok
17:35:23.0387 4596        nvstor64        (1e45f96342429d63dc30e0d9117da3d8) C:\Windows\system32\DRIVERS\nvstor64.sys
17:35:23.0396 4596        nvstor64 - ok
17:35:23.0486 4596        nvsvc          (b014b7050a2beae115bfcb3a91803d73) C:\Windows\system32\nvvsvc.exe
17:35:23.0521 4596        nvsvc - ok
17:35:23.0736 4596        nvUpdatusService (ff7e8bc3a8b90f03bd20588b5840154f) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
17:35:23.0778 4596        nvUpdatusService - ok
17:35:23.0898 4596        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:35:23.0918 4596        nv_agp - ok
17:35:23.0952 4596        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:35:23.0971 4596        ohci1394 - ok
17:35:24.0018 4596        p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:35:24.0039 4596        p2pimsvc - ok
17:35:24.0080 4596        p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
17:35:24.0096 4596        p2psvc - ok
17:35:24.0129 4596        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
17:35:24.0150 4596        Parport - ok
17:35:24.0195 4596        partmgr        (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
17:35:24.0215 4596        partmgr - ok
17:35:24.0234 4596        PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
17:35:24.0254 4596        PcaSvc - ok
17:35:24.0284 4596        pci            (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:35:24.0299 4596        pci - ok
17:35:24.0316 4596        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:35:24.0328 4596        pciide - ok
17:35:24.0370 4596        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
17:35:24.0393 4596        pcmcia - ok
17:35:24.0411 4596        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:35:24.0421 4596        pcw - ok
17:35:24.0454 4596        pdfcDispatcher - ok
17:35:24.0512 4596        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:35:24.0557 4596        PEAUTH - ok
17:35:24.0626 4596        PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
17:35:24.0647 4596        PerfHost - ok
17:35:24.0796 4596        pla            (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
17:35:24.0839 4596        pla - ok
17:35:24.0890 4596        PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
17:35:24.0915 4596        PlugPlay - ok
17:35:24.0948 4596        Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
17:35:24.0954 4596        Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:35:24.0955 4596        Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:35:24.0988 4596        PNRPAutoReg    (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
17:35:25.0007 4596        PNRPAutoReg - ok
17:35:25.0042 4596        PNRPsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:35:25.0064 4596        PNRPsvc - ok
17:35:25.0115 4596        PolicyAgent    (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
17:35:25.0157 4596        PolicyAgent - ok
17:35:25.0192 4596        Power          (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
17:35:25.0220 4596        Power - ok
17:35:25.0291 4596        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:35:25.0334 4596        PptpMiniport - ok
17:35:25.0360 4596        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
17:35:25.0370 4596        Processor - ok
17:35:25.0433 4596        ProfSvc        (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
17:35:25.0455 4596        ProfSvc - ok
17:35:25.0479 4596        ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:35:25.0498 4596        ProtectedStorage - ok
17:35:25.0554 4596        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:35:25.0600 4596        Psched - ok
17:35:25.0615 4596        PSI            (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys
17:35:25.0622 4596        PSI - ok
17:35:25.0743 4596        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
17:35:25.0782 4596        ql2300 - ok
17:35:25.0907 4596        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
17:35:25.0927 4596        ql40xx - ok
17:35:25.0963 4596        QWAVE          (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
17:35:25.0985 4596        QWAVE - ok
17:35:25.0999 4596        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:35:26.0017 4596        QWAVEdrv - ok
17:35:26.0030 4596        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:35:26.0068 4596        RasAcd - ok
17:35:26.0099 4596        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:35:26.0142 4596        RasAgileVpn - ok
17:35:26.0162 4596        RasAuto        (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
17:35:26.0188 4596        RasAuto - ok
17:35:26.0233 4596        Rasl2tp        (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:35:26.0274 4596        Rasl2tp - ok
17:35:26.0345 4596        RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
17:35:26.0386 4596        RasMan - ok
17:35:26.0410 4596        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:35:26.0435 4596        RasPppoe - ok
17:35:26.0451 4596        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:35:26.0476 4596        RasSstp - ok
17:35:26.0539 4596        rdbss          (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:35:26.0589 4596        rdbss - ok
17:35:26.0601 4596        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
17:35:26.0612 4596        rdpbus - ok
17:35:26.0624 4596        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:35:26.0649 4596        RDPCDD - ok
17:35:26.0658 4596        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:35:26.0683 4596        RDPENCDD - ok
17:35:26.0693 4596        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:35:26.0717 4596        RDPREFMP - ok
17:35:26.0760 4596        RDPWD          (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
17:35:26.0778 4596        RDPWD - ok
17:35:26.0830 4596        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:35:26.0853 4596        rdyboost - ok
17:35:26.0875 4596        RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
17:35:26.0908 4596        RemoteAccess - ok
17:35:26.0945 4596        RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
17:35:26.0986 4596        RemoteRegistry - ok
17:35:27.0074 4596        RichVideo      (15ac7f45ba1529515dba8989a45b73cf) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
17:35:27.0083 4596        RichVideo ( UnsignedFile.Multi.Generic ) - warning
17:35:27.0083 4596        RichVideo - detected UnsignedFile.Multi.Generic (1)
17:35:27.0097 4596        RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
17:35:27.0139 4596        RpcEptMapper - ok
17:35:27.0144 4596        RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
17:35:27.0155 4596        RpcLocator - ok
17:35:27.0239 4596        RpcSs          (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:35:27.0283 4596        RpcSs - ok
17:35:27.0367 4596        RsFx0103        (cd553b8633466a6d1c115812f2619f1f) C:\Windows\system32\DRIVERS\RsFx0103.sys
17:35:27.0388 4596        RsFx0103 - ok
17:35:27.0423 4596        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:35:27.0465 4596        rspndr - ok
17:35:27.0509 4596        RTL8167        (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys
17:35:27.0521 4596        RTL8167 - ok
17:35:27.0545 4596        SamSs          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:35:27.0559 4596        SamSs - ok
17:35:27.0623 4596        SbieDrv        (0fe05dd9bbf0782e2bbf0977f2034616) C:\Program Files\Sandboxie\SbieDrv.sys
17:35:27.0645 4596        SbieDrv - ok
17:35:27.0659 4596        SbieSvc        (c970c7b2fd2e811525d4578d50b535f5) C:\Program Files\Sandboxie\SbieSvc.exe
17:35:27.0671 4596        SbieSvc - ok
17:35:27.0707 4596        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:35:27.0719 4596        sbp2port - ok
17:35:27.0758 4596        SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
17:35:27.0800 4596        SCardSvr - ok
17:35:27.0848 4596        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:35:27.0890 4596        scfilter - ok
17:35:28.0017 4596        Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
17:35:28.0068 4596        Schedule - ok
17:35:28.0109 4596        SCPolicySvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:35:28.0151 4596        SCPolicySvc - ok
17:35:28.0206 4596        SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
17:35:28.0229 4596        SDRSVC - ok
17:35:28.0272 4596        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:35:28.0312 4596        secdrv - ok
17:35:28.0353 4596        seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
17:35:28.0394 4596        seclogon - ok
17:35:28.0501 4596        Secunia PSI Agent (5b66db4877bbac9f7493aa8d84421e49) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
17:35:28.0534 4596        Secunia PSI Agent - ok
17:35:28.0576 4596        Secunia Update Agent (0e88fdf474f2cdd370a4a6ce77d018f0) C:\Program Files (x86)\Secunia\PSI\sua.exe
17:35:28.0596 4596        Secunia Update Agent - ok
17:35:28.0713 4596        SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
17:35:28.0755 4596        SENS - ok
17:35:28.0763 4596        SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
17:35:28.0773 4596        SensrSvc - ok
17:35:28.0801 4596        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
17:35:28.0819 4596        Serenum - ok
17:35:28.0839 4596        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
17:35:28.0851 4596        Serial - ok
17:35:28.0873 4596        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
17:35:28.0886 4596        sermouse - ok
17:35:28.0950 4596        SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
17:35:28.0993 4596        SessionEnv - ok
17:35:29.0012 4596        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:35:29.0023 4596        sffdisk - ok
17:35:29.0030 4596        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:35:29.0039 4596        sffp_mmc - ok
17:35:29.0042 4596        sffp_sd        (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:35:29.0053 4596        sffp_sd - ok
17:35:29.0079 4596        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
17:35:29.0088 4596        sfloppy - ok
17:35:29.0137 4596        SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
17:35:29.0178 4596        SharedAccess - ok
17:35:29.0217 4596        ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
17:35:29.0244 4596        ShellHWDetection - ok
17:35:29.0262 4596        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:35:29.0270 4596        SiSRaid2 - ok
17:35:29.0291 4596        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
17:35:29.0300 4596        SiSRaid4 - ok
17:35:29.0355 4596        SkypeUpdate    (579ba0a911ff5ea70cb604cd3b744b0a) C:\Program Files (x86)\Skype\Updater\Updater.exe
17:35:29.0371 4596        SkypeUpdate - ok
17:35:29.0393 4596        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:35:29.0432 4596        Smb - ok
17:35:29.0460 4596        SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
17:35:29.0479 4596        SNMPTRAP - ok
17:35:29.0506 4596        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:35:29.0520 4596        spldr - ok
17:35:29.0601 4596        Spooler        (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
17:35:29.0651 4596        Spooler - ok
17:35:29.0944 4596        sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
17:35:29.0996 4596        sppsvc - ok
17:35:30.0107 4596        sppuinotify    (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
17:35:30.0158 4596        sppuinotify - ok
17:35:30.0277 4596        SQLAgent$SQLEXPRESS (12e6d95cde974b131defaa44bab8b056) c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
17:35:30.0300 4596        SQLAgent$SQLEXPRESS - ok
17:35:30.0383 4596        SQLBrowser      (b54b48f6d92423440c264e91225c5ff1) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
17:35:30.0402 4596        SQLBrowser - ok
17:35:30.0461 4596        SQLWriter      (6d65985945b03ca59b67d0b73702fc7b) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
17:35:30.0480 4596        SQLWriter - ok
17:35:30.0564 4596        srv            (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:35:30.0589 4596        srv - ok
17:35:30.0629 4596        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:35:30.0652 4596        srv2 - ok
17:35:30.0676 4596        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:35:30.0689 4596        srvnet - ok
17:35:30.0718 4596        SSDPSRV        (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
17:35:30.0758 4596        SSDPSRV - ok
17:35:30.0775 4596        SstpSvc        (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
17:35:30.0801 4596        SstpSvc - ok
17:35:30.0821 4596        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
17:35:30.0830 4596        stexstor - ok
17:35:30.0856 4596        StillCam        (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
17:35:30.0867 4596        StillCam - ok
17:35:30.0956 4596        stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
17:35:30.0992 4596        stisvc - ok
17:35:31.0010 4596        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
17:35:31.0018 4596        swenum - ok
17:35:31.0077 4596        swprv          (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
17:35:31.0128 4596        swprv - ok
17:35:31.0296 4596        SysMain        (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
17:35:31.0335 4596        SysMain - ok
17:35:31.0468 4596        TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
17:35:31.0496 4596        TabletInputService - ok
17:35:31.0528 4596        TapiSrv        (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
17:35:31.0561 4596        TapiSrv - ok
17:35:31.0580 4596        TBS            (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
17:35:31.0605 4596        TBS - ok
17:35:31.0805 4596        Tcpip          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
17:35:31.0846 4596        Tcpip - ok
17:35:32.0063 4596        TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
17:35:32.0100 4596        TCPIP6 - ok
17:35:32.0200 4596        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:35:32.0241 4596        tcpipreg - ok
17:35:32.0265 4596        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:35:32.0275 4596        TDPIPE - ok
17:35:32.0299 4596        TDTCP          (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
17:35:32.0309 4596        TDTCP - ok
17:35:32.0355 4596        tdx            (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:35:32.0405 4596        tdx - ok
17:35:32.0428 4596        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
17:35:32.0437 4596        TermDD - ok
17:35:32.0537 4596        TermService    (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
17:35:32.0582 4596        TermService - ok
17:35:32.0606 4596        Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
17:35:32.0619 4596        Themes - ok
17:35:32.0639 4596        THREADORDER    (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:35:32.0663 4596        THREADORDER - ok
17:35:32.0684 4596        TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
17:35:32.0709 4596        TrkWks - ok
17:35:32.0764 4596        truecrypt      (370a6907ddf79532a39319492b1fa38a) C:\Windows\system32\drivers\truecrypt.sys
17:35:32.0785 4596        truecrypt - ok
17:35:32.0849 4596        TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
17:35:32.0891 4596        TrustedInstaller - ok
17:35:32.0940 4596        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:35:32.0981 4596        tssecsrv - ok
17:35:33.0029 4596        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:35:33.0046 4596        TsUsbFlt - ok
17:35:33.0105 4596        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:35:33.0156 4596        tunnel - ok
17:35:33.0176 4596        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
17:35:33.0184 4596        uagp35 - ok
17:35:33.0209 4596        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:35:33.0241 4596        udfs - ok
17:35:33.0262 4596        UI0Detect      (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
17:35:33.0273 4596        UI0Detect - ok
17:35:33.0300 4596        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:35:33.0310 4596        uliagpkx - ok
17:35:33.0334 4596        umbus          (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
17:35:33.0346 4596        umbus - ok
17:35:33.0354 4596        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
17:35:33.0365 4596        UmPass - ok
17:35:33.0575 4596        UNS            (02c298382359653bec4c737c2ab7f9c5) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:35:33.0617 4596        UNS - ok
17:35:33.0750 4596        upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
17:35:33.0795 4596        upnphost - ok
17:35:33.0827 4596        usbccgp        (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
17:35:33.0836 4596        usbccgp - ok
17:35:33.0869 4596        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:35:33.0891 4596        usbcir - ok
17:35:33.0920 4596        usbehci        (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
17:35:33.0933 4596        usbehci - ok
17:35:33.0979 4596        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
17:35:34.0002 4596        usbhub - ok
17:35:34.0036 4596        usbohci        (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
17:35:34.0052 4596        usbohci - ok
17:35:34.0081 4596        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:35:34.0106 4596        usbprint - ok
17:35:34.0133 4596        USBSTOR        (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:35:34.0145 4596        USBSTOR - ok
17:35:34.0162 4596        usbuhci        (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
17:35:34.0174 4596        usbuhci - ok
17:35:34.0197 4596        UxSms          (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
17:35:34.0234 4596        UxSms - ok
17:35:34.0254 4596        VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:35:34.0263 4596        VaultSvc - ok
17:35:34.0283 4596        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:35:34.0293 4596        vdrvroot - ok
17:35:34.0377 4596        vds            (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
17:35:34.0424 4596        vds - ok
17:35:34.0445 4596        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:35:34.0456 4596        vga - ok
17:35:34.0460 4596        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:35:34.0484 4596        VgaSave - ok
17:35:34.0527 4596        vhdmp          (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:35:34.0537 4596        vhdmp - ok
17:35:34.0558 4596        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:35:34.0568 4596        viaide - ok
17:35:34.0591 4596        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:35:34.0602 4596        volmgr - ok
17:35:34.0670 4596        volmgrx        (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:35:34.0695 4596        volmgrx - ok
17:35:34.0734 4596        volsnap        (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:35:34.0756 4596        volsnap - ok
17:35:34.0791 4596        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
17:35:34.0811 4596        vsmraid - ok
17:35:34.0978 4596        VSS            (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
17:35:35.0031 4596        VSS - ok
17:35:35.0116 4596        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
17:35:35.0141 4596        vwifibus - ok
17:35:35.0192 4596        W32Time        (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
17:35:35.0235 4596        W32Time - ok
17:35:35.0255 4596        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
17:35:35.0265 4596        WacomPen - ok
17:35:35.0313 4596        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:35:35.0354 4596        WANARP - ok
17:35:35.0356 4596        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:35:35.0379 4596        Wanarpv6 - ok
17:35:35.0512 4596        wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
17:35:35.0538 4596        wbengine - ok
17:35:35.0643 4596        WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
17:35:35.0674 4596        WbioSrvc - ok
17:35:35.0740 4596        wcncsvc        (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
17:35:35.0775 4596        wcncsvc - ok
17:35:35.0794 4596        WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
17:35:35.0805 4596        WcsPlugInService - ok
17:35:35.0841 4596        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
17:35:35.0850 4596        Wd - ok
17:35:35.0914 4596        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:35:35.0944 4596        Wdf01000 - ok
17:35:35.0961 4596        WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:35:35.0979 4596        WdiServiceHost - ok
17:35:35.0981 4596        WdiSystemHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:35:35.0999 4596        WdiSystemHost - ok
17:35:36.0063 4596        WebClient      (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
17:35:36.0095 4596        WebClient - ok
17:35:36.0144 4596        Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
17:35:36.0190 4596        Wecsvc - ok
17:35:36.0203 4596        wercplsupport  (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
17:35:36.0229 4596        wercplsupport - ok
17:35:36.0245 4596        WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
17:35:36.0271 4596        WerSvc - ok
17:35:36.0311 4596        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:35:36.0352 4596        WfpLwf - ok
17:35:36.0369 4596        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:35:36.0377 4596        WIMMount - ok
17:35:36.0407 4596        WinDefend - ok
17:35:36.0412 4596        WinHttpAutoProxySvc - ok
17:35:36.0473 4596        Winmgmt        (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
17:35:36.0518 4596        Winmgmt - ok
17:35:36.0706 4596        WinRM          (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
17:35:36.0753 4596        WinRM - ok
17:35:36.0918 4596        Wlansvc        (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
17:35:36.0949 4596        Wlansvc - ok
17:35:36.0981 4596        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
17:35:36.0993 4596        WmiAcpi - ok
17:35:37.0055 4596        wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
17:35:37.0079 4596        wmiApSrv - ok
17:35:37.0145 4596        WMPNetworkSvc - ok
17:35:37.0162 4596        WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
17:35:37.0183 4596        WPCSvc - ok
17:35:37.0233 4596        WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
17:35:37.0259 4596        WPDBusEnum - ok
17:35:37.0275 4596        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:35:37.0307 4596        ws2ifsl - ok
17:35:37.0322 4596        wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
17:35:37.0338 4596        wscsvc - ok
17:35:37.0340 4596        WSearch - ok
17:35:37.0556 4596        wuauserv        (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
17:35:37.0592 4596        wuauserv - ok
17:35:37.0725 4596        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:35:37.0767 4596        WudfPf - ok
17:35:37.0779 4596        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:35:37.0803 4596        WUDFRd - ok
17:35:37.0859 4596        wudfsvc        (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
17:35:37.0900 4596        wudfsvc - ok
17:35:37.0931 4596        WwanSvc        (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
17:35:37.0948 4596        WwanSvc - ok
17:35:37.0955 4596        MBR (0x1B8)    (7dd57f3d4b883cb302004529a784c70c) \Device\Harddisk0\DR0
17:35:38.0300 4596        \Device\Harddisk0\DR0 - ok
17:35:38.0303 4596        Boot (0x1200)  (124b406038776afd594e7c139f0c199a) \Device\Harddisk0\DR0\Partition0
17:35:38.0305 4596        \Device\Harddisk0\DR0\Partition0 - ok
17:35:38.0342 4596        Boot (0x1200)  (64d3d9a996f4d3fc14433401be455525) \Device\Harddisk0\DR0\Partition1
17:35:38.0345 4596        \Device\Harddisk0\DR0\Partition1 - ok
17:35:38.0388 4596        Boot (0x1200)  (cb9aa4853ff475ad7c765ff3d716b27a) \Device\Harddisk0\DR0\Partition2
17:35:38.0391 4596        \Device\Harddisk0\DR0\Partition2 - ok
17:35:38.0391 4596        ============================================================
17:35:38.0391 4596        Scan finished
17:35:38.0391 4596        ============================================================
17:35:38.0407 5868        Detected object count: 8
17:35:38.0407 5868        Actual detected object count: 8
17:36:06.0317 5868        HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:36:06.0317 5868        HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:36:06.0319 5868        hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
17:36:06.0319 5868        hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:36:06.0320 5868        hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:36:06.0321 5868        hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:36:06.0322 5868        HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
17:36:06.0322 5868        HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:36:06.0324 5868        LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
17:36:06.0324 5868        LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:36:06.0325 5868        Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:36:06.0326 5868        Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:36:06.0327 5868        Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:36:06.0327 5868        Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:36:06.0329 5868        RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
17:36:06.0329 5868        RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip

cosinus 08.08.2012 18:31
Ist auch unauffällig - noch Probleme offen? Wenn nicht würde ich nicht tiefer graben

sissi_a 08.08.2012 19:12
Arne, ich dank Dir ganz herzlich für Deine Unterstützung.
Da MWB das einzige ist was nicht funktioniert, lassen wir das also an der Stelle
--- und ich hoffe dass ich dank Eurer Tipps auch so schnell keine Hilfe mehr brauch
lG, Sissi

cosinus 09.08.2012 13:41
Ok, abschließend poste ich noch meinen Updateleitfaden! :)

Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden.
Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern.


Microsoftupdate

Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren.

Windows Vista/7: Anleitung Windows-Update


PDF-Reader aktualisieren
Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast)

Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader.

Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers:
Prüfen => Adobe - Flash Player
Downloadlinks => Adobe Flash Player Distribution | Adobe

Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind.


Java-Update
Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.


Alle Zeitangaben in WEZ +1. Es ist jetzt 11:11 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131