Abnow versucht zu entfernen - Reste vorhanden?

dumdididum · 05.04.2012, 18:54

Hallo ihr da draußen,

kaum angemeldet und schon habe ich eine Herausforderung.

Ich habe von einer Freundin ihren Laptop zur Reinigung bekommen. Der Dreck: Abnow-Weiterleitung

Nun habe ich mein möglichstes getan um ihren Laptop wieder sauber zu bekommen. Soweit ein Erfolg, die Weiterleitung ist verschwunden. Nun ist die Frage ob das alles auch wirklich beseitigt ist oder nur an einem dunklen Ort darauf lauert wieder zuzuschlagen...

Darum brauch ich eure Hilfe bei der Log-Auswertung oder damit ihr sagt, was ich noch machen sollte.
Ich habe den TDSS-Killer drüberlaufen lassen
MBAM ein paar Mal
OTL
und den CCleaner

Logs im Anhang zwecks Übersichtlichkeit.

Herzlichen Dank im Voraus

cosinus · 05.04.2012, 19:52

Zitat:

C:\Windows\System32\SNMPTRAP.dll (Rootkit.0Access) -> Löschen bei Neustart.

Kannst du im Grunde vergessen, beim ZeroAccess sollte das System neu installiert werden.
Braucht ihr Hilfe bei der nachträglichen Datensicherung? Wenn ihr jetzt noch was sichern müssen, das macht ihr bitte NICHT vom infizierten Windows, sondern von einem Linux-Live-System!

dumdididum · 05.04.2012, 20:12

Gibt es wirklich so geringe Chancen? Das ganze System aufzusetzen dauert wieder so lange bis es so ist wie vorher, ist ihr Unilaptop. Wollte mir den Stress und die Zeit eigentlich ersparen...

Solche miesen Sachen sind der Grund, warum ich selber an meinem Laptop Linux benutze... Wie man sicher sichert weis ich danke

cosinus · 05.04.2012, 20:13

Ja leider. Beim ZeroAccess hat man wirklich keine guten Chancen. Wenn du willst probieren wir es aber. Dann beachte den Abschnitt unten:

Du hast offensichtlich einen ZeroAccess drauf, der ist immer ungemütlich.

Ich würde dir erstmal für den Fall der Fälle eine Datensicherung empfehlen und dich darauf vorzubereiten, eine komplette Neuinstallation von Windows durchzuführen, den ZA kann man nämlich nicht immer per Bereinigung entfernen!

Zum Thema Datensicherung von infizierten Systemen; mach das über ne Live-CD wie Knoppix, Ubuntu (zweiter Link in meiner Signatur) oder über PartedMagic. Grund: Bei einem Live-System sind keine Schädlinge des infizierten Windows-Systems aktiv, damit ist dann auch eine negative Beeinflussung des Backups durch Schädlinge ausgeschlossen.

Du brauchst natürlich auch ein Sicherungsmedium, am besten dürfte eine externe Platte sein. Sofern du nicht allzuviel sichern musst, kann auch ein USB-Stick ausreichen.

Hier eine kurze Anleitung zu PartedMagic, funktioniert prinzipell so aber fast genauso mit allen anderen Live-Systemen auch.

1. Lade Dir das ISO-Image von PartedMagic herunter, müssten ca. 180 MB sein
2. Brenn es per Imagebrennfunktion auf CD, geht zB mit ImgBurn unter Windows
3. Boote von der gebrannten CD, im Bootmenü von Option 1 starten und warten bis der Linux-Desktop oben ist

4. Du müsstest ein Symbol "Mount Devices" finden, das doppelklicken
5. Mounte die Partitionen wo Windows installiert ist, meistens isses /dev/sda1 und natürlich noch etwaige andere Partitionen, wo noch Daten liegen und die gesichert werden müssen - natürlich auch die der externen Platte (du bekommmst nur Lese- und Schreibzugriffe auf die Dateisysteme, wenn diese gemountet sind)
6. Kopiere die Daten der internen Platte auf die externe Platte - kopiere nur persönliche Dateien, Musik, Videos, etc. auf die Backupplatte, KEINE ausführbaren Dateien wie Programme/Spiele/Setups!!
7. Wenn fertig, starte den Rechner neu, schalte die ext. Platte ab und boote wieder Windows

Wenn du dir sicher bist, dass du auch Daten unter Linux gesichert hast, führst du mal Combofix aus:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Lade dir ComboFix hier herunter auf deinen Desktop.

Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

dumdididum · 05.04.2012, 20:16

Okay, dann setz ich mich morgen früh oder jetzt dann noch dran und sichere ihre Dateien.
Wenn ich mit Combofix durch bin, melde ich mich dann noch einmal.

Vielen Dank fürs Erste

cosinus · 05.04.2012, 20:18

Ok, das ist schon mal was. Ohne Datensicherung wäre es sehr übel.
Wenn die Daten gesichert sind ist eine Neuinstallation auch nicht mehr das schlimmste

dumdididum · 06.04.2012, 09:12

So, hier nun der Combofix-Log. War wohl noch nicht alles sauber...

Code:

ATTFilter

ComboFix 12-04-05.09 - ****** 06.04.2012   9:44.1.2 - x86
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.3003.2324 [GMT 2:00]
ausgeführt von:: c:\users\******\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\SPLD197.tmp
c:\windows\$NtUninstallKB20753$
c:\windows\$NtUninstallKB20753$\92253073\L\xadqgnnk
c:\windows\IsUn0407.exe
c:\windows\system32\dds_log_ad13.cmd
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\SETDC95.tmp
c:\windows\system32\tifmsony.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_toscosrv
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-03-06 bis 2012-04-06  ))))))))))))))))))))))))))))))
.
.
2012-04-06 09:10 . 2012-04-06 09:10	--------	d---a-w-	C:\.Trash-999
2012-04-06 07:55 . 2012-04-06 07:57	--------	d-----w-	c:\users\******\AppData\Local\temp
2012-04-06 07:55 . 2012-04-06 07:55	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-04-02 15:21 . 2012-04-02 15:21	418464	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-04-02 14:08 . 2012-04-02 14:08	--------	d-----w-	c:\program files\CCleaner
2012-04-02 14:02 . 2012-04-02 14:02	--------	d-----w-	C:\TDSSKiller_Quarantine
2012-04-02 13:27 . 2012-04-02 13:28	--------	d-----w-	c:\program files\YTDownloader
2012-04-02 11:19 . 2012-04-02 11:19	--------	d-----w-	c:\users\******\AppData\Roaming\Malwarebytes
2012-04-02 11:19 . 2012-04-02 11:19	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2012-04-02 11:19 . 2012-04-02 11:19	--------	d-----w-	c:\programdata\Malwarebytes
2012-04-02 11:19 . 2011-12-10 13:24	20464	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-03-29 12:00 . 2012-03-29 12:00	--------	d-sh--w-	c:\windows\system32\%APPDATA%
2012-03-29 11:55 . 2012-03-29 11:55	--------	d-sh--w-	c:\users\******\AppData\Local\057fab91
2012-03-29 10:07 . 2012-03-29 10:07	592824	----a-w-	c:\program files\Mozilla Firefox\gkmedias.dll
2012-03-29 10:07 . 2012-03-29 10:07	44472	----a-w-	c:\program files\Mozilla Firefox\mozglue.dll
2012-03-14 13:12 . 2012-02-03 03:54	2343424	----a-w-	c:\windows\system32\win32k.sys
2012-03-14 13:12 . 2012-02-10 05:38	1077248	----a-w-	c:\windows\system32\DWrite.dll
2012-03-14 13:12 . 2012-01-25 05:32	58880	----a-w-	c:\windows\system32\rdpwsx.dll
2012-03-14 13:12 . 2012-01-25 05:32	129536	----a-w-	c:\windows\system32\rdpcorekmts.dll
2012-03-14 13:12 . 2012-01-25 05:27	8192	----a-w-	c:\windows\system32\rdrmemptylst.exe
2012-03-14 13:12 . 2012-02-17 05:34	826880	----a-w-	c:\windows\system32\rdpcore.dll
2012-03-14 13:12 . 2012-02-17 04:14	183808	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-03-14 13:12 . 2012-02-17 04:13	24576	----a-w-	c:\windows\system32\drivers\tdtcp.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-02 15:21 . 2011-12-11 12:11	70304	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-02 14:02 . 2011-01-31 10:37	218688	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2012-03-29 10:07 . 2011-04-11 16:16	97208	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-09-03 1557800]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-09-11 7739936]
"EnergyUtility"="c:\program files\Lenovo\Energy Management\utility.exe" [2009-09-01 4114288]
"Energy Management"="c:\program files\Lenovo\Energy Management\Energy Management.exe" [2009-06-25 5064520]
"LXCGCATS"="c:\windows\system32\spool\DRIVERS\W32X86\3\LXCGtime.dll" [2007-02-22 73728]
"NetWorx"="c:\program files\NetWorx\networx.exe" [2010-11-22 3042816]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]
.
c:\users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2010-3-27 3450608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:\Program Files
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\c:\program files\NetMeter
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2011-11-01 22:25	59240	----a-w-	c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BTMTrayAgent]
2009-07-22 17:54	17753352	----a-w-	c:\program files\Motorola\Bluetooth\btmshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-01-20 09:20	1305408	----a-w-	c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-03-05 15:32	1135912	----a-w-	c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
2009-03-28 21:11	3325952	----a-w-	c:\program files\Electronic Arts\EADM\Core.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]
2007-04-29 20:57	103344	----a-w-	c:\program files\Lexmark 2300 Series\ezprint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2011-02-11 17:26	171032	----a-w-	c:\windows\System32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2011-02-11 17:26	137752	----a-w-	c:\windows\System32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndicatorListener]
2009-08-12 11:11	107784	----a-w-	c:\program files\Motorola\Bluetooth\mkil.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxcgmon.exe]
2007-04-29 20:56	205744	----a-w-	c:\program files\Lexmark 2300 Series\lxcgmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2012-01-13 12:53	460872	----a-w-	c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ManyCam]
2010-03-03 10:13	1824040	----a-w-	c:\program files\ManyCam 2.4\ManyCam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2011-02-11 17:26	172568	----a-w-	c:\windows\System32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-11-01 19:44	98304	----a-w-	c:\program files\QuickTime\qttask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-03-09 09:02	26100520	----a-r-	c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-04-08 10:59	254696	----a-w-	c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\******\AppData\Local\Google\Update\GoogleUpdate.exe" /c
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 253600]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe [2009-07-22 709384]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys [2009-07-09 40448]
R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [2009-07-13 516608]
R3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys [x]
R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-06-24 167424]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-03-18 172328]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-02 218688]
S1 PSSDK42;PSSDK42;c:\windows\system32\Drivers\pssdk42.sys [2010-11-27 38976]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe [2009-07-22 474888]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-25 1047880]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2010-01-20 23136]
S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [2009-07-22 3473672]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-05-26 122368]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [2009-07-27 51712]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys [2008-01-14 21632]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-10 20464]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
HPService	REG_MULTI_SZ   	HPSLPSVC
.
NETSVCS BENÖTIGT REPARATUR - Derzeitig vorhandene Einträge:
AeLookupSvc
CertPropSvc
SCPolicySvc
lanmanserver
gpsvc
IKEEXT
AudioSrv
FastUserSwitchingCompatibility
Ias
Irmon
Nla
Ntmssvc
NWCWorkstation
Nwsapagent
Rasauto
Rasman
Remoteaccess
SENS
Sharedaccess
SRService
Tapisrv
UxTuneUp
Wmi
WmdmPmSp
atmeltpm
WinVd32
s217bus
stirusb
Slpsvdr
TuneUp.ProgramStatisticsSvc
HSFHWICH
ipassconnectengine
qbreminderflash
hdthermal
sansaservice
tavsvc
bdfdll
vmodem
snpstd
USB28xxBGA
passthru
hwpsgt
symantecantibotagent
pdiddcci
MSIRCOMM
jconfigd
MMRTKRNL
pxfhmdm
akshasp
winachsf
wstcodec
issimon
ntsyslog
smcirda
vaiomediaplatform-videoserver-appserver
UimBus
ilicensesvc
zenos1
slee_81_service
sonytvc
lvprcsrv
atirage3
WaveEnrollmentService
RSAFAL
AVRec
mwsejcap
cdr4_2k
pxfhserd
nv
bdfsdrv
evteng
truecrypt
mraid35x
sit_mdm
eliservice
hsxhwazl
OEM02Vfx
streamloadservice
netmdsb
mcpromgr
as32svc
cdaudio
ssisvr32
pxfhbus
omniusb
USRpdA
ctxcpusched
sfusvc
TIEHDUSB
pdlnecfg
scsiaccess
dphost
Ndismeetro
dlbu_device
rpsupdaterr
ZSMC211
oracleorahomeagent
cxlpt
HSFHWALI
scramby
zpcache
inotask
tpkmpsvc
vmnetbridge
AVCamUSB20
areschatserver
HssSrv
idebusdr
el90xbc
sysmgmthp
lktimesync
BrSerIf
T6963C
w810mdfl
mhn
intelroam
srtspx
PID_08A0
cwafnotesservice
winvnc
cmuda3
perc2hib
DKbFltr
se45mdm
hcf_msft
cpsvc
tfsnpool
SABProcEnum
WIBUKEY
se58mdfl
DivisCTS
USB11LDR
ScFBPNT2
BootScreen
mctskshd.exe
dlartl_n
tfsncofs
SymIMMP
avcgbdr
iaimfp3
int15
oracledbconsoleorcl
elnkfwppservice
ipahelper.exe
SE26mgmt
XBCD
yats32
WD_FireWire_HID
ccproxy
se27nd5
netsvc
SSHDRV61
MREMP50a64
viairda
btaudio
naveng
npkcrypt
ati2mtaa
inport
prismxl
tmactmon
symwsc
SE2Bmdfl
ATKGFNEXSrv
ONSIO
asp.net
z800mgmt
asc3550
adfs
ndassvc
NSSvcMgr
TcUsb
USB_NDIS_51
pdreli
MRESP50a64
iviVD
UPATC
zendcoreapache
websensewfreportserver
MRESP50
vsdatant
portmapper
slapd-config52
vet-rec
smrt
cwafeventrouter
{e2b953a6-195a-44f9-9ba3-3d5f4e32bb55}
eaps2kbd
streamip
s117mgmt
puscsrvc
lirsgt
mi-raysat_3dsmax8
datunidr
nisum
CdaD10BA
mlkkbdntdriver
netddedsdm
netw4x32
s125bus
tfsnifs
ixiaendpoint
dladresn
se44bus
G400DH
beatjammusicstreamingserver
symidsco
imagesrv
MobilityService
cvspydr2
WinFl32
klblmain
lxcc_device
regsrvc
ROOTUSB
tlntsvr
AdfuUd
pdscheduler
symc8xx
fa_scheduler
SE27mdfl
BrScnUsb
ltck000c
mpfservice
wmccdsls
Ncrc710
vetfddnt
haspnt
vc8secs
elbydelay
konfig
genregistrar
MS1000
wanatw
DevUpper
BCMModem
McciCMService
NetwareWorkstation
LVRS
tvtnetwk
PTDCMdm
aeaudio
update
sandboxu
SeratoUsb
TermService
wuauserv
BITS
ShellHWDetection
LogonHours
PCAudit
helpsvc
uploadmgr
iphlpsvc
seclogon
AppInfo
msiscsi
MMCSS
wercplsupport
EapHost
ProfSvc
schedule
hkmsvc
SessionEnv
winmgmt
browser
Themes
BDESVC
AppMgmt
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-04-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 15:21]
.
2011-06-11 c:\windows\Tasks\At1.job
- c:\windows\system32\Shutdown.exe [2009-07-13 01:14]
.
2011-06-11 c:\windows\Tasks\At2.job
- c:\windows\system32\Shutdown.exe [2009-07-13 01:14]
.
2012-03-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1416301568-2198918287-4027682294-1000Core.job
- c:\users\******\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-24 08:30]
.
2012-04-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1416301568-2198918287-4027682294-1000UA.job
- c:\users\******\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-24 08:30]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride =  localhost
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Web-Suche - c:\program files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\******\AppData\Roaming\Mozilla\Firefox\Profiles\57j1ug5t.default\
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: browser.search.selectedEngine - Wikipedia (de)
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p=
FF - prefs.js: network.proxy.type - 0
FF - user.js: yahoo.homepage.dontask - true
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
SafeBoot-41548355.sys
MSConfigStartUp-NetMeter - c:\program files\NetMeter\NetMeter.exe
MSConfigStartUp-NetLimiter - c:\program files\NetLimiter 3\NLClientApp.exe
MSConfigStartUp-Steam - c:\program files\Steam\steam.exe
MSConfigStartUp-WinampAgent - c:\program files\Winamp\winampa.exe
AddRemove-Zauberhafte Pferdewelt - c:\windows\IsUn0407.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(3528)
c:\program files\Stardock\ObjectDock\DockShellHook.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\WUDFHost.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\lxcgcoms.exe
c:\windows\system32\taskhost.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
c:\windows\system32\conhost.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-04-06  10:06:44 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-04-06 08:06
.
Vor Suchlauf: 10 Verzeichnis(se), 50.633.986.048 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 49.987.756.032 Bytes frei
.
- - End Of File - - 8038272643828A75A8FBC31C657BC714

cosinus · 06.04.2012, 14:34

Combofix - Scripten

1. Starte das Notepad (Start / Ausführen / notepad[Enter])

2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein.

Hinweis: Falls Du Deinen Benutzernamen unkenntlich gemacht hast, musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!!

Code:

ATTFilter

Folder::
c:\users\******\AppData\Local\057fab91

3. Speichere im Notepad als CFScript.txt auf dem Desktop.

4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall.
(Auch Guards von Ad-, Spyware Programmen und den Tea Timer (wenn vorhanden) !)

5. Dann ziehe die CFScript.txt auf die cofi.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet.

6. Nach dem Neustart (es wird gefragt ob Du neustarten willst), poste bitte die folgenden Log Dateien:
Combofix.txt

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

dumdididum · 06.04.2012, 19:23

Ausgabe:

Code:

ATTFilter

ComboFix 12-04-05.09 - ****** 06.04.2012  20:03:33.2.2 - x86
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.3003.2212 [GMT 2:00]
ausgeführt von:: c:\users\******\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\******\Desktop\CFScript.txt
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\******\AppData\Local\057fab91
c:\users\******\AppData\Local\057fab91\@
c:\windows\system32\itmrtsvc.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_WD_FireWire_HID
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-03-06 bis 2012-04-06  ))))))))))))))))))))))))))))))
.
.
2012-04-06 18:12 . 2012-04-06 18:14	--------	d-----w-	c:\users\******\AppData\Local\temp
2012-04-02 15:21 . 2012-04-02 15:21	418464	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-04-02 14:08 . 2012-04-02 14:08	--------	d-----w-	c:\program files\CCleaner
2012-04-02 14:02 . 2012-04-02 14:02	--------	d-----w-	C:\TDSSKiller_Quarantine
2012-04-02 13:27 . 2012-04-02 13:28	--------	d-----w-	c:\program files\YTDownloader
2012-04-02 11:19 . 2012-04-02 11:19	--------	d-----w-	c:\users\******\AppData\Roaming\Malwarebytes
2012-04-02 11:19 . 2012-04-02 11:19	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2012-04-02 11:19 . 2012-04-02 11:19	--------	d-----w-	c:\programdata\Malwarebytes
2012-04-02 11:19 . 2011-12-10 13:24	20464	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-03-29 12:00 . 2012-03-29 12:00	--------	d-sh--w-	c:\windows\system32\%APPDATA%
2012-03-29 10:07 . 2012-03-29 10:07	592824	----a-w-	c:\program files\Mozilla Firefox\gkmedias.dll
2012-03-29 10:07 . 2012-03-29 10:07	44472	----a-w-	c:\program files\Mozilla Firefox\mozglue.dll
2012-03-14 13:12 . 2012-02-03 03:54	2343424	----a-w-	c:\windows\system32\win32k.sys
2012-03-14 13:12 . 2012-02-10 05:38	1077248	----a-w-	c:\windows\system32\DWrite.dll
2012-03-14 13:12 . 2012-01-25 05:32	58880	----a-w-	c:\windows\system32\rdpwsx.dll
2012-03-14 13:12 . 2012-01-25 05:32	129536	----a-w-	c:\windows\system32\rdpcorekmts.dll
2012-03-14 13:12 . 2012-01-25 05:27	8192	----a-w-	c:\windows\system32\rdrmemptylst.exe
2012-03-14 13:12 . 2012-02-17 05:34	826880	----a-w-	c:\windows\system32\rdpcore.dll
2012-03-14 13:12 . 2012-02-17 04:14	183808	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-03-14 13:12 . 2012-02-17 04:13	24576	----a-w-	c:\windows\system32\drivers\tdtcp.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-02 15:21 . 2011-12-11 12:11	70304	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-02 14:02 . 2011-01-31 10:37	218688	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2012-03-29 10:07 . 2011-04-11 16:16	97208	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-09-03 1557800]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-09-11 7739936]
"EnergyUtility"="c:\program files\Lenovo\Energy Management\utility.exe" [2009-09-01 4114288]
"Energy Management"="c:\program files\Lenovo\Energy Management\Energy Management.exe" [2009-06-25 5064520]
"LXCGCATS"="c:\windows\system32\spool\DRIVERS\W32X86\3\LXCGtime.dll" [2007-02-22 73728]
"NetWorx"="c:\program files\NetWorx\networx.exe" [2010-11-22 3042816]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]
.
c:\users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2010-3-27 3450608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2011-11-01 22:25	59240	----a-w-	c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BTMTrayAgent]
2009-07-22 17:54	17753352	----a-w-	c:\program files\Motorola\Bluetooth\btmshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-01-20 09:20	1305408	----a-w-	c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-03-05 15:32	1135912	----a-w-	c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
2009-03-28 21:11	3325952	----a-w-	c:\program files\Electronic Arts\EADM\Core.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]
2007-04-29 20:57	103344	----a-w-	c:\program files\Lexmark 2300 Series\ezprint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2011-02-11 17:26	171032	----a-w-	c:\windows\System32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2011-02-11 17:26	137752	----a-w-	c:\windows\System32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndicatorListener]
2009-08-12 11:11	107784	----a-w-	c:\program files\Motorola\Bluetooth\mkil.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxcgmon.exe]
2007-04-29 20:56	205744	----a-w-	c:\program files\Lexmark 2300 Series\lxcgmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2012-01-13 12:53	460872	----a-w-	c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ManyCam]
2010-03-03 10:13	1824040	----a-w-	c:\program files\ManyCam 2.4\ManyCam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2011-02-11 17:26	172568	----a-w-	c:\windows\System32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-11-01 19:44	98304	----a-w-	c:\program files\QuickTime\qttask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-03-09 09:02	26100520	----a-r-	c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-04-08 10:59	254696	----a-w-	c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\******\AppData\Local\Google\Update\GoogleUpdate.exe" /c
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 253600]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe [2009-07-22 709384]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys [2009-07-09 40448]
R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [2009-07-13 516608]
R3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys [x]
R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-06-24 167424]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-03-18 172328]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-02 218688]
S1 PSSDK42;PSSDK42;c:\windows\system32\Drivers\pssdk42.sys [2010-11-27 38976]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe [2009-07-22 474888]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-25 1047880]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2010-01-20 23136]
S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [2009-07-22 3473672]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-05-26 122368]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [2009-07-27 51712]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys [2008-01-14 21632]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-10 20464]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
HPService	REG_MULTI_SZ   	HPSLPSVC
.
NETSVCS BENÖTIGT REPARATUR - Derzeitig vorhandene Einträge:
AeLookupSvc
CertPropSvc
SCPolicySvc
lanmanserver
gpsvc
IKEEXT
AudioSrv
FastUserSwitchingCompatibility
Ias
Irmon
Nla
Ntmssvc
NWCWorkstation
Nwsapagent
Rasauto
Rasman
Remoteaccess
SENS
Sharedaccess
SRService
Tapisrv
UxTuneUp
Wmi
WmdmPmSp
atmeltpm
WinVd32
s217bus
stirusb
Slpsvdr
TuneUp.ProgramStatisticsSvc
HSFHWICH
ipassconnectengine
qbreminderflash
hdthermal
sansaservice
tavsvc
bdfdll
vmodem
snpstd
USB28xxBGA
passthru
hwpsgt
symantecantibotagent
pdiddcci
MSIRCOMM
jconfigd
MMRTKRNL
pxfhmdm
akshasp
winachsf
wstcodec
issimon
ntsyslog
smcirda
vaiomediaplatform-videoserver-appserver
UimBus
ilicensesvc
zenos1
slee_81_service
sonytvc
lvprcsrv
atirage3
WaveEnrollmentService
RSAFAL
AVRec
mwsejcap
cdr4_2k
pxfhserd
nv
bdfsdrv
evteng
truecrypt
mraid35x
sit_mdm
eliservice
hsxhwazl
OEM02Vfx
streamloadservice
netmdsb
mcpromgr
as32svc
cdaudio
ssisvr32
pxfhbus
omniusb
USRpdA
ctxcpusched
sfusvc
TIEHDUSB
pdlnecfg
scsiaccess
dphost
Ndismeetro
dlbu_device
rpsupdaterr
ZSMC211
oracleorahomeagent
cxlpt
HSFHWALI
scramby
zpcache
inotask
tpkmpsvc
vmnetbridge
AVCamUSB20
areschatserver
HssSrv
idebusdr
el90xbc
sysmgmthp
lktimesync
BrSerIf
T6963C
w810mdfl
mhn
intelroam
srtspx
PID_08A0
cwafnotesservice
winvnc
cmuda3
perc2hib
DKbFltr
se45mdm
hcf_msft
cpsvc
tfsnpool
SABProcEnum
WIBUKEY
se58mdfl
DivisCTS
USB11LDR
ScFBPNT2
BootScreen
mctskshd.exe
dlartl_n
tfsncofs
SymIMMP
avcgbdr
iaimfp3
int15
oracledbconsoleorcl
elnkfwppservice
ipahelper.exe
SE26mgmt
XBCD
yats32
ccproxy
se27nd5
netsvc
SSHDRV61
MREMP50a64
viairda
btaudio
naveng
npkcrypt
ati2mtaa
inport
prismxl
tmactmon
symwsc
SE2Bmdfl
ATKGFNEXSrv
ONSIO
asp.net
z800mgmt
asc3550
adfs
ndassvc
NSSvcMgr
TcUsb
USB_NDIS_51
pdreli
MRESP50a64
iviVD
UPATC
zendcoreapache
websensewfreportserver
MRESP50
vsdatant
portmapper
slapd-config52
vet-rec
smrt
cwafeventrouter
{e2b953a6-195a-44f9-9ba3-3d5f4e32bb55}
eaps2kbd
streamip
s117mgmt
puscsrvc
lirsgt
mi-raysat_3dsmax8
datunidr
nisum
CdaD10BA
mlkkbdntdriver
netddedsdm
netw4x32
s125bus
tfsnifs
ixiaendpoint
dladresn
se44bus
G400DH
beatjammusicstreamingserver
symidsco
imagesrv
MobilityService
cvspydr2
WinFl32
klblmain
lxcc_device
regsrvc
ROOTUSB
tlntsvr
AdfuUd
pdscheduler
symc8xx
fa_scheduler
SE27mdfl
BrScnUsb
ltck000c
mpfservice
wmccdsls
Ncrc710
vetfddnt
haspnt
vc8secs
elbydelay
konfig
genregistrar
MS1000
wanatw
DevUpper
BCMModem
McciCMService
NetwareWorkstation
LVRS
tvtnetwk
PTDCMdm
aeaudio
update
sandboxu
SeratoUsb
TermService
wuauserv
BITS
ShellHWDetection
LogonHours
PCAudit
helpsvc
uploadmgr
iphlpsvc
seclogon
AppInfo
msiscsi
MMCSS
wercplsupport
EapHost
ProfSvc
schedule
hkmsvc
SessionEnv
winmgmt
browser
Themes
BDESVC
AppMgmt
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-04-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 15:21]
.
2011-06-11 c:\windows\Tasks\At1.job
- c:\windows\system32\Shutdown.exe [2009-07-13 01:14]
.
2011-06-11 c:\windows\Tasks\At2.job
- c:\windows\system32\Shutdown.exe [2009-07-13 01:14]
.
2012-03-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1416301568-2198918287-4027682294-1000Core.job
- c:\users\******\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-24 08:30]
.
2012-04-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1416301568-2198918287-4027682294-1000UA.job
- c:\users\******\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-24 08:30]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride =  localhost
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Web-Suche - c:\program files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\******\AppData\Roaming\Mozilla\Firefox\Profiles\57j1ug5t.default\
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: browser.search.selectedEngine - Wikipedia (de)
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p=
FF - prefs.js: network.proxy.type - 0
FF - user.js: yahoo.homepage.dontask - true
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(3444)
c:\program files\Stardock\ObjectDock\DockShellHook.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\WUDFHost.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\lxcgcoms.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
c:\windows\system32\conhost.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\windows\system32\sppsvc.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-04-06  20:18:39 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-04-06 18:18
ComboFix2.txt  2012-04-06 08:06
.
Vor Suchlauf: 14 Verzeichnis(se), 49.051.025.408 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 49.034.932.224 Bytes frei
.
- - End Of File - - 7C11474D0D6BCCCA54418BBB8AC53AAB

cosinus · 06.04.2012, 20:19

Na ich weiß nicht ob das noch was wird mit deinem Rechner

Bitte nun routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden.

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

ATTFilter

 hier steht das Log

dumdididum · 06.04.2012, 23:36

Rein aus Interesse... Woran siehst du die geringen Erfolgschancen an dem Log?
Nach den Scans bin ich eigentlich relativ zuversichtlich...

Der Avast Rootkit Scanner konnte auch nichts mehr finden.

MBAM:

Code:

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.04.06.07

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
****** :: ALAPEX [Administrator]

Schutz: Deaktiviert

06.04.2012 21:23:31
mbam-log-2012-04-06 (21-23-31).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 352501
Laufzeit: 1 Stunde(n), 24 Minute(n), 54 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\TDSSKiller_Quarantine\02.04.2012_16.00.48\rtkt0000\zafs0000\tsk0011.dta (Rootkit.0Access) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

ESET:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=64a4ddeae730e842bbcdd02a27c1481f
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-04-06 09:56:20
# local_time=2012-04-06 11:56:20 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 27090785 85377118 0 0
# compatibility_mode=8192 67108863 100 0 134 134 0 0
# scanned=140138
# found=10
# cleaned=10
# scan_time=3474
C:\TDSSKiller_Quarantine\02.04.2012_16.00.48\rtkt0000\svc0000\tsk0000.dta	Variante von Win32/Rootkit.Kryptik.KL Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)	00000000000000000000000000000000	C
C:\TDSSKiller_Quarantine\02.04.2012_16.00.48\rtkt0000\zafs0000\tsk0004.dta	Win32/Agent.TMK Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)	00000000000000000000000000000000	C
C:\TDSSKiller_Quarantine\02.04.2012_16.00.48\rtkt0000\zafs0000\tsk0007.dta	Variante von Win32/Sirefef.CP Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)	00000000000000000000000000000000	C
C:\TDSSKiller_Quarantine\02.04.2012_16.00.48\rtkt0000\zafs0000\tsk0008.dta	Variante von Win32/Sirefef.EN Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)	00000000000000000000000000000000	C
C:\TDSSKiller_Quarantine\02.04.2012_16.00.48\rtkt0000\zafs0000\tsk0009.dta	Variante von Win32/Sirefef.CP Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)	00000000000000000000000000000000	C
C:\TDSSKiller_Quarantine\02.04.2012_16.00.48\rtkt0000\zafs0000\tsk0010.dta	Variante von Win32/Sirefef.CP Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)	00000000000000000000000000000000	C
C:\Users\******\Desktop\YouTubeDownloaderSetup35.exe	möglicherweise Variante von Win32/Toolbar.Widgi Anwendung (gelöscht - in Quarantäne kopiert)	00000000000000000000000000000000	C
C:\Users\******\Downloads\PDFCreator-1_2_3_setup.exe	Mehrere Bedrohungen (gelöscht - in Quarantäne kopiert)	00000000000000000000000000000000	C
C:\Users\******\Downloads\SUPERsetup201149.exe	Win32/OpenCandy Anwendung (gelöscht - in Quarantäne kopiert)	00000000000000000000000000000000	C
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6T31BVNN\banner_frame[1].php	HTML/Iframe.B.Gen Virus (gelöscht - in Quarantäne kopiert)	00000000000000000000000000000000	C

cosinus · 07.04.2012, 01:17

Zitat:

NETSVCS BENÖTIGT REPARATUR - Derzeitig vorhandene Einträge:

Das im CF-Log sieht nicht gerade gut aus...hab ich so noch nicht gesehen, deswegen bin ich da etwas pessimistisch

Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

ATTFilter

 hier steht das Log

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Setze oben mittig den Haken bei Scanne alle Benutzer
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet

Code:

ATTFilter

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf .
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

dumdididum · 07.04.2012, 08:18

Dann mal schauen ob das was wird

OTL:

Code:

ATTFilter

OTL logfile created on: 07.04.2012 08:55:33 - Run 3
OTL by OldTimer - Version 3.2.39.2     Folder = C:\Users\******\Desktop
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,93 Gb Total Physical Memory | 2,21 Gb Available Physical Memory | 75,46% Memory free
5,86 Gb Paging File | 5,10 Gb Available in Paging File | 87,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 278,23 Gb Total Space | 47,45 Gb Free Space | 17,05% Space Free | Partition Type: NTFS
Drive D: | 5,00 Gb Total Space | 3,86 Gb Free Space | 77,26% Space Free | Partition Type: NTFS
Drive G: | 1,87 Gb Total Space | 1,84 Gb Free Space | 98,35% Space Free | Partition Type: FAT
 
Computer Name: ALAPEX | User Name: ****** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.04.02 15:49:42 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\******\Desktop\OTL.exe
PRC - [2012.03.07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.06.24 06:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.03.27 20:49:14 | 000,647,680 | ---- | M] (Macrovision Europe Ltd.) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2009.09.01 15:25:36 | 004,114,288 | ---- | M] (Lenovo(beijing) Limited) -- C:\Programme\Lenovo\Energy Management\utility.exe
PRC - [2009.07.22 19:56:24 | 000,474,888 | ---- | M] (Motorola, Inc.) -- C:\Programme\Motorola\Bluetooth\obexsrv.exe
PRC - [2009.07.22 19:55:46 | 003,473,672 | ---- | M] (Motorola, Inc.) -- C:\Programme\Motorola\Bluetooth\devmgrsrv.exe
PRC - [2009.06.25 10:46:08 | 005,064,520 | ---- | M] (Lenovo (Beijing) Limited) -- C:\Programme\Lenovo\Energy Management\Energy Management.exe
PRC - [2007.04.30 20:43:54 | 003,450,608 | ---- | M] (Stardock) -- C:\Programme\Stardock\ObjectDock\ObjectDock.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2009.08.16 18:06:02 | 000,141,312 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2008.12.20 04:20:50 | 000,063,304 | ---- | M] () -- C:\Programme\Lenovo\Energy Management\KbdHook.dll
MOD - [2008.12.20 04:20:08 | 000,051,016 | ---- | M] () -- C:\Programme\Lenovo\Energy Management\HookLib.dll
MOD - [2007.04.30 20:18:50 | 000,112,400 | ---- | M] () -- C:\Programme\Stardock\ObjectDock\DockShellHook.dll
MOD - [2007.04.23 01:19:28 | 000,026,392 | ---- | M] () -- C:\Programme\Stardock\ObjectDock\Docklets\Calendar\Calendar.dll
MOD - [2007.04.21 14:47:52 | 000,059,592 | ---- | M] () -- C:\Programme\Stardock\ObjectDock\zlib.dll
MOD - [2007.04.19 15:23:48 | 000,095,944 | ---- | M] () -- C:\Programme\Stardock\ObjectDock\CrashRpt.dll
MOD - [2002.11.19 15:11:40 | 000,139,264 | ---- | M] () -- C:\Programme\Common Files\Stardock\ODimg.dll
MOD - [2002.03.13 20:46:32 | 000,118,784 | ---- | M] () -- C:\Programme\Stardock\ObjectDock\ODimg.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NVR0Dev.dll -- (ZSMC211)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\igfx.dll -- (zpcache)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\TMBUS.dll -- (zenos1)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pcampr5.dll -- (zendcoreapache)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\procexp111.dll -- (z800mgmt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w810bus.dll -- (yats32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\LVPrcMon.dll -- (XBCD)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dmio.dll -- (wstcodec)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\klblmain.dll -- (wmccdsls)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\FTSER2K.dll -- (winvnc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\savrtpel.dll -- (WinFl32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sfsync02.dll -- (winachsf)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\intelppm.dll -- (WIBUKEY)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\HBtnKey.dll -- (websensewfreportserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\IPSECSHM.dll -- (WaveEnrollmentService)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\atierecord.dll -- (wanatw)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\iPassPeriodicUpdateService.dll -- (w810mdfl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\S7oppilx.dll -- (vsdatant)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tdrpman.dll -- (vmodem)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\VAIOMediaPlatform-VideoServer-HTTP.dll -- (vmnetbridge)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\avg7core.dll -- (viairda)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wpshelper.dll -- (vet-rec)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dnwhodisp.dll -- (vetfddnt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\AEAudioService.dll -- (vc8secs)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\datasvr.dll -- (vaiomediaplatform-videoserver-appserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rdpcdd.dll -- (USRpdA)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pivot.dll -- (USB28xxBGA)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\UimBus.dll -- (USB_NDIS_51)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\adiusbaw.dll -- (UPATC)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\BootScreen.dll -- (UimBus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sysdown.dll -- (tvtnetwk)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\harmony.dll -- (TuneUp.ProgramStatisticsSvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ctdvda2k.dll -- (truecrypt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\emitray.dll -- (tpkmpsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sptisrv.dll -- (tmactmon)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wmdmpmsn.dll -- (tlntsvr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\caboagp.dll -- (TIEHDUSB)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\EL2000.dll -- (tfsnpool)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\procexp90.dll -- (tfsnifs)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rtl8139.dll -- (TcUsb)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nwlnkspx.dll -- (tavsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\starwindservice.dll -- (T6963C)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\STV680m.dll -- (sysmgmthp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WmUsbHid.dll -- (symwsc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\zdeviceservice.dll -- (symidsco)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DSXUSB.dll -- (symc8xx)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\_iomega_active_disk_service_.dll -- (symantecantibotagent)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\StkAMini.dll -- (streamloadservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s125bus.dll -- (streamip)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sweepsrv.sys.dll -- (stirusb)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nim32.dll -- (ssisvr32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rca.dll -- (SSHDRV61)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SunkFilt39.dll -- (srtspx)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CdaD10BA.dll -- (sonytvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sonicstagemonitoring.dll -- (snpstd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\A88xXBar.dll -- (smrt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\crystalinputfileserver.dll -- (smcirda)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SE27mgmt.dll -- (Slpsvdr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Defrag32b.dll -- (slee_81_service)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\usbio.dll -- (slapd-config52)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mouhid.dll -- (sit_mdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\filterservice.dll -- (sfusvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\epson_pm_rpcv2_01.dll -- (se58mdfl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\GVCplDrv.dll -- (se45mdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\osanbm.dll -- (se44bus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hpconfig.dll -- (SE2Bmdfl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rdnaoflsvc.dll -- (se27nd5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ossrv.dll -- (SE27mdfl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\aspi32.dll -- (SE26mgmt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sysenforce.dll -- (scsiaccess)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SiSGbeXP.dll -- (scramby)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SecureStorageService.dll -- (sansaservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nimdbgk.dll -- (sandboxu)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\asapiw2k.dll -- (SABProcEnum)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pnmsrv.dll -- (s217bus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DELL_A02.dll -- (s125bus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\enodpl.dll -- (s117mgmt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dpc_srv_webcast.dll -- (RSAFAL)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\intcazaudaddservice.dll -- (rpsupdaterr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cwafrmiregistry.dll -- (ROOTUSB)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mcp.dll -- (regsrvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\oracledbconsoleorcl.dll -- (qbreminderflash)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cfsvcs.dll -- (pxfhserd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\se44bus.dll -- (pxfhmdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pilogsrv.dll -- (pxfhbus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\backupexecagentbrowser.dll -- (puscsrvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CdaC15BA.dll -- (PTDCMdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\iaimfp1.dll -- (prismxl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\asapiw2k.dll -- (portmapper)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\BVRPMPR5.dll -- (PID_08A0)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rdpwd.dll -- (perc2hib)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NETMDUSB.dll -- (pdscheduler)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Cam5603C.dll -- (pdreli)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\snpstd2.dll -- (pdlnecfg)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\flashcomadmin.dll -- (pdiddcci)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w810mdm.dll -- (passthru)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\LHidFilt.dll -- (oracleorahomeagent)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\aaksrv.dll -- (oracledbconsoleorcl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\omsad.dll -- (ONSIO)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hpdj.dll -- (omniusb)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\webrootenterpriseclientservice.dll -- (OEM02Vfx)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\z800mdm.dll -- (nv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ndiscm.dll -- (ntsyslog)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cdralw2k.dll -- (NSSvcMgr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NETGEAR_MA111.dll -- (npkcrypt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\USB_RNDIS.dll -- (nisum)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s3savagenb.dll -- (NetwareWorkstation)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\com4qlb.dll -- (netw4x32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sermouse.dll -- (netsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\elockservice.dll -- (netmdsb)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tfsndrct.dll -- (netddedsdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\oraclewebassistant.dll -- (Ndismeetro)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\fdc.dll -- (ndassvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vpctcom.dll -- (Ncrc710)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wintabservice.dll -- (naveng)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PTDCMdm.dll -- (mwsejcap)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\webcompserver.dll -- (MSIRCOMM)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\se2Bunic.dll -- (MS1000)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\EPOWER.dll -- (MRESP50a64)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\srescan.dll -- (MRESP50)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\VirtualCam.dll -- (MREMP50a64)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CnxTrLan.dll -- (mraid35x)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\db2remotecmd.dll -- (mpfservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\LKbdFlt2.dll -- (MobilityService)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\symfw.dll -- (MMRTKRNL)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\getPlusHelper.dll -- (mlkkbdntdriver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\akshasp.dll -- (mi-raysat_3dsmax8)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Fd16_700.dll -- (mhn)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\AVWLP_USB.dll -- (mcpromgr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\W55U01.dll -- (McciCMService)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\retrowdsvc.dll -- (lxcc_device)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dptrackerd.dll -- (LVRS)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\BrScnUsb.dll -- (lvprcsrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\eventsystem.dll -- (ltck000c)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tsp.dll -- (lktimesync)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SRVLOC.dll -- (lirsgt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pchost.dll -- (konfig)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\usbsermpt.dll -- (klblmain)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\TMBMServer.dll -- (jconfigd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ssidrv.dll -- (ixiaendpoint)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mcrdsvc.dll -- (iviVD)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rtl8187Se.dll -- (issimon)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\RMSvc.dll -- (ipassconnectengine)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\retroexplauncher.dll -- (intelroam)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ncupdatesvc.dll -- (inport)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\modemcsa.dll -- (inotask)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\netdde.dll -- (imagesrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\FirePM.dll -- (ilicensesvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cmdagent.dll -- (idebusdr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DCFS2K.dll -- (iaimfp3)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\eaps2kbd.dll -- (hwpsgt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\aolservice.dll -- (hsxhwazl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\UpdateCenterService.dll -- (HssSrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\imagedrv.dll -- (HSFHWICH)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pacsptisvr.dll -- (HSFHWALI)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nscirda.dll -- (hdthermal)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\messenger.dll -- (hcf_msft)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DVDRC.dll -- (haspnt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\meiudf.dll -- (genregistrar)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pcscnsrv.dll -- (G400DH)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\usnjsvc.dll -- (fa_scheduler)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dlaudfam.dll -- (evteng)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SNMPTRAP.dll -- (elnkfwppservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\webrootadminconsole.dll -- (eliservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\issimon.dll -- (elbydelay)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\termdd.dll -- (el90xbc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\qcmerced.dll -- (eaps2kbd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Dfs.dll -- (dphost)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CADlink.dll -- (dlbu_device)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hdaudbus.dll -- (dladresn)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cdrbsdrv.dll -- (DKbFltr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\IFP700.dll -- (DevUpper)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CE3.dll -- (datunidr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\TuneUp.Defrag.dll -- (cxlpt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ehrecvr.dll -- (cwafnotesservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\FVXSCSI.dll -- (cwafeventrouter)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NWSAP.dll -- (cvspydr2)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SrvcEPECioctl.dll -- (ctxcpusched)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\redbook.dll -- (cmuda3)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\apphostsvc.dll -- (cdr4_2k)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\C-Dilla.dll -- (cdaudio)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sandboxu.dll -- (CdaD10BA)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\eSettingsService.dll -- (ccproxy)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\winvnc4.dll -- (btaudio)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cachemanxp.dll -- (BrSerIf)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ZDCNDIS5.dll -- (BrScnUsb)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Udfreadr_xp.dll -- (beatjammusicstreamingserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sfvfs02.dll -- (bdfsdrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rsvp.dll -- (bdfdll)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nalntservice.dll -- (BCMModem)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ati2mpaa.dll -- (AVRec)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\owstimer.dll -- (AVCamUSB20)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ssm_mdm.dll -- (ATKGFNEXSrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s7oppitx.dll -- (atirage3)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\usbhub.dll -- (ati2mtaa)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\GTPTSER.dll -- (asp.net)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\irda.dll -- (asc3550)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sgectl.dll -- (as32svc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cdvp.dll -- (areschatserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\fssfltr.dll -- (akshasp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\se2Dunic.dll -- (aeaudio)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WmiAcpi.dll -- (AdfuUd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\adobeactivefilemonitor4.0.dll -- (adfs)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hpci.dll -- ({e2b953a6-195a-44f9-9ba3-3d5f4e32bb55})
SRV - [2012.04.02 17:21:09 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.03.27 22:43:44 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.03.27 20:49:14 | 000,647,680 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.03.18 11:26:08 | 000,172,328 | ---- | M] (TeamViewer GmbH) [On_Demand | Stopped] -- C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2010.02.25 19:40:18 | 001,047,880 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010.02.25 19:37:08 | 000,030,024 | ---- | M] (TuneUp Software) [Disabled | Stopped] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009.07.22 19:56:24 | 000,474,888 | ---- | M] (Motorola, Inc.) [Auto | Running] -- C:\Programme\Motorola\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2009.07.22 19:55:46 | 003,473,672 | ---- | M] (Motorola, Inc.) [On_Demand | Running] -- C:\Programme\Motorola\Bluetooth\devmgrsrv.exe -- (Bluetooth Device Manager)
SRV - [2009.07.22 19:54:30 | 000,709,384 | ---- | M] (Motorola, Inc.) [On_Demand | Stopped] -- C:\Programme\Motorola\Bluetooth\audiosrv.exe -- (Bluetooth Media Service)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.04.29 22:54:44 | 000,537,520 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\System32\lxcgcoms.exe -- (lxcg_device)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nlndis.sys -- (NLNdisPT)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nlndis.sys -- (NLNdisMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\******\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\******\AppData\Local\Temp\aswArKrn.sys -- (aswArKrn)
DRV - [2012.04.02 16:02:53 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012.03.07 01:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.03.07 01:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.03.07 01:02:14 | 000,044,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012.03.07 01:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.03.07 01:01:48 | 000,057,688 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.03.07 01:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010.11.27 14:42:15 | 000,038,976 | ---- | M] (microOLAP Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\pssdk42.sys -- (PSSDK42)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.01.20 06:14:42 | 000,023,136 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV - [2009.10.14 08:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.08.10 18:24:46 | 001,759,744 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2009.07.27 09:06:44 | 000,051,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
DRV - [2009.07.13 15:01:42 | 000,516,608 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btmusb.sys -- (BTMUSB)
DRV - [2009.07.09 18:13:30 | 000,040,448 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btmcom.sys -- (BTMCOM)
DRV - [2009.06.24 04:59:10 | 000,167,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009.05.26 13:12:36 | 000,122,368 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV - [2008.01.14 12:06:32 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ManyCam.sys -- (ManyCam)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1416301568-2198918287-4027682294-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1416301568-2198918287-4027682294-1000\..\SearchScopes,DefaultScope = {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
IE - HKU\S-1-5-21-1416301568-2198918287-4027682294-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1416301568-2198918287-4027682294-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=MYC&o=&src=crm&q={searchTerms}&locale=
IE - HKU\S-1-5-21-1416301568-2198918287-4027682294-1000\..\SearchScopes\{E06F3368-EFB7-4FE6-B75A-58707FD1E9CC}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=382950&p={searchTerms}
IE - HKU\S-1-5-21-1416301568-2198918287-4027682294-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1416301568-2198918287-4027682294-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =  localhost
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=382950"
FF - prefs.js..browser.search.selectedEngine: "Wikipedia (de)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5
FF - prefs.js..extensions.enabledItems: coc@ble.pl:2.2.0.3.7
FF - prefs.js..extensions.enabledItems: stop-reload@design-noir.de:1.2
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p="
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\******\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\******\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.04.07 00:07:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.03.29 12:07:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.11.01 21:44:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.0.7\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.11.01 21:44:40 | 000,000,000 | ---D | M]
 
[2010.03.28 00:41:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\******\AppData\Roaming\mozilla\Extensions
[2010.03.28 00:41:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\******\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.04.02 14:08:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\57j1ug5t.default\extensions
[2011.07.18 16:26:54 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\57j1ug5t.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.12.04 13:02:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\6dneuuzx.default\extensions
[2010.12.04 13:02:13 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\6dneuuzx.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.03.27 21:50:33 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\6dneuuzx.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.03.27 21:49:01 | 000,000,000 | ---D | M] (Yoono) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\6dneuuzx.default\extensions\{d9284e50-81fc-11da-a72b-0800200c9a66}
[2010.03.27 21:49:01 | 000,000,000 | ---D | M] (Glasser) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\6dneuuzx.default\extensions\glasser@sixxgate.com
[2010.03.27 21:57:30 | 000,000,000 | ---D | M] (Strata RELOADED) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\6dneuuzx.default\extensions\stratareloaded@addons.mozilla.org
[2010.03.27 21:57:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\6dneuuzx.default\extensions\stratareloaded@addons.mozilla.org\chrome\3.0x\mozapps\extensions
[2010.03.27 21:57:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\6dneuuzx.default\extensions\stratareloaded@addons.mozilla.org\chrome\3.5x\mozapps\extensions
[2010.03.27 21:57:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\6dneuuzx.default\extensions\stratareloaded@addons.mozilla.org\chrome\3.6x\mozapps\extensions
[2010.03.27 21:57:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\6dneuuzx.default\extensions\stratareloaded@addons.mozilla.org\chrome\3.7x\mozapps\extensions
[2011.02.06 14:02:29 | 000,002,093 | ---- | M] () -- C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\57j1ug5t.default\searchplugins\pcgh-preisvergleich.xml
[2011.12.11 18:57:50 | 000,003,915 | ---- | M] () -- C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\57j1ug5t.default\searchplugins\sweetim.xml
[2012.04.07 00:19:17 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.04.07 00:19:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012.04.07 00:07:14 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
() (No name found) -- C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\57J1UG5T.DEFAULT\EXTENSIONS\{A7C6CF7F-112C-4500-A7EA-39801A327E5F}.XPI
() (No name found) -- C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\57J1UG5T.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012.03.29 12:07:38 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.04.07 00:19:06 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009.09.11 15:56:28 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2011.02.15 13:49:44 | 000,167,704 | ---- | M] (Tracker Software Products Ltd.) -- C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
[2012.02.15 20:36:31 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.15 20:36:31 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.02.15 20:36:31 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.15 20:36:31 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.15 20:36:31 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.15 20:36:31 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: SweetIM Search (Enabled)
CHR - default_search_provider: search_url = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={3F618B6C-2419-11E1-A630-001F162DB44D}
CHR - default_search_provider: suggest_url = 
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\******\AppData\Local\Google\Chrome\Application\16.0.912.75\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Users\******\AppData\Local\Google\Chrome\Application\16.0.912.75\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\******\AppData\Local\Google\Chrome\Application\16.0.912.75\gcswf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\******\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
 
O1 HOSTS File: ([2012.04.06 20:14:02 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (&NetWorx Desk Band) - {FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - C:\Programme\NetWorx\deskband.dll (SoftPerfect Research)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Energy Management] C:\Programme\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4 - HKLM..\Run: [EnergyUtility] C:\Programme\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4 - HKLM..\Run: [LXCGCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXCGtime.DLL ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NetWorx] C:\Program Files\NetWorx\networx.exe (SoftPerfect Research)
O4 - Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Programme\Stardock\ObjectDock\ObjectDock.exe (Stardock)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1416301568-2198918287-4027682294-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1416301568-2198918287-4027682294-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\S-1-5-21-1416301568-2198918287-4027682294-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Web-Suche - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EAE8C566-DA40-40C0-8551-A21E7A8A98D3}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)
NetSvcs: WmdmPmSp -  File not found
NetSvcs: atmeltpm -  File not found
NetSvcs: WinVd32 -  File not found
NetSvcs: s217bus - %systemroot%\system32\pnmsrv.dll File not found
NetSvcs: stirusb - %systemroot%\system32\sweepsrv.sys.dll File not found
NetSvcs: Slpsvdr - %systemroot%\system32\SE27mgmt.dll File not found
NetSvcs: TuneUp.ProgramStatisticsSvc - %systemroot%\system32\harmony.dll File not found
NetSvcs: HSFHWICH - %systemroot%\system32\imagedrv.dll File not found
NetSvcs: ipassconnectengine - %systemroot%\system32\RMSvc.dll File not found
NetSvcs: qbreminderflash - %systemroot%\system32\oracledbconsoleorcl.dll File not found
NetSvcs: hdthermal - %systemroot%\system32\nscirda.dll File not found
NetSvcs: sansaservice - %systemroot%\system32\SecureStorageService.dll File not found
NetSvcs: tavsvc - %systemroot%\system32\nwlnkspx.dll File not found
NetSvcs: bdfdll - %systemroot%\system32\rsvp.dll File not found
NetSvcs: vmodem - %systemroot%\system32\tdrpman.dll File not found
NetSvcs: snpstd - %systemroot%\system32\sonicstagemonitoring.dll File not found
NetSvcs: USB28xxBGA - %systemroot%\system32\pivot.dll File not found
NetSvcs: passthru - %systemroot%\system32\w810mdm.dll File not found
NetSvcs: hwpsgt - %systemroot%\system32\eaps2kbd.dll File not found
NetSvcs: symantecantibotagent - %systemroot%\system32\_iomega_active_disk_service_.dll File not found
NetSvcs: pdiddcci - %systemroot%\system32\flashcomadmin.dll File not found
NetSvcs: MSIRCOMM - %systemroot%\system32\webcompserver.dll File not found
NetSvcs: jconfigd - %systemroot%\system32\TMBMServer.dll File not found
NetSvcs: MMRTKRNL - %systemroot%\system32\symfw.dll File not found
NetSvcs: pxfhmdm - %systemroot%\system32\se44bus.dll File not found
NetSvcs: akshasp - %systemroot%\system32\fssfltr.dll File not found
NetSvcs: winachsf - %systemroot%\system32\sfsync02.dll File not found
NetSvcs: wstcodec - %systemroot%\system32\dmio.dll File not found
NetSvcs: issimon - %systemroot%\system32\rtl8187Se.dll File not found
NetSvcs: ntsyslog - %systemroot%\system32\ndiscm.dll File not found
NetSvcs: smcirda - %systemroot%\system32\crystalinputfileserver.dll File not found
NetSvcs: vaiomediaplatform-videoserver-appserver - %systemroot%\system32\datasvr.dll File not found
NetSvcs: UimBus - %systemroot%\system32\BootScreen.dll File not found
NetSvcs: ilicensesvc - %systemroot%\system32\FirePM.dll File not found
NetSvcs: zenos1 - %systemroot%\system32\TMBUS.dll File not found
NetSvcs: slee_81_service - %systemroot%\system32\Defrag32b.dll File not found
NetSvcs: sonytvc - %systemroot%\system32\CdaD10BA.dll File not found
NetSvcs: lvprcsrv - %systemroot%\system32\BrScnUsb.dll File not found
NetSvcs: atirage3 - %systemroot%\system32\s7oppitx.dll File not found
NetSvcs: WaveEnrollmentService - %systemroot%\system32\IPSECSHM.dll File not found
NetSvcs: RSAFAL - %systemroot%\system32\dpc_srv_webcast.dll File not found
NetSvcs: AVRec - %systemroot%\system32\ati2mpaa.dll File not found
NetSvcs: mwsejcap - %systemroot%\system32\PTDCMdm.dll File not found
NetSvcs: cdr4_2k - %systemroot%\system32\apphostsvc.dll File not found
NetSvcs: pxfhserd - %systemroot%\system32\cfsvcs.dll File not found
NetSvcs: nv - %systemroot%\system32\z800mdm.dll File not found
NetSvcs: bdfsdrv - %systemroot%\system32\sfvfs02.dll File not found
NetSvcs: evteng - %systemroot%\system32\dlaudfam.dll File not found
NetSvcs: truecrypt - %systemroot%\system32\ctdvda2k.dll File not found
NetSvcs: mraid35x - %systemroot%\system32\CnxTrLan.dll File not found
NetSvcs: sit_mdm - %systemroot%\system32\mouhid.dll File not found
NetSvcs: eliservice - %systemroot%\system32\webrootadminconsole.dll File not found
NetSvcs: hsxhwazl - %systemroot%\system32\aolservice.dll File not found
NetSvcs: OEM02Vfx - %systemroot%\system32\webrootenterpriseclientservice.dll File not found
NetSvcs: streamloadservice - %systemroot%\system32\StkAMini.dll File not found
NetSvcs: netmdsb - %systemroot%\system32\elockservice.dll File not found
NetSvcs: mcpromgr - %systemroot%\system32\AVWLP_USB.dll File not found
NetSvcs: as32svc - %systemroot%\system32\sgectl.dll File not found
NetSvcs: cdaudio - %systemroot%\system32\C-Dilla.dll File not found
NetSvcs: ssisvr32 - %systemroot%\system32\nim32.dll File not found
NetSvcs: pxfhbus - %systemroot%\system32\pilogsrv.dll File not found
NetSvcs: omniusb - %systemroot%\system32\hpdj.dll File not found
NetSvcs: USRpdA - %systemroot%\system32\rdpcdd.dll File not found
NetSvcs: ctxcpusched - %systemroot%\system32\SrvcEPECioctl.dll File not found
NetSvcs: sfusvc - %systemroot%\system32\filterservice.dll File not found
NetSvcs: TIEHDUSB - %systemroot%\system32\caboagp.dll File not found
NetSvcs: pdlnecfg - %systemroot%\system32\snpstd2.dll File not found
NetSvcs: scsiaccess - %systemroot%\system32\sysenforce.dll File not found
NetSvcs: dphost - %systemroot%\system32\Dfs.dll File not found
NetSvcs: Ndismeetro - %systemroot%\system32\oraclewebassistant.dll File not found
NetSvcs: dlbu_device - %systemroot%\system32\CADlink.dll File not found
NetSvcs: rpsupdaterr - %systemroot%\system32\intcazaudaddservice.dll File not found
NetSvcs: ZSMC211 - %systemroot%\system32\NVR0Dev.dll File not found
NetSvcs: oracleorahomeagent - %systemroot%\system32\LHidFilt.dll File not found
NetSvcs: cxlpt - %systemroot%\system32\TuneUp.Defrag.dll File not found
NetSvcs: HSFHWALI - %systemroot%\system32\pacsptisvr.dll File not found
NetSvcs: scramby - %systemroot%\system32\SiSGbeXP.dll File not found
NetSvcs: zpcache - %systemroot%\system32\igfx.dll File not found
NetSvcs: inotask - %systemroot%\system32\modemcsa.dll File not found
NetSvcs: tpkmpsvc - %systemroot%\system32\emitray.dll File not found
NetSvcs: vmnetbridge - %systemroot%\system32\VAIOMediaPlatform-VideoServer-HTTP.dll File not found
NetSvcs: AVCamUSB20 - %systemroot%\system32\owstimer.dll File not found
NetSvcs: areschatserver - %systemroot%\system32\cdvp.dll File not found
NetSvcs: HssSrv - %systemroot%\system32\UpdateCenterService.dll File not found
NetSvcs: idebusdr - %systemroot%\system32\cmdagent.dll File not found
NetSvcs: el90xbc - %systemroot%\system32\termdd.dll File not found
NetSvcs: sysmgmthp - %systemroot%\system32\STV680m.dll File not found
NetSvcs: lktimesync - %systemroot%\system32\tsp.dll File not found
NetSvcs: BrSerIf - %systemroot%\system32\cachemanxp.dll File not found
NetSvcs: T6963C - %systemroot%\system32\starwindservice.dll File not found
NetSvcs: w810mdfl - %systemroot%\system32\iPassPeriodicUpdateService.dll File not found
NetSvcs: mhn - %systemroot%\system32\Fd16_700.dll File not found
NetSvcs: intelroam - %systemroot%\system32\retroexplauncher.dll File not found
NetSvcs: srtspx - %systemroot%\system32\SunkFilt39.dll File not found
NetSvcs: PID_08A0 - %systemroot%\system32\BVRPMPR5.dll File not found
NetSvcs: cwafnotesservice - %systemroot%\system32\ehrecvr.dll File not found
NetSvcs: winvnc - %systemroot%\system32\FTSER2K.dll File not found
NetSvcs: cmuda3 - %systemroot%\system32\redbook.dll File not found
NetSvcs: perc2hib - %systemroot%\system32\rdpwd.dll File not found
NetSvcs: DKbFltr - %systemroot%\system32\cdrbsdrv.dll File not found
NetSvcs: se45mdm - %systemroot%\system32\GVCplDrv.dll File not found
NetSvcs: hcf_msft - %systemroot%\system32\messenger.dll File not found
NetSvcs: cpsvc -  File not found
NetSvcs: tfsnpool - %systemroot%\system32\EL2000.dll File not found
NetSvcs: SABProcEnum - %systemroot%\system32\asapiw2k.dll File not found
NetSvcs: WIBUKEY - %systemroot%\system32\intelppm.dll File not found
NetSvcs: se58mdfl - %systemroot%\system32\epson_pm_rpcv2_01.dll File not found
NetSvcs: DivisCTS -  File not found
NetSvcs: USB11LDR -  File not found
NetSvcs: ScFBPNT2 -  File not found
NetSvcs: BootScreen -  File not found
NetSvcs: mctskshd.exe -  File not found
NetSvcs: dlartl_n -  File not found
NetSvcs: tfsncofs -  File not found
NetSvcs: SymIMMP -  File not found
NetSvcs: avcgbdr -  File not found
NetSvcs: iaimfp3 - %systemroot%\system32\DCFS2K.dll File not found
NetSvcs: int15 -  File not found
NetSvcs: oracledbconsoleorcl - %systemroot%\system32\aaksrv.dll File not found
NetSvcs: elnkfwppservice - %systemroot%\system32\SNMPTRAP.dll File not found
NetSvcs: ipahelper.exe -  File not found
NetSvcs: SE26mgmt - %systemroot%\system32\aspi32.dll File not found
NetSvcs: XBCD - %systemroot%\system32\LVPrcMon.dll File not found
NetSvcs: yats32 - %systemroot%\system32\w810bus.dll File not found
NetSvcs: ccproxy - %systemroot%\system32\eSettingsService.dll File not found
NetSvcs: se27nd5 - %systemroot%\system32\rdnaoflsvc.dll File not found
NetSvcs: netsvc - %systemroot%\system32\sermouse.dll File not found
NetSvcs: SSHDRV61 - %systemroot%\system32\rca.dll File not found
NetSvcs: MREMP50a64 - %systemroot%\system32\VirtualCam.dll File not found
NetSvcs: viairda - %systemroot%\system32\avg7core.dll File not found
NetSvcs: btaudio - %systemroot%\system32\winvnc4.dll File not found
NetSvcs: naveng - %systemroot%\system32\wintabservice.dll File not found
NetSvcs: npkcrypt - %systemroot%\system32\NETGEAR_MA111.dll File not found
NetSvcs: ati2mtaa - %systemroot%\system32\usbhub.dll File not found
NetSvcs: inport - %systemroot%\system32\ncupdatesvc.dll File not found
NetSvcs: prismxl - %systemroot%\system32\iaimfp1.dll File not found
NetSvcs: tmactmon - %systemroot%\system32\sptisrv.dll File not found
NetSvcs: symwsc - %systemroot%\system32\WmUsbHid.dll File not found
NetSvcs: SE2Bmdfl - %systemroot%\system32\hpconfig.dll File not found
NetSvcs: ATKGFNEXSrv - %systemroot%\system32\ssm_mdm.dll File not found
NetSvcs: ONSIO - %systemroot%\system32\omsad.dll File not found
NetSvcs: asp.net - %systemroot%\system32\GTPTSER.dll File not found
NetSvcs: z800mgmt - %systemroot%\system32\procexp111.dll File not found
NetSvcs: asc3550 - %systemroot%\system32\irda.dll File not found
NetSvcs: adfs - %systemroot%\system32\adobeactivefilemonitor4.0.dll File not found
NetSvcs: ndassvc - %systemroot%\system32\fdc.dll File not found
NetSvcs: NSSvcMgr - %systemroot%\system32\cdralw2k.dll File not found
NetSvcs: TcUsb - %systemroot%\system32\rtl8139.dll File not found
NetSvcs: USB_NDIS_51 - %systemroot%\system32\UimBus.dll File not found
NetSvcs: pdreli - %systemroot%\system32\Cam5603C.dll File not found
NetSvcs: MRESP50a64 - %systemroot%\system32\EPOWER.dll File not found
NetSvcs: iviVD - %systemroot%\system32\mcrdsvc.dll File not found
NetSvcs: UPATC - %systemroot%\system32\adiusbaw.dll File not found
NetSvcs: zendcoreapache - %systemroot%\system32\pcampr5.dll File not found
NetSvcs: websensewfreportserver - %systemroot%\system32\HBtnKey.dll File not found
NetSvcs: MRESP50 - %systemroot%\system32\srescan.dll File not found
NetSvcs: vsdatant - %systemroot%\system32\S7oppilx.dll File not found
NetSvcs: portmapper - %systemroot%\system32\asapiw2k.dll File not found
NetSvcs: slapd-config52 - %systemroot%\system32\usbio.dll File not found
NetSvcs: vet-rec - %systemroot%\system32\wpshelper.dll File not found
NetSvcs: smrt - %systemroot%\system32\A88xXBar.dll File not found
NetSvcs: cwafeventrouter - %systemroot%\system32\FVXSCSI.dll File not found
NetSvcs: {e2b953a6-195a-44f9-9ba3-3d5f4e32bb55} - %systemroot%\system32\hpci.dll File not found
NetSvcs: eaps2kbd - %systemroot%\system32\qcmerced.dll File not found
NetSvcs: streamip - %systemroot%\system32\s125bus.dll File not found
NetSvcs: s117mgmt - %systemroot%\system32\enodpl.dll File not found
NetSvcs: puscsrvc - %systemroot%\system32\backupexecagentbrowser.dll File not found
NetSvcs: lirsgt - %systemroot%\system32\SRVLOC.dll File not found
NetSvcs: mi-raysat_3dsmax8 - %systemroot%\system32\akshasp.dll File not found
NetSvcs: datunidr - %systemroot%\system32\CE3.dll File not found
NetSvcs: nisum - %systemroot%\system32\USB_RNDIS.dll File not found
NetSvcs: CdaD10BA - %systemroot%\system32\sandboxu.dll File not found
NetSvcs: mlkkbdntdriver - %systemroot%\system32\getPlusHelper.dll File not found
NetSvcs: netddedsdm - %systemroot%\system32\tfsndrct.dll File not found
NetSvcs: netw4x32 - %systemroot%\system32\com4qlb.dll File not found
NetSvcs: s125bus - %systemroot%\system32\DELL_A02.dll File not found
NetSvcs: tfsnifs - %systemroot%\system32\procexp90.dll File not found
NetSvcs: ixiaendpoint - %systemroot%\system32\ssidrv.dll File not found
NetSvcs: dladresn - %systemroot%\system32\hdaudbus.dll File not found
NetSvcs: se44bus - %systemroot%\system32\osanbm.dll File not found
NetSvcs: G400DH - %systemroot%\system32\pcscnsrv.dll File not found
NetSvcs: beatjammusicstreamingserver - %systemroot%\system32\Udfreadr_xp.dll File not found
NetSvcs: symidsco - %systemroot%\system32\zdeviceservice.dll File not found
NetSvcs: imagesrv - %systemroot%\system32\netdde.dll File not found
NetSvcs: MobilityService - %systemroot%\system32\LKbdFlt2.dll File not found
NetSvcs: cvspydr2 - %systemroot%\system32\NWSAP.dll File not found
NetSvcs: WinFl32 - %systemroot%\system32\savrtpel.dll File not found
NetSvcs: klblmain - %systemroot%\system32\usbsermpt.dll File not found
NetSvcs: lxcc_device - %systemroot%\system32\retrowdsvc.dll File not found
NetSvcs: regsrvc - %systemroot%\system32\mcp.dll File not found
NetSvcs: ROOTUSB - %systemroot%\system32\cwafrmiregistry.dll File not found
NetSvcs: tlntsvr - %systemroot%\system32\wmdmpmsn.dll File not found
NetSvcs: AdfuUd - %systemroot%\system32\WmiAcpi.dll File not found
NetSvcs: pdscheduler - %systemroot%\system32\NETMDUSB.dll File not found
NetSvcs: symc8xx - %systemroot%\system32\DSXUSB.dll File not found
NetSvcs: fa_scheduler - %systemroot%\system32\usnjsvc.dll File not found
NetSvcs: SE27mdfl - %systemroot%\system32\ossrv.dll File not found
NetSvcs: BrScnUsb - %systemroot%\system32\ZDCNDIS5.dll File not found
NetSvcs: ltck000c - %systemroot%\system32\eventsystem.dll File not found
NetSvcs: mpfservice - %systemroot%\system32\db2remotecmd.dll File not found
NetSvcs: wmccdsls - %systemroot%\system32\klblmain.dll File not found
NetSvcs: Ncrc710 - %systemroot%\system32\vpctcom.dll File not found
NetSvcs: vetfddnt - %systemroot%\system32\dnwhodisp.dll File not found
NetSvcs: haspnt - %systemroot%\system32\DVDRC.dll File not found
NetSvcs: vc8secs - %systemroot%\system32\AEAudioService.dll File not found
NetSvcs: elbydelay - %systemroot%\system32\issimon.dll File not found
NetSvcs: konfig - %systemroot%\system32\pchost.dll File not found
NetSvcs: genregistrar - %systemroot%\system32\meiudf.dll File not found
NetSvcs: MS1000 - %systemroot%\system32\se2Bunic.dll File not found
NetSvcs: wanatw - %systemroot%\system32\atierecord.dll File not found
NetSvcs: DevUpper - %systemroot%\system32\IFP700.dll File not found
NetSvcs: BCMModem - %systemroot%\system32\nalntservice.dll File not found
NetSvcs: McciCMService - %systemroot%\system32\W55U01.dll File not found
NetSvcs: NetwareWorkstation - %systemroot%\system32\s3savagenb.dll File not found
NetSvcs: LVRS - %systemroot%\system32\dptrackerd.dll File not found
NetSvcs: tvtnetwk - %systemroot%\system32\sysdown.dll File not found
NetSvcs: PTDCMdm - %systemroot%\system32\CdaC15BA.dll File not found
NetSvcs: aeaudio - %systemroot%\system32\se2Dunic.dll File not found
NetSvcs: update -  File not found
NetSvcs: sandboxu - %systemroot%\system32\nimdbgk.dll File not found
NetSvcs: SeratoUsb -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig - StartUpReg: BTMTrayAgent - hkey= - key= -  File not found
MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MsConfig - StartUpReg: EA Core - hkey= - key= - C:\Program Files\Electronic Arts\EADM\Core.exe (Electronic Arts)
MsConfig - StartUpReg: EzPrint - hkey= - key= - C:\Program Files\Lexmark 2300 Series\ezprint.exe (Lexmark International Inc.)
MsConfig - StartUpReg: HotKeysCmds - hkey= - key= -  File not found
MsConfig - StartUpReg: IgfxTray - hkey= - key= -  File not found
MsConfig - StartUpReg: IndicatorListener - hkey= - key= -  File not found
MsConfig - StartUpReg: lxcgmon.exe - hkey= - key= - C:\Program Files\Lexmark 2300 Series\lxcgmon.exe (Lexmark International, Inc.)
MsConfig - StartUpReg: Malwarebytes' Anti-Malware - hkey= - key= - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
MsConfig - StartUpReg: ManyCam - hkey= - key= - C:\Program Files\ManyCam 2.4\ManyCam.exe (ManyCam LLC)
MsConfig - StartUpReg: Persistence - hkey= - key= -  File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - State: "bootini" - 2
MsConfig - State: "startup" - 2
 
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {1B14700B-466C-D0D1-3853-0943CCBAD9F5} - Microsoft Windows Media Player
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {97A80FE8-5719-9711-8EBE-1A1A3C25B0A9} - Microsoft Windows Media Player 12.0
ActiveX: {A7C79BD4-81EF-9E33-173B-6EA5C385CEE7} - Java (Sun)
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.i420 - C:\Windows\System32\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.yv12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.04.07 08:49:58 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\******\Desktop\OTL.exe
[2012.04.07 00:19:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.04.07 00:07:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012.04.07 00:07:32 | 000,337,880 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012.04.07 00:07:32 | 000,020,696 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012.04.07 00:07:29 | 000,044,376 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2012.04.07 00:07:28 | 000,053,848 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012.04.07 00:07:26 | 000,612,184 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012.04.07 00:07:24 | 000,057,688 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012.04.07 00:07:03 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.04.07 00:07:02 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012.04.07 00:06:46 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012.04.07 00:06:46 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012.04.06 22:56:33 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.04.06 20:14:08 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012.04.06 20:12:29 | 000,000,000 | ---D | C] -- C:\Users\******\AppData\Local\temp
[2012.04.06 11:10:39 | 000,000,000 | ---D | C] -- C:\.Trash-999
[2012.04.06 11:02:04 | 004,450,553 | R--- | C] (Swearware) -- C:\Users\******\Desktop\ComboFix.exe
[2012.04.06 09:34:49 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.04.06 09:34:49 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.04.06 09:34:49 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.04.06 09:29:47 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012.04.06 09:25:21 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.04.02 16:08:52 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.04.02 16:02:05 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012.04.02 15:27:58 | 000,000,000 | ---D | C] -- C:\Program Files\YTDownloader
[2012.04.02 15:16:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012.04.02 13:19:12 | 000,000,000 | ---D | C] -- C:\Users\******\AppData\Roaming\Malwarebytes
[2012.04.02 13:19:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.04.02 13:19:06 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.04.02 13:19:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.04.02 13:19:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.04.02 12:53:29 | 000,000,000 | ---D | C] -- C:\Users\******\Desktop\DUDEN Korrektor 8 MO
[2012.04.02 12:53:19 | 000,000,000 | ---D | C] -- C:\Users\******\Desktop\DUDEN Korrektor 8 LO
[2012.03.29 14:00:34 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2012.03.13 16:08:10 | 000,000,000 | ---D | C] -- C:\Users\******\Desktop\Uni
 
========== Files - Modified Within 30 Days ==========
 
[2012.04.07 08:52:55 | 000,014,752 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.07 08:52:55 | 000,014,752 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.07 08:50:19 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.04.07 08:50:19 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.04.07 08:50:19 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.04.07 08:50:19 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.04.07 08:45:14 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.04.07 08:45:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.07 08:44:57 | 2361,569,280 | -HS- | M] () -- C:\hiberfil.sys
[2012.04.07 00:15:01 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1416301568-2198918287-4027682294-1000UA.job
[2012.04.07 00:07:24 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.04.06 20:14:02 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012.04.06 08:59:53 | 004,450,553 | R--- | M] (Swearware) -- C:\Users\******\Desktop\ComboFix.exe
[2012.04.02 16:02:53 | 000,218,688 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2012.04.02 15:49:42 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\******\Desktop\OTL.exe
[2012.04.02 15:28:56 | 000,001,445 | ---- | M] () -- C:\Users\******\Desktop\YouTube Downloader and Converter.lnk
[2012.04.02 15:16:39 | 000,001,028 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.04.02 13:19:07 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.04.02 12:19:54 | 211,771,392 | ---- | M] () -- C:\Users\******\Desktop\LibO_3.5.1_Win_x86_install_multi.msi
[2012.04.02 12:12:57 | 000,328,408 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.03.27 08:15:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1416301568-2198918287-4027682294-1000Core.job
 
========== Files Created - No Company Name ==========
 
[2012.04.06 09:34:49 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.04.06 09:34:49 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.04.06 09:34:49 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.04.06 09:34:49 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.04.06 09:34:49 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.04.02 17:21:12 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.04.02 15:28:56 | 000,001,445 | ---- | C] () -- C:\Users\******\Desktop\YouTube Downloader and Converter.lnk
[2012.04.02 15:16:39 | 000,001,028 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.04.02 13:19:07 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.04.02 12:53:24 | 1275,133,952 | ---- | C] () -- C:\Users\******\Desktop\MadmaxO1086SP1.iso
[2012.04.02 12:53:07 | 211,771,392 | ---- | C] () -- C:\Users\******\Desktop\LibO_3.5.1_Win_x86_install_multi.msi
[2012.03.13 16:07:51 | 127,520,431 | ---- | C] () -- C:\Users\******\Desktop\Histo Präparate.pdf
[2011.12.17 19:37:12 | 000,265,209 | ---- | C] () -- C:\Users\******\AppData\Roaming\UserTile.png
[2011.12.11 19:01:16 | 000,032,256 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2011.10.30 17:10:25 | 000,000,038 | ---- | C] () -- C:\Windows\Progs_.ini
[2011.05.29 09:18:55 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.02.11 18:40:40 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2010.07.28 21:01:14 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2010.07.28 21:01:12 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010.07.28 21:01:10 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2010.04.10 19:32:46 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxcgserv.dll
[2010.04.10 19:32:46 | 000,995,328 | ---- | C] ( ) -- C:\Windows\System32\lxcgusb1.dll
[2010.04.10 19:32:46 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxcgpmui.dll
[2010.04.10 19:32:46 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxcginpa.dll
[2010.04.10 19:32:46 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxcgiesc.dll
[2010.04.10 19:32:46 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\lxcghcp.dll
[2010.04.10 19:32:46 | 000,274,432 | ---- | C] () -- C:\Windows\System32\lxcginst.dll
[2010.04.10 19:32:46 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxcgprox.dll
[2010.04.10 19:32:46 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxcgpplc.dll
[2010.04.10 19:32:45 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxcghbn3.dll
[2010.04.10 19:32:45 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxcgcomc.dll
[2010.04.10 19:32:45 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxcglmpm.dll
[2010.04.10 19:32:45 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxcgcoms.exe
[2010.04.10 19:32:45 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxcgcomm.dll
[2010.04.10 19:32:45 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxcgih.exe
[2010.04.10 19:32:44 | 000,381,872 | ---- | C] ( ) -- C:\Windows\System32\lxcgcfg.exe
 
========== LOP Check ==========
 
[2010.10.30 13:12:46 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Auslogics
[2011.12.04 21:02:21 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\calibre
[2012.04.02 16:12:16 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\DAEMON Tools Lite
[2012.03.21 09:48:11 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\foobar2000
[2010.11.27 14:39:14 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Foxit Software
[2010.03.29 20:29:53 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\InfraRecorder
[2011.03.08 14:27:20 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\LibreOffice
[2010.04.18 17:01:30 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\ManyCam
[2011.05.21 13:41:29 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\MyPhoneExplorer
[2010.10.12 11:02:25 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\QIP
[2010.11.25 17:38:56 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\ratiopharm
[2011.02.01 21:00:55 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\SecondLife
[2011.01.31 12:46:35 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\TeamViewer
[2010.03.27 22:41:48 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\TuneUp Software
[2011.06.12 00:15:00 | 000,000,360 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2011.06.12 00:15:00 | 000,000,360 | ---- | M] () -- C:\Windows\Tasks\At2.job
[2012.03.09 09:08:55 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.03.27 21:52:46 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Adobe
[2011.12.18 12:09:04 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Apple Computer
[2010.10.30 13:12:46 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Auslogics
[2011.12.04 21:02:21 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\calibre
[2012.04.02 16:12:16 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\DAEMON Tools Lite
[2010.10.27 14:40:05 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\DivX
[2012.03.21 09:48:11 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\foobar2000
[2010.11.27 14:39:14 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Foxit Software
[2010.04.03 20:05:54 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\HP
[2010.03.27 20:38:40 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Identities
[2010.03.29 20:29:53 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\InfraRecorder
[2010.03.27 20:45:53 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\InstallShield
[2011.03.08 14:27:20 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\LibreOffice
[2010.03.27 21:52:46 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Macromedia
[2012.04.02 13:19:12 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Malwarebytes
[2010.04.18 17:01:30 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\ManyCam
[2009.07.14 10:56:56 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Media Center Programs
[2012.04.02 16:12:16 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Media Player Classic
[2012.01.18 11:28:40 | 000,000,000 | --SD | M] -- C:\Users\******\AppData\Roaming\Microsoft
[2010.03.27 21:45:10 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Mozilla
[2011.05.21 13:41:29 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\MyPhoneExplorer
[2010.10.12 11:02:25 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\QIP
[2010.11.25 17:38:56 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\ratiopharm
[2011.02.01 21:00:55 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\SecondLife
[2012.03.11 19:46:15 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Skype
[2012.03.11 17:02:27 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\skypePM
[2011.01.31 12:46:35 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\TeamViewer
[2010.03.27 22:41:48 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\TuneUp Software
[2012.04.02 15:15:07 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\vlc
[2010.03.27 22:22:19 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2011.02.05 12:18:21 | 000,010,134 | R--- | M] () -- C:\Users\******\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\ERDNT\cache\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\ERDNT\cache\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\ERDNT\cache\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\drivers\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\ERDNT\cache\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\drivers\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\ERDNT\cache\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\ERDNT\cache\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\ERDNT\cache\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\ERDNT\cache\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\ERDNT\cache\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >

< End of report >

cosinus · 07.04.2012, 17:51

Auch da macht sich das "defekte" Netsvc im Log bemerkbar. Sonst ist das Log aber ok.

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C

nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

dumdididum · 07.04.2012, 18:03

Hm, bei meiner Recherche hab ich das
hxxp://www.hijackthis-forum.de/hijackthis-logfiles/58012-habe-trojaner-u-ae-auf-meinem-pc-brauche-hilfe-3.html#post389407
gefunden, kann es aber nicht auf meinen Fall übertragen

TDSSKiller:

Code:

ATTFilter

18:53:37.0799 3104	TDSS rootkit removing tool 2.7.26.0 Apr  4 2012 19:52:02
18:53:37.0971 3104	============================================================
18:53:37.0971 3104	Current date / time: 2012/04/07 18:53:37.0971
18:53:37.0971 3104	SystemInfo:
18:53:37.0971 3104	
18:53:37.0971 3104	OS Version: 6.1.7601 ServicePack: 1.0
18:53:37.0971 3104	Product type: Workstation
18:53:37.0971 3104	ComputerName: ALAPEX
18:53:37.0971 3104	UserName: ******
18:53:37.0971 3104	Windows directory: C:\Windows
18:53:37.0971 3104	System windows directory: C:\Windows
18:53:37.0971 3104	Processor architecture: Intel x86
18:53:37.0971 3104	Number of processors: 2
18:53:37.0971 3104	Page size: 0x1000
18:53:37.0971 3104	Boot type: Normal boot
18:53:37.0971 3104	============================================================
18:53:41.0122 3104	Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:53:41.0122 3104	\Device\Harddisk0\DR0:
18:53:41.0122 3104	MBR used
18:53:41.0122 3104	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:53:41.0122 3104	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x22C73800
18:53:41.0153 3104	\Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x22CAA46E, BlocksNum 0xA0124D
18:53:41.0231 3104	Initialize success
18:53:41.0231 3104	============================================================
18:53:57.0377 2444	============================================================
18:53:57.0377 2444	Scan started
18:53:57.0377 2444	Mode: Manual; SigCheck; TDLFS; 
18:53:57.0377 2444	============================================================
18:53:58.0438 2444	1394ohci        (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
18:53:58.0579 2444	1394ohci - ok
18:53:58.0688 2444	ACPI            (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
18:53:58.0703 2444	ACPI - ok
18:53:58.0781 2444	AcpiPmi         (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
18:53:58.0859 2444	AcpiPmi - ok
18:53:58.0953 2444	ACPIVPC         (0ff1f2f287e65a66a3b72484b9895785) C:\Windows\system32\DRIVERS\AcpiVpc.sys
18:53:58.0984 2444	ACPIVPC - ok
18:53:59.0062 2444	adfs - ok
18:53:59.0156 2444	AdfuUd - ok
18:53:59.0327 2444	AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:53:59.0343 2444	AdobeFlashPlayerUpdateSvc - ok
18:53:59.0437 2444	adp94xx         (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
18:53:59.0499 2444	adp94xx - ok
18:53:59.0593 2444	adpahci         (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
18:53:59.0624 2444	adpahci - ok
18:53:59.0717 2444	adpu320         (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
18:53:59.0750 2444	adpu320 - ok
18:53:59.0859 2444	aeaudio - ok
18:53:59.0906 2444	AeLookupSvc     (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
18:53:59.0952 2444	AeLookupSvc - ok
18:54:00.0062 2444	AFD             (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
18:54:00.0124 2444	AFD - ok
18:54:00.0218 2444	agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
18:54:00.0233 2444	agp440 - ok
18:54:00.0327 2444	aic78xx         (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
18:54:00.0342 2444	aic78xx - ok
18:54:00.0452 2444	akshasp - ok
18:54:00.0498 2444	ALG             (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
18:54:00.0545 2444	ALG - ok
18:54:00.0623 2444	aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
18:54:00.0639 2444	aliide - ok
18:54:00.0748 2444	amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
18:54:00.0764 2444	amdagp - ok
18:54:00.0857 2444	amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
18:54:00.0873 2444	amdide - ok
18:54:00.0935 2444	AmdK8           (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
18:54:00.0966 2444	AmdK8 - ok
18:54:01.0060 2444	AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
18:54:01.0091 2444	AmdPPM - ok
18:54:01.0169 2444	amdsata         (e7f4d42d8076ec60e21715cd11743a0d) C:\Windows\system32\drivers\amdsata.sys
18:54:01.0185 2444	amdsata - ok
18:54:01.0232 2444	amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
18:54:01.0247 2444	amdsbs - ok
18:54:01.0341 2444	amdxata         (146459d2b08bfdcbfa856d9947043c81) C:\Windows\system32\drivers\amdxata.sys
18:54:01.0356 2444	amdxata - ok
18:54:01.0419 2444	AppID           (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
18:54:01.0512 2444	AppID - ok
18:54:01.0590 2444	AppIDSvc        (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
18:54:01.0653 2444	AppIDSvc - ok
18:54:01.0762 2444	Appinfo         (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
18:54:01.0809 2444	Appinfo - ok
18:54:01.0934 2444	Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:54:01.0949 2444	Apple Mobile Device - ok
18:54:02.0012 2444	AppMgmt         (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
18:54:02.0058 2444	AppMgmt - ok
18:54:02.0152 2444	arc             (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
18:54:02.0168 2444	arc - ok
18:54:02.0261 2444	arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
18:54:02.0277 2444	arcsas - ok
18:54:02.0370 2444	areschatserver - ok
18:54:02.0480 2444	as32svc - ok
18:54:02.0511 2444	asc3550 - ok
18:54:02.0526 2444	asp.net - ok
18:54:02.0636 2444	aswArKrn - ok
18:54:02.0745 2444	AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
18:54:02.0838 2444	AsyncMac - ok
18:54:02.0932 2444	atapi           (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
18:54:02.0948 2444	atapi - ok
18:54:03.0057 2444	ati2mtaa - ok
18:54:03.0166 2444	atirage3 - ok
18:54:03.0244 2444	ATKGFNEXSrv - ok
18:54:03.0338 2444	AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
18:54:03.0416 2444	AudioEndpointBuilder - ok
18:54:03.0431 2444	Audiosrv        (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
18:54:03.0478 2444	Audiosrv - ok
18:54:03.0572 2444	AVCamUSB20 - ok
18:54:03.0650 2444	AVRec - ok
18:54:03.0774 2444	AxInstSV        (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
18:54:03.0915 2444	AxInstSV - ok
18:54:04.0024 2444	b06bdrv         (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
18:54:04.0133 2444	b06bdrv - ok
18:54:04.0274 2444	b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
18:54:04.0320 2444	b57nd60x - ok
18:54:04.0492 2444	BCM43XX         (f9ce9b5e049efc66b8e6c73c18ee8438) C:\Windows\system32\DRIVERS\bcmwl6.sys
18:54:04.0570 2444	BCM43XX - ok
18:54:04.0679 2444	BCMModem - ok
18:54:04.0742 2444	BDESVC          (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
18:54:04.0788 2444	BDESVC - ok
18:54:04.0913 2444	bdfdll - ok
18:54:05.0022 2444	bdfsdrv - ok
18:54:05.0100 2444	beatjammusicstreamingserver - ok
18:54:05.0194 2444	Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
18:54:05.0256 2444	Beep - ok
18:54:05.0397 2444	BFE             (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
18:54:05.0475 2444	BFE - ok
18:54:05.0568 2444	BITS            (e585445d5021971fae10393f0f1c3961) C:\Windows\system32\qmgr.dll
18:54:05.0646 2444	BITS - ok
18:54:05.0740 2444	blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
18:54:05.0771 2444	blbdrive - ok
18:54:05.0896 2444	Bluetooth Device Manager (3c4e43359b761b0224d99b64dd866f61) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
18:54:06.0052 2444	Bluetooth Device Manager - ok
18:54:06.0130 2444	Bluetooth Media Service (93951833910840958cca106d6a5d175d) C:\Program Files\Motorola\Bluetooth\audiosrv.exe
18:54:06.0161 2444	Bluetooth Media Service - ok
18:54:06.0192 2444	Bluetooth OBEX Service (5899e443b1c9989451d68012f4af9e50) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
18:54:06.0224 2444	Bluetooth OBEX Service - ok
18:54:06.0333 2444	Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
18:54:06.0364 2444	Bonjour Service - ok
18:54:06.0582 2444	bowser          (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
18:54:06.0629 2444	bowser - ok
18:54:06.0723 2444	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:54:06.0770 2444	BrFiltLo - ok
18:54:06.0863 2444	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:54:06.0910 2444	BrFiltUp - ok
18:54:07.0035 2444	Bridge          (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
18:54:07.0082 2444	Bridge - ok
18:54:07.0113 2444	BridgeMP        (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
18:54:07.0160 2444	BridgeMP - ok
18:54:07.0253 2444	Browser         (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
18:54:07.0316 2444	Browser - ok
18:54:07.0425 2444	BrScnUsb - ok
18:54:07.0472 2444	Brserid         (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
18:54:07.0518 2444	Brserid - ok
18:54:07.0612 2444	BrSerIf - ok
18:54:07.0674 2444	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
18:54:07.0690 2444	BrSerWdm - ok
18:54:07.0784 2444	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:54:07.0815 2444	BrUsbMdm - ok
18:54:07.0908 2444	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
18:54:07.0940 2444	BrUsbSer - ok
18:54:08.0033 2444	btaudio - ok
18:54:08.0127 2444	BthEnum         (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
18:54:08.0189 2444	BthEnum - ok
18:54:08.0283 2444	BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
18:54:08.0314 2444	BTHMODEM - ok
18:54:08.0408 2444	BthPan          (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
18:54:08.0439 2444	BthPan - ok
18:54:08.0579 2444	BTHPORT         (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys
18:54:08.0642 2444	BTHPORT - ok
18:54:08.0720 2444	bthserv         (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
18:54:08.0782 2444	bthserv - ok
18:54:08.0876 2444	BTHUSB          (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys
18:54:08.0907 2444	BTHUSB - ok
18:54:09.0000 2444	BTMCOM          (e4b498c101b60eafb46f1ed6241b359f) C:\Windows\system32\Drivers\btmcom.sys
18:54:09.0047 2444	BTMCOM - ok
18:54:09.0141 2444	BTMUSB          (3dfa219b02227edd1a1608a7fefe3e6c) C:\Windows\system32\Drivers\btmusb.sys
18:54:09.0219 2444	BTMUSB - ok
18:54:09.0328 2444	catchme - ok
18:54:09.0422 2444	ccproxy - ok
18:54:09.0500 2444	CdaD10BA - ok
18:54:09.0515 2444	cdaudio - ok
18:54:09.0609 2444	cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
18:54:09.0671 2444	cdfs - ok
18:54:09.0765 2444	cdr4_2k - ok
18:54:09.0812 2444	cdrom           (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
18:54:09.0843 2444	cdrom - ok
18:54:09.0936 2444	CertPropSvc     (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
18:54:09.0983 2444	CertPropSvc - ok
18:54:10.0077 2444	circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
18:54:10.0124 2444	circlass - ok
18:54:10.0217 2444	CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
18:54:10.0233 2444	CLFS - ok
18:54:10.0295 2444	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:54:10.0311 2444	clr_optimization_v2.0.50727_32 - ok
18:54:10.0389 2444	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:54:10.0404 2444	clr_optimization_v4.0.30319_32 - ok
18:54:10.0451 2444	CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
18:54:10.0482 2444	CmBatt - ok
18:54:10.0576 2444	cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
18:54:10.0592 2444	cmdide - ok
18:54:10.0685 2444	cmuda3 - ok
18:54:10.0748 2444	CNG             (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
18:54:10.0794 2444	CNG - ok
18:54:10.0888 2444	Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
18:54:10.0904 2444	Compbatt - ok
18:54:10.0997 2444	CompositeBus    (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
18:54:11.0028 2444	CompositeBus - ok
18:54:11.0091 2444	COMSysApp - ok
18:54:11.0138 2444	crcdisk         (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
18:54:11.0153 2444	crcdisk - ok
18:54:11.0247 2444	CryptSvc        (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
18:54:11.0294 2444	CryptSvc - ok
18:54:11.0403 2444	CSC             (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
18:54:11.0465 2444	CSC - ok
18:54:11.0559 2444	CscService      (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
18:54:11.0606 2444	CscService - ok
18:54:11.0746 2444	ctxcpusched - ok
18:54:11.0808 2444	cvspydr2 - ok
18:54:11.0902 2444	cwafeventrouter - ok
18:54:11.0964 2444	cwafnotesservice - ok
18:54:12.0042 2444	cxlpt - ok
18:54:12.0074 2444	datunidr - ok
18:54:12.0136 2444	DcomLaunch      (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
18:54:12.0198 2444	DcomLaunch - ok
18:54:12.0292 2444	defragsvc       (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
18:54:12.0354 2444	defragsvc - ok
18:54:12.0479 2444	DevUpper - ok
18:54:12.0526 2444	DfsC            (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
18:54:12.0588 2444	DfsC - ok
18:54:12.0682 2444	Dhcp            (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
18:54:12.0729 2444	Dhcp - ok
18:54:12.0822 2444	discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
18:54:12.0869 2444	discache - ok
18:54:12.0963 2444	Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
18:54:12.0978 2444	Disk - ok
18:54:13.0088 2444	DKbFltr - ok
18:54:13.0103 2444	dladresn - ok
18:54:13.0181 2444	dlbu_device - ok
18:54:13.0259 2444	Dnscache        (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
18:54:13.0306 2444	Dnscache - ok
18:54:13.0400 2444	dot3svc         (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
18:54:13.0446 2444	dot3svc - ok
18:54:13.0540 2444	dphost - ok
18:54:13.0587 2444	DPS             (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
18:54:13.0649 2444	DPS - ok
18:54:13.0743 2444	drmkaud         (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
18:54:13.0774 2444	drmkaud - ok
18:54:13.0899 2444	dtsoftbus01     (555e54ac2f601a8821cef58961653991) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
18:54:13.0914 2444	dtsoftbus01 - ok
18:54:14.0024 2444	DXGKrnl         (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
18:54:14.0055 2444	DXGKrnl - ok
18:54:14.0180 2444	EapHost         (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
18:54:14.0242 2444	EapHost - ok
18:54:14.0304 2444	eaps2kbd - ok
18:54:14.0429 2444	ebdrv           (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
18:54:14.0585 2444	ebdrv - ok
18:54:14.0663 2444	EFS             (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
18:54:14.0710 2444	EFS - ok
18:54:14.0788 2444	ehRecvr         (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
18:54:14.0866 2444	ehRecvr - ok
18:54:14.0944 2444	ehSched         (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
18:54:14.0991 2444	ehSched - ok
18:54:15.0100 2444	el90xbc - ok
18:54:15.0209 2444	elbydelay - ok
18:54:15.0256 2444	eliservice - ok
18:54:15.0334 2444	elnkfwppservice - ok
18:54:15.0428 2444	elxstor         (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
18:54:15.0474 2444	elxstor - ok
18:54:15.0568 2444	ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
18:54:15.0584 2444	ErrDev - ok
18:54:15.0724 2444	EventSystem     (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
18:54:15.0786 2444	EventSystem - ok
18:54:15.0880 2444	evteng - ok
18:54:15.0927 2444	exfat           (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
18:54:15.0974 2444	exfat - ok
18:54:16.0067 2444	fastfat         (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
18:54:16.0130 2444	fastfat - ok
18:54:16.0239 2444	Fax             (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
18:54:16.0301 2444	Fax - ok
18:54:16.0395 2444	fa_scheduler - ok
18:54:16.0504 2444	fdc             (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
18:54:16.0535 2444	fdc - ok
18:54:16.0613 2444	fdPHost         (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
18:54:16.0676 2444	fdPHost - ok
18:54:16.0800 2444	FDResPub        (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
18:54:16.0847 2444	FDResPub - ok
18:54:16.0956 2444	FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
18:54:16.0972 2444	FileInfo - ok
18:54:17.0066 2444	Filetrace       (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
18:54:17.0112 2444	Filetrace - ok
18:54:17.0175 2444	FLEXnet Licensing Service (3d9b36631032fde0ffea0dc0260e4e35) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:54:17.0206 2444	FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
18:54:17.0206 2444	FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
18:54:17.0331 2444	flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
18:54:17.0362 2444	flpydisk - ok
18:54:17.0471 2444	FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
18:54:17.0487 2444	FltMgr - ok
18:54:17.0596 2444	FontCache       (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
18:54:17.0658 2444	FontCache - ok
18:54:17.0783 2444	FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:54:17.0799 2444	FontCache3.0.0.0 - ok
18:54:17.0908 2444	FsDepends       (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
18:54:17.0924 2444	FsDepends - ok
18:54:18.0017 2444	Fs_Rec          (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
18:54:18.0033 2444	Fs_Rec - ok
18:54:18.0142 2444	fvevol          (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
18:54:18.0173 2444	fvevol - ok
18:54:18.0282 2444	G400DH - ok
18:54:18.0329 2444	gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:54:18.0345 2444	gagp30kx - ok
18:54:18.0470 2444	GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:54:18.0470 2444	GEARAspiWDM - ok
18:54:18.0594 2444	genregistrar - ok
18:54:18.0657 2444	gpsvc           (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
18:54:18.0719 2444	gpsvc - ok
18:54:18.0860 2444	haspnt - ok
18:54:18.0875 2444	hcf_msft - ok
18:54:18.0938 2444	hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
18:54:18.0984 2444	hcw85cir - ok
18:54:19.0109 2444	HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
18:54:19.0156 2444	HdAudAddService - ok
18:54:19.0250 2444	HDAudBus        (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
18:54:19.0281 2444	HDAudBus - ok
18:54:19.0390 2444	hdthermal - ok
18:54:19.0437 2444	HidBatt         (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
18:54:19.0452 2444	HidBatt - ok
18:54:19.0562 2444	HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
18:54:19.0593 2444	HidBth - ok
18:54:19.0686 2444	HidIr           (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
18:54:19.0718 2444	HidIr - ok
18:54:19.0811 2444	hidserv         (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll
18:54:19.0874 2444	hidserv - ok
18:54:19.0967 2444	HidUsb          (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys
18:54:19.0983 2444	HidUsb - ok
18:54:20.0014 2444	hkmsvc          (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
18:54:20.0061 2444	hkmsvc - ok
18:54:20.0139 2444	HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
18:54:20.0201 2444	HomeGroupListener - ok
18:54:20.0279 2444	HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
18:54:20.0326 2444	HomeGroupProvider - ok
18:54:20.0420 2444	HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
18:54:20.0435 2444	HpSAMD - ok
18:54:20.0513 2444	HPSLPSVC        (83db5dd8be71cba5447fbd7a48fdbeda) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
18:54:20.0576 2444	HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
18:54:20.0576 2444	HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
18:54:20.0669 2444	HSFHWALI - ok
18:54:20.0732 2444	HSFHWICH - ok
18:54:20.0794 2444	HssSrv - ok
18:54:20.0825 2444	hsxhwazl - ok
18:54:20.0919 2444	HTTP            (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
18:54:20.0981 2444	HTTP - ok
18:54:21.0075 2444	hwpolicy        (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
18:54:21.0090 2444	hwpolicy - ok
18:54:21.0200 2444	hwpsgt - ok
18:54:21.0246 2444	i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
18:54:21.0278 2444	i8042prt - ok
18:54:21.0402 2444	iaimfp3 - ok
18:54:21.0543 2444	iaStorV         (a3cae5d281db4cff7cff8233507ee5ad) C:\Windows\system32\drivers\iaStorV.sys
18:54:21.0574 2444	iaStorV - ok
18:54:21.0636 2444	idebusdr - ok
18:54:21.0699 2444	idsvc           (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:54:21.0746 2444	idsvc - ok
18:54:22.0073 2444	igfx            (dce0b53570703cce580d066f89ef58cd) C:\Windows\system32\DRIVERS\igdkmd32.sys
18:54:22.0385 2444	igfx - ok
18:54:22.0494 2444	iirsp           (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
18:54:22.0510 2444	iirsp - ok
18:54:22.0619 2444	IKEEXT          (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
18:54:22.0697 2444	IKEEXT - ok
18:54:22.0822 2444	ilicensesvc - ok
18:54:22.0884 2444	imagesrv - ok
18:54:22.0916 2444	inotask - ok
18:54:22.0978 2444	inport - ok
18:54:23.0118 2444	IntcAzAudAddService (94b1ff5d243d34b31380a2f79fc48959) C:\Windows\system32\drivers\RTKVHDA.sys
18:54:23.0196 2444	IntcAzAudAddService - ok
18:54:23.0290 2444	IntcHdmiAddService (e63cd0d9aa8d406cabde5aa718936f40) C:\Windows\system32\drivers\IntcHdmi.sys
18:54:23.0321 2444	IntcHdmiAddService - ok
18:54:23.0415 2444	intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
18:54:23.0430 2444	intelide - ok
18:54:23.0524 2444	intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
18:54:23.0555 2444	intelppm - ok
18:54:23.0649 2444	intelroam - ok
18:54:23.0774 2444	ipassconnectengine - ok
18:54:23.0820 2444	IPBusEnum       (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
18:54:23.0867 2444	IPBusEnum - ok
18:54:23.0976 2444	IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:54:24.0023 2444	IpFilterDriver - ok
18:54:24.0195 2444	iphlpsvc        (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
18:54:24.0273 2444	iphlpsvc - ok
18:54:24.0366 2444	IPMIDRV         (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
18:54:24.0398 2444	IPMIDRV - ok
18:54:24.0491 2444	IPNAT           (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
18:54:24.0538 2444	IPNAT - ok
18:54:24.0616 2444	iPod Service    (178fe38b7740f598391eb2f51ae4ccac) C:\Program Files\iPod\bin\iPodService.exe
18:54:24.0663 2444	iPod Service - ok
18:54:24.0756 2444	IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
18:54:24.0788 2444	IRENUM - ok
18:54:24.0881 2444	isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
18:54:24.0897 2444	isapnp - ok
18:54:24.0944 2444	iScsiPrt        (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
18:54:24.0959 2444	iScsiPrt - ok
18:54:25.0068 2444	issimon - ok
18:54:25.0146 2444	iviVD - ok
18:54:25.0178 2444	ixiaendpoint - ok
18:54:25.0287 2444	jconfigd - ok
18:54:25.0334 2444	kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
18:54:25.0349 2444	kbdclass - ok
18:54:25.0443 2444	kbdhid          (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
18:54:25.0474 2444	kbdhid - ok
18:54:25.0552 2444	KeyIso          (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
18:54:25.0568 2444	KeyIso - ok
18:54:25.0630 2444	klblmain - ok
18:54:25.0755 2444	konfig - ok
18:54:25.0817 2444	KSecDD          (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
18:54:25.0833 2444	KSecDD - ok
18:54:25.0911 2444	KSecPkg         (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
18:54:25.0926 2444	KSecPkg - ok
18:54:26.0020 2444	KtmRm           (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
18:54:26.0082 2444	KtmRm - ok
18:54:26.0176 2444	L1C             (a158cea8644b8a5c1ec0e9a81b70f65a) C:\Windows\system32\DRIVERS\L1C62x86.sys
18:54:26.0207 2444	L1C - ok
18:54:26.0348 2444	LanmanServer    (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\System32\srvsvc.dll
18:54:26.0379 2444	LanmanServer - ok
18:54:26.0488 2444	LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
18:54:26.0535 2444	LanmanWorkstation - ok
18:54:26.0644 2444	lirsgt - ok
18:54:26.0706 2444	lktimesync - ok
18:54:26.0753 2444	lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
18:54:26.0800 2444	lltdio - ok
18:54:26.0878 2444	lltdsvc         (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
18:54:26.0925 2444	lltdsvc - ok
18:54:26.0956 2444	lmhosts         (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
18:54:27.0003 2444	lmhosts - ok
18:54:27.0112 2444	LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:54:27.0128 2444	LSI_FC - ok
18:54:27.0221 2444	LSI_SAS         (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:54:27.0237 2444	LSI_SAS - ok
18:54:27.0346 2444	LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:54:27.0362 2444	LSI_SAS2 - ok
18:54:27.0455 2444	LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:54:27.0471 2444	LSI_SCSI - ok
18:54:27.0549 2444	ltck000c - ok
18:54:27.0611 2444	luafv           (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
18:54:27.0642 2444	luafv - ok
18:54:27.0752 2444	lvprcsrv - ok
18:54:27.0814 2444	LVRS - ok
18:54:27.0923 2444	lxcc_device - ok
18:54:27.0954 2444	lxcg_device - ok
18:54:28.0017 2444	ManyCam         (c6d085c7045200143528136a43a65fde) C:\Windows\system32\DRIVERS\ManyCam.sys
18:54:28.0064 2444	ManyCam - ok
18:54:28.0188 2444	MBAMProtector   (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
18:54:28.0204 2444	MBAMProtector - ok
18:54:28.0329 2444	MBAMService     (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:54:28.0376 2444	MBAMService - ok
18:54:28.0485 2444	McciCMService - ok
18:54:28.0516 2444	mcpromgr - ok
18:54:28.0578 2444	Mcx2Svc         (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
18:54:28.0594 2444	Mcx2Svc - ok
18:54:28.0703 2444	megasas         (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
18:54:28.0719 2444	megasas - ok
18:54:28.0812 2444	MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
18:54:28.0844 2444	MegaSR - ok
18:54:28.0937 2444	mhn - ok
18:54:28.0968 2444	mi-raysat_3dsmax8 - ok
18:54:29.0015 2444	mlkkbdntdriver - ok
18:54:29.0062 2444	MMCSS           (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
18:54:29.0124 2444	MMCSS - ok
18:54:29.0187 2444	MMRTKRNL - ok
18:54:29.0249 2444	MobilityService - ok
18:54:29.0327 2444	Modem           (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
18:54:29.0374 2444	Modem - ok
18:54:29.0468 2444	monitor         (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
18:54:29.0514 2444	monitor - ok
18:54:29.0608 2444	mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
18:54:29.0624 2444	mouclass - ok
18:54:29.0717 2444	mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
18:54:29.0748 2444	mouhid - ok
18:54:29.0842 2444	mountmgr        (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
18:54:29.0873 2444	mountmgr - ok
18:54:29.0936 2444	mpfservice - ok
18:54:29.0998 2444	mpio            (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
18:54:30.0014 2444	mpio - ok
18:54:30.0092 2444	mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
18:54:30.0138 2444	mpsdrv - ok
18:54:30.0294 2444	MpsSvc          (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
18:54:30.0372 2444	MpsSvc - ok
18:54:30.0435 2444	mraid35x - ok
18:54:30.0482 2444	MREMP50a64 - ok
18:54:30.0513 2444	MRESP50 - ok
18:54:30.0606 2444	MRESP50a64 - ok
18:54:30.0669 2444	MRxDAV          (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
18:54:30.0716 2444	MRxDAV - ok
18:54:30.0809 2444	mrxsmb          (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:54:30.0840 2444	mrxsmb - ok
18:54:30.0950 2444	mrxsmb10        (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:54:30.0981 2444	mrxsmb10 - ok
18:54:31.0074 2444	mrxsmb20        (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:54:31.0106 2444	mrxsmb20 - ok
18:54:31.0230 2444	MS1000 - ok
18:54:31.0293 2444	msahci          (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
18:54:31.0308 2444	msahci - ok
18:54:31.0402 2444	msdsm           (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
18:54:31.0418 2444	msdsm - ok
18:54:31.0496 2444	MSDTC           (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
18:54:31.0527 2444	MSDTC - ok
18:54:31.0605 2444	Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
18:54:31.0652 2444	Msfs - ok
18:54:31.0745 2444	mshidkmdf       (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
18:54:31.0792 2444	mshidkmdf - ok
18:54:31.0854 2444	MSIRCOMM - ok
18:54:31.0917 2444	msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
18:54:31.0932 2444	msisadrv - ok
18:54:32.0026 2444	MSiSCSI         (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
18:54:32.0073 2444	MSiSCSI - ok
18:54:32.0151 2444	msiserver - ok
18:54:32.0213 2444	MSKSSRV         (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
18:54:32.0276 2444	MSKSSRV - ok
18:54:32.0369 2444	MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
18:54:32.0416 2444	MSPCLOCK - ok
18:54:32.0525 2444	MSPQM           (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
18:54:32.0572 2444	MSPQM - ok
18:54:32.0666 2444	MsRPC           (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
18:54:32.0697 2444	MsRPC - ok
18:54:32.0790 2444	mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
18:54:32.0806 2444	mssmbios - ok
18:54:32.0868 2444	MSTEE           (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
18:54:32.0915 2444	MSTEE - ok
18:54:32.0962 2444	MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
18:54:32.0978 2444	MTConfig - ok
18:54:33.0087 2444	Mup             (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
18:54:33.0102 2444	Mup - ok
18:54:33.0196 2444	mwsejcap - ok
18:54:33.0258 2444	napagent        (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
18:54:33.0336 2444	napagent - ok
18:54:33.0430 2444	NativeWifiP     (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
18:54:33.0461 2444	NativeWifiP - ok
18:54:33.0570 2444	naveng - ok
18:54:33.0633 2444	Ncrc710 - ok
18:54:33.0664 2444	ndassvc - ok
18:54:33.0758 2444	NDIS            (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
18:54:33.0804 2444	NDIS - ok
18:54:33.0898 2444	NdisCap         (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
18:54:33.0960 2444	NdisCap - ok
18:54:34.0054 2444	Ndismeetro - ok
18:54:34.0116 2444	NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
18:54:34.0163 2444	NdisTapi - ok
18:54:34.0272 2444	Ndisuio         (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
18:54:34.0304 2444	Ndisuio - ok
18:54:34.0397 2444	NdisWan         (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
18:54:34.0444 2444	NdisWan - ok
18:54:34.0538 2444	NDProxy         (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
18:54:34.0569 2444	NDProxy - ok
18:54:34.0616 2444	Net Driver HPZ12 (510c138564486ff926a3f773205c63d1) C:\Windows\system32\HPZinw12.dll
18:54:34.0631 2444	Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
18:54:34.0631 2444	Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
18:54:34.0725 2444	NetBIOS         (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
18:54:34.0772 2444	NetBIOS - ok
18:54:34.0865 2444	NetBT           (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
18:54:34.0943 2444	NetBT - ok
18:54:35.0021 2444	netddedsdm - ok
18:54:35.0068 2444	Netlogon        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
18:54:35.0084 2444	Netlogon - ok
18:54:35.0177 2444	Netman          (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
18:54:35.0240 2444	Netman - ok
18:54:35.0349 2444	netmdsb - ok
18:54:35.0411 2444	netprofm        (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
18:54:35.0474 2444	netprofm - ok
18:54:35.0583 2444	netsvc - ok
18:54:35.0661 2444	NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:54:35.0676 2444	NetTcpPortSharing - ok
18:54:35.0739 2444	netw4x32 - ok
18:54:35.0879 2444	NetwareWorkstation - ok
18:54:35.0942 2444	nfrd960         (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
18:54:35.0957 2444	nfrd960 - ok
18:54:36.0035 2444	nisum - ok
18:54:36.0098 2444	NlaSvc          (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
18:54:36.0144 2444	NlaSvc - ok
18:54:36.0207 2444	NLNdisMP - ok
18:54:36.0238 2444	NLNdisPT - ok
18:54:36.0332 2444	Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
18:54:36.0378 2444	Npfs - ok
18:54:36.0456 2444	npkcrypt - ok
18:54:36.0503 2444	nsi             (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
18:54:36.0534 2444	nsi - ok
18:54:36.0612 2444	nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
18:54:36.0659 2444	nsiproxy - ok
18:54:36.0722 2444	NSSvcMgr - ok
18:54:36.0831 2444	Ntfs            (33c3093d09017cfe2e219f2472bff6eb) C:\Windows\system32\drivers\Ntfs.sys
18:54:36.0893 2444	Ntfs - ok
18:54:37.0002 2444	ntsyslog - ok
18:54:37.0065 2444	Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
18:54:37.0127 2444	Null - ok
18:54:37.0190 2444	nv - ok
18:54:37.0252 2444	nvraid          (af2eec9580c1d32fb7eaf105d9784061) C:\Windows\system32\drivers\nvraid.sys
18:54:37.0268 2444	nvraid - ok
18:54:37.0346 2444	nvstor          (9283c58ebaa2618f93482eb5dabcec82) C:\Windows\system32\drivers\nvstor.sys
18:54:37.0361 2444	nvstor - ok
18:54:37.0424 2444	nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
18:54:37.0439 2444	nv_agp - ok
18:54:37.0517 2444	OEM02Vfx - ok
18:54:37.0580 2444	ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
18:54:37.0611 2444	ohci1394 - ok
18:54:37.0704 2444	omniusb - ok
18:54:37.0736 2444	ONSIO - ok
18:54:37.0814 2444	oracledbconsoleorcl - ok
18:54:37.0876 2444	oracleorahomeagent - ok
18:54:37.0938 2444	p2pimsvc        (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
18:54:37.0985 2444	p2pimsvc - ok
18:54:38.0079 2444	p2psvc          (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
18:54:38.0110 2444	p2psvc - ok
18:54:38.0204 2444	Parport         (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
18:54:38.0235 2444	Parport - ok
18:54:38.0344 2444	partmgr         (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
18:54:38.0360 2444	partmgr - ok
18:54:38.0453 2444	Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
18:54:38.0484 2444	Parvdm - ok
18:54:38.0594 2444	passthru - ok
18:54:38.0781 2444	PcaSvc          (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
18:54:38.0812 2444	PcaSvc - ok
18:54:38.0921 2444	pci             (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
18:54:38.0937 2444	pci - ok
18:54:39.0015 2444	pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
18:54:39.0030 2444	pciide - ok
18:54:39.0140 2444	pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
18:54:39.0155 2444	pcmcia - ok
18:54:39.0249 2444	pcw             (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
18:54:39.0280 2444	pcw - ok
18:54:39.0342 2444	pdiddcci - ok
18:54:39.0405 2444	pdlnecfg - ok
18:54:39.0467 2444	pdreli - ok
18:54:39.0545 2444	pdscheduler - ok
18:54:39.0623 2444	PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
18:54:39.0717 2444	PEAUTH - ok
18:54:39.0826 2444	PeerDistSvc     (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
18:54:39.0904 2444	PeerDistSvc - ok
18:54:39.0982 2444	perc2hib - ok
18:54:40.0060 2444	PID_08A0 - ok
18:54:40.0138 2444	pla             (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
18:54:40.0247 2444	pla - ok
18:54:40.0341 2444	PlugPlay        (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
18:54:40.0388 2444	PlugPlay - ok
18:54:40.0466 2444	Pml Driver HPZ12 (37e5e8ffbad35605daeec3224ea0e465) C:\Windows\system32\HPZipm12.dll
18:54:40.0466 2444	Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
18:54:40.0466 2444	Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
18:54:40.0528 2444	PNRPAutoReg     (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
18:54:40.0559 2444	PNRPAutoReg - ok
18:54:40.0653 2444	PNRPsvc         (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
18:54:40.0684 2444	PNRPsvc - ok
18:54:40.0762 2444	PolicyAgent     (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
18:54:40.0840 2444	PolicyAgent - ok
18:54:40.0934 2444	portmapper - ok
18:54:40.0996 2444	Power           (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
18:54:41.0043 2444	Power - ok
18:54:41.0136 2444	PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
18:54:41.0199 2444	PptpMiniport - ok
18:54:41.0261 2444	prismxl - ok
18:54:41.0339 2444	Processor       (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
18:54:41.0370 2444	Processor - ok
18:54:41.0480 2444	ProfSvc         (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
18:54:41.0511 2444	ProfSvc - ok
18:54:41.0558 2444	ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
18:54:41.0589 2444	ProtectedStorage - ok
18:54:41.0667 2444	Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
18:54:41.0729 2444	Psched - ok
18:54:41.0854 2444	PSSDK42         (c8eb36910d3bd582891977e80925e21e) C:\Windows\system32\Drivers\pssdk42.sys
18:54:41.0870 2444	PSSDK42 - ok
18:54:41.0979 2444	PTDCMdm - ok
18:54:42.0010 2444	puscsrvc - ok
18:54:42.0041 2444	pxfhbus - ok
18:54:42.0104 2444	pxfhmdm - ok
18:54:42.0150 2444	pxfhserd - ok
18:54:42.0260 2444	qbreminderflash - ok
18:54:42.0353 2444	ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
18:54:42.0431 2444	ql2300 - ok
18:54:42.0540 2444	ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
18:54:42.0556 2444	ql40xx - ok
18:54:42.0665 2444	QWAVE           (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
18:54:42.0712 2444	QWAVE - ok
18:54:42.0806 2444	QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
18:54:42.0821 2444	QWAVEdrv - ok
18:54:42.0930 2444	RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
18:54:42.0993 2444	RasAcd - ok
18:54:43.0071 2444	RasAgileVpn     (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:54:43.0133 2444	RasAgileVpn - ok
18:54:43.0227 2444	RasAuto         (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
18:54:43.0274 2444	RasAuto - ok
18:54:43.0367 2444	Rasl2tp         (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:54:43.0430 2444	Rasl2tp - ok
18:54:43.0554 2444	RasMan          (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
18:54:43.0601 2444	RasMan - ok
18:54:43.0710 2444	RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
18:54:43.0757 2444	RasPppoe - ok
18:54:43.0898 2444	RasSstp         (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
18:54:43.0960 2444	RasSstp - ok
18:54:44.0054 2444	rdbss           (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
18:54:44.0100 2444	rdbss - ok
18:54:44.0210 2444	rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
18:54:44.0241 2444	rdpbus - ok
18:54:44.0319 2444	RDPCDD          (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:54:44.0366 2444	RDPCDD - ok
18:54:44.0522 2444	RDPDR           (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
18:54:44.0553 2444	RDPDR - ok
18:54:44.0646 2444	RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
18:54:44.0709 2444	RDPENCDD - ok
18:54:44.0818 2444	RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
18:54:44.0849 2444	RDPREFMP - ok
18:54:44.0990 2444	RDPWD           (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
18:54:45.0036 2444	RDPWD - ok
18:54:45.0130 2444	rdyboost        (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
18:54:45.0146 2444	rdyboost - ok
18:54:45.0255 2444	regsrvc - ok
18:54:45.0348 2444	RemoteAccess    (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
18:54:45.0395 2444	RemoteAccess - ok
18:54:45.0489 2444	RemoteRegistry  (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
18:54:45.0536 2444	RemoteRegistry - ok
18:54:45.0629 2444	RFCOMM          (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
18:54:45.0660 2444	RFCOMM - ok
18:54:45.0770 2444	ROOTUSB - ok
18:54:45.0816 2444	RpcEptMapper    (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
18:54:45.0863 2444	RpcEptMapper - ok
18:54:45.0941 2444	RpcLocator      (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
18:54:45.0972 2444	RpcLocator - ok
18:54:46.0019 2444	RpcSs           (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
18:54:46.0066 2444	RpcSs - ok
18:54:46.0144 2444	rpsupdaterr - ok
18:54:46.0222 2444	RSAFAL - ok
18:54:46.0316 2444	rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
18:54:46.0378 2444	rspndr - ok
18:54:46.0487 2444	RSUSBSTOR       (96f8dd546677aa5102150acc140377b3) C:\Windows\system32\Drivers\RtsUStor.sys
18:54:46.0534 2444	RSUSBSTOR - ok
18:54:46.0612 2444	RtsUIR - ok
18:54:46.0643 2444	s117mgmt - ok
18:54:46.0721 2444	s125bus - ok
18:54:46.0815 2444	s217bus - ok
18:54:46.0893 2444	s3cap           (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
18:54:46.0924 2444	s3cap - ok
18:54:47.0002 2444	SABProcEnum - ok
18:54:47.0049 2444	SamSs           (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
18:54:47.0064 2444	SamSs - ok
18:54:47.0158 2444	sandboxu - ok
18:54:47.0283 2444	sansaservice - ok
18:54:47.0392 2444	sbp2port        (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
18:54:47.0408 2444	sbp2port - ok
18:54:47.0501 2444	SCardSvr        (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
18:54:47.0564 2444	SCardSvr - ok
18:54:47.0657 2444	scfilter        (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
18:54:47.0688 2444	scfilter - ok
18:54:47.0829 2444	Schedule        (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
18:54:47.0907 2444	Schedule - ok
18:54:48.0032 2444	SCPolicySvc     (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
18:54:48.0078 2444	SCPolicySvc - ok
18:54:48.0172 2444	scramby - ok
18:54:48.0297 2444	scsiaccess - ok
18:54:48.0749 2444	SDRSVC          (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
18:54:48.0827 2444	SDRSVC - ok
18:54:48.0905 2444	SE26mgmt - ok
18:54:49.0014 2444	SE27mdfl - ok
18:54:49.0170 2444	se27nd5 - ok
18:54:49.0280 2444	SE2Bmdfl - ok
18:54:49.0482 2444	se44bus - ok
18:54:49.0638 2444	se45mdm - ok
18:54:49.0826 2444	se58mdfl - ok
18:54:50.0075 2444	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
18:54:50.0138 2444	secdrv - ok
18:54:50.0200 2444	seclogon        (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
18:54:50.0262 2444	seclogon - ok
18:54:50.0418 2444	SENS            (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll
18:54:50.0512 2444	SENS - ok
18:54:50.0668 2444	SensrSvc        (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
18:54:50.0715 2444	SensrSvc - ok
18:54:50.0808 2444	Serenum         (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
18:54:50.0855 2444	Serenum - ok
18:54:51.0105 2444	Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
18:54:51.0167 2444	Serial - ok
18:54:51.0308 2444	sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
18:54:51.0339 2444	sermouse - ok
18:54:51.0526 2444	SessionEnv      (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
18:54:51.0588 2444	SessionEnv - ok
18:54:51.0682 2444	sffdisk         (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
18:54:51.0729 2444	sffdisk - ok
18:54:51.0822 2444	sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
18:54:51.0854 2444	sffp_mmc - ok
18:54:51.0963 2444	sffp_sd         (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
18:54:51.0994 2444	sffp_sd - ok
18:54:52.0197 2444	sfloppy         (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
18:54:52.0228 2444	sfloppy - ok
18:54:52.0306 2444	sfusvc - ok
18:54:52.0431 2444	SharedAccess    (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
18:54:52.0493 2444	SharedAccess - ok
18:54:52.0634 2444	ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
18:54:52.0712 2444	ShellHWDetection - ok
18:54:52.0914 2444	sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
18:54:52.0930 2444	sisagp - ok
18:54:53.0117 2444	SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:54:53.0148 2444	SiSRaid2 - ok
18:54:53.0382 2444	SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
18:54:53.0414 2444	SiSRaid4 - ok
18:54:53.0554 2444	sit_mdm - ok
18:54:53.0757 2444	slapd-config52 - ok
18:54:53.0960 2444	slee_81_service - ok
18:54:54.0116 2444	Slpsvdr - ok
18:54:54.0318 2444	Smb             (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
18:54:54.0350 2444	Smb - ok
18:54:54.0459 2444	smcirda - ok
18:54:54.0537 2444	smrt - ok
18:54:54.0724 2444	SNMPTRAP        (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
18:54:54.0740 2444	SNMPTRAP - ok
18:54:55.0223 2444	SNP2UVC         (5211173ebc74b388d096e197c2243675) C:\Windows\system32\DRIVERS\snp2uvc.sys
18:54:55.0317 2444	SNP2UVC ( UnsignedFile.Multi.Generic ) - warning
18:54:55.0317 2444	SNP2UVC - detected UnsignedFile.Multi.Generic (1)
18:54:55.0473 2444	snpstd - ok
18:54:55.0535 2444	sonytvc - ok
18:54:55.0800 2444	spldr           (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
18:54:55.0816 2444	spldr - ok
18:54:55.0988 2444	Spooler         (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
18:54:56.0066 2444	Spooler - ok
18:54:56.0799 2444	sppsvc          (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
18:54:56.0970 2444	sppsvc - ok
18:54:57.0189 2444	sppuinotify     (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
18:54:57.0267 2444	sppuinotify - ok
18:54:57.0516 2444	srtspx - ok
18:54:57.0750 2444	srv             (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
18:54:57.0797 2444	srv - ok
18:54:58.0016 2444	srv2            (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
18:54:58.0047 2444	srv2 - ok
18:54:58.0203 2444	srvnet          (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
18:54:58.0234 2444	srvnet - ok
18:54:58.0515 2444	SSDPSRV         (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
18:54:58.0593 2444	SSDPSRV - ok
18:54:58.0671 2444	SSHDRV61 - ok
18:54:58.0733 2444	ssisvr32 - ok
18:54:58.0858 2444	SstpSvc         (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
18:54:58.0905 2444	SstpSvc - ok
18:54:59.0170 2444	stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
18:54:59.0201 2444	stexstor - ok
18:54:59.0388 2444	StillCam        (edb05bd63148796f23ea78506404a538) C:\Windows\system32\DRIVERS\serscan.sys
18:54:59.0420 2444	StillCam - ok
18:54:59.0560 2444	stirusb - ok
18:54:59.0763 2444	StiSvc          (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
18:54:59.0841 2444	StiSvc - ok
18:55:00.0012 2444	storflt         (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
18:55:00.0028 2444	storflt - ok
18:55:00.0231 2444	StorSvc         (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll
18:55:00.0262 2444	StorSvc - ok
18:55:00.0480 2444	storvsc         (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
18:55:00.0512 2444	storvsc - ok
18:55:00.0605 2444	streamip - ok
18:55:00.0730 2444	streamloadservice - ok
18:55:01.0042 2444	swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
18:55:01.0058 2444	swenum - ok
18:55:01.0260 2444	swprv           (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
18:55:01.0338 2444	swprv - ok
18:55:01.0448 2444	symantecantibotagent - ok
18:55:01.0728 2444	symc8xx - ok
18:55:01.0916 2444	symidsco - ok
18:55:02.0103 2444	symwsc - ok
18:55:02.0399 2444	SynTP           (e09c6ae9f84b5985979046e0a5896584) C:\Windows\system32\DRIVERS\SynTP.sys
18:55:02.0415 2444	SynTP - ok
18:55:02.0711 2444	SysMain         (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
18:55:02.0789 2444	SysMain - ok
18:55:02.0914 2444	sysmgmthp - ok
18:55:03.0054 2444	T6963C - ok
18:55:03.0195 2444	TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
18:55:03.0242 2444	TabletInputService - ok
18:55:03.0444 2444	TapiSrv         (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
18:55:03.0507 2444	TapiSrv - ok
18:55:03.0663 2444	tavsvc - ok
18:55:03.0741 2444	TBS             (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
18:55:03.0803 2444	TBS - ok
18:55:04.0084 2444	Tcpip           (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
18:55:04.0178 2444	Tcpip - ok
18:55:04.0536 2444	TCPIP6          (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
18:55:04.0583 2444	TCPIP6 - ok
18:55:04.0848 2444	tcpipreg        (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
18:55:04.0911 2444	tcpipreg - ok
18:55:05.0114 2444	TcUsb - ok
18:55:05.0301 2444	TDPIPE          (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
18:55:05.0363 2444	TDPIPE - ok
18:55:05.0535 2444	TDTCP           (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
18:55:05.0566 2444	TDTCP - ok
18:55:05.0738 2444	tdx             (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
18:55:05.0800 2444	tdx - ok
18:55:05.0894 2444	TeamViewer5     (d91cb8a2d5a0f60e53eb7a0b0bc2e0f0) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
18:55:05.0909 2444	TeamViewer5 - ok
18:55:06.0096 2444	TermDD          (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
18:55:06.0112 2444	TermDD - ok
18:55:06.0252 2444	TermService     (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
18:55:06.0330 2444	TermService - ok
18:55:06.0471 2444	tfsnifs - ok
18:55:06.0627 2444	tfsnpool - ok
18:55:06.0798 2444	Themes          (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
18:55:06.0830 2444	Themes - ok
18:55:07.0032 2444	THREADORDER     (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
18:55:07.0064 2444	THREADORDER - ok
18:55:07.0251 2444	TIEHDUSB - ok
18:55:07.0422 2444	tlntsvr - ok
18:55:07.0532 2444	tmactmon - ok
18:55:07.0578 2444	tpkmpsvc - ok
18:55:07.0781 2444	TrkWks          (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
18:55:07.0844 2444	TrkWks - ok
18:55:08.0000 2444	truecrypt - ok
18:55:08.0078 2444	TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
18:55:08.0124 2444	TrustedInstaller - ok
18:55:08.0312 2444	tssecsrv        (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:55:08.0358 2444	tssecsrv - ok
18:55:08.0655 2444	TsUsbFlt        (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
18:55:08.0717 2444	TsUsbFlt - ok
18:55:08.0858 2444	TuneUp.Defrag   (c7732abb05d2ac3e43ddbf916fc2e2da) C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
18:55:08.0889 2444	TuneUp.Defrag - ok
18:55:08.0982 2444	TuneUp.ProgramStatisticsSvc - ok
18:55:09.0185 2444	TuneUp.UtilitiesSvc (cb853481039f08517939ab269077c118) C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
18:55:09.0248 2444	TuneUp.UtilitiesSvc - ok
18:55:09.0357 2444	TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys
18:55:09.0372 2444	TuneUpUtilitiesDrv - ok
18:55:09.0622 2444	tunnel          (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
18:55:09.0684 2444	tunnel - ok
18:55:09.0856 2444	tvtnetwk - ok
18:55:10.0106 2444	uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
18:55:10.0137 2444	uagp35 - ok
18:55:10.0340 2444	udfs            (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
18:55:10.0402 2444	udfs - ok
18:55:10.0620 2444	UI0Detect       (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
18:55:10.0667 2444	UI0Detect - ok
18:55:10.0823 2444	UimBus - ok
18:55:11.0166 2444	uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
18:55:11.0182 2444	uliagpkx - ok
18:55:11.0400 2444	umbus           (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
18:55:11.0432 2444	umbus - ok
18:55:11.0650 2444	UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
18:55:11.0681 2444	UmPass - ok
18:55:11.0790 2444	UmRdpService    (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
18:55:11.0837 2444	UmRdpService - ok
18:55:11.0962 2444	UPATC - ok
18:55:12.0180 2444	upnphost        (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
18:55:12.0227 2444	upnphost - ok
18:55:12.0383 2444	USB28xxBGA - ok
18:55:12.0804 2444	USBAAPL         (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
18:55:12.0882 2444	USBAAPL - ok
18:55:13.0319 2444	usbccgp         (7e72e7d7e0757d59481d530fd2b0bfae) C:\Windows\system32\drivers\usbccgp.sys
18:55:13.0366 2444	usbccgp - ok
18:55:13.0678 2444	USBCCID - ok
18:55:13.0865 2444	usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
18:55:13.0896 2444	usbcir - ok
18:55:14.0052 2444	usbehci         (cfbce999c057d78979a181c9c60f208e) C:\Windows\system32\drivers\usbehci.sys
18:55:14.0099 2444	usbehci - ok
18:55:14.0349 2444	usbhub          (9d22aad9ac6a07c691a1113e5f860868) C:\Windows\system32\drivers\usbhub.sys
18:55:14.0380 2444	usbhub - ok
18:55:14.0879 2444	usbohci         (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\drivers\usbohci.sys
18:55:14.0942 2444	usbohci - ok
18:55:15.0160 2444	usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
18:55:15.0191 2444	usbprint - ok
18:55:15.0332 2444	usbscan         (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
18:55:15.0378 2444	usbscan - ok
18:55:15.0628 2444	USBSTOR         (bf63ebfc6979fefb2bc03df7989a0c1a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:55:15.0644 2444	USBSTOR - ok
18:55:15.0784 2444	usbuhci         (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\drivers\usbuhci.sys
18:55:15.0831 2444	usbuhci - ok
18:55:15.0940 2444	usbvideo        (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
18:55:15.0987 2444	usbvideo - ok
18:55:16.0049 2444	USB_NDIS_51 - ok
18:55:16.0127 2444	USRpdA - ok
18:55:16.0174 2444	UxSms           (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
18:55:16.0221 2444	UxSms - ok
18:55:16.0392 2444	UxTuneUp        (fc5bca83c5000509feefbfae81074835) C:\Windows\System32\uxtuneup.dll
18:55:16.0408 2444	UxTuneUp - ok
18:55:16.0517 2444	vaiomediaplatform-videoserver-appserver - ok
18:55:16.0689 2444	VaultSvc        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
18:55:16.0704 2444	VaultSvc - ok
18:55:16.0845 2444	vc8secs - ok
18:55:16.0985 2444	vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
18:55:17.0001 2444	vdrvroot - ok
18:55:17.0172 2444	vds             (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
18:55:17.0266 2444	vds - ok
18:55:17.0328 2444	vet-rec - ok
18:55:17.0406 2444	vetfddnt - ok
18:55:17.0656 2444	vga             (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
18:55:17.0687 2444	vga - ok
18:55:17.0890 2444	VgaSave         (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
18:55:17.0937 2444	VgaSave - ok
18:55:18.0171 2444	vhdmp           (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
18:55:18.0186 2444	vhdmp - ok
18:55:18.0420 2444	viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
18:55:18.0452 2444	viaagp - ok
18:55:18.0639 2444	ViaC7           (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
18:55:18.0686 2444	ViaC7 - ok
18:55:18.0951 2444	viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
18:55:18.0982 2444	viaide - ok
18:55:19.0107 2444	viairda - ok
18:55:19.0310 2444	vmbus           (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
18:55:19.0325 2444	vmbus - ok
18:55:19.0450 2444	VMBusHID        (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
18:55:19.0481 2444	VMBusHID - ok
18:55:19.0606 2444	vmnetbridge - ok
18:55:19.0731 2444	vmodem - ok
18:55:19.0840 2444	volmgr          (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
18:55:19.0856 2444	volmgr - ok
18:55:20.0090 2444	volmgrx         (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
18:55:20.0121 2444	volmgrx - ok
18:55:20.0339 2444	volsnap         (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
18:55:20.0370 2444	volsnap - ok
18:55:20.0542 2444	vsdatant - ok
18:55:20.0714 2444	vsmraid         (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
18:55:20.0760 2444	vsmraid - ok
18:55:20.0963 2444	VSS             (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
18:55:21.0057 2444	VSS - ok
18:55:21.0213 2444	vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
18:55:21.0260 2444	vwifibus - ok
18:55:21.0416 2444	vwififlt        (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
18:55:21.0478 2444	vwififlt - ok
18:55:21.0618 2444	W32Time         (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
18:55:21.0696 2444	W32Time - ok
18:55:21.0806 2444	w810mdfl - ok
18:55:21.0930 2444	WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
18:55:21.0946 2444	WacomPen - ok
18:55:22.0040 2444	WANARP          (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
18:55:22.0086 2444	WANARP - ok
18:55:22.0102 2444	Wanarpv6        (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
18:55:22.0133 2444	Wanarpv6 - ok
18:55:22.0258 2444	wanatw - ok
18:55:22.0320 2444	WaveEnrollmentService - ok
18:55:22.0430 2444	wbengine        (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
18:55:22.0508 2444	wbengine - ok
18:55:22.0601 2444	WbioSrvc        (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
18:55:22.0648 2444	WbioSrvc - ok
18:55:22.0866 2444	wcncsvc         (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
18:55:22.0913 2444	wcncsvc - ok
18:55:23.0100 2444	WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
18:55:23.0147 2444	WcsPlugInService - ok
18:55:23.0241 2444	Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
18:55:23.0256 2444	Wd - ok
18:55:23.0303 2444	Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
18:55:23.0334 2444	Wdf01000 - ok
18:55:23.0522 2444	WdiServiceHost  (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
18:55:23.0600 2444	WdiServiceHost - ok
18:55:23.0646 2444	WdiSystemHost   (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
18:55:23.0662 2444	WdiSystemHost - ok
18:55:23.0818 2444	WebClient       (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
18:55:23.0880 2444	WebClient - ok
18:55:24.0005 2444	websensewfreportserver - ok
18:55:24.0161 2444	Wecsvc          (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
18:55:24.0208 2444	Wecsvc - ok
18:55:24.0364 2444	wercplsupport   (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
18:55:24.0426 2444	wercplsupport - ok
18:55:24.0692 2444	WerSvc          (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
18:55:24.0754 2444	WerSvc - ok
18:55:24.0957 2444	WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
18:55:24.0988 2444	WfpLwf - ok
18:55:25.0097 2444	WIBUKEY - ok
18:55:25.0378 2444	WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
18:55:25.0394 2444	WIMMount - ok
18:55:25.0503 2444	winachsf - ok
18:55:25.0643 2444	WinDefend       (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
18:55:25.0706 2444	WinDefend - ok
18:55:25.0846 2444	WinFl32 - ok
18:55:25.0908 2444	WinHttpAutoProxySvc - ok
18:55:26.0049 2444	Winmgmt         (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
18:55:26.0096 2444	Winmgmt - ok
18:55:26.0252 2444	WinRM           (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
18:55:26.0330 2444	WinRM - ok
18:55:26.0595 2444	WinUsb          (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUSB.sys
18:55:26.0642 2444	WinUsb - ok
18:55:26.0798 2444	winvnc - ok
18:55:26.0985 2444	Wlansvc         (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
18:55:27.0032 2444	Wlansvc - ok
18:55:27.0172 2444	wmccdsls - ok
18:55:27.0375 2444	WmiAcpi         (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
18:55:27.0390 2444	WmiAcpi - ok
18:55:27.0734 2444	wmiApSrv        (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
18:55:27.0765 2444	wmiApSrv - ok
18:55:28.0046 2444	WMPNetworkSvc   (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
18:55:28.0124 2444	WMPNetworkSvc - ok
18:55:28.0342 2444	WPCSvc          (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
18:55:28.0358 2444	WPCSvc - ok
18:55:28.0467 2444	WPDBusEnum      (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
18:55:28.0514 2444	WPDBusEnum - ok
18:55:28.0623 2444	ws2ifsl         (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
18:55:28.0685 2444	ws2ifsl - ok
18:55:28.0810 2444	wscsvc          (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\system32\wscsvc.dll
18:55:28.0857 2444	wscsvc - ok
18:55:28.0935 2444	WSearch - ok
18:55:29.0075 2444	wstcodec - ok
18:55:29.0418 2444	wuauserv        (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
18:55:29.0543 2444	wuauserv - ok
18:55:29.0730 2444	WudfPf          (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
18:55:29.0777 2444	WudfPf - ok
18:55:29.0964 2444	WUDFRd          (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:55:29.0996 2444	WUDFRd - ok
18:55:30.0183 2444	wudfsvc         (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
18:55:30.0245 2444	wudfsvc - ok
18:55:30.0417 2444	WwanSvc         (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
18:55:30.0448 2444	WwanSvc - ok
18:55:30.0573 2444	XBCD - ok
18:55:30.0713 2444	yats32 - ok
18:55:30.0869 2444	z800mgmt - ok
18:55:30.0994 2444	zendcoreapache - ok
18:55:31.0150 2444	zenos1 - ok
18:55:31.0275 2444	zpcache - ok
18:55:31.0384 2444	ZSMC211 - ok
18:55:31.0540 2444	{e2b953a6-195a-44f9-9ba3-3d5f4e32bb55} - ok
18:55:31.0602 2444	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:55:31.0961 2444	\Device\Harddisk0\DR0 - ok
18:55:31.0977 2444	Boot (0x1200)   (a9e4a5ac757ad6a2cdd93e790098c1b1) \Device\Harddisk0\DR0\Partition0
18:55:31.0992 2444	\Device\Harddisk0\DR0\Partition0 - ok
18:55:32.0024 2444	Boot (0x1200)   (131b59aa6f58f4c7c914a6cbc5bc866d) \Device\Harddisk0\DR0\Partition1
18:55:32.0039 2444	\Device\Harddisk0\DR0\Partition1 - ok
18:55:32.0070 2444	Boot (0x1200)   (857887c48a2f900255b6b44a662f4fee) \Device\Harddisk0\DR0\Partition2
18:55:32.0117 2444	\Device\Harddisk0\DR0\Partition2 - ok
18:55:32.0117 2444	============================================================
18:55:32.0117 2444	Scan finished
18:55:32.0117 2444	============================================================
18:55:32.0133 2816	Detected object count: 5
18:55:32.0133 2816	Actual detected object count: 5
18:56:54.0366 2816	FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
18:56:54.0366 2816	FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:56:54.0366 2816	HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
18:56:54.0366 2816	HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:56:54.0366 2816	Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
18:56:54.0366 2816	Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:56:54.0366 2816	Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
18:56:54.0366 2816	Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:56:54.0366 2816	SNP2UVC ( UnsignedFile.Multi.Generic ) - skipped by user
18:56:54.0366 2816	SNP2UVC ( UnsignedFile.Multi.Generic ) - User select action: Skip

05.04.2012, 20:18	#6
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Abnow versucht zu entfernen - Reste vorhanden? Ok, das ist schon mal was. Ohne Datensicherung wäre es sehr übel. Wenn die Daten gesichert sind ist eine Neuinstallation auch nicht mehr das schlimmste __________________ --> Abnow versucht zu entfernen - Reste vorhanden?

Abnow versucht zu entfernen - Reste vorhanden?

Log-Analyse und Auswertung: Abnow versucht zu entfernen - Reste vorhanden?