Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Ist vikyrefwaqis.exe ein Virus?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 06.08.2012, 21:22   #1
simone7
 
Ist vikyrefwaqis.exe ein Virus? - Standard

Ist vikyrefwaqis.exe ein Virus?



Hallo,

Das Programm vikyrefwaqis.exe versucht Zugriff auf den PC über die Benutzerkontensteuerung zu bekommen. Wenn man hier auf nein klickt kommt die Meldung immer wieder.

Die Datei wurde gestern erstellt, ich habe sie aber nicht bewusst heruntergeladen und auch sonst gestern und heute keine Software installiert.

Handelt es sich um einen Virus, und wie werde ich den wieder los?



Hier noch die erstellten Logs:

OTL

Code:
ATTFilter
OTL logfile created on: 06.08.2012 20:13:28 - Run 1
OTL by OldTimer - Version 3.2.56.0     Folder = C:\Users\ISA\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,92 Gb Total Physical Memory | 2,20 Gb Available Physical Memory | 56,12% Memory free
7,83 Gb Paging File | 5,66 Gb Available in Paging File | 72,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446,13 Gb Total Space | 187,72 Gb Free Space | 42,08% Space Free | Partition Type: NTFS
Unable to calculate disk information.
 
Computer Name: ISA-PC | User Name: ISA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.08.06 20:11:30 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\ISA\Desktop\OTL.exe
PRC - [2012.08.05 20:52:23 | 000,089,032 | ---- | M] (IO-DATA) -- C:\Users\ISA\vikyrefwaqis.exe
PRC - [2011.09.06 19:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
PRC - [2011.08.18 17:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
PRC - [2011.08.18 17:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
PRC - [2011.08.01 19:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011.06.29 08:52:54 | 000,474,176 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
PRC - [2011.06.27 19:26:30 | 002,022,976 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.04.22 18:13:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.04.21 19:32:26 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.04.13 17:39:14 | 000,503,942 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2011.03.09 11:41:08 | 001,066,896 | ---- | M] () -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
PRC - [2011.02.23 23:19:22 | 000,371,200 | ---- | M] (shbox.de) -- C:\Program Files (x86)\FreePDF_XP\fpassist.exe
PRC - [2011.01.17 18:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2011.01.17 18:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010.12.21 01:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.12.21 01:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.11.17 17:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.06.14 15:14:19 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
MOD - [2012.06.14 15:14:05 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012.06.14 15:13:59 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012.06.14 15:13:56 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
MOD - [2012.05.10 12:31:05 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll
MOD - [2012.05.09 15:30:26 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll
MOD - [2012.05.09 15:29:18 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012.05.09 15:29:13 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012.05.09 15:29:10 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012.05.09 15:29:08 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.05.09 15:29:03 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2011.08.18 17:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
MOD - [2011.07.08 21:33:51 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2011.06.29 08:52:54 | 000,474,176 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
MOD - [2011.06.27 19:26:30 | 002,022,976 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
MOD - [2011.06.27 19:25:30 | 000,058,944 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\DataService.dll
MOD - [2011.06.24 23:32:36 | 000,323,136 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\de-DE\UI\ManagerUI.dll
MOD - [2011.06.24 23:20:26 | 000,565,968 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll
MOD - [2011.04.22 18:13:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
MOD - [2010.11.25 05:44:02 | 000,375,280 | ---- | M] () -- c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll
MOD - [2010.11.17 17:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2010.03.22 15:52:42 | 006,776,832 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll
MOD - [2010.03.16 20:28:28 | 000,326,144 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll
MOD - [2010.03.16 20:28:16 | 000,635,904 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll
MOD - [2010.03.16 20:28:04 | 001,926,144 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll
MOD - [2010.03.11 19:52:34 | 000,225,280 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll
MOD - [2010.03.11 19:52:34 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll
MOD - [2010.03.05 15:07:58 | 000,125,952 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll
MOD - [2010.03.05 15:07:58 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2012.03.20 13:11:30 | 000,162,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012.03.20 12:56:24 | 000,210,584 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2012.03.20 12:55:54 | 000,199,272 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011.01.28 01:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2011.01.28 01:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2011.01.28 01:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:64bit: - [2011.01.28 01:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2011.01.28 01:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2011.01.28 01:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2011.01.28 01:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2012.07.28 19:15:52 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.04.19 08:22:48 | 000,502,032 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Programme\mcafee\virusscan\mcods.exe -- (McODS)
SRV - [2011.08.18 17:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.04.22 18:13:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.04.21 19:32:26 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.03.28 22:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011.03.09 11:41:10 | 000,491,920 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC)
SRV - [2011.03.09 11:41:08 | 001,066,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME)
SRV - [2011.03.09 11:10:40 | 000,288,768 | ---- | M] (WDC) [Auto | Running] -- C:\Programme\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2011.03.09 00:00:50 | 000,224,704 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Programme\mcafee\msc\McAWFwk.exe -- (McAWFwk)
SRV - [2010.12.21 01:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010.12.21 01:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.12.17 21:41:32 | 001,515,792 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2010.12.17 21:28:46 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV - [2010.12.17 21:26:50 | 000,836,880 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2010.11.29 22:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Running] -- C:\Programme\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV - [2010.11.25 12:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010.11.25 12:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010.09.23 01:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.08.26 03:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.11.18 04:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.22 13:29:46 | 000,647,208 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012.02.22 13:29:46 | 000,487,296 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2012.02.22 13:29:46 | 000,289,664 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012.02.22 13:29:46 | 000,229,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012.02.22 13:29:46 | 000,160,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012.02.22 13:29:46 | 000,100,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2012.02.22 13:29:46 | 000,075,936 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2012.02.22 13:29:46 | 000,065,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2011.04.22 18:13:00 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011.03.26 11:17:50 | 012,262,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.17 03:11:08 | 000,428,136 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.02.16 16:53:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2011.02.11 00:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011.02.11 00:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011.01.20 18:20:46 | 000,176,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2011.01.13 03:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.12.22 11:08:48 | 008,505,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2010.12.17 19:06:32 | 001,404,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.12.15 19:02:04 | 000,174,168 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2010.12.13 19:34:14 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler)
DRV:64bit: - [2010.12.12 16:18:36 | 000,121,960 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2010.12.01 12:02:22 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2010.11.29 22:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.10.20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.10.15 18:28:18 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010.08.20 11:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)
DRV:64bit: - [2010.07.13 04:38:06 | 000,029,288 | ---- | M] (Quanta Computer) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qicflt.sys -- (qicflt)
DRV:64bit: - [2010.03.19 10:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010.02.27 09:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2006.11.01 19:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {AC68DAC8-FCB9-4B8C-94B6-E13D29284D15}
IE:64bit: - HKLM\..\SearchScopes\{AC68DAC8-FCB9-4B8C-94B6-E13D29284D15}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKLM\..\SearchScopes\{AC68DAC8-FCB9-4B8C-94B6-E13D29284D15}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www1.euro.dell.com/content/default.aspx?c=de&l=de&s=gen
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.linkury.com/newtab.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKCU\..\SearchScopes,DefaultScope = {AC68DAC8-FCB9-4B8C-94B6-E13D29284D15}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..keyword.URL: "hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:7317400059&cof=FORID:11&sa=Search&siteurl=search.linkury.com&q="
FF - prefs.js..network.proxy.http: "190.0.57.98"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, stealthy.co"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012.06.28 10:09:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.28 19:15:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Components: C:\Program Files (x86)\Mozilla Sunbird\components [2012.04.24 19:31:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Sunbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.28 19:15:52 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.04.24 19:32:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ISA\AppData\Roaming\mozilla\Extensions
[2012.04.24 19:32:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ISA\AppData\Roaming\mozilla\Extensions\{718e30fb-e89b-41dd-9da7-e25a45638b28}
[2012.08.06 19:47:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ISA\AppData\Roaming\mozilla\Firefox\Profiles\sj7qfd8a.default\extensions
[2012.07.06 20:32:56 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\ISA\AppData\Roaming\mozilla\Firefox\Profiles\sj7qfd8a.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.08.06 19:47:19 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\ISA\AppData\Roaming\mozilla\Firefox\Profiles\sj7qfd8a.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2012.04.24 19:32:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ISA\AppData\Roaming\mozilla\Sunbird\Profiles\qywng9rb.default\extensions
[2012.03.13 10:54:12 | 000,002,412 | ---- | M] () -- C:\Users\ISA\AppData\Roaming\Mozilla\Firefox\Profiles\sj7qfd8a.default\searchplugins\Linkury Smartbar Search.xml
[2011.07.09 11:07:57 | 000,004,140 | ---- | M] () -- C:\Users\ISA\AppData\Roaming\Mozilla\Firefox\Profiles\sj7qfd8a.default\searchplugins\youtube.xml
[2012.01.08 12:19:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.06.28 10:09:11 | 000,000,000 | ---D | M] (McAfee ScriptScan for Firefox) -- C:\PROGRAM FILES (X86)\COMMON FILES\MCAFEE\SYSTEMCORE
[2012.07.30 09:34:00 | 000,526,190 | ---- | M] () (No name found) -- C:\USERS\ISA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SJ7QFD8A.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
[2012.07.12 07:14:18 | 000,061,228 | ---- | M] () (No name found) -- C:\USERS\ISA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SJ7QFD8A.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI
[2012.02.13 22:33:18 | 000,052,880 | ---- | M] () (No name found) -- C:\USERS\ISA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SJ7QFD8A.DEFAULT\EXTENSIONS\{A0FAA0A4-F1A7-4098-9A74-21EFC3A92372}.XPI
[2012.07.28 15:14:08 | 000,184,864 | ---- | M] () (No name found) -- C:\USERS\ISA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SJ7QFD8A.DEFAULT\EXTENSIONS\STEALTHYEXTENSION@GMAIL.COM.XPI
[2012.07.28 19:15:52 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.20 11:47:18 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.20 11:47:18 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.20 11:47:18 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.20 11:47:18 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.20 11:47:18 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.20 11:47:18 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.07.24 21:05:31 | 000,001,835 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\mcafee\systemcore\ScriptSn.20120627232251.dll (McAfee, Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120627232251.dll (McAfee, Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [FreeFallProtection] .EXE File not found
O4:64bit: - HKLM..\Run: [HotKeysCmds] DOWS\SYSTEM32\HKCMD.EXE File not found
O4:64bit: - HKLM..\Run: [IgfxTray] DOWS\SYSTEM32\IGFXTRAY.EXE File not found
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] CE.VBS" File not found
O4:64bit: - HKLM..\Run: [IntelWireless] TEL WIRELESS TRAY File not found
O4:64bit: - HKLM..\Run: [NVHotkey] VHOTKEY.DLL,START File not found
O4:64bit: - HKLM..\Run: [Persistence] DOWS\SYSTEM32\IGFXPERS.EXE File not found
O4:64bit: - HKLM..\Run: [QuickSet] c:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] GUI64.EXE -S File not found
O4:64bit: - HKLM..\Run: [Stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe ()
O4:64bit: - HKLM..\Run: [SynTPEnh] H.EXE File not found
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKCU..\Run: [vikyrefwaqis] C:\Users\ISA\vikyrefwaqis.exe (IO-DATA)
O4 - Startup: C:\Users\ISA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\ISA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\ISA\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\ISA\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.4.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3F87BB31-88CC-452B-885B-2FC109F107BA}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6DAE6F3E-C63E-4E9B-B4F8-2DBCB00C0715}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.08.06 20:11:16 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\ISA\Desktop\OTL.exe
[2012.08.06 20:10:05 | 000,000,000 | ---D | C] -- C:\Users\ISA\Desktop\Virus
[2012.08.06 19:47:25 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Roaming\QuickScan
[2012.08.06 19:21:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012.08.06 09:48:49 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{3A6AC9D6-AF9F-4C69-AB79-64C8C80F8CDD}
[2012.08.06 09:48:27 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{82AE4253-216F-46DF-8B31-6A37A077F042}
[2012.08.05 20:56:49 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{B85546C8-D5A8-4E57-BD5E-4F28D18F95E7}
[2012.08.05 20:56:27 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{D24F9E3B-195A-41DF-8F16-9CC934B644D2}
[2012.08.05 20:52:45 | 000,089,032 | ---- | C] (IO-DATA) -- C:\Users\ISA\vikyrefwaqis.exe
[2012.08.03 07:47:14 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{0C0DC465-5F1C-40BF-8FDE-2037B5589ABD}
[2012.08.03 07:46:52 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{88D07692-CF7C-4B21-A50F-3CF1737D6A38}
[2012.08.02 08:15:12 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{19F4ACA8-C4B3-42DF-9865-9E78DCD2CA12}
[2012.08.02 08:14:50 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{2E965939-70CF-4498-AC26-574C7DFA5C2F}
[2012.08.01 19:58:56 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{31083329-2B1B-40CB-8931-CCB040942214}
[2012.08.01 19:58:35 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{F6D98472-6AA5-40E2-9A66-16FA2735A1FF}
[2012.07.31 10:11:59 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{6AA7555A-B63A-414D-853D-9FEF2FC9CF40}
[2012.07.31 10:11:37 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{04BF41F8-F6AC-43FF-B00B-1E04EF5876EB}
[2012.07.30 21:37:06 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{0152D5CA-4BFA-43D6-9A10-ED0C42C0A1CF}
[2012.07.30 09:03:45 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{7E893A60-F8D8-4DFE-88C4-D806848EA336}
[2012.07.30 09:03:23 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{04B98A8D-DFEB-4BCD-B2DA-8A73EAAB56A0}
[2012.07.29 13:09:18 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{11B47EA1-6848-4C1C-B36E-B7C56849B620}
[2012.07.29 13:08:57 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{D381C159-BAD2-4BEF-9125-52C35A9255E4}
[2012.07.28 17:09:44 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{C94FB8A1-A65A-4CC4-AF29-E966164AE606}
[2012.07.28 17:09:22 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{C58BF47E-6492-41BD-B0D2-E643ECF4574B}
[2012.07.26 08:09:19 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{FFC434F1-EF92-4F12-9C4B-9CF644FE8D42}
[2012.07.26 08:08:57 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{B8F8260D-EA23-421E-8E38-8A776EB1D7F4}
[2012.07.22 16:43:28 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{CE7CB3EE-1FE9-48B0-8909-1B22005F71B8}
[2012.07.20 20:10:42 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{D9DA90E4-E0C3-4ADC-B4DC-61B4DF26F156}
[2012.07.20 20:10:20 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{4027515E-4148-452F-AC81-72A77B1CF952}
[2012.07.16 21:31:54 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{C8B8A7CF-B3E1-4FD4-9E95-76BC58C41A12}
[2012.07.16 07:22:11 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{4485AE86-FFDA-46AD-96DF-4F2670F66DB3}
[2012.07.15 17:25:03 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{D6824661-8F8C-49AD-BF6A-DF25111B60D7}
[2012.07.15 17:24:41 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{A1F683C5-DCB4-474E-B6E8-BC746546D313}
[2012.07.14 12:28:39 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{A4BA2B3C-A469-4C5E-9C62-F8687EEF7778}
[2012.07.14 12:28:16 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{2B5E30B8-CB5C-4198-BD66-05252A07F92C}
[2012.07.12 20:22:57 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{AA5867C8-C7F7-4A57-ABE2-D89A0B9D533B}
[2012.07.12 20:22:34 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{ED697FEF-D4CE-4215-A3D1-266A0BF11CFE}
[2012.07.12 07:15:07 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{A8466A27-8D02-4DB1-A801-8C2D18823054}
[2012.07.12 07:14:57 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{BE15D989-7FA5-4C1B-B55A-C21686ABE60F}
[2012.07.09 20:26:03 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{66685F28-575F-4327-B306-FDFC0DF9FCDD}
[2012.07.09 20:21:50 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{E5096E6C-E6FE-493F-B264-BCE9D56E3141}
[2012.07.09 07:06:55 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{94EBEC66-0B2B-4809-AA16-46E4ED8628AD}
[2012.07.09 07:06:29 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{526AA00E-3EC6-415C-A083-60701DD14BD2}
[2012.07.08 12:27:28 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{7546DC9C-C1C6-4A54-A9FF-A8A1E0510954}
[2012.07.08 12:27:18 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{FC567004-9645-4AF2-9E08-E38AE583600C}
 
========== Files - Modified Within 30 Days ==========
 
[2012.08.06 20:15:02 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.06 20:11:30 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\ISA\Desktop\OTL.exe
[2012.08.06 20:07:14 | 000,000,000 | ---- | M] () -- C:\Users\ISA\defogger_reenable
[2012.08.06 19:26:39 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.06 19:26:39 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.06 19:26:08 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012.08.06 19:17:53 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.06 19:17:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.06 17:46:15 | 3153,727,488 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.05 20:52:23 | 000,089,032 | ---- | M] (IO-DATA) -- C:\Users\ISA\vikyrefwaqis.exe
[2012.08.01 21:26:40 | 000,873,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.01 21:26:40 | 000,697,082 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.01 21:26:40 | 000,148,346 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.01 21:26:40 | 000,027,506 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.01 21:26:40 | 000,014,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.07.28 15:12:04 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012.07.12 20:19:31 | 004,906,952 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2012.08.06 20:07:14 | 000,000,000 | ---- | C] () -- C:\Users\ISA\defogger_reenable
[2012.02.13 22:53:00 | 000,005,120 | ---- | C] () -- C:\Users\ISA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.14 23:15:26 | 000,000,432 | ---- | C] () -- C:\Users\ISA\AppData\Local\HamsterVideoConverterSettings.cfg
[2012.01.11 10:30:54 | 000,002,048 | -HS- | C] () -- C:\Users\ISA\AppData\Local\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\@
[2012.01.07 16:46:07 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2011.12.07 09:45:18 | 000,000,000 | ---- | C] () -- C:\Users\ISA\AppData\Local\{E116000C-D61F-46F9-9BA6-706FB96C5238}
[2011.12.06 09:41:35 | 000,000,000 | ---- | C] () -- C:\Users\ISA\AppData\Local\{78BE8200-1169-4EC1-BDEA-5EAC5949D064}
[2011.12.02 12:14:37 | 000,000,000 | ---- | C] () -- C:\Users\ISA\AppData\Local\{944CD8C5-CF01-4934-A193-787DF9A85C4B}
[2011.08.12 17:20:35 | 000,000,437 | ---- | C] () -- C:\Users\ISA\.jhh
[2011.07.05 19:57:07 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011.07.05 19:56:25 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.07.05 19:56:22 | 000,216,876 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.07.05 19:56:21 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.02.11 12:22:50 | 000,851,782 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 
========== LOP Check ==========
 
[2012.03.06 20:53:28 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\Canneverbe Limited
[2012.07.07 17:59:47 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\Canon
[2011.10.04 18:18:10 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.07.06 20:34:31 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\DVDVideoSoft
[2012.07.06 20:32:54 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.11.07 18:46:42 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\elsterformular
[2011.07.08 19:44:23 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\Fingertapps
[2012.03.20 20:38:38 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\Foxit Software
[2011.12.12 22:48:55 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\FreePDF
[2012.03.06 20:53:13 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\OpenCandy
[2011.07.08 21:34:36 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\OpenOffice.org
[2011.10.04 07:27:53 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\PACE Anti-Piracy
[2011.07.16 17:43:27 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\PCDr
[2012.08.06 19:47:29 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\QuickScan
[2011.08.31 17:14:50 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011.07.14 21:50:52 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\Windows Live Writer
[2012.07.28 15:12:04 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2012.06.19 17:52:43 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.08.06 19:26:08 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job
 
========== Purity Check ==========
 
 

< End of report >
         

OTL Extras

Code:
ATTFilter
OTL Extras logfile created on: 06.08.2012 20:13:28 - Run 1
OTL by OldTimer - Version 3.2.56.0     Folder = C:\Users\ISA\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,92 Gb Total Physical Memory | 2,20 Gb Available Physical Memory | 56,12% Memory free
7,83 Gb Paging File | 5,66 Gb Available in Paging File | 72,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446,13 Gb Total Space | 187,72 Gb Free Space | 42,08% Space Free | Partition Type: NTFS
Unable to calculate disk information.
 
Computer Name: ISA-PC | User Name: ISA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [CEWE FOTOSCHAU] -- "C:\Program Files (x86)\dm\dm-Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [dm-Fotowelt] -- "C:\Program Files (x86)\dm\dm-Fotowelt\dm-Fotowelt.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [SCHLECKER Foto Digital Service] -- "C:\Program Files (x86)\SCHLECKER\SCHLECKER Foto Digital Service\SCHLECKER Foto Digital Service.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE FOTOSCHAU] -- "C:\Program Files (x86)\dm\dm-Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [dm-Fotowelt] -- "C:\Program Files (x86)\dm\dm-Fotowelt\dm-Fotowelt.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [SCHLECKER Foto Digital Service] -- "C:\Program Files (x86)\SCHLECKER\SCHLECKER Foto Digital Service\SCHLECKER Foto Digital Service.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03EFABC5-C7FB-4298-BEF2-1480FEA7249B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{08B8DF42-A076-4509-9377-C7E90B7E9165}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{1A66A951-B0C7-41B5-AD15-CCAE7CFF7E23}" = rport=137 | protocol=17 | dir=out | app=system | 
"{21DB8717-5C9F-4D32-84E1-37CA6CBFC156}" = lport=139 | protocol=6 | dir=in | app=system | 
"{23173314-3763-4E20-8601-8B56049A40F8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{2BBAAE1B-8F19-4DAC-8B3D-1DE1A902C38C}" = rport=139 | protocol=6 | dir=out | app=system | 
"{2D349972-304C-4354-9D2C-F743C59FDD19}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{3CA59F9A-2068-4796-83C8-43D7CD5E1A9C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{431FF899-A67C-48C2-B393-F11CB92FDB22}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{4F57AAEE-DECE-413A-9817-885CC90DA4D1}" = lport=138 | protocol=17 | dir=in | app=system | 
"{4FEE3D87-60F8-44C8-A3C2-D1000AB0CCDF}" = rport=138 | protocol=17 | dir=out | app=system | 
"{53D01BBB-C918-46EC-811B-0FF14F0814DC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{663CBDFE-F086-477D-B03C-556D376E64C9}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | 
"{69A0C399-D239-45FE-B121-C5F386AD8F2E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{7F2A6FF9-17E2-4502-9AEC-3853F6801A9F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{86300090-2DD0-4311-9E56-D360AA25EBDB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{8DDF4545-566D-4D68-81E6-D1F77697D0B5}" = lport=137 | protocol=17 | dir=in | app=system | 
"{9BA7CAD6-EE6D-4F74-857A-1A6C3612B2C9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{B6511FA8-0432-459B-93BC-FBD44AA941D1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{BB2D187C-3584-440D-AF63-75B50C928432}" = rport=445 | protocol=6 | dir=out | app=system | 
"{BCC16C0D-4769-4595-B2DA-C1A57CA8C9C5}" = lport=445 | protocol=6 | dir=in | app=system | 
"{BE8EF3AB-4A36-4EC3-A8EA-1129272FBE0D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{C36B8121-BD65-4254-842E-BFC8DEE32E60}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{E1D5B016-5C61-4C07-B618-7073B3D57A94}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{EA87587D-4DD1-42D5-8909-B5F5D5583391}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{EAE2DF48-6958-4F42-99F2-35FFB3876635}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{038BE921-1B24-428A-B555-2954A0E859D6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{09CF3EE5-7D3A-4C47-A1E9-6761FA375FA3}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\controller.exe | 
"{0C7E488D-9416-47C9-B019-F53D172ECF4E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{22112B24-5AFF-42EC-9DAD-386F2B2FFAD1}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremote.exe | 
"{2252256A-C43A-4AF6-8482-1071B32F532D}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\installerhelp.exe | 
"{39A25F7E-E435-4E0B-B60C-071B3556DCAB}" = dir=in | app=c:\program files (x86)\intel corporation\intel wireless display\widiapp.exe | 
"{3A116126-1FC2-4209-9DF2-42EBD2A1DF13}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{3D17B5C2-63D3-4949-8100-CC198185EE2C}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{3F48D69D-64F6-4908-B07B-E72EB4E1710C}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\dmr.exe | 
"{42E01806-6732-40F1-9703-901F9ABA254B}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{432A5ED8-EC7E-4F83-8B3A-F5858AEFCD61}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | 
"{462ED92F-0F89-4BE0-B8EB-4F7C1985C8CA}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\dmr.exe | 
"{4A3B8C06-547D-4954-A99F-3C2962AEB163}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{5904C7DC-1003-4D78-B640-55C2719F071A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{615923B7-F985-4055-816C-52117F8F6E99}" = dir=in | app=c:\program files\dell stage\musicstage\musicstageengine.exe | 
"{63C1FAE1-6E4F-4D82-A90A-375B2E27B7D1}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{71706B98-B32E-47C7-87A4-980C5B5E18C2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{74FA8151-894D-42D1-AE2F-0BBFE56BCDFB}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{78638671-E51C-41AC-872A-B5BF5C789B64}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{88556F2E-B68B-4D54-B4B0-6FB152AED289}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremote.exe | 
"{9017A938-77F5-4219-9CFA-AA8CD5FE3BC9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{9537AD54-5B24-4C65-B898-DE50DF5BD3D6}" = dir=in | app=c:\program files\dell stage\dell stage\accuweather\accuweather.exe | 
"{95571682-3758-4BDB-8B2C-1D459105F466}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{97F02225-63D7-407C-9F3A-002A492E9E8B}" = dir=in | app=c:\program files\dell stage\dell stage\stage_primary.exe | 
"{A62B6215-1F90-4A90-9584-6619D77735A9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{A6F0ADA5-1B63-41E7-9E79-C0FF3FF8C3B9}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{ABA50151-6D21-49A4-8DF3-CCED8FA1E228}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{B082F897-D07E-4EC3-B876-EF14F5CE34B9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{B35795FD-2FE9-42FA-8D2A-EB31305290B1}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe | 
"{B376955F-6F0F-40D2-A1BB-9A785E3911CB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{B7F0CB16-84A8-42BB-BC20-FA5CA12E2AD9}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\controller.exe | 
"{BDD3F1B5-3B2D-446B-B331-C7BC3F855CBF}" = protocol=6 | dir=out | app=system | 
"{BF99E519-174E-4246-9823-17FDE04A0D5E}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe | 
"{C9A0137E-FEA6-4F31-8377-D82CC84E9097}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{D00DC276-9DD5-4F82-8155-8111817DE7A0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{D365B267-C617-47EF-8C60-189C33E73A0C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{DB02A7E0-A812-416D-AA11-9CF5698686A9}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\installerhelp.exe | 
"{E81DE237-094E-427C-94C6-2FFF13113B75}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{E9B70E43-0C6C-4517-AC33-1D225CFF5188}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{F0593297-7BCA-47AC-A4AA-2EAC8BF59E81}" = dir=in | app=c:\program files (x86)\dell\videostage\videostage.exe | 
"{F3ADCEEF-1774-4651-B9A6-3469641C3A89}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{F8DF49BA-272D-4D6A-ABDE-583C3086754C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{07179D37-D5FE-4373-90D9-A25B992EFB3E}" = WD SmartWare
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}" = Intel(R) PROSet/Wireless WiFi-Software
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 268.30
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 268.30
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 268.30
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.0
"{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}" = Microsoft Image Composite Editor
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"Dell Support Center" = Dell Support Center
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"ProInst" = Intel PROSet Wireless
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D98F04D-11A1-4B64-A406-43292B9EEE90}" = Dell PhotoStage
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{3255BC3F-32BA-41ED-93A0-B9AEB6CDD9E6}" = Dell MusicStage
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56A0DD94-47D9-4AC8-B5A1-8A8CA77C4B89}" = Dell Stage
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7E350663-86D3-466A-AB79-28156A9ABF6E}_is1" = Hamster Free Video Converter
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = AccelerometerP11
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9353F6E9-13B7-43B4-8FA5-CB46CA22671B}" = Haufe Formular-Manager
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A8B88634-7F90-402F-B66A-86429755F6A5}" = eBay
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.1) MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF4D3C63-009B-4A17-B02E-D395065DD3F0}" = Dell Stage Remote
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage 
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F84906ED-BB54-4889-B131-FED9C9056FC8}" = Intel(R) Wireless Display
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Audiograbber" = Audiograbber 1.83 SE 
"Audiograbber-Lame" = Audiograbber MP3-Plugin
"CamStudio" = CamStudio
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Dell Webcam Central" = Dell Webcam Central
"dm-Fotowelt" = dm-Fotowelt
"DVDStyler_is1" = DVDStyler v2.1
"ElsterFormular für Privatanwender 12.3.2.6814p" = ElsterFormular-Update
"Foxit Reader_is1" = Foxit Reader 5.0
"Free Video to iPod Converter_is1" = Free Video to iPod Converter version 5.0.4.1228
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.25.627
"FreePDF_XP" = FreePDF (Remove only)
"GPL Ghostscript 9.04" = GPL Ghostscript
"Hugin" = Hugin 2011.0.0
"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage 
"jHaushalt" = jHaushalt
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"MSC" = McAfee SecurityCenter
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Passbild-Generator_is1" = Bewerbungsfoto-/Passbild-Generator v3.5a
"SCHLECKER Foto Digital Service" = SCHLECKER Foto Digital Service
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite" = Windows Live Essentials
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 12.07.2012 01:07:59 | Computer Name = ISA-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 12.07.2012 11:51:19 | Computer Name = ISA-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 12.07.2012 14:19:46 | Computer Name = ISA-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 12.07.2012 16:44:29 | Computer Name = ISA-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 13.07.2012 11:21:22 | Computer Name = ISA-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 14.07.2012 06:13:37 | Computer Name = ISA-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 14.07.2012 13:12:03 | Computer Name = ISA-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 14.07.2012 15:37:10 | Computer Name = ISA-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 15.07.2012 04:29:05 | Computer Name = ISA-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 15.07.2012 11:22:28 | Computer Name = ISA-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 03.08.2012 09:59:52 | Computer Name = ISA-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst SftService erreicht.
 
Error - 03.08.2012 10:00:22 | Computer Name = ISA-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst SftService erreicht.
 
Error - 05.08.2012 14:27:35 | Computer Name = ISA-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst SftService erreicht.
 
Error - 05.08.2012 14:27:36 | Computer Name = ISA-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 WD File Management Shadow Engine erreicht.
 
Error - 05.08.2012 14:27:36 | Computer Name = ISA-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "WD File Management Shadow Engine" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1053
 
Error - 05.08.2012 15:00:22 | Computer Name = ISA-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst SftService erreicht.
 
Error - 06.08.2012 03:46:32 | Computer Name = ISA-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst SftService erreicht.
 
Error - 06.08.2012 03:47:03 | Computer Name = ISA-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst SftService erreicht.
 
Error - 06.08.2012 11:47:07 | Computer Name = ISA-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst SftService erreicht.
 
Error - 06.08.2012 11:47:37 | Computer Name = ISA-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst SftService erreicht.
 
 
< End of report >
         

Alt 11.08.2012, 23:23   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ist vikyrefwaqis.exe ein Virus? - Standard

Ist vikyrefwaqis.exe ein Virus?



Bitte erstmal routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Die Funde mit Malwarebytes bitte alle entfernen, sodass sie in der Quarantäne von Malwarebytes aufgehoben werden! NICHTS voreilig aus der Quarantäne entfernen!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset





Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
__________________

__________________

Alt 13.08.2012, 01:13   #3
simone7
 
Ist vikyrefwaqis.exe ein Virus? - Standard

Ist vikyrefwaqis.exe ein Virus?



Danke für die Antwort, ich habe soweit alle Scans durchgeführt.

Bis ich dazu gekommen bin Malwarebytes und ESET herunter zu laden, hat mein Antivirenprogramm bereits einige Dateien als Trojaner erkannt und gelöscht. Leider finde ich kein Log-File um es hier zu posten.

Hier was unter Verlauf und Protokolle bei McAfee steht.

Entdeckungsname Generic.dx!bfh4 (Trojaner)
Datei: C:\Users\ISA\AppData\Local\Temp\msimg32.dll
Prozess C:\Program Files (x86) Malwarbytes


Entdeckungsname Generic.dx!bfh4 (Trojaner)
Datei: C:\Users\ISA\AppData\Local\Temp\1551866.exe
Prozess C:\Program Files (x86) Malwarbytes

Entdeckungsname PWS-Zbot.gen.ajf(Trojaner)
Datei: C:\Users\ISA\AppData\Local\Temp\1547654.exe
Prozess C:\Program Files (x86) Malwarbytes\mbam.exe

Entdeckungsname PWS-Zbot.gen.ajf(Trojaner)
Datei: C:\Users\ISA\VIKYREFWAQIS.exe
Prozess C:\Program Files (x86) Malwarbytes\mbam.exe

Entdeckungsname: ZeroAccess.cj (Trojaner)
Datei: C:\Users\ISA\AppData\Local\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\n
Prozess C:\Users\ISA\AppData\Local\Temp\1551866.exe


Der letzte Eintrag ist der älteste (05.08.)


Und hier jetzt noch die Log Dateien


Malwarbytes habe ich neu installiert, es gibt keine alten Logs

Code:
ATTFilter
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.08.12.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
ISA :: ISA-PC [Administrator]

12.08.2012 19:35:51
mbam-log-2012-08-12 (19-35-51).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 454689
Laufzeit: 2 Stunde(n), 23 Minute(n), 56 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Regedit32 (Trojan.Agent) -> Daten: C:\Windows\system32\regedit.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 3
C:\Users\ISA\AppData\Local\TempDIR\BetterInstaller.exe (PUP.BundleInstaller.Somoto) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\ISA\Downloads\SoftonicDownloader_fuer_hamster-free-video-converter.exe (PUP.BundleOffer.Downloader.S) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\System32\regedit.exe (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         

ESET

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=058b9e4fe96333408233709df1f680ae
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-08-12 10:17:09
# local_time=2012-08-13 12:17:09 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5121 16777213 100 75 5390343 10028027 0 0
# compatibility_mode=5893 16776573 100 94 9630 96432381 0 0
# compatibility_mode=8192 67108863 100 0 222 222 0 0
# scanned=255632
# found=0
# cleaned=0
# scan_time=7297
         

__________________

Alt 13.08.2012, 18:02   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ist vikyrefwaqis.exe ein Virus? - Standard

Ist vikyrefwaqis.exe ein Virus?



Code:
ATTFilter
C:\Users\ISA\Downloads\SoftonicDownloader_fuer_hamster-free-
         
Vermüllte Software von Softonic scheint gerade stark in Mode zu sein!

Finger weg von Softonic!!

Softonic ist eine Toolbar- und Adwareschleuder! Finger weg! Software lädt man sich mit oberster Priorität direkt vom Hersteller und nicht von solchen Toolbarklitschen wie Softonic! Im Notfall würde natürlich chip.de gehen

adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Search.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 13.08.2012, 18:36   #5
simone7
 
Ist vikyrefwaqis.exe ein Virus? - Standard

Ist vikyrefwaqis.exe ein Virus?



Ich habe ADWCleaner heruntergeladen und laufen lassen, hier das Ergebnis:

Code:
ATTFilter
# AdwCleaner v1.800 - Logfile created 08/13/2012 at 18:32:23
# Updated 01/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : ISA - ISA-PC
# Running from : C:\Users\ISA\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Users\ISA\AppData\Local\Linkury
Folder Found : C:\Users\ISA\AppData\Local\Smartbar
Folder Found : C:\Users\ISA\AppData\Local\TempDir
Folder Found : C:\Users\ISA\AppData\Roaming\OpenCandy
File Found : C:\Users\ISA\AppData\Roaming\Mozilla\Firefox\Profiles\sj7qfd8a.default\searchplugins\Linkury Smartbar Search.xml
File Found : C:\Users\Public\Desktop\eBay.lnk

***** [Registry] *****

Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Classes\LinkurySmartBar.BHO
Key Found : HKLM\SOFTWARE\Classes\LinkurySmartBar.DockingPanel
Key Found : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkuryMenuForm
Key Found : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBar
Key Found : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBarBandObject
[x64] Key Found : HKCU\Software\Conduit
[x64] Key Found : HKCU\Software\IM
[x64] Key Found : HKCU\Software\ImInstaller
[x64] Key Found : HKCU\Software\Softonic
[x64] Key Found : HKLM\SOFTWARE\Classes\LinkurySmartBar.BHO
[x64] Key Found : HKLM\SOFTWARE\Classes\LinkurySmartBar.DockingPanel
[x64] Key Found : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkuryMenuForm
[x64] Key Found : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBar
[x64] Key Found : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBarBandObject

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\CLSID\{63E471BB-23F1-3A92-8D43-4079E7B7FA8E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B397BC55-576C-39E6-BF64-9E2A96317447}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B973AB12-952F-31C4-A321-E8FA6FE4421E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EC5983DF-8DE2-31B5-989F-850F265E7F3C}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
[x64] Key Found : HKLM\SOFTWARE\Classes\CLSID\{63E471BB-23F1-3A92-8D43-4079E7B7FA8E}
[x64] Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[x64] Key Found : HKLM\SOFTWARE\Classes\CLSID\{B397BC55-576C-39E6-BF64-9E2A96317447}
[x64] Key Found : HKLM\SOFTWARE\Classes\CLSID\{B973AB12-952F-31C4-A321-E8FA6FE4421E}
[x64] Key Found : HKLM\SOFTWARE\Classes\CLSID\{EC5983DF-8DE2-31B5-989F-850F265E7F3C}
[x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
[x64] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.linkury.com/newtab.html
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
[HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
[HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com

-\\ Mozilla Firefox v14.0.1 (de)

Profile name : default 
File : C:\Users\ISA\AppData\Roaming\Mozilla\Firefox\Profiles\sj7qfd8a.default\prefs.js

Found : user_pref("keyword.URL", "hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-789012693097799[...]

*************************

AdwCleaner[R1].txt - [4542 octets] - [13/08/2012 18:32:23]

########## EOF - C:\AdwCleaner[R1].txt - [4670 octets] ##########
         


Alt 14.08.2012, 17:21   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ist vikyrefwaqis.exe ein Virus? - Standard

Ist vikyrefwaqis.exe ein Virus?



adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Delete.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.
__________________
--> Ist vikyrefwaqis.exe ein Virus?

Alt 14.08.2012, 19:34   #7
simone7
 
Ist vikyrefwaqis.exe ein Virus? - Standard

Ist vikyrefwaqis.exe ein Virus?



hier die Logdatei von adwCleaner nach dem Löschen.

Code:
ATTFilter
# AdwCleaner v1.800 - Logfile created 08/14/2012 at 19:28:05
# Updated 01/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : ISA - ISA-PC
# Running from : C:\Users\ISA\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\ISA\AppData\Local\Linkury
Folder Deleted : C:\Users\ISA\AppData\Local\Smartbar
Folder Deleted : C:\Users\ISA\AppData\Local\TempDir
Folder Deleted : C:\Users\ISA\AppData\Roaming\OpenCandy
File Deleted : C:\Users\ISA\AppData\Roaming\Mozilla\Firefox\Profiles\sj7qfd8a.default\searchplugins\Linkury Smartbar Search.xml
File Deleted : C:\Users\Public\Desktop\eBay.lnk

***** [Registry] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Classes\LinkurySmartBar.BHO
Key Deleted : HKLM\SOFTWARE\Classes\LinkurySmartBar.DockingPanel
Key Deleted : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkuryMenuForm
Key Deleted : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBar
Key Deleted : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBarBandObject

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{63E471BB-23F1-3A92-8D43-4079E7B7FA8E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B397BC55-576C-39E6-BF64-9E2A96317447}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B973AB12-952F-31C4-A321-E8FA6FE4421E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EC5983DF-8DE2-31B5-989F-850F265E7F3C}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
[x64] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{63E471BB-23F1-3A92-8D43-4079E7B7FA8E}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B397BC55-576C-39E6-BF64-9E2A96317447}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B973AB12-952F-31C4-A321-E8FA6FE4421E}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EC5983DF-8DE2-31B5-989F-850F265E7F3C}
[x64] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.linkury.com/newtab.html --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com --> hxxp://www.google.com

-\\ Mozilla Firefox v14.0.1 (de)

Profile name : default 
File : C:\Users\ISA\AppData\Roaming\Mozilla\Firefox\Profiles\sj7qfd8a.default\prefs.js

Deleted : user_pref("keyword.URL", "hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-789012693097799[...]

*************************

AdwCleaner[R1].txt - [4639 octets] - [13/08/2012 18:32:23]
AdwCleaner[S1].txt - [4190 octets] - [14/08/2012 19:28:05]

########## EOF - C:\AdwCleaner[S1].txt - [4318 octets] ##########
         

Alt 15.08.2012, 14:35   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ist vikyrefwaqis.exe ein Virus? - Standard

Ist vikyrefwaqis.exe ein Virus?



Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 15.08.2012, 19:06   #9
simone7
 
Ist vikyrefwaqis.exe ein Virus? - Standard

Ist vikyrefwaqis.exe ein Virus?



Hallo,

im Moment funktioniert wieder alles normal. Auch die Meldung, dass vikyrefwaqis.exe Zugriff erhalten möchte kommt nicht mehr. Ich habe den PC allerdings die letzten Tage möglichst wenig genutzt, weil ich nicht wusste was noch sicher ist.

Im Startmenü vermisse ich nichts. Und es gibt auch keine leeren Ordner.

Alt 16.08.2012, 09:27   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ist vikyrefwaqis.exe ein Virus? - Standard

Ist vikyrefwaqis.exe ein Virus?



Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet
Code:
ATTFilter
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 16.08.2012, 13:13   #11
simone7
 
Ist vikyrefwaqis.exe ein Virus? - Standard

Ist vikyrefwaqis.exe ein Virus?



Habe OTL laufen lassen wie beschrieben,
hier das Log File

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 16.08.2012 10:40:58 - Run 2
OTL by OldTimer - Version 3.2.57.0     Folder = C:\Users\ISA\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,92 Gb Total Physical Memory | 2,68 Gb Available Physical Memory | 68,39% Memory free
7,83 Gb Paging File | 5,72 Gb Available in Paging File | 73,07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446,13 Gb Total Space | 188,51 Gb Free Space | 42,25% Space Free | Partition Type: NTFS
Unable to calculate disk information.
 
Computer Name: ISA-PC | User Name: ISA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.08.16 10:37:34 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\ISA\Desktop\OTL.exe
PRC - [2011.09.06 19:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
PRC - [2011.08.18 17:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
PRC - [2011.08.18 17:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
PRC - [2011.08.01 19:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011.06.29 08:52:54 | 000,474,176 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
PRC - [2011.06.27 19:26:30 | 002,022,976 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.04.22 18:13:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.04.21 19:32:26 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.04.13 17:39:14 | 000,503,942 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2011.03.09 11:41:08 | 001,066,896 | ---- | M] () -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
PRC - [2011.02.23 23:19:22 | 000,371,200 | ---- | M] (shbox.de) -- C:\Program Files (x86)\FreePDF_XP\fpassist.exe
PRC - [2011.01.17 18:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2011.01.17 18:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010.12.21 01:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.12.21 01:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.11.17 17:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.06.14 15:14:19 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
MOD - [2012.06.14 15:14:05 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012.06.14 15:13:59 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012.06.14 15:13:56 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
MOD - [2012.05.10 12:31:05 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll
MOD - [2012.05.09 15:30:26 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll
MOD - [2012.05.09 15:29:18 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012.05.09 15:29:13 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012.05.09 15:29:10 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012.05.09 15:29:08 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.05.09 15:29:03 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2011.08.18 17:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
MOD - [2011.07.08 21:33:51 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2011.06.29 08:52:54 | 000,474,176 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
MOD - [2011.06.27 19:26:30 | 002,022,976 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
MOD - [2011.06.27 19:25:30 | 000,058,944 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\DataService.dll
MOD - [2011.06.24 23:32:36 | 000,323,136 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\de-DE\UI\ManagerUI.dll
MOD - [2011.06.24 23:20:26 | 000,565,968 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll
MOD - [2011.04.22 18:13:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
MOD - [2010.11.25 05:44:02 | 000,375,280 | ---- | M] () -- c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll
MOD - [2010.11.17 17:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2010.03.22 15:52:42 | 006,776,832 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll
MOD - [2010.03.16 20:28:28 | 000,326,144 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll
MOD - [2010.03.16 20:28:16 | 000,635,904 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll
MOD - [2010.03.16 20:28:04 | 001,926,144 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll
MOD - [2010.03.11 19:52:34 | 000,225,280 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll
MOD - [2010.03.11 19:52:34 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll
MOD - [2010.03.05 15:07:58 | 000,125,952 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll
MOD - [2010.03.05 15:07:58 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2012.03.20 13:11:30 | 000,162,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012.03.20 12:56:24 | 000,210,584 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2012.03.20 12:55:54 | 000,199,272 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011.01.28 01:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2011.01.28 01:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2011.01.28 01:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:64bit: - [2011.01.28 01:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2011.01.28 01:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2011.01.28 01:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2011.01.28 01:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2012.07.28 19:15:52 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.04.19 08:22:48 | 000,502,032 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\mcafee\virusscan\mcods.exe -- (McODS)
SRV - [2011.08.18 17:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.04.22 18:13:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.04.21 19:32:26 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.03.28 22:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011.03.09 11:41:10 | 000,491,920 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC)
SRV - [2011.03.09 11:41:08 | 001,066,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME)
SRV - [2011.03.09 11:10:40 | 000,288,768 | ---- | M] (WDC) [Auto | Running] -- C:\Programme\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2011.03.09 00:00:50 | 000,224,704 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Programme\mcafee\msc\McAWFwk.exe -- (McAWFwk)
SRV - [2010.12.21 01:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010.12.21 01:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.12.17 21:41:32 | 001,515,792 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2010.12.17 21:28:46 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV - [2010.12.17 21:26:50 | 000,836,880 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2010.11.29 22:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Running] -- C:\Programme\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV - [2010.11.25 12:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010.11.25 12:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010.09.23 01:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.08.26 03:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.11.18 04:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.22 13:29:46 | 000,647,208 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012.02.22 13:29:46 | 000,487,296 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2012.02.22 13:29:46 | 000,289,664 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012.02.22 13:29:46 | 000,229,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012.02.22 13:29:46 | 000,160,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012.02.22 13:29:46 | 000,100,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2012.02.22 13:29:46 | 000,075,936 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2012.02.22 13:29:46 | 000,065,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2011.04.22 18:13:00 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011.03.26 11:17:50 | 012,262,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.17 03:11:08 | 000,428,136 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.02.16 16:53:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2011.02.11 00:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011.02.11 00:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011.01.20 18:20:46 | 000,176,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2011.01.13 03:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.12.22 11:08:48 | 008,505,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2010.12.17 19:06:32 | 001,404,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.12.15 19:02:04 | 000,174,168 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2010.12.13 19:34:14 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler)
DRV:64bit: - [2010.12.12 16:18:36 | 000,121,960 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2010.12.01 12:02:22 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2010.11.29 22:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.10.20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.10.15 18:28:18 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010.08.20 11:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)
DRV:64bit: - [2010.07.13 04:38:06 | 000,029,288 | ---- | M] (Quanta Computer) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qicflt.sys -- (qicflt)
DRV:64bit: - [2010.03.19 10:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010.02.27 09:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2006.11.01 19:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {AC68DAC8-FCB9-4B8C-94B6-E13D29284D15}
IE:64bit: - HKLM\..\SearchScopes\{AC68DAC8-FCB9-4B8C-94B6-E13D29284D15}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{AC68DAC8-FCB9-4B8C-94B6-E13D29284D15}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2335145282-199040909-2254114756-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www1.euro.dell.com/content/default.aspx?c=de&l=de&s=gen
IE - HKU\S-1-5-21-2335145282-199040909-2254114756-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www1.euro.dell.com/content/default.aspx?c=de&l=de&s=gen
IE - HKU\S-1-5-21-2335145282-199040909-2254114756-1000\..\SearchScopes,DefaultScope = {AC68DAC8-FCB9-4B8C-94B6-E13D29284D15}
IE - HKU\S-1-5-21-2335145282-199040909-2254114756-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-2335145282-199040909-2254114756-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www1.euro.dell.com/content/default.aspx?c=de&l=de&s=gen
IE - HKU\S-1-5-21-2335145282-199040909-2254114756-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com
IE - HKU\S-1-5-21-2335145282-199040909-2254114756-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-2335145282-199040909-2254114756-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-2335145282-199040909-2254114756-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com
IE - HKU\S-1-5-21-2335145282-199040909-2254114756-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKU\S-1-5-21-2335145282-199040909-2254114756-1001\..\SearchScopes,DefaultScope = {AC68DAC8-FCB9-4B8C-94B6-E13D29284D15}
IE - HKU\S-1-5-21-2335145282-199040909-2254114756-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..network.proxy.http: "190.0.57.98"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, stealthy.co"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012.06.28 10:09:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.28 19:15:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Components: C:\Program Files (x86)\Mozilla Sunbird\components [2012.04.24 19:31:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Sunbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.28 19:15:52 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.04.24 19:32:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ISA\AppData\Roaming\mozilla\Extensions
[2012.04.24 19:32:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ISA\AppData\Roaming\mozilla\Extensions\{718e30fb-e89b-41dd-9da7-e25a45638b28}
[2012.08.15 19:36:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ISA\AppData\Roaming\mozilla\Firefox\Profiles\sj7qfd8a.default\extensions
[2012.07.06 20:32:56 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\ISA\AppData\Roaming\mozilla\Firefox\Profiles\sj7qfd8a.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.08.06 19:47:19 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\ISA\AppData\Roaming\mozilla\Firefox\Profiles\sj7qfd8a.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2012.08.15 19:36:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ISA\AppData\Roaming\mozilla\Firefox\Profiles\sj7qfd8a.default\extensions\staged
[2012.04.24 19:32:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ISA\AppData\Roaming\mozilla\Sunbird\Profiles\qywng9rb.default\extensions
[2011.07.09 11:07:57 | 000,004,140 | ---- | M] () -- C:\Users\ISA\AppData\Roaming\Mozilla\Firefox\Profiles\sj7qfd8a.default\searchplugins\youtube.xml
[2012.01.08 12:19:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.06.28 10:09:11 | 000,000,000 | ---D | M] (McAfee ScriptScan for Firefox) -- C:\PROGRAM FILES (X86)\COMMON FILES\MCAFEE\SYSTEMCORE
[2012.07.30 09:34:00 | 000,526,190 | ---- | M] () (No name found) -- C:\USERS\ISA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SJ7QFD8A.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
[2012.08.14 19:26:25 | 000,061,403 | ---- | M] () (No name found) -- C:\USERS\ISA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SJ7QFD8A.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI
[2012.02.13 22:33:18 | 000,052,880 | ---- | M] () (No name found) -- C:\USERS\ISA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SJ7QFD8A.DEFAULT\EXTENSIONS\{A0FAA0A4-F1A7-4098-9A74-21EFC3A92372}.XPI
[2012.07.28 15:14:08 | 000,184,864 | ---- | M] () (No name found) -- C:\USERS\ISA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SJ7QFD8A.DEFAULT\EXTENSIONS\STEALTHYEXTENSION@GMAIL.COM.XPI
[2012.07.28 19:15:52 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.20 11:47:18 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.20 11:47:18 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.20 11:47:18 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.20 11:47:18 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.20 11:47:18 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.20 11:47:18 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.07.24 21:05:31 | 000,001,835 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\mcafee\systemcore\ScriptSn.20120627232251.dll (McAfee, Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120627232251.dll (McAfee, Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0]  FILES\ADOBE\OOBE\PDAPP\UWA\UPDATERSTARTUPUTILITY.EXE" File not found
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [FreeFallProtection] .EXE File not found
O4:64bit: - HKLM..\Run: [HotKeysCmds] DOWS\SYSTEM32\HKCMD.EXE File not found
O4:64bit: - HKLM..\Run: [IgfxTray] DOWS\SYSTEM32\IGFXTRAY.EXE File not found
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] CE.VBS" File not found
O4:64bit: - HKLM..\Run: [IntelWireless] TEL WIRELESS TRAY File not found
O4:64bit: - HKLM..\Run: [NVHotkey] VHOTKEY.DLL,START File not found
O4:64bit: - HKLM..\Run: [Persistence] DOWS\SYSTEM32\IGFXPERS.EXE File not found
O4:64bit: - HKLM..\Run: [QuickSet] c:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] GUI64.EXE -S File not found
O4:64bit: - HKLM..\Run: [Stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe ()
O4:64bit: - HKLM..\Run: [SynTPEnh] H.EXE File not found
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2335145282-199040909-2254114756-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2335145282-199040909-2254114756-1001..\Run: [vikyrefwaqis] C:\Users\ISA\vikyrefwaqis.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2335145282-199040909-2254114756-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\ISA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\ISA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\ISA\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\ISA\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.4.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3F87BB31-88CC-452B-885B-2FC109F107BA}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6DAE6F3E-C63E-4E9B-B4F8-2DBCB00C0715}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 
 
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: mcmscsvc - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MCODS - C:\Programme\mcafee\virusscan\mcods.exe (McAfee, Inc.)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: McMPFSvc - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootNet:64bit: mcmscsvc - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: mfefire - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SafeBootNet:64bit: mfefirek - C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
SafeBootNet:64bit: mfefirek.sys - C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
SafeBootNet:64bit: mfehidk - C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
SafeBootNet:64bit: mfehidk.sys - C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
SafeBootNet:64bit: mfevtp - C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: MCODS - C:\Programme\mcafee\virusscan\mcods.exe (McAfee, Inc.)
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Reg Error: Key error.
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.08.16 10:37:29 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\ISA\Desktop\OTL.exe
[2012.08.15 18:56:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012.08.12 22:11:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.08.12 22:11:21 | 002,322,184 | ---- | C] (ESET) -- C:\Users\ISA\Desktop\esetsmartinstaller_enu.exe
[2012.08.12 19:33:59 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Roaming\Malwarebytes
[2012.08.12 19:33:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.08.12 19:33:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.08.12 19:33:13 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.08.12 19:33:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.08.06 20:10:05 | 000,000,000 | ---D | C] -- C:\Users\ISA\Desktop\Virus
[2012.08.06 19:47:25 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Roaming\QuickScan
[2012.08.06 09:48:49 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{3A6AC9D6-AF9F-4C69-AB79-64C8C80F8CDD}
[2012.08.06 09:48:27 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{82AE4253-216F-46DF-8B31-6A37A077F042}
[2012.08.05 20:56:49 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{B85546C8-D5A8-4E57-BD5E-4F28D18F95E7}
[2012.08.05 20:56:27 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{D24F9E3B-195A-41DF-8F16-9CC934B644D2}
[2012.08.03 07:47:14 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{0C0DC465-5F1C-40BF-8FDE-2037B5589ABD}
[2012.08.03 07:46:52 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{88D07692-CF7C-4B21-A50F-3CF1737D6A38}
[2012.08.02 08:15:12 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{19F4ACA8-C4B3-42DF-9865-9E78DCD2CA12}
[2012.08.02 08:14:50 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{2E965939-70CF-4498-AC26-574C7DFA5C2F}
[2012.08.01 19:58:56 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{31083329-2B1B-40CB-8931-CCB040942214}
[2012.08.01 19:58:35 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{F6D98472-6AA5-40E2-9A66-16FA2735A1FF}
[2012.07.31 10:11:59 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{6AA7555A-B63A-414D-853D-9FEF2FC9CF40}
[2012.07.31 10:11:37 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{04BF41F8-F6AC-43FF-B00B-1E04EF5876EB}
[2012.07.30 21:37:06 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{0152D5CA-4BFA-43D6-9A10-ED0C42C0A1CF}
[2012.07.30 09:03:45 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{7E893A60-F8D8-4DFE-88C4-D806848EA336}
[2012.07.30 09:03:23 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{04B98A8D-DFEB-4BCD-B2DA-8A73EAAB56A0}
[2012.07.29 13:09:18 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{11B47EA1-6848-4C1C-B36E-B7C56849B620}
[2012.07.29 13:08:57 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{D381C159-BAD2-4BEF-9125-52C35A9255E4}
[2012.07.28 17:09:44 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{C94FB8A1-A65A-4CC4-AF29-E966164AE606}
[2012.07.28 17:09:22 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{C58BF47E-6492-41BD-B0D2-E643ECF4574B}
[2012.07.26 08:09:19 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{FFC434F1-EF92-4F12-9C4B-9CF644FE8D42}
[2012.07.26 08:08:57 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{B8F8260D-EA23-421E-8E38-8A776EB1D7F4}
[2012.07.22 16:43:28 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{CE7CB3EE-1FE9-48B0-8909-1B22005F71B8}
[2012.07.20 20:10:42 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{D9DA90E4-E0C3-4ADC-B4DC-61B4DF26F156}
[2012.07.20 20:10:20 | 000,000,000 | ---D | C] -- C:\Users\ISA\AppData\Local\{4027515E-4148-452F-AC81-72A77B1CF952}
 
========== Files - Modified Within 30 Days ==========
 
[2012.08.16 10:50:18 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012.08.16 10:37:34 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\ISA\Desktop\OTL.exe
[2012.08.16 10:31:08 | 000,873,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.16 10:31:08 | 000,697,082 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.16 10:31:08 | 000,148,346 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.16 10:31:08 | 000,027,506 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.16 10:31:08 | 000,014,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.16 10:29:11 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.16 10:29:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.15 19:15:00 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.15 19:00:26 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.15 19:00:26 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.15 18:52:11 | 3153,727,488 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.13 18:21:52 | 000,614,903 | ---- | M] () -- C:\Users\ISA\Desktop\adwcleaner.exe
[2012.08.13 00:34:05 | 000,097,283 | ---- | M] () -- C:\Users\ISA\Desktop\misp .pdf
[2012.08.12 22:11:24 | 002,322,184 | ---- | M] (ESET) -- C:\Users\ISA\Desktop\esetsmartinstaller_enu.exe
[2012.08.12 19:33:31 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.08.06 20:39:02 | 000,302,592 | ---- | M] () -- C:\Users\ISA\Desktop\x77l32zt.exe
[2012.08.06 20:07:14 | 000,000,000 | ---- | M] () -- C:\Users\ISA\defogger_reenable
[2012.07.28 15:12:04 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
 
========== Files Created - No Company Name ==========
 
[2012.08.13 18:21:57 | 000,614,903 | ---- | C] () -- C:\Users\ISA\Desktop\adwcleaner.exe
[2012.08.13 00:34:05 | 000,097,283 | ---- | C] () -- C:\Users\ISA\Desktop\misp .pdf
[2012.08.12 19:33:31 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.08.06 20:39:02 | 000,302,592 | ---- | C] () -- C:\Users\ISA\Desktop\x77l32zt.exe
[2012.08.06 20:07:14 | 000,000,000 | ---- | C] () -- C:\Users\ISA\defogger_reenable
[2012.02.22 21:08:44 | 000,001,456 | ---- | C] () -- C:\Users\ISA\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2012.02.13 22:53:00 | 000,005,120 | ---- | C] () -- C:\Users\ISA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.14 23:15:26 | 000,000,432 | ---- | C] () -- C:\Users\ISA\AppData\Local\HamsterVideoConverterSettings.cfg
[2012.01.11 10:30:54 | 000,002,048 | -HS- | C] () -- C:\Users\ISA\AppData\Local\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\@
[2012.01.07 16:46:07 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2011.12.07 09:45:18 | 000,000,000 | ---- | C] () -- C:\Users\ISA\AppData\Local\{E116000C-D61F-46F9-9BA6-706FB96C5238}
[2011.12.06 09:41:35 | 000,000,000 | ---- | C] () -- C:\Users\ISA\AppData\Local\{78BE8200-1169-4EC1-BDEA-5EAC5949D064}
[2011.12.02 12:14:37 | 000,000,000 | ---- | C] () -- C:\Users\ISA\AppData\Local\{944CD8C5-CF01-4934-A193-787DF9A85C4B}
[2011.11.07 18:37:46 | 000,010,391 | ---- | C] () -- C:\Users\ISA\Isabel_elster_2048.pfx
[2011.08.12 17:20:35 | 000,000,437 | ---- | C] () -- C:\Users\ISA\.jhh
[2011.07.05 19:57:07 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011.07.05 19:56:25 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.07.05 19:56:22 | 000,216,876 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.07.05 19:56:21 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.02.11 12:22:50 | 000,851,782 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 
========== LOP Check ==========
 
[2012.03.06 20:53:28 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\Canneverbe Limited
[2012.07.07 17:59:47 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\Canon
[2011.10.04 18:18:10 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.07.06 20:34:31 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\DVDVideoSoft
[2012.07.06 20:32:54 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.11.07 18:46:42 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\elsterformular
[2011.07.08 19:44:23 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\Fingertapps
[2012.03.20 20:38:38 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\Foxit Software
[2011.12.12 22:48:55 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\FreePDF
[2011.07.08 21:34:36 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\OpenOffice.org
[2011.10.04 07:27:53 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\PACE Anti-Piracy
[2011.07.16 17:43:27 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\PCDr
[2012.08.13 21:16:12 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\QuickScan
[2011.08.31 17:14:50 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011.07.14 21:50:52 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\Windows Live Writer
[2012.07.28 15:12:04 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2012.06.19 17:52:43 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.08.16 10:50:18 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.03.13 21:50:29 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\Adobe
[2011.12.03 15:03:44 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\Apple Computer
[2012.03.06 20:53:28 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\Canneverbe Limited
[2012.07.07 17:59:47 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\Canon
[2011.10.04 18:18:10 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.07.08 19:44:18 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\Creative
[2011.07.08 19:44:17 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\Dell
[2011.07.08 19:44:17 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\Dell Touch Zone
[2012.07.06 20:34:31 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\DVDVideoSoft
[2012.07.06 20:32:54 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.11.07 18:46:42 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\elsterformular
[2011.07.08 19:44:23 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\Fingertapps
[2012.03.20 20:38:38 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\Foxit Software
[2011.12.12 22:48:55 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\FreePDF
[2011.07.08 19:44:01 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\Identities
[2011.07.08 19:00:35 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\Intel
[2011.07.08 19:50:36 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\Macromedia
[2011.10.16 18:14:26 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\Macrovision
[2012.08.12 19:33:59 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\Malwarebytes
[2010.11.21 09:00:23 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\Media Center Programs
[2012.06.20 11:53:58 | 000,000,000 | --SD | M] -- C:\Users\ISA\AppData\Roaming\Microsoft
[2012.04.24 19:32:07 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\Mozilla
[2011.10.04 07:27:51 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\NVIDIA
[2011.07.08 21:34:36 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\OpenOffice.org
[2011.10.04 07:27:53 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\PACE Anti-Piracy
[2011.07.16 17:43:27 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\PCDr
[2012.08.13 21:16:12 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\QuickScan
[2012.02.21 19:23:07 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\Roxio
[2011.10.16 18:43:13 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\Roxio Burn
[2012.02.21 19:20:48 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\Sonic
[2011.08.31 17:14:50 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011.10.16 20:09:49 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\vlc
[2011.07.14 21:50:52 | 000,000,000 | ---D | M] -- C:\Users\ISA\AppData\Roaming\Windows Live Writer
 
< %APPDATA%\*.exe /s >
[2012.05.22 17:53:06 | 009,823,312 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Users\ISA\AppData\Roaming\elsterformular\pluginmanager\tmp\install_est11.exe
[2012.05.22 17:25:42 | 012,522,584 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Users\ISA\AppData\Roaming\elsterformular\pluginmanager\tmp\update_pica_0_7094_8623.exe
[2011.11.07 18:43:55 | 006,489,448 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Users\ISA\AppData\Roaming\elsterformular\update\ElsterFormular_update-12_3_2_6814p.exe
[2011.07.24 21:18:55 | 000,038,784 | ---- | M] () -- C:\Users\ISA\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.09.13 18:33:56 | 000,043,385 | R--- | M] () -- C:\Users\ISA\AppData\Roaming\Microsoft\Installer\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}\_0CE5D65C672A59FCFADCFA.exe
[2011.09.13 18:33:56 | 000,043,385 | R--- | M] () -- C:\Users\ISA\AppData\Roaming\Microsoft\Installer\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}\_112D608FD02CD87FDC7735.exe
[2011.09.13 18:33:56 | 000,032,579 | R--- | M] () -- C:\Users\ISA\AppData\Roaming\Microsoft\Installer\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}\_853F67D554F05449430E7E.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: IASTOR.SYS  >
[2011.01.13 03:51:44 | 000,439,320 | ---- | M] (Intel Corporation) MD5=D469B77687E12FE43E344806740B624D -- C:\Drivers\Chipset_IRST\f6flpy-x64\iaStor.sys
[2011.01.13 03:51:44 | 000,439,320 | ---- | M] (Intel Corporation) MD5=D469B77687E12FE43E344806740B624D -- C:\Windows\SysNative\drivers\iaStor.sys
[2011.01.13 03:51:44 | 000,439,320 | ---- | M] (Intel Corporation) MD5=D469B77687E12FE43E344806740B624D -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_a36325196df56f7d\iaStor.sys
[2011.01.13 03:51:44 | 000,439,320 | ---- | M] (Intel Corporation) MD5=D469B77687E12FE43E344806740B624D -- C:\Windows\SysNative\DriverStore\FileRepository\iastor.inf_amd64_neutral_e3082ac13af8d3bf\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >

< End of report >
         

Alt 16.08.2012, 14:44   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ist vikyrefwaqis.exe ein Virus? - Standard

Ist vikyrefwaqis.exe ein Virus?



Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)


Code:
ATTFilter
:OTL
FF - user.js - File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [SynTPEnh] H.EXE File not found
O4 - HKLM..\Run: []  File not found
O4 - HKU\S-1-5-21-2335145282-199040909-2254114756-1001..\Run: [vikyrefwaqis] C:\Users\ISA\vikyrefwaqis.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2335145282-199040909-2254114756-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
         
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 18.08.2012, 12:24   #13
simone7
 
Ist vikyrefwaqis.exe ein Virus? - Standard

Ist vikyrefwaqis.exe ein Virus?



Hallo,

Danke für deine Hilfe und dass du dir bei dem schönen Wetter so viel Zeit nimmst...

Hier die Log-Datei

Code:
ATTFilter
All processes killed
========== OTL ==========
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SynTPEnh deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2335145282-199040909-2254114756-1001\Software\Microsoft\Windows\CurrentVersion\Run\\vikyrefwaqis deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2335145282-199040909-2254114756-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41620 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: ISA
->Temp folder emptied: 1349523260 bytes
->Temporary Internet Files folder emptied: 287903199 bytes
->Java cache emptied: 5698789 bytes
->FireFox cache emptied: 543794440 bytes
->Flash cache emptied: 655473 bytes
 
User: Public
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3852680397 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 751 bytes
RecycleBin emptied: 25588422974 bytes
 
Total Files Cleaned = 30.164,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
->Flash cache emptied: 0 bytes
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: ISA
->Flash cache emptied: 0 bytes
 
User: Public
 
User: UpdatusUser
 
Total Flash Files Cleaned = 0,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.57.0 log created on 08182012_121040

Files\Folders moved on Reboot...
C:\Users\ISA\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Windows\temp\etilqs_DFSoEaK4mw0f5NCyVM46 not found!
File\Folder C:\Windows\temp\etilqs_PmM07MaccYDKrTofy1zm not found!
File\Folder C:\Windows\temp\etilqs_Qw3d0G44fvhjOQuFgDKf not found!
File\Folder C:\Windows\temp\etilqs_zDesNxD5UeTKiCjqrmGd not found!

PendingFileRenameOperations files...
File C:\Users\ISA\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
File C:\Windows\temp\etilqs_DFSoEaK4mw0f5NCyVM46 not found!
File C:\Windows\temp\etilqs_PmM07MaccYDKrTofy1zm not found!
File C:\Windows\temp\etilqs_Qw3d0G44fvhjOQuFgDKf not found!
File C:\Windows\temp\etilqs_zDesNxD5UeTKiCjqrmGd not found!

Registry entries deleted on Reboot...
         

Alt 18.08.2012, 14:52   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ist vikyrefwaqis.exe ein Virus? - Standard

Ist vikyrefwaqis.exe ein Virus?



Zitat:
Danke für deine Hilfe und dass du dir bei dem schönen Wetter so viel Zeit nimmst...
Lange bin ich heute nicht mehr im TB =>

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 18.08.2012, 17:09   #15
simone7
 
Ist vikyrefwaqis.exe ein Virus? - Standard

Ist vikyrefwaqis.exe ein Virus?



Ja dann Prost...

Code:
ATTFilter
17:04:41.0050 7932  TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
17:04:41.0237 7932  ============================================================
17:04:41.0237 7932  Current date / time: 2012/08/18 17:04:41.0237
17:04:41.0237 7932  SystemInfo:
17:04:41.0237 7932  
17:04:41.0237 7932  OS Version: 6.1.7601 ServicePack: 1.0
17:04:41.0237 7932  Product type: Workstation
17:04:41.0237 7932  ComputerName: ISA-PC
17:04:41.0237 7932  UserName: ISA
17:04:41.0237 7932  Windows directory: C:\Windows
17:04:41.0237 7932  System windows directory: C:\Windows
17:04:41.0237 7932  Running under WOW64
17:04:41.0237 7932  Processor architecture: Intel x64
17:04:41.0237 7932  Number of processors: 4
17:04:41.0237 7932  Page size: 0x1000
17:04:41.0237 7932  Boot type: Normal boot
17:04:41.0237 7932  ============================================================
17:04:41.0605 7932  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:04:41.0605 7932  ============================================================
17:04:41.0605 7932  \Device\Harddisk0\DR0:
17:04:41.0605 7932  MBR partitions:
17:04:41.0605 7932  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x34000, BlocksNum 0x2710000
17:04:41.0605 7932  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2744000, BlocksNum 0x37C41830
17:04:41.0605 7932  ============================================================
17:04:41.0637 7932  C: <-> \Device\Harddisk0\DR0\Partition2
17:04:41.0637 7932  ============================================================
17:04:41.0637 7932  Initialize success
17:04:41.0637 7932  ============================================================
17:04:56.0307 6744  ============================================================
17:04:56.0307 6744  Scan started
17:04:56.0307 6744  Mode: Manual; SigCheck; TDLFS; 
17:04:56.0307 6744  ============================================================
17:04:56.0946 6744  ================ Scan services =============================
17:04:57.0336 6744  [ a87d604aea360176311474c87a63bb88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
17:04:57.0656 6744  1394ohci - ok
17:04:57.0682 6744  [ e0065cbf1a25c015c218457d2cd522b9 ] Acceler         C:\Windows\system32\DRIVERS\Accelern.sys
17:04:57.0720 6744  Acceler - ok
17:04:57.0748 6744  [ d81d9e70b8a6dd14d42d7b4efa65d5f2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:04:57.0764 6744  ACPI - ok
17:04:57.0774 6744  [ 99f8e788246d495ce3794d7e7821d2ca ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:04:57.0914 6744  AcpiPmi - ok
17:04:58.0008 6744  [ 11a52cf7b265631deeb24c6149309eff ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:04:58.0023 6744  AdobeARMservice - ok
17:04:58.0055 6744  [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
17:04:58.0101 6744  adp94xx - ok
17:04:58.0148 6744  [ 597f78224ee9224ea1a13d6350ced962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
17:04:58.0195 6744  adpahci - ok
17:04:58.0195 6744  [ e109549c90f62fb570b9540c4b148e54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
17:04:58.0211 6744  adpu320 - ok
17:04:58.0226 6744  [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:04:58.0429 6744  AeLookupSvc - ok
17:04:58.0476 6744  [ d1e343bc00136ce03c4d403194d06a80 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
17:04:58.0507 6744  AERTFilters - ok
17:04:58.0566 6744  [ 1c7857b62de5994a75b054a9fd4c3825 ] AFD             C:\Windows\system32\drivers\afd.sys
17:04:58.0661 6744  AFD - ok
17:04:58.0675 6744  [ 608c14dba7299d8cb6ed035a68a15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
17:04:58.0685 6744  agp440 - ok
17:04:58.0702 6744  [ 3290d6946b5e30e70414990574883ddb ] ALG             C:\Windows\System32\alg.exe
17:04:58.0757 6744  ALG - ok
17:04:58.0771 6744  [ 5812713a477a3ad7363c7438ca2ee038 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:04:58.0780 6744  aliide - ok
17:04:58.0783 6744  [ 1ff8b4431c353ce385c875f194924c0c ] amdide          C:\Windows\system32\drivers\amdide.sys
17:04:58.0793 6744  amdide - ok
17:04:58.0810 6744  [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
17:04:58.0826 6744  AmdK8 - ok
17:04:58.0841 6744  [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
17:04:58.0857 6744  AmdPPM - ok
17:04:58.0873 6744  [ d4121ae6d0c0e7e13aa221aa57ef2d49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:04:58.0888 6744  amdsata - ok
17:04:58.0904 6744  [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
17:04:58.0919 6744  amdsbs - ok
17:04:58.0935 6744  [ 540daf1cea6094886d72126fd7c33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:04:58.0951 6744  amdxata - ok
17:04:58.0966 6744  [ 89a69c3f2f319b43379399547526d952 ] AppID           C:\Windows\system32\drivers\appid.sys
17:04:59.0153 6744  AppID - ok
17:04:59.0169 6744  [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:04:59.0216 6744  AppIDSvc - ok
17:04:59.0231 6744  [ 3977d4a871ca0d4f2ed1e7db46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
17:04:59.0309 6744  Appinfo - ok
17:04:59.0309 6744  [ c484f8ceb1717c540242531db7845c4e ] arc             C:\Windows\system32\drivers\arc.sys
17:04:59.0325 6744  arc - ok
17:04:59.0325 6744  [ 019af6924aefe7839f61c830227fe79c ] arcsas          C:\Windows\system32\drivers\arcsas.sys
17:04:59.0341 6744  arcsas - ok
17:04:59.0419 6744  [ 9217d874131ae6ff8f642f124f00a555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:04:59.0465 6744  aspnet_state - ok
17:04:59.0481 6744  [ 769765ce2cc62867468cea93969b2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:04:59.0548 6744  AsyncMac - ok
17:04:59.0598 6744  [ 02062c0b390b7729edc9e69c680a6f3c ] atapi           C:\Windows\system32\drivers\atapi.sys
17:04:59.0623 6744  atapi - ok
17:04:59.0651 6744  [ f23fef6d569fce88671949894a8becf1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:04:59.0716 6744  AudioEndpointBuilder - ok
17:04:59.0750 6744  [ f23fef6d569fce88671949894a8becf1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
17:04:59.0794 6744  AudioSrv - ok
17:04:59.0829 6744  [ a6bf31a71b409dfa8cac83159e1e2aff ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:04:59.0938 6744  AxInstSV - ok
17:04:59.0985 6744  [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
17:05:00.0079 6744  b06bdrv - ok
17:05:00.0110 6744  [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
17:05:00.0172 6744  b57nd60a - ok
17:05:00.0219 6744  [ fde360167101b4e45a96f939f388aeb0 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:05:00.0297 6744  BDESVC - ok
17:05:00.0313 6744  [ 16a47ce2decc9b099349a5f840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:05:00.0359 6744  Beep - ok
17:05:00.0391 6744  [ 82974d6a2fd19445cc5171fc378668a4 ] BFE             C:\Windows\System32\bfe.dll
17:05:00.0500 6744  BFE - ok
17:05:00.0549 6744  [ 1ea7969e3271cbc59e1730697dc74682 ] BITS            C:\Windows\System32\qmgr.dll
17:05:00.0654 6744  BITS - ok
17:05:00.0679 6744  [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:05:00.0733 6744  blbdrive - ok
17:05:00.0782 6744  [ 6c02a83164f5cc0a262f4199f0871cf5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:05:00.0848 6744  bowser - ok
17:05:00.0863 6744  [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
17:05:00.0910 6744  BrFiltLo - ok
17:05:00.0910 6744  [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
17:05:00.0926 6744  BrFiltUp - ok
17:05:00.0957 6744  [ 05f5a0d14a2ee1d8255c2aa0e9e8e694 ] Browser         C:\Windows\System32\browser.dll
17:05:01.0004 6744  Browser - ok
17:05:01.0019 6744  [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:05:01.0129 6744  Brserid - ok
17:05:01.0129 6744  [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:05:01.0175 6744  BrSerWdm - ok
17:05:01.0191 6744  [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:05:01.0207 6744  BrUsbMdm - ok
17:05:01.0207 6744  [ a87528880231c54e75ea7a44943b38bf ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:05:01.0222 6744  BrUsbSer - ok
17:05:01.0253 6744  [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
17:05:01.0285 6744  BTHMODEM - ok
17:05:01.0316 6744  [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv         C:\Windows\system32\bthserv.dll
17:05:01.0347 6744  bthserv - ok
17:05:01.0347 6744  [ b8bd2bb284668c84865658c77574381a ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:05:01.0425 6744  cdfs - ok
17:05:01.0456 6744  [ f036ce71586e93d94dab220d7bdf4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:05:01.0472 6744  cdrom - ok
17:05:01.0503 6744  [ f17d1d393bbc69c5322fbfafaca28c7f ] CertPropSvc     C:\Windows\System32\certprop.dll
17:05:01.0550 6744  CertPropSvc - ok
17:05:01.0582 6744  [ 274ce03459896006f7a5069266e0469e ] cfwids          C:\Windows\system32\drivers\cfwids.sys
17:05:01.0592 6744  cfwids - ok
17:05:01.0605 6744  [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass        C:\Windows\system32\drivers\circlass.sys
17:05:01.0619 6744  circlass - ok
17:05:01.0645 6744  [ fe1ec06f2253f691fe36217c592a0206 ] CLFS            C:\Windows\system32\CLFS.sys
17:05:01.0664 6744  CLFS - ok
17:05:01.0712 6744  [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:05:01.0735 6744  clr_optimization_v2.0.50727_32 - ok
17:05:01.0777 6744  [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:05:01.0807 6744  clr_optimization_v2.0.50727_64 - ok
17:05:01.0866 6744  [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:05:01.0944 6744  clr_optimization_v4.0.30319_32 - ok
17:05:01.0960 6744  [ c6f9af94dcd58122a4d7e89db6bed29d ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:05:01.0975 6744  clr_optimization_v4.0.30319_64 - ok
17:05:02.0007 6744  [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
17:05:02.0053 6744  CmBatt - ok
17:05:02.0085 6744  [ e19d3f095812725d88f9001985b94edd ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:05:02.0116 6744  cmdide - ok
17:05:02.0147 6744  [ 9ac4f97c2d3e93367e2148ea940cd2cd ] CNG             C:\Windows\system32\Drivers\cng.sys
17:05:02.0209 6744  CNG - ok
17:05:02.0225 6744  [ 102de219c3f61415f964c88e9085ad14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
17:05:02.0241 6744  Compbatt - ok
17:05:02.0256 6744  [ 03edb043586cceba243d689bdda370a8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
17:05:02.0303 6744  CompositeBus - ok
17:05:02.0334 6744  COMSysApp - ok
17:05:02.0350 6744  [ 1c827878a998c18847245fe1f34ee597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
17:05:02.0350 6744  crcdisk - ok
17:05:02.0397 6744  [ 4f5414602e2544a4554d95517948b705 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:05:02.0506 6744  CryptSvc - ok
17:05:02.0537 6744  [ bc3d4f90978cd7c8eabd1baf3bf7873a ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
17:05:02.0620 6744  CtClsFlt - ok
17:05:02.0643 6744  [ 5c627d1b1138676c0a7ab2c2c190d123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:05:02.0698 6744  DcomLaunch - ok
17:05:02.0738 6744  [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc       C:\Windows\System32\defragsvc.dll
17:05:02.0802 6744  defragsvc - ok
17:05:02.0818 6744  [ 9bb2ef44eaa163b29c4a4587887a0fe4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:05:02.0886 6744  DfsC - ok
17:05:02.0902 6744  [ 43d808f5d9e1a18e5eeb5ebc83969e4e ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:05:02.0995 6744  Dhcp - ok
17:05:03.0026 6744  [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache        C:\Windows\system32\drivers\discache.sys
17:05:03.0104 6744  discache - ok
17:05:03.0151 6744  [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk            C:\Windows\system32\drivers\disk.sys
17:05:03.0151 6744  Disk - ok
17:05:03.0182 6744  [ 16835866aaa693c7d7fceba8fff706e4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:05:03.0260 6744  Dnscache - ok
17:05:03.0276 6744  [ b1fb3ddca0fdf408750d5843591afbc6 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:05:03.0338 6744  dot3svc - ok
17:05:03.0370 6744  [ b26f4f737e8f9df4f31af6cf31d05820 ] DPS             C:\Windows\system32\dps.dll
17:05:03.0463 6744  DPS - ok
17:05:03.0510 6744  [ 9b19f34400d24df84c858a421c205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:05:03.0559 6744  drmkaud - ok
17:05:03.0600 6744  [ f5bee30450e18e6b83a5012c100616fd ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:05:03.0663 6744  DXGKrnl - ok
17:05:03.0679 6744  [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost         C:\Windows\System32\eapsvc.dll
17:05:03.0747 6744  EapHost - ok
17:05:03.0852 6744  [ dc5d737f51be844d8c82c695eb17372f ] ebdrv           C:\Windows\system32\drivers\evbda.sys
17:05:03.0992 6744  ebdrv - ok
17:05:04.0023 6744  [ c118a82cd78818c29ab228366ebf81c3 ] EFS             C:\Windows\System32\lsass.exe
17:05:04.0117 6744  EFS - ok
17:05:04.0179 6744  [ c4002b6b41975f057d98c439030cea07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:05:04.0304 6744  ehRecvr - ok
17:05:04.0320 6744  [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched         C:\Windows\ehome\ehsched.exe
17:05:04.0367 6744  ehSched - ok
17:05:04.0413 6744  [ 0e5da5369a0fcaea12456dd852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
17:05:04.0491 6744  elxstor - ok
17:05:04.0507 6744  [ 34a3c54752046e79a126e15c51db409b ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:05:04.0538 6744  ErrDev - ok
17:05:04.0595 6744  [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem     C:\Windows\system32\es.dll
17:05:04.0665 6744  EventSystem - ok
17:05:04.0753 6744  [ 8b6c9924b0d333dbf76086b8258a0891 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:05:04.0813 6744  EvtEng - ok
17:05:04.0830 6744  [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat           C:\Windows\system32\drivers\exfat.sys
17:05:04.0862 6744  exfat - ok
17:05:04.0893 6744  [ 0adc83218b66a6db380c330836f3e36d ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:05:04.0971 6744  fastfat - ok
17:05:05.0018 6744  [ dbefd454f8318a0ef691fdd2eaab44eb ] Fax             C:\Windows\system32\fxssvc.exe
17:05:05.0142 6744  Fax - ok
17:05:05.0174 6744  [ d765d19cd8ef61f650c384f62fac00ab ] fdc             C:\Windows\system32\drivers\fdc.sys
17:05:05.0205 6744  fdc - ok
17:05:05.0220 6744  [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost         C:\Windows\system32\fdPHost.dll
17:05:05.0298 6744  fdPHost - ok
17:05:05.0330 6744  [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:05:05.0392 6744  FDResPub - ok
17:05:05.0423 6744  [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:05:05.0423 6744  FileInfo - ok
17:05:05.0439 6744  [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:05:05.0532 6744  Filetrace - ok
17:05:05.0564 6744  [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
17:05:05.0564 6744  flpydisk - ok
17:05:05.0598 6744  [ da6b67270fd9db3697b20fce94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:05:05.0614 6744  FltMgr - ok
17:05:05.0666 6744  [ 5c4cb4086fb83115b153e47add961a0c ] FontCache       C:\Windows\system32\FntCache.dll
17:05:05.0795 6744  FontCache - ok
17:05:05.0835 6744  [ a8b7f3818ab65695e3a0bb3279f6dce6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:05:05.0857 6744  FontCache3.0.0.0 - ok
17:05:05.0873 6744  [ d43703496149971890703b4b1b723eac ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:05:05.0873 6744  FsDepends - ok
17:05:05.0904 6744  [ 6bd9295cc032dd3077c671fccf579a7b ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:05:05.0935 6744  Fs_Rec - ok
17:05:05.0951 6744  [ 1f7b25b858fa27015169fe95e54108ed ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:05:05.0966 6744  fvevol - ok
17:05:05.0982 6744  [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
17:05:05.0998 6744  gagp30kx - ok
17:05:06.0029 6744  [ 277bbc7e1aa1ee957f573a10eca7ef3a ] gpsvc           C:\Windows\System32\gpsvc.dll
17:05:06.0091 6744  gpsvc - ok
17:05:06.0169 6744  [ f02a533f517eb38333cb12a9e8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:05:06.0200 6744  gupdate - ok
17:05:06.0200 6744  [ f02a533f517eb38333cb12a9e8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:05:06.0216 6744  gupdatem - ok
17:05:06.0232 6744  [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:05:06.0310 6744  hcw85cir - ok
17:05:06.0341 6744  [ 97bfed39b6b79eb12cddbfeed51f56bb ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
17:05:06.0356 6744  HDAudBus - ok
17:05:06.0372 6744  [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
17:05:06.0419 6744  HidBatt - ok
17:05:06.0450 6744  [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
17:05:06.0512 6744  HidBth - ok
17:05:06.0528 6744  [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
17:05:06.0544 6744  HidIr - ok
17:05:06.0620 6744  [ bd9eb3958f213f96b97b1d897dee006d ] hidserv         C:\Windows\system32\hidserv.dll
17:05:06.0674 6744  hidserv - ok
17:05:06.0738 6744  [ 9592090a7e2b61cd582b612b6df70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:05:06.0750 6744  HidUsb - ok
17:05:06.0777 6744  [ 387e72e739e15e3d37907a86d9ff98e2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:05:06.0838 6744  hkmsvc - ok
17:05:06.0852 6744  [ efdfb3dd38a4376f93e7985173813abd ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:05:06.0945 6744  HomeGroupListener - ok
17:05:06.0961 6744  [ 908acb1f594274965a53926b10c81e89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:05:07.0008 6744  HomeGroupProvider - ok
17:05:07.0023 6744  [ 39d2abcd392f3d8a6dce7b60ae7b8efc ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:05:07.0039 6744  HpSAMD - ok
17:05:07.0070 6744  [ 0ea7de1acb728dd5a369fd742d6eee28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:05:07.0164 6744  HTTP - ok
17:05:07.0195 6744  [ a5462bd6884960c9dc85ed49d34ff392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:05:07.0195 6744  hwpolicy - ok
17:05:07.0210 6744  [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
17:05:07.0226 6744  i8042prt - ok
17:05:07.0257 6744  [ d469b77687e12fe43e344806740b624d ] iaStor          C:\Windows\system32\drivers\iaStor.sys
17:05:07.0288 6744  iaStor - ok
17:05:07.0320 6744  [ aaaf44db3bd0b9d1fb6969b23ecc8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:05:07.0351 6744  iaStorV - ok
17:05:07.0429 6744  [ 6f95324909b502e2651442c1548ab12f ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
17:05:07.0460 6744  IDriverT ( UnsignedFile.Multi.Generic ) - warning
17:05:07.0460 6744  IDriverT - detected UnsignedFile.Multi.Generic (1)
17:05:07.0538 6744  [ 5988fc40f8db5b0739cd1e3a5d0d78bd ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:05:07.0605 6744  idsvc - ok
17:05:07.0820 6744  [ 795c99dc4f574c97c03d0bb39cf099ee ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
17:05:08.0168 6744  igfx - ok
17:05:08.0183 6744  [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
17:05:08.0199 6744  iirsp - ok
17:05:08.0246 6744  [ fcd84c381e0140af901e58d48882d26b ] IKEEXT          C:\Windows\System32\ikeext.dll
17:05:08.0371 6744  IKEEXT - ok
17:05:08.0402 6744  [ dd587a55390ed2295bce6d36ad567da9 ] Impcd           C:\Windows\system32\drivers\Impcd.sys
17:05:08.0480 6744  Impcd - ok
17:05:08.0573 6744  [ 8fed6428fde53d7f4c105095f22524be ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:05:08.0667 6744  IntcAzAudAddService - ok
17:05:08.0685 6744  [ fc727061c0f47c8059e88e05d5c8e381 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
17:05:08.0705 6744  IntcDAud - ok
17:05:08.0728 6744  [ f00f20e70c6ec3aa366910083a0518aa ] intelide        C:\Windows\system32\drivers\intelide.sys
17:05:08.0739 6744  intelide - ok
17:05:08.0764 6744  [ ada036632c664caa754079041cf1f8c1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:05:08.0817 6744  intelppm - ok
17:05:08.0865 6744  [ 098a91c54546a3b878dad6a7e90a455b ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:05:08.0923 6744  IPBusEnum - ok
17:05:08.0939 6744  [ c9f0e1bd74365a8771590e9008d22ab6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:05:08.0986 6744  IpFilterDriver - ok
17:05:09.0017 6744  [ a34a587fffd45fa649fba6d03784d257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:05:09.0095 6744  iphlpsvc - ok
17:05:09.0111 6744  [ 0fc1aea580957aa8817b8f305d18ca3a ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:05:09.0126 6744  IPMIDRV - ok
17:05:09.0142 6744  [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:05:09.0204 6744  IPNAT - ok
17:05:09.0220 6744  [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:05:09.0235 6744  IRENUM - ok
17:05:09.0267 6744  [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:05:09.0267 6744  isapnp - ok
17:05:09.0298 6744  [ d931d7309deb2317035b07c9f9e6b0bd ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:05:09.0345 6744  iScsiPrt - ok
17:05:09.0376 6744  [ e56417c56b6a7316b6f527c890a1860d ] JMCR            C:\Windows\system32\DRIVERS\jmcr.sys
17:05:09.0407 6744  JMCR - ok
17:05:09.0438 6744  [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:05:09.0454 6744  kbdclass - ok
17:05:09.0485 6744  [ 0705eff5b42a9db58548eec3b26bb484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
17:05:09.0501 6744  kbdhid - ok
17:05:09.0532 6744  [ c118a82cd78818c29ab228366ebf81c3 ] KeyIso          C:\Windows\system32\lsass.exe
17:05:09.0547 6744  KeyIso - ok
17:05:09.0563 6744  [ 97a7070aea4c058b6418519e869a63b4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:05:09.0579 6744  KSecDD - ok
17:05:09.0594 6744  [ 26c43a7c2862447ec59deda188d1da07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:05:09.0610 6744  KSecPkg - ok
17:05:09.0637 6744  [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
17:05:09.0688 6744  ksthunk - ok
17:05:09.0730 6744  [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:05:09.0802 6744  KtmRm - ok
17:05:09.0851 6744  [ d9f42719019740baa6d1c6d536cbdaa6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:05:09.0910 6744  LanmanServer - ok
17:05:09.0941 6744  [ 851a1382eed3e3a7476db004f4ee3e1a ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:05:10.0019 6744  LanmanWorkstation - ok
17:05:10.0050 6744  [ 1538831cf8ad2979a04c423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:05:10.0082 6744  lltdio - ok
17:05:10.0097 6744  [ c1185803384ab3feed115f79f109427f ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:05:10.0128 6744  lltdsvc - ok
17:05:10.0144 6744  [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:05:10.0191 6744  lmhosts - ok
17:05:10.0269 6744  [ 7f32d4c47a50e7223491e8fb9359907d ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:05:10.0300 6744  LMS - ok
17:05:10.0331 6744  [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
17:05:10.0331 6744  LSI_FC - ok
17:05:10.0347 6744  [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
17:05:10.0347 6744  LSI_SAS - ok
17:05:10.0362 6744  [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
17:05:10.0378 6744  LSI_SAS2 - ok
17:05:10.0394 6744  [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
17:05:10.0409 6744  LSI_SCSI - ok
17:05:10.0409 6744  [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv           C:\Windows\system32\drivers\luafv.sys
17:05:10.0440 6744  luafv - ok
17:05:10.0503 6744  [ 9504f1dda1b67fb8d526fd4f8cc882f3 ] McAWFwk         c:\PROGRA~1\mcafee\msc\mcawfwk.exe
17:05:10.0518 6744  McAWFwk - ok
17:05:10.0565 6744  [ acb01bf1a905356ab7f978c7fe852209 ] McMPFSvc        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
17:05:10.0581 6744  McMPFSvc - ok
17:05:10.0596 6744  [ acb01bf1a905356ab7f978c7fe852209 ] mcmscsvc        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:05:10.0612 6744  mcmscsvc - ok
17:05:10.0632 6744  [ acb01bf1a905356ab7f978c7fe852209 ] McNaiAnn        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:05:10.0641 6744  McNaiAnn - ok
17:05:10.0647 6744  [ acb01bf1a905356ab7f978c7fe852209 ] McNASvc         C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:05:10.0657 6744  McNASvc - ok
17:05:10.0703 6744  [ dd2321925274f2902929d76ce2b0eb45 ] McODS           C:\Program Files\mcafee\VirusScan\mcods.exe
17:05:10.0729 6744  McODS - ok
17:05:10.0734 6744  [ acb01bf1a905356ab7f978c7fe852209 ] McOobeSv        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:05:10.0754 6744  McOobeSv - ok
17:05:10.0760 6744  [ acb01bf1a905356ab7f978c7fe852209 ] McProxy         C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:05:10.0771 6744  McProxy - ok
17:05:10.0819 6744  [ e998e3b12101288d716558466cbf6ae1 ] McShield        C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
17:05:10.0844 6744  McShield - ok
17:05:10.0872 6744  [ 0be09cd858abf9df6ed259d57a1a1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:05:10.0885 6744  Mcx2Svc - ok
17:05:10.0898 6744  [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas         C:\Windows\system32\drivers\megasas.sys
17:05:10.0929 6744  megasas - ok
17:05:10.0944 6744  [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
17:05:10.0991 6744  MegaSR - ok
17:05:11.0007 6744  [ a6518dcc42f7a6e999bb3bea8fd87567 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
17:05:11.0038 6744  MEIx64 - ok
17:05:11.0054 6744  [ 01884cb7655c8908b43ff5e364fe6fd2 ] mfeapfk         C:\Windows\system32\drivers\mfeapfk.sys
17:05:11.0069 6744  mfeapfk - ok
17:05:11.0085 6744  [ dab9a9cdfb04e4d68924492aa043019d ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
17:05:11.0100 6744  mfeavfk - ok
17:05:11.0116 6744  mfeavfk01 - ok
17:05:11.0132 6744  [ b26782c3d6045b4464017d7926877560 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
17:05:11.0147 6744  mfefire - ok
17:05:11.0178 6744  [ ce9a3680675c0907ade16404ca967b49 ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
17:05:11.0194 6744  mfefirek - ok
17:05:11.0241 6744  [ 60cf67458dd29cd17e77f2327b1a9a54 ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
17:05:11.0288 6744  mfehidk - ok
17:05:11.0303 6744  [ a8129cfb919347f8533c934b365e9202 ] mfenlfk         C:\Windows\system32\DRIVERS\mfenlfk.sys
17:05:11.0319 6744  mfenlfk - ok
17:05:11.0319 6744  [ 5041fa2bd2b3a2693b015771bfbf6dca ] mferkdet        C:\Windows\system32\drivers\mferkdet.sys
17:05:11.0334 6744  mferkdet - ok
17:05:11.0366 6744  [ 723a5eb6cef7f408c3d0f15a82a6bff8 ] mfevtp          C:\Windows\system32\mfevtps.exe
17:05:11.0366 6744  mfevtp - ok
17:05:11.0381 6744  [ 919c56db14a0e1e2ab6da5d2821dc26e ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
17:05:11.0397 6744  mfewfpk - ok
17:05:11.0428 6744  [ e40e80d0304a73e8d269f7141d77250b ] MMCSS           C:\Windows\system32\mmcss.dll
17:05:11.0490 6744  MMCSS - ok
17:05:11.0537 6744  [ 800ba92f7010378b09f9ed9270f07137 ] Modem           C:\Windows\system32\drivers\modem.sys
17:05:11.0631 6744  Modem - ok
17:05:11.0662 6744  [ b03d591dc7da45ece20b3b467e6aadaa ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:05:11.0692 6744  monitor - ok
17:05:11.0712 6744  [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:05:11.0741 6744  mouclass - ok
17:05:11.0753 6744  [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:05:11.0764 6744  mouhid - ok
17:05:11.0783 6744  [ 32e7a3d591d671a6df2db515a5cbe0fa ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:05:11.0794 6744  mountmgr - ok
17:05:11.0858 6744  [ 46297fa8e30a6007f14118fc2b942fbc ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:05:11.0871 6744  MozillaMaintenance - ok
17:05:11.0889 6744  [ a44b420d30bd56e145d6a2bc8768ec58 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:05:11.0903 6744  mpio - ok
17:05:11.0916 6744  [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:05:11.0946 6744  mpsdrv - ok
17:05:11.0967 6744  [ 54ffc9c8898113ace189d4aa7199d2c1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:05:12.0030 6744  MpsSvc - ok
17:05:12.0061 6744  [ dc722758b8261e1abafd31a3c0a66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:05:12.0108 6744  MRxDAV - ok
17:05:12.0123 6744  [ a5d9106a73dc88564c825d317cac68ac ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:05:12.0217 6744  mrxsmb - ok
17:05:12.0248 6744  [ d711b3c1d5f42c0c2415687be09fc163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:05:12.0295 6744  mrxsmb10 - ok
17:05:12.0310 6744  [ 9423e9d355c8d303e76b8cfbd8a5c30c ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:05:12.0326 6744  mrxsmb20 - ok
17:05:12.0342 6744  [ c25f0bafa182cbca2dd3c851c2e75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:05:12.0357 6744  msahci - ok
17:05:12.0373 6744  [ db801a638d011b9633829eb6f663c900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:05:12.0388 6744  msdsm - ok
17:05:12.0404 6744  [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC           C:\Windows\System32\msdtc.exe
17:05:12.0466 6744  MSDTC - ok
17:05:12.0482 6744  [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:05:12.0560 6744  Msfs - ok
17:05:12.0591 6744  [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:05:12.0669 6744  mshidkmdf - ok
17:05:12.0685 6744  [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:05:12.0727 6744  msisadrv - ok
17:05:12.0751 6744  [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:05:12.0821 6744  MSiSCSI - ok
17:05:12.0824 6744  msiserver - ok
17:05:12.0864 6744  [ acb01bf1a905356ab7f978c7fe852209 ] MSK80Service    C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
17:05:12.0886 6744  MSK80Service - ok
17:05:12.0915 6744  [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:05:12.0983 6744  MSKSSRV - ok
17:05:12.0986 6744  [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:05:13.0020 6744  MSPCLOCK - ok
17:05:13.0036 6744  [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:05:13.0067 6744  MSPQM - ok
17:05:13.0083 6744  [ 759a9eeb0fa9ed79da1fb7d4ef78866d ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:05:13.0098 6744  MsRPC - ok
17:05:13.0114 6744  [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
17:05:13.0129 6744  mssmbios - ok
17:05:13.0145 6744  [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:05:13.0176 6744  MSTEE - ok
17:05:13.0192 6744  [ 7ea404308934e675bffde8edf0757bcd ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
17:05:13.0192 6744  MTConfig - ok
17:05:13.0223 6744  [ f9a18612fd3526fe473c1bda678d61c8 ] Mup             C:\Windows\system32\Drivers\mup.sys
17:05:13.0223 6744  Mup - ok
17:05:13.0254 6744  [ 6ed8935257672f4cd04a88a0f3de093d ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
17:05:13.0270 6744  MyWiFiDHCPDNS - ok
17:05:13.0301 6744  [ 582ac6d9873e31dfa28a4547270862dd ] napagent        C:\Windows\system32\qagentRT.dll
17:05:13.0363 6744  napagent - ok
17:05:13.0410 6744  [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:05:13.0457 6744  NativeWifiP - ok
17:05:13.0519 6744  [ c38b8ae57f78915905064a9a24dc1586 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:05:13.0582 6744  NDIS - ok
17:05:13.0597 6744  [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:05:13.0629 6744  NdisCap - ok
17:05:13.0644 6744  [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:05:13.0707 6744  NdisTapi - ok
17:05:13.0707 6744  [ 136185f9fb2cc61e573e676aa5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:05:13.0768 6744  Ndisuio - ok
17:05:13.0792 6744  [ 53f7305169863f0a2bddc49e116c2e11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:05:13.0857 6744  NdisWan - ok
17:05:13.0890 6744  [ 015c0d8e0e0421b4cfd48cffe2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:05:13.0949 6744  NDProxy - ok
17:05:13.0970 6744  [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:05:14.0037 6744  NetBIOS - ok
17:05:14.0053 6744  [ 09594d1089c523423b32a4229263f068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:05:14.0100 6744  NetBT - ok
17:05:14.0115 6744  [ c118a82cd78818c29ab228366ebf81c3 ] Netlogon        C:\Windows\system32\lsass.exe
17:05:14.0131 6744  Netlogon - ok
17:05:14.0162 6744  [ 847d3ae376c0817161a14a82c8922a9e ] Netman          C:\Windows\System32\netman.dll
17:05:14.0240 6744  Netman - ok
17:05:14.0256 6744  [ d22cd77d4f0d63d1169bb35911bff12d ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:05:14.0318 6744  NetMsmqActivator - ok
17:05:14.0334 6744  [ d22cd77d4f0d63d1169bb35911bff12d ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:05:14.0334 6744  NetPipeActivator - ok
17:05:14.0365 6744  [ 5f28111c648f1e24f7dbc87cdeb091b8 ] netprofm        C:\Windows\System32\netprofm.dll
17:05:14.0443 6744  netprofm - ok
17:05:14.0443 6744  [ d22cd77d4f0d63d1169bb35911bff12d ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:05:14.0459 6744  NetTcpActivator - ok
17:05:14.0459 6744  [ d22cd77d4f0d63d1169bb35911bff12d ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:05:14.0474 6744  NetTcpPortSharing - ok
17:05:14.0677 6744  [ 5d262402b0634c998f8cbcead7dd8676 ] NETwNs64        C:\Windows\system32\DRIVERS\NETwNs64.sys
17:05:14.0923 6744  NETwNs64 - ok
17:05:14.0946 6744  [ 77889813be4d166cdab78ddba990da92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
17:05:14.0956 6744  nfrd960 - ok
17:05:14.0978 6744  [ 1ee99a89cc788ada662441d1e9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:05:15.0042 6744  NlaSvc - ok
17:05:15.0198 6744  [ b9b72faaaa41d59b73b88fe3dd737ed1 ] NOBU            C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
17:05:15.0292 6744  NOBU - ok
17:05:15.0307 6744  [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:05:15.0338 6744  Npfs - ok
17:05:15.0354 6744  [ d54bfdf3e0c953f823b3d0bfe4732528 ] nsi             C:\Windows\system32\nsisvc.dll
17:05:15.0401 6744  nsi - ok
17:05:15.0416 6744  [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:05:15.0448 6744  nsiproxy - ok
17:05:15.0510 6744  [ a2f74975097f52a00745f9637451fdd8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:05:15.0604 6744  Ntfs - ok
17:05:15.0604 6744  [ 9899284589f75fa8724ff3d16aed75c1 ] Null            C:\Windows\system32\drivers\Null.sys
17:05:15.0650 6744  Null - ok
17:05:15.0682 6744  [ 0ebc9d13cd96c15b1b18d8678a609e4b ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
17:05:15.0764 6744  nusb3hub - ok
17:05:15.0778 6744  [ 7bdec000d56d485021d9c1e63c2f81ca ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
17:05:15.0841 6744  nusb3xhc - ok
17:05:16.0062 6744  [ 573b0941a37aebee96085d56a103f57b ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:05:16.0405 6744  nvlddmkm - ok
17:05:16.0405 6744  [ 43af7ebeac2ab623468e32caddcb61a4 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
17:05:16.0421 6744  nvpciflt - ok
17:05:16.0452 6744  [ 0a92cb65770442ed0dc44834632f66ad ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:05:16.0483 6744  nvraid - ok
17:05:16.0499 6744  [ dab0e87525c10052bf65f06152f37e4a ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:05:16.0514 6744  nvstor - ok
17:05:16.0545 6744  [ 9e01b716c8085f7adb1cdc10103ceef8 ] NvStUSB         C:\Windows\system32\drivers\nvstusb.sys
17:05:16.0577 6744  NvStUSB - ok
17:05:16.0608 6744  [ c500760572c6059918fb0c960967695b ] NVSvc           C:\Windows\system32\nvvsvc.exe
17:05:16.0655 6744  NVSvc - ok
17:05:16.0764 6744  [ f28169a7adf7b41809cf92d369e744f0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
17:05:16.0839 6744  nvUpdatusService - ok
17:05:16.0862 6744  [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:05:16.0873 6744  nv_agp - ok
17:05:16.0891 6744  [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:05:16.0926 6744  ohci1394 - ok
17:05:16.0955 6744  [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:05:17.0012 6744  p2pimsvc - ok
17:05:17.0033 6744  [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:05:17.0048 6744  p2psvc - ok
17:05:17.0080 6744  [ 0086431c29c35be1dbc43f52cc273887 ] Parport         C:\Windows\system32\drivers\parport.sys
17:05:17.0126 6744  Parport - ok
17:05:17.0173 6744  [ e9766131eeade40a27dc27d2d68fba9c ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:05:17.0204 6744  partmgr - ok
17:05:17.0220 6744  [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:05:17.0267 6744  PcaSvc - ok
17:05:17.0298 6744  [ 94575c0571d1462a0f70bde6bd6ee6b3 ] pci             C:\Windows\system32\drivers\pci.sys
17:05:17.0329 6744  pci - ok
17:05:17.0345 6744  [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide          C:\Windows\system32\drivers\pciide.sys
17:05:17.0376 6744  pciide - ok
17:05:17.0392 6744  [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
17:05:17.0407 6744  pcmcia - ok
17:05:17.0423 6744  [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:05:17.0438 6744  pcw - ok
17:05:17.0454 6744  [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:05:17.0563 6744  PEAUTH - ok
17:05:17.0641 6744  [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:05:17.0688 6744  PerfHost - ok
17:05:17.0735 6744  [ c7cf6a6e137463219e1259e3f0f0dd6c ] pla             C:\Windows\system32\pla.dll
17:05:17.0871 6744  pla - ok
17:05:17.0917 6744  [ 25fbdef06c4d92815b353f6e792c8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:05:18.0009 6744  PlugPlay - ok
17:05:18.0023 6744  [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:05:18.0053 6744  PNRPAutoReg - ok
17:05:18.0084 6744  [ 3eac4455472cc2c97107b5291e0dcafe ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:05:18.0100 6744  PNRPsvc - ok
17:05:18.0131 6744  [ 4f15d75adf6156bf56eced6d4a55c389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:05:18.0193 6744  PolicyAgent - ok
17:05:18.0240 6744  [ 6ba9d927dded70bd1a9caded45f8b184 ] Power           C:\Windows\system32\umpo.dll
17:05:18.0318 6744  Power - ok
17:05:18.0349 6744  [ f92a2c41117a11a00be01ca01a7fcde9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:05:18.0443 6744  PptpMiniport - ok
17:05:18.0474 6744  [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor       C:\Windows\system32\drivers\processr.sys
17:05:18.0521 6744  Processor - ok
17:05:18.0552 6744  [ 53e83f1f6cf9d62f32801cf66d8352a8 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:05:18.0661 6744  ProfSvc - ok
17:05:18.0677 6744  [ c118a82cd78818c29ab228366ebf81c3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:05:18.0692 6744  ProtectedStorage - ok
17:05:18.0708 6744  [ 0557cf5a2556bd58e26384169d72438d ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:05:18.0790 6744  Psched - ok
17:05:18.0825 6744  [ 87b04878a6d59d6c79251dc960c674c1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
17:05:18.0855 6744  PxHlpa64 - ok
17:05:18.0880 6744  [ 0928bd20273625622722fe1de5bbde57 ] qicflt          C:\Windows\system32\DRIVERS\qicflt.sys
17:05:18.0889 6744  qicflt - ok
17:05:18.0931 6744  [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
17:05:18.0990 6744  ql2300 - ok
17:05:19.0005 6744  [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
17:05:19.0016 6744  ql40xx - ok
17:05:19.0036 6744  [ 906191634e99aea92c4816150bda3732 ] QWAVE           C:\Windows\system32\qwave.dll
17:05:19.0055 6744  QWAVE - ok
17:05:19.0055 6744  [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:05:19.0102 6744  QWAVEdrv - ok
17:05:19.0102 6744  [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:05:19.0149 6744  RasAcd - ok
17:05:19.0195 6744  [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:05:19.0242 6744  RasAgileVpn - ok
17:05:19.0273 6744  [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto         C:\Windows\System32\rasauto.dll
17:05:19.0351 6744  RasAuto - ok
17:05:19.0367 6744  [ 471815800ae33e6f1c32fb1b97c490ca ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:05:19.0445 6744  Rasl2tp - ok
17:05:19.0461 6744  [ ee867a0870fc9e4972ba9eaad35651e2 ] RasMan          C:\Windows\System32\rasmans.dll
17:05:19.0523 6744  RasMan - ok
17:05:19.0539 6744  [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:05:19.0601 6744  RasPppoe - ok
17:05:19.0617 6744  [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:05:19.0663 6744  RasSstp - ok
17:05:19.0679 6744  [ 77f665941019a1594d887a74f301fa2f ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:05:19.0710 6744  rdbss - ok
17:05:19.0726 6744  [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
17:05:19.0741 6744  rdpbus - ok
17:05:19.0757 6744  [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:05:19.0798 6744  RDPCDD - ok
17:05:19.0818 6744  [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:05:19.0886 6744  RDPENCDD - ok
17:05:19.0910 6744  [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:05:19.0939 6744  RDPREFMP - ok
17:05:19.0969 6744  [ e61608aa35e98999af9aaeeea6114b0a ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:05:20.0045 6744  RDPWD - ok
17:05:20.0060 6744  [ 34ed295fa0121c241bfef24764fc4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:05:20.0076 6744  rdyboost - ok
17:05:20.0154 6744  [ 189c5a8d2098e0aa14fd157a954b34fc ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:05:20.0185 6744  RegSrvc - ok
17:05:20.0216 6744  [ 254fb7a22d74e5511c73a3f6d802f192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:05:20.0263 6744  RemoteAccess - ok
17:05:20.0294 6744  [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:05:20.0357 6744  RemoteRegistry - ok
17:05:20.0497 6744  [ 3c957189b31c34d3ad21967b12b6aed7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
17:05:20.0544 6744  RoxMediaDB12OEM - ok
17:05:20.0575 6744  [ 2b73088cc2ca757a172b425c9398e5bc ] RoxWatch12      C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
17:05:20.0606 6744  RoxWatch12 - ok
17:05:20.0622 6744  [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:05:20.0684 6744  RpcEptMapper - ok
17:05:20.0715 6744  [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator      C:\Windows\system32\locator.exe
17:05:20.0762 6744  RpcLocator - ok
17:05:20.0804 6744  [ 5c627d1b1138676c0a7ab2c2c190d123 ] RpcSs           C:\Windows\system32\rpcss.dll
17:05:20.0849 6744  RpcSs - ok
17:05:20.0878 6744  [ ddc86e4f8e7456261e637e3552e804ff ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:05:20.0939 6744  rspndr - ok
17:05:20.0977 6744  [ ed5873f7dfb2f96d37f13322211b6bdc ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
17:05:20.0993 6744  RTL8167 - ok
17:05:20.0997 6744  [ c118a82cd78818c29ab228366ebf81c3 ] SamSs           C:\Windows\system32\lsass.exe
17:05:21.0007 6744  SamSs - ok
17:05:21.0026 6744  [ ac03af3329579fffb455aa2daabbe22b ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:05:21.0037 6744  sbp2port - ok
17:05:21.0046 6744  [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:05:21.0139 6744  SCardSvr - ok
17:05:21.0155 6744  [ 253f38d0d7074c02ff8deb9836c97d2b ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:05:21.0233 6744  scfilter - ok
17:05:21.0280 6744  [ 262f6592c3299c005fd6bec90fc4463a ] Schedule        C:\Windows\system32\schedsvc.dll
17:05:21.0358 6744  Schedule - ok
17:05:21.0389 6744  [ f17d1d393bbc69c5322fbfafaca28c7f ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:05:21.0436 6744  SCPolicySvc - ok
17:05:21.0483 6744  [ 111e0ebc0ad79cb0fa014b907b231cf0 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
17:05:21.0529 6744  sdbus - ok
17:05:21.0561 6744  [ 6ea4234dc55346e0709560fe7c2c1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:05:21.0654 6744  SDRSVC - ok
17:05:21.0701 6744  [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:05:21.0748 6744  secdrv - ok
17:05:21.0763 6744  [ bc617a4e1b4fa8df523a061739a0bd87 ] seclogon        C:\Windows\system32\seclogon.dll
17:05:21.0807 6744  seclogon - ok
17:05:21.0832 6744  [ c32ab8fa018ef34c0f113bd501436d21 ] SENS            C:\Windows\System32\sens.dll
17:05:21.0879 6744  SENS - ok
17:05:21.0898 6744  [ 0336cffafaab87a11541f1cf1594b2b2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:05:21.0975 6744  SensrSvc - ok
17:05:22.0013 6744  [ cb624c0035412af0debec78c41f5ca1b ] Serenum         C:\Windows\system32\drivers\serenum.sys
17:05:22.0062 6744  Serenum - ok
17:05:22.0067 6744  [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial          C:\Windows\system32\drivers\serial.sys
17:05:22.0129 6744  Serial - ok
17:05:22.0129 6744  [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
17:05:22.0129 6744  sermouse - ok
17:05:22.0160 6744  [ 0b6231bf38174a1628c4ac812cc75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:05:22.0238 6744  SessionEnv - ok
17:05:22.0269 6744  [ a554811bcd09279536440c964ae35bbf ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
17:05:22.0301 6744  sffdisk - ok
17:05:22.0301 6744  [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:05:22.0316 6744  sffp_mmc - ok
17:05:22.0332 6744  [ dd85b78243a19b59f0637dcf284da63c ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
17:05:22.0394 6744  sffp_sd - ok
17:05:22.0410 6744  [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
17:05:22.0410 6744  sfloppy - ok
17:05:22.0519 6744  [ 74ec60e20516aaa573be74f31175270f ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
17:05:22.0581 6744  SftService - ok
17:05:22.0628 6744  [ b95f6501a2f8b2e78c697fec401970ce ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:05:22.0691 6744  SharedAccess - ok
17:05:22.0722 6744  [ aaf932b4011d14052955d4b212a4da8d ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:05:22.0847 6744  ShellHWDetection - ok
17:05:22.0862 6744  [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
17:05:22.0862 6744  SiSRaid2 - ok
17:05:22.0878 6744  [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
17:05:22.0893 6744  SiSRaid4 - ok
17:05:22.0909 6744  [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:05:22.0987 6744  Smb - ok
17:05:23.0003 6744  [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:05:23.0049 6744  SNMPTRAP - ok
17:05:23.0081 6744  [ b9e31e5cacdfe584f34f730a677803f9 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:05:23.0112 6744  spldr - ok
17:05:23.0143 6744  [ 85daa09a98c9286d4ea2ba8d0e644377 ] Spooler         C:\Windows\System32\spoolsv.exe
17:05:23.0237 6744  Spooler - ok
17:05:23.0330 6744  [ e17e0188bb90fae42d83e98707efa59c ] sppsvc          C:\Windows\system32\sppsvc.exe
17:05:23.0502 6744  sppsvc - ok
17:05:23.0533 6744  [ 93d7d61317f3d4bc4f4e9f8a96a7de45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:05:23.0564 6744  sppuinotify - ok
17:05:23.0595 6744  [ 441fba48bff01fdb9d5969ebc1838f0b ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:05:23.0673 6744  srv - ok
17:05:23.0689 6744  [ b4adebbf5e3677cce9651e0f01f7cc28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:05:23.0736 6744  srv2 - ok
17:05:23.0767 6744  [ 27e461f0be5bff5fc737328f749538c3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:05:23.0819 6744  srvnet - ok
17:05:23.0856 6744  [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:05:23.0888 6744  SSDPSRV - ok
17:05:23.0903 6744  [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:05:23.0934 6744  SstpSvc - ok
17:05:23.0950 6744  [ 92e7f6666633d2dd91d527503daa7be0 ] stdcfltn        C:\Windows\system32\DRIVERS\stdcfltn.sys
17:05:23.0959 6744  stdcfltn - ok
17:05:24.0020 6744  [ 0683504bbb3ffc0a73d9d217b63dd0e0 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:05:24.0047 6744  Stereo Service - ok
17:05:24.0063 6744  [ f3817967ed533d08327dc73bc4d5542a ] stexstor        C:\Windows\system32\drivers\stexstor.sys
17:05:24.0074 6744  stexstor - ok
17:05:24.0105 6744  [ 8dd52e8e6128f4b2da92ce27402871c1 ] stisvc          C:\Windows\System32\wiaservc.dll
17:05:24.0183 6744  stisvc - ok
17:05:24.0215 6744  [ 7731f46ec0d687a931cba063e8f90ef0 ] stllssvr        C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
17:05:24.0246 6744  stllssvr - ok
17:05:24.0261 6744  [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
17:05:24.0277 6744  swenum - ok
17:05:24.0355 6744  [ f577910a133a592234ebaad3f3afa258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
17:05:24.0417 6744  SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
17:05:24.0417 6744  SwitchBoard - detected UnsignedFile.Multi.Generic (1)
17:05:24.0433 6744  [ e08e46fdd841b7184194011ca1955a0b ] swprv           C:\Windows\System32\swprv.dll
17:05:24.0527 6744  swprv - ok
17:05:24.0605 6744  [ b0c7d4dcf4800df2f2145b500d0161e8 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
17:05:24.0683 6744  SynTP - ok
17:05:24.0714 6744  [ bf9ccc0bf39b418c8d0ae8b05cf95b7d ] SysMain         C:\Windows\system32\sysmain.dll
17:05:24.0832 6744  SysMain - ok
17:05:24.0859 6744  [ e3c61fd7b7c2557e1f1b0b4cec713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:05:24.0883 6744  TabletInputService - ok
17:05:24.0904 6744  [ 40f0849f65d13ee87b9a9ae3c1dd6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:05:24.0953 6744  TapiSrv - ok
17:05:24.0975 6744  [ 1be03ac720f4d302ea01d40f588162f6 ] TBS             C:\Windows\System32\tbssvc.dll
17:05:25.0006 6744  TBS - ok
17:05:25.0052 6744  [ acb82bda8f46c84f465c1afa517dc4b9 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:05:25.0108 6744  Tcpip - ok
17:05:25.0186 6744  [ acb82bda8f46c84f465c1afa517dc4b9 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:05:25.0201 6744  TCPIP6 - ok
17:05:25.0232 6744  [ df687e3d8836bfb04fcc0615bf15a519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:05:25.0310 6744  tcpipreg - ok
17:05:25.0326 6744  [ 3371d21011695b16333a3934340c4e7c ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:05:25.0388 6744  TDPIPE - ok
17:05:25.0420 6744  [ 51c5eceb1cdee2468a1748be550cfbc8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:05:25.0466 6744  TDTCP - ok
17:05:25.0482 6744  [ ddad5a7ab24d8b65f8d724f5c20fd806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:05:25.0544 6744  tdx - ok
17:05:25.0560 6744  [ 561e7e1f06895d78de991e01dd0fb6e5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
17:05:25.0560 6744  TermDD - ok
17:05:25.0591 6744  [ 2e648163254233755035b46dd7b89123 ] TermService     C:\Windows\System32\termsrv.dll
17:05:25.0700 6744  TermService - ok
17:05:25.0716 6744  [ f0344071948d1a1fa732231785a0664c ] Themes          C:\Windows\system32\themeservice.dll
17:05:25.0778 6744  Themes - ok
17:05:25.0825 6744  [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER     C:\Windows\system32\mmcss.dll
17:05:25.0888 6744  THREADORDER - ok
17:05:25.0898 6744  [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks          C:\Windows\System32\trkwks.dll
17:05:25.0970 6744  TrkWks - ok
17:05:26.0024 6744  [ 773212b2aaa24c1e31f10246b15b276c ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:05:26.0089 6744  TrustedInstaller - ok
17:05:26.0112 6744  [ ce18b2cdfc837c99e5fae9ca6cba5d30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:05:26.0174 6744  tssecsrv - ok
17:05:26.0205 6744  [ d11c783e3ef9a3c52c0ebe83cc5000e9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:05:26.0268 6744  TsUsbFlt - ok
17:05:26.0268 6744  [ 9cc2ccae8a84820eaecb886d477cbcb8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
17:05:26.0283 6744  TsUsbGD - ok
17:05:26.0315 6744  [ 3566a8daafa27af944f5d705eaa64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:05:26.0377 6744  tunnel - ok
17:05:26.0408 6744  [ fd24f98d2898be093fe926604be7db99 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
17:05:26.0424 6744  TurboB - ok
17:05:26.0471 6744  [ 600b406a04d90f577fea8a88d7379f08 ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
17:05:26.0486 6744  TurboBoost - ok
17:05:26.0502 6744  [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
17:05:26.0533 6744  uagp35 - ok
17:05:26.0549 6744  [ ff4232a1a64012baa1fd97c7b67df593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:05:26.0595 6744  udfs - ok
17:05:26.0627 6744  [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:05:26.0642 6744  UI0Detect - ok
17:05:26.0673 6744  [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:05:26.0705 6744  uliagpkx - ok
17:05:26.0720 6744  [ dc54a574663a895c8763af0fa1ff7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
17:05:26.0767 6744  umbus - ok
17:05:26.0798 6744  [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass          C:\Windows\system32\drivers\umpass.sys
17:05:26.0850 6744  UmPass - ok
17:05:26.0959 6744  [ 2c16648a12999ae69a9ebf41974b0ba2 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:05:27.0029 6744  UNS - ok
17:05:27.0049 6744  [ d47ec6a8e81633dd18d2436b19baf6de ] upnphost        C:\Windows\System32\upnphost.dll
17:05:27.0105 6744  upnphost - ok
17:05:27.0131 6744  [ 19ad7990c0b67e48dac5b26f99628223 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:05:27.0209 6744  usbccgp - ok
17:05:27.0240 6744  [ af0892a803fdda7492f595368e3b68e7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:05:27.0255 6744  usbcir - ok
17:05:27.0271 6744  [ c025055fe7b87701eb042095df1a2d7b ] usbehci         C:\Windows\system32\drivers\usbehci.sys
17:05:27.0318 6744  usbehci - ok
17:05:27.0365 6744  [ 287c6c9410b111b68b52ca298f7b8c24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:05:27.0411 6744  usbhub - ok
17:05:27.0443 6744  [ 9840fc418b4cbd632d3d0a667a725c31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
17:05:27.0489 6744  usbohci - ok
17:05:27.0536 6744  [ 73188f58fb384e75c4063d29413cee3d ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:05:27.0599 6744  usbprint - ok
17:05:27.0630 6744  [ aaa2513c8aed8b54b189fd0c6b1634c0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
17:05:27.0677 6744  usbscan - ok
17:05:27.0692 6744  [ fed648b01349a3c8395a5169db5fb7d6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:05:27.0770 6744  USBSTOR - ok
17:05:27.0786 6744  [ 62069a34518bcf9c1fd9e74b3f6db7cd ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
17:05:27.0833 6744  usbuhci - ok
17:05:27.0869 6744  [ 454800c2bc7f3927ce030141ee4f4c50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
17:05:27.0915 6744  usbvideo - ok
17:05:27.0949 6744  [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms           C:\Windows\System32\uxsms.dll
17:05:28.0017 6744  UxSms - ok
17:05:28.0043 6744  [ c118a82cd78818c29ab228366ebf81c3 ] VaultSvc        C:\Windows\system32\lsass.exe
17:05:28.0054 6744  VaultSvc - ok
17:05:28.0072 6744  [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:05:28.0082 6744  vdrvroot - ok
17:05:28.0105 6744  [ 8d6b481601d01a456e75c3210f1830be ] vds             C:\Windows\System32\vds.exe
17:05:28.0166 6744  vds - ok
17:05:28.0197 6744  [ da4da3f5e02943c2dc8c6ed875de68dd ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:05:28.0213 6744  vga - ok
17:05:28.0213 6744  [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:05:28.0244 6744  VgaSave - ok
17:05:28.0260 6744  [ 2ce2df28c83aeaf30084e1b1eb253cbb ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:05:28.0275 6744  vhdmp - ok
17:05:28.0291 6744  [ e5689d93ffe4e5d66c0178761240dd54 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:05:28.0306 6744  viaide - ok
17:05:28.0322 6744  [ d2aafd421940f640b407aefaaebd91b0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:05:28.0322 6744  volmgr - ok
17:05:28.0338 6744  [ a255814907c89be58b79ef2f189b843b ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:05:28.0353 6744  volmgrx - ok
17:05:28.0369 6744  [ 0d08d2f3b3ff84e433346669b5e0f639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:05:28.0384 6744  volsnap - ok
17:05:28.0400 6744  [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
17:05:28.0416 6744  vsmraid - ok
17:05:28.0447 6744  [ b60ba0bc31b0cb414593e169f6f21cc2 ] VSS             C:\Windows\system32\vssvc.exe
17:05:28.0572 6744  VSS - ok
17:05:28.0603 6744  [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
17:05:28.0650 6744  vwifibus - ok
17:05:28.0681 6744  [ 6a3d66263414ff0d6fa754c646612f3f ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
17:05:28.0712 6744  vwififlt - ok
17:05:28.0743 6744  [ 6a638fc4bfddc4d9b186c28c91bd1a01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
17:05:28.0821 6744  vwifimp - ok
17:05:28.0864 6744  [ 1c9d80cc3849b3788048078c26486e1a ] W32Time         C:\Windows\system32\w32time.dll
17:05:28.0911 6744  W32Time - ok
17:05:28.0926 6744  [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
17:05:28.0960 6744  WacomPen - ok
17:05:28.0988 6744  [ 356afd78a6ed4457169241ac3965230c ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:05:29.0037 6744  WANARP - ok
17:05:29.0040 6744  [ 356afd78a6ed4457169241ac3965230c ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:05:29.0068 6744  Wanarpv6 - ok
17:05:29.0121 6744  [ 78f4e7f5c56cb9716238eb57da4b6a75 ] wbengine        C:\Windows\system32\wbengine.exe
17:05:29.0252 6744  wbengine - ok
17:05:29.0268 6744  [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:05:29.0299 6744  WbioSrvc - ok
17:05:29.0330 6744  [ 7368a2afd46e5a4481d1de9d14848edd ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:05:29.0393 6744  wcncsvc - ok
17:05:29.0408 6744  [ 20f7441334b18cee52027661df4a6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:05:29.0502 6744  WcsPlugInService - ok
17:05:29.0517 6744  [ 72889e16ff12ba0f235467d6091b17dc ] Wd              C:\Windows\system32\drivers\wd.sys
17:05:29.0549 6744  Wd - ok
17:05:29.0580 6744  [ a3d04ebf5227886029b4532f20d026f7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
17:05:29.0611 6744  WDC_SAM - ok
17:05:29.0658 6744  [ e6050fe6b60fa91188b8abdb5b1e339f ] WDDMService     C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
17:05:29.0705 6744  WDDMService ( UnsignedFile.Multi.Generic ) - warning
17:05:29.0705 6744  WDDMService - detected UnsignedFile.Multi.Generic (1)
17:05:29.0736 6744  [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:05:29.0783 6744  Wdf01000 - ok
17:05:29.0845 6744  [ b83d5071b32a70bebdb3330bfa7acb80 ] WDFME           C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
17:05:29.0901 6744  WDFME - ok
17:05:29.0914 6744  [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:05:30.0013 6744  WdiServiceHost - ok
17:05:30.0017 6744  [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:05:30.0032 6744  WdiSystemHost - ok
17:05:30.0056 6744  [ 94dc2bf6cbaaa95e369c3756d3115a76 ] wdkmd           C:\Windows\system32\DRIVERS\WDKMD.sys
17:05:30.0065 6744  wdkmd - ok
17:05:30.0083 6744  [ 517de2c5568cba6b2a24a557ac60c30b ] WDSC            C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
17:05:30.0099 6744  WDSC - ok
17:05:30.0124 6744  [ 3db6d04e1c64272f8b14eb8bc4616280 ] WebClient       C:\Windows\System32\webclnt.dll
17:05:30.0170 6744  WebClient - ok
17:05:30.0202 6744  [ c749025a679c5103e575e3b48e092c43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:05:30.0280 6744  Wecsvc - ok
17:05:30.0295 6744  [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:05:30.0358 6744  wercplsupport - ok
17:05:30.0389 6744  [ 6d137963730144698cbd10f202e9f251 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:05:30.0404 6744  WerSvc - ok
17:05:30.0420 6744  [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:05:30.0451 6744  WfpLwf - ok
17:05:30.0482 6744  [ b14ef15bd757fa488f9c970eee9c0d35 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
17:05:30.0514 6744  WimFltr - ok
17:05:30.0529 6744  [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:05:30.0545 6744  WIMMount - ok
17:05:30.0560 6744  WinDefend - ok
17:05:30.0560 6744  WinHttpAutoProxySvc - ok
17:05:30.0638 6744  [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:05:30.0670 6744  Winmgmt - ok
17:05:30.0748 6744  [ bcb1310604aa415c4508708975b3931e ] WinRM           C:\Windows\system32\WsmSvc.dll
17:05:30.0874 6744  WinRM - ok
17:05:30.0915 6744  [ fe88b288356e7b47b74b13372add906d ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
17:05:30.0972 6744  WinUsb - ok
17:05:31.0033 6744  [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:05:31.0077 6744  Wlansvc - ok
17:05:31.0105 6744  [ 06c8fa1cf39de6a735b54d906ba791c6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:05:31.0116 6744  wlcrasvc - ok
17:05:31.0237 6744  [ 2bacd71123f42cea603f4e205e1ae337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:05:31.0300 6744  wlidsvc - ok
17:05:31.0331 6744  [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
17:05:31.0393 6744  WmiAcpi - ok
17:05:31.0424 6744  [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:05:31.0456 6744  wmiApSrv - ok
17:05:31.0471 6744  WMPNetworkSvc - ok
17:05:31.0502 6744  [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:05:31.0565 6744  WPCSvc - ok
17:05:31.0580 6744  [ 93221146d4ebbf314c29b23cd6cc391d ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:05:31.0596 6744  WPDBusEnum - ok
17:05:31.0627 6744  [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:05:31.0658 6744  ws2ifsl - ok
17:05:31.0690 6744  [ e8b1fe6669397d1772d8196df0e57a9e ] wscsvc          C:\Windows\System32\wscsvc.dll
17:05:31.0768 6744  wscsvc - ok
17:05:31.0768 6744  WSearch - ok
17:05:31.0877 6744  [ d9ef901dca379cfe914e9fa13b73b4c4 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:05:31.0967 6744  wuauserv - ok
17:05:31.0979 6744  [ d3381dc54c34d79b22cee0d65ba91b7c ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:05:32.0023 6744  WudfPf - ok
17:05:32.0068 6744  [ cf8d590be3373029d57af80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:05:32.0129 6744  WUDFRd - ok
17:05:32.0147 6744  [ 7a95c95b6c4cf292d689106bcae49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:05:32.0178 6744  wudfsvc - ok
17:05:32.0194 6744  [ 9a3452b3c2a46c073166c5cf49fad1ae ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:05:32.0240 6744  WwanSvc - ok
17:05:32.0287 6744  ================ Scan global ===============================
17:05:32.0303 6744  (ba0cd8c393e8c9f83354106093832c7b) C:\Windows\system32\basesrv.dll
17:05:32.0334 6744  (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll
17:05:32.0350 6744  (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll
17:05:32.0365 6744  (d6160f9d869ba3af0b787f971db56368) C:\Windows\system32\sxssrv.dll
17:05:32.0412 6744  (24acb7e5be595468e3b9aa488b9b4fcb) C:\Windows\system32\services.exe
17:05:32.0428 6744  [Global] - ok
17:05:32.0428 6744  ================ Scan MBR ==================================
17:05:32.0443 6744  MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
17:05:32.0802 6744  \Device\Harddisk0\DR0 - ok
17:05:32.0802 6744  ================ Scan VBR ==================================
17:05:32.0802 6744  Boot (0x1200)   (aad909c1cc90eed1e49117c9b7e9463a) \Device\Harddisk0\DR0\Partition1
17:05:32.0818 6744  \Device\Harddisk0\DR0\Partition1 - ok
17:05:32.0849 6744  Boot (0x1200)   (935d9df834fa10b64d14e1f5bc549fdb) \Device\Harddisk0\DR0\Partition2
17:05:32.0849 6744  \Device\Harddisk0\DR0\Partition2 - ok
17:05:32.0849 6744  ============================================================
17:05:32.0849 6744  Scan finished
17:05:32.0849 6744  ============================================================
17:05:32.0864 6736  Detected object count: 3
17:05:32.0864 6736  Actual detected object count: 3
17:05:59.0067 6736  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
17:05:59.0067 6736  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:05:59.0067 6736  SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
17:05:59.0067 6736  SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:05:59.0067 6736  WDDMService ( UnsignedFile.Multi.Generic ) - skipped by user
17:05:59.0067 6736  WDDMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Antwort

Themen zu Ist vikyrefwaqis.exe ein Virus?
audiograbber, autorun, bho, converter, defender, error, firefox, flash player, format, google earth, helper, home, install.exe, logfile, mozilla, mp3, nvidia update, nvpciflt.sys, port, programm, realtek, registry, rundll, scan, security, smartbar, software, svchost.exe, usb, virus, windows




Zum Thema Ist vikyrefwaqis.exe ein Virus? - Hallo, Das Programm vikyrefwaqis.exe versucht Zugriff auf den PC über die Benutzerkontensteuerung zu bekommen. Wenn man hier auf nein klickt kommt die Meldung immer wieder. Die Datei wurde gestern erstellt, - Ist vikyrefwaqis.exe ein Virus?...
Archiv
Du betrachtest: Ist vikyrefwaqis.exe ein Virus? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.