Trojaner-Board - Webseite via FTP/FileZilla gehackt, Viren "JS/BlacoleRef.W.234" und "EXP/Pdfka.EL.831" gefunden

Hm, obwohl er einige Einstellungen beim Scan umgestellt hat (Extra-Registrierung: Aus, LOP & Purity aktiviert), habe ich meine beiden Dateien bekommen.
Ich hoffe sehr, das kann behoben werden. Auch das neue Problem, dass meine Maus willkürliche Klicks manchmal macht.

[CODE]OTL-Log

︀OTL Logfile:

Code:

OTL logfile created on: 18.02.2013 16:43:40 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\UED\Desktop

64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

4,00 Gb Total Physical Memory | 2,25 Gb Available Physical Memory | 56,25% Memory free

8,00 Gb Paging File | 6,15 Gb Available in Paging File | 76,95% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 232,73 Gb Total Space | 23,47 Gb Free Space | 10,08% Space Free | Partition Type: NTFS

 

Computer Name: UED-PC | User Name: UED | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2013.02.18 16:42:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\UED\Desktop\OTL.exe

PRC - [2012.12.14 10:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

PRC - [2012.11.30 03:06:58 | 001,263,512 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

PRC - [2012.10.02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2012.09.07 19:26:00 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

PRC - [2012.09.07 19:25:55 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

PRC - [2012.09.07 19:25:55 | 000,110,032 | ---- | M] (Avira Operations GmbH C Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

PRC - [2012.08.15 14:18:40 | 000,357,016 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe

PRC - [2012.08.15 14:17:26 | 000,435,864 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe

PRC - [2012.08.15 12:19:58 | 000,079,872 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe

PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2012.05.31 15:50:30 | 001,082,368 | ---- | M] (IVT Corporation) -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe

PRC - [2012.05.28 17:08:28 | 000,368,726 | ---- | M] (IVT Corporation) -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe

PRC - [2012.05.21 14:33:56 | 000,147,563 | ---- | M] (IVT Corporation) -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe

PRC - [2011.11.25 15:32:36 | 000,687,400 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe

PRC - [2011.08.17 08:28:14 | 003,120,448 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2012.11.30 03:07:48 | 000,100,248 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll

MOD - [2012.11.30 03:06: 8 | 001,263,512 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

MOD - [2012.05.21 14:33:58 | 000,028,672 | ---- | M] () -- C:\Windows\SysWOW64\BsMobileCSps.dll

MOD - [2011.03.28 10:04:52 | 000,237,568 | ---- | M] () -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile\BaseLib.dll

MOD - [2010.03.31 20:59:20 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile\s40pack.dll

MOD - [2003.05.01 16:23:28 | 000,041,472 | ---- | M] () -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile\cscvt.dll

 

 
 ========== Services (SafeList) ==========

 

SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)

SRV - [2013.02.06 22:53:55 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2013.01.08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2013.01.01 01:25:31 | 000,541,760 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2012.12.14 10:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)

SRV - [2012.10.10 21:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)

SRV - [2012.10.03 14:51:04 | 000,725,400 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

SRV - [2012.10.02 20:19:04 | 000,743,320 | ---- | M] (Tunngle.net GmbH) [On_Demand   Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)

SRV - [2012.10.02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2012.09.07 19:26:00 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2012.09.07 19:25:55 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2012.08.15 14:18:40 | 000,357,016 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)

SRV - [2012.08.15 14:17:26 | 000,435,864 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)

SRV - [2012.08.15 12:19:58 | 000,079,872 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService)

SRV - [2012.08.01 16:10:32 | 000,917,656 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)

SRV - [2012707.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2012.07.17 15:14:44 | 002,292,480 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)

SRV - [2012.05.31 15:50:30 | 001,082,368 | ---- | M] (IVT Corporation) [Auto | Running] -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe -- (BlueSoleilCS)

SRV - [2012.05.21 14:45:56 | 000,199,680 | ---- | M] (IVT Corporation) [On_Demand | Running] -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe -- (BsHelpCS)

SRV - [2012.05.21 14:33:56 | 000,147,563 | ---- | M] (IVT Corporation) [Auto | Running] -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe -- (BsMobileCS)

SRV - [2012.01.05 16:42:34 | 000,075,624 | ---- | M] (Alcohol Soft Development Team) [Auto | Stopped] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe -- (AxAutoMntSrv)

SRV - [2011.11.25 15:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)

SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2012.10.19 17:46:26 | 000,294,232 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Treiber\VMM.sys -- (vmm)

DRV:64bit: - [2012.09.26 20:45:09 | 000,560,184 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)

DRV:64bit: - [2012.09.07 19:26:05 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)

DRV:64bit: - [2012.09.07 19:26:05 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)

DRV:64bit: - [2012.09.07 19:26:05 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)

DRV:64bit: - [2012.08.23 15:10:20 | 000,0\9,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2012.08.15 14:18:16 | 000,067,224 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)

DRV:64bit: - [2012.08.15 14:18:08 | 000,030,360 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)

DRV:64bit: - [2012.08.15 14:18: 0 | 000,031,384 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\VMparport.sys -- (VMparport)

DRV:64bit: - [2012.08.15 14:16:52 | 000,045,720 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)

DRV:64bit: - [2012.08.15 14:16:50 | 000,020,120 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)

DRV:64bit: - [2012.08.15 14:16:16 | 000,032,920 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd)

DRV:64bit: - [2012.08.01 16:10:36 | 000,052,376 | ---- | M]V(VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)

DRV:[b]64bit:[_b] - [2012.08.01 16:10:24 | 000,037,680 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmusb.sys -- (vmusb)

DRV:64bit: - [2012.07.06 11:29:52 | 000,085,104 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)

DRV:64bit: - [2012.07.06 11:29:52 | 000,070,256 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsock.sys -- (vsock)

DRV:64bit: - [2012.06.27 14:18:52 | 00:,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)

DRV:64bit: - [2012.06.26 20:38:28 | 000,046,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)

DRV:64bit: - [2012.06.24 21:24:48 | 000,052,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)

DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011.12.27 09:18:48 | 000,043,616 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btcusb.sys -- (Btcsrusb)

DRV:64bit: - [2011.12.21 13:47:52 | 000,031,968 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btnetBus.sys -- (btnetBUs)

DRV:64bit: - [2011.12.21 13:47:46 | 000,022,240 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btnetdrv.sys -- (BT)

DRV:64bit: - [2011.12.21 13:47:08 | 000,025,056 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BtHidBus.sys -- (BtHidBus)

DRV:64bit: - [2011.12.06 11:26:34 | 000,014,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\DRHMSR64.sys -- (DRHMSR64)

DRV:64bit: - [2011.12.01 10:42:44 | 000,072,240 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVol.sys -- (NBVol)

DRV:64bit: - [2011.12.01 10:42:44 | 000,015,920 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVolUp.sys -- (NBVolUp)

DRV:64bit: - [2011.11.03 18:05:38 | 000,021,984 | ---- | M] (Licensed for Gebhard Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\DRHARD64.sys -- (DRHARD64)

DRV:64bit: - [2011.07.27 09:29:08 | 000,025,352 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btcombus.sys -- (BTCOMBUS)

DRV:64bit: - [2011.07.27 09:28:58 | 000,029,576 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btcomport.sys -- (BTCOM)

DRV:64bit: - [2011.06.10 05:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64winA.sys -- (RTL8167)

DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010.11.20 11:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)

DRV:64bit: - [2010.04.06 17:32:48 | 000,027,016 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IvtBtBus.sys -- (IvtBtBUs)

DRV:64bit: - [2009.09.16 07:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t)

DRV:64bit: - [2009.08.17 18:20:46 | 001,235,968 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)

DRV:64bit: - [2009.08.13 07:38:24 | 000,029,184 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcp.sys -- (BthAvrcp)

DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009.07.14 01:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)

DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNativ]\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009.03.18 15:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)

DRV:64bit: - [2007.01.29 05:20:34 | 000,079,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMNetSrv.sys -- (VPCNetS2)

DRV:64bit: - [2005.03.29 00:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)

DRV - [2011.12.06 11:26:34 | 000,014,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\DRHMSR64.sys -- (DRHMSR64)

DRV - [2011.11.03 18:05:38 | 000,021,984 | ---- | M] (Licensed for Gebhard Software) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\DRHARD64.sys -- (DRHARD64)

DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 58 59 29 36 D5 90 CD 01  [binary data]

IE - HKCU\..\SearchScopes,DefaultScope = {0682C851-0D0A-4BAA-849D-7714C7C01807}

IE - HKCU\..\SearchScopes\{0682C851-0D0A-4BAA-849D-7714C7C01807}: "URL" = hxxp://www.google.com/search?q={searchTerms}&amp;sourceid=ie7&amp;rls=com.microsoft:{language}:{referrer:source}&amp;ie={inputEncoding?}&oe={outputEncoding?}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..extensions.enabledAddons: iseekdeal%40iseekdeal.com:1.0

FF - prefs.js..extensions.enabledAddons: %7B0b457cAA-602d-484a-8fe7-c1d894a011ba%7D:0.98.28

FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:3.8.2

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2

 

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF:64bit[ - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)

FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@vizzed.com/VizzedRGR: C:\Program Files (x86)\Vizzed\Vizzed Retro Game Room\NpVizzedRgr.dll (Vizzed.com)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.12.26 12:21:16 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.06 22:53:55 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.06 22:53:49 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.06 22:53:55 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.06 22:53:49 | 000,000,000 | ---D | M]

 

[2012.09.16 16:53:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\UED\AppData\Roaming\mozilla\Extensions

[2013.02.17 16:26:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\UED\AppData\Roaming\mozilla\Firefox\Profiles\infl1ov0.default\extensions

[2013.01.04 13:22:59 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\UED\AppData\Roaming\mozilla\Firefox\Profiles\infl1ov0.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}

[2013.02.17 16:26:15 | 000,234,999 | ---- | M] () (No name found) -- C:\Users\UED\AppData\Roaming\mozilla\firefox\profiles\infl1ov0.default\extensions\artur.dubovoy@gmail.com.xpi

[2012.12.06 13:56:28 | 000,001,879 | ---- | M] () (No name found) -- C:\Users\UED\AppData\Roaming\mozilla\firefox\profiles\infl1ov0.default\extensions\iseekdeal@iseekdeal.com.xpi

[2013.02.06 22:53:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2013.02.06 22:53:55 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

 

O1 HOSTS File: ([2013.02.16 20:43:34 | 000,000,431 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (IE Security Component) - {0D778FDC-FAD7-4B1D-AB88-7A76A562D65C} - C:\ProgramData\Plugin\ISeekDeal.dll (Vtools)

O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O3:64bit: - HKLM\..\Toolbar: (FireShot) - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Users\UED\AppData\Roaming\Mozilla\Firefox\Profiles\infl1ov0.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin64-0.98.24.dll File not found

O3 - HKLM\..\Toolbar: (FireShot) - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Users\UED\AppData\Roaming\Mozilla\Firefox\Profiles\infl1ov0.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0.98.24.dll File not found

O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft Device Center\ipoint.exe (Microsoft Corporation)

O4:64bit: - HKLM..\Run: [IntelliType Pro] c:\Program Files\Microsoft Device Center\itype.exe (Microsoft Corporation)

O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [BtTray] C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe (IVT Corporation)

O4 - HKLMo.\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)

O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1

O7 - HKCU\Software\Policies\Microsoft\Internet Elplorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found

O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found

O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microso t Corp.)

O16:64bit: - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O17 - HK\M\System\CCS\Services\Tcpip\Parameters\Interfaces\{032751E1-4B64-48B1-8AE0-7F279F1F49FE}: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1709D28D-D275-44E6-A2E4-4E6C46EE451C}: DhcpNameServer = 7.254.254.254

O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found

O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found

O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found

O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found

O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18:64bit: - Protocol\Filter\text/xml - No CLSID value found

O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2013.02.18 16:42:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\UED\Desktop\OTL.exe

[2013.02.17 22:38:42 | 000,000,000 | ---D | C] -- C:\Users\UED\Documents\Microsoft Hardware

[2013.02.17 15:54:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2013.02.17 15:54144 | 000,000,000 | ---D | C] -- C:\Users\UED\Desktop\mbar

[2013.02.17 15:03:05 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2013.02.16 21:07:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client

[2013.02.16 21:07:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client

[2013.02.15 22:20:30 | 000,000,000 | ---D | C] -- C:\Users\UED\Desktop\directoryblaster

[2013.02.12 19:45:07 | 000,000,000 | ---D | C] -- C:\Users\UED\Desktop\MAMPlayer2006aug19_035

[2013.02.11 20:10:24 | 000,021,984 | ---- | C] (Licensed for Gebhard Software) -- C:\Windows\SysWow64\drivers\DRHARD64.sys

[2013.02.11 20:10:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dr. Hardware 2013

[2013.02.11 20:10:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dr. Hardware 2013

[2013.02.11 20:10:10 | 003,326,496 | ---- | C] (Peter A. Gebhard                                            ) -- C:\Users\UED\Desktop\drh2013d.exe

[2013.02.08 22:36:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy

[2013.02.08 22:36:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2

[2013.02.06 22:53:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox

[2013.02.05 22:50:02 | 000,000,000 | ---D | C] -- C:\ProgramData\vsosdk

[2013.02.03 22:32:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO

[2013.02.03 22:32:31 | 000,626,688 | ---- | C] (On2.com) -- C:\Windows\SysWow64\vp7vfw.dll

[2013.02.02 22:35:18 | 000,000,000 | ---D | C] -- C:\Users\UED\AppData\Roaming\Capora

[2013.02.02 22:23:40 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\UED\AppData\Roaming\pcouffin.sys

[2013.02. 2 22:23:40 | 000,000,000 | ---D | C] -- C:\Users\UED\AppData\Roaming\Vso

[2013.02.02 22:23:40 | 000,000,000 | ---D | C] -- C:\Users\UED\Documents\PcSetup

[2013.02.02 22:23:30 | 000,000,000 | ---D | C] -- C:\ProgramData\VSO

[2013.02.02 22:23:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VSO

[2013.02.02 22:23:07 | 000,000,000 | ---D | C] -- C:\Users\UED\AppData\Local\Programs

[2013.01.23 17:59:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

[2013.01.23 17:59:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype

[2013.01.22 21:38:54 | 000,000,000 | ---D | C] -- C:\Users\UED\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Super Smashed Bros

[2013.01.22 21:38:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Smashed Bros

[2013.01.20 17:50:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Project64.1.7.0.50.Ver.23

 
 ========== Files - Modified Within 30 Days ==========

 

[2013.02.18 16:47:27 | 000,013,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2013.02.18 16:47:27 | 000,013,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2013.02.18 16:42:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\UED\Desktop\OTL.exe

[2013.02.18 16:39:03 | 000,001,330 | ---- | M] () -- C:\Windows\SysWow64\bscs.ini

[2013.02.18 16:38:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013.02.17 22:36:06 | 000,311,884 | ---- | M] () -- C:\Users\UED\Desktop\River flows in You (2).jpg

[2013.02.17 22:34:12 | 000,290,746 | ---- | M] () -- C:\Users\UED\Desktop\River flows in you (1).jpg

[2013.02.17 22:10:18 | 000,000,047 | ---- | M] () -- C:\Windows\ssb.ini

[2013.02.17 15:54:34 | 013,711,621 | ---- | M] () -- C:\Users\UED\Desktop\mbar-1.01.0.1020.zip

[2013.02.17 15:49:59 | 000,374,784 | ---- | M] () -- C:\Users\UED\Desktop\GMER_2.1.18952.exe

[2013.02.17 01:06:24 | 000,000,124 | ---- | M] () -- C:\Users\UED\Documents\ax_files.xml

[2013.02.16 23:19:10 | 001,620,602 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2013.02.16 23:19:10 | 000,701,006 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2013.02.16 23:19:10 | 000,655,322 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2013.02.16 23:19:10 | 000,149,868 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2013.02.16 23:19:10 | 000,122,780 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2013.02.16 20:43:34 | 000,000,431 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts

[2013.02.16 19:41:15 | 000,363,376 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2013.02.15 22:37:07 | 001,601,508 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2013.02.12 19:45:03 | 000,440,863 | ---- | M] () -- C:\Users\UED\Desktop\MAMPlayer2006aug19_035.zip

[2013.02.12 19:39:32 | 000,271,958 | ---- | M] () -- C:\Users\UED\Desktop\SMSR Non-TAS Competition _1.zip

[2013.02.11 20:10:25 | 000,000,980 | ---- | M] () -- C:\Users\UED\Desktop\Dr. Hardware 2013.lnk

[2013.02.11 20:10:11 | 003,326,496 | ---- | M] (Peter A. Gebhard                                            ) -- C:\Users\UED\Desktop\drh2013d.exe

[2013.02.03 23:31:46 | 010,186,936 | ---- | M] () -- C:\Users\UED\Desktop\Earthworm Jim 3D.7z

[2013.02.02 22:33:18 | 000,082,816 | ---- | M] (VSO Software) -- C:\Users\UED\AppData\Roaming\pcouffin.sys

[2013.02.02 22:33:18 | 000,007,859 | ---- | M] () -- C:5Users\UED\AppData\Roaming\pcouffin.cat

[2013.02.02 22:33:18 | 000,001,167 | ---- | M] () -- C:\Users\UED\AppData\Roaming\pcouffin.inf

[2013.01.23 20:27:45 | 611,061,760 | ---- | M] () -- C:\Users\UED\Documents\VRMPVOL_DE.ISO

 
 ========== Files Created - No Company Name ==========

 

[2013.02.17 22:36:06 | 000,311,884 | ---- | C] () -- C:\Users\UED\Desktop\River flows in You (2).jpg

[2013.02.17 22:34:12 | 000,290,746 | ---- | C] () -- C:\Users\UED\Desktop\River flows in you (1).jpg

[2013.02.17 15:54:27 | 013,711,621 | ---- | C] () -- C:\Users\UED\Desktop\mbar-1.01.0.1020.zip

[2013.02.17 15:49:59 | 000,374,784 | ---- | C] () -- C:\Users\UED\Desktop\GMER_2.1.18952.exe

[2013.02.15 22:26:36 | 000,136,704 | ---- | C] () -- C:\Windows\SysNative\ZLhp1600.DLL

[2013.02.12 19:45:03 | 000,440,863 | ---- | C] () -- C:\Users\UED\Desktop\MAMPlayer2006aug19_035.zip

[2013.02.12 19:39:30 | 000,271,958 | ---- | C] () -- C:\Users\UED\Desktop\SMSR Non-TAS Competition _1.zip

[2013.02.11 20:10:25 | 000,0 0,980 | ---- | C] () -- C:\Users\UED\Desktop\Dr. Hardware 2013.lnk

[2013.02.11 20:10:24 | 000,014,760 | ---- | C] () -- C:\Windows\SysWow64\drivers\DRHMSR64.sys

[2013.02.03 23:31:42 | 010,186,936 | ---- | C] () -- C:\Users\UED\Desktop\Earthworm Jim 3D.7z

[2013.02.02 22:23:40 | 000,007,859 | ---- | C] () -- C:\Users\UED\AppData\Roaming\pcouffin.cat

[2013.02.02 22:23:40 | 000,001,167 | ---- | C] () -- C:\Users\UED\AppData\Roaming\pcouffin.inf

[2013.01.23 20:25:35 | 611,061,760 | ---- | C] () -- C:\Users\UED\Documents\VRMPVOL_DE.ISO

[2013.01.22 21:41:37 | 000,000,047 | ---- | C] () -- C:\Windows\ssb.ini

[2013.01.11 20:17:44 | 000,000,737 | ---- | C] () -- C:\Windows\CoD.INI

[2012.12.23 23:14:40 | 000,005,806 | ---- | C] () -- C:\Users\UED\AppData\Local\recently-used.xbel

[2012.12.02 20:04:39 | 000,001,595 | ---- | C] () -- C:\Users\UED\.ucon64rc

[2012.11.30 22:20:03 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat

[2012.11.08 21:07:07 | 000,060,254 | ---- | C] () -- C:\Users\UED\TASInputPlugin0.6 dll.zip

[2012.11.08 20:54:57 | 010,275,926 | ---- | C] () -- C:\Users\UED\Diddy Kong Racing (U) (M2) (V1.1) [!].zip

[2012.11.08 20:53:57 | 010,314,040 | ---- | C] () -- C:\Users\UED\Diddy Kong Racing (USA) (En,Fr) (Rev A).zip

[2012.10.24 18:55:32 | 000,001,018 | ---- | C] () -- C:\Users\UED\recStudio.ini

[2012.10.16 09:02:30 | 001,601,508 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2012.10.02 12:33:09 | 000,003,053 | ---- | C] () -- C:\Windows\SysWow64\SHORTCUT.INI

[2012.10.02 12:31:44 | 000,000,125 | ---- | C] () -- C:\Windows\SysWow64\REMOTEDEVICE.INI

[2012.09.30 20:48:47 | 000,000,041 | ---- | C] () -- C:\Users\UED\hallo

[2012.09.30 20:48:38 | 000,000,041 | ---- | C] () -- C:\Users\UED\null

[2012.09.24 14:44:50 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat

[2012.09.18 17:59:15 | 000,014,848 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll

[2012.09.14 16:13:55 | 000,007,605 | ---- | C] () -- C:\Users\UED\AppData\Local\Resmon.ResmonCfg

[2012.09.13 13:49:41 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI

[2012.05.31 15:50:38 | 000,001,330 | ---- | C] () -- C:\Windows\SysWow64\bscs.ini

[2012.05.27 12:25:31 | 000,006,547 | ---- | C] () -- C:\Windows\SysWow64\LOCALSERVICE.INI

[2012.05.27 12:25:29 | 000,000,187 | ---- | C] () -- C:\Windows\SysWow64\LOCALDEVICE.INI

[2012.05.27 12:20:52 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\BSPRINT.INI

[2012.05.24 08:57:50 | 000,048,128 | ---- | C] () -- C:\Windows\SysWow64\BSWMPPlugin.dll

[2012.05.21 14:33:58 | 00:,028,672 | ---- | C] () -- C:\Windows\SysWow64\BsMobileCSps.dll

[2012.05.21 14:09:16 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\BsVistaCommon.dll

[2012.05.21 14:09:14 | 000,090,208 | ---- | C] () -- C:\Windows\SysWow64\BSSkypeAgent.dll

[2012.05.21 14:09:14 | 000,086,108 | ---- | C] () -- C:\Windows\SysWow64\BSVoIPComm.dll

 
 ========== ZeroAccess Check ==========

 

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

 
 ========== LOP Check ==========

 

[2012.10.23 16:40:30 | 000,000,000 | ---D | M] -- C:\Users\UED\AppData\Roaming\.minecraft

[2013.01.04 16:57:39 | 000,000,000 | ---D | M] -- C:\Users\UED\AppData\Roaming\Audacity

[2012.10.23 23:35:12 | 000,000,000 | ---D | M] -- C:\Users\UED\AppData\Roaming\Autodesk

[2013.02.17 18:37:30 | 000,000,000 | ---D | M] -- C:\Users\UED\AppData\Roaming\BitTorrent

[2012.10.24 12:36:26 | 000,000,000 | ---D | M] -- C:\Users\UED\AppData\Roaming\Blender Foundation

[2013.02.02 22:36:06 | 000,000,000 | ---D | M] -- C:\Users\UED\AppData\Roaming\Capora

[2012.10.24 19:50:21 | 000,000,000 | ---D | M] -- C:\Users\UED\AppData\Roaming\Cycling '74

[2012.09.26 21:08:59 | 000,000,000 | ---D | M] -- C:\Users\UED\AppData\Roaming\DAEMON Tools Pro

[2012.12.08 16:44:40 | 000,000,000 | ---D | M] -- C:\Users\UED\AppData\Roaming\Datarescue

[2012.10.14 17:37:10 | 000,000,000 | -- D | M] -- C:\Users\UED\AppData\Roaming\DreamDale

[2013.02.16 21:37:05 | 000,000,000 | ---D | M] -- C:\Users\UED\AppData\Roaming\FileZilla

[2012.11.24 15:14:45 | 000,000,000 | ---D | M] -- C:\Users\UED\AppData\Roaming\FireShot

[2012.12.10 17:11:30 | 000,000,000 | ---D | M] -- C:\Users\UED\AppData\Roaming\Hex-Rays

[2012.09.16 15:06:34 | 000,000,000 | ---D | M] -- C:\Users\UED\AppData\Roaming\ImgBurn

[2012.10.14 17:34:32 | 000,000,000 | ---D | M] -- C:\Users\UED\AppData\Roaming\MagicBall4

[2012.10.24 19:42:06 | 000,000,000 | ---D | M] -- C:\Users\UED\AppData\Roaming\MusE

[2012.11.16 19:36:20 | 000,000,000 | ---D | M] -- C:\Users\UED\AppData\Roaming\Music Recognition

[2012.10.20 10:11:00 | 000,000,000 | -- D | M] -- C:\Users\UED\AppData\Roaming\Nokia

[2012.09.17 13:31:22 | 000,000,000 | ---D | M] -- C:\Users\UED\AppData\Roaming\Notepad++

[2012.09.25 21:05:11 | 000,000,000 | ---D | M] -- C:\Users\UED\AppData\Roaming\Password Solutions

[2012.10.20 09:43:02 | 000,000,000 | ---D | M] -- C:\Users\UED\AppData\Roaming\PC Suite

[2013.01.17 21:24:34 | 000,000,000 | ---D | M] -- C:\Users\UED\AppData\Roaming\TeamViewer

[2012.11.30 22:20:01 | 000,000,000 | ---D | M] -- C:\Users\UED\AppData\Roaming\Tunngle

[2013.02.07 00:22:16 | 000,000,000 | ---D | M] -- C:\Users\UED\AppData\Roaming\Vso

[2012.10.09 09:06:38 | 000,000,000 | ---D | M] -- C:\Users\UED\AppData\Roaming\Wings3D

[2012.10.20 15:08:16 | 000,000,000 | ---D | M] -- C:\Users\UED\AppData\Roaming\XnView

 
 ========== Purity Check ==========

 

 

 
 ========== Alternate Data Streams ==========7

 

@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:A1EDB939
 

< End of report >

--- --- ---

[CODE]Extra-Log

︀OTL Logfile:

Code:

OTL Extras logfile created on: 18.02.2013 16:43:40 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\UED\Desktop

64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

4,00 Gb Total Physical Memory | 2,25 Gb Available Physical Memory | 56,25% Memory free

8,00 Gb Paging File | 6,15 Gb Available in Paging File | 76,95% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 232,73 Gb Total Space | 23,47 Gb Free Space | 10,08% Space Free | Partition Type: NTFS

 

Computer Name: UED-PC | User Name: UED | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporati)n)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [open] -- "C:\ProgramiFiles\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.=pl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"FirewallDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

x 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirewallDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 

[colo#=#E56717]========== System Restore Settings ==========[/color]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 
 ========== Firewall Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

 

 
 ========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system | 

"{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system | 

"{08E024BB-596A-4DFF-A430-159062EB67CE}" = lport=10243 | protocol=6 | dir=in | app=system | 

"{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{25B9D31D-64EC-44F5-900B-17177C3E5D3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system | 

"{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 

"{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 

"{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system | 

"{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system | 

"{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system | 

"{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{AF8150A9-8B4A-4262-900E-D368942052B3}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{BE10AB93-C4A6-464B-BE93-069E778BFF99}" = rport=10243 | protocol=6 | dir=out | app=system | 

"{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system | 

"{C428A183-FD79-40B5-990D-895328F43AC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{CF0676E6-E2EC-438A-9741-7029DEBD00CE}" = rport=2177 | protocol=17 | dir=out | svcuqwave | app=%systemroot%\system32\svchost.exe | 

"{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system | 

"{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

 
 ========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 

"{02A4D600-582A-4C14-ADFE-C125CF0CB18F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{1473D86F-6F04-46A3-9153-CD04272511DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 

"{30B61E11-1F44-437D-B375-0858191C37CF}" = protocol=6 | dir=in | app=c:\program files (x86)\ivt corporation\bluesoleil\bluesoleilcs.exe | 

"{3BC70162-B423-448A-8546-BD041D6B8918}" = protocol=17 | dir=in | app=c:\program files (x86)\ivt corporation\bluesoleil\bluesoleilcs.exe | 

"{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 

"{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 

"{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{62F27534-2769-4D2F-B42F-E96E62F64F44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{65901CFC-D156-4C8F-90EA-C26D256CA195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{8642AF85-31DC-4BB3-8E9D-1E478C224084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%progmamfiles(x86)%\windows media player\wmplayer.exe | 

"{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}" = protocol=6 | dir=out | app=system | 

"{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 

"{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"TCP Query User{34B86A20-E9DF-4277-BB5E-720731AC37ED}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe | 

"TCP Query User{7AA30E99-FF3F-404B-8019-744C99884F17}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 

"TCP Query User{829873BC-FC2E-4883-90BC-F557BAB367E2}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spybot - search & destroy 2\sdupdate.exe | 

"TCP Query User{9DD60A49-7053-4066-9A12-6B9A6DF4EA85}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe | 

"TCP Query User{E5CF75B2-D40A-4387-892F-7BE61B8EE506}C:\spiele\call of duty\codmp.exe" = protocol=6 | dir=in | app=c:\spiele\call of duty\codmp.exe | 

"UDP Query User{1E4E174F-EF1F-497D-A661-84D0A7A0F166}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spybot - search & destroy 2\sdupdate.exe | 

"UDP Query User{6B108B72-54BE-4332-A739-2156600DABF1}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 

"UDP Query User{D3D8A434-6906-4472-B1BE-ED2D385B991B}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe | 

"UDP Query User{F2C150F1-C5DF-4EC1-BDE2-0313DC279674}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe | 

"UDP Query User{FDCD176B-84E4-451E-9786-9937BB4CFD62}C:\spiele\call of duty\codmp.exe" = protocol=17 | dir=in | app=c:\spiele\call of duty\codmp.exe | 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"{0e82bf4c-b906-4635-a97e-6a9740686b33}.sdb" = Rayman 2: The Great Escape GOG Edition

"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode

"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219

"{26A24AE4-039D-4CA4-87B4-2F864170078F}" = Java 7 Update 7 (64-bit)

"{2F808931-D235-4FC7-90CD-F8A890C97B2F}" = Composite 2013 64-bit

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2

"{5655FAEA-76A3-4565-BEE2-55D796185D32}" = BlueSoleil 8.0.395.0

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64

"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{8A7CAA24-7B23-410B-A7C3-F994B0944160}" = Microsoft Virtual PC 2007

"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64

"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{AEF6C676-D7A2-4487-BD4B-1BED17B229B5}" = Microsoft-Maus- und Tastatur-Center

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306797

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 301.42

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components

"{C7F737EB-3325-3BEE-8D0D-DEF2DE62486A}" = Visual C++ 11.0 CRT (x64)

"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant

"{D285FC5F-3021-32E9-9C59-24CA325BDC5C}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729

"{D600D357-5CB9-4DE9-8F-4-14E208BD1970}" = Nero Backup Drivers

"{E452E727-86B8-4233-8CC3-41FD817AFAFF}" = VMwarePlayer_x64

"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0)

"Blender" = Blender

"GIMP-2_is1" = GIMP 2.8.2

"MeshLab_64b" = MeshLab_64b 1.3.2

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"Microsoft Mouse and Keyboard Center" = Microsoft-Maus- und Tastatur-Center

"TeamSpeak 3 Client" = TeamSpeak 3 Client

"WinRAR archiver" = WinRAR 4.20 (64-Bit)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi

"{0320AB41-0926-4218-A8A6-68AC84E6BB93}" = Nero Recode 11

"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11

"{03CC9D58-B132-4CC0-A521-4F3660AA43C7}" = Movie Maker

"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{0713D1F9-DD77-42C1-8C7D-54D479E2E743}" = Nero SoundTrax 11

"{0906982B-A432-4C06-8F01-C01BE1143779}" = Nokia Connectivity Cable Driver

"{0D7A4289-99CF-4B8D-B812-86BE50A54552}" = Nero Video 11

"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F874316-5DC8-450F-8D7A-4236699140B3}" = msvcrt90_x86

"{20D4A895-748C-4D88-871C-FDB1690B0169}" = Platform

"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs

"{26A24AE4-039D-4CA4-87B4-2F83217013FF}" = Java 7 Update 13

"{2B095550-3C13-4547-ABD1-04CF1560BBBD}" = Vizzed Retro Game Room

"{2CA7225D-CB12-462A-9DD1-50319E158BA5}" = Nero 11 PiP Effects Basic

"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery

"{33EBF075-8593-4698-BDAF-CF8DED80BB5B}" = Nokia Suite

"{390757AA-8830-43DC-AEE0-4E5B6F8439EB}" = Nero SoundTrax 11 Help (CHM)

"{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}" = Fotogalerie

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4BA6784F-3B10-473A-B9F5-33A36AC354D5}" = Google SketchUp 8

"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform

"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1

"{51865D9D-8F63-46F2-87AB-9E72F93B618C}" = Welcome App (Start-up experience)

"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)

"{55C2143E-FBA5-442F-9AFA-726FF068F39D}" = Nero CoverDesigner 11 Help (CHM)

"{57F80ECF-E27C-4EEE-AB58-E971BACE2639}" = Nero Recode 11 Help (CHM)

"{586B106A-E15A-41D7-A76D-48A32085D160}" = Crazy Machines II Demo

"{5A06BC95-C59E-438D-AA8D-A97690AD628C}" = Encore 5

"{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic

"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update

"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials

"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform

"{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM)

"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1" = Hex-Editor MX

"{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}" = Nero WaveEditor 11

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions

"{8DD46C6A-0056-4FEC-B70A-28BB16A1Fo1F}" = MSVCRT

"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110

"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback

"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195

"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6

"{96C4DBF2-E573-40AE-9121-3A7AB2A28E04}" = Advanced Office Password Recovery

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable

"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1

"{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}" = Nero BackItUp 11

"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch

"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86

"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11

"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack

"{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM)

"{BA77F9D2-CD35-41EB-9BC9-769879DFF8A6}" = PC Connectivity Solution

"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11

"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer

"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common

"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)

"{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM)

"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)

"{D9F09DDD-F3FE-427A-A63E-83D87E7D99CC}" = Intel(R) C++ Redistributables for Windows* on Intel(R) 64

"{DA4BE820-2BBC-401E-812C-1DB0C53EBFD6}" = icl12_x86

"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX

"{DB6AB705-C9BD-40E3-8929-2EA57636A4FF}_is1" = ConvertXtoDVD 4.1.19.364

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}" = LightScribe System Software

"{E10AAE4A-98B8-420A-BD93-E0520C23D624}" = Nero Express 11

"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common

"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86

"{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}" = Nero 11 Effects Basic

"{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}" = Nero WaveEditor 11 Help (CHM)

"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{F3743A2C-5D5F-4456-8F98-5DF36A954C50}" = Nero 11 Image Samples

"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5

"{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}" = Nero 11 Disc Menus Basic

"{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}" = Nero Video 11 Help (CHM)

"{FAF448F1-4460-440C-9280-07F66A63D6F5}" = Nero Kwik Media

"{FC18AB8F-9BA3-423B-91F2-622990F57978}" = Nero 11

"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE

"{FF44BCE5-5A18-4051-85F0-BC172D7B4695}" = Nero CoverDesigner 11

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows

"5513-1208-7298-9440" = JDownloader 0.9

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Alice: Madness Returns_is1" = Alice: Madness Returns

"Audacity_is1" = Audacity 2.0.2

"Avira AntiVir Desktop" = Avira Free Antivirus

"BitTorrent" = BitTorrent

"Borderlands 2_is1" = Borderlands 2

"Call of Duty" = Call of Duty

"Cheat Engine 6.2_is1" = Cheat Engine 6.2

"Cygnus Hex Editor" = Cygnus Hex Editor 2.50

"DAEMON Tools Pro" = DAEMON Tools Pro

"Deponia 2" = Chaos auf Deponia

"D-Fend Reloaded" = D-Fend Reloaded 1.3.2 (deinstallieren)

"DivX Setup" = DivX-Setup

"Dr. Hardware 2013_is1" = Dr. Hardware 2013 13.0d

"eMule" = eMule

"FileZilla Client" = FileZilla Client 3.6.0.2

"FluidImporter for SketchUp" = FluidImporter for SketchUp

"FluidRay RT Demo (64 Bit)" = FluidRay RT Demo (64 Bit)

"FLV Player" = FLV Player 2.0 (build 25)

"Fraps" = Fraps (remove only)

"Gefeuert" = Gefeuert - Dein letzter Tag (Deinstallation)

"Gold Miner Joe Trial Version_is1" = Gold Miner Joe Trial Version 1.01

"ImgBurn" = ImgBurn

"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager

"Magic Ball 31.0" = Magic Ball 3

"Marble Mayhem!_is1" = Marble Mayhem! 1.0

"mIRC" = mIRC

"Mozilla Firefox 18.0.2 (x86 de)" = Mozilla Firefox 18.0.2 (x86 de)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"MuseScore" = MuseScore 1.2 MuseScore score typesetter

"Nokia Suite" = Nokia Suite

"Notepad++" = Notepad++

"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver

"OpenAL" = OpenAL

"Rayman 2_is1" = Rayman 2

"ResourceHacker_is1" = Resource Hacker Version 3.6.0

"Saitek Colour Rumble Pad" = Saitek Colour Rumble Pad

"Super Smashed Bros" = Super Smashed Bros

"Superstar Chefs 8rial Version_is1" = Superstar Chefs Trial Version 1.30

"TeamViewer 8" = TeamViewer 8

"Tiny and Big - Grandpas Leftovers" = Tiny and Big - Grandpa's Leftovers (remove only)

"Tunngle beta_is1" = Tunngle beta

"UltraISO_is1" = UltraISO Premium V9.53

"VMware_Player" = VMware Player

"Wings 3D 1.4.1" = Wings 3D 1.4.1

"WinLiveSuite" = Windows Live Essentials

"WinUAE" = WinUAE 2.4.1

"ZMBV" = Zip Motion Block Video codec (Remove Only)

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Marble Arena 2" = Marble Arena 2

 
 ========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 10.02.2013 12:22:57 | Comprter Name = UED-PC | Source = Customer Experience Improvement Program | ID = 1008

Description = 

 

Error - 10.02.2013 17:10:48 | Computer Name = UED-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: 1964.exe, Version: 0.9.9.0, Zeitstempel:

 0x480bfe7d  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel:

 0x4ec49b8f  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0002deeb  ID des fehlerhaften Prozesses:

 0x4e8  Startzeit der fehlerhaften Anwendung: 0x01ce07d1dc700954  Pfad der fehlerhaften

 Anwendung: C:\MarioZuBanjo\1964_11\bin\Release\1964.exe  Pfad des fehlerhaften Moduls:

 C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: 5709b23f-73c6-11e2-b6c4-005056c00008

 

Error - 11.02.2013 08:27:37 | Computer Name = UED-PC | Source = Customer Experience Improvement Program | ID = 1008

Description = 

 

Error - 12.02.2013 15:12:45 | Computer Name = UED-PC | Source = Customer Experience Improvement Program | ID = 1008

Description = 

 

Error - 12.02.2013 20:22:57 | Computer Name = UED-PC | Source = Application Error | ID = 1000

Error - 13.02.2013 13:46:00 | Computer Name = UED-PC | Source = Customer Experience

 Improvement Program | ID = 1008

 

Description = 

Error - 14.02.2013 14:29:22 | Computer Name = UED-PC | Source = Customer Experience

 Improvement Program | ID = 1008

 

Description = 

Error - 15.02.2013 17:20:48 | Computer Name = UED-PC | Source = SideBySide | ID 

= 16842785

 

Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Users\UED\Desktop\RecStudioWin\bin\RecCLI64.exe".

Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.

Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error - 15.02.2013 17:29:07 | Computer Name = UED-PC | Source = Customer Experience

 Improvement Program | ID = 1008

 

Description = 

Error - 16.02.2013 15:09:57 | Computer Name = UED-PC | Source = Customer Experience

 Improvement Program | ID = 1008

 

Description = 

Error - 16.02.2013 16:02:30 | Computer Name = UED-PC | Source = SideBySide | ID 

= 16842832

 

Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\UED\Downloads\SoftonicDownloader_for_super-smashed-bros.exe". Fehler in

Manifest- oder Richtliniendatei "" in Zeile .

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bertits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 16.02.2013 19:18:41 | Computer Name = UED-PC | Source = Application Error

 | ID = 1000

 

Description = Name der fehlerhaften Anwendung: nvtray.exe, Version: 7.17.13.697, Zeitstempel: 0x506b3bc0

Name des fehlerhaften Moduls: nvtray.exe, Version: 7.17.13.697, Zeitstempel: 0x506b3bc0

Ausnahmecode: 0x40000015

Fehleroffset: 0x0000000000153481

ID des fehlerhaften Prozesses: 0xbb0

Startzeit der fehlerhaften Anwendung: 0x01ce0c99692b16a7

Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

Pfad des fehlerhaften Moduls: C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

Berichtskennung: 32ec7250-788f-11e2-b5a7-005056c00008

Error - 17.02.2013 08:35:08 | Computer Name = UED-PC | Source = Customer Experience

 Improvement Program | ID = 1008

 

Description = 

 

Error encountered while reading event logs.

 

< End of report >

--- --- ---

OK, hier wäre das LOG von TDSSKiller. Ich meine, er hat nichts wirkliches gefunden. :(
Und wieso spinnt meine Maus etwas rum?

Code:

︀19:21:17.0333 2656  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

19:21:17.0583 2656  ============================================================

19:21:17.0583 2656  Current date / time: 2013/02/18 19:21:17.0583

19:21:17.0583 2656  SystemInfo:

19:21:17.0583 2656  

19:21:17.0583 2656  OS Version: 6.1.7601 ServicePack: 1.0

19:21:17.0583 2656  Product type: Workstation

19:21:17.0583 2656  ComputerName: UED-PC

19:21:17.0583 2656  UserName: UED

19:21:17.0583 2656  Windows directory: C:\Windows

19:21:17.0583 2656  System windows directory: C:\Windows

19:21:17.0583 2656  Running under WOW64

19:21:17.0583 2656  Processor architecture: Intel x64

19:21:17.0583 2656  Number of processors: 2

19:21:17.0583 2656  Page size: 0x1000

19:21:17.0583 2656  Boot type: Normal boot

19:21:17.0583 2656  ============================================================

19:21:19.0579 2656  Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 (232.83 Gb), SectorSize: 0x200, Cylinders: 0x3F12D, SectorsPerTrack: 0xE, TracksPerCylinder: 0x87, Type 'K0', Flags 0x00000040

19:21:19.0579 2656  ============================================================

19:21:19.0579 2656  \Device\Harddisk0\DR0:

19:21:19.0579 2656  MBR partitions:

19:21:19.0579 2656  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

19:21:19.0579 2656  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D176000

19:21:19.0579 2656  ============================================================

19:21:19.0626 2656  C: <-> \Device\Harddisk0\DR0\Partition2

19:21:19.0626 2656  ============================================================

19:21:19.0626 2656  Initialize success

19:21:19.0626 2656  ============================================================

19:22:18.0518 4000  ============================================================

19:22:18.0518 4000  Scan started

19:22:18.0518 4000  Mode: Manual; SigCheck; TDLFS; 

19:22:18.0518 4000  ============================================================

19:22:20.0203 4000  ================ Scan system memory ========================

19:22:20.0203 4000  System memory - ok

19:22:20.0203 4000  ================ Scan services =============================

19:22:20.0437 4000  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys

19:22:20.0593 4000  1394ohci - ok

19:22:20.0624 4000  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys

19:22:20.0655 4000  ACPI - ok

19:22:20.0671 4000  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys

19:22:20.0780 4000  AcpiPmi - ok

19:22:20.0967 4000  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

19:22:20.0983 4000  AdobeARMservice - ok

19:22:21.0045 4000  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys

19:22:21.0077 4000  adp94xx - ok

19:22:21.0108 4000  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys

19:22:21.0139 4000  adpahci - ok

19:22:21.0170 4000  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys

19:22:21.0186 4000  adpu320 - ok

19:22:21.0233 4000 3[ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

19:22:21.0482 4000  AeLookupSvc - ok

19:22:21.0529 4000  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys

19:22:21.0607 4000  AFD - ok

19:22:21.0638 4000  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys

19:22:21.0654 4000  agp440 - ok

19:22:21.0685 4000  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe

19:22:21.0763 4000  ALG - ok

19:22:21.0779 4000  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys

19:22:21.0810 4000  aliide - ok

19:22:21.0825 4000  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys

19:22:21.0841 4000  amdide - ok

19:22:21.0872 4000  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys

19:22:21.0950 4000  AmdK8 - ok

19:22:21.0966 4000  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys

19:22:21.0997 4000  AmdPPM - ok

19:22:22.0028 4000  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys

19:22:22.0059 4000  amdsata - ok

19:22:22.0075 4000  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys

19:22:22.0091 4000  amdsbs - ok

19:22:22.0122 4000  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys

19:22:22.0137 4000  amdxata - ok

19:22:22.0231 4000  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

19:22:22.0247 4000  AntiVirSchedulerService - ok

19:22:22.0293 4000  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

19:22:22.0293 4000  AntiVirService - ok

19:22:22.0340 4000  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys

19:22:22.0590 4000  AppID - ok

19:22:22.0621 4000  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll

19:22:22.0683 4000  AppIDSvc - ok

19:22:22.0715 4000  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll

19:22:22.0777 4000  Appinfo - ok

19:22:22.0808 4000  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll

19:22:22.0871 4000  AppMgmt - ok

19:22:22.0902 4000  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys

19:22:22.0917 4000  arc - ok

19:22:22.0933 4000  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys

19:22:22.0964 4000  arcsas - ok

19:22:23.0058 4000  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

19:22:23.0120 4000  aspnet_state - ok

19:22:23.0151 4000  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

19:22:23.0214 4000  AsyncMac - ok

19:22:23.0229 4000  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys

19:22:23.0245 4000  atapi - ok

19:22:23.0292 4000  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

19:22:23.0370 4000  AudioEndpointBuilder - ok

19:22:23.0385 4000  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll

19:22:23.0432 4000  AudioSrv - ok

19:22:23.0448 4000  [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys

19:22:23.0495 4000  avgntflt - ok

19:22:23.0541 4000  [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys

19:22:23.0573 4000  avipbb - ok

19:22:23.0588 4000  [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys

19:22:23.0619 4000  avkmgr - ok

19:22:23.0713 4000  [ 7692F4B242E45870873CAF4CB85CF769 ] AxAutoMntSrv    C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe

19:22:23.0744 4000  AxAutoMntSrv - ok

19:22:23.0775 4000  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll

19:22:23.0885 4000  AxInstSV - ok

19:22:23.0947 4000  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys

19:22:24.0025 4000  b06bdrv - ok

19:22:24.0072 4000  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys

19:22:24.0119 4000  b57nd60a - ok

19:22:24.0165 4000  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll

19:22:24.0212 4000  BDESVC - ok

19:22:24.0228 4000  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys

19:22:24.0275 4000  Beep - ok

19:22:24.0321 4000  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll

19:22:24.0384 4000  BFE - ok

19:22:24.0711 4000  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll

19:22:24.0805 4000  BITS - ok

19:22:24.0836 4000  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys

19:22:24.0867 4000  blbdrive - ok

19:22:24.0945 4000  [ E9036C3861D9ABF925B6B2FFD310F6FF ] BlueSoleilCS    C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe

19:22:24.0977 4000  BlueSoleilCS ( UnsignedFile.Multi.Generic ) - warning

19:22:24.0977 4000  BlueSoleilCS - detected UnsignedFile.Multi.Generic (1)

19:22:25.0008 4000  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

19:22:25.0086 4000  bowser - ok

19:22:25.0101 4000  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys

19:22:25.0195 4000  BrFiltLo - ok

19:22:25.0226 4000  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys

19:22:25.0242 4000  BrFiltUp - ok

19:22:25.0320 4000  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys

19:22:25.0413 4000  BridgeMP - ok

19:22:25.0460 4000  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll

19:22:25.0507 4000  Browser - ok

19:22:25.0538 4000  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys

19:22:25.0616 4000  Brserid - ok

19:22:25.0632 4000  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys

19:22:25.0679 4000  BrSerWdm - ok

19:22:25.0694 4000  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys

19:22:25.0725 4000  BrUsbMdm - ok

19:22:25.0741 4000  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys

19:22:25.0757 4000  BrUsbSer - ok

19:22:25.0819 4000  [ BDAC01893524E48FE3D609582F40EA6E ] BsHelpCS        C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe

19:22:25.0850 4000  BsHelpCS ( UnsignedFile.Multi.Generic ) - warning

19:22:25.0850 4000   sHelpCS - detected UnsignedFile.Multi.Generic (1)

19:22:25.0866 4000  [ 4C403397EC9D7947DEA2B0F7C0E097EC ] BsMobileCS      C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe

19:22:25.0897 4000  BsMobileCS ( UnsignedFile.Multi.Generic ) - warning

19:22:25.0897 4000  BsMobileCS - detected UnsignedFile.Multi.Generic (1)

19:22:25.0928 4000  [ 8C5797155D2BF093691DC8A93C6434FB ] BT              C:\Windows\system32\DRIVERS\btnetdrv.sys

19:22:25.0959 4000  BT - ok

19:22:25.0975 4000  [ 4A1F1B30DF3BC9DFFA26BD9DA07F3999 ] BTCOM           C:\Windows\system32\DRIVERS\btcomport.sys

19:22:25.0991 4000  BTCOM - ok

19:22:26.0006 4000  [ 57E636DA6934FDAF45E91D47E8B6BF3F ] BTCOMBUS        C:\Windows\system32\Drivers\btcombus.sys

19:22:26.0022 4000  BTCOMBUS - ok

19:22:26.0037 4000  [ A437FBD0F3371EB16C676B6C4B501C77 ] Btcsrusb        C:\Windows\system32\Drivers\btcusb.sys

19:22:26.0053 4000  Btcsrusb - ok

19:22:26.0069 4000  [ 832B121E4532919CC49F2438F1DCAA21 ] BthAvrcp        C:\Windows\system32\DRIVERS\BthAvrcp.sys

19:22:26.0147 4000  BthAvrcp - ok

19:22:26.0178 4000  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys

19:22:26.0271 4000  BthEnum - ok

19:22:26.0303 4000  [ B7FB44B513EFDEAB2E2F80282A2F93FE ] BtHidBus        C:\Windows\system32\Drivers\BtHidBus.sys

19:22:26.0318 4000  BtHidBus - ok

19:22:26.0334 4000  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys

:9:22:26.0365 4000  BTHMODEM - ok

19:22:26.0396 4000  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys

19:22:26.0427 4000  BthPan - ok

19:22:26.0474 4000  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys

19:22:26.0568 4000  BTHPORT - ok

19:22:26.0599 4000  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll

19:22:26.0677 4000  bthserv - ok

19:22:26.0708 4000  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys

19:22:26.0739 4000  BTHUSB - ok

19:22:26.0771 4000  [ 303A7DF76D8EB99F0463AB4CCA5C262F ] btnetBUs        C:\Windows\system32\Drivers\btnetBus.sys

19:22:26.0786 4000  btnetBUs - ok

19:22:26.0817 4000  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

19:22:26.0880 4000  cdfs - ok

19:22:26.0927 4000  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

19:22:26.0942 4000  cdrom - ok

19:22:26.0989 4000  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll

19:22:27.0036 4000  CertPropSvc - ok

19:22:27.0067 4000  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys

19:22:27.0098 4000  circlass - ok

19:22:27.0145 4000  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys

19:22:27.0161 4000  CLFS - ok

19:22:27.0239 4000  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

19:22:27.0270 4000  clr_optimization_v2.0.50727_32 - ok

19:22:27.0301 4000  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

19:22:27.0317 4000  clr_optimization_v2.0.50727_64 - ok

19:22:27.0395 4000  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

19:22:27.0473 4000  clr_optimization_v4.0.30319_32 - ok

19:22:27.0488 4000  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

19:22:27.0535 4000  clr_optimization_v4.0.30319_64 - ok

19:22:27.0566 4000  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys

19:22:27.0582 4000  CmBatt - ok

19:22:27.0613 4000  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys

19:22:27.0644 4000  cmdide - ok

19:22:27.0707 4000  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys

19:22:27.0769 4000  CNG - ok

19:22:27.0785 4000  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys

19:22:27.0800 4000  Compbatt - ok

19:22:27.0831 4000  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys

19:22:27.0878 4000  CompositeBus - ok

19:22:27.0909 4000  COMSysApp - ok

19:22:27.0925 4000  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys

19:22:27.0941 4000  crcdisk - ok

19:22:27.0972 4000  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll

19:22:28.0034 4000  CryptSvc - ok

19:22:28.0081 4000  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys

19:22:28.0143 4000  CSC - ok

19:22:28.0190 4000  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll

19:22:28.0268 4000  CscService - ok

19:22:28.0346 4000  [ C7259495924D21F1AFA26467D9F4DAE0 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys

19:22:28.0362 4000  dc3d - ok

19:22:28.0393 4000  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system30\rpcss.dll

19:22:28.0455 4000  DcomLaunch - ok

19:22:28.0487 4000  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll

19:22:28.0565 4000  defragsvc - ok

19:22:28.0596 4000  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

19:22:28.0643 4000  DfsC - ok

19:22:28.0674 4000  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll

19:22:28.0736 4000  Dhcp - ok

19:22:28.0767 4000  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys

19:22:28.0814 4000  discache - ok

19:22:28.0830 4000  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys

19:22:28.0861 4000  Disk - ok

19:22:28.0877 4000  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll

19:22:28.0939 4000  Dnscache - ok

19:22:28.0986 4000  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll

19:22:29.0064 4000  dot3svc - ok

19:22:29.0079 4000  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windowsysystem32\dps.dll

19:22:29.0126 4000  DPS - ok

19:22:29.0142 4000  DRHARD - ok

19:22:29.0220 4000  [ 8D204535D6E0727DF89AF6D962A36359 ] DRHARD64        C:\Windows\system32\drivers\DRHARD64.sys

19:22:29.0235 4000  DRHARD64 - ok

19:22:29.0267 4000  [ 127332B4B278F0ABDDB9B74BA8F82D5E ] DRHMSR64        C:\Windows\system32\drivers\DRHMSR64.sys

19:22:29.0282 4000  DRHMSR64 - ok

19:22:29.0313 4000  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

19:22:29.0360 4000  drmkaud - ok

19:22:29.0423 4000  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

19:22:29.0469 4000  DXGKrnl - ok

19:22:29.0501 4000  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll

19:22:29.0563 4000  EapHost - ok

19:22:29.0750 4000  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys

19:22:29.0891 4000  ebdrv - ok

19:22:29.0922 4000  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe

19:22:29.0969 4000  EFS - ok

19:22:30.0031 4000  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Widdows\ehome\ehRecvr.exe

19:22:30.0093 4000  ehRecvr - ok

19:22:30.0125 4000  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe

19:22:30.0171 4000  ehSched - ok

19:22:30.0218 4000  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor    s    C:\Windows\system32\DRIVERS\elxstor.sys

19:22:30.0265 4000  elxstor - ok

19:22:30.0281 4000  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys

19:22:30.0327 4000  ErrDev - ok

19:22:30.0374 4000  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll

19:22:30.0437 4000  EventSystem - ok

19:22:30.0452 4000  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys

19:22:30.0499 4000  exfat - ok

19:22:30.0530 4000  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys

19:22:30.0593 4000  fastfat - ok

19:22:30.0655 4000  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe

19:22:30.0717 4000  Fax - ok

19:22:30.0733 4000  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys

19:22:30.0764 4000  fdc - ok

19:22:30.0811 4000  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll

19:22:30.0858 4000  fdPHost - ok

19:22:30.0873 4000  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll

19:22:30.0920 4000  FDResPub - ok

19:22:30.0936 4000  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

19:22:30.0967 4000  FileInfo - ok

19:22:30.0983 4000  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

19:22:31.0029 4000  Filetrace - ok

19:22:31.0061 4000  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys

19:22:31.0076 4000  flpydisk - ok

19:22:31.0107 4000  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

19:22:31.0139 4000  FltMgr - ok

19:22:31.0201 4000  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll

19:22:31.0295 4000  FontCache - ok

19:22:31.0326 4000  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

19:22:31.0357 4000  FontCache3.0.0.0 - ok

19:22:31.0373 4000  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys

19:22:31.0388 4000  FsDepends - ok

19:22:31.0404 4000  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

19:22:31.0419 4000  Fs_Rec - ok

19:22:31.0466 4000  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys

19:2y:31.0497 4000  fvevol - ok

19:22:31.0513 4000  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys

19:22:31.0544 4000  gagp30kx - ok

19:22:31.0591 4000  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll

19:22:31.0653 4000  gpsvc - ok

19:22:31.0669 4000  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys

19:22:31.0700 4000  hamachi - ok

19:22:31.0731 4000  [ 49FF998B490B4AEF6C71A669FD10F09B ] hcmon           C:\Windows\system32\drivers\hcmon.sys

19:22:31.0747 4000  hcmon - ok

19:22:31.0763 4000  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys

19:22:31.0841 4000  hcw85cir - ok

19:22:31.0872 4000  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

19:22:31.0919 4000  HdAudAddService - ok

19:22:31.0934 4000  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sAs

19:22:31.0965 4000  HDAudBus - ok

19:22:31.0997 4000  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys

19:22:32.0028 4000  HidBatt - ok

19:22:32.0043 4000  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys

19:22:32.0075 4000  HidBth - ok

19:22:32.0090 4000  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys

19:22:32.0137 4000  HidIr - ok

19:22:32.0168 4000  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll

19:22:32.0215 4000  hidserv - ok

19:22:32.0246 4000  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

19:22:32.0293 4000  HidUsb - o1

19:22:32.0355 4000  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll

19:22:32.0402 4000  hkmsvc - ok

19:22:32.0465 4000  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

19:22:32.0511 4000  HomeGroupListener - ok

19:22:32.0558 4000  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

19:22:32.0589 4000  HomeGroupProvider - ok

19:22:32.0652 4000  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys

19:22:32.0667 4000  HpSAMD - ok

19:22:32.0714 4000  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys

19:22:32.0823 4000  HTTP - ok

19:22:32.0839 4000  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys

19:22:32.0855 4000  hwpolicy - ok

19:22:32.0886 4000  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys

19:22:32.0901 4000  i8042prt - ok

19:22:32.0933 4000  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys

19:22:32.0964 4000  iaStorV - ok

19:22:33.0026 4000  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

19:22:33.0104 4000  idsvc - ok

19:22:33.0135 4000  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys

19:22:33.0151 4000  iirsp - ok

19:22:33.0213 4000  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll

19:22:33.0307 4000  IKEEXT - ok

19:22:33.0354 4000  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys

19:22:33.0432 4000  intelide - ok

19:22:33.0494 4000  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

19:22:33.0525 4000  intelppm - ok

19:22:33.0603 4000  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

19:22:33.0666 4000  IPBusEnum - ok

19:22:33.0697 4000  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

19:22:33.0759 4000  IpFilterDriver - ok

19:22:33.0869 4000  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

19:22:33.0947 4000  iphlpsvc - ok

19:22:33.0978 4000  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys

19:22:34.0009 4000  IPMIDRV - ok

19:22:34.0056 4000  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys

19:22:34.0103 4000  IPNAT - ok

19:22:34.0134 4000  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys

19:22:34.0196 4000  IRENUM - ok

19:22:34.0212 4000  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys

19:22:34.0227 4000  isapnp - ok

19:22:34.0274 4000  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys

19:22:34.0305 4000  iScsiPrt - ok

19:22:34.0337 4000  [ C7B6BE6BF2B5766648E232077E86B6A0 ] IvtBtBUs        C:\Windows\system32\Drivers\IvtBtBus.sys

19:22:34.0352 4000  IvtBtBUs - ok

19:22:34.0383 4000  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys

19:22:34.0415 4000  kbdclass - ok

19:22:34.0430 4000  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys

19:22:34.0461 4000  kbdhid - ok

19:22:34.0493 4000  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe

19:22:34.0493 4000  KeyIso - ok

19:22:34.0524 4000  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

19:22:34.0555c4000  KSecDD - ok

19:22:34.0602 4000  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys

19:22:34.0633 4000  KSecPkg - ok

19:22:34.0664 4000  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys

19:22:34.0711 4000  ksthunk - ok

19:22:34.0758 4000  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll

19:22:34.0805 4000  KtmRm - ok

19:22:34.0851 4000  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll

19:22:34.0898 4000  LanmanServer - ok

19:22:34.0929 4000  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

19:22:34.0992 4000  LanmanWorkstation - ok

19:22:35.0132 4000: [ C34411A244029F1C08687F7C752C4563 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

19:22:35.0163 4000  LightScribeService ( UnsignedFile.Multi.Generic ) - warning

19:22:35.0163 4000  LightScribeService - detected UnsignedFile.Multi.Generic (1)

19:22:35.0195 4000  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

19:22:35.0273 4000  lltdio - ok

19:22:35.0319 4000  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll

19:22:35.0382 4000  lltdsvc - ok

19:22:35.0397 4000  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll

19:22:35.0460 4000  lmhosts - ok

19:22:35.0491 4000  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys

19:22:35.0507 4000  LSI_FC - ok

19:22:35.0522 4000  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys

19:22:35.0553 4000  LSI_SAS - ok

19:22:35.0553 4000  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys

19:22:35.0585 4000  LSI_SAS2 - ok

19:22:35.0585 4000  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys

19:22:35.0616 4000  LSI_SCSI - ok

19:22:35.0631 4000  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys

19:22:35.0709 4000  luafv - ok

19:22:35.0725 4000  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll

19:22:35.0756 4000  Mcx2Svc - ok

19:22:35.0772 4000  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys

19:22:35.0865 4000  megasas - ok

19:22:35.0928 4000  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys

19:22:35.0959 4000  MegaSR - ok

19:22:35.0990 4000  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll

19:22:36.0084 4000  MMCSS - ok

19:22:36.0099 4000  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys

19:22:36.0162 4000  Modem - ok

19:22:36.0193 4000  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

19:22:36.0224 4000  monitor - ok

19:22:36.0255 4000  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys

19:22:36.0271 4000  mouclass - ok

19:22:36.0302 4000  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

19:22:36.0333 4000  mouhid - ok

19:22:36.0365 4000  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys

19:22:36.0396 4000  mountmgr - ok

19:22:36.0443 4000  [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

19:22:36.0474 4000  MozillaMaintenance - ok

19:22:36.0505 4000  [ A44B420D30BD56E1D5D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys

19:22:36.0521 4000  mpio - ok

19:22:36.0536 4000  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

19:22:36.0599 4000  mpsdrv - ok

19:22:36.0661 4000  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll

19:22:36.0755 4000  MpsSvc - ok

19:22:36.0786 4000  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

19:22:36.0817 4000  MRxDAV - ok

19:22:36.0848 4000  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

19:22:36.0895 4000  mrxsmb - ok

19:22:36.0926 4000  [ D711B3C1D5F42C0C2418687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

19:22:36.0957 4000  mrxsmb10 - ok

19:22:36.0973 4000  [ 9423E9D35528D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

19:22:36.0989 4000  mrxsmb20 - ok

19:22:37.0020 4000  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys

19:22:37.0035 4000  msahci - ok

19:22:37.0082 4000  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windowsysystem32\drivers\msdsm.sys

19222:37.0098 4000  msdsm - ok

19:22:37.0191 4000  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe

19:22:37.0238 4000  MSDTC - ok

19:22:37.0285 4000  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys

19:22:37.0332 4000  Msfs - ok

19:22:37.0379 4000  [ F9D215A46A8B9753F61767F272A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

19:22:37.0410 4000  mshidkmdf - ok

19:22:37.0441 4000  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

19:22:37.0457 4000  msisadrv - ok

19:22:37.0503 0000  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

19:22:37.0566 4000  MSiSCSI - ok

19:22:37.0566 4000  msiserver - ok

19:22:37.0597 4000  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

19:22:37.0644 4000  MSKSSRV - ok

19:22:37.0644 4000  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

19:22:37.0706 4000  MSPCLOCK - ok

19:22:37.0753 4000  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

19:22:37.0815 4000  MSPQM - ok

19:22:37.0862 4000  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

19:22:37.0893 4000  MsRPC - ok

19:22:37.0925 4000  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys

19:22:37.0940 4000  mssmbios - ok

19:22:37.0940 4000  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

19:22:38.0003 4000  MSTEE - ok

19:22:38.0003 4000  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys

19:22:38.0049 4000  MTConfig - ok

19:22:38.0112 4000  [ 03B7145C889603537E9FFEABB1AD1089 ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys

19:22:38.0143 4000  MTsensor - ok

19:22:38.0174 4000  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys

19:22:38.0190 4000  Mup - ok

19:22:38.0237 4000  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll

19:22:38.0315 4000  napagent - ok

19:22:38.0346 4000  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

19:22:38.0393 4000  NativeWifiP - ok

19:22:38.0580 4000  [ 934BB0D23A25C8C136570800A5A149B6 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe

19:22:38.0611 4000  NAUpdate - ok

19:22:38.0658 4000  [ DACA803A8D732FE5EEAA024EC342F81D ] NBVol           C:\Windows\system32\DRIVERS\NBVol.sys

19:22:38.0689 4000  NBVol - ok

19:22:38.0751 4000  [ 6208F622E9E35860DFB0753DFF56F0C0 ] NBVolUp         C:\Windows\system32\DRIVERS\NBVolUp.sys

19:22:38.0767 4000  NBVolUp - ok

19:22:38.0845 4000  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys

19:22:38.0907 4000  NDIS - ok

19:22:38.0923 4000  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

19:22:38.0970 4000  NdisCap - ok

19:22:39.0001 4000  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

19:22:39.0063 4000  NdisTapi - ok

19:22:39.0079 4000  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

19:22:39.0157 4000  Ndisuio - ok

19:22:39.0219 4000  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

19:22:39.0282 4000  NdisWan - ok

19:22:39.0313 4000  [1015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

19:22:39.0375 4000  NDProxy - ok

19:22:39.0407 4000  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

19:22:39.0453 4000  NetBIOS - ok

19:22:39.0485 4000  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

19:22:39.0563 4000  NetBT - ok

19:22:39.0594 4000  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe

19:22:39.0609 4000  Netlogon - ok

19:22:39.0656 4000  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll

19:22:39.0719 4000  Netman - ok

19:22:39.0750 4000  [ D227D77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

19:22:39.0781 4000  NetMsmqActivator - ok

19:22:39.0812 4000  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

19:22:39.0828 4000  NetPipeActivator - ok

19:22:39.0875 4000  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll

19:22:39.0937 4000  netprofm - ok

19:22:39.0937 4000  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

19:22:39.0953 4000  NetTcpActivator - ok

19:22:39.0968 4000  [ D22CD77D4F0D63D116BBB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

19:22:39.0968 4000  NetTcpPortSharing - ok

19:22:40.0015 4000  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys

19:22:40.0031 4000  nfrd960 - ok

19:22:40.0093 4000  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll

19:22:40.0124 4000  NlaSvc - ok

19:22:40.0140 4000  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys

19:22:40.0187 4000  Npfs - ok

19:22:40.0187 4000  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll

19:22:40.0265 4000  nsi - ok

19:22:40.0296 4000  [ E7F5AE18AF4168138A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

19:22:40.0358 4000  nsiproxy - ok

19:22:40.0483 4000  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

19:22:40.0577 4000  Ntfs - ok

19:22:40.0592 4000  [ 9899284589F75F78724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys

19:22:40.0639 4000  Null - ok

19:22:42.0261 4000  [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys

19:22:42.0511 4000  nvlddmkm - ok

19:22:42.0558 4000  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys

19:22:42.0589 4000  nvraid - ok

19:22:42.0620 4000  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys

19:22:42.0714 4000  nvstor - ok

19:22:42.0776 4000  [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc           C:\Windows\system32\nvvsvc.exe

19:22:42.0807 4000  nvsvc - ok

19:22:43.0104 4000  [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

19:22:43.0182 4000  nvUpdatusService - ok

19:22:43.0213 4000  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

19:22:43.0244 4000  nv_agp - ok

19:22:43.0291 4000  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys

19:22:43.0307 4000  ohci1394 - ok

19:22:43.0385 4000  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

19:22:43.0400 4000  ose - ok

19:22:43.0494 4000  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

19:22:43.0541 4000  p2pimsvc - ok

19:22:43.0572 4000  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll

19:22:43.0619 4000  p2psvc - ok

19:22:43.0650 4000  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys

19:22:43.0665 4000  Parport - ok

19:22:43.0697 4000  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys

19:22:43.0728 4000  partmgr - ok

19:22:43.0743 4000  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll

19:22:43.0775 4000  PcaSvc - ok

19:22:43.0806 4000  [ 3FDE033DFB0D07F8B7D5C9A3044AA121 ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfdx64.sys

19:22:43.0853 4000  pccsmcfd - ok

19:22:43.0884 4000  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys

19:22:43.0915 4000  pci - ok

19:22:43.0946 4000  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys

19:22:43.0962 4000  pciide - ok

19:22:44.0040 4000  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys

19:22:44.0087 4000  pcmcia - ok

19:22:44.0087 4000  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys

19:22:44.0102 4000  pcw - ok

19:22:44.0149 4000  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

19:22:44.0243 4000  PEAUTH - ok

19:22:44.0570 4000  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll

19:22:44.0679 4000  PeerDistSvc - ok

19:22:45.0350 4000  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe

19:22:45.0381 4000  PerfHost - ok

19:22:45.0491 4000  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll

19:22:45.0631 4000  pla - ok

19:22:45.0693 4000  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

19:22:45.0740 4000  PlugPlay - ok

19:22:45.0756 4000  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

19:22:45.0787 4000  PNRPAutoReg - ok

19:22:45.0818 4000  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

19:22:45.0834 4000  PNRPsvc - ok

19:22:45.0865 4000  [ 32D374C60778253B81FA76C2FE19E155 ] Point64         C:\Windows\system32\DRIVERS\point64.sys

19:22:45.0881 4000  Point64 - ok

19:22:45.0943 4000  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

19:22:45.0990 4000  PolicyAgent - ok

19:22:46.0037 4000  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll

19:22:46.0099 4000  Power - ok

19:22:46.0177 4000  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

19:22:46.0224 4000  PptpMiniport - ok

19:22:46.0239 4000  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys

19:22:46.0271 4000  Processor - ok

19:22:46.0317 4000  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll

19:22:46.0380 4000  ProfSvc - ok

19:22:46.0395 4000  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

19:22:46.0411 4000  ProtectedStorage - ok

19:22:46.0442 4000  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

19:22:46.0520 4000  Psched - ok

19:22:46.0614 4000  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys

19:22:46.0707 4000  ql2800 - ok

19:22:46.0723 4000  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys

19:22:46.0754 4000  ql40xx - ok

19:22:46.0817 4000  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll

19:22:46.0863 4000  QWAVE - ok

19:22:46.0879 4000  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

19:22:46.0910 4000  QWAVEdrv - ok

19:22:46.0926 4000  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

19:22:46.0988 4000  RasAcd - ok

19:22:47.0019 4000  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

19:22:47.0066 4000  RasAgileVpn - ok

19:22:47.0082 4000  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll

19:22:47.0129 4000  RasAuto - ok

19:22:47.0160 4000  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

19:22:47.0207 4000  Rasl2tp - ok

19:22:47.0253 4000  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll

19:22:47.0300 4000  RasMan - ok

19:22:47.0316 4000  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

19:22:47.0378 4000  RasPppoe - ok

19:22:47.0394 4000  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

19:22:47.0472 4000  RasSstp - ok

19:22:47.0503 4000  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

19:22:47.0565 4000  rdbss - ok

19:22:47.0581 4000  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys

19:22:47.0612 4000  rdpbus - ok

19:22:47.0643 4000  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

19:22:47.0675 4000  RDPCDD - ok

19:22:47.0721 4000  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys

19:22:47.0753 4000  RDPDR - ok

19:22:47.0784 4000  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

19:22:47.0831 4000  RDPENCDD - ok

19:22:47.0846 4000  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys

19:22:47.0877 4000  RDPREFMP - ok

19:22:47.0924 4000  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys

19:22:47.0971 4000  RdpVideoMiniport - ok

19:22:48.0002 4000  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

19:22:48.0049 4000  RDPWD - ok

19:22:48.0096 4000  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

19:22:48.0111 4000  rdyboost - ok

19:22:48.0158 4000  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll

19:22:48.0221 4000  RemoteAccess - ok

19:22:48.0252 4000  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

19:22:48.0314 4000  RemoteRegistry - ok

19:22:48.0330 4000  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys

19:22:48.0377 4000  RFCOMM - ok

19:22:48.0408 4000  [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys

19:22:48.0470 4000  ROOTMODEM - ok

19:22:48.0486 4000  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

19:22:48.0564 4000  RpcEptMapper - ok

19:22:48.0595 4000  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe

19:22:48.0642 4000  RpcLocator - ok

19:22:48.0735 4000  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll

19:22:48.0767 4000  RpcSs - ok

19:22:48.0813 4000  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

19:22:48.0860 4000  rspndr - ok

19:22:48.0938 4000  [ EE082E06AF2FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys

19:22:48.0954 4000  RTL8167 - ok

19:22:49.0001 4000  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys

19:22:49.0032 4000  s3cap - ok

19:22:49.0047 4000  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe

19:22:49.0063 4000  SamSs - ok

19:22:49.0079 4000  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

19:22:49.0125 4000  sbp2port - ok

19:22:49.0172 4000  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll

19:22:49.0219 4000  SCardSvr - ok

19:22:49.0281 4000  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

19:22:49.0359 4000  scfilter - ok

19:22:49.0422 4000  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll

19:22:49.0515 4000  Schedule - ok

19:22:49.0547 4000  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll

19:22:49.0593 4000  SCPolicySvc - ok

19:22:49.0718 4000  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

19:22:49.0781 4000  SDRSVC - ok

19:22:49.0812 4000  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys

10:22:49.0874 4000  secdrv - ok

19:22:49.0890 4000  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll

19:22:49.0952 4000  seclogon - ok

19:22:49.0968 4000  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll

19:22:50.0046 4000  SENS - ok

19:22:50.0077 4000  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll

19:22:50.0124 4000  SensrSvc - ok

19:22:50.0139 4000  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys

19:22:50.0155 4000  Serenum - ok

19:22:50.0186 4000  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys

19:22:50.0233 4000  Serial - ok

19:22:50.0280 4000  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys

19:22:50.0311 4000  sermouse - ok

19:22:50.0451 4000  [ 9BDE8F1F5D060E912FCF9FB58B71CBC1 ] ServiceLayer    C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

19:22:50.0529 4000  ServiceLayer - ok

19:22:50.0607 4000  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll

19:22:50.0670 4000  SessionEnv - ok

19:22:50.0701 4000  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys

19:22:50.0732 4000  sffdisk - ok

19:22:50.0732 4000  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys

19:22:50.0763 4000  spfp_mmc - ok

19:22:50.0779 4000  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys

19:22:50.0795 4000  sffp_sd - ok

19:22:50.0810 4000  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys

19:22:50.0826 4000  sfloppy - ok

19:22:50.7873 4000  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll

19:22:50.0951 4000  SharedAccess - ok

19:22:51.0044 4000  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

19:22:51.0122 4000  ShellHWDetection - ok

19:22:51.0138 4000  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys

19:22:51.0169 4000  SiSRaid2 - ok

19:22:51.0185 4000  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys

19:22:51.0200 4000  SiSRaid4 - ok

19:22:51.0278 4000  [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe

19:22:51.0356 4000  SkypeUpdate - ok

19:22:51.0403 4000  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys

19:22:51.0465 4000  Smb - ok

19:22:51.0497 4000  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

19:22:51.0543 4000  SNMPTRAP - ok

19:22:51.0559 4000  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys

19:22:51.0575 4000  spldr - ok

19:22:51.0746 4000  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe

19:22:51.0809 4000  Spooler - ok

19:22:52.0729 4000  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe

19:22:52.0901 4000  sppsvc - ok

19:22:52.0932 4000  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll

19:22:52.0979 4000  sppuinotify - ok

19:22:53.0057 4000  [ A15860E920B02C9A7CE8F3A6C2FF1E3A ] sptd            C:\Windows\System32\Drivers\sptd.sys

19:22:53.0103 4000  sptd - ok

19:22:53.0166 4000  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys

19:22:53.0228 4000  srv - ok

19:22:53.0275 4000  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

19:22:53.0322 4000  srv2 - ok

19:22:53.0353 4000  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

19:22:53.0400 4000  srvnet - ok

19:22:53.0431 4000  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

19:22:53.0493 4000  SSDPSRV - ok

19:22:53.0509 4000  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll

19:22:53.0556 4000  SstpSvc - ok

19:22:53.0634 4000  Steam Client Service - ok

19:22:53.0712 4000  [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

19:22:53.0743 4000  Stereo Service - ok

19:22:53.0821 4000  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys

19:22:53.0852 4000  stexstor - ok

19:22:53.0915 4000  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll

19:22:53.0977 4000  stisvc - ok

19:22:54.0055 4000  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys

19:22:54.0071 4000  storflt - ok

19:22:54.0086 4000  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys

19:22:54.0102 4000  storvsc - ok

19:22:54.0117 4000  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys

19:22:54.0133 4000  swenum - ok

19:22:54.0289 4000  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll

19:22:54.0367 4000  swprv - ok

19:22:54.0v67 4000  Synth3dVsc - ok

19:22:54.0429 4000  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll

19:22:54.0539 4000  SysMain - ok

19:22:54.0554 4000  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

19:22:54.0585 4000  TabletInputService - ok

19:22:54.0648 4000  [ B08740047145B9BCE15BF75CA0F9718A ] tap0901t        C:\Windows\system32\DRIVERS\tap0901t.sys

19:22:54.0695 4000  tap0901t - ok

19:22:54.0835 4000  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll

19:22:54.0897 4000  TapiSrv - ok

19:22:54.0944 4000  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll

19:22:55.0007 4000  TBS - ok

19:22:55.0631 4000  [ B62A953F26F3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

19:22:55.0740 4000  Tcpip - ok

19:22:55.0802 4000  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

19:22:55.0833 4000  TCPIP6 - ok

19:22:55.0911 4000  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

19:22:55.0943 4000  tcpipreg - ok

19:22:55.0974 4000  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

19:22:56.0021 4000  TDPIPE - ok

19:22:56.0036 4000  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

19:22:56.0067 4000  TDTCP - ok

19:22:56.0099 4000  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

19:22:56.0161 4000  tdx - ok

19:22:57.0035 4000  [ 9F3E7CABE86BBDECA009DE291DB6D9E2 ] TeamViewer8     C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

19:22:57.0113 4000  TeamViewer8 - ok

19:22:57.0206 4000  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys

19:22:57.0222 4000  TermDD - ok

19:22:57.0456 4000  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll

19:22:57.0518 4000  TermService - ok

19:22:57.0549 4000  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll

19:22:57.0596 4000  Themes - ok

19:22:57.0659 4000  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll

19:22:57.0690 4000  THREADORDER - ok

19:22:57.0721 4000  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll

19:22:57.0783 4000  TrkWks - ok

19:22:57.0939 4000  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

19:22:57.0986 4000  TrustedInstaller - ok

19:22:58.0017 4000  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

19:22:58.0064 4000  tssecsrv - ok

19:22:58.0095 4000  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys

19:22:58.0142 4000  TsUslFlt - ok

19:22:58.0158 4000  tsusbhub - ok

19:22:58.0189 4000  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

19:22:58.0267 4000  tunnel - ok

19:22:58.0423 4000  [ 1A5F1301C1EA3B49D1222E9CBB552EBB ] TunngleService  C:\Program Files (x86)\Tunngle\TnglCtrl.exe

19:22:58.0485 4000  TunngleService - ok

19:22:58.0532 4000  [ B4DD609BB7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys

19:22:58.0563 4000  uagp35 - ok

19:22:58.0610 4000  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

19:22:58.0673 4000  udfs - ok

19:22:58.0704 4000  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe

19:22:58.0735 4000  UI0Detect - ok

19:22:58.0782 4000  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

19:22:58.0813 4000  uliagpkx - ok

19:22:58.0860 4000  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys

19:22:58.0891 4000  umbus - ok

19:22:58.0891 4000  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys

19:22:58.0922 4000  UmPass - ok

19:22:58.0953 4000  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll

19:22:59.0000 4000  UmRdpService - ok

19:22:59.0031 4000  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll

19:22:59.0094 4000  upnphost - ok

19:22:59.0109 4000  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

19:22:59.0187 4000  usbccgp - ok

19:22:59.0234 4000  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys

19:22:59.0281 4000  usbcir - ok

19:22:59.0297 4000  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys

19:22:59.0328 4000  usbehci - ok

19:22:59.0359 4000  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

19:22:59.0421 4000  usbhub - ok

19:22:59.0453 4000  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys

19:22:59.0499 4000  usbohci - ok

19:22:59.0531 4000  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

19:22:59.0562 4000  usbprint - ok

19:22:59.0593 4000  [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser          C:\Windows\system32\drivers\usbser.sys

19:22:59.0640 4000  usbser - ok

19:22:59.0655 4000  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

19:22:59.0702 4000  USBSTOR - ok

19:22:59.0718 4000  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys

19:22:59.0749 4000  usbuhci - ok

19:22:59.0780 4000  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll

19:22:59.0827 4000  UxSms - ok

19:22:59.0858 4000  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe

19:22:59.0874 4000  VaultSvc - ok

19:22:59.0889 4000  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Wi dows\system32\drivers\vdrvroot.sys

19:22:59.0905 4000  vdrvroot - ok

19:23:00.0030 4000  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe

19:23:00.0108 4000  vds - ok

19:23:00.0124 4000  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

19:23:00.0155 4000  vga - ok

19:23:00.0170 4000  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys

19:23:00.0217 4000  VgaSave - ok

19:23:00.0233 4000  VGPU - ok

19:23:00.0264 4000  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys

19:23:00.0295 4000  vhdmp - ok

19:23:00.0404 4000  [ 574B29F436C4C63D37020C6E570A7528 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys

19:23:00.0498 4000  VIAHdAudAddService - ok

19:23:00.0545 4000  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys

19:23:00.0560 4000  viaide - ok

19:23:00.0685 4000  [ 7171B884DA8BFB1CE5C8BAE46D993CB1 ] VMAuthdService  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe

19:23:00.0716 4000  VMAuthdService ( UnsignedFile.Multi.Generic ) - warning

19:23:00.0716 4000  VMAuthdService - detected UnsignedFile.Multi.Generic (1)

19:23:00.0748 4000  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys

19:23:00.0779 4000  vmbus - ok

19:23:00.0810 4000  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys

19:23:00.0857 4000  VMBusHID - ok

19:23:00.0888 4000  [ 6203C901DEFF10631AAD919B3BD1489B ] vmci            C:\Windows\system32\DRIVERS\vmci.sys

19:23:00.0919 4000  vmci - ok

19:23:00.0950 4000  [ AF3FAAE90D4BE41ECB510969A05C1842 ] vmkbd           C:\Windows\system32\drivers\VMkbd.sys

19:23:00.0966 0000  vmkbd - ok

19:23:01.0013 4000  [ 091E009EF749C9D65CF9ADFAD316D251 ] vmm             C:\Windows\system32\Treiber\vmm.sys

19:23:01.0028 4000  vmm - ok

19:23:01.0044 4000  [ AEF53B47E960F227BF7638A6A1A9D5C6 ] VMnetAdapter    C:\Windows\system32\DRIVERS\vmnetadapter.sys

19:23:01.0060 4000  VMnetAdapter - ok

19:23:01.0075 4000  [ C234A1DC2F06A15B9210787F54253810 ] VMnetBridge     C:\Windows\system32\DRIVERS\vmnetbridge.sys

19:23:01.0106 4000  VMnetBridge - ok

19:23:01.0106 4000  VMnetDHCP - ok

19:23:01.0153 4000  [ B19B92D57515D3DE3330ADD34AB6AB05 ] VMnetuserif     C:\Windows\system32\drivers\vmnetuserif.sys

19:23:01.0169 4000  VMnetuserif - ok

19:23:01.0200 4000  [ 6755C5E0A4E7B69563D8B4EA419EBC43 ] VMparport       C:\W ndows\system32\drivers\VMparport.sys

19:23:01.0216 4000  VMparport - ok

19:23:01.0278 4000  [ 415B167695C4B5960A13098622EF3D80 ] vmusb           C:\Windows\system32\Drivers\vmusb.sys

19:23:01.0294 4000  vmusb - ok

19:23:01.0528 4000  [ 105CC87FF31CB3C911ED6C515EC82F75 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe

19:23:01.0574 4000  VMUSBArbService - ok

19:23:01.0590 4000  VMware NAT Service - ok

19:23:01.0637 4000  [ B95C74CB53894249F43A8302E9AF7E23 ] vmx86           C:\Windows\system32\drivers\vmx86.sys

19:23:01.0652 4000  vmx86 - ok

19:23:01.0668 4000  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys

19:23:01.0684 4000  volmgr - ok

19:23:01.0793 4000  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

19:23:01.0840 4000  volmgrx - ok

19:23:01.0871 4000  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys

19:23:01.0902 4000  volsnap - ok

19:23:01.0933 4000  [ BC2EA40B98B5E866D9A4F98AFB66B682 ] VPCNetS2        C:\Windows\system32\DRIVERS\VMNetSrv.sys

19:23:01.0949 4000  VPCNetS2 - ok

19:23:01.0980 4000  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys

19:23:02.0011 4000  vsmraid - ok

19:23:02.0042 4000  [ 1BD504B8678825B40C515BEF5BFB08E7 ] vsock           C:\Windows\system32\drivers\vsock.sys

19:23:02.0058 4000  vsock - ok

19:23:02.0386 4000  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe

19:23:02.0464 4000  VSS - ok

19:23:02.0495 4000  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys

19:23:02.0526 4000  vwifibus - ok

19:23:02.0557 4000  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll

19:23:02.0635 4000  W32Time - ok

19:23:02.0698 4000  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys

19:23:02.0760 4000 2WacomPen - ok

19:23:02.0791 4000  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys

19:23:02.0838 4000  WANARP - ok

19:23:02.0854 4000  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

19:23:02.0885 4000  Wanarpv6 - ok

19:23:03.0181 4000  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe

19:23:03.0275 4000  wbengine - ok

19:23:03.0322 4000  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

19:23:03.0337 4000  WbioSrvc - ok

19:23:03.0431 4000  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll

19:23:03.0509 4000  wcncsvc - ok

19:23:03.0524 4000  [ 20F7441334B16CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

19:23:03.0556 4000  WcsPlugInService - ok

19:23:03.0571 4000  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys

19:23:03.0587 4000  Wd - ok

19:23:03.0680 4000  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

19:23:03.0758 4000  Wdf01000 - ok

19:23:03.077404000  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dl4

19:23:03.0914 4000  WdiServiceHost - ok

19:23:03.0930 4000  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll

19:23:03.0946 4000  WdiSystemHost - ok

19:23:03.0977 4000  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll

19:23:04.0024 4000  WebClient - ok

19:23:04.0039 4000  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll

19:23:04.0102 4000  Wecsvc - ok

19:23:04.0148 4000  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

19:23:04.0226 4000  wercplsupport - ok

19:23:04.0273 4000  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll

19:23:04.0320 4000  WerSvc - ok

19:23:04.0351 4000  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys

19:23:04.0382 4000  WfpLwf - ok

19:23:04.0414 4000  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

19:23:04.0445 4000  WIMMount - ok

19:23:04.0445 4000  WinHttpAutoProxySvc - ok

19:23:04.0585 4000  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

19:23:04.0632 4000  Winmgmt - ok

19:23:05.0225 4000  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll

19:23:05.0365 4000  WinRM - ok

19:23:05.0428 4000  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys

19:23:05.0459 4000  WinUsb - ok

19:23:05.0662 4000  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll

19:23:05.0724 4000  Wlansvc - ok

19:23:06.0457 4000  [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WL DSVC.EXE

19:23:06.0535 4000  wlidsvc - ok

19:23:06.0691 4000  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys

19:23:06.0754 4000  WmiAcpi - ok

19:23:06.0816 4000  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

19:23:06.0863 4000  wmiApSrv - ok

19:23:06.0894 4000  WMPNetworkSvc - ok

19:23:06.0925 4000  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll

19:23:06.0988 4000  WPCSvc - ok

19:23:07.0019 4000  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

19:23:07.0050 4000  WPDBusEnum - ok

19:23:07.0112 4000  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

19:23:07.0206 4000  ws2ifsl - ok

19:23:07.0268 4000  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll

19:23:07.0331 4000  wscsvc - ok

19:23:07.0346 4000  WSearch - ok

19:23:08.0095 4000  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll

19:23:08.0189 4000  wuauserv - ok

19:23:08.0236 4000  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

19:23:08.0282 4000  WudfPf - ok

19:23:08.0314 4000  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

19:23:08.0360 4000  WUDFRd - ok

19:23:08.0438 4000  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         CW\Windows\System32\WUDFSvc.dll

19:23:08.0516 4000  wudfsvc - ok

19:23:08.0548 4000  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll

19:23:08.0594 4000  WwanSvc - ok

19:23:08.0626 4000  ================ Scan global ===============================

19:23:08.0641 4000  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

19:23:08.0688 4000  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

19:23:08.0704 4000  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

19:23:08.0750 4000  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

19:23:08.0813 4000  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

19:23:08.0828 4000  [Global] - ok

19:23:08.0828 4000  ==============l= Scan MBR ==================================

19:23:08.0844 4000  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

19:23:10.0295 4000  \Device\Harddisk0\DR0 - ok

19:23:10.0295 4000  ================ Scan VBR ==================================

19:23:10.0342 4000  [ 9B7C7A532C8B06D9E5B71EE9106AD09D ] \Device\Harddisk0\DR0\Partition1

19:23:10.0342 4000  \Device\Harddisk0\DR0\Partition1 - ok

19:23:10.0357 4000  [ 01C92D4CA35F60D8808DDF30DE55BCEA ] \Device\Harddisk0\DR0\Partition2

19:23:10.0357 4000  \Device\Harddisk0\DR0\Partition2 - ok

19:23:10.0357 4000  ============================================================

19:23:10.0357 4000  Scan finished

19:23:10.0357 4000  ============================================================

19:23:10.0373 3808  Detected object count: 5

19:23:10.0373 3808  Actual detected object count: 5

19:24:42.0382 3808  BlueSoleilCS ( UnsignedFile.Multi.Generic ) - spipped by user

19:24:42.0382 3808  BlueSoleilCS ( UnsignedFile.Multi.Generic ) - User select action: Skip 

19:24:42.0382 3808  BsHelpCS ( UnsignedFile.Multi.Generic ) - skipped by user

19:24:42.0382 3808  BsHelpCS ( UnsignedFile.Multi.Generic ) - User select action: Skip 

19:24:42.0382 3808  BsMobileCS ( UnsignedFile.Multi.Generic ) - skipped by user

19:24:42.0382 3808  BsMobileCS ( UnsignedFile.Multi.Generic ) - User select action: Skip 

19:24:42.0382 3808  LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user

19:24:42.0382 3808  LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 

19:24:42.0397 3808  VMAuthdService ( UnsignedFile.Multi.Generic ) - skipped by user

19:24:42.0397 3808  VMAuthdService ( UnsignedFile.Multi.Generic ) - User select action: Skip