Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys!

Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys!


Log-Analyse und Auswertung: Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys!

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Seite 1 von 2 1 2
Alt 13.06.2013, 10:38   #1
rupertbayern
 
Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys! - Standard

Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys!


Hallo
HIer sind die Logs:
1: Malwarebytes
Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.06.13.03

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16599
Rupert :: RUPERTS-PC [Administrator]

13.06.2013 09:14:19
MBAM-log-2013-06-13 (09-23-19).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 230075
Laufzeit: 5 Minute(n), 31 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 6
HKCR\CLSID\{4a0c8953-9d4e-4790-b732-2b9fc9ebce05} (PUP.PinPhotoZoom) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{3A520357-BA99-4C9B-BEDF-12E3E46DDF14} (PUP.PinPhotoZoom) -> Keine Aktion durchgeführt.
HKCR\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E} (PUP.PinPhotoZoom) -> Keine Aktion durchgeführt.
HKCR\SuggestMeYes.SuggestMeYesBHO.1 (PUP.PinPhotoZoom) -> Keine Aktion durchgeführt.
HKCR\SuggestMeYes.SuggestMeYesBHO (PUP.PinPhotoZoom) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A0C8953-9D4E-4790-B732-2B9FC9EBCE05} (PUP.PinPhotoZoom) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\Rupert\AppData\Roaming\PinPhotoZoom\AutocompletePro.dll (PUP.PinPhotoZoom) -> Keine Aktion durchgeführt.

(Ende)
Defrogger:
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 09:24 on 13/06/2013 (Rupert)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

OTL:
Code:
ATTFilter
OTL logfile created on: 13.06.2013 09:25:47 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Rupert\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16599)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,88 Gb Total Physical Memory | 6,37 Gb Available Physical Memory | 80,79% Memory free
12,38 Gb Paging File | 10,29 Gb Available in Paging File | 83,11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 684,35 Gb Total Space | 562,70 Gb Free Space | 82,23% Space Free | Partition Type: NTFS
Drive W: | 500,00 Mb Total Space | 229,51 Mb Free Space | 45,90% Space Free | Partition Type: NTFS
Drive X: | 13,15 Gb Total Space | 0,27 Gb Free Space | 2,08% Space Free | Partition Type: NTFS
 
Computer Name: RUPERTS-PC | User Name: Rupert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.06.13 09:24:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Rupert\Desktop\OTL.exe
PRC - [2013.06.07 00:06:24 | 001,641,896 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2013.06.07 00:06:24 | 000,543,656 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2013.05.16 16:44:05 | 001,012,000 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013.05.16 16:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013.05.12 15:43:32 | 000,413,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.09.13 05:18:36 | 004,037,480 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE
PRC - [2012.09.13 05:18:34 | 001,914,728 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
PRC - [2012.08.06 18:58:50 | 000,491,880 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
PRC - [2012.07.29 08:22:32 | 000,193,576 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\irstrtsv.exe
PRC - [2012.07.29 08:22:30 | 000,708,648 | ---- | M] (Intel) -- C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
PRC - [2012.07.20 20:04:50 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012.07.20 20:04:48 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012.07.20 20:04:24 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2012.07.09 21:47:18 | 000,277,504 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2012.07.09 21:47:14 | 000,007,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012.06.02 04:47:48 | 000,143,888 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.06.12 02:24:24 | 005,453,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ae31f7dc9817e359d05c9c8efdd5f359\System.Xml.ni.dll
MOD - [2013.06.12 02:24:21 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\5cb0754debdf19b9f0d63d4d8721f532\System.Windows.Forms.ni.dll
MOD - [2013.06.12 02:24:16 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\7e6b074d3f3e3cc8e0270a3552c47aaa\System.Drawing.ni.dll
MOD - [2013.06.12 02:23:53 | 007,988,736 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\28c2c6e7f48ff80c680a97b08df66a72\System.ni.dll
MOD - [2013.06.12 02:23:49 | 011,494,912 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\8d2929ad589e1092eb62a43424361465\mscorlib.ni.dll
MOD - [2013.06.12 02:23:43 | 007,562,240 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bacedff71df875743daa9064b85c4e66\System.Xml.ni.dll
MOD - [2013.06.12 02:23:43 | 000,397,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\e6e1fccaff9f43da29662c62c24f1958\System.Xml.Linq.ni.dll
MOD - [2013.06.12 02:23:39 | 001,880,576 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\6a8a61ca5208e404ca21a0c42a59a3c8\System.Xaml.ni.dll
MOD - [2013.06.12 02:23:38 | 012,698,624 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\1bc35bb3e6a392c0fef52bc289e6d3d9\System.Windows.Forms.ni.dll
MOD - [2013.06.12 02:23:29 | 019,537,408 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\ea94ce8e71afd55226ced104e6e832ce\System.ServiceModel.ni.dll
MOD - [2013.06.12 02:23:17 | 002,786,816 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\065a34657d599a218b43196a1be4c8d2\System.Runtime.Serialization.ni.dll
MOD - [2013.06.12 02:23:14 | 001,156,608 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\70294bf69946a13248a65593cf2a5f36\System.Management.ni.dll
MOD - [2013.06.12 02:23:13 | 001,631,744 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\9eff07ed10b6ae9f9b1159a7d3612fcb\System.Drawing.ni.dll
MOD - [2013.06.12 02:23:07 | 000,958,464 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\15cfd8d46cc19704f61dac68b2378760\System.Configuration.ni.dll
MOD - [2013.06.12 02:23:07 | 000,467,456 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\33207b30e64b258e2606362493d65c2b\PresentationFramework.Aero2.ni.dll
MOD - [2013.06.12 02:23:06 | 018,544,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\06ad035ae847f3bf5aa37702ee54f073\PresentationFramework.ni.dll
MOD - [2013.06.12 02:22:57 | 010,926,080 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e53bef236e7a584766cbde94066936fa\PresentationCore.ni.dll
MOD - [2013.06.12 02:22:52 | 003,910,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\2a3d9ad8e84239b4f46bd37556a23d6b\WindowsBase.ni.dll
MOD - [2013.06.12 02:22:49 | 006,998,528 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\b3d842ef956729e3ca0a3bc5e37ea6d8\System.Core.ni.dll
MOD - [2013.06.12 02:22:45 | 009,937,408 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System\eaa570735a52e0010d3e9caa9ba50124\System.ni.dll
MOD - [2013.06.12 02:22:39 | 016,547,840 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\93689d115589e64dd4912f7113a11656\mscorlib.ni.dll
MOD - [2013.06.07 00:06:24 | 001,114,536 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.DLL
MOD - [2013.05.07 03:05:20 | 000,654,848 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2013.03.27 02:16:40 | 020,341,672 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012.12.11 19:51:10 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012.12.11 19:51:10 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012.12.11 19:51:10 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012.09.14 00:04:06 | 000,315,392 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2012.09.13 05:18:38 | 002,003,304 | ---- | M] () -- C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
MOD - [2012.08.06 18:59:24 | 000,117,608 | ---- | M] () -- C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
MOD - [2012.08.06 18:59:16 | 001,153,384 | ---- | M] () -- C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
MOD - [2012.08.01 10:02:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
MOD - [2012.07.26 15:53:52 | 000,667,648 | R--- | M] () -- C:\windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
MOD - [2012.07.26 15:53:52 | 000,069,120 | R--- | M] () -- C:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013.05.04 08:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013.05.04 08:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013.04.09 06:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013.03.02 04:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013.03.02 04:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013.02.19 13:56:14 | 000,182,752 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2013.02.19 13:53:32 | 000,218,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2013.02.19 13:51:54 | 000,241,456 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2013.01.10 01:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013.01.10 01:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013.01.03 09:52:37 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013.01.03 09:52:21 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013.01.03 09:52:19 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012.08.31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2012.08.31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2012.08.31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:64bit: - [2012.08.31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2012.08.31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2012.08.31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2012.08.31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2012.07.26 05:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012.07.26 05:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012.07.26 05:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012.07.26 05:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012.07.26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012.07.26 05:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012.07.26 05:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012.07.26 05:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012.07.26 05:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012.07.26 05:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2012.07.26 05:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012.07.26 05:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV - [2013.06.13 01:38:18 | 000,296,448 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe -- (SystemStoreService)
SRV - [2013.06.07 00:06:24 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.05.16 16:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.05.12 15:43:32 | 000,413,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013.02.25 23:05:10 | 000,384,048 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\mcafee\virusscan\mcods.exe -- (McODS)
SRV - [2013.01.03 09:52:19 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012.12.14 02:42:10 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.11.09 00:00:26 | 000,490,496 | ---- | M] () [Auto | Running] -- C:\Programme\Qualcomm Atheros\Killer Network Manager\BFNService.exe -- (Qualcomm Atheros Killer Service)
SRV - [2012.09.13 05:18:34 | 001,914,728 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe -- (SftService)
SRV - [2012.09.07 19:49:52 | 000,200,808 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Programme\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)
SRV - [2012.09.07 19:49:44 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2012.08.11 02:28:14 | 000,211,584 | ---- | M] (Qualcomm Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2012.07.29 08:22:32 | 000,193,576 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysWOW64\irstrtsv.exe -- (irstrtsv)
SRV - [2012.07.26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012.07.20 20:04:50 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.07.20 20:04:48 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.07.20 20:04:24 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012.07.09 21:47:14 | 000,007,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012.05.30 01:09:22 | 002,445,968 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2012.04.20 22:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- c:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2012.01.26 22:19:18 | 000,332,080 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Programme\mcafee\msc\McAWFwk.exe -- (McAWFwk)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.05.12 23:42:27 | 000,284,448 | ---- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\nvkflt.sys -- (nvkflt)
DRV:64bit: - [2013.05.12 23:42:27 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013.05.04 09:34:17 | 000,446,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013.05.04 09:34:17 | 000,213,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013.05.04 09:34:15 | 000,284,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013.03.02 12:57:48 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013.03.02 12:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013.03.02 12:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013.03.02 12:45:19 | 000,194,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013.03.02 12:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013.02.19 13:59:06 | 000,070,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2013.02.19 13:56:26 | 000,340,216 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2013.02.19 13:55:14 | 000,106,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2013.02.19 13:54:32 | 000,771,536 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2013.02.19 13:53:42 | 000,515,968 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2013.02.19 13:53:02 | 000,309,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2013.02.19 13:52:44 | 000,179,280 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2013.02.19 13:40:52 | 000,069,168 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mfeelamk.sys -- (mfeelamk)
DRV:64bit: - [2013.02.02 09:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013.01.29 03:57:05 | 000,035,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013.01.29 01:08:22 | 000,230,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013.01.11 19:02:34 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2013.01.10 03:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013.01.03 09:52:22 | 000,055,528 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2013.01.03 09:52:19 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013.01.03 09:52:19 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013.01.03 09:52:19 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013.01.03 09:52:19 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012.12.14 02:42:22 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.12.13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.11.27 05:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012.11.20 06:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012.11.09 00:01:26 | 000,074,096 | ---- | M] (Qualcomm Atheros, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\bwcW8x64.sys -- (BfLwf)
DRV:64bit: - [2012.11.09 00:01:18 | 003,203,440 | ---- | M] (Qualcomm Atheros, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\akw8x64.sys -- (akw8x64)
DRV:64bit: - [2012.10.27 00:12:10 | 000,651,832 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.08.15 04:39:30 | 000,447,800 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012.08.15 04:39:28 | 000,043,832 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2012.08.15 04:39:28 | 000,041,272 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Smb_driver_AMDASF.sys -- (SmbDrv)
DRV:64bit: - [2012.08.11 02:09:46 | 000,567,808 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2012.08.11 02:09:44 | 000,135,832 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2012.08.11 02:09:42 | 000,178,840 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2012.08.11 02:09:42 | 000,088,728 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2012.08.11 02:09:42 | 000,076,952 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2012.08.11 02:09:40 | 000,344,216 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2012.08.11 02:09:40 | 000,114,840 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2012.08.11 02:09:40 | 000,033,944 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2012.08.05 08:22:10 | 000,010,752 | ---- | M] (OSR Open Systems Resources, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\DellRbtn.sys -- (DellRbtn)
DRV:64bit: - [2012.07.30 19:56:14 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012.07.29 08:22:28 | 000,043,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\irstrtdv.sys -- (irstrtdv)
DRV:64bit: - [2012.07.26 07:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.07.26 07:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012.07.26 07:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012.07.26 07:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012.07.26 07:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012.07.26 07:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012.07.26 07:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012.07.26 07:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012.07.26 07:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012.07.26 07:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012.07.26 07:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012.07.26 07:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012.07.26 07:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012.07.26 07:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012.07.26 07:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012.07.26 07:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012.07.26 07:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012.07.26 06:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012.07.26 06:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012.07.26 06:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012.07.26 05:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012.07.26 05:17:38 | 000,027,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.07.26 04:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012.07.26 04:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012.07.26 04:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012.07.26 04:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012.07.26 04:27:58 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012.07.26 04:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012.07.26 04:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012.07.26 04:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012.07.26 04:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012.07.26 04:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012.07.26 04:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012.07.26 04:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012.07.26 04:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012.07.26 04:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012.07.26 04:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.07.26 04:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012.07.26 04:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012.07.26 04:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.07.26 04:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012.07.26 04:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2012.07.26 04:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012.07.26 04:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012.07.26 04:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012.07.14 02:31:00 | 000,071,832 | ---- | M] (STMicroelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\ST_Accel.sys -- (ST_Accel)
DRV:64bit: - [2012.07.13 17:31:18 | 000,022,168 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\stdcfltn.sys -- (stdcfltn)
DRV:64bit: - [2012.06.25 18:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2012.06.14 04:23:58 | 000,339,600 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2012.06.13 07:41:22 | 000,683,664 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012.04.20 16:40:58 | 000,196,440 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HipShieldK.sys -- (HipShieldK)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0F4C820A-0BFA-4E0E-ACC0-118CA47B12F4}
IE:64bit: - HKLM\..\SearchScopes\{0F4C820A-0BFA-4E0E-ACC0-118CA47B12F4}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0F4C820A-0BFA-4E0E-ACC0-118CA47B12F4}
IE - HKLM\..\SearchScopes\{0F4C820A-0BFA-4E0E-ACC0-118CA47B12F4}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com
IE - HKCU\..\SearchScopes,DefaultScope = {0F4C820A-0BFA-4E0E-ACC0-118CA47B12F4}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2013.06.11 21:40:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2013.06.11 21:40:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\singalong@xenophesoft.com: C:\Program Files (x86)\SingAlong\FF\ [2013.06.13 01:42:59 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://start.icq.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - Extension: Sing Along = C:\Users\Rupert\AppData\Local\Google\Chrome\User Data\Default\Extensions\abepbblpkilpjohncjbccmdjhdhbnhdj\1.114_0\
CHR - Extension: FoxyDeal = C:\Users\Rupert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiennapmieppnpfhhogglccgepbdajan\6.2.0_0\
CHR - Extension: Google Docs = C:\Users\Rupert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Rupert\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Rupert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\Rupert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: LoL Stream Browser = C:\Users\Rupert\AppData\Local\Google\Chrome\User Data\Default\Extensions\edidfaijmhpefkbnobdcepampbncgejp\1.2.0.5_0\
CHR - Extension: AdBlock = C:\Users\Rupert\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.64_0\
CHR - Extension: Reddit Enhancement Suite = C:\Users\Rupert\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.2.0.1_1\
CHR - Extension: PinPhotoZoom plugin for chrome = C:\Users\Rupert\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbdamgnimlipjnpgiakiojcbbmcmiibn\1.1_0\
CHR - Extension: Google Mail = C:\Users\Rupert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (PinPhotoZoom) - {4a0c8953-9d4e-4790-b732-2b9fc9ebce05} - C:\Users\Rupert\AppData\Roaming\PinPhotoZoom\64\AutocompletePro64.dll (SimplyGen)
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\mcafee\systemcore\ScriptSn.20130611213336.dll (McAfee, Inc.)
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2 - BHO: (PinPhotoZoom) - {4a0c8953-9d4e-4790-b732-2b9fc9ebce05} - C:\Users\Rupert\AppData\Roaming\PinPhotoZoom\AutocompletePro.dll (SimplyGen)
O2 - BHO: (Sing Along) - {6492E171-2427-4932-B414-33574A089F5E} - C:\Program Files (x86)\SingAlong\singalng.dll (Xenophesoft)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20130611213336.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [BtTray] C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Qualcomm Atheros)
O4:64bit: - HKLM..\Run: [BtvStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] c:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKCU..\Run: [DellSystemDetect] C:\Users\Rupert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms ()
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000018 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2DAE5E64-E34C-42AF-A642-64E59328D541}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL) -  File not found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll) -  File not found
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{c75a50be-d2b4-11e2-be6b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c75a50be-d2b4-11e2-be6b-806e6f6e6963}\Shell\AutoRun\command - "" = "D:\SETUP.EXE" 
O33 - MountPoints2\{c75a50be-d2b4-11e2-be6b-806e6f6e6963}\Shell\configure\command - "" = D:\SETUP.EXE
O33 - MountPoints2\{c75a50be-d2b4-11e2-be6b-806e6f6e6963}\Shell\install\command - "" = D:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
File not found -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neue Funktion 1
[2013.06.13 09:24:38 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Rupert\Desktop\OTL.exe
[2013.06.13 09:13:55 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Roaming\Malwarebytes
[2013.06.13 09:13:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.06.13 09:13:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.06.13 09:13:42 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2013.06.13 09:13:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.06.13 09:13:32 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\Programs
[2013.06.13 09:02:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013.06.13 01:49:27 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\Freetec
[2013.06.13 01:49:26 | 000,000,000 | ---D | C] -- C:\Users\Rupert\Documents\TubeBox
[2013.06.13 01:42:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SingAlong
[2013.06.13 01:42:52 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Roaming\PinPhotoZoom
[2013.06.13 01:42:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PinPhotoZoom
[2013.06.13 01:42:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FoxyDeal
[2013.06.13 01:38:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoftwareUpdater
[2013.06.13 01:38:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freetec
[2013.06.13 01:38:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Freetec
[2013.06.13 01:37:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013.06.13 01:36:58 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\DownloadGuide
[2013.06.12 23:31:59 | 000,000,000 | R--D | C] -- C:\Users\Rupert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2013.06.12 17:37:54 | 000,000,000 | ---D | C] -- C:\Users\Rupert\Documents\My Games
[2013.06.12 02:08:07 | 000,000,000 | R--D | C] -- C:\windows\BrowserChoice
[2013.06.12 01:59:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2013.06.12 01:59:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2013.06.12 01:14:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.06.12 01:14:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013.06.12 00:53:08 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\Windows Live
[2013.06.12 00:44:13 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Roaming\iFunbox_UserCache
[2013.06.12 00:44:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam
[2013.06.12 00:44:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\i-Funbox DevTeam
[2013.06.12 00:31:16 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
[2013.06.12 00:28:19 | 000,000,000 | ---D | C] -- C:\ProgramData\PC-Doctor for Windows
[2013.06.12 00:28:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
[2013.06.12 00:27:41 | 000,000,000 | ---D | C] -- C:\Program Files\My Dell
[2013.06.12 00:23:30 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Roaming\PCDr
[2013.06.12 00:17:42 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\NVIDIA
[2013.06.11 23:55:33 | 000,000,000 | ---D | C] -- C:\Users\Rupert\Documents\Rockstar Games
[2013.06.11 23:52:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013.06.11 23:51:58 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\NV
[2013.06.11 23:51:58 | 000,000,000 | ---D | C] -- C:\windows\SysNative\NV
[2013.06.11 23:51:14 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2013.06.11 23:47:46 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2013.06.11 23:18:05 | 000,000,000 | ---D | C] -- C:\Users\Rupert\Documents\Games for Windows - LIVE Demos
[2013.06.11 23:17:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2013.06.11 23:03:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
[2013.06.11 22:28:14 | 000,000,000 | ---D | C] -- C:\Users\Rupert\Documents\Square Enix
[2013.06.11 22:27:20 | 000,000,000 | ---D | C] -- C:\Users\Rupert\Documents\Remedy
[2013.06.11 21:37:10 | 000,196,440 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\HipShieldK.sys
[2013.06.11 21:33:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2013.06.11 21:33:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2013.06.11 21:33:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2013.06.11 20:43:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013.06.11 20:42:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2013.06.11 20:42:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013.06.11 20:39:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013.06.11 20:39:00 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\Microsoft Help
[2013.06.11 20:38:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013.06.11 20:38:36 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013.06.11 18:50:53 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\Apple Computer
[2013.06.11 18:50:52 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Roaming\Apple Computer
[2013.06.11 18:50:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.06.11 18:50:28 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.06.11 18:50:27 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.06.11 18:50:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013.06.11 18:50:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013.06.11 18:50:27 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013.06.11 18:45:15 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\Apple
[2013.06.11 18:45:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013.06.11 18:44:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013.06.11 18:44:48 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013.06.11 18:44:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2013.06.11 18:44:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013.06.11 18:44:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2013.06.11 18:42:34 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\softthinks
[2013.06.11 18:35:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013.06.11 18:21:34 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\Rockstar Games
[2013.06.11 18:21:18 | 000,000,000 | RH-D | C] -- C:\Users\Rupert\AppData\Roaming\SecuROM
[2013.06.11 18:21:17 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\windows\SysWow64\CmdLineExt_x64.dll
[2013.06.11 18:21:03 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\xlive
[2013.06.11 18:21:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2013.06.11 16:24:08 | 000,000,000 | ---D | C] -- C:\Users\Rupert\Documents\Hitman Blood Money
[2013.06.11 10:37:27 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Roaming\LolClient
[2013.06.11 08:10:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013.06.11 08:10:52 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2013.06.11 08:04:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2013.06.11 08:04:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2013.06.11 08:04:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2013.06.11 07:37:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\League of Legends
[2013.06.11 07:36:52 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Roaming\NVIDIA
[2013.06.11 07:36:48 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\PMB Files
[2013.06.11 07:36:48 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2013.06.11 07:36:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2013.06.11 07:36:10 | 000,000,000 | ---D | C] -- C:\Users\Rupert\.swt
[2013.06.11 07:35:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.06.11 07:33:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013.06.11 07:33:04 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\Google
[2013.06.11 07:32:34 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\Deployment
[2013.06.11 07:32:34 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\Apps
[2013.06.11 07:32:23 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\CrashDumps
[2013.06.11 07:27:40 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Roaming\Intel Corporation
[2013.06.11 07:26:45 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\BMExplorer
[2013.06.11 07:26:45 | 000,000,000 | ---D | C] -- C:\Users\Rupert\Documents\Bluetooth Folder
[2013.06.11 07:26:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2013.06.11 07:26:39 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\Power2Go8
[2013.06.11 07:26:38 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Roaming\Atheros
[2013.06.11 07:25:59 | 000,000,000 | R--D | C] -- C:\Users\Rupert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013.06.11 07:25:59 | 000,000,000 | R--D | C] -- C:\Users\Rupert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013.06.11 07:25:58 | 000,000,000 | R--D | C] -- C:\Users\Rupert\Searches
[2013.06.11 07:25:58 | 000,000,000 | R--D | C] -- C:\Users\Rupert\Contacts
[2013.06.11 07:25:21 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Roaming\Macromedia
[2013.06.11 07:25:20 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Roaming\Adobe
[2013.06.11 07:24:44 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\VirtualStore
[2013.06.11 07:24:30 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\Packages
[2013.06.11 07:24:22 | 000,000,000 | ---D | C] -- C:\windows\SoftwareDistribution
[2013.06.11 07:24:16 | 000,000,000 | --SD | C] -- C:\Users\Rupert\AppData\Roaming\Microsoft
[2013.06.11 07:24:16 | 000,000,000 | R--D | C] -- C:\Users\Rupert\Videos
[2013.06.11 07:24:16 | 000,000,000 | R--D | C] -- C:\Users\Rupert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2013.06.11 07:24:16 | 000,000,000 | R--D | C] -- C:\Users\Rupert\Saved Games
[2013.06.11 07:24:16 | 000,000,000 | R--D | C] -- C:\Users\Rupert\Pictures
[2013.06.11 07:24:16 | 000,000,000 | R--D | C] -- C:\Users\Rupert\Music
[2013.06.11 07:24:16 | 000,000,000 | R--D | C] -- C:\Users\Rupert\Links
[2013.06.11 07:24:16 | 000,000,000 | R--D | C] -- C:\Users\Rupert\Favorites
[2013.06.11 07:24:16 | 000,000,000 | R--D | C] -- C:\Users\Rupert\Downloads
[2013.06.11 07:24:16 | 000,000,000 | R--D | C] -- C:\Users\Rupert\Documents
[2013.06.11 07:24:16 | 000,000,000 | R--D | C] -- C:\Users\Rupert\Desktop
[2013.06.11 07:24:16 | 000,000,000 | R--D | C] -- C:\Users\Rupert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013.06.11 07:24:16 | 000,000,000 | R--D | C] -- C:\Users\Rupert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2013.06.11 07:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Rupert\Vorlagen
[2013.06.11 07:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Rupert\AppData\Local\Verlauf
[2013.06.11 07:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Rupert\AppData\Local\Temporary Internet Files
[2013.06.11 07:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Rupert\Startmenü
[2013.06.11 07:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Rupert\SendTo
[2013.06.11 07:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Rupert\Recent
[2013.06.11 07:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Rupert\Netzwerkumgebung
[2013.06.11 07:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Rupert\Lokale Einstellungen
[2013.06.11 07:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Rupert\Documents\Eigene Videos
[2013.06.11 07:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Rupert\Documents\Eigene Musik
[2013.06.11 07:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Rupert\Eigene Dateien
[2013.06.11 07:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Rupert\Documents\Eigene Bilder
[2013.06.11 07:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Rupert\Druckumgebung
[2013.06.11 07:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Rupert\Cookies
[2013.06.11 07:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Rupert\AppData\Local\Anwendungsdaten
[2013.06.11 07:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Rupert\Anwendungsdaten
[2013.06.11 07:24:16 | 000,000,000 | -H-D | C] -- C:\Users\Rupert\AppData
[2013.06.11 07:24:16 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\Temp
[2013.06.11 07:24:16 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\Microsoft
[2013.06.11 07:24:16 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013.06.11 06:55:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2013.06.11 06:55:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2013.06.11 06:55:20 | 000,000,000 | -HSD | C] -- C:\Programme
[2013.06.11 06:55:20 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2013.06.11 06:55:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2013.06.11 06:55:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2013.06.11 06:55:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2013.06.11 06:55:20 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2013.06.11 06:55:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2013.06.11 06:55:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.13 09:24:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Rupert\Desktop\OTL.exe
[2013.06.13 09:23:59 | 000,000,000 | ---- | M] () -- C:\Users\Rupert\defogger_reenable
[2013.06.13 09:22:46 | 000,050,477 | ---- | M] () -- C:\Users\Rupert\Desktop\Defogger.exe
[2013.06.13 09:13:48 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.06.13 09:12:03 | 001,748,838 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013.06.13 09:12:03 | 000,754,172 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2013.06.13 09:12:03 | 000,711,282 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013.06.13 09:12:03 | 000,156,362 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2013.06.13 09:12:03 | 000,133,150 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013.06.13 08:58:13 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.06.13 08:58:04 | 000,001,128 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.13 08:57:58 | 000,000,416 | ---- | M] () -- C:\windows\tasks\Sing Along Update.job
[2013.06.13 08:56:10 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.06.13 08:56:09 | 2474,426,367 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.13 01:38:06 | 000,002,521 | ---- | M] () -- C:\Users\Public\Desktop\Freetec TubeBox.lnk
[2013.06.13 01:38:01 | 000,001,132 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.12 23:30:00 | 000,331,464 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013.06.12 00:52:47 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2013.06.12 00:45:24 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2013.06.12 00:44:08 | 000,001,062 | ---- | M] () -- C:\Users\Public\Desktop\iFunbox.lnk
[2013.06.12 00:03:02 | 000,001,353 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2013.06.11 23:53:14 | 000,002,139 | ---- | M] () -- C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
[2013.06.11 21:33:10 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2013.06.11 18:50:51 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.06.11 18:21:17 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\windows\SysWow64\CmdLineExt_x64.dll
[2013.06.11 17:05:58 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2013.06.11 08:26:56 | 000,002,232 | ---- | M] () -- C:\Users\Public\Desktop\LoL.lnk
[2013.06.11 08:10:57 | 000,000,873 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.06.11 08:04:35 | 000,000,919 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2013.06.11 07:35:58 | 000,002,261 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
 
========== Files Created - No Company Name ==========
 
[2013.06.13 09:23:59 | 000,000,000 | ---- | C] () -- C:\Users\Rupert\defogger_reenable
[2013.06.13 09:22:45 | 000,050,477 | ---- | C] () -- C:\Users\Rupert\Desktop\Defogger.exe
[2013.06.13 09:13:48 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.06.13 01:43:00 | 000,000,416 | ---- | C] () -- C:\windows\tasks\Sing Along Update.job
[2013.06.13 01:38:06 | 000,002,521 | ---- | C] () -- C:\Users\Public\Desktop\Freetec TubeBox.lnk
[2013.06.12 23:29:51 | 000,331,464 | ---- | C] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013.06.12 01:10:18 | 000,386,646 | ---- | C] () -- C:\windows\SysNative\ApnDatabase.xml
[2013.06.12 00:52:47 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2013.06.12 00:45:24 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2013.06.12 00:44:08 | 000,001,062 | ---- | C] () -- C:\Users\Public\Desktop\iFunbox.lnk
[2013.06.12 00:03:02 | 000,001,353 | ---- | C] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2013.06.11 23:53:14 | 000,002,139 | ---- | C] () -- C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
[2013.06.11 21:33:10 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2013.06.11 18:50:51 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.06.11 18:45:14 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013.06.11 17:05:58 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2013.06.11 08:26:56 | 000,002,232 | ---- | C] () -- C:\Users\Public\Desktop\LoL.lnk
[2013.06.11 08:10:57 | 000,000,873 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.06.11 08:04:35 | 000,000,919 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2013.06.11 07:35:58 | 000,002,261 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.06.11 07:33:11 | 000,001,132 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.11 07:33:10 | 000,001,128 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.11 07:25:50 | 000,001,444 | ---- | C] () -- C:\Users\Rupert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013.01.03 09:52:21 | 000,083,968 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll
[2013.01.03 09:43:05 | 000,754,652 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng700.bin
[2013.01.03 09:43:05 | 000,064,512 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2013.01.03 08:27:44 | 001,774,862 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012.12.14 02:42:24 | 000,598,384 | ---- | C] () -- C:\windows\SysWow64\igvpkrng700.bin
[2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
[2012.04.20 21:59:44 | 000,001,536 | ---- | C] () -- C:\windows\SysWow64\IusEventLog.dll
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\windows\SysWow64\xlive.dll.cat
 
========== ZeroAccess Check ==========
 
[2013.06.11 18:19:54 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.03.06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.03.06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.06.12 00:45:03 | 000,000,000 | ---D | M] -- C:\Users\Rupert\AppData\Roaming\iFunbox_UserCache
[2013.06.11 10:37:27 | 000,000,000 | ---D | M] -- C:\Users\Rupert\AppData\Roaming\LolClient
[2013.06.12 00:25:43 | 000,000,000 | ---D | M] -- C:\Users\Rupert\AppData\Roaming\PCDr
[2013.06.13 01:42:52 | 000,000,000 | ---D | M] -- C:\Users\Rupert\AppData\Roaming\PinPhotoZoom
 
========== Purity Check ==========
 
 

< End of report >
Extras:
Code:
ATTFilter
OTL Extras logfile created on: 13.06.2013 09:25:47 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Rupert\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16599)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,88 Gb Total Physical Memory | 6,37 Gb Available Physical Memory | 80,79% Memory free
12,38 Gb Paging File | 10,29 Gb Available in Paging File | 83,11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 684,35 Gb Total Space | 562,70 Gb Free Space | 82,23% Space Free | Partition Type: NTFS
Drive W: | 500,00 Mb Total Space | 229,51 Mb Free Space | 45,90% Space Free | Partition Type: NTFS
Drive X: | 13,15 Gb Total Space | 0,27 Gb Free Space | 2,08% Space Free | Partition Type: NTFS
 
Computer Name: RUPERTS-PC | User Name: Rupert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1ABCF518-69E6-48FA-8256-339CC04246EF}" = lport=445 | protocol=6 | dir=in | app=system | 
"{1C509383-9F0E-4F90-94F1-E546D2BE0B48}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{1C6C4DF0-AF39-481A-ABB2-CF959336C0D0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{2191AACC-1E94-43B1-A846-1E9D335C58FD}" = lport=139 | protocol=6 | dir=in | app=system | 
"{3823E074-A34F-4746-92B5-9455FB3BF721}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{3D5BAC7C-9BA0-4152-B7F8-2E66ED8E0A81}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{65BEBE5C-0834-4FE8-A3CA-28E63F8F0BC0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{701DCBD0-5D90-4855-92EB-7EAAD1A0E429}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{78238F85-342D-43E8-9293-1E95DCEB3339}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{817AC6A7-F720-434C-8CA8-031D87B46C93}" = rport=138 | protocol=17 | dir=out | app=system | 
"{A23D3C81-B298-4769-9B5F-63BF32272290}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{AB13D84A-6EDD-4F52-A96B-4D4A7A97C9EB}" = lport=137 | protocol=17 | dir=in | app=system | 
"{C05221FB-FCC8-4861-BEFF-BC913A72308F}" = rport=445 | protocol=6 | dir=out | app=system | 
"{C59B941B-CC84-4956-B97D-F07D51B5538F}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{C760A690-48EA-4B50-A89E-5484887761E6}" = lport=138 | protocol=17 | dir=in | app=system | 
"{CEE4DC61-8F82-4617-9507-32EDB695C93E}" = rport=137 | protocol=17 | dir=out | app=system | 
"{D84EED6E-D34F-4F37-87F6-D956A4F83BDB}" = rport=139 | protocol=6 | dir=out | app=system | 
"{DF43AD26-A1A3-477A-A0AB-BCB1DDE8124F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{E59CD6C0-DE9B-4110-B826-FF3FDFC2501E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{EAAA2374-9223-463B-98FE-9E0B4454E6D7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{F225A3BE-1290-4064-9AFE-0929EA76EE51}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{F9FB850D-E67A-4154-A82C-C00CB2AED4D8}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{FBE63515-3D3E-40D4-B58C-70AE8F310995}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00485B92-9251-495F-B0FB-E75A889C6C23}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{013DF654-DDBF-4469-9413-BD3A677824FF}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{01D87BC9-A065-4317-B15F-8740D06E68E6}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{04BE5001-95AF-440B-83A3-BBC0AC6687F4}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{056EBC8F-1DE7-40EE-8126-AC602A3DCF08}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{0D2E126D-37B3-4DB3-B5E8-C98F258924F7}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{12E11540-19C9-4422-AB30-87C94D2AE458}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{19479B00-9953-4B01-8F7D-7EF169A13AAD}" = dir=out | name=@{microsoft.bingtravel_2.0.0.274_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | 
"{1B61F366-4C2D-4B53-B188-992319F936DF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2\justcause2.exe | 
"{239BBE51-8C05-436D-809A-F191CE2EDEA7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\thomaswasalone\thomaswasalone.exe | 
"{25AEC587-221A-4542-81A7-BC31E8B7C6C4}" = dir=out | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{25E20188-16CF-4368-839A-FF2DC2220E1E}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{285AE3E7-DB1B-4737-9983-5D0914EEDACA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{2F32A298-CCC2-453D-9091-F89B462A4182}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tomb raider\tombraider.exe | 
"{31EB6EC3-239A-4517-9556-984B23EDD667}" = dir=out | name=skype | 
"{334728B9-F6BB-4E21-A558-37AF990A000D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{34EA762B-8652-41A9-AA0F-151369FA38E2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hitman blood money\hitmanbloodmoney.exe | 
"{39E8E757-56BF-4816-BDE3-F22B09C4B464}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{3CBB1D04-6628-44E4-B010-2CDA15187624}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alan wake\alanwake.exe | 
"{408BA4BA-7CE7-436E-8186-0E93CC6B9590}" = dir=out | name=@{microsoft.bing_1.5.1.259_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{40E0BB51-3B71-408C-8F17-C7938D4A51E5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{4216991D-DB7C-4ED7-A5C3-8B9F0CD4B201}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | 
"{4540E257-47CB-4C70-A8C5-17C5754FDFB0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{4861B09A-3F22-4161-AE68-B7285CEFF71B}" = dir=out | name=@{microsoft.bingmaps_1.6.1528.2509_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{492A3204-19BB-4C1D-BC58-3592B257A20A}" = dir=out | name=@{microsoft.zunemusic_1.3.59.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | 
"{4F00778B-69CE-462D-8F83-5D37CCAD5F59}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{57EE7C96-5400-45FC-B1CC-A383871E7A6C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hitman blood money\hitmanbloodmoney.exe | 
"{5B28A711-C88F-4411-B21C-B411EB1C0FD1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alan wake\alanwake.exe | 
"{5D7FC930-43FB-472F-AEE8-AE20B7B29F57}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"{656657AF-054D-4FA5-96DC-EF341651CB8E}" = dir=out | name=@{microsoft.bingweather_2.0.0.288_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{6AD423FE-E852-4B9F-BF5D-DEDEBAF6B09B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{6BC280AB-CEB8-4D7F-B098-F74F1528D7A5}" = dir=out | name=kindle | 
"{6C04BBC1-B2E8-447D-BE1C-CC233445D723}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{7154F503-F9D7-45F2-8D11-5B5A748417D8}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | 
"{7528FF0E-ABDE-4AC2-B53C-A7A2B28088A6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{77BF426C-7DC0-47B0-9607-6B18C8C6944C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{7899426B-DA86-4804-A74D-A7C425EDBA6C}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe | 
"{78EE06B1-BCB7-4129-91BE-B6D5B036207B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hitman blood money\configure.exe | 
"{7B942A48-9D40-433D-9F0F-4639A29BAFEE}" = dir=in | name=skype | 
"{7DD08253-50BA-49BC-8D78-DDFA480DF36C}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{7EB5EAEB-DE0B-4D77-88A5-1FC0EB964FE2}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{7F64B503-9598-430B-AC3F-37220CE5A0C9}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector10\pdr10.exe | 
"{8009704F-8000-41F7-B312-B6E27799BEDA}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe | 
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{88B2EBB0-3387-47A3-B113-55A86B531C4D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{8A0E2BC5-31CB-4059-8034-ED05EC0D0A12}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{8E300B4B-699B-4059-89F0-C9A9482302B3}" = dir=out | name=@{microsoft.bingfinance_2.0.0.275_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | 
"{8E5CE73D-E897-49B5-9040-5604EC3EA62E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{926AC473-D877-4EE1-83C9-862C0FD3FE11}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{95BD00F9-E909-460F-9253-0450C6E13E5E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{95E9E8E4-E138-444C-A96E-059212CBE712}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{9A213F88-EE56-4657-BD79-AAD9C2F4C633}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"{9E304898-1B31-4544-B0B3-D3510EB8176F}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{9E57C59E-9304-413D-A799-87BA09C5A43F}" = dir=out | name=@{microsoft.bingsports_2.0.0.273_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | 
"{9E670556-F485-4B54-913B-F7CC1D297B86}" = dir=in | name=mcafee security advisor for dell | 
"{9F178F9C-3D34-4B50-A34C-410B463257D2}" = dir=in | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{A3183285-7FFC-419B-B049-1D1F18868607}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\thomaswasalone\thomaswasalone.exe | 
"{A69E34D3-A5C9-4DD9-9546-1BA4AC411B42}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{AB6F0030-E40B-4292-8808-3904486ACC06}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | 
"{ACC5A1A1-5FA0-477E-925D-AB1570BED30F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe | 
"{B056F9E3-9187-4835-8D86-F995AC60E1AC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{B5B99E2A-045A-49D2-A99A-3FDD660E4720}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe | 
"{B72C722B-83FD-4DA1-BC91-B1A1DA666FB3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{B7E09FD2-1E1B-45D4-B924-314D7B721502}" = dir=out | name=@{microsoft.zunevideo_1.3.59.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | 
"{B7F38064-7C83-4DF6-ACB6-6DBDBC0993FF}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{C097C0A1-BE2C-4B91-BA2D-7F38EA224210}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2\justcause2.exe | 
"{C7D0AAFA-3A6E-430B-AE22-4400405A500F}" = dir=out | name=amazon | 
"{CED5B159-D282-4B11-9D49-093DC5A47696}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hitman blood money\configure.exe | 
"{CFB3E0B1-114B-4067-9A00-54374B625C5C}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{CFEB6F57-F5C0-4F4D-A0D2-7CE455719D47}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{D0A6565C-A282-407C-9690-F041D152BB58}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{D124D7B9-5736-4926-9105-3ECF246233C1}" = dir=out | name=mcafee security advisor for dell | 
"{D1822868-2BD5-44AA-A7E8-9A6F0F3C141B}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{D1CDC8D6-8917-4CF9-B9FE-4F54A4854F8B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe | 
"{D36F93B3-EE3C-4BB6-A7C3-F6C62CF07DB9}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{D7FE451A-254D-48AA-A62C-213E165F6283}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{DE2E9DDA-7138-4DA2-972E-DA78BB6BE57E}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{DFC5E3D0-1BA5-47FE-9E57-F34903BB9205}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{E24F39B4-6EBA-447D-B5EF-FDD5B0F8F659}" = protocol=6 | dir=out | app=system | 
"{E34E3754-7FBA-43BA-B523-2893D5DAC72D}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{E3A0FF33-517C-47A8-9558-93AEEEA5C87E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe | 
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{EF1E2DA9-75AC-4386-B0CC-D9B681DA1B3F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{EFF91E22-A16A-4238-9B43-322EAB04D9F4}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{F43EE1E1-BB62-4F07-94EA-6B6D7A6C058E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{F7609C78-0C3B-47E5-B236-306FFAF4A608}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tomb raider\tombraider.exe | 
"{F9C41711-D21B-4B00-9814-2DD5C2B84B5A}" = dir=out | name=@{microsoft.bingnews_2.0.0.273_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | 
"{FA68A9C7-3099-4EE4-8354-C64659A6ECEC}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{FCA33A8E-79C2-45A4-8FFF-8390611A134E}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{76FF0F03-B707-4332-B5D1-A56C8303514E}" = iTunes
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 320.18
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 320.18
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 320.18
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 4.11.9
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 4.11.9
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.24.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{DF446558-ADF7-4884-9B2D-281979CCE71F}" = Qualcomm Atheros Killer Network Manager
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"{F842F8B0-6942-4930-821F-543E976B2C66}" = MSVCRT110_amd64
"PC-Doctor for Windows" = My Dell
"SynTPDeinstKey" = Dell Touchpad
"VLC media player" = VLC media player 2.0.7
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell Backup and Recovery
"{1057511B-F8FE-4230-9ED3-AB949A57EE4A}" = Windows Live PIMT Platform
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"{29315CEC-E6CE-4394-84DC-6F862E8D9A52}" = Windows Live UX Platform
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{2FAFE37E-D796-47B8-BA8F-D09819B12DF6}" = Windows Live Essentials
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4F9A382F-4478-4036-905C-F77DF2EA0370}" = Windows Live SOXE
"{4FA8F084-C42F-45E1-B7E5-E0C8A1083DC5}" = Windows Live SOXE Definitions
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5dfd64a7-81dd-45a9-9874-1fe13b7f4d56}_is1" = PinPhotoZoom
"{618F39BD-9720-47CF-A89C-108AB41B1493}" = Windows Live UX Platform Language Pack
"{64DF7404-9D46-44AF-AFA1-A2F8D5648C2D}" = Windows Live Photo Common
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76EE8FE7-1957-4C51-9074-4930A8CFB1AF}" = Windows Live Installer
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7F682A00-6497-4551-A2A6-063AE667D1CF}" = Movie Maker
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office
"{951BA238-9349-4C4F-B871-2FD68CA20F79}" = TubeBox
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B2E55F8-5BA8-4A45-9682-ACB6F2CC0DA5}" = Photo Gallery
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}" = ST Microelectronics 3 Axis Digital Accelerometer Solution
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell Backup and Recovery - Support Software
"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"{B19E03EA-067C-412F-A81E-271720E601AB}" = Fotogalerie
"{B27FA0A3-D80F-41A9-8BAD-C5F2D859AB22}" = Photo Common
"{BA73469B-D8C7-4FE3-B33C-1340D09F0709}" = Windows Live Communications Platform
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint 2.5
"{cb69ca7b-a22a-4654-b672-94507e0560cf}" = TubeBox
"{D71BC54E-A4E6-4E06-866C-FD6EE16EA187}" = Movie Maker
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"3D073343-CEEB-4ce7-85AC-A69A7631B5D6" = Intel(R) Rapid Start Technology
"FoxyDeal" = FoxyDeal
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"iFunbox_is1" = iFunbox (v2.6.2375.747), iFunbox DevTeam
"InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}" = CyberLink Media Suite Essentials
"InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}" = Qualcomm Atheros Killer Network Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"MSC" = McAfee SecurityCenter
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"singalong@xenophesoft.com" = Sing Along
"Steam App 108710" = Alan Wake
"Steam App 12210" = Grand Theft Auto IV
"Steam App 202750" = Alan Wake's American Nightmare
"Steam App 203160" = Tomb Raider
"Steam App 220780" = Thomas Was Alone
"Steam App 49520" = Borderlands 2
"Steam App 6860" = Hitman: Blood Money
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 8190" = Just Cause 2
"WinLiveSuite" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"9204f5692a8faf3b" = Dell System Detect
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 11.06.2013 14:32:45 | Computer Name = Ruperts-PC | Source = MsiInstaller | ID = 11923
Description = 
 
Error - 11.06.2013 16:23:15 | Computer Name = Ruperts-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 11.06.2013 16:23:16 | Computer Name = Ruperts-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15485
 
Error - 11.06.2013 16:23:16 | Computer Name = Ruperts-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15485
 
Error - 11.06.2013 16:53:53 | Computer Name = Ruperts-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: JustCause2.exe, Version: 1.0.0.2,
 Zeitstempel: 0x4c1b5791  Name des fehlerhaften Moduls: JustCause2.exe, Version: 1.0.0.2,
 Zeitstempel: 0x4c1b5791  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00104ce9  ID des fehlerhaften
 Prozesses: 0x1b54  Startzeit der fehlerhaften Anwendung: 0x01ce66e29d11f86b  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Steam\steamapps\common\Just Cause
 2\JustCause2.exe  Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Steam\steamapps\common\Just
 Cause 2\JustCause2.exe  Berichtskennung: 0627843c-d2d9-11e2-be6e-a41731506d20  Vollständiger
 Name des fehlerhaften Pakets:   Anwendungs-ID, die relativ zum fehlerhaften Paket
 ist: 
 
Error - 11.06.2013 18:22:42 | Computer Name = Ruperts-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: pcdrsysinfocsmi.p5x, Version: 6.0.6032.39,
 Zeitstempel: 0x4ffe56d2  Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.6871,
 Zeitstempel: 0x4fee5fd5  Ausnahmecode: 0x40000015  Fehleroffset: 0x000000000004267f
ID
 des fehlerhaften Prozesses: 0x2708  Startzeit der fehlerhaften Anwendung: 0x01ce66f22d938be9
Pfad
 der fehlerhaften Anwendung: C:\Program Files\Dell Support Center\pcdrsysinfocsmi.p5x
Pfad
 des fehlerhaften Moduls: C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6871_none_08e717a5a83adddf\MSVCR90.dll
Berichtskennung:
 6e9da002-d2e5-11e2-be6e-a41731506d20  Vollständiger Name des fehlerhaften Pakets:
   Anwendungs-ID, die relativ zum fehlerhaften Paket ist: 
 
Error - 11.06.2013 18:26:23 | Computer Name = Ruperts-PC | Source = Microsoft-Windows-Immersive-Shell | ID = 2486
Description = Die App „Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo“ wurde
 nicht innerhalb der vorgesehenen Zeit gestartet.
 
Error - 11.06.2013 18:26:38 | Computer Name = Ruperts-PC | Source = Application Hang | ID = 1002
Description = Programm wwahost.exe, Version 6.2.9200.16420 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 2740    Startzeit: 01ce66f2aad72d80    Endzeit: 4294967295    Anwendungspfad:
 C:\Windows\system32\wwahost.exe    Berichts-ID: f24f67d9-d2e5-11e2-be6e-a41731506d20

Vollständiger
 Name des fehlerhaften Pakets: Microsoft.ZuneVideo_1.3.59.0_x64__8wekyb3d8bbwe    Anwendungs-ID,
 die relativ zum fehlerhaften Paket ist: Microsoft.ZuneVideo  
 
Error - 11.06.2013 18:26:38 | Computer Name = Ruperts-PC | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Bei der Aktivierung der App „Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo“
 ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie
 im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 
Error - 11.06.2013 18:47:40 | Computer Name = Ruperts-PC | Source = ESENT | ID = 454
Description = wwahost (2404) ModernDatalayerESE: Bei Datenbankwiederherstellung 
trat ein unerwarteter Fehler -545 auf.
 
[ System Events ]
Error - 11.06.2013 00:57:52 | Computer Name = Ruperts-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Dell Digital Delivery Service" wurde unerwartet beendet. Dies
 ist bereits 1 Mal passiert.
 
Error - 11.06.2013 02:26:36 | Computer Name = Ruperts-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Steam Client Service erreicht.
 
Error - 11.06.2013 02:26:36 | Computer Name = Ruperts-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 11.06.2013 06:08:57 | Computer Name = Ruperts-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "McAfee Boot Delay Start Service" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1083
 
Error - 11.06.2013 12:34:43 | Computer Name = Ruperts-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?11.?06.?2013 um 18:15:44 unerwartet heruntergefahren.
 
Error - 11.06.2013 12:37:17 | Computer Name = Ruperts-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Dell Digital Delivery Service" wurde unerwartet beendet. Dies
 ist bereits 1 Mal passiert.
 
Error - 11.06.2013 12:47:56 | Computer Name = Ruperts-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Dell Digital Delivery Service" wurde unerwartet beendet. Dies
 ist bereits 2 Mal passiert.
 
Error - 11.06.2013 14:21:24 | Computer Name = Ruperts-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?11.?06.?2013 um 18:34:43 unerwartet heruntergefahren.
 
Error - 11.06.2013 14:32:43 | Computer Name = Ruperts-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Dell Digital Delivery Service" wurde unerwartet beendet. Dies
 ist bereits 1 Mal passiert.
 
Error - 11.06.2013 15:15:30 | Computer Name = Ruperts-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?11.?06.?2013 um 20:21:24 unerwartet heruntergefahren.
 
 
< End of report >

Alt 13.06.2013, 10:39   #2
rupertbayern
 
Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys! - Standard

Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys!


GMER
GMER Logfile:
Code:
ATTFilter
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-06-13 09:43:00
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\0000003a ST9750420AS rev.0005DEM1 698,64GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Rupert\AppData\Local\Temp\ugtdqfow.sys


---- Kernel code sections - GMER 2.1 ----

.text   C:\windows\system32\ntoskrnl.exe!KiCpuId + 988                                                                                  fffff8024865d41c 1 byte [31]

---- User code sections - GMER 2.1 ----

.text   C:\windows\system32\dwm.exe[1112] C:\windows\system32\KERNEL32.DLL!RegSetValueExW                                               000007fe42b1257c 8 bytes JMP 000007ff3fe603b0
.text   C:\windows\system32\dwm.exe[1112] C:\windows\system32\KERNEL32.DLL!RegQueryValueExW                                             000007fe42b16b10 9 bytes JMP 000007ff3fe60308
.text   C:\windows\system32\dwm.exe[1112] C:\windows\system32\KERNEL32.DLL!K32GetModuleFileNameExW                                      000007fe42b95658 7 bytes JMP 000007ff3fe60260
.text   C:\windows\system32\dwm.exe[1112] C:\windows\system32\KERNEL32.DLL!K32GetModuleInformation                                      000007fe42b95778 7 bytes JMP 000007ff3fe602d0
.text   C:\windows\system32\dwm.exe[1112] C:\windows\system32\KERNEL32.DLL!RegDeleteValueW                                              000007fe42bb1564 7 bytes JMP 000007ff3fe60340
.text   C:\windows\system32\dwm.exe[1112] C:\windows\system32\KERNEL32.DLL!K32GetMappedFileNameW                                        000007fe42bc40e4 7 bytes JMP 000007ff3fe60298
.text   C:\windows\system32\dwm.exe[1112] C:\windows\system32\KERNEL32.DLL!K32EnumProcessModulesEx                                      000007fe42bc4178 8 bytes JMP 000007ff3fe60228
.text   C:\windows\system32\dwm.exe[1112] C:\windows\system32\KERNEL32.DLL!RegSetValueExA                                               000007fe42bc479c 8 bytes JMP 000007ff3fe60378
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4476] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                 000007fe3d0c1532 4 bytes [0C, 3D, FE, 07]
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4476] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                 000007fe3d0c153a 4 bytes [0C, 3D, FE, 07]
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4476] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246               000007fe3d0c165a 4 bytes [0C, 3D, FE, 07]
.text   C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe[4492] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306  000007fe4061177a 4 bytes [61, 40, FE, 07]
.text   C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe[4492] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314  000007fe40611782 4 bytes [61, 40, FE, 07]

---- Threads - GMER 2.1 ----

Thread  C:\windows\system32\csrss.exe [792:816]                                                                                         fffff9600087d5e8

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                                                                                                           unknown MBR code

---- EOF - GMER 2.1 ----
--- --- ---


Könnt ihr mir helfen?

Mit freundlichen Grüßen
Rupertbayern
__________________
Alt 13.06.2013, 11:01   #3
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys! - Standard

Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys!


Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und evtl. auch andere Virenscanner, sind die jemals fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!


Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
__________________
Alt 13.06.2013, 11:18   #4
rupertbayern
 
Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys! - Standard

Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys!


nein das sind alle logs die ich habe. Der Computer ist total neu (2 tage alt) und ich momentan nur einen mcaffe virenschutz (der war gratis dabei). Ich bekomme aber kaspersky pure bald...

Alt 13.06.2013, 13:14   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys! - Standard

Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys!


JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




Im Anschluss:

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 13.06.2013, 13:39   #6
rupertbayern
 
Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys! - Standard

Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys!


Vielen Dank für deine Erneute Hilfe Cosinus Du hast mir bereits mit meinem altem PC geholfen!
Hier sind die Logs:
Junkware Removal Tool
JRT Logfile:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 8 x64
Ran by Rupert on 13.06.2013 at 14:18:12,30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\autocompletepro.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\suggestmeyes.suggestmeyesbho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\suggestmeyes.suggestmeyesbho.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A0C8953-9D4E-4790-B732-2B9FC9EBCE05}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Rupert\AppData\Roaming\pinphotozoom"
Successfully deleted: [Folder] "C:\Program Files (x86)\pinphotozoom"



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Rupert\appdata\local\Google\Chrome\User Data\Default\Extensions\mbdamgnimlipjnpgiakiojcbbmcmiibn
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\mbdamgnimlipjnpgiakiojcbbmcmiibn



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.06.2013 at 14:21:41,47
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--- --- ---


ADW
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v2.303 - Datei am 13/06/2013 um 14:23:30 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzer : Rupert - RUPERTS-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Rupert\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\Program Files (x86)\FoxyDeal
Ordner Gelöscht : C:\Program Files (x86)\SingAlong
Ordner Gelöscht : C:\Users\Rupert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiennapmieppnpfhhogglccgepbdajan

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\FoxyDeal
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{011166b1-9a69-4174-93d5-f7d3324553fe}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{3A520357-BA99-4C9B-BEDF-12E3E46DDF14}
Schlüssel Gelöscht : HKLM\Software\SimplyGen
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6492E171-2427-4932-B414-33574A089F5E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6492E171-2427-4932-B414-33574A089F5E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5dfd64a7-81dd-45a9-9874-1fe13b7f4d56}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FoxyDeal
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [singalong@xenophesoft.com]

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Google Chrome v27.0.1453.110

Datei : C:\Users\Rupert\AppData\Local\Google\Chrome\User Data\Default\Preferences

Gelöscht [l.2488] : homepage = "hxxp://start.icq.com/",

*************************

AdwCleaner[S1].txt - [1996 octets] - [13/06/2013 14:23:30]

########## EOF - C:\AdwCleaner[S1].txt - [2056 octets] ##########
--- --- ---
Alt 13.06.2013, 13:40   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys! - Standard

Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys!


Zitat:
Du hast mir bereits mit meinem altem PC geholfen!
Sry ist mein Job
Denkst du bitte noch an OTL?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 13.06.2013, 13:41   #8
rupertbayern
 
Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys! - Standard

Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys!


Und die beiden OTL Logs
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 13.06.2013 14:29:19 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Rupert\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16599)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,88 Gb Total Physical Memory | 6,42 Gb Available Physical Memory | 81,51% Memory free
12,38 Gb Paging File | 10,77 Gb Available in Paging File | 86,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 684,35 Gb Total Space | 561,83 Gb Free Space | 82,10% Space Free | Partition Type: NTFS
 
Computer Name: RUPERTS-PC | User Name: Rupert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Rupert\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Windows\SysWOW64\irstrtsv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe (Intel)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\91a4d4e509e355796aa20160bfcbb28c\System.ServiceModel.Web.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\8da760064c3905955f238581c0745323\System.IdentityModel.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\IAStorDataMcfeeca6f#\2b3815ef3ca5f62ccd3d2f59477f3a27\IAStorDataMgrSvcInterfaces.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\IAStorCommon\f634a0121fc1b7aa197d1b9bc2cdf464\IAStorCommon.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\IAStorUtil\508a17fd577920ac0526f540da4b18dc\IAStorUtil.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\6dbc4794082bffd0ad3e2dcc750a2035\SMDiagnostics.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\98bf7d68f19f0a2dd15b26f97771ec24\System.ServiceModel.Internals.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\da04cb0eeee804dc97cac658c87f1457\System.Core.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\38b47b5452863bcadb6b731fe6c5198f\CustomMarshalers.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ae31f7dc9817e359d05c9c8efdd5f359\System.Xml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\5cb0754debdf19b9f0d63d4d8721f532\System.Windows.Forms.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\7e6b074d3f3e3cc8e0270a3552c47aaa\System.Drawing.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\28c2c6e7f48ff80c680a97b08df66a72\System.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\8d2929ad589e1092eb62a43424361465\mscorlib.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bacedff71df875743daa9064b85c4e66\System.Xml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\6a8a61ca5208e404ca21a0c42a59a3c8\System.Xaml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\1bc35bb3e6a392c0fef52bc289e6d3d9\System.Windows.Forms.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\ea94ce8e71afd55226ced104e6e832ce\System.ServiceModel.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\065a34657d599a218b43196a1be4c8d2\System.Runtime.Serialization.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\9eff07ed10b6ae9f9b1159a7d3612fcb\System.Drawing.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\15cfd8d46cc19704f61dac68b2378760\System.Configuration.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\b3d842ef956729e3ca0a3bc5e37ea6d8\System.Core.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System\eaa570735a52e0010d3e9caa9ba50124\System.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\93689d115589e64dd4912f7113a11656\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Steam\bin\chromehtml.DLL ()
MOD - C:\Program Files (x86)\Steam\SDL2.dll ()
MOD - C:\Program Files (x86)\Steam\bin\libcef.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll ()
MOD - C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll ()
MOD - C:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McOobeSv) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV - (SystemStoreService) -- C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe ()
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (McODS) -- C:\Programme\mcafee\virusscan\mcods.exe (McAfee, Inc.)
SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (Qualcomm Atheros Killer Service) -- C:\Programme\Qualcomm Atheros\Killer Network Manager\BFNService.exe ()
SRV - (SftService) -- C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe (SoftThinks SAS)
SRV - (RtkAudioService) -- C:\Programme\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor)
SRV - (AERTFilters) -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Qualcomm Atheros Commnucations)
SRV - (irstrtsv) -- C:\Windows\SysWOW64\irstrtsv.exe (Intel Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
SRV - (Intel(R) -- c:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (McAWFwk) -- c:\Programme\mcafee\msc\McAWFwk.exe (McAfee, Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (nvkflt) -- C:\Windows\SysNative\Drivers\nvkflt.sys (NVIDIA Corporation)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\Drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\Drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\Drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\Drivers\mferkdet.sys (McAfee, Inc.)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\Drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\Drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\Drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\Drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeelamk) -- C:\Windows\SysNative\Drivers\mfeelamk.sys (McAfee, Inc.)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\Drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (BfLwf) -- C:\Windows\SysNative\Drivers\bwcW8x64.sys (Qualcomm Atheros, Inc.)
DRV:64bit: - (akw8x64) -- C:\Windows\SysNative\Drivers\akw8x64.sys (Qualcomm Atheros, Inc.)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\Drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\Drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\Drivers\Smb_driver_Intel.sys (Synaptics Incorporated)
DRV:64bit: - (SmbDrv) -- C:\Windows\SysNative\Drivers\Smb_driver_AMDASF.sys (Synaptics Incorporated)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\Drivers\btfilter.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\Drivers\btath_rcp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\Drivers\btath_hcrp.sys (Qualcomm Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\Drivers\btath_flt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\Drivers\btath_lwflt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\Drivers\btath_a2dp.sys (Qualcomm Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\Drivers\btath_avdt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\Drivers\btath_bus.sys (Qualcomm Atheros)
DRV:64bit: - (DellRbtn) -- C:\Windows\SysNative\Drivers\DellRbtn.sys (OSR Open Systems Resources, Inc.)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\Drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (irstrtdv) -- C:\Windows\SysNative\Drivers\irstrtdv.sys (Intel Corporation)
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\Drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (ST_Accel) -- C:\Windows\SysNative\Drivers\ST_Accel.sys (STMicroelectronics)
DRV:64bit: - (stdcfltn) -- C:\Windows\SysNative\Drivers\stdcfltn.sys (ST Microelectronics)
DRV:64bit: - (CLVirtualDrive) -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys (CyberLink)
DRV:64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\Drivers\RtsPStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\Drivers\Rt630x64.sys (Realtek                                            )
DRV:64bit: - (HipShieldK) -- C:\Windows\SysNative\Drivers\HipShieldK.sys (McAfee, Inc.)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0F4C820A-0BFA-4E0E-ACC0-118CA47B12F4}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0F4C820A-0BFA-4E0E-ACC0-118CA47B12F4}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-1964743600-2523548807-1327938116-1001\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-1964743600-2523548807-1327938116-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com
IE - HKU\S-1-5-21-1964743600-2523548807-1327938116-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com
IE - HKU\S-1-5-21-1964743600-2523548807-1327938116-1002\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-1964743600-2523548807-1327938116-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1964743600-2523548807-1327938116-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2013.06.11 21:40:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2013.06.11 21:40:58 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - Extension: Sing Along = C:\Users\Rupert\AppData\Local\Google\Chrome\User Data\Default\Extensions\abepbblpkilpjohncjbccmdjhdhbnhdj\1.114_0\
CHR - Extension: Google Docs = C:\Users\Rupert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Rupert\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Rupert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\Rupert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: LoL Stream Browser = C:\Users\Rupert\AppData\Local\Google\Chrome\User Data\Default\Extensions\edidfaijmhpefkbnobdcepampbncgejp\1.2.0.5_0\
CHR - Extension: AdBlock = C:\Users\Rupert\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.64_0\
CHR - Extension: Reddit Enhancement Suite = C:\Users\Rupert\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.2.0.1_1\
CHR - Extension: Google Mail = C:\Users\Rupert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (PinPhotoZoom) - {4a0c8953-9d4e-4790-b732-2b9fc9ebce05} - C:\Users\Rupert\AppData\Roaming\PinPhotoZoom\64\AutocompletePro64.dll File not found
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\mcafee\systemcore\ScriptSn.20130611213336.dll (McAfee, Inc.)
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20130611213336.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [BtTray] C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Qualcomm Atheros)
O4:64bit: - HKLM..\Run: [BtvStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] c:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-1964743600-2523548807-1327938116-1002..\Run: [DellSystemDetect] C:\Users\Rupert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms ()
O4 - HKU\S-1-5-21-1964743600-2523548807-1327938116-1002..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000018 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1964743600-2523548807-1327938116-1002\..Trusted Domains: dell.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2DAE5E64-E34C-42AF-A642-64E59328D541}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL) -  File not found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll) -  File not found
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{c75a50be-d2b4-11e2-be6b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c75a50be-d2b4-11e2-be6b-806e6f6e6963}\Shell\AutoRun\command - "" = "D:\SETUP.EXE" 
O33 - MountPoints2\{c75a50be-d2b4-11e2-be6b-806e6f6e6963}\Shell\configure\command - "" = D:\SETUP.EXE
O33 - MountPoints2\{c75a50be-d2b4-11e2-be6b-806e6f6e6963}\Shell\install\command - "" = D:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
File not found -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neue Funktion 1
[2013.06.13 14:17:26 | 000,000,000 | ---D | C] -- C:\JRT
[2013.06.13 14:15:30 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Rupert\Desktop\JRT.exe
[2013.06.13 11:27:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013.06.13 09:24:38 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Rupert\Desktop\OTL.exe
[2013.06.13 09:13:55 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Roaming\Malwarebytes
[2013.06.13 09:13:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.06.13 09:13:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.06.13 09:13:42 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2013.06.13 09:13:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.06.13 09:13:32 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\Programs
[2013.06.13 01:49:27 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\Freetec
[2013.06.13 01:49:26 | 000,000,000 | ---D | C] -- C:\Users\Rupert\Documents\TubeBox
[2013.06.13 01:38:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoftwareUpdater
[2013.06.13 01:38:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freetec
[2013.06.13 01:38:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Freetec
[2013.06.13 01:37:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013.06.13 01:36:58 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\DownloadGuide
[2013.06.12 23:31:59 | 000,000,000 | R--D | C] -- C:\Users\Rupert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2013.06.12 17:37:54 | 000,000,000 | ---D | C] -- C:\Users\Rupert\Documents\My Games
[2013.06.12 11:04:25 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tssdisai.dll
[2013.06.12 02:08:07 | 000,000,000 | R--D | C] -- C:\windows\BrowserChoice
[2013.06.12 01:59:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2013.06.12 01:59:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2013.06.12 01:14:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.06.12 01:14:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013.06.12 01:10:27 | 013,644,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.UI.Xaml.dll
[2013.06.12 01:10:26 | 010,116,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\twinui.dll
[2013.06.12 01:10:25 | 008,857,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\twinui.dll
[2013.06.12 01:10:24 | 010,788,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.UI.Xaml.dll
[2013.06.12 01:10:23 | 001,131,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AppXDeploymentServer.dll
[2013.06.12 01:10:21 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ubpm.dll
[2013.06.12 01:10:20 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\BCP47Langs.dll
[2013.06.12 01:10:20 | 000,247,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ubpm.dll
[2013.06.12 01:10:19 | 002,305,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\authui.dll
[2013.06.12 01:10:19 | 002,035,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\authui.dll
[2013.06.12 01:10:19 | 000,760,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll
[2013.06.12 01:10:19 | 000,470,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netprofmsvc.dll
[2013.06.12 01:10:19 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\BCP47Langs.dll
[2013.06.12 01:10:18 | 001,619,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll
[2013.06.12 01:10:18 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapi.dll
[2013.06.12 01:10:18 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfmp4srcsnk.dll
[2013.06.12 01:10:18 | 000,446,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\USBHUB3.SYS
[2013.06.12 01:10:18 | 000,330,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\stobject.dll
[2013.06.12 01:10:18 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUSettingsProvider.dll
[2013.06.12 01:10:18 | 000,014,848 | ---- | C] (Microsoft) -- C:\windows\SysWow64\rars.rs
[2013.06.12 01:10:18 | 000,014,848 | ---- | C] (Microsoft) -- C:\windows\SysNative\rars.rs
[2013.06.12 01:10:17 | 000,812,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Magnify.exe
[2013.06.12 01:10:17 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AppXDeploymentExtensions.dll
[2013.06.12 01:10:17 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfmp4srcsnk.dll
[2013.06.12 01:10:17 | 000,284,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\spaceport.sys
[2013.06.12 01:10:17 | 000,213,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\UCX01000.SYS
[2013.06.12 01:10:17 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netplwiz.dll
[2013.06.12 01:10:17 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netplwiz.dll
[2013.06.12 01:10:17 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\psmsrv.dll
[2013.06.12 01:10:17 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidclass.sys
[2013.06.12 01:10:17 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskhost.exe
[2013.06.12 01:10:17 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups.dll
[2013.06.12 01:10:16 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Magnify.exe
[2013.06.12 01:10:16 | 000,501,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DevicePairing.dll
[2013.06.12 01:10:16 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\intl.cpl
[2013.06.12 01:10:16 | 000,337,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\USBXHCI.SYS
[2013.06.12 01:10:16 | 000,120,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AuthHost.exe
[2013.06.12 01:10:16 | 000,058,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe
[2013.06.12 01:10:15 | 000,449,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DevicePairing.dll
[2013.06.12 01:10:15 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\storewuauth.dll
[2013.06.12 01:10:15 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll
[2013.06.12 01:10:15 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuwebv.dll
[2013.06.12 01:10:15 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\biwinrt.dll
[2013.06.12 01:10:15 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\biwinrt.dll
[2013.06.12 01:10:15 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskhostex.exe
[2013.06.12 01:10:15 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll
[2013.06.12 01:10:15 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuaext.dll
[2013.06.12 01:10:14 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\intl.cpl
[2013.06.12 01:10:14 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bisrv.dll
[2013.06.12 01:10:14 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll
[2013.06.12 01:10:13 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wudriver.dll
[2013.06.12 01:10:13 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe
[2013.06.12 01:10:13 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapp.exe
[2013.06.12 01:10:13 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wups.dll
[2013.06.12 01:10:13 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\muifontsetup.dll
[2013.06.12 01:10:12 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wushareduxresources.dll
[2013.06.12 01:10:12 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nlmproxy.dll
[2013.06.12 01:10:12 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\muifontsetup.dll
[2013.06.12 01:10:12 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nlmsprep.dll
[2013.06.12 01:09:32 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013.06.12 01:09:28 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\uxtheme.dll
[2013.06.12 01:09:27 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013.06.12 01:09:27 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013.06.12 01:09:27 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013.06.12 01:09:26 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2013.06.12 01:09:25 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2013.06.12 01:09:25 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2013.06.12 01:09:25 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2013.06.12 01:09:25 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2013.06.12 01:09:25 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UXInit.dll
[2013.06.12 01:09:25 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UXInit.dll
[2013.06.12 01:09:25 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2013.06.12 01:09:25 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2013.06.12 01:07:49 | 001,889,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\crypt32.dll
[2013.06.12 01:07:48 | 001,255,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\certutil.exe
[2013.06.12 01:07:48 | 001,013,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certutil.exe
[2013.06.12 01:07:48 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptnet.dll
[2013.06.12 01:07:47 | 000,411,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\FWPKCLNT.SYS
[2013.06.12 01:07:45 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptdlg.dll
[2013.06.12 01:07:45 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cryptdlg.dll
[2013.06.12 01:07:41 | 001,257,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
[2013.06.12 01:07:38 | 001,300,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gdi32.dll
[2013.06.12 01:07:36 | 000,888,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\autochk.exe
[2013.06.12 01:07:36 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\untfs.dll
[2013.06.12 01:07:36 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\untfs.dll
[2013.06.12 01:07:35 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\autochk.exe
[2013.06.12 01:07:35 | 000,733,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll
[2013.06.12 00:53:08 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\Windows Live
[2013.06.12 00:44:13 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Roaming\iFunbox_UserCache
[2013.06.12 00:44:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam
[2013.06.12 00:44:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\i-Funbox DevTeam
[2013.06.12 00:31:16 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
[2013.06.12 00:28:19 | 000,000,000 | ---D | C] -- C:\ProgramData\PC-Doctor for Windows
[2013.06.12 00:28:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
[2013.06.12 00:27:41 | 000,000,000 | ---D | C] -- C:\Program Files\My Dell
[2013.06.12 00:23:30 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Roaming\PCDr
[2013.06.12 00:17:42 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\NVIDIA
[2013.06.11 23:55:33 | 000,000,000 | ---D | C] -- C:\Users\Rupert\Documents\Rockstar Games
[2013.06.11 23:52:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013.06.11 23:51:58 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\NV
[2013.06.11 23:51:58 | 000,000,000 | ---D | C] -- C:\windows\SysNative\NV
[2013.06.11 23:51:14 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2013.06.11 23:49:55 | 027,775,776 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvoglv64.dll
[2013.06.11 23:49:55 | 021,096,736 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvoglv32.dll
[2013.06.11 23:49:55 | 015,910,736 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvwgf2umx.dll
[2013.06.11 23:49:55 | 013,403,168 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvwgf2um.dll
[2013.06.11 23:49:55 | 007,641,832 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvopencl.dll
[2013.06.11 23:49:55 | 006,324,360 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvopencl.dll
[2013.06.11 23:49:55 | 000,518,944 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\NvIFR64.dll
[2013.06.11 23:49:55 | 000,421,152 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\NvIFR.dll
[2013.06.11 23:49:55 | 000,284,448 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\drivers\nvkflt.sys
[2013.06.11 23:49:55 | 000,218,592 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvoglshim64.dll
[2013.06.11 23:49:55 | 000,181,488 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvoglshim32.dll
[2013.06.11 23:49:55 | 000,030,496 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\drivers\nvpciflt.sys
[2013.06.11 23:49:54 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvcompiler.dll
[2013.06.11 23:49:54 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvcompiler.dll
[2013.06.11 23:49:54 | 009,233,688 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvcuda.dll
[2013.06.11 23:49:54 | 007,682,960 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvcuda.dll
[2013.06.11 23:49:54 | 002,942,240 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvcuvid.dll
[2013.06.11 23:49:54 | 002,754,336 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvcuvid.dll
[2013.06.11 23:49:54 | 002,363,680 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvcuvenc.dll
[2013.06.11 23:49:54 | 002,002,720 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvcuvenc.dll
[2013.06.11 23:49:54 | 001,832,224 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvdispco6432018.dll
[2013.06.11 23:49:54 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvdispgenco6432018.dll
[2013.06.11 23:49:54 | 000,550,176 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\NvFBC64.dll
[2013.06.11 23:49:54 | 000,443,168 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\NvFBC.dll
[2013.06.11 23:49:54 | 000,432,416 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvEncodeAPI64.dll
[2013.06.11 23:49:54 | 000,370,976 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvEncodeAPI.dll
[2013.06.11 23:47:46 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2013.06.11 23:18:05 | 000,000,000 | ---D | C] -- C:\Users\Rupert\Documents\Games for Windows - LIVE Demos
[2013.06.11 23:17:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2013.06.11 23:03:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
[2013.06.11 22:28:14 | 000,000,000 | ---D | C] -- C:\Users\Rupert\Documents\Square Enix
[2013.06.11 22:27:20 | 000,000,000 | ---D | C] -- C:\Users\Rupert\Documents\Remedy
[2013.06.11 22:27:15 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_7.dll
[2013.06.11 22:27:15 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_7.dll
[2013.06.11 22:27:13 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dcsx_43.dll
[2013.06.11 22:27:13 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dcsx_43.dll
[2013.06.11 22:27:12 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_43.dll
[2013.06.11 22:27:12 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_43.dll
[2013.06.11 22:27:12 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_43.dll
[2013.06.11 22:27:12 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_43.dll
[2013.06.11 22:27:11 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_6.dll
[2013.06.11 22:27:11 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_6.dll
[2013.06.11 22:27:11 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_4.dll
[2013.06.11 22:27:11 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_4.dll
[2013.06.11 22:27:10 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_6.dll
[2013.06.11 22:27:10 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_6.dll
[2013.06.11 22:27:09 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_5.dll
[2013.06.11 22:27:09 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_5.dll
[2013.06.11 22:27:09 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_7.dll
[2013.06.11 22:27:09 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_7.dll
[2013.06.11 22:27:08 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_42.dll
[2013.06.11 22:27:08 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_42.dll
[2013.06.11 22:27:08 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_5.dll
[2013.06.11 22:27:08 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_5.dll
[2013.06.11 22:27:07 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dcsx_42.dll
[2013.06.11 22:27:07 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dcsx_42.dll
[2013.06.11 22:27:06 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx11_42.dll
[2013.06.11 22:27:06 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx11_42.dll
[2013.06.11 22:27:05 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_42.dll
[2013.06.11 22:27:04 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_41.dll
[2013.06.11 22:27:04 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_41.dll
[2013.06.11 22:27:03 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_41.dll
[2013.06.11 22:27:02 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_4.dll
[2013.06.11 22:27:02 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_3.dll
[2013.06.11 22:27:02 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_3.dll
[2013.06.11 22:27:01 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_4.dll
[2013.06.11 22:27:00 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_40.dll
[2013.06.11 22:27:00 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_40.dll
[2013.06.11 22:27:00 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_40.dll
[2013.06.11 22:27:00 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_40.dll
[2013.06.11 22:27:00 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_6.dll
[2013.06.11 22:26:59 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_40.dll
[2013.06.11 22:26:59 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_40.dll
[2013.06.11 22:26:58 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_3.dll
[2013.06.11 22:26:58 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_3.dll
[2013.06.11 22:26:58 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_3.dll
[2013.06.11 22:26:58 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_3.dll
[2013.06.11 22:26:58 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_2.dll
[2013.06.11 22:26:58 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_2.dll
[2013.06.11 22:26:57 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_5.dll
[2013.06.11 22:26:57 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_5.dll
[2013.06.11 22:26:56 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_2.dll
[2013.06.11 22:26:56 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_2.dll
[2013.06.11 22:26:56 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_2.dll
[2013.06.11 22:26:56 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_1.dll
[2013.06.11 22:26:55 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_39.dll
[2013.06.11 22:26:55 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_39.dll
[2013.06.11 22:26:54 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_39.dll
[2013.06.11 21:37:10 | 000,196,440 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\HipShieldK.sys
[2013.06.11 21:33:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2013.06.11 21:33:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2013.06.11 21:33:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2013.06.11 20:43:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013.06.11 20:42:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2013.06.11 20:42:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013.06.11 20:39:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013.06.11 20:39:00 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\Microsoft Help
[2013.06.11 20:38:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013.06.11 20:38:36 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013.06.11 18:50:53 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\Apple Computer
[2013.06.11 18:50:52 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Roaming\Apple Computer
[2013.06.11 18:50:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.06.11 18:50:40 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\windows\SysNative\drivers\GEARAspiWDM.sys
[2013.06.11 18:50:28 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.06.11 18:50:27 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.06.11 18:50:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013.06.11 18:50:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013.06.11 18:50:27 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013.06.11 18:45:15 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\Apple
[2013.06.11 18:45:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013.06.11 18:44:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013.06.11 18:44:48 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013.06.11 18:44:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2013.06.11 18:44:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013.06.11 18:44:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2013.06.11 18:42:34 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\softthinks
[2013.06.11 18:35:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013.06.11 18:21:34 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\Rockstar Games
[2013.06.11 18:21:18 | 000,000,000 | RH-D | C] -- C:\Users\Rupert\AppData\Roaming\SecuROM
[2013.06.11 18:21:17 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\windows\SysWow64\CmdLineExt_x64.dll
[2013.06.11 18:21:06 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_42.dll
[2013.06.11 18:21:03 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\xlive
[2013.06.11 18:21:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2013.06.11 18:20:16 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_41.dll
[2013.06.11 18:20:16 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_4.dll
[2013.06.11 18:20:15 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_4.dll
[2013.06.11 18:20:15 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_6.dll
[2013.06.11 18:20:14 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_1.dll
[2013.06.11 18:20:14 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_1.dll
[2013.06.11 18:20:14 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_1.dll
[2013.06.11 18:20:14 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_1.dll
[2013.06.11 18:20:14 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_0.dll
[2013.06.11 18:20:14 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_0.dll
[2013.06.11 18:20:13 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_38.dll
[2013.06.11 18:20:13 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_38.dll
[2013.06.11 18:20:13 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_38.dll
[2013.06.11 18:20:13 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_38.dll
[2013.06.11 18:20:13 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_38.dll
[2013.06.11 18:20:13 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_38.dll
[2013.06.11 18:20:13 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_4.dll
[2013.06.11 18:20:13 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_4.dll
[2013.06.11 18:20:12 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_37.dll
[2013.06.11 18:20:12 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_37.dll
[2013.06.11 18:20:12 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_37.dll
[2013.06.11 18:20:12 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_0.dll
[2013.06.11 18:20:12 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_0.dll
[2013.06.11 18:20:12 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_37.dll
[2013.06.11 18:20:12 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_0.dll
[2013.06.11 18:20:12 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_0.dll
[2013.06.11 18:20:12 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_3.dll
[2013.06.11 18:20:12 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_3.dll
[2013.06.11 18:20:11 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_37.dll
[2013.06.11 18:20:11 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_37.dll
[2013.06.11 18:20:11 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_10.dll
[2013.06.11 18:20:11 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_10.dll
[2013.06.11 18:20:10 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_36.dll
[2013.06.11 18:20:10 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_36.dll
[2013.06.11 18:20:10 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_36.dll
[2013.06.11 18:20:10 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_36.dll
[2013.06.11 18:20:10 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_36.dll
[2013.06.11 18:20:10 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_36.dll
[2013.06.11 18:20:10 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_9.dll
[2013.06.11 18:20:10 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_9.dll
[2013.06.11 18:20:09 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_35.dll
[2013.06.11 18:20:09 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_35.dll
[2013.06.11 18:20:09 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_35.dll
[2013.06.11 18:20:09 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_35.dll
[2013.06.11 18:20:09 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_35.dll
[2013.06.11 18:20:09 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_35.dll
[2013.06.11 18:20:08 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_34.dll
[2013.06.11 18:20:08 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_34.dll
[2013.06.11 18:20:08 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_34.dll
[2013.06.11 18:20:08 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_34.dll
[2013.06.11 18:20:08 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_34.dll
[2013.06.11 18:20:08 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_34.dll
[2013.06.11 18:20:08 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_8.dll
[2013.06.11 18:20:08 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_8.dll
[2013.06.11 18:20:08 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_2.dll
[2013.06.11 18:20:08 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_2.dll
[2013.06.11 18:20:07 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_33.dll
[2013.06.11 18:20:07 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_33.dll
[2013.06.11 18:20:07 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_33.dll
[2013.06.11 18:20:07 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_33.dll
[2013.06.11 18:20:07 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_7.dll
[2013.06.11 18:20:07 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_7.dll
[2013.06.11 18:20:07 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_3.dll
[2013.06.11 18:20:07 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_3.dll
[2013.06.11 18:20:06 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_33.dll
[2013.06.11 18:20:06 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_33.dll
[2013.06.11 18:20:06 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_6.dll
[2013.06.11 18:20:06 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_6.dll
[2013.06.11 18:20:05 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10.dll
[2013.06.11 18:20:05 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10.dll
[2013.06.11 18:20:05 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_5.dll
[2013.06.11 18:20:05 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_5.dll
[2013.06.11 18:20:04 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_31.dll
[2013.06.11 18:20:04 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_31.dll
[2013.06.11 18:20:04 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_4.dll
[2013.06.11 18:20:04 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_4.dll
[2013.06.11 18:20:04 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\x3daudio1_1.dll
[2013.06.11 18:20:04 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\x3daudio1_1.dll
[2013.06.11 18:20:03 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_3.dll
[2013.06.11 18:20:03 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_2.dll
[2013.06.11 18:20:03 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_3.dll
[2013.06.11 18:20:03 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_2.dll
[2013.06.11 18:20:03 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_2.dll
[2013.06.11 18:20:03 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_1.dll
[2013.06.11 18:20:03 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_2.dll
[2013.06.11 18:20:03 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_1.dll
[2013.06.11 18:20:02 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_1.dll
[2013.06.11 18:20:02 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_1.dll
[2013.06.11 18:19:59 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_30.dll
[2013.06.11 18:19:59 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_29.dll
[2013.06.11 18:19:59 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_30.dll
[2013.06.11 18:19:59 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_29.dll
[2013.06.11 18:19:59 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_0.dll
[2013.06.11 18:19:59 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_0.dll
[2013.06.11 18:19:59 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\x3daudio1_0.dll
[2013.06.11 18:19:59 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\x3daudio1_0.dll
[2013.06.11 18:19:58 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_28.dll
[2013.06.11 18:19:58 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_27.dll
[2013.06.11 18:19:58 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_26.dll
[2013.06.11 18:19:58 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_28.dll
[2013.06.11 18:19:58 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_27.dll
[2013.06.11 18:19:58 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_26.dll
[2013.06.11 18:19:57 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_25.dll
[2013.06.11 18:19:57 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_24.dll
[2013.06.11 18:19:57 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_25.dll
[2013.06.11 18:19:57 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_24.dll
[2013.06.11 16:24:08 | 000,000,000 | ---D | C] -- C:\Users\Rupert\Documents\Hitman Blood Money
[2013.06.11 10:37:27 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Roaming\LolClient
[2013.06.11 08:57:11 | 002,094,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mmc.exe
[2013.06.11 08:57:10 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlidsvc.dll
[2013.06.11 08:57:10 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msctf.dll
[2013.06.11 08:57:09 | 001,611,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mmc.exe
[2013.06.11 08:57:07 | 001,886,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setupapi.dll
[2013.06.11 08:57:07 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsm.dll
[2013.06.11 08:57:07 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Media.dll
[2013.06.11 08:57:06 | 000,028,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\msgpiowin32.sys
[2013.06.11 08:57:04 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSDMon.dll
[2013.06.11 08:57:03 | 000,728,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\samsrv.dll
[2013.06.11 08:57:03 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MP4SDECD.DLL
[2013.06.11 08:57:03 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetpp.dll
[2013.06.11 08:57:02 | 000,261,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Media.dll
[2013.06.11 08:57:02 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wiaacmgr.exe
[2013.06.11 08:57:02 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wiaacmgr.exe
[2013.06.11 08:57:01 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MP4SDECD.DLL
[2013.06.11 08:57:01 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncbservice.dll
[2013.06.11 08:57:01 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\httpprxm.dll
[2013.06.11 08:57:01 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\adhsvc.dll
[2013.06.11 08:57:00 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\adhapi.dll
[2013.06.11 08:57:00 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\httpprxp.dll
[2013.06.11 08:57:00 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\keepaliveprovider.dll
[2013.06.11 08:53:38 | 000,017,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msvcr100_clr0400.dll
[2013.06.11 08:53:15 | 000,017,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msvcr100_clr0400.dll
[2013.06.11 08:51:42 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppobjs.dll
[2013.06.11 08:51:38 | 001,627,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll
[2013.06.11 08:51:35 | 005,978,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstscax.dll
[2013.06.11 08:51:35 | 001,048,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfasfsrcsnk.dll
[2013.06.11 08:51:35 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfasfsrcsnk.dll
[2013.06.11 08:51:33 | 001,101,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpmde.dll
[2013.06.11 08:51:33 | 000,327,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Classpnp.sys
[2013.06.11 08:51:32 | 005,091,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstscax.dll
[2013.06.11 08:51:32 | 001,149,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winmde.dll
[2013.06.11 08:51:31 | 000,951,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Globalization.dll
[2013.06.11 08:51:31 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Security.Authentication.OnlineId.dll
[2013.06.11 08:51:31 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netcfgx.dll
[2013.06.11 08:51:30 | 000,332,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\storport.sys
[2013.06.11 08:51:30 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SystemEventsBrokerServer.dll
[2013.06.11 08:51:30 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TimeBrokerServer.dll
[2013.06.11 08:51:29 | 000,893,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\winmde.dll
[2013.06.11 08:51:29 | 000,601,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Globalization.dll
[2013.06.11 08:51:29 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netcfgx.dll
[2013.06.11 08:51:29 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SettingSync.dll
[2013.06.11 08:51:29 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usbmon.dll
[2013.06.11 08:51:28 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drvstore.dll
[2013.06.11 08:51:28 | 000,550,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drvstore.dll
[2013.06.11 08:51:27 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Security.Authentication.OnlineId.dll
[2013.06.11 08:51:27 | 000,194,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\sdbus.sys
[2013.06.11 08:51:26 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SettingSync.dll
[2013.06.11 08:51:26 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\discan.dll
[2013.06.11 08:51:26 | 000,125,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dumpsd.sys
[2013.06.11 08:51:25 | 000,148,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\tpm.sys
[2013.06.11 08:51:25 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\NdisImPlatform.dll
[2013.06.11 08:51:25 | 000,077,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\storahci.sys
[2013.06.11 08:51:24 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fsquirt.exe
[2013.06.11 08:51:24 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\powercfg.cpl
[2013.06.11 08:51:24 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\powercfg.cpl
[2013.06.11 08:51:24 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DevDispItemProvider.dll
[2013.06.11 08:51:22 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SettingSyncInfo.dll
[2013.06.11 08:51:22 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSDPrintProxy.DLL
[2013.06.11 08:51:21 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DevDispItemProvider.dll
[2013.06.11 08:51:20 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SettingSyncInfo.dll
[2013.06.11 08:47:57 | 003,552,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tquery.dll
[2013.06.11 08:47:56 | 014,267,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmp.dll
[2013.06.11 08:47:53 | 011,878,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmp.dll
[2013.06.11 08:47:52 | 002,107,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssrch.dll
[2013.06.11 08:47:51 | 002,767,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tquery.dll
[2013.06.11 08:47:49 | 001,593,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssrch.dll
[2013.06.11 08:47:46 | 001,829,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2013.06.11 08:47:43 | 001,444,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSAudDecMFT.dll
[2013.06.11 08:47:42 | 001,113,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSAudDecMFT.dll
[2013.06.11 08:47:41 | 000,306,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kd_02_10ec.dll
[2013.06.11 08:47:40 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssph.dll
[2013.06.11 08:47:39 | 000,446,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioSes.dll
[2013.06.11 08:47:39 | 000,373,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchProtocolHost.exe
[2013.06.11 08:47:39 | 000,298,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rsaenh.dll
[2013.06.11 08:47:36 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Networking.dll
[2013.06.11 08:47:36 | 000,489,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioEng.dll
[2013.06.11 08:47:36 | 000,435,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssph.dll
[2013.06.11 08:47:36 | 000,367,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe
[2013.06.11 08:47:36 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dwmredir.dll
[2013.06.11 08:47:35 | 001,403,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.efi
[2013.06.11 08:47:35 | 000,804,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RecoveryDrive.exe
[2013.06.11 08:47:35 | 000,253,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\audiodg.exe
[2013.06.11 08:47:34 | 001,267,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.exe
[2013.06.11 08:47:34 | 000,468,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MFMediaEngine.dll
[2013.06.11 08:47:34 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpncore.dll
[2013.06.11 08:47:34 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Networking.BackgroundTransfer.dll
[2013.06.11 08:47:33 | 001,217,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.efi
[2013.06.11 08:47:33 | 001,093,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.exe
[2013.06.11 08:47:33 | 000,523,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsGdiConverter.dll
[2013.06.11 08:47:31 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Networking.dll
[2013.06.11 08:47:29 | 000,503,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ci.dll
[2013.06.11 08:47:28 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dmvdsitf.dll
[2013.06.11 08:47:26 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fhengine.dll
[2013.06.11 08:47:25 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\actxprxy.dll
[2013.06.11 08:47:24 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsRasterService.dll
[2013.06.11 08:47:22 | 000,659,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssvp.dll
[2013.06.11 08:47:21 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MFMediaEngine.dll
[2013.06.11 08:47:20 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfreadwrite.dll
[2013.06.11 08:47:19 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioEndpointBuilder.dll
[2013.06.11 08:47:19 | 000,069,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\pdc.sys
[2013.06.11 08:47:18 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Networking.BackgroundTransfer.dll
[2013.06.11 08:47:18 | 000,123,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wscapi.dll
[2013.06.11 08:47:17 | 000,522,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AUDIOKSE.dll
[2013.06.11 08:47:17 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iuilp.dll
[2013.06.11 08:47:17 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchFilterHost.exe
[2013.06.11 08:47:17 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsRasterService.dll
[2013.06.11 08:47:17 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Robocopy.exe
[2013.06.11 08:47:17 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Robocopy.exe
[2013.06.11 08:47:17 | 000,077,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kdvm.dll
[2013.06.11 08:47:16 | 000,463,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AUDIOKSE.dll
[2013.06.11 08:47:16 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsGdiConverter.dll
[2013.06.11 08:47:16 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dmvdsitf.dll
[2013.06.11 08:47:16 | 000,086,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kdnet.dll
[2013.06.11 08:47:15 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfreadwrite.dll
[2013.06.11 08:47:14 | 000,745,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssvp.dll
[2013.06.11 08:47:14 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\GenuineCenter.dll
[2013.06.11 08:47:14 | 000,303,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dxgmms1.sys
[2013.06.11 08:47:14 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidi2c.sys
[2013.06.11 08:47:13 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fmifs.dll
[2013.06.11 08:47:13 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fmifs.dll
[2013.06.11 08:47:13 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msshooks.dll
[2013.06.11 08:47:12 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssphtb.dll
[2013.06.11 08:47:12 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssitlb.dll
[2013.06.11 08:47:12 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssprxy.dll
[2013.06.11 08:47:12 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssitlb.dll
[2013.06.11 08:47:12 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msscntrs.dll
[2013.06.11 08:47:12 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msshooks.dll
[2013.06.11 08:47:11 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EncDump.dll
[2013.06.11 08:47:11 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msscntrs.dll
[2013.06.11 08:38:19 | 000,230,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\WdFilter.sys
[2013.06.11 08:38:16 | 000,035,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\WdBoot.sys
[2013.06.11 08:37:59 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appserverai.dll
[2013.06.11 08:37:59 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RDWebAI.dll
[2013.06.11 08:37:58 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\VmHostAI.dll
[2013.06.11 08:37:55 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\poqexec.exe
[2013.06.11 08:37:55 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\poqexec.exe
[2013.06.11 08:37:52 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\synceng.dll
[2013.06.11 08:37:52 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\synceng.dll
[2013.06.11 08:37:50 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml6r.dll
[2013.06.11 08:37:50 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml6r.dll
[2013.06.11 08:37:50 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml3r.dll
[2013.06.11 08:37:50 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml3r.dll
[2013.06.11 08:36:53 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncryptsslp.dll
[2013.06.11 08:36:53 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ncryptsslp.dll
[2013.06.11 08:27:09 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\duser.dll
[2013.06.11 08:27:09 | 000,543,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlroamextension.dll
[2013.06.11 08:27:08 | 000,475,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WWanAPI.dll
[2013.06.11 08:27:08 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncsi.dll
[2013.06.11 08:27:08 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Networking.Connectivity.dll
[2013.06.11 08:27:07 | 000,260,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hotspotauth.dll
[2013.06.11 08:27:07 | 000,037,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\BthAvrcpTg.sys
[2013.06.11 08:27:06 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WWanAPI.dll
[2013.06.11 08:27:06 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mbsmsapi.dll
[2013.06.11 08:27:06 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Networking.Connectivity.dll
[2013.06.11 08:27:06 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mbsmsapi.dll
[2013.06.11 08:27:06 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskkill.exe
[2013.06.11 08:27:06 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tasklist.exe
[2013.06.11 08:27:05 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpd_ci.dll
[2013.06.11 08:27:05 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlroamextension.dll
[2013.06.11 08:27:05 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskkill.exe
[2013.06.11 08:27:05 | 000,061,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\crashdmp.sys
[2013.06.11 08:27:04 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tasklist.exe
[2013.06.11 08:27:02 | 000,029,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\BthhfHid.sys
[2013.06.11 08:27:02 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\BtaMPM.sys
[2013.06.11 08:26:56 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_39.dll
[2013.06.11 08:26:56 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_2.dll
[2013.06.11 08:26:56 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_39.dll
[2013.06.11 08:26:56 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_1.dll
[2013.06.11 08:26:55 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_39.dll
[2013.06.11 08:19:46 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ReAgentc.exe
[2013.06.11 08:19:45 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ReAgentc.exe
[2013.06.11 08:19:38 | 001,011,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\reseteng.dll
[2013.06.11 08:19:38 | 000,945,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\resetengmig.dll
[2013.06.11 08:19:38 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ReAgent.dll
[2013.06.11 08:19:38 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ReAgent.dll
[2013.06.11 08:19:38 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sysreset.exe
[2013.06.11 08:17:15 | 001,690,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\GdiPlus.dll
[2013.06.11 08:17:14 | 001,437,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\GdiPlus.dll
[2013.06.11 08:16:23 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usb8023.sys
[2013.06.11 08:15:41 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shdocvw.dll
[2013.06.11 08:15:40 | 000,112,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\consent.exe
[2013.06.11 08:14:06 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pcadm.dll
[2013.06.11 08:14:06 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pcalua.exe
[2013.06.11 08:14:06 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pcaevts.dll
[2013.06.11 08:12:00 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnet.dll
[2013.06.11 08:12:00 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnet.dll
[2013.06.11 08:11:59 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnathlp.dll
[2013.06.11 08:11:59 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnsvr.exe
[2013.06.11 08:11:59 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnsvr.exe
[2013.06.11 08:11:58 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnathlp.dll
[2013.06.11 08:11:57 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnhupnp.dll
[2013.06.11 08:11:57 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnhpast.dll
[2013.06.11 08:11:57 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnhupnp.dll
[2013.06.11 08:11:57 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnhpast.dll
[2013.06.11 08:11:56 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnlobby.dll
[2013.06.11 08:11:56 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnaddr.dll
[2013.06.11 08:11:56 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnlobby.dll
[2013.06.11 08:11:56 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnaddr.dll
[2013.06.11 08:11:52 | 000,362,496 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll
[2013.06.11 08:11:52 | 000,300,032 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll
[2013.06.11 08:11:52 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fontsub.dll
[2013.06.11 08:11:52 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fontsub.dll
[2013.06.11 08:11:52 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll
[2013.06.11 08:11:52 | 000,035,328 | ---- | C] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll
[2013.06.11 08:11:52 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dciman32.dll
[2013.06.11 08:11:52 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lpk.dll
[2013.06.11 08:11:46 | 002,851,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\esent.dll
[2013.06.11 08:11:46 | 002,382,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\esent.dll
[2013.06.11 08:11:40 | 006,987,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2013.06.11 08:10:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013.06.11 08:10:52 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2013.06.11 08:04:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2013.06.11 08:04:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2013.06.11 08:04:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2013.06.11 07:37:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\League of Legends
[2013.06.11 07:36:52 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Roaming\NVIDIA
[2013.06.11 07:36:48 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\PMB Files
[2013.06.11 07:36:48 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2013.06.11 07:36:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2013.06.11 07:36:10 | 000,000,000 | ---D | C] -- C:\Users\Rupert\.swt
[2013.06.11 07:35:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.06.11 07:33:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013.06.11 07:33:04 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\Google
[2013.06.11 07:32:34 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\Deployment
[2013.06.11 07:32:34 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\Apps
[2013.06.11 07:32:23 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\CrashDumps
[2013.06.11 07:27:40 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Roaming\Intel Corporation
[2013.06.11 07:26:45 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\BMExplorer
[2013.06.11 07:26:45 | 000,000,000 | ---D | C] -- C:\Users\Rupert\Documents\Bluetooth Folder
[2013.06.11 07:26:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2013.06.11 07:26:39 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\Power2Go8
[2013.06.11 07:26:38 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Roaming\Atheros
[2013.06.11 07:25:59 | 000,000,000 | R--D | C] -- C:\Users\Rupert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013.06.11 07:25:59 | 000,000,000 | R--D | C] -- C:\Users\Rupert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013.06.11 07:25:58 | 000,000,000 | R--D | C] -- C:\Users\Rupert\Searches
[2013.06.11 07:25:58 | 000,000,000 | R--D | C] -- C:\Users\Rupert\Contacts
[2013.06.11 07:25:21 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Roaming\Macromedia
[2013.06.11 07:25:20 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Roaming\Adobe
[2013.06.11 07:24:44 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\VirtualStore
[2013.06.11 07:24:30 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\Packages
[2013.06.11 07:24:22 | 000,000,000 | ---D | C] -- C:\windows\SoftwareDistribution
[2013.06.11 07:24:16 | 000,000,000 | --SD | C] -- C:\Users\Rupert\AppData\Roaming\Microsoft
[2013.06.11 07:24:16 | 000,000,000 | R--D | C] -- C:\Users\Rupert\Videos
[2013.06.11 07:24:16 | 000,000,000 | R--D | C] -- C:\Users\Rupert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2013.06.11 07:24:16 | 000,000,000 | R--D | C] -- C:\Users\Rupert\Saved Games
[2013.06.11 07:24:16 | 000,000,000 | R--D | C] -- C:\Users\Rupert\Pictures
[2013.06.11 07:24:16 | 000,000,000 | R--D | C] -- C:\Users\Rupert\Music
[2013.06.11 07:24:16 | 000,000,000 | R--D | C] -- C:\Users\Rupert\Links
[2013.06.11 07:24:16 | 000,000,000 | R--D | C] -- C:\Users\Rupert\Favorites
[2013.06.11 07:24:16 | 000,000,000 | R--D | C] -- C:\Users\Rupert\Downloads
[2013.06.11 07:24:16 | 000,000,000 | R--D | C] -- C:\Users\Rupert\Documents
[2013.06.11 07:24:16 | 000,000,000 | R--D | C] -- C:\Users\Rupert\Desktop
[2013.06.11 07:24:16 | 000,000,000 | R--D | C] -- C:\Users\Rupert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013.06.11 07:24:16 | 000,000,000 | R--D | C] -- C:\Users\Rupert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2013.06.11 07:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Rupert\Vorlagen
[2013.06.11 07:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Rupert\AppData\Local\Verlauf
[2013.06.11 07:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Rupert\AppData\Local\Temporary Internet Files
[2013.06.11 07:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Rupert\Startmenü
[2013.06.11 07:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Rupert\SendTo
[2013.06.11 07:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Rupert\Recent
[2013.06.11 07:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Rupert\Netzwerkumgebung
[2013.06.11 07:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Rupert\Lokale Einstellungen
[2013.06.11 07:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Rupert\Documents\Eigene Videos
[2013.06.11 07:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Rupert\Documents\Eigene Musik
[2013.06.11 07:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Rupert\Eigene Dateien
[2013.06.11 07:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Rupert\Documents\Eigene Bilder
[2013.06.11 07:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Rupert\Druckumgebung
[2013.06.11 07:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Rupert\Cookies
[2013.06.11 07:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Rupert\AppData\Local\Anwendungsdaten
[2013.06.11 07:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Rupert\Anwendungsdaten
[2013.06.11 07:24:16 | 000,000,000 | -H-D | C] -- C:\Users\Rupert\AppData
[2013.06.11 07:24:16 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\Temp
[2013.06.11 07:24:16 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Local\Microsoft
[2013.06.11 07:24:16 | 000,000,000 | ---D | C] -- C:\Users\Rupert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013.06.11 06:55:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2013.06.11 06:55:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2013.06.11 06:55:20 | 000,000,000 | -HSD | C] -- C:\Programme
[2013.06.11 06:55:20 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2013.06.11 06:55:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2013.06.11 06:55:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2013.06.11 06:55:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2013.06.11 06:55:20 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2013.06.11 06:55:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2013.06.11 06:55:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.13 14:28:49 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.06.13 14:27:32 | 000,001,128 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.13 14:27:21 | 000,000,416 | ---- | M] () -- C:\windows\tasks\Sing Along Update.job
[2013.06.13 14:26:32 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.06.13 14:26:28 | 2474,426,367 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.13 14:16:10 | 000,648,201 | ---- | M] () -- C:\Users\Rupert\Desktop\adwcleaner.exe
[2013.06.13 14:15:39 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Rupert\Desktop\JRT.exe
[2013.06.13 12:38:00 | 000,001,132 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.13 09:51:14 | 001,748,838 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013.06.13 09:51:14 | 000,754,172 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2013.06.13 09:51:14 | 000,711,282 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013.06.13 09:51:14 | 000,156,362 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2013.06.13 09:51:14 | 000,133,150 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013.06.13 09:36:04 | 000,377,856 | ---- | M] () -- C:\Users\Rupert\Desktop\gmer_2.1.19163.exe
[2013.06.13 09:24:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Rupert\Desktop\OTL.exe
[2013.06.13 09:23:59 | 000,000,000 | ---- | M] () -- C:\Users\Rupert\defogger_reenable
[2013.06.13 09:22:46 | 000,050,477 | ---- | M] () -- C:\Users\Rupert\Desktop\Defogger.exe
[2013.06.13 09:13:48 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.06.13 01:38:06 | 000,002,521 | ---- | M] () -- C:\Users\Public\Desktop\Freetec TubeBox.lnk
[2013.06.12 23:30:00 | 000,331,464 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013.06.12 00:52:47 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2013.06.12 00:45:24 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2013.06.12 00:44:08 | 000,001,062 | ---- | M] () -- C:\Users\Public\Desktop\iFunbox.lnk
[2013.06.12 00:03:02 | 000,001,353 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2013.06.11 23:53:14 | 000,002,139 | ---- | M] () -- C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
[2013.06.11 21:33:10 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2013.06.11 18:50:51 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.06.11 18:21:17 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\windows\SysWow64\CmdLineExt_x64.dll
[2013.06.11 17:05:58 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2013.06.11 08:26:56 | 000,002,232 | ---- | M] () -- C:\Users\Public\Desktop\LoL.lnk
[2013.06.11 08:10:57 | 000,000,873 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.06.11 08:04:35 | 000,000,919 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2013.06.11 07:35:58 | 000,002,261 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.06.05 00:09:22 | 000,693,112 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013.06.05 00:09:22 | 000,078,200 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.05.31 01:24:29 | 001,257,472 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
[2013.05.24 01:01:46 | 001,300,992 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\gdi32.dll
[2013.05.16 00:37:03 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\UXInit.dll
[2013.05.16 00:35:49 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\UXInit.dll
[2013.05.16 00:35:47 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\tssdisai.dll
[2013.05.15 04:25:59 | 000,888,320 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\autochk.exe
[2013.05.15 04:25:44 | 000,542,208 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\untfs.dll
[2013.05.15 04:24:10 | 000,793,088 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\autochk.exe
[2013.05.15 04:24:01 | 000,482,816 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\untfs.dll
 
========== Files Created - No Company Name ==========
 
[2013.06.13 14:15:55 | 000,648,201 | ---- | C] () -- C:\Users\Rupert\Desktop\adwcleaner.exe
[2013.06.13 09:36:03 | 000,377,856 | ---- | C] () -- C:\Users\Rupert\Desktop\gmer_2.1.19163.exe
[2013.06.13 09:23:59 | 000,000,000 | ---- | C] () -- C:\Users\Rupert\defogger_reenable
[2013.06.13 09:22:45 | 000,050,477 | ---- | C] () -- C:\Users\Rupert\Desktop\Defogger.exe
[2013.06.13 09:13:48 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.06.13 01:43:00 | 000,000,416 | ---- | C] () -- C:\windows\tasks\Sing Along Update.job
[2013.06.13 01:38:06 | 000,002,521 | ---- | C] () -- C:\Users\Public\Desktop\Freetec TubeBox.lnk
[2013.06.12 23:29:51 | 000,331,464 | ---- | C] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013.06.12 01:10:18 | 000,386,646 | ---- | C] () -- C:\windows\SysNative\ApnDatabase.xml
[2013.06.12 00:52:47 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2013.06.12 00:45:24 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2013.06.12 00:44:08 | 000,001,062 | ---- | C] () -- C:\Users\Public\Desktop\iFunbox.lnk
[2013.06.12 00:03:02 | 000,001,353 | ---- | C] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2013.06.11 23:53:14 | 000,002,139 | ---- | C] () -- C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
[2013.06.11 21:33:10 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2013.06.11 18:50:51 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.06.11 18:45:14 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013.06.11 17:05:58 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2013.06.11 08:26:56 | 000,002,232 | ---- | C] () -- C:\Users\Public\Desktop\LoL.lnk
[2013.06.11 08:10:57 | 000,000,873 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.06.11 08:04:35 | 000,000,919 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2013.06.11 07:35:58 | 000,002,261 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.06.11 07:33:11 | 000,001,132 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.11 07:33:10 | 000,001,128 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.11 07:25:50 | 000,001,444 | ---- | C] () -- C:\Users\Rupert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013.01.03 09:52:21 | 000,083,968 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll
[2013.01.03 09:43:05 | 000,754,652 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng700.bin
[2013.01.03 09:43:05 | 000,064,512 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2013.01.03 08:27:44 | 001,774,862 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012.12.14 02:42:24 | 000,598,384 | ---- | C] () -- C:\windows\SysWow64\igvpkrng700.bin
[2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
[2012.04.20 21:59:44 | 000,001,536 | ---- | C] () -- C:\windows\SysWow64\IusEventLog.dll
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\windows\SysWow64\xlive.dll.cat
 
========== ZeroAccess Check ==========
 
[2013.06.11 18:19:54 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.03.06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.03.06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
--- --- ---
Alt 13.06.2013, 13:42   #9
rupertbayern
 
Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys! - Standard

Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys!


OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 13.06.2013 14:29:19 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Rupert\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16599)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,88 Gb Total Physical Memory | 6,42 Gb Available Physical Memory | 81,51% Memory free
12,38 Gb Paging File | 10,77 Gb Available in Paging File | 86,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 684,35 Gb Total Space | 561,83 Gb Free Space | 82,10% Space Free | Partition Type: NTFS
 
Computer Name: RUPERTS-PC | User Name: Rupert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-1964743600-2523548807-1327938116-1002\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1ABCF518-69E6-48FA-8256-339CC04246EF}" = lport=445 | protocol=6 | dir=in | app=system | 
"{1C509383-9F0E-4F90-94F1-E546D2BE0B48}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{1C6C4DF0-AF39-481A-ABB2-CF959336C0D0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{2191AACC-1E94-43B1-A846-1E9D335C58FD}" = lport=139 | protocol=6 | dir=in | app=system | 
"{3823E074-A34F-4746-92B5-9455FB3BF721}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{3D5BAC7C-9BA0-4152-B7F8-2E66ED8E0A81}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{65BEBE5C-0834-4FE8-A3CA-28E63F8F0BC0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{701DCBD0-5D90-4855-92EB-7EAAD1A0E429}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{78238F85-342D-43E8-9293-1E95DCEB3339}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{817AC6A7-F720-434C-8CA8-031D87B46C93}" = rport=138 | protocol=17 | dir=out | app=system | 
"{A23D3C81-B298-4769-9B5F-63BF32272290}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{AB13D84A-6EDD-4F52-A96B-4D4A7A97C9EB}" = lport=137 | protocol=17 | dir=in | app=system | 
"{C05221FB-FCC8-4861-BEFF-BC913A72308F}" = rport=445 | protocol=6 | dir=out | app=system | 
"{C59B941B-CC84-4956-B97D-F07D51B5538F}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{C760A690-48EA-4B50-A89E-5484887761E6}" = lport=138 | protocol=17 | dir=in | app=system | 
"{CEE4DC61-8F82-4617-9507-32EDB695C93E}" = rport=137 | protocol=17 | dir=out | app=system | 
"{D84EED6E-D34F-4F37-87F6-D956A4F83BDB}" = rport=139 | protocol=6 | dir=out | app=system | 
"{DF43AD26-A1A3-477A-A0AB-BCB1DDE8124F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{E59CD6C0-DE9B-4110-B826-FF3FDFC2501E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{EAAA2374-9223-463B-98FE-9E0B4454E6D7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{F225A3BE-1290-4064-9AFE-0929EA76EE51}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{F9FB850D-E67A-4154-A82C-C00CB2AED4D8}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{FBE63515-3D3E-40D4-B58C-70AE8F310995}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00485B92-9251-495F-B0FB-E75A889C6C23}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{013DF654-DDBF-4469-9413-BD3A677824FF}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{01D87BC9-A065-4317-B15F-8740D06E68E6}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{04BE5001-95AF-440B-83A3-BBC0AC6687F4}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{056EBC8F-1DE7-40EE-8126-AC602A3DCF08}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{0D2E126D-37B3-4DB3-B5E8-C98F258924F7}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{12E11540-19C9-4422-AB30-87C94D2AE458}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{19479B00-9953-4B01-8F7D-7EF169A13AAD}" = dir=out | name=@{microsoft.bingtravel_2.0.0.274_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | 
"{1B61F366-4C2D-4B53-B188-992319F936DF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2\justcause2.exe | 
"{239BBE51-8C05-436D-809A-F191CE2EDEA7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\thomaswasalone\thomaswasalone.exe | 
"{25AEC587-221A-4542-81A7-BC31E8B7C6C4}" = dir=out | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{25E20188-16CF-4368-839A-FF2DC2220E1E}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{285AE3E7-DB1B-4737-9983-5D0914EEDACA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{2F32A298-CCC2-453D-9091-F89B462A4182}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tomb raider\tombraider.exe | 
"{31EB6EC3-239A-4517-9556-984B23EDD667}" = dir=out | name=skype | 
"{334728B9-F6BB-4E21-A558-37AF990A000D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{34EA762B-8652-41A9-AA0F-151369FA38E2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hitman blood money\hitmanbloodmoney.exe | 
"{39E8E757-56BF-4816-BDE3-F22B09C4B464}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{3CBB1D04-6628-44E4-B010-2CDA15187624}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alan wake\alanwake.exe | 
"{408BA4BA-7CE7-436E-8186-0E93CC6B9590}" = dir=out | name=@{microsoft.bing_1.5.1.259_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{40E0BB51-3B71-408C-8F17-C7938D4A51E5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{4216991D-DB7C-4ED7-A5C3-8B9F0CD4B201}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | 
"{4540E257-47CB-4C70-A8C5-17C5754FDFB0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{4861B09A-3F22-4161-AE68-B7285CEFF71B}" = dir=out | name=@{microsoft.bingmaps_1.6.1528.2509_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{492A3204-19BB-4C1D-BC58-3592B257A20A}" = dir=out | name=@{microsoft.zunemusic_1.3.59.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | 
"{4F00778B-69CE-462D-8F83-5D37CCAD5F59}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{57EE7C96-5400-45FC-B1CC-A383871E7A6C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hitman blood money\hitmanbloodmoney.exe | 
"{5B28A711-C88F-4411-B21C-B411EB1C0FD1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alan wake\alanwake.exe | 
"{5D7FC930-43FB-472F-AEE8-AE20B7B29F57}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"{656657AF-054D-4FA5-96DC-EF341651CB8E}" = dir=out | name=@{microsoft.bingweather_2.0.0.288_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{6AD423FE-E852-4B9F-BF5D-DEDEBAF6B09B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{6BC280AB-CEB8-4D7F-B098-F74F1528D7A5}" = dir=out | name=kindle | 
"{6C04BBC1-B2E8-447D-BE1C-CC233445D723}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{7154F503-F9D7-45F2-8D11-5B5A748417D8}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | 
"{7528FF0E-ABDE-4AC2-B53C-A7A2B28088A6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{77BF426C-7DC0-47B0-9607-6B18C8C6944C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{7899426B-DA86-4804-A74D-A7C425EDBA6C}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe | 
"{78EE06B1-BCB7-4129-91BE-B6D5B036207B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hitman blood money\configure.exe | 
"{7B942A48-9D40-433D-9F0F-4639A29BAFEE}" = dir=in | name=skype | 
"{7DD08253-50BA-49BC-8D78-DDFA480DF36C}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{7EB5EAEB-DE0B-4D77-88A5-1FC0EB964FE2}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{7F64B503-9598-430B-AC3F-37220CE5A0C9}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector10\pdr10.exe | 
"{8009704F-8000-41F7-B312-B6E27799BEDA}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe | 
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{88B2EBB0-3387-47A3-B113-55A86B531C4D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{8A0E2BC5-31CB-4059-8034-ED05EC0D0A12}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{8E300B4B-699B-4059-89F0-C9A9482302B3}" = dir=out | name=@{microsoft.bingfinance_2.0.0.275_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | 
"{8E5CE73D-E897-49B5-9040-5604EC3EA62E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{926AC473-D877-4EE1-83C9-862C0FD3FE11}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{95BD00F9-E909-460F-9253-0450C6E13E5E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{95E9E8E4-E138-444C-A96E-059212CBE712}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{9A213F88-EE56-4657-BD79-AAD9C2F4C633}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"{9E304898-1B31-4544-B0B3-D3510EB8176F}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{9E57C59E-9304-413D-A799-87BA09C5A43F}" = dir=out | name=@{microsoft.bingsports_2.0.0.273_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | 
"{9E670556-F485-4B54-913B-F7CC1D297B86}" = dir=in | name=mcafee security advisor for dell | 
"{9F178F9C-3D34-4B50-A34C-410B463257D2}" = dir=in | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{A3183285-7FFC-419B-B049-1D1F18868607}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\thomaswasalone\thomaswasalone.exe | 
"{A69E34D3-A5C9-4DD9-9546-1BA4AC411B42}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{AB6F0030-E40B-4292-8808-3904486ACC06}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | 
"{ACC5A1A1-5FA0-477E-925D-AB1570BED30F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe | 
"{B056F9E3-9187-4835-8D86-F995AC60E1AC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{B5B99E2A-045A-49D2-A99A-3FDD660E4720}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe | 
"{B72C722B-83FD-4DA1-BC91-B1A1DA666FB3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{B7E09FD2-1E1B-45D4-B924-314D7B721502}" = dir=out | name=@{microsoft.zunevideo_1.3.59.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | 
"{B7F38064-7C83-4DF6-ACB6-6DBDBC0993FF}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{C097C0A1-BE2C-4B91-BA2D-7F38EA224210}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2\justcause2.exe | 
"{C7D0AAFA-3A6E-430B-AE22-4400405A500F}" = dir=out | name=amazon | 
"{CED5B159-D282-4B11-9D49-093DC5A47696}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hitman blood money\configure.exe | 
"{CFB3E0B1-114B-4067-9A00-54374B625C5C}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{CFEB6F57-F5C0-4F4D-A0D2-7CE455719D47}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{D0A6565C-A282-407C-9690-F041D152BB58}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{D124D7B9-5736-4926-9105-3ECF246233C1}" = dir=out | name=mcafee security advisor for dell | 
"{D1822868-2BD5-44AA-A7E8-9A6F0F3C141B}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{D1CDC8D6-8917-4CF9-B9FE-4F54A4854F8B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe | 
"{D36F93B3-EE3C-4BB6-A7C3-F6C62CF07DB9}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{D7FE451A-254D-48AA-A62C-213E165F6283}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{DE2E9DDA-7138-4DA2-972E-DA78BB6BE57E}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{DFC5E3D0-1BA5-47FE-9E57-F34903BB9205}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{E24F39B4-6EBA-447D-B5EF-FDD5B0F8F659}" = protocol=6 | dir=out | app=system | 
"{E34E3754-7FBA-43BA-B523-2893D5DAC72D}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{E3A0FF33-517C-47A8-9558-93AEEEA5C87E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe | 
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{EF1E2DA9-75AC-4386-B0CC-D9B681DA1B3F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{EFF91E22-A16A-4238-9B43-322EAB04D9F4}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{F43EE1E1-BB62-4F07-94EA-6B6D7A6C058E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{F7609C78-0C3B-47E5-B236-306FFAF4A608}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tomb raider\tombraider.exe | 
"{F9C41711-D21B-4B00-9814-2DD5C2B84B5A}" = dir=out | name=@{microsoft.bingnews_2.0.0.273_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | 
"{FA68A9C7-3099-4EE4-8354-C64659A6ECEC}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{FCA33A8E-79C2-45A4-8FFF-8390611A134E}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{76FF0F03-B707-4332-B5D1-A56C8303514E}" = iTunes
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 320.18
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 320.18
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 320.18
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 4.11.9
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 4.11.9
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.24.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{DF446558-ADF7-4884-9B2D-281979CCE71F}" = Qualcomm Atheros Killer Network Manager
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"{F842F8B0-6942-4930-821F-543E976B2C66}" = MSVCRT110_amd64
"PC-Doctor for Windows" = My Dell
"SynTPDeinstKey" = Dell Touchpad
"VLC media player" = VLC media player 2.0.7
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell Backup and Recovery
"{1057511B-F8FE-4230-9ED3-AB949A57EE4A}" = Windows Live PIMT Platform
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"{29315CEC-E6CE-4394-84DC-6F862E8D9A52}" = Windows Live UX Platform
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{2FAFE37E-D796-47B8-BA8F-D09819B12DF6}" = Windows Live Essentials
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4F9A382F-4478-4036-905C-F77DF2EA0370}" = Windows Live SOXE
"{4FA8F084-C42F-45E1-B7E5-E0C8A1083DC5}" = Windows Live SOXE Definitions
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{618F39BD-9720-47CF-A89C-108AB41B1493}" = Windows Live UX Platform Language Pack
"{64DF7404-9D46-44AF-AFA1-A2F8D5648C2D}" = Windows Live Photo Common
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76EE8FE7-1957-4C51-9074-4930A8CFB1AF}" = Windows Live Installer
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7F682A00-6497-4551-A2A6-063AE667D1CF}" = Movie Maker
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office
"{951BA238-9349-4C4F-B871-2FD68CA20F79}" = TubeBox
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B2E55F8-5BA8-4A45-9682-ACB6F2CC0DA5}" = Photo Gallery
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}" = ST Microelectronics 3 Axis Digital Accelerometer Solution
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell Backup and Recovery - Support Software
"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"{B19E03EA-067C-412F-A81E-271720E601AB}" = Fotogalerie
"{B27FA0A3-D80F-41A9-8BAD-C5F2D859AB22}" = Photo Common
"{BA73469B-D8C7-4FE3-B33C-1340D09F0709}" = Windows Live Communications Platform
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint 2.5
"{cb69ca7b-a22a-4654-b672-94507e0560cf}" = TubeBox
"{D71BC54E-A4E6-4E06-866C-FD6EE16EA187}" = Movie Maker
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"3D073343-CEEB-4ce7-85AC-A69A7631B5D6" = Intel(R) Rapid Start Technology
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"iFunbox_is1" = iFunbox (v2.6.2375.747), iFunbox DevTeam
"InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}" = CyberLink Media Suite Essentials
"InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}" = Qualcomm Atheros Killer Network Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"MSC" = McAfee SecurityCenter
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"singalong@xenophesoft.com" = Sing Along
"Steam App 108710" = Alan Wake
"Steam App 12210" = Grand Theft Auto IV
"Steam App 202750" = Alan Wake's American Nightmare
"Steam App 203160" = Tomb Raider
"Steam App 220780" = Thomas Was Alone
"Steam App 49520" = Borderlands 2
"Steam App 6860" = Hitman: Blood Money
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 8190" = Just Cause 2
"WinLiveSuite" = Windows Live Essentials
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1964743600-2523548807-1327938116-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"9204f5692a8faf3b" = Dell System Detect
 
< End of report >
--- --- ---
Alt 13.06.2013, 13:51   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys! - Standard

Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys!


MBAR (Malwarebytes Anti-Rootkit)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers



TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 13.06.2013, 14:17   #11
rupertbayern
 
Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys! - Standard

Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys!


MBAR scheint nichts gefunden zu haben und hat gesagt: No cleanup required, ich konnte auch nirgendwo auf cleanup drücken
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.06.0.1003
www.malwarebytes.org

Database version: v2013.06.13.05

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16599
Rupert :: RUPERTS-PC [administrator]

13.06.2013 14:58:54
mbar-log-2013-06-13 (14-58-54).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: Deep Anti-Rootkit Scan | PUP
Objects scanned: 249768
Time elapsed: 11 minute(s), 16 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
Und tdss killer
Code:
ATTFilter
15:12:37.0084 2232  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:12:37.0084 2232  UEFI system
15:12:37.0834 2232  ============================================================
15:12:37.0834 2232  Current date / time: 2013/06/13 15:12:37.0834
15:12:37.0834 2232  SystemInfo:
15:12:37.0834 2232  
15:12:37.0834 2232  OS Version: 6.2.9200 ServicePack: 0.0
15:12:37.0834 2232  Product type: Workstation
15:12:37.0834 2232  ComputerName: RUPERTS-PC
15:12:37.0834 2232  UserName: Rupert
15:12:37.0834 2232  Windows directory: C:\windows
15:12:37.0834 2232  System windows directory: C:\windows
15:12:37.0834 2232  Running under WOW64
15:12:37.0834 2232  Processor architecture: Intel x64
15:12:37.0834 2232  Number of processors: 8
15:12:37.0834 2232  Page size: 0x1000
15:12:37.0834 2232  Boot type: Normal boot
15:12:37.0834 2232  ============================================================
15:12:38.0475 2232  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:12:38.0475 2232  Drive \Device\Harddisk1\DR1 - Size: 0x7745D6000 (29.82 Gb), SectorSize: 0x200, Cylinders: 0xF34, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:12:38.0475 2232  ============================================================
15:12:38.0475 2232  \Device\Harddisk0\DR0:
15:12:38.0475 2232  GPT partitions:
15:12:38.0491 2232  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {47767EEB-84AE-44D4-A1A3-8EE6DF02D857}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0xFA000
15:12:38.0491 2232  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {796BADD3-6BBF-4D9F-B631-466EB71A4965}, UniqueGUID: {76C56018-0ACE-481E-ACD7-7317157F637A}, Name: Basic data partition, StartLBA 0xFA800, BlocksNum 0x14000
15:12:38.0491 2232  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {2D37B09C-9201-4A93-88FF-61E91914BA62}, Name: Microsoft reserved partition, StartLBA 0x10E800, BlocksNum 0x40000
15:12:38.0491 2232  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {80A249A4-CE9D-4157-B917-CF76F6D75FEB}, Name: Basic data partition, StartLBA 0x14E800, BlocksNum 0xFA000
15:12:38.0491 2232  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {41300B8D-C99E-4E4B-B8E1-D2B64D558C0F}, Name: Basic data partition, StartLBA 0x248800, BlocksNum 0x558B1000
15:12:38.0491 2232  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {6AF289B2-AD78-4A84-9174-F6CBDF6FA17E}, Name: Microsoft recovery partition, StartLBA 0x55AF9800, BlocksNum 0x1A4B547
15:12:38.0491 2232  MBR partitions:
15:12:38.0491 2232  \Device\Harddisk1\DR1:
15:12:38.0491 2232  GPT partitions:
15:12:38.0491 2232  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {D3BFE2DE-3DAF-11DF-BA40-E3A556D89593}, UniqueGUID: {F031536F-39F4-4E26-BCCA-2C5B2A0C2297}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xFFF000
15:12:38.0491 2232  MBR partitions:
15:12:38.0491 2232  ============================================================
15:12:38.0506 2232  C: <-> \Device\Harddisk0\DR0\Partition5
15:12:38.0506 2232  ============================================================
15:12:38.0506 2232  Initialize success
15:12:38.0506 2232  ============================================================
15:12:54.0196 6184  ============================================================
15:12:54.0196 6184  Scan started
15:12:54.0196 6184  Mode: Manual; SigCheck; TDLFS; 
15:12:54.0196 6184  ============================================================
15:12:54.0930 6184  ================ Scan system memory ========================
15:12:54.0930 6184  System memory - ok
15:12:54.0930 6184  ================ Scan services =============================
15:12:55.0055 6184  [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci        C:\windows\System32\drivers\1394ohci.sys
15:12:55.0102 6184  1394ohci - ok
15:12:55.0117 6184  [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware           C:\windows\system32\drivers\3ware.sys
15:12:55.0117 6184  3ware - ok
15:12:55.0149 6184  [ 975AABEB243B800C23626D6B652C5A9C ] ACPI            C:\windows\system32\drivers\ACPI.sys
15:12:55.0164 6184  ACPI - ok
15:12:55.0164 6184  [ DC968C37822117E576B933F34A2D130C ] acpiex          C:\windows\system32\Drivers\acpiex.sys
15:12:55.0180 6184  acpiex - ok
15:12:55.0180 6184  [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr        C:\windows\System32\drivers\acpipagr.sys
15:12:55.0211 6184  acpipagr - ok
15:12:55.0211 6184  [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi         C:\windows\System32\drivers\acpipmi.sys
15:12:55.0227 6184  AcpiPmi - ok
15:12:55.0227 6184  [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime        C:\windows\System32\drivers\acpitime.sys
15:12:55.0242 6184  acpitime - ok
15:12:55.0258 6184  [ 93C6388592B99925C1D1576E465BC80F ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
15:12:55.0274 6184  adp94xx - ok
15:12:55.0289 6184  [ D27763E0247292654E7F7D16444C7C72 ] adpahci         C:\windows\system32\drivers\adpahci.sys
15:12:55.0289 6184  adpahci - ok
15:12:55.0305 6184  [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320         C:\windows\system32\drivers\adpu320.sys
15:12:55.0305 6184  adpu320 - ok
15:12:55.0336 6184  [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
15:12:55.0367 6184  AeLookupSvc - ok
15:12:55.0414 6184  [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
15:12:55.0430 6184  AERTFilters - ok
15:12:55.0461 6184  [ 9E975BDC89C83900B2C534C4E1B018F8 ] AFD             C:\windows\system32\drivers\afd.sys
15:12:55.0524 6184  AFD - ok
15:12:55.0539 6184  [ 01590377A5AB19E792528C628A2A68F9 ] agp440          C:\windows\system32\drivers\agp440.sys
15:12:55.0555 6184  agp440 - ok
15:12:55.0617 6184  [ 3439DE51D888039DAF7A180219A40A6C ] akw8x64         C:\windows\system32\DRIVERS\akw8x64.sys
15:12:55.0680 6184  akw8x64 - ok
15:12:55.0711 6184  [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG             C:\windows\System32\alg.exe
15:12:55.0727 6184  ALG - ok
15:12:55.0742 6184  [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\windows\system32\AUInstallAgent.dll
15:12:55.0774 6184  AllUserInstallAgent - ok
15:12:55.0789 6184  [ FB88D16B55F788EEB7590584FE2D8F1A ] AmdK8           C:\windows\System32\drivers\amdk8.sys
15:12:55.0805 6184  AmdK8 - ok
15:12:55.0805 6184  [ 81402FF3373CE4DF77D5C874E369A985 ] AmdPPM          C:\windows\System32\drivers\amdppm.sys
15:12:55.0821 6184  AmdPPM - ok
15:12:55.0836 6184  [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata         C:\windows\system32\drivers\amdsata.sys
15:12:55.0836 6184  amdsata - ok
15:12:55.0836 6184  [ 00452671904F5EE94B50BF0219C97164 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
15:12:55.0852 6184  amdsbs - ok
15:12:55.0852 6184  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata         C:\windows\system32\drivers\amdxata.sys
15:12:55.0867 6184  amdxata - ok
15:12:55.0883 6184  [ 83B3682CE922FB0F415734B26D9D6233 ] AppID           C:\windows\system32\drivers\appid.sys
15:12:55.0899 6184  AppID - ok
15:12:55.0899 6184  [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc        C:\windows\System32\appidsvc.dll
15:12:55.0930 6184  AppIDSvc - ok
15:12:55.0946 6184  [ 4F750B7EFCB6520AE01E01D082D7D476 ] Appinfo         C:\windows\System32\appinfo.dll
15:12:55.0961 6184  Appinfo - ok
15:12:56.0102 6184  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:12:56.0117 6184  Apple Mobile Device - ok
15:12:56.0149 6184  [ E933401B392387F4BE34DE8BAF1722A7 ] arc             C:\windows\system32\drivers\arc.sys
15:12:56.0149 6184  arc - ok
15:12:56.0149 6184  [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas          C:\windows\system32\drivers\arcsas.sys
15:12:56.0164 6184  arcsas - ok
15:12:56.0164 6184  [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
15:12:56.0180 6184  AsyncMac - ok
15:12:56.0196 6184  [ A721FF570C2387E383BDDEA9632863C9 ] atapi           C:\windows\system32\drivers\atapi.sys
15:12:56.0196 6184  atapi - ok
15:12:56.0211 6184  [ 4885C14A6AB6969B5773A42DA0BA3DA4 ] AthBTPort       C:\windows\system32\DRIVERS\btath_flt.sys
15:12:56.0211 6184  AthBTPort - ok
15:12:56.0258 6184  [ 7CA5397A47843B0BD36898F32F2D403B ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
15:12:56.0258 6184  AtherosSvc - ok
15:12:56.0289 6184  [ BCD7A47EF587DC00DD61D12D9C2D1E44 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
15:12:56.0305 6184  AudioEndpointBuilder - ok
15:12:56.0336 6184  [ 810F30FF8490ED5ED510621DF10DE320 ] Audiosrv        C:\windows\System32\Audiosrv.dll
15:12:56.0368 6184  Audiosrv - ok
15:12:56.0399 6184  [ 89491EF71D5EA011127832C588002853 ] AxInstSV        C:\windows\System32\AxInstSV.dll
15:12:56.0414 6184  AxInstSV - ok
15:12:56.0446 6184  [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
15:12:56.0461 6184  b06bdrv - ok
15:12:56.0477 6184  [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay    C:\windows\System32\drivers\BasicDisplay.sys
15:12:56.0493 6184  BasicDisplay - ok
15:12:56.0508 6184  [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender     C:\windows\System32\drivers\BasicRender.sys
15:12:56.0524 6184  BasicRender - ok
15:12:56.0539 6184  [ 558F6EEF46EC2642C8F72D34CBB5612E ] BDESVC          C:\windows\System32\bdesvc.dll
15:12:56.0555 6184  BDESVC - ok
15:12:56.0571 6184  [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep            C:\windows\system32\drivers\Beep.sys
15:12:56.0586 6184  Beep - ok
15:12:56.0602 6184  [ 407F85D5387EDBB665A7969DF4D4712B ] BFE             C:\windows\System32\bfe.dll
15:12:56.0633 6184  BFE - ok
15:12:56.0664 6184  [ 1ADB5A87D7EEE5C25B9EA6D475CDB452 ] BfLwf           C:\windows\system32\DRIVERS\bwcW8x64.sys
15:12:56.0664 6184  BfLwf - ok
15:12:56.0711 6184  [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS            C:\windows\System32\qmgr.dll
15:12:56.0743 6184  BITS - ok
15:12:56.0789 6184  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:12:56.0821 6184  Bonjour Service - ok
15:12:56.0852 6184  [ B17AC10B47C7FCB44D22A1F06415840E ] bowser          C:\windows\system32\DRIVERS\bowser.sys
15:12:56.0868 6184  bowser - ok
15:12:56.0899 6184  [ 038FA1B55531E7020DB705B42FCCE373 ] BrokerInfrastructure C:\windows\System32\bisrv.dll
15:12:56.0946 6184  BrokerInfrastructure - ok
15:12:56.0961 6184  [ 310068BDA80B1D55C36580FD8A873FAF ] Browser         C:\windows\System32\browser.dll
15:12:56.0993 6184  Browser - ok
15:12:57.0008 6184  [ 942F3F6286056D6BBB5B02ED2B7088BD ] BTATH_A2DP      C:\windows\system32\drivers\btath_a2dp.sys
15:12:57.0024 6184  BTATH_A2DP - ok
15:12:57.0039 6184  [ 43C965027229D9FF6E52E4C71C03B09E ] btath_avdt      C:\windows\system32\drivers\btath_avdt.sys
15:12:57.0039 6184  btath_avdt - ok
15:12:57.0055 6184  [ 23CEDCD7527A26B222732A158F76EB24 ] BTATH_BUS       C:\windows\System32\drivers\btath_bus.sys
15:12:57.0055 6184  BTATH_BUS - ok
15:12:57.0071 6184  [ 3DD64966A764BCAFF07C9DC064BD410E ] BTATH_HCRP      C:\windows\System32\drivers\btath_hcrp.sys
15:12:57.0071 6184  BTATH_HCRP - ok
15:12:57.0071 6184  [ B68EE0721EAC305AB1C9C989CDF1AEFF ] BTATH_LWFLT     C:\windows\system32\DRIVERS\btath_lwflt.sys
15:12:57.0086 6184  BTATH_LWFLT - ok
15:12:57.0086 6184  [ EC7BB341229E9E6B04349580F55218B2 ] BTATH_RCP       C:\windows\System32\drivers\btath_rcp.sys
15:12:57.0086 6184  BTATH_RCP - ok
15:12:57.0102 6184  [ CBF4EF7E9FE86CE0CAB0A6472DE34A1C ] BtFilter        C:\windows\system32\DRIVERS\btfilter.sys
15:12:57.0133 6184  BtFilter - ok
15:12:57.0149 6184  [ F17DEEAC7D51D44CF1BFF8DD4F0A2B6D ] BthAvrcpTg      C:\windows\System32\drivers\BthAvrcpTg.sys
15:12:57.0164 6184  BthAvrcpTg - ok
15:12:57.0164 6184  [ A8B20D852B07AE19A13B5D47EC4E4C3B ] BthEnum         C:\windows\System32\drivers\BthEnum.sys
15:12:57.0196 6184  BthEnum - ok
15:12:57.0211 6184  [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum       C:\windows\System32\drivers\bthhfenum.sys
15:12:57.0227 6184  BthHFEnum - ok
15:12:57.0243 6184  [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid        C:\windows\System32\drivers\BthHFHid.sys
15:12:57.0258 6184  bthhfhid - ok
15:12:57.0274 6184  [ 42201C346F0B8C458E1E9CDE04D68A2C ] BthLEEnum       C:\windows\system32\DRIVERS\BthLEEnum.sys
15:12:57.0305 6184  BthLEEnum - ok
15:12:57.0305 6184  [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM        C:\windows\System32\drivers\bthmodem.sys
15:12:57.0321 6184  BTHMODEM - ok
15:12:57.0336 6184  [ 091BB978E9504D0AD14586929431A957 ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
15:12:57.0352 6184  BthPan - ok
15:12:57.0383 6184  [ 13795CAA34239D97A7211E7F9D96E012 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
15:12:57.0399 6184  BTHPORT - ok
15:12:57.0430 6184  [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv         C:\windows\system32\bthserv.dll
15:12:57.0461 6184  bthserv - ok
15:12:57.0493 6184  [ 1F715957F5236D30B6020A19A4271F6A ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
15:12:57.0524 6184  BTHUSB - ok
15:12:57.0539 6184  [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
15:12:57.0571 6184  cdfs - ok
15:12:57.0586 6184  [ 339BFF85D788268752DA8C9644B188EE ] cdrom           C:\windows\System32\drivers\cdrom.sys
15:12:57.0618 6184  cdrom - ok
15:12:57.0633 6184  [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc     C:\windows\System32\certprop.dll
15:12:57.0664 6184  CertPropSvc - ok
15:12:57.0711 6184  [ D2B3252AD4EB499C935A56467997AA3C ] cfwids          C:\windows\system32\drivers\cfwids.sys
15:12:57.0711 6184  cfwids - ok
15:12:57.0727 6184  [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass        C:\windows\System32\drivers\circlass.sys
15:12:57.0758 6184  circlass - ok
15:12:57.0774 6184  [ 9905168708DB68849B879B5548F68AB3 ] CLFS            C:\windows\system32\drivers\CLFS.sys
15:12:57.0789 6184  CLFS - ok
15:12:57.0821 6184  [ 075CCE75090786F124573A788C8656E6 ] CLVirtualDrive  C:\windows\system32\DRIVERS\CLVirtualDrive.sys
15:12:57.0821 6184  CLVirtualDrive - ok
15:12:57.0836 6184  [ 2DC8538A2260647484A6C921CA837313 ] CmBatt          C:\windows\System32\drivers\CmBatt.sys
15:12:57.0852 6184  CmBatt - ok
15:12:57.0868 6184  [ 1894FD2D5966A81D3B07A7C4D8724D59 ] CNG             C:\windows\system32\Drivers\cng.sys
15:12:57.0883 6184  CNG - ok
15:12:57.0914 6184  [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus    C:\windows\System32\drivers\CompositeBus.sys
15:12:57.0930 6184  CompositeBus - ok
15:12:57.0930 6184  COMSysApp - ok
15:12:57.0946 6184  [ D9CB0782AF819548072AA45B70F8B22D ] condrv          C:\windows\system32\drivers\condrv.sys
15:12:57.0961 6184  condrv - ok
15:12:58.0039 6184  [ 815F3180B5117E42E422188E9CCC89C6 ] cphs            C:\windows\SysWow64\IntelCpHeciSvc.exe
15:12:58.0055 6184  cphs - ok
15:12:58.0086 6184  [ AFA426B0E7975CEB21F8B6711EFA8945 ] CryptSvc        C:\windows\system32\cryptsvc.dll
15:12:58.0118 6184  CryptSvc - ok
15:12:58.0149 6184  [ A4CCA7289C1A6223D61FD27BF2FC413F ] dam             C:\windows\system32\drivers\dam.sys
15:12:58.0164 6184  dam - ok
15:12:58.0211 6184  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch      C:\windows\system32\rpcss.dll
15:12:58.0227 6184  DcomLaunch - ok
15:12:58.0274 6184  [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc       C:\windows\System32\defragsvc.dll
15:12:58.0321 6184  defragsvc - ok
15:12:58.0352 6184  [ DC253191A553DACA7684CFB5B03A4268 ] DellRbtn        C:\windows\System32\drivers\DellRbtn.sys
15:12:58.0368 6184  DellRbtn - ok
15:12:58.0399 6184  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\windows\system32\das.dll
15:12:58.0430 6184  DeviceAssociationService - ok
15:12:58.0461 6184  [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall   C:\windows\system32\umpnpmgr.dll
15:12:58.0461 6184  DeviceInstall - ok
15:12:58.0477 6184  [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc            C:\windows\system32\Drivers\dfsc.sys
15:12:58.0508 6184  Dfsc - ok
15:12:58.0540 6184  [ CFB72DF4B2364AF6D4D685DCD310E942 ] Dhcp            C:\windows\system32\dhcpcore.dll
15:12:58.0586 6184  Dhcp - ok
15:12:58.0602 6184  [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache        C:\windows\system32\drivers\discache.sys
15:12:58.0633 6184  discache - ok
15:12:58.0633 6184  [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk            C:\windows\system32\drivers\disk.sys
15:12:58.0633 6184  disk - ok
15:12:58.0649 6184  [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc           C:\windows\System32\drivers\dmvsc.sys
15:12:58.0665 6184  dmvsc - ok
15:12:58.0680 6184  [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache        C:\windows\System32\dnsrslvr.dll
15:12:58.0711 6184  Dnscache - ok
15:12:58.0727 6184  [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc         C:\windows\System32\dot3svc.dll
15:12:58.0743 6184  dot3svc - ok
15:12:58.0758 6184  [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS             C:\windows\system32\dps.dll
15:12:58.0774 6184  DPS - ok
15:12:58.0790 6184  [ 84D07E4E4FBE72DA3EC1C1E77C49B53C ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
15:12:58.0790 6184  drmkaud - ok
15:12:58.0805 6184  [ BF48F32EE248C3D371DA5DC93BBEADA7 ] DsmSvc          C:\windows\System32\DeviceSetupManager.dll
15:12:58.0836 6184  DsmSvc - ok
15:12:58.0868 6184  [ 6D1B8A9A2C0BD4851D8AF1AB43E67AD9 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
15:12:58.0883 6184  DXGKrnl - ok
15:12:58.0899 6184  [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost         C:\windows\System32\eapsvc.dll
15:12:58.0946 6184  Eaphost - ok
15:12:59.0008 6184  [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv           C:\windows\system32\drivers\evbda.sys
15:12:59.0055 6184  ebdrv - ok
15:12:59.0071 6184  [ F702AB6181513303AB0FC8D59E52708B ] EFS             C:\windows\System32\lsass.exe
15:12:59.0086 6184  EFS - ok
15:12:59.0102 6184  [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass     C:\windows\system32\drivers\EhStorClass.sys
15:12:59.0118 6184  EhStorClass - ok
15:12:59.0118 6184  [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv    C:\windows\system32\drivers\EhStorTcgDrv.sys
15:12:59.0133 6184  EhStorTcgDrv - ok
15:12:59.0133 6184  [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev          C:\windows\System32\drivers\errdev.sys
15:12:59.0149 6184  ErrDev - ok
15:12:59.0180 6184  [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem     C:\windows\system32\es.dll
15:12:59.0211 6184  EventSystem - ok
15:12:59.0227 6184  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat           C:\windows\system32\drivers\exfat.sys
15:12:59.0258 6184  exfat - ok
15:12:59.0274 6184  [ 60996602A7111FD2D086E803F33E4282 ] fastfat         C:\windows\system32\drivers\fastfat.sys
15:12:59.0290 6184  fastfat - ok
15:12:59.0321 6184  [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax             C:\windows\system32\fxssvc.exe
15:12:59.0352 6184  Fax - ok
15:12:59.0352 6184  [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc             C:\windows\System32\drivers\fdc.sys
15:12:59.0383 6184  fdc - ok
15:12:59.0399 6184  [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost         C:\windows\system32\fdPHost.dll
15:12:59.0430 6184  fdPHost - ok
15:12:59.0446 6184  [ 872506AAB591E8908DF4461475AF92DF ] FDResPub        C:\windows\system32\fdrespub.dll
15:12:59.0461 6184  FDResPub - ok
15:12:59.0493 6184  [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc           C:\windows\system32\fhsvc.dll
15:12:59.0508 6184  fhsvc - ok
15:12:59.0524 6184  [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
15:12:59.0540 6184  FileInfo - ok
15:12:59.0540 6184  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
15:12:59.0571 6184  Filetrace - ok
15:12:59.0586 6184  [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk        C:\windows\System32\drivers\flpydisk.sys
15:12:59.0602 6184  flpydisk - ok
15:12:59.0602 6184  [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
15:12:59.0618 6184  FltMgr - ok
15:12:59.0649 6184  [ 305CB1E16576F436BC8797E629A3D46D ] FontCache       C:\windows\system32\FntCache.dll
15:12:59.0680 6184  FontCache - ok
15:12:59.0758 6184  [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:12:59.0774 6184  FontCache3.0.0.0 - ok
15:12:59.0790 6184  [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
15:12:59.0805 6184  FsDepends - ok
15:12:59.0836 6184  [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
15:12:59.0836 6184  Fs_Rec - ok
15:12:59.0868 6184  [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
15:12:59.0883 6184  fvevol - ok
15:12:59.0899 6184  [ 3EF3FCCC0E70EEC5C2AD996F32BBA642 ] FxPPM           C:\windows\System32\drivers\fxppm.sys
15:12:59.0915 6184  FxPPM - ok
15:12:59.0915 6184  [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
15:12:59.0930 6184  gagp30kx - ok
15:12:59.0961 6184  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys
15:12:59.0961 6184  GEARAspiWDM - ok
15:12:59.0977 6184  [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter      C:\windows\System32\drivers\vmgencounter.sys
15:13:00.0008 6184  gencounter - ok
15:13:00.0024 6184  [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101     C:\windows\system32\Drivers\msgpioclx.sys
15:13:00.0040 6184  GPIOClx0101 - ok
15:13:00.0086 6184  [ 5358678C6370F2ADC5291849F6503262 ] gpsvc           C:\windows\System32\gpsvc.dll
15:13:00.0118 6184  gpsvc - ok
15:13:00.0196 6184  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:13:00.0211 6184  gupdate - ok
15:13:00.0211 6184  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:13:00.0227 6184  gupdatem - ok
15:13:00.0243 6184  [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus        C:\windows\System32\drivers\HDAudBus.sys
15:13:00.0305 6184  HDAudBus - ok
15:13:00.0305 6184  [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt         C:\windows\System32\drivers\HidBatt.sys
15:13:00.0336 6184  HidBatt - ok
15:13:00.0368 6184  [ 085F150D002B7F0153D3C06DDF33A143 ] HidBth          C:\windows\System32\drivers\hidbth.sys
15:13:00.0383 6184  HidBth - ok
15:13:00.0399 6184  [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c          C:\windows\System32\drivers\hidi2c.sys
15:13:00.0415 6184  hidi2c - ok
15:13:00.0415 6184  [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr           C:\windows\System32\drivers\hidir.sys
15:13:00.0446 6184  HidIr - ok
15:13:00.0461 6184  [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv         C:\windows\system32\hidserv.dll
15:13:00.0477 6184  hidserv - ok
15:13:00.0493 6184  [ 012C354B4AB48E9A7A657DF39E3A2073 ] HidUsb          C:\windows\System32\drivers\hidusb.sys
15:13:00.0493 6184  HidUsb - ok
15:13:00.0524 6184  [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK      C:\windows\system32\drivers\HipShieldK.sys
15:13:00.0540 6184  HipShieldK - ok
15:13:00.0571 6184  [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc          C:\windows\system32\kmsvc.dll
15:13:00.0587 6184  hkmsvc - ok
15:13:00.0602 6184  [ 6CC1AD7B0E071C317B7FB8FC6AEF0EDA ] HomeGroupListener C:\windows\system32\ListSvc.dll
15:13:00.0633 6184  HomeGroupListener - ok
15:13:00.0649 6184  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\windows\system32\provsvc.dll
15:13:00.0680 6184  HomeGroupProvider - ok
15:13:00.0680 6184  [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
15:13:00.0696 6184  HpSAMD - ok
15:13:00.0727 6184  [ F4A91D985EB9D1D2717D538F3424603C ] HTTP            C:\windows\system32\drivers\HTTP.sys
15:13:00.0758 6184  HTTP - ok
15:13:00.0758 6184  [ 2A98301068801700906C06649860FE94 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
15:13:00.0774 6184  hwpolicy - ok
15:13:00.0774 6184  [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd        C:\windows\System32\drivers\hyperkbd.sys
15:13:00.0790 6184  hyperkbd - ok
15:13:00.0790 6184  [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo      C:\windows\system32\DRIVERS\HyperVideo.sys
15:13:00.0821 6184  HyperVideo - ok
15:13:00.0837 6184  [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt        C:\windows\System32\drivers\i8042prt.sys
15:13:00.0852 6184  i8042prt - ok
15:13:00.0883 6184  [ 459016E8A4FA6426EDB5A9456A6E5E58 ] iaStorA         C:\windows\system32\drivers\iaStorA.sys
15:13:00.0883 6184  iaStorA - ok
15:13:00.0915 6184  [ 584068E03829BC5C63F54B05E6244E97 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
15:13:00.0930 6184  IAStorDataMgrSvc ( UnsignedFile.Multi.Generic ) - warning
15:13:00.0930 6184  IAStorDataMgrSvc - detected UnsignedFile.Multi.Generic (1)
15:13:00.0946 6184  [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
15:13:00.0962 6184  iaStorV - ok
15:13:01.0024 6184  [ 15C9BF6968A0990D8F4161A6ABEB7229 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
15:13:01.0071 6184  IconMan_R - ok
15:13:01.0180 6184  [ 348214F96642FD4FEF630DE021BA3540 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
15:13:01.0243 6184  igfx - ok
15:13:01.0243 6184  [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp           C:\windows\system32\drivers\iirsp.sys
15:13:01.0258 6184  iirsp - ok
15:13:01.0305 6184  [ 45EACE8D94B9CEC746A85154892C4FDC ] IKEEXT          C:\windows\System32\ikeext.dll
15:13:01.0352 6184  IKEEXT - ok
15:13:01.0430 6184  [ C2F868881D48A568B525255F084EF063 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
15:13:01.0477 6184  IntcAzAudAddService - ok
15:13:01.0493 6184  [ F5495B38BFB9149925F54F65AB40EFBF ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys
15:13:01.0524 6184  IntcDAud - ok
15:13:01.0571 6184  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC ] Intel(R) Capability Licensing Service Interface c:\Program Files\Intel\iCLS Client\HeciServer.exe
15:13:01.0602 6184  Intel(R) Capability Licensing Service Interface - ok
15:13:01.0618 6184  [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide        C:\windows\system32\drivers\intelide.sys
15:13:01.0633 6184  intelide - ok
15:13:01.0633 6184  [ F9E126AA767E2E6E3128434A43C9F713 ] intelppm        C:\windows\System32\drivers\intelppm.sys
15:13:01.0665 6184  intelppm - ok
15:13:01.0665 6184  [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
15:13:01.0696 6184  IpFilterDriver - ok
15:13:01.0837 6184  [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
15:13:01.0868 6184  iphlpsvc - ok
15:13:01.0868 6184  [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV         C:\windows\System32\drivers\IPMIDrv.sys
15:13:01.0883 6184  IPMIDRV - ok
15:13:01.0883 6184  [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
15:13:01.0915 6184  IPNAT - ok
15:13:01.0962 6184  [ 0FF335D687C85097725A53458160E81E ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:13:01.0977 6184  iPod Service - ok
15:13:02.0008 6184  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM          C:\windows\system32\drivers\irenum.sys
15:13:02.0024 6184  IRENUM - ok
15:13:02.0055 6184  [ 4D9B9A794F22415B8C3E0CCFBE61BC7A ] irstrtdv        C:\windows\System32\drivers\irstrtdv.sys
15:13:02.0071 6184  irstrtdv - ok
15:13:02.0118 6184  [ E145E934392E7A49FDC6775AC3A347F8 ] irstrtsv        C:\Windows\SysWOW64\irstrtsv.exe
15:13:02.0133 6184  irstrtsv - ok
15:13:02.0149 6184  [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp          C:\windows\system32\drivers\isapnp.sys
15:13:02.0149 6184  isapnp - ok
15:13:02.0165 6184  [ F5F0DE1B7F256997501EECECE9648108 ] iScsiPrt        C:\windows\System32\drivers\msiscsi.sys
15:13:02.0165 6184  iScsiPrt - ok
15:13:02.0227 6184  [ 3C4002D339491AF73D663FFC7F6E5ECB ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
15:13:02.0243 6184  jhi_service - ok
15:13:02.0258 6184  [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass        C:\windows\System32\drivers\kbdclass.sys
15:13:02.0274 6184  kbdclass - ok
15:13:02.0290 6184  [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid          C:\windows\System32\drivers\kbdhid.sys
15:13:02.0305 6184  kbdhid - ok
15:13:02.0321 6184  [ FB6C185092E18011EF49989425C2AA87 ] kdnic           C:\windows\system32\DRIVERS\kdnic.sys
15:13:02.0337 6184  kdnic - ok
15:13:02.0352 6184  [ F702AB6181513303AB0FC8D59E52708B ] KeyIso          C:\windows\system32\lsass.exe
15:13:02.0368 6184  KeyIso - ok
15:13:02.0368 6184  [ DFA480F6DED551464F3A5B959F437800 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
15:13:02.0383 6184  KSecDD - ok
15:13:02.0399 6184  [ E427D299CFE267A2465D3AAF81440ED9 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
15:13:02.0399 6184  KSecPkg - ok
15:13:02.0415 6184  [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
15:13:02.0430 6184  ksthunk - ok
15:13:02.0477 6184  [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm           C:\windows\system32\msdtckrm.dll
15:13:02.0493 6184  KtmRm - ok
15:13:02.0508 6184  [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer    C:\windows\system32\srvsvc.dll
15:13:02.0524 6184  LanmanServer - ok
15:13:02.0555 6184  [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
15:13:02.0571 6184  LanmanWorkstation - ok
15:13:02.0587 6184  [ CEEFD29FC551F289810B0B9381B321DC ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
15:13:02.0602 6184  lltdio - ok
15:13:02.0633 6184  [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc         C:\windows\System32\lltdsvc.dll
15:13:02.0665 6184  lltdsvc - ok
15:13:02.0665 6184  [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts         C:\windows\System32\lmhsvc.dll
15:13:02.0680 6184  lmhosts - ok
15:13:02.0712 6184  [ 4269D44BB47A6DA5D80B11F4C8536458 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:13:02.0712 6184  LMS - ok
15:13:02.0727 6184  [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
15:13:02.0743 6184  LSI_SAS - ok
15:13:02.0743 6184  [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
15:13:02.0758 6184  LSI_SAS2 - ok
15:13:02.0758 6184  [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
15:13:02.0774 6184  LSI_SCSI - ok
15:13:02.0774 6184  [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS         C:\windows\system32\drivers\lsi_sss.sys
15:13:02.0774 6184  LSI_SSS - ok
15:13:02.0821 6184  [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM             C:\windows\System32\lsm.dll
15:13:02.0837 6184  LSM - ok
15:13:02.0852 6184  [ 2BDC5D711FA61307CE6190D47C956368 ] luafv           C:\windows\system32\drivers\luafv.sys
15:13:02.0868 6184  luafv - ok
15:13:02.0868 6184  mbamswissarmy - ok
15:13:02.0946 6184  [ 1E3AF124A3405EEE594BB9FFD4640F48 ] McAWFwk         c:\PROGRA~1\mcafee\msc\mcawfwk.exe
15:13:02.0977 6184  McAWFwk - ok
15:13:03.0024 6184  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
15:13:03.0024 6184  McMPFSvc - ok
15:13:03.0040 6184  [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
15:13:03.0055 6184  mcmscsvc - ok
15:13:03.0055 6184  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
15:13:03.0071 6184  McNaiAnn - ok
15:13:03.0071 6184  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc         C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
15:13:03.0071 6184  McNASvc - ok
15:13:03.0134 6184  [ 5D57D4B57CCC07450F97C4E929D0483F ] McODS           C:\Program Files\mcafee\VirusScan\mcods.exe
15:13:03.0165 6184  McODS - ok
15:13:03.0165 6184  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McOobeSv        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
15:13:03.0180 6184  McOobeSv - ok
15:13:03.0180 6184  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy         C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
15:13:03.0196 6184  McProxy - ok
15:13:03.0227 6184  [ 21F81090A00932C5E96700EDF2977582 ] McShield        C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
15:13:03.0227 6184  McShield - ok
15:13:03.0243 6184  [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas         C:\windows\system32\drivers\megasas.sys
15:13:03.0258 6184  megasas - ok
15:13:03.0258 6184  [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
15:13:03.0274 6184  MegaSR - ok
15:13:03.0305 6184  [ 2BB3EAE2EA641515D4B205CAB29E1624 ] MEIx64          C:\windows\System32\drivers\HECIx64.sys
15:13:03.0305 6184  MEIx64 - ok
15:13:03.0321 6184  [ B1720E97FABBDF7D30B36DAF19C3DEE8 ] mfeapfk         C:\windows\system32\drivers\mfeapfk.sys
15:13:03.0337 6184  mfeapfk - ok
15:13:03.0352 6184  [ 113F1534B80D65DFDCA660F19967A3B7 ] mfeavfk         C:\windows\system32\drivers\mfeavfk.sys
15:13:03.0368 6184  mfeavfk - ok
15:13:03.0384 6184  mfeavfk01 - ok
15:13:03.0399 6184  [ AF83010055E18126067D0560069BF11A ] mfeelamk        C:\windows\system32\drivers\mfeelamk.sys
15:13:03.0415 6184  mfeelamk - ok
15:13:03.0430 6184  [ C4F521310E40327BBC8E8E71DA344F48 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
15:13:03.0446 6184  mfefire - ok
15:13:03.0462 6184  [ CECC9841D036EE008091825272D91331 ] mfefirek        C:\windows\system32\drivers\mfefirek.sys
15:13:03.0477 6184  mfefirek - ok
15:13:03.0493 6184  [ EF0F85EDBDF6C0AB467E88E0CEE2B346 ] mfehidk         C:\windows\system32\drivers\mfehidk.sys
15:13:03.0509 6184  mfehidk - ok
15:13:03.0524 6184  [ 6E3A46BF6CBB80450CC24F80FE03ED5A ] mferkdet        C:\windows\system32\drivers\mferkdet.sys
15:13:03.0540 6184  mferkdet - ok
15:13:03.0540 6184  [ 341BFCAA3A55C08E8C9ECB1654ACA905 ] mfevtp          C:\Windows\system32\mfevtps.exe
15:13:03.0540 6184  mfevtp - ok
15:13:03.0571 6184  [ 2802D09F1B6ED502237539563F3C4992 ] mfewfpk         C:\windows\system32\drivers\mfewfpk.sys
15:13:03.0587 6184  mfewfpk - ok
15:13:03.0602 6184  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS           C:\windows\system32\mmcss.dll
15:13:03.0618 6184  MMCSS - ok
15:13:03.0634 6184  [ 780098AD5DA8A4822E2563984C85EF7B ] Modem           C:\windows\system32\drivers\modem.sys
15:13:03.0649 6184  Modem - ok
15:13:03.0680 6184  [ EA8EAD3F5B762F889CC7F3966625B48B ] monitor         C:\windows\System32\drivers\monitor.sys
15:13:03.0696 6184  monitor - ok
15:13:03.0712 6184  [ 618446B98C79776654340CE27C73485E ] mouclass        C:\windows\System32\drivers\mouclass.sys
15:13:03.0727 6184  mouclass - ok
15:13:03.0743 6184  [ C0ADEBED913295803B579ED288936CBB ] mouhid          C:\windows\System32\drivers\mouhid.sys
15:13:03.0774 6184  mouhid - ok
15:13:03.0774 6184  [ 89D263DBF08119CE16273991C120D6DD ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
15:13:03.0790 6184  mountmgr - ok
15:13:03.0805 6184  [ 36BF4D86F166ACBC14F0B8B8F90CBCEA ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
15:13:03.0821 6184  mpsdrv - ok
15:13:03.0868 6184  [ 411EA973A1961C287927DF13891EB41E ] MpsSvc          C:\windows\system32\mpssvc.dll
15:13:03.0899 6184  MpsSvc - ok
15:13:03.0915 6184  [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
15:13:03.0915 6184  MRxDAV - ok
15:13:03.0946 6184  [ 93179D48066918323628CB016D8C94DC ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
15:13:03.0962 6184  mrxsmb - ok
15:13:03.0977 6184  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
15:13:04.0009 6184  mrxsmb10 - ok
15:13:04.0024 6184  [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
15:13:04.0040 6184  mrxsmb20 - ok
15:13:04.0055 6184  [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge        C:\windows\system32\DRIVERS\bridge.sys
15:13:04.0071 6184  MsBridge - ok
15:13:04.0087 6184  [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC           C:\windows\System32\msdtc.exe
15:13:04.0102 6184  MSDTC - ok
15:13:04.0102 6184  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs            C:\windows\system32\drivers\Msfs.sys
15:13:04.0118 6184  Msfs - ok
15:13:04.0134 6184  [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32     C:\windows\System32\drivers\msgpiowin32.sys
15:13:04.0134 6184  msgpiowin32 - ok
15:13:04.0165 6184  [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
15:13:04.0165 6184  mshidkmdf - ok
15:13:04.0165 6184  [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf       C:\windows\System32\drivers\mshidumdf.sys
15:13:04.0180 6184  mshidumdf - ok
15:13:04.0180 6184  [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
15:13:04.0196 6184  msisadrv - ok
15:13:04.0227 6184  [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI         C:\windows\system32\iscsiexe.dll
15:13:04.0259 6184  MSiSCSI - ok
15:13:04.0259 6184  msiserver - ok
15:13:04.0274 6184  [ F928E5E72BBA15DD0CE9A26E0413D236 ] MSK80Service    C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
15:13:04.0274 6184  MSK80Service - ok
15:13:04.0290 6184  [ 509809566E49F4411055864EA8D437CD ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
15:13:04.0321 6184  MSKSSRV - ok
15:13:04.0337 6184  [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp          C:\windows\system32\DRIVERS\mslldp.sys
15:13:04.0352 6184  MsLldp - ok
15:13:04.0352 6184  [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
15:13:04.0368 6184  MSPCLOCK - ok
15:13:04.0368 6184  [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
15:13:04.0384 6184  MSPQM - ok
15:13:04.0399 6184  [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
15:13:04.0399 6184  MsRPC - ok
15:13:04.0415 6184  [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios        C:\windows\System32\drivers\mssmbios.sys
15:13:04.0415 6184  mssmbios - ok
15:13:04.0430 6184  [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
15:13:04.0446 6184  MSTEE - ok
15:13:04.0446 6184  [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig        C:\windows\System32\drivers\MTConfig.sys
15:13:04.0446 6184  MTConfig - ok
15:13:04.0462 6184  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup             C:\windows\system32\Drivers\mup.sys
15:13:04.0462 6184  Mup - ok
15:13:04.0462 6184  [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis          C:\windows\system32\drivers\mvumis.sys
15:13:04.0477 6184  mvumis - ok
15:13:04.0493 6184  [ 4B18840511D720BA118D3017E8165875 ] napagent        C:\windows\system32\qagentRT.dll
15:13:04.0509 6184  napagent - ok
15:13:04.0524 6184  [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
15:13:04.0540 6184  NativeWifiP - ok
15:13:04.0555 6184  [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc          C:\windows\System32\ncasvc.dll
15:13:04.0571 6184  NcaSvc - ok
15:13:04.0587 6184  [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup    C:\windows\System32\NcdAutoSetup.dll
15:13:04.0587 6184  NcdAutoSetup - ok
15:13:04.0618 6184  [ 03CFE4108D1DE16D6C59455B5C73319C ] NDIS            C:\windows\system32\drivers\ndis.sys
15:13:04.0649 6184  NDIS - ok
15:13:04.0649 6184  [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
15:13:04.0696 6184  NdisCap - ok
15:13:04.0712 6184  [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform  C:\windows\system32\DRIVERS\NdisImPlatform.sys
15:13:04.0727 6184  NdisImPlatform - ok
15:13:04.0759 6184  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
15:13:04.0759 6184  NdisTapi - ok
15:13:04.0774 6184  [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
15:13:04.0790 6184  Ndisuio - ok
15:13:04.0790 6184  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
15:13:04.0821 6184  NdisWan - ok
15:13:04.0821 6184  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY   C:\windows\system32\DRIVERS\ndiswan.sys
15:13:04.0837 6184  NDISWANLEGACY - ok
15:13:04.0852 6184  [ 3730942D7DB2F8BB5F84542B7FF6F650 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
15:13:04.0868 6184  NDProxy - ok
15:13:04.0884 6184  [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu             C:\windows\system32\drivers\Ndu.sys
15:13:04.0899 6184  Ndu - ok
15:13:04.0915 6184  [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
15:13:04.0930 6184  NetBIOS - ok
15:13:04.0946 6184  [ 7CEC25C682D319D484630B3952C31A11 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
15:13:04.0962 6184  NetBT - ok
15:13:04.0977 6184  [ F702AB6181513303AB0FC8D59E52708B ] Netlogon        C:\windows\system32\lsass.exe
15:13:04.0977 6184  Netlogon - ok
15:13:04.0993 6184  [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman          C:\windows\System32\netman.dll
15:13:05.0024 6184  Netman - ok
15:13:05.0055 6184  [ 79FA9393C67EBBF92A56923592CF7A7C ] netprofm        C:\windows\System32\netprofmsvc.dll
15:13:05.0071 6184  netprofm - ok
15:13:05.0149 6184  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:13:05.0165 6184  NetTcpPortSharing - ok
15:13:05.0196 6184  [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
15:13:05.0196 6184  nfrd960 - ok
15:13:05.0227 6184  [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc          C:\windows\System32\nlasvc.dll
15:13:05.0243 6184  NlaSvc - ok
15:13:05.0259 6184  [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs            C:\windows\system32\drivers\Npfs.sys
15:13:05.0274 6184  Npfs - ok
15:13:05.0290 6184  [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig       C:\windows\System32\drivers\npsvctrig.sys
15:13:05.0305 6184  npsvctrig - ok
15:13:05.0321 6184  [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi             C:\windows\system32\nsisvc.dll
15:13:05.0337 6184  nsi - ok
15:13:05.0337 6184  [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
15:13:05.0352 6184  nsiproxy - ok
15:13:05.0399 6184  [ 76929F4A69E425911A63B407E26C2589 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
15:13:05.0446 6184  Ntfs - ok
15:13:05.0462 6184  [ 4163ADE07DB51843AE31F65B94F5398D ] Null            C:\windows\system32\drivers\Null.sys
15:13:05.0477 6184  Null - ok
15:13:05.0509 6184  [ 9C13BE8806D430B72CC2E80BA72990FB ] nvkflt          C:\windows\system32\DRIVERS\nvkflt.sys
15:13:05.0524 6184  nvkflt - ok
15:13:05.0712 6184  [ 7A711D08F1FD1AB8149B6199F84A0EB7 ] nvlddmkm        C:\windows\system32\DRIVERS\nvlddmkm.sys
15:13:05.0821 6184  nvlddmkm - ok
15:13:05.0837 6184  [ 1B43B01078D3CC3F0322A49E7CEDC99B ] nvpciflt        C:\windows\system32\DRIVERS\nvpciflt.sys
15:13:05.0837 6184  nvpciflt - ok
15:13:05.0868 6184  [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid          C:\windows\system32\drivers\nvraid.sys
15:13:05.0884 6184  nvraid - ok
15:13:05.0884 6184  [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor          C:\windows\system32\drivers\nvstor.sys
15:13:05.0899 6184  nvstor - ok
15:13:05.0931 6184  [ B9F3591981D761A5CA1D24C369764D96 ] nvsvc           C:\Windows\system32\nvvsvc.exe
15:13:05.0946 6184  nvsvc - ok
15:13:06.0024 6184  [ A9AFE5B0648C8D7A411A72D8222F7F6E ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:13:06.0087 6184  nvUpdatusService - ok
15:13:06.0102 6184  [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
15:13:06.0118 6184  nv_agp - ok
15:13:06.0181 6184  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:13:06.0212 6184  odserv - ok
15:13:06.0259 6184  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:13:06.0274 6184  ose - ok
15:13:06.0290 6184  [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
15:13:06.0321 6184  p2pimsvc - ok
15:13:06.0337 6184  [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc          C:\windows\system32\p2psvc.dll
15:13:06.0352 6184  p2psvc - ok
15:13:06.0368 6184  [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport         C:\windows\System32\drivers\parport.sys
15:13:06.0384 6184  Parport - ok
15:13:06.0416 6184  [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr         C:\windows\system32\drivers\partmgr.sys
15:13:06.0416 6184  partmgr - ok
15:13:06.0447 6184  [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc          C:\windows\System32\pcasvc.dll
15:13:06.0463 6184  PcaSvc - ok
15:13:06.0494 6184  [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci             C:\windows\system32\drivers\pci.sys
15:13:06.0494 6184  pci - ok
15:13:06.0510 6184  [ F9908D274D458220F91E89B54D78D837 ] pciide          C:\windows\system32\drivers\pciide.sys
15:13:06.0510 6184  pciide - ok
15:13:06.0510 6184  [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
15:13:06.0525 6184  pcmcia - ok
15:13:06.0525 6184  [ CEBBAD5391C2644560C55628A40BFD27 ] pcw             C:\windows\system32\drivers\pcw.sys
15:13:06.0541 6184  pcw - ok
15:13:06.0557 6184  [ 0698DEDEAD6A00AD0D468C687D830FBF ] pdc             C:\windows\system32\drivers\pdc.sys
15:13:06.0557 6184  pdc - ok
15:13:06.0588 6184  [ 61FE70659CD43E07F94DA4DC31DEC493 ] PEAUTH          C:\windows\system32\drivers\peauth.sys
15:13:06.0635 6184  PEAUTH - ok
15:13:06.0713 6184  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost        C:\windows\SysWow64\perfhost.exe
15:13:06.0744 6184  PerfHost - ok
15:13:06.0775 6184  [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla             C:\windows\system32\pla.dll
15:13:06.0807 6184  pla - ok
15:13:06.0822 6184  [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
15:13:06.0838 6184  PlugPlay - ok
15:13:06.0853 6184  [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
15:13:06.0869 6184  PNRPAutoReg - ok
15:13:06.0885 6184  [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
15:13:06.0885 6184  PNRPsvc - ok
15:13:06.0916 6184  [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
15:13:06.0932 6184  PolicyAgent - ok
15:13:06.0963 6184  [ F1E067F56373F11EA4B785CAE823740A ] Power           C:\windows\system32\umpo.dll
15:13:06.0978 6184  Power - ok
15:13:06.0994 6184  [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
15:13:07.0025 6184  PptpMiniport - ok
15:13:07.0166 6184  [ CC0B8655E4B2A5BBB215CDA8FC3BE4DE ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
15:13:07.0228 6184  PrintNotify - ok
15:13:07.0260 6184  [ 8DA167F8967AB35A2487095CB1B879A0 ] Processor       C:\windows\System32\drivers\processr.sys
15:13:07.0275 6184  Processor - ok
15:13:07.0307 6184  [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc         C:\windows\system32\profsvc.dll
15:13:07.0322 6184  ProfSvc - ok
15:13:07.0338 6184  [ EB8034147D4820CD31BFCB11A2A652DF ] Psched          C:\windows\system32\DRIVERS\pacer.sys
15:13:07.0353 6184  Psched - ok
15:13:07.0416 6184  [ 3471EAC290EB09C72EFB164E42A90BB2 ] Qualcomm Atheros Killer Service C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
15:13:07.0432 6184  Qualcomm Atheros Killer Service ( UnsignedFile.Multi.Generic ) - warning
15:13:07.0432 6184  Qualcomm Atheros Killer Service - detected UnsignedFile.Multi.Generic (1)
15:13:07.0463 6184  [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE           C:\windows\system32\qwave.dll
15:13:07.0494 6184  QWAVE - ok
15:13:07.0494 6184  [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
15:13:07.0510 6184  QWAVEdrv - ok
15:13:07.0525 6184  [ 873C60F8178100557740A832FCE10B5F ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
15:13:07.0557 6184  RasAcd - ok
15:13:07.0572 6184  [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
15:13:07.0604 6184  RasAgileVpn - ok
15:13:07.0619 6184  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto         C:\windows\System32\rasauto.dll
15:13:07.0666 6184  RasAuto - ok
15:13:07.0682 6184  [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
15:13:07.0713 6184  Rasl2tp - ok
15:13:07.0729 6184  [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan          C:\windows\System32\rasmans.dll
15:13:07.0760 6184  RasMan - ok
15:13:07.0775 6184  [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
15:13:07.0791 6184  RasPppoe - ok
15:13:07.0791 6184  [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
15:13:07.0807 6184  RasSstp - ok
15:13:07.0838 6184  [ CA03D642ACE58E1BA54E4B383F91CD69 ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
15:13:07.0869 6184  rdbss - ok
15:13:07.0885 6184  [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus          C:\windows\System32\drivers\rdpbus.sys
15:13:07.0900 6184  rdpbus - ok
15:13:07.0916 6184  [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR           C:\windows\system32\drivers\rdpdr.sys
15:13:07.0932 6184  RDPDR - ok
15:13:07.0947 6184  [ 3B4F32CA8B37584ECF98BCE136E38B96 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
15:13:07.0963 6184  RdpVideoMiniport - ok
15:13:07.0963 6184  [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
15:13:07.0979 6184  RDPWD - ok
15:13:07.0994 6184  [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
15:13:08.0010 6184  rdyboost - ok
15:13:08.0025 6184  [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess    C:\windows\System32\mprdim.dll
15:13:08.0041 6184  RemoteAccess - ok
15:13:08.0057 6184  [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry  C:\windows\system32\regsvc.dll
15:13:08.0088 6184  RemoteRegistry - ok
15:13:08.0104 6184  [ CCBFCABDFE2BC22F0645CEAADDB36004 ] RFCOMM          C:\windows\System32\drivers\rfcomm.sys
15:13:08.0119 6184  RFCOMM - ok
15:13:08.0197 6184  [ 41DDCF1ADD1FB7DE23DCF671740DDBE6 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
15:13:08.0213 6184  RichVideo - ok
15:13:08.0244 6184  [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
15:13:08.0260 6184  RpcEptMapper - ok
15:13:08.0291 6184  [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator      C:\windows\system32\locator.exe
15:13:08.0307 6184  RpcLocator - ok
15:13:08.0338 6184  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs           C:\windows\system32\rpcss.dll
15:13:08.0354 6184  RpcSs - ok
15:13:08.0385 6184  [ FD2F7ABB0B3C777CDC9D342CADBF0131 ] RSPCIESTOR      C:\windows\system32\DRIVERS\RtsPStor.sys
15:13:08.0385 6184  RSPCIESTOR - ok
15:13:08.0416 6184  [ E04E770DD198B9399640717145E79EBF ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
15:13:08.0432 6184  rspndr - ok
15:13:08.0463 6184  [ 2B5A48DF6997F7BD92535C4F76236810 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
15:13:08.0463 6184  RtkAudioService - ok
15:13:08.0494 6184  [ 7D9DA8EC6784A9EE213C676709D46BE6 ] RTL8168         C:\windows\system32\DRIVERS\Rt630x64.sys
15:13:08.0510 6184  RTL8168 - ok
15:13:08.0510 6184  [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap           C:\windows\System32\drivers\vms3cap.sys
15:13:08.0525 6184  s3cap - ok
15:13:08.0541 6184  [ F702AB6181513303AB0FC8D59E52708B ] SamSs           C:\windows\system32\lsass.exe
15:13:08.0557 6184  SamSs - ok
15:13:08.0572 6184  [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
15:13:08.0572 6184  sbp2port - ok
15:13:08.0588 6184  [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr        C:\windows\System32\SCardSvr.dll
15:13:08.0604 6184  SCardSvr - ok
15:13:08.0619 6184  [ 5D7733A12756B267FCA021672B26BC9E ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
15:13:08.0635 6184  scfilter - ok
15:13:08.0666 6184  [ ED40ED9A65F3E79A8C43DD50C5FDADBF ] Schedule        C:\windows\system32\schedsvc.dll
15:13:08.0682 6184  Schedule - ok
15:13:08.0713 6184  [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc     C:\windows\System32\certprop.dll
15:13:08.0713 6184  SCPolicySvc - ok
15:13:08.0744 6184  [ 047315E75392CEA447ACC86257824C16 ] sdbus           C:\windows\System32\drivers\sdbus.sys
15:13:08.0760 6184  sdbus - ok
15:13:08.0775 6184  [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC          C:\windows\System32\SDRSVC.dll
15:13:08.0807 6184  SDRSVC - ok
15:13:08.0822 6184  [ 74369A913837FB46C3B27373DA2ADF4E ] sdstor          C:\windows\System32\drivers\sdstor.sys
15:13:08.0838 6184  sdstor - ok
15:13:08.0854 6184  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\windows\system32\drivers\secdrv.sys
15:13:08.0869 6184  secdrv - ok
15:13:08.0869 6184  [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon        C:\windows\system32\seclogon.dll
15:13:08.0900 6184  seclogon - ok
15:13:08.0916 6184  [ 9C51620998F0763039DFA6BF68E475ED ] SENS            C:\windows\System32\sens.dll
15:13:08.0932 6184  SENS - ok
15:13:08.0947 6184  [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc        C:\windows\system32\sensrsvc.dll
15:13:08.0963 6184  SensrSvc - ok
15:13:08.0963 6184  [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx           C:\windows\system32\drivers\SerCx.sys
15:13:08.0979 6184  SerCx - ok
15:13:08.0979 6184  [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum         C:\windows\System32\drivers\serenum.sys
15:13:09.0010 6184  Serenum - ok
15:13:09.0025 6184  [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial          C:\windows\System32\drivers\serial.sys
15:13:09.0025 6184  Serial - ok
15:13:09.0025 6184  [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse        C:\windows\System32\drivers\sermouse.sys
15:13:09.0041 6184  sermouse - ok
15:13:09.0088 6184  [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv      C:\windows\system32\sessenv.dll
15:13:09.0104 6184  SessionEnv - ok
15:13:09.0104 6184  [ 7EE65419B29302C795714FF8073969A1 ] sfloppy         C:\windows\System32\drivers\sfloppy.sys
15:13:09.0119 6184  sfloppy - ok
15:13:09.0166 6184  [ AA37EE4C012656A974561D68E0A40291 ] SftService      C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
15:13:09.0229 6184  SftService - ok
15:13:09.0275 6184  [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess    C:\windows\System32\ipnathlp.dll
15:13:09.0291 6184  SharedAccess - ok
15:13:09.0322 6184  [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\windows\System32\shsvcs.dll
15:13:09.0338 6184  ShellHWDetection - ok
15:13:09.0354 6184  [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
15:13:09.0354 6184  SiSRaid2 - ok
15:13:09.0369 6184  [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
15:13:09.0385 6184  SiSRaid4 - ok
15:13:09.0400 6184  [ 070E4053E3426BAD7B21937F3F0275EB ] SmbDrv          C:\windows\System32\drivers\Smb_driver_AMDASF.sys
15:13:09.0416 6184  SmbDrv - ok
15:13:09.0432 6184  [ E5D300C2193B0131E26B94FD4C68E160 ] SmbDrvI         C:\windows\System32\drivers\Smb_driver_Intel.sys
15:13:09.0432 6184  SmbDrvI - ok
15:13:09.0432 6184  [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
15:13:09.0447 6184  SNMPTRAP - ok
15:13:09.0479 6184  [ FD3AF5575B99871BADB94E7699DBCE08 ] spaceport       C:\windows\system32\drivers\spaceport.sys
15:13:09.0494 6184  spaceport - ok
15:13:09.0526 6184  [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx           C:\windows\system32\drivers\SpbCx.sys
15:13:09.0541 6184  SpbCx - ok
15:13:09.0557 6184  [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler         C:\windows\System32\spoolsv.exe
15:13:09.0572 6184  Spooler - ok
15:13:09.0666 6184  [ EC84D961501054F87A6878EC5D53388F ] sppsvc          C:\windows\system32\sppsvc.exe
15:13:09.0713 6184  sppsvc - ok
15:13:09.0713 6184  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv             C:\windows\system32\DRIVERS\srv.sys
15:13:09.0744 6184  srv - ok
15:13:09.0775 6184  [ 56218A571ECF8D55E0CDFF8DF2546CF1 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
15:13:09.0807 6184  srv2 - ok
15:13:09.0822 6184  [ 14FC338B80CFF7E04215133B568D15C4 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
15:13:09.0838 6184  srvnet - ok
15:13:09.0854 6184  [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
15:13:09.0885 6184  SSDPSRV - ok
15:13:09.0901 6184  [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc         C:\windows\system32\sstpsvc.dll
15:13:09.0916 6184  SstpSvc - ok
15:13:09.0932 6184  [ F03B03AA7A18DEB0538D242F1DA01481 ] stdcfltn        C:\windows\system32\DRIVERS\stdcfltn.sys
15:13:09.0947 6184  stdcfltn - ok
15:13:09.0994 6184  Steam Client Service - ok
15:13:10.0072 6184  [ 0887B293199AA2055888FABA989ED0A6 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:13:10.0088 6184  Stereo Service - ok
15:13:10.0104 6184  [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor        C:\windows\system32\drivers\stexstor.sys
15:13:10.0119 6184  stexstor - ok
15:13:10.0151 6184  [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc          C:\windows\System32\wiaservc.dll
15:13:10.0182 6184  stisvc - ok
15:13:10.0197 6184  [ B240874B2CA0CD02E8CD11E140B14C57 ] storahci        C:\windows\system32\drivers\storahci.sys
15:13:10.0213 6184  storahci - ok
15:13:10.0229 6184  [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt         C:\windows\system32\DRIVERS\vmstorfl.sys
15:13:10.0244 6184  storflt - ok
15:13:10.0276 6184  [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc         C:\windows\system32\storsvc.dll
15:13:10.0276 6184  StorSvc - ok
15:13:10.0307 6184  [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc         C:\windows\system32\drivers\storvsc.sys
15:13:10.0307 6184  storvsc - ok
15:13:10.0338 6184  [ 0248DE650E192EA7E383EC3BE828AF51 ] ST_Accel        C:\windows\System32\drivers\ST_Accel.sys
15:13:10.0338 6184  ST_Accel - ok
15:13:10.0354 6184  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc           C:\windows\system32\svsvc.dll
15:13:10.0369 6184  svsvc - ok
15:13:10.0385 6184  [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum          C:\windows\System32\drivers\swenum.sys
15:13:10.0385 6184  swenum - ok
15:13:10.0401 6184  [ 502F9488540051F3E6C39889ECFA76BB ] swprv           C:\windows\System32\swprv.dll
15:13:10.0447 6184  swprv - ok
15:13:10.0479 6184  [ 3675657B3A4A2868A2C2B2A160E4A3C9 ] SynTP           C:\windows\System32\drivers\SynTP.sys
15:13:10.0494 6184  SynTP - ok
15:13:10.0541 6184  [ A06CB9269D29EE3D0F3F5630ABB660B8 ] SysMain         C:\windows\system32\sysmain.dll
15:13:10.0572 6184  SysMain - ok
15:13:10.0604 6184  [ 6FB88606C4A71E1BFAF97D63A676C673 ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
15:13:10.0619 6184  SystemEventsBroker - ok
15:13:10.0666 6184  [ 9D40AC2003DCA9F045181241C2BF47A2 ] SystemStoreService C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe
15:13:10.0682 6184  SystemStoreService ( UnsignedFile.Multi.Generic ) - warning
15:13:10.0682 6184  SystemStoreService - detected UnsignedFile.Multi.Generic (1)
15:13:10.0713 6184  [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\windows\System32\TabSvc.dll
15:13:10.0744 6184  TabletInputService - ok
15:13:10.0760 6184  [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv         C:\windows\System32\tapisrv.dll
15:13:10.0776 6184  TapiSrv - ok
15:13:10.0822 6184  [ D750CE2A52F1B95E654CF2904C88EF1F ] Tcpip           C:\windows\system32\drivers\tcpip.sys
15:13:10.0885 6184  Tcpip - ok
15:13:10.0932 6184  [ D750CE2A52F1B95E654CF2904C88EF1F ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
15:13:10.0979 6184  TCPIP6 - ok
15:13:11.0010 6184  [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
15:13:11.0010 6184  tcpipreg - ok
15:13:11.0026 6184  [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
15:13:11.0041 6184  tdx - ok
15:13:11.0041 6184  [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt        C:\windows\System32\drivers\terminpt.sys
15:13:11.0057 6184  terminpt - ok
15:13:11.0072 6184  [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService     C:\windows\System32\termsrv.dll
15:13:11.0229 6184  TermService - ok
15:13:11.0260 6184  [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes          C:\windows\system32\themeservice.dll
15:13:11.0291 6184  Themes - ok
15:13:11.0307 6184  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER     C:\windows\system32\mmcss.dll
15:13:11.0322 6184  THREADORDER - ok
15:13:11.0354 6184  [ 4515B9E4140F04FB3907692DF89FCA87 ] TimeBroker      C:\windows\System32\TimeBrokerServer.dll
15:13:11.0369 6184  TimeBroker - ok
15:13:11.0401 6184  [ 6F0BFF80EE2A5BC841286A51F893CBAD ] TPM             C:\windows\system32\drivers\tpm.sys
15:13:11.0401 6184  TPM - ok
15:13:11.0416 6184  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks          C:\windows\System32\trkwks.dll
15:13:11.0447 6184  TrkWks - ok
15:13:11.0494 6184  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
15:13:11.0510 6184  TrustedInstaller - ok
15:13:11.0541 6184  [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
15:13:11.0541 6184  TsUsbFlt - ok
15:13:11.0541 6184  [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD         C:\windows\System32\drivers\TsUsbGD.sys
15:13:11.0557 6184  TsUsbGD - ok
15:13:11.0572 6184  [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
15:13:11.0588 6184  tunnel - ok
15:13:11.0588 6184  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35          C:\windows\system32\drivers\uagp35.sys
15:13:11.0588 6184  uagp35 - ok
15:13:11.0604 6184  [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor        C:\windows\System32\drivers\uaspstor.sys
15:13:11.0604 6184  UASPStor - ok
15:13:11.0635 6184  [ 7C33D8B8A5EA2321B84A1B6653CBD0DB ] UCX01000        C:\windows\System32\drivers\ucx01000.sys
15:13:11.0651 6184  UCX01000 - ok
15:13:11.0651 6184  [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
15:13:11.0666 6184  udfs - ok
15:13:11.0697 6184  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect       C:\windows\system32\UI0Detect.exe
15:13:11.0713 6184  UI0Detect - ok
15:13:11.0713 6184  [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
15:13:11.0729 6184  uliagpkx - ok
15:13:11.0744 6184  [ 02CEB3FE6152668A7BA420B93B664860 ] umbus           C:\windows\System32\drivers\umbus.sys
15:13:11.0760 6184  umbus - ok
15:13:11.0760 6184  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass          C:\windows\System32\drivers\umpass.sys
15:13:11.0776 6184  UmPass - ok
15:13:11.0807 6184  [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService    C:\windows\System32\umrdp.dll
15:13:11.0822 6184  UmRdpService - ok
15:13:11.0885 6184  [ DBE2E6388379D5CC78099650541E9566 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:13:11.0901 6184  UNS - ok
15:13:11.0932 6184  [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost        C:\windows\System32\upnphost.dll
15:13:11.0947 6184  upnphost - ok
15:13:11.0963 6184  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64       C:\windows\System32\Drivers\usbaapl64.sys
15:13:11.0979 6184  USBAAPL64 - ok
15:13:12.0010 6184  [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp         C:\windows\System32\drivers\usbccgp.sys
15:13:12.0026 6184  usbccgp - ok
15:13:12.0026 6184  [ B395B62B62F28106218FA6FB17F4C797 ] usbcir          C:\windows\System32\drivers\usbcir.sys
15:13:12.0057 6184  usbcir - ok
15:13:12.0073 6184  [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci         C:\windows\System32\drivers\usbehci.sys
15:13:12.0088 6184  usbehci - ok
15:13:12.0119 6184  [ ADBF89B8E0BB372FEFE2E4B84E1E20AE ] usbhub          C:\windows\System32\drivers\usbhub.sys
15:13:12.0135 6184  usbhub - ok
15:13:12.0135 6184  [ EA040D4C6C94F315A85F3D0EAA884B37 ] USBHUB3         C:\windows\System32\drivers\UsbHub3.sys
15:13:12.0151 6184  USBHUB3 - ok
15:13:12.0166 6184  [ 325F6179009B5A7F6118951A5BA422AB ] usbohci         C:\windows\System32\drivers\usbohci.sys
15:13:12.0182 6184  usbohci - ok
15:13:12.0213 6184  [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint        C:\windows\System32\drivers\usbprint.sys
15:13:12.0229 6184  usbprint - ok
15:13:12.0229 6184  [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR         C:\windows\System32\drivers\USBSTOR.SYS
15:13:12.0244 6184  USBSTOR - ok
15:13:12.0244 6184  [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci         C:\windows\System32\drivers\usbuhci.sys
15:13:12.0260 6184  usbuhci - ok
15:13:12.0276 6184  [ 09799E701B4327097E9F63D3FE221083 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
15:13:12.0291 6184  usbvideo - ok
15:13:12.0323 6184  [ 11C0CF143D246E2F0E9BDBF17A0CC70B ] USBXHCI         C:\windows\System32\drivers\USBXHCI.SYS
15:13:12.0338 6184  USBXHCI - ok
15:13:12.0338 6184  [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc        C:\windows\system32\lsass.exe
15:13:12.0354 6184  VaultSvc - ok
15:13:12.0369 6184  [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
15:13:12.0385 6184  vdrvroot - ok
15:13:12.0401 6184  [ 00FBA165A1167738802DA5D0EE78EF10 ] vds             C:\windows\System32\vds.exe
15:13:12.0416 6184  vds - ok
15:13:12.0432 6184  [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt     C:\windows\system32\drivers\VerifierExt.sys
15:13:12.0432 6184  VerifierExt - ok
15:13:12.0463 6184  [ 500BE6B2E49883720D0AE8BB859ED7A3 ] vhdmp           C:\windows\System32\drivers\vhdmp.sys
15:13:12.0463 6184  vhdmp - ok
15:13:12.0494 6184  [ F5B4A14B00E89250C50982AC762DDD1D ] viaide          C:\windows\system32\drivers\viaide.sys
15:13:12.0494 6184  viaide - ok
15:13:12.0494 6184  [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus           C:\windows\system32\drivers\vmbus.sys
15:13:12.0510 6184  vmbus - ok
15:13:12.0510 6184  [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID        C:\windows\System32\drivers\VMBusHID.sys
15:13:12.0541 6184  VMBusHID - ok
15:13:12.0588 6184  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat   C:\windows\System32\ICSvc.dll
15:13:12.0604 6184  vmicheartbeat - ok
15:13:12.0604 6184  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\windows\System32\ICSvc.dll
15:13:12.0619 6184  vmickvpexchange - ok
15:13:12.0619 6184  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv         C:\windows\System32\ICSvc.dll
15:13:12.0635 6184  vmicrdv - ok
15:13:12.0635 6184  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown    C:\windows\System32\ICSvc.dll
15:13:12.0651 6184  vmicshutdown - ok
15:13:12.0651 6184  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync    C:\windows\System32\ICSvc.dll
15:13:12.0666 6184  vmictimesync - ok
15:13:12.0682 6184  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss         C:\windows\System32\ICSvc.dll
15:13:12.0698 6184  vmicvss - ok
15:13:12.0698 6184  [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr          C:\windows\system32\drivers\volmgr.sys
15:13:12.0713 6184  volmgr - ok
15:13:12.0713 6184  [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
15:13:12.0729 6184  volmgrx - ok
15:13:12.0729 6184  [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE ] volsnap         C:\windows\system32\drivers\volsnap.sys
15:13:12.0744 6184  volsnap - ok
15:13:12.0744 6184  [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci            C:\windows\System32\drivers\vpci.sys
15:13:12.0760 6184  vpci - ok
15:13:12.0776 6184  [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
15:13:12.0791 6184  vsmraid - ok
15:13:12.0838 6184  [ D0C69E44BC1E1D4AD290FD84104623D8 ] VSS             C:\windows\system32\vssvc.exe
15:13:12.0885 6184  VSS - ok
15:13:12.0885 6184  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID        C:\windows\system32\drivers\vstxraid.sys
15:13:12.0901 6184  VSTXRAID - ok
15:13:12.0916 6184  [ 62460A45435A26A334907E3F2EA45611 ] vwifibus        C:\windows\System32\drivers\vwifibus.sys
15:13:12.0932 6184  vwifibus - ok
15:13:12.0948 6184  [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
15:13:12.0948 6184  vwififlt - ok
15:13:12.0963 6184  [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
15:13:12.0979 6184  vwifimp - ok
15:13:13.0010 6184  [ F690B6EEAA94576727B24376D7ED3601 ] W32Time         C:\windows\system32\w32time.dll
15:13:13.0026 6184  W32Time - ok
15:13:13.0041 6184  [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen        C:\windows\System32\drivers\wacompen.sys
15:13:13.0057 6184  WacomPen - ok
15:13:13.0088 6184  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarp          C:\windows\system32\DRIVERS\wanarp.sys
15:13:13.0088 6184  Wanarp - ok
15:13:13.0088 6184  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
15:13:13.0104 6184  Wanarpv6 - ok
15:13:13.0135 6184  [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine        C:\windows\system32\wbengine.exe
15:13:13.0166 6184  wbengine - ok
15:13:13.0182 6184  [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
15:13:13.0198 6184  WbioSrvc - ok
15:13:13.0198 6184  [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc          C:\windows\System32\wcmsvc.dll
15:13:13.0213 6184  Wcmsvc - ok
15:13:13.0229 6184  [ 4507D89FA9E4283100948C91E867D130 ] wcncsvc         C:\windows\System32\wcncsvc.dll
15:13:13.0244 6184  wcncsvc - ok
15:13:13.0260 6184  [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
15:13:13.0276 6184  WcsPlugInService - ok
15:13:13.0291 6184  [ B3A4D918DAB90505B6BC7B70632913CB ] Wd              C:\windows\system32\drivers\wd.sys
15:13:13.0307 6184  Wd - ok
15:13:13.0323 6184  [ 6F4B5DDDC3B86091E94BC47347A78AF7 ] WdBoot          C:\windows\system32\drivers\WdBoot.sys
15:13:13.0338 6184  WdBoot - ok
15:13:13.0354 6184  [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
15:13:13.0369 6184  Wdf01000 - ok
15:13:13.0385 6184  [ 99D404A9A0AFC4734E014EBEBAC13F8F ] WdFilter        C:\windows\system32\drivers\WdFilter.sys
15:13:13.0401 6184  WdFilter - ok
15:13:13.0432 6184  [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost  C:\windows\system32\wdi.dll
15:13:13.0463 6184  WdiServiceHost - ok
15:13:13.0479 6184  [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost   C:\windows\system32\wdi.dll
15:13:13.0494 6184  WdiSystemHost - ok
15:13:13.0510 6184  [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient       C:\windows\System32\webclnt.dll
15:13:13.0557 6184  WebClient - ok
15:13:13.0573 6184  [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc          C:\windows\system32\wecsvc.dll
15:13:13.0588 6184  Wecsvc - ok
15:13:13.0604 6184  [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport   C:\windows\System32\wercplsupport.dll
15:13:13.0619 6184  wercplsupport - ok
15:13:13.0635 6184  [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc          C:\windows\System32\WerSvc.dll
15:13:13.0651 6184  WerSvc - ok
15:13:13.0666 6184  [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS         C:\windows\system32\DRIVERS\wfplwfs.sys
15:13:13.0682 6184  WFPLWFS - ok
15:13:13.0682 6184  [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc          C:\windows\System32\wiarpc.dll
15:13:13.0713 6184  WiaRpc - ok
15:13:13.0729 6184  [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
15:13:13.0729 6184  WIMMount - ok
15:13:13.0760 6184  WinDefend - ok
15:13:13.0776 6184  [ 1369928779943B5C7AABA263E6E2BBC1 ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
15:13:13.0807 6184  WinHttpAutoProxySvc - ok
15:13:13.0854 6184  [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
15:13:13.0869 6184  Winmgmt - ok
15:13:13.0948 6184  [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM           C:\windows\system32\WsmSvc.dll
15:13:13.0994 6184  WinRM - ok
15:13:14.0026 6184  [ BB20956C424531003F7FA6CD36F11D5D ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
15:13:14.0057 6184  WinUsb - ok
15:13:14.0088 6184  [ 19B3CFB1D6516AB2C54772CB75426AD4 ] WlanSvc         C:\windows\System32\wlansvc.dll
15:13:14.0104 6184  WlanSvc - ok
15:13:14.0151 6184  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc         C:\windows\system32\wlidsvc.dll
15:13:14.0166 6184  wlidsvc - ok
15:13:14.0198 6184  [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi         C:\windows\System32\drivers\wmiacpi.sys
15:13:14.0198 6184  WmiAcpi - ok
15:13:14.0229 6184  [ D113499052C5E541906B727779F0F959 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
15:13:14.0229 6184  wmiApSrv - ok
15:13:14.0260 6184  WMPNetworkSvc - ok
15:13:14.0276 6184  [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr         C:\windows\system32\DRIVERS\wpcfltr.sys
15:13:14.0291 6184  wpcfltr - ok
15:13:14.0307 6184  [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc          C:\windows\System32\wpcsvc.dll
15:13:14.0323 6184  WPCSvc - ok
15:13:14.0338 6184  [ 3013658A4D327854BEEC4A08D9655194 ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
15:13:14.0354 6184  WPDBusEnum - ok
15:13:14.0385 6184  [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr       C:\windows\system32\drivers\WpdUpFltr.sys
15:13:14.0385 6184  WpdUpFltr - ok
15:13:14.0401 6184  [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
15:13:14.0416 6184  ws2ifsl - ok
15:13:14.0448 6184  [ 012CFE7F0F95266F554EE3B91EE2128A ] wscsvc          C:\windows\System32\wscsvc.dll
15:13:14.0463 6184  wscsvc - ok
15:13:14.0463 6184  WSearch - ok
15:13:14.0526 6184  [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService       C:\windows\System32\WSService.dll
15:13:14.0557 6184  WSService - ok
15:13:14.0651 6184  [ BE302BABE45EC05995F8DC66E37BBB3D ] wuauserv        C:\windows\system32\wuaueng.dll
15:13:14.0698 6184  wuauserv - ok
15:13:14.0713 6184  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
15:13:14.0729 6184  WudfPf - ok
15:13:14.0760 6184  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\windows\System32\drivers\WUDFRd.sys
15:13:14.0776 6184  WUDFRd - ok
15:13:14.0776 6184  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFSensorLP    C:\windows\system32\DRIVERS\WUDFRd.sys
15:13:14.0791 6184  WUDFSensorLP - ok
15:13:14.0807 6184  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
15:13:14.0807 6184  wudfsvc - ok
15:13:14.0823 6184  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs       C:\windows\system32\DRIVERS\WUDFRd.sys
15:13:14.0823 6184  WUDFWpdFs - ok
15:13:14.0838 6184  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdMtp      C:\windows\system32\DRIVERS\WUDFRd.sys
15:13:14.0838 6184  WUDFWpdMtp - ok
15:13:14.0870 6184  [ F9D8D2E6ECE08B278621D5BF3A7240A6 ] WwanSvc         C:\windows\System32\wwansvc.dll
15:13:14.0885 6184  WwanSvc - ok
15:13:14.0901 6184  ================ Scan global ===============================
15:13:14.0916 6184  [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\windows\system32\basesrv.dll
15:13:14.0948 6184  [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\windows\system32\winsrv.dll
15:13:14.0979 6184  [ BD7C6949984D19AAA609896B675E7357 ] C:\windows\system32\sxssrv.dll
15:13:14.0995 6184  [ 8F226143046435C75C033B0C52E90FFE ] C:\windows\system32\services.exe
15:13:14.0995 6184  [Global] - ok
15:13:14.0995 6184  ================ Scan MBR ==================================
15:13:15.0010 6184  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
15:13:15.0104 6184  \Device\Harddisk0\DR0 - ok
15:13:15.0104 6184  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
15:13:15.0120 6184  \Device\Harddisk1\DR1 - ok
15:13:15.0120 6184  ================ Scan VBR ==================================
15:13:15.0151 6184  [ E5087DEFC3DB55C75FFE972DEA76005B ] \Device\Harddisk0\DR0\Partition1
15:13:15.0151 6184  \Device\Harddisk0\DR0\Partition1 - ok
15:13:15.0166 6184  [ BD3B2E4DD37DD6D140129E2268F567DD ] \Device\Harddisk0\DR0\Partition2
15:13:15.0166 6184  \Device\Harddisk0\DR0\Partition2 - ok
15:13:15.0182 6184  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
15:13:15.0182 6184  \Device\Harddisk0\DR0\Partition3 - ok
15:13:15.0198 6184  [ 651ACD52B91852F271316BB6069B4A0B ] \Device\Harddisk0\DR0\Partition4
15:13:15.0198 6184  \Device\Harddisk0\DR0\Partition4 - ok
15:13:15.0198 6184  [ F3C4DA361C43CEF6327D42CC848DA1D8 ] \Device\Harddisk0\DR0\Partition5
15:13:15.0213 6184  \Device\Harddisk0\DR0\Partition5 - ok
15:13:15.0229 6184  [ 655D86E9DBC45A0F31DDF2B2BD9CA1A4 ] \Device\Harddisk0\DR0\Partition6
15:13:15.0323 6184  \Device\Harddisk0\DR0\Partition6 - ok
15:13:15.0323 6184  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
15:13:15.0323 6184  \Device\Harddisk1\DR1\Partition1 - ok
15:13:15.0323 6184  ============================================================
15:13:15.0323 6184  Scan finished
15:13:15.0323 6184  ============================================================
15:13:15.0338 2744  Detected object count: 3
15:13:15.0338 2744  Actual detected object count: 3
15:13:37.0217 2744  IAStorDataMgrSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:13:37.0217 2744  IAStorDataMgrSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:13:37.0217 2744  Qualcomm Atheros Killer Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:13:37.0217 2744  Qualcomm Atheros Killer Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:13:37.0217 2744  SystemStoreService ( UnsignedFile.Multi.Generic ) - skipped by user
15:13:37.0217 2744  SystemStoreService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:13:51.0219 6508  Deinitialize success

Alt 13.06.2013, 15:16   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys! - Standard

Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys!


Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Vollscan mit Malwarebytes Anti-Malware (MBAM) (falls du vor kurzem erst einen Vollscan gemacht hast, reicht auch ein Quickscan (spart Zeit), das dann mir bitte auch mitteilen)

Hinweis: Denk bitte vorher daran, Malwarebytes Anti-Malware über den Updatebutton zu aktualisieren!

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 13.06.2013, 17:25   #13
rupertbayern
 
Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys! - Standard

Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys!


Malwarebytes hat etwas gefunden:
Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.06.13.06

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16599
Rupert :: RUPERTS-PC [Administrator]

13.06.2013 17:07:21
MBAM-log-2013-06-13 (18-21-43).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 429665
Laufzeit: 1 Stunde(n), 14 Minute(n), 12 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKCR\CLSID\{4a0c8953-9d4e-4790-b732-2b9fc9ebce05} (PUP.PinPhotoZoom) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Diesen infizierten Schlüssel hat das Programm auch beim ersten Durchlauf gefunden. Anscheinend wurde dieser nicht entfernt...

Alt 13.06.2013, 22:07   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys! - Standard

Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys!


Zitat:
-> Keine Aktion durchgeführt.
So entfernt MBAM auch nix
Du musst schon alle Funde durch MBAM auch entfernen lassen
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 13.06.2013, 22:33   #15
rupertbayern
 
Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys! - Standard

Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys!


Achso..
Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.06.13.06

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16599
Rupert :: RUPERTS-PC [Administrator]

13.06.2013 23:15:47
mbam-log-2013-06-13 (23-15-47).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 230143
Laufzeit: 4 Minute(n), 5 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKCR\CLSID\{4a0c8953-9d4e-4790-b732-2b9fc9ebce05} (PUP.PinPhotoZoom) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Den ESET Scanner kann ich nicht benutzen, nachdem ich auf Start drücke sehe ich einen Ladebalken (Downloading Virus signature database) und dann kommt der Fehler: "Could not get update. Is proxy configured?". Keine Ahnung was der hat, da ich keinen Proxy benutze

Antwort
Seite 1 von 2 1 2

Themen zu Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys!
adblock, administrator, autorun, bonjour, browser, down, error, explorer, firefox, format, foxydeal, geforce, grand theft auto, helper, homepage, iexplore.exe, install.exe, logfile, malwarebytes, microsoft, msiinstaller, msvcrt, nvidia, nvpciflt.sys, pdf, programme, realtek, registry, rundll, senden, software, softwareupdater, svchost.exe, unerwarteter fehler


« Habe Zip-File in einer Mahnungs-Email angeclickt - Trojaner ? | Weißer Bildschirm / Auffoderung zur Kameraauswahl / yjdgwef Trojaner o. Virus »


Ähnliche Themen: Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys!


  1. Windows 7: AVAST 3 Funde, Malwarebytes 8 Funde
    Log-Analyse und Auswertung - 16.12.2014 (13)
  2. Malwarebytes mehrere Funde, auch Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 31.07.2014 (9)
  3. Windows 7: mehrere Registry Key-Funde (über 1000), Internet Explorer sehr langsam
    Log-Analyse und Auswertung - 09.06.2014 (12)
  4. AVAST und Malwarebytes melden mehrere Funde
    Plagegeister aller Art und deren Bekämpfung - 04.05.2014 (37)
  5. Registry Keys bei Scan gefunden? Bitte um hilfe
    Plagegeister aller Art und deren Bekämpfung - 17.02.2014 (10)
  6. Windows 7: Avira hat 172 Viren gefunden, davor mehrer Funde einzel Funde bei Malwarebytes bzw. Avira
    Log-Analyse und Auswertung - 15.09.2013 (13)
  7. Mehrere PUP Funde
    Log-Analyse und Auswertung - 12.09.2013 (15)
  8. Mehrere Funde durch Malwarebytes
    Log-Analyse und Auswertung - 13.06.2013 (13)
  9. Mehrere PUP.Blabbers Funde
    Plagegeister aller Art und deren Bekämpfung - 17.01.2013 (26)
  10. Funde von Malwarebytes (5 REgistry Keys, 2 Files)
    Plagegeister aller Art und deren Bekämpfung - 22.12.2012 (25)
  11. Malwarebytes Fund Backdoor.Agent / Avira mehrere Funde
    Plagegeister aller Art und deren Bekämpfung - 08.08.2012 (3)
  12. eine url - mehrere funde
    Plagegeister aller Art und deren Bekämpfung - 09.09.2011 (1)
  13. Mehrere Funde mit Malwarebytes: Malware.Packer.Gen, Spyware.SpyEyes (3x), Trojan.Agent (2x)
    Plagegeister aller Art und deren Bekämpfung - 10.08.2010 (29)
  14. Nach Win32/Cryptor Entfernung bei Malwarebytes Scan mehrere weitere Funde
    Log-Analyse und Auswertung - 18.12.2009 (1)
  15. Mehrere Trojaner Funde
    Log-Analyse und Auswertung - 13.09.2009 (3)
  16. Mehrere Funde bei Mbam
    Plagegeister aller Art und deren Bekämpfung - 17.04.2009 (0)
  17. silentbanker->McAfee->hidden registry keys / values
    Plagegeister aller Art und deren Bekämpfung - 07.10.2008 (6)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys! - Hallo HIer sind die Logs: 1: Malwarebytes Code: Alles auswählen Aufklappen ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.06.13.03 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16599 Rupert :: RUPERTS-PC [Administrator] - Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys!...
Archiv
Du betrachtest: Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58