Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: MyStart Incredibar vollständig entfernt?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 11.09.2012, 00:07   #1
hh107
 
MyStart Incredibar vollständig entfernt? - Standard

MyStart Incredibar vollständig entfernt?



Hi,
Zu aller erst einen großen Dank an die Leute, die mit großem Engagement in solchen Foren wie hier Leuten wie mir aus der Patsche helfen!

Habe folgendes Problem:

Wollte mir von Chip.de das Zip-Programm IZarc runterladen. Beim öffnen des Installers habe ich mir dann aber irgendwie für den Firefox nur diese Suchmaschine MyStart und die Incredibar eingefangen.
Nach einer kurzen Info-Suche mit den Ergebnissen "Malware" und "Trojaner" habe ich schnell CrapCleaner sowie AntiVir Premium und Malwarebytes Anti-Malware (komplett Suche) laufen lassen, ohne Funde.

Dann habe ich nach dieser Anleitung (http://www.trojaner-board.de/122287-...entfernen.html) alles entfernt was ging und anschließend Firefox neuinstalliert. Inzwischen habe ich nix mehr gefunden was nach MyStart oder Incredibar aussieht, aber selbst die sechste Regel dieses Forums besagt ja: "Das Verschwinden der Symptome bedeutet nicht, dass der PC auch wirklich sauber ist."
Wie kann ich sicher gehen, dass wirklich alles weg ist?

Ich bedanke mich vorraus.
MfG,
hh107

Code:
ATTFilter
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Datenbank Version: v2012.09.10.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Jack :: JACK-PC [Administrator]

10.09.2012 21:14:51
mbam-log-2012-09-10 (21-14-51).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 311187
Laufzeit: 51 Minute(n), 52 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         

Alt 11.09.2012, 13:40   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
MyStart Incredibar vollständig entfernt? - Standard

MyStart Incredibar vollständig entfernt?



Zitat:
Wollte mir von Chip.de das Zip-Programm IZarc runterladen. Beim öffnen des Installers habe ich mir dann aber irgendwie für den Firefox nur diese Suchmaschine MyStart und die Incredibar eingefangen.
Chip.de trifft da nun keine Schuld!
Der Anwender ist gefragt! Man muss sich nunmal alles sorgfältig durchlesen bevor man auf Weiter bei Installationen klickt, sonst kann man diesen Toolbar und anderen Schrott auch nicht abwählen!

Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt?
Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind.


adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)
__________________

__________________

Alt 11.09.2012, 14:12   #3
hh107
 
MyStart Incredibar vollständig entfernt? - Standard

MyStart Incredibar vollständig entfernt?



Hi Cosinus,
ich danke für deine schnelle Antwort!

Zitat:
Chip.de trifft da nun keine Schuld!
Wollte ich damit eigentlich auch nicht behaupten.

Zitat:
Man muss sich nunmal alles sorgfältig durchlesen bevor man auf Weiter bei Installationen klickt
Tue ich in der Regel sehr penibel... aber dieses mal scheine ich etwas übersehen zu haben.

Zitat:
Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt?
Nein habe ich leider nicht. Aber ich poste dir mal noch zwei weitere Quick-Scans von gestern Abend und einen Komplett-Scan von heute morgen:

Code:
ATTFilter
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Datenbank Version: v2012.09.10.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Jack :: JACK-PC [Administrator]

10.09.2012 21:09:14
mbam-log-2012-09-10 (21-09-14).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 201038
Laufzeit: 4 Minute(n), 55 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
Code:
ATTFilter
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Datenbank Version: v2012.09.10.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Jack :: JACK-PC [Administrator]

10.09.2012 22:29:25
mbam-log-2012-09-10 (22-29-25).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 200950
Laufzeit: 3 Minute(n), 23 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
Code:
ATTFilter
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Datenbank Version: v2012.09.11.02

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Jack :: JACK-PC [Administrator]

11.09.2012 09:27:01
mbam-log-2012-09-11 (09-27-01).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|G:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 312514
Laufzeit: 55 Minute(n), 53 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         

Und zum Abschluss die Logdatei, die mehr der AdwCleaner eben ausgespuckt hat:

Code:
ATTFilter
# AdwCleaner v2.001 - Datei am 09/11/2012 um 14:04:08 erstellt
# Aktualisiert am 09/09/2012 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzer : Jack - JACK-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Jack\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gefunden : C:\user.js

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\IM
Schlüssel Gefunden : HKCU\Software\ImInstaller
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Schlüssel Gefunden : HKLM\Software\Web Assistant
Schlüssel Gefunden : HKU\S-1-5-21-104389831-1260867909-377246109-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://mystart.incredibar.com/mb188?a=6PQJfiMCJZ&i=26

-\\ Mozilla Firefox v15.0.1 (de)

Profilname : default 
Datei : C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\qcof1woe.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [1746 octets] - [11/09/2012 14:04:08]

########## EOF - C:\AdwCleaner[R1].txt - [1806 octets] ##########
         

Viele Grüße,
hh107
__________________

Alt 11.09.2012, 14:17   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
MyStart Incredibar vollständig entfernt? - Standard

MyStart Incredibar vollständig entfernt?



adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 11.09.2012, 15:04   #5
hh107
 
MyStart Incredibar vollständig entfernt? - Standard

MyStart Incredibar vollständig entfernt?



Code:
ATTFilter
# AdwCleaner v2.001 - Datei am 09/11/2012 um 15:00:39 erstellt
# Aktualisiert am 09/09/2012 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzer : Jack - JACK-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Jack\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\user.js

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Schlüssel Gelöscht : HKLM\Software\Web Assistant
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

Wiederhergestellt : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKU\S-1-5-21-104389831-1260867909-377246109-1003\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://mystart.incredibar.com/mb188?a=6PQJfiMCJZ&i=26 --> hxxp://www.google.com

-\\ Mozilla Firefox v15.0.1 (de)

Profilname : default 
Datei : C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\qcof1woe.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [1875 octets] - [11/09/2012 14:04:08]
AdwCleaner[S1].txt - [2217 octets] - [11/09/2012 15:00:39]

########## EOF - C:\AdwCleaner[S1].txt - [2277 octets] ##########
         


Alt 11.09.2012, 21:26   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
MyStart Incredibar vollständig entfernt? - Standard

MyStart Incredibar vollständig entfernt?



Bitte ESET ausführen, danach sehen wir weiter!

Hinweis: ESET zeigt durchaus öfter ein paar Fehlalarme. Deswegen soll auch von ESET immer nur erst das Log gepostet und nichts entfernt werden.


ESET Online Scanner

Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten! Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten.
  • Anmerkung für Vista und Win7 User: Bitte den Browser unbedingt als Administrator starten.
  • Dein Anti-Virus-Programm während des Scans deaktivieren.

    Button (<< klick) drücken.
    • Firefox-User:
      Bitte esetsmartinstaller_enu.exe downloaden.Das Firefox-Addon auf dem Desktop speichern und dann installieren.
    • IE-User:
      müssen das Installieren eines ActiveX Elements erlauben.
  • Setze den einen Hacken bei Yes, i accept the Terms of Use.
  • Drücke den Button.
  • Warte bis die Komponenten herunter geladen wurden.
  • Setze einen Haken bei "Scan archives".
  • Gehe sicher, dass bei Remove Found Threads kein Haken gesetzt ist.
  • drücken.
  • Die Signaturen werden herunter geladen.Der Scan beginnt automatisch.
Wenn der Scan beendet wurde
  • Klicke .
  • Klicke und speichere das Logfile als ESET.txt auf dem Desktop.
  • Klicke Back und Finish
Bitte poste die Logfile hier.


Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
__________________
--> MyStart Incredibar vollständig entfernt?

Alt 11.09.2012, 23:45   #7
hh107
 
MyStart Incredibar vollständig entfernt? - Standard

MyStart Incredibar vollständig entfernt?



Code:
ATTFilter
C:\Users\Jack\AppData\Local\Temp\BI_RunOnce (1).exe	a variant of Win32/Somoto.A application
C:\Users\Jack\AppData\Local\Temp\BI_RunOnce (2).exe	a variant of Win32/Somoto.A application
C:\Users\Jack\AppData\Local\Temp\BI_RunOnce.exe	a variant of Win32/Somoto.A application
C:\Users\Jack\AppData\Local\Temp\LLp0MfEw.exe.part	a variant of Win32/Somoto.A application
         

Alt 12.09.2012, 01:15   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
MyStart Incredibar vollständig entfernt? - Standard

MyStart Incredibar vollständig entfernt?



Da schlummert womöglich doch noch mehr

Hätte da mal drei Fragen bevor es weiter geht

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?
3.) mystart/incredi ist nun weg?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 12.09.2012, 02:54   #9
hh107
 
MyStart Incredibar vollständig entfernt? - Standard

MyStart Incredibar vollständig entfernt?



Zitat:
Da schlummert womöglich doch noch mehr
Och nö...

Zitat:
1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
Eigentlich ging der schon die ganze Zeit... zumindest viel mir nix gravierendes auf. Beim Firefox allerdings habe ich einmal beim schließen von mehreren Tabs "Speichern und Beenden" gedrückt und sobald ich nun Firefox mit nur einem Tab beende öffnete er das nächste mal aus diesem alten "Speicherstand" und das obwohl ich zwischendurch auch schon ein paar andere male "Speichern und Beenden" gemacht habe.

Zitat:
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?
Vermissen tue ich nichts... Die beiden Ordner "Bluetooth Geräte" und "Autostart" sind zwar leer, aber das kann auch schon vorher so gewesen sein.

Zitat:
3.) mystart/incredi ist nun weg?
Seit dem entfernen mit dieser Anleitung (http://www.trojaner-board.de/122287-...entfernen.html) ganz am Anfang nix mehr davon gesehen.


Als alternative kann ich sonst auch einfach den Rechner halt ein mal platt machen und neu aufspielen, hatte gehofft, das zu vermeiden, aber wenn du mir dazu raten würdest? Oder kann es auch sein das auch persöhnliche Daten / Dokumente schon betroffen sind?

Ich danke vielmals für deinen Rat.
MfG
hh107

Alt 12.09.2012, 14:01   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
MyStart Incredibar vollständig entfernt? - Standard

MyStart Incredibar vollständig entfernt?



Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet
Code:
ATTFilter
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 12.09.2012, 21:54   #11
hh107
 
MyStart Incredibar vollständig entfernt? - Standard

MyStart Incredibar vollständig entfernt?



Code:
ATTFilter
OTL logfile created on: 12.09.2012 21:27:53 - Run 1
OTL by OldTimer - Version 3.2.61.3     Folder = C:\Users\Jack\Desktop
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,36 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 59,47% Memory free
4,71 Gb Paging File | 3,38 Gb Available in Paging File | 71,63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48,73 Gb Total Space | 25,86 Gb Free Space | 53,07% Space Free | Partition Type: NTFS
Drive D: | 547,34 Gb Total Space | 474,78 Gb Free Space | 86,74% Space Free | Partition Type: NTFS
 
Computer Name: JACK-PC | User Name: Jack | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.09.12 21:26:19 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Jack\Desktop\OTL.exe
PRC - [2012.09.07 16:36:02 | 001,328,960 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012.09.07 16:35:54 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012.09.07 16:35:43 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2012.09.07 16:34:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Programme\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2012.09.07 16:34:09 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012.09.07 16:34:09 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012.09.07 16:33:37 | 002,235,792 | ---- | M] (ELAN Microelectronics Corp.) -- C:\Programme\Elantech\ETDCtrl.exe
PRC - [2012.09.07 16:19:59 | 001,571,432 | ---- | M] (Realtek Semiconductor) -- C:\Programme\Realtek\Audio\HDA\RtHDVBg.exe
PRC - [2012.09.06 19:23:55 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.09.06 13:12:20 | 000,162,408 | ---- | M] (Geek Software GmbH) -- C:\Programme\PDF24\pdf24.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.05.09 11:32:39 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.05.09 11:32:23 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.09 11:32:13 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2012.05.09 11:32:11 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe
PRC - [2012.05.09 11:32:11 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.09.16 15:37:42 | 000,841,376 | ---- | M] (Atheros Communications) -- C:\Programme\Bluetooth Suite\BtvStack.exe
PRC - [2011.09.16 15:34:06 | 000,694,432 | ---- | M] (Atheros Commnucations) -- C:\Programme\Bluetooth Suite\AthBtTray.exe
PRC - [2011.09.16 15:33:36 | 000,084,640 | ---- | M] (Atheros Commnucations) -- C:\Programme\Bluetooth Suite\AdminService.exe
PRC - [2011.06.24 06:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011.06.01 10:32:06 | 000,506,712 | ---- | M] (Dolby Laboratories Inc.) -- C:\Dolby PCEE4\pcee4.exe
PRC - [2011.05.02 14:06:34 | 000,936,208 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe
PRC - [2011.05.02 13:56:08 | 001,210,640 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Common Files\Intel\WirelessCommon\iFrmewrk.exe
PRC - [2011.05.02 13:50:20 | 000,481,552 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2011.04.30 00:32:54 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.04.30 00:32:50 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.09.07 18:24:08 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll
MOD - [2012.09.07 16:17:50 | 000,492,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\8036b60a803443f3c61c48b4959f722d\IAStorUtil.ni.dll
MOD - [2012.09.07 16:17:50 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\d89ee849317b4d93ea78842dd78f79c0\IAStorCommon.ni.dll
MOD - [2012.09.07 15:26:37 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012.09.07 15:26:32 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012.09.07 15:26:24 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
MOD - [2012.09.07 15:26:12 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012.09.07 15:26:07 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012.09.07 15:26:05 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
MOD - [2012.09.07 15:25:58 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012.09.07 15:25:54 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012.09.07 15:25:51 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012.09.07 15:25:50 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.09.07 15:25:44 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012.03.19 22:09:08 | 000,094,208 | ---- | M] () -- C:\Windows\System32\IccLibDll.dll
MOD - [2010.11.13 01:19:04 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.07.14 10:47:11 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2012.09.07 16:35:43 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2012.09.07 16:34:09 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.09.07 16:34:09 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.09.06 03:25:06 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.09 11:32:23 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.09 11:32:13 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012.05.09 11:32:11 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2012.05.09 11:32:11 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.03.19 23:44:18 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IntelCpHeciSvc.exe -- (cphs)
SRV - [2011.09.16 15:33:36 | 000,084,640 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Programme\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2011.07.20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011.05.02 14:06:34 | 000,936,208 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2011.05.02 13:53:22 | 000,227,600 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV - [2011.05.02 13:50:20 | 000,481,552 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2011.04.30 00:32:54 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2012.09.07 16:35:42 | 000,024,896 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvpciflt.sys -- (nvpciflt)
DRV - [2012.09.07 16:35:41 | 010,360,640 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012.09.07 16:34:17 | 000,141,952 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV - [2012.09.07 16:34:17 | 000,063,872 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub)
DRV - [2012.05.09 11:32:39 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.05.09 11:32:39 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.05.09 11:32:39 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.09.16 15:41:02 | 000,025,248 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btath_bus.sys -- (BTATH_BUS)
DRV - [2011.05.16 14:57:46 | 000,042,536 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bScsiMSx.sys -- (bScsiMSx)
DRV - [2011.05.09 20:42:06 | 000,361,000 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x)
DRV - [2011.05.06 10:11:32 | 000,054,824 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bScsiSDx.sys -- (bScsiSDx)
DRV - [2011.01.20 18:14:50 | 000,017,960 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\b57xdmp.sys -- (b57xdmp)
DRV - [2011.01.20 18:14:48 | 000,060,456 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\b57xdbd.sys -- (b57xdbd)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.10.19 23:33:40 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (MEI)
DRV - [2010.06.17 15:30:17 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKU\S-1-5-21-104389831-1260867909-377246109-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-104389831-1260867909-377246109-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-104389831-1260867909-377246109-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-104389831-1260867909-377246109-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6F 57 14 91 5A 8C CD 01  [binary data]
IE - HKU\S-1-5-21-104389831-1260867909-377246109-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-104389831-1260867909-377246109-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-104389831-1260867909-377246109-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://forum.chip.de/browser-plugins/tabs-firefox-speichern-beenden-frage-aktivieren-viele-tabs-offen-1552792.html|hxxp://www.tagesschau.de/"
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.10 23:37:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Components: C:\Program Files\Mozilla Sunbird\components [2012.09.07 17:32:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Plugins: C:\Program Files\Mozilla Sunbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.09.10 13:27:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
 
[2012.09.07 17:33:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jack\AppData\Roaming\mozilla\Extensions
[2012.09.07 17:33:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jack\AppData\Roaming\mozilla\Extensions\{718e30fb-e89b-41dd-9da7-e25a45638b28}
[2012.09.10 23:42:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jack\AppData\Roaming\mozilla\Firefox\Profiles\qcof1woe.default\extensions
[2012.09.07 17:33:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jack\AppData\Roaming\mozilla\Sunbird\Profiles\h81vsjvn.default\extensions
[2012.09.10 23:37:26 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.09.06 03:26:03 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.09.06 04:07:37 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.06 04:07:37 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.09.06 04:07:37 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.09.06 04:07:37 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.09.06 04:07:37 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.09.06 04:07:37 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Programme\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O4 - HKLM..\Run: [AthBtTray] C:\Program Files\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4 - HKLM..\Run: [AtherosBtStack] C:\Program Files\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Dolby PCEE4\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4 - HKLM..\Run: [IAStorIcon] C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [PDFPrint] C:\Programme\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-104389831-1260867909-377246109-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Programme\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.169.185.161 83.169.185.225
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9E41463C-73FA-4A3D-AFDB-AF66D9D1F1C3}: DhcpNameServer = 83.169.185.161 83.169.185.225
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\nvinit.dll) - C:\Windows\System32\nvinit.dll (NVIDIA Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.12 21:26:15 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Users\Jack\Desktop\OTL.exe
[2012.09.11 22:56:07 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.09.11 19:10:59 | 000,000,000 | ---D | C] -- C:\Users\Jack\.thumbnails
[2012.09.11 19:09:18 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Local\fontconfig
[2012.09.11 19:09:14 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Local\gegl-0.2
[2012.09.11 19:09:14 | 000,000,000 | ---D | C] -- C:\Users\Jack\.gimp-2.8
[2012.09.11 16:19:24 | 000,000,000 | ---D | C] -- C:\Users\Jack\Desktop\120616_KarateCamp2012
[2012.09.11 14:02:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012.09.11 11:05:44 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Roaming\FreeFileSync
[2012.09.11 11:04:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeFileSync
[2012.09.11 11:04:42 | 000,000,000 | ---D | C] -- C:\Program Files\FreeFileSync
[2012.09.11 11:01:22 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2012.09.11 10:57:52 | 000,000,000 | R--D | C] -- C:\Users\Jack\Dropbox
[2012.09.11 10:56:19 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2012.09.11 10:55:57 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Roaming\Dropbox
[2012.09.11 10:54:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2012.09.10 23:37:27 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.09.10 23:37:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.09.10 23:37:26 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.09.10 20:41:42 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Roaming\Malwarebytes
[2012.09.10 20:41:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.09.10 20:41:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.09.10 20:41:23 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.09.10 20:41:23 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.09.10 20:28:40 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012.09.10 18:53:22 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Roaming\Macromedia
[2012.09.10 18:53:22 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Local\Macromedia
[2012.09.10 18:53:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2012.09.10 16:23:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
[2012.09.10 16:23:23 | 000,000,000 | ---D | C] -- C:\Program Files\PDF24
[2012.09.10 16:23:00 | 000,000,000 | ---D | C] -- C:\Program Files\Lame For Audacity
[2012.09.10 16:20:23 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Roaming\Audacity
[2012.09.10 16:19:23 | 000,000,000 | ---D | C] -- C:\Program Files\Audacity
[2012.09.10 15:28:21 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
[2012.09.10 15:27:19 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2012.09.10 15:21:15 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Roaming\Skype
[2012.09.10 15:21:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.09.10 15:21:04 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012.09.10 15:21:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012.09.10 15:21:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012.09.10 14:35:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012.09.10 14:34:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2012.09.10 14:34:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012.09.10 14:34:35 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012.09.10 14:32:36 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Local\Microsoft Help
[2012.09.10 14:32:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012.09.10 14:32:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012.09.10 14:32:18 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012.09.10 13:46:38 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Roaming\Adobe
[2012.09.10 13:46:38 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Local\Adobe
[2012.09.10 13:45:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012.09.10 13:45:19 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012.09.10 13:44:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012.09.10 13:27:14 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2012.09.10 13:02:03 | 000,000,000 | ---D | C] -- C:\ProgramData\firebird
[2012.09.10 12:38:46 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Roaming\Thunderbird
[2012.09.10 12:38:46 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Local\Thunderbird
[2012.09.10 12:11:36 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Local\{4D2C8553-BD6F-4C19-8C97-7F12F83C1B58}
[2012.09.10 12:03:53 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Local\InstallShare
[2012.09.07 17:32:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Sunbird
[2012.09.07 17:32:56 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Sunbird
[2012.09.07 17:30:49 | 000,000,000 | R--D | C] -- C:\Users\Jack\Desktop\Print
[2012.09.07 17:21:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.09.07 17:21:56 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.09.07 17:14:37 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Roaming\Intel
[2012.09.07 17:14:30 | 000,000,000 | ---D | C] -- C:\Users\Jack\Roaming
[2012.09.07 17:14:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Roaming
[2012.09.07 17:13:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
[2012.09.07 17:13:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012.09.07 17:13:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2012.09.07 17:12:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel Corporation
[2012.09.07 17:09:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\NV
[2012.09.07 17:07:30 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco
[2012.09.07 17:06:16 | 000,400,544 | ---- | C] (Atheros) -- C:\Windows\System32\athihvs.dll
[2012.09.07 17:06:16 | 000,064,672 | ---- | C] (Atheros) -- C:\Windows\System32\athihvui.dll
[2012.09.07 17:06:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\nn-NO
[2012.09.07 17:06:16 | 000,000,000 | ---D | C] -- C:\Program Files\Atheros
[2012.09.07 17:03:24 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012.09.07 17:03:08 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012.09.07 17:02:30 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2012.09.07 17:01:57 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012.09.07 17:00:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
[2012.09.07 17:00:22 | 000,000,000 | ---D | C] -- C:\Program Files\Renesas Electronics
[2012.09.07 16:56:50 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2012.09.07 16:55:55 | 000,000,000 | ---D | C] -- C:\Program Files\Elantech
[2012.09.07 16:52:43 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll
[2012.09.07 16:50:22 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2012.09.07 16:47:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2012.09.07 16:42:48 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Roaming\Atheros
[2012.09.07 16:42:45 | 000,000,000 | R--D | C] -- C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2012.09.07 16:42:13 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
[2012.09.07 16:42:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Atheros
[2012.09.07 16:42:01 | 000,000,000 | ---D | C] -- C:\Program Files\Bluetooth Suite
[2012.09.07 16:34:17 | 000,141,952 | ---- | C] (Renesas Electronics Corporation) -- C:\Windows\System32\drivers\nusb3xhc.sys
[2012.09.07 16:34:17 | 000,063,872 | ---- | C] (Renesas Electronics Corporation) -- C:\Windows\System32\drivers\nusb3hub.sys
[2012.09.07 16:21:27 | 000,000,000 | ---D | C] -- C:\Dolby PCEE4
[2012.09.07 16:21:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
[2012.09.07 16:21:13 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2012.09.07 16:20:52 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2012.09.07 16:20:52 | 001,725,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2012.09.07 16:20:52 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2012.09.07 16:20:52 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2012.09.07 16:20:52 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2012.09.07 16:20:51 | 000,214,368 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFNHK.dll
[2012.09.07 16:20:51 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2012.09.07 16:20:51 | 000,074,080 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFCOM.dll
[2012.09.07 16:20:51 | 000,068,960 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFAPO.dll
[2012.09.07 16:20:50 | 003,296,600 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2012.09.07 16:20:50 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2012.09.07 16:20:50 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2012.09.07 16:20:50 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2012.09.07 16:20:50 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2012.09.07 16:20:50 | 000,103,256 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2012.09.07 16:20:50 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2012.09.07 16:20:50 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2012.09.07 16:20:49 | 003,327,320 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2012.09.07 16:20:49 | 000,345,944 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2012.09.07 16:20:49 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2012.09.07 16:20:49 | 000,088,408 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll
[2012.09.07 16:20:49 | 000,061,272 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2012.09.07 16:20:48 | 001,836,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2012.09.07 16:20:48 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2012.09.07 16:20:48 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2012.09.07 16:20:48 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2012.09.07 16:20:46 | 001,740,352 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2012.09.07 16:20:46 | 000,601,704 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2012.09.07 16:20:45 | 001,509,480 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2012.09.07 16:20:45 | 001,292,904 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2012.09.07 16:20:45 | 001,220,200 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2012.09.07 16:20:45 | 000,654,952 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2012.09.07 16:20:45 | 000,631,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2012.09.07 16:20:45 | 000,458,344 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2012.09.07 16:20:45 | 000,389,736 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2012.09.07 16:20:45 | 000,375,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2012.09.07 16:20:45 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2012.09.07 16:20:45 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2012.09.07 16:20:45 | 000,218,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2012.09.07 16:20:45 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012.09.07 16:20:42 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2012.09.07 16:20:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2012.09.07 16:18:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\postureAgent
[2012.09.07 11:03:23 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Roaming\Windows Live Writer
[2012.09.07 11:03:23 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Local\Windows Live Writer
[2012.09.07 10:51:42 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Local\Windows Live
[2012.09.07 10:51:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2012.09.07 10:27:54 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Roaming\Intel Corporation
[2012.09.07 10:25:41 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2012.09.07 10:24:59 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012.09.07 10:24:58 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Roaming\InstallShield
[2012.09.06 21:53:49 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Roaming\vlc
[2012.09.06 20:44:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012.09.06 20:44:19 | 000,000,000 | ---D | C] -- C:\Program Files\VLC
[2012.09.06 20:27:00 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2012.09.06 20:09:25 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Roaming\Mozilla
[2012.09.06 20:09:25 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Local\Mozilla
[2012.09.06 20:07:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012.09.06 19:42:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2012.09.06 19:41:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2012.09.06 19:37:36 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2012.09.05 17:17:52 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012.09.05 17:17:52 | 000,000,000 | ---D | C] -- C:\Intel
[2012.09.05 16:34:05 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Roaming\Avira
[2012.09.05 16:28:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.09.05 16:28:26 | 000,137,928 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2012.09.05 16:28:26 | 000,083,392 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.09.05 16:28:26 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.09.05 16:28:26 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012.09.05 16:28:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.09.05 16:28:25 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2012.09.05 16:22:47 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Local\Diagnostics
[2012.09.05 16:19:21 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012.09.05 16:09:14 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012.09.05 15:38:03 | 000,000,000 | R--D | C] -- C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.09.05 15:38:03 | 000,000,000 | R--D | C] -- C:\Users\Jack\Searches
[2012.09.05 15:38:03 | 000,000,000 | R--D | C] -- C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.09.05 15:37:55 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Roaming\Identities
[2012.09.05 15:37:53 | 000,000,000 | R--D | C] -- C:\Users\Jack\Contacts
[2012.09.05 15:37:48 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Local\VirtualStore
[2012.09.05 15:37:45 | 000,000,000 | -HSD | C] -- C:\Users\Jack\Vorlagen
[2012.09.05 15:37:45 | 000,000,000 | -HSD | C] -- C:\Users\Jack\AppData\Local\Verlauf
[2012.09.05 15:37:45 | 000,000,000 | -HSD | C] -- C:\Users\Jack\AppData\Local\Temporary Internet Files
[2012.09.05 15:37:45 | 000,000,000 | -HSD | C] -- C:\Users\Jack\Startmenü
[2012.09.05 15:37:45 | 000,000,000 | -HSD | C] -- C:\Users\Jack\SendTo
[2012.09.05 15:37:45 | 000,000,000 | -HSD | C] -- C:\Users\Jack\Recent
[2012.09.05 15:37:45 | 000,000,000 | -HSD | C] -- C:\Users\Jack\Netzwerkumgebung
[2012.09.05 15:37:45 | 000,000,000 | -HSD | C] -- C:\Users\Jack\Lokale Einstellungen
[2012.09.05 15:37:45 | 000,000,000 | -HSD | C] -- C:\Users\Jack\Documents\Eigene Videos
[2012.09.05 15:37:45 | 000,000,000 | -HSD | C] -- C:\Users\Jack\Documents\Eigene Musik
[2012.09.05 15:37:45 | 000,000,000 | -HSD | C] -- C:\Users\Jack\Eigene Dateien
[2012.09.05 15:37:45 | 000,000,000 | -HSD | C] -- C:\Users\Jack\Documents\Eigene Bilder
[2012.09.05 15:37:45 | 000,000,000 | -HSD | C] -- C:\Users\Jack\Druckumgebung
[2012.09.05 15:37:45 | 000,000,000 | -HSD | C] -- C:\Users\Jack\Cookies
[2012.09.05 15:37:45 | 000,000,000 | -HSD | C] -- C:\Users\Jack\AppData\Local\Anwendungsdaten
[2012.09.05 15:37:45 | 000,000,000 | -HSD | C] -- C:\Users\Jack\Anwendungsdaten
[2012.09.05 15:37:44 | 000,000,000 | --SD | C] -- C:\Users\Jack\AppData\Roaming\Microsoft
[2012.09.05 15:37:44 | 000,000,000 | R--D | C] -- C:\Users\Jack\Videos
[2012.09.05 15:37:44 | 000,000,000 | R--D | C] -- C:\Users\Jack\Saved Games
[2012.09.05 15:37:44 | 000,000,000 | R--D | C] -- C:\Users\Jack\Pictures
[2012.09.05 15:37:44 | 000,000,000 | R--D | C] -- C:\Users\Jack\Music
[2012.09.05 15:37:44 | 000,000,000 | R--D | C] -- C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.09.05 15:37:44 | 000,000,000 | R--D | C] -- C:\Users\Jack\Links
[2012.09.05 15:37:44 | 000,000,000 | R--D | C] -- C:\Users\Jack\Favorites
[2012.09.05 15:37:44 | 000,000,000 | R--D | C] -- C:\Users\Jack\Downloads
[2012.09.05 15:37:44 | 000,000,000 | R--D | C] -- C:\Users\Jack\Documents
[2012.09.05 15:37:44 | 000,000,000 | R--D | C] -- C:\Users\Jack\Desktop
[2012.09.05 15:37:44 | 000,000,000 | R--D | C] -- C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.09.05 15:37:44 | 000,000,000 | -H-D | C] -- C:\Users\Jack\AppData
[2012.09.05 15:37:44 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Local\Temp
[2012.09.05 15:37:44 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Local\Microsoft
[2012.09.05 15:37:44 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Roaming\Media Center Programs
[2012.09.05 15:37:37 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2012.09.05 15:37:37 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2012.09.05 15:37:37 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012.09.05 15:37:37 | 000,000,000 | -HSD | C] -- C:\Programme
[2012.09.05 15:37:37 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2012.09.05 15:37:37 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2012.09.05 15:37:37 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2012.09.05 15:37:37 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2012.09.05 15:37:37 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2012.09.05 15:37:37 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2012.09.05 15:37:37 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2012.09.05 15:37:37 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2012.09.05 15:37:34 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.09.05 15:20:31 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012.09.05 15:19:46 | 000,000,000 | -HSD | C] -- C:\System Volume Information
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.12 21:27:18 | 000,016,704 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.12 21:27:18 | 000,016,704 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.12 21:26:19 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Jack\Desktop\OTL.exe
[2012.09.12 21:23:54 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.09.12 21:23:54 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.09.12 21:23:54 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.09.12 21:23:54 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.09.12 21:19:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.12 21:19:27 | 1898,336,256 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.11 19:10:59 | 000,000,855 | ---- | M] () -- C:\Users\Jack\AppData\Local\recently-used.xbel
[2012.09.11 14:03:49 | 000,512,399 | ---- | M] () -- C:\Users\Jack\Desktop\adwcleaner.exe
[2012.09.10 16:13:26 | 000,365,816 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.09.07 17:07:13 | 000,749,082 | ---- | M] () -- C:\Windows\System32\oem31.inf
[2012.09.07 17:06:45 | 000,006,656 | ---- | M] () -- C:\Windows\System32\bcmwlrc.dll
[2012.09.07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.09.07 16:56:54 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2012.09.07 16:51:25 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_b57xdbd_01009.Wdf
[2012.09.07 16:42:51 | 000,001,204 | ---- | M] () -- C:\Windows\System32\drivers\ramps_0x01020200_40_0x02.dfu
[2012.09.07 16:42:50 | 000,001,242 | ---- | M] () -- C:\Windows\System32\drivers\ramps_0x01020200_40_0x01.dfu
[2012.09.07 16:42:50 | 000,001,204 | ---- | M] () -- C:\Windows\System32\drivers\ramps_0x01020200_40.dfu
[2012.09.07 16:42:50 | 000,001,198 | ---- | M] () -- C:\Windows\System32\drivers\ramps_0x01020200_26.dfu
[2012.09.07 16:42:49 | 000,246,804 | ---- | M] () -- C:\Windows\System32\drivers\AtherosBt.bin
[2012.09.07 16:35:45 | 002,417,322 | ---- | M] () -- C:\Windows\System32\nvcoproc.bin
[2012.09.07 16:35:43 | 000,061,248 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2012.09.07 16:35:40 | 000,004,359 | ---- | M] () -- C:\Windows\System32\nvinfo.pb
[2012.09.07 16:34:17 | 000,141,952 | ---- | M] (Renesas Electronics Corporation) -- C:\Windows\System32\drivers\nusb3xhc.sys
[2012.09.07 16:34:17 | 000,063,872 | ---- | M] (Renesas Electronics Corporation) -- C:\Windows\System32\drivers\nusb3hub.sys
[2012.09.07 16:34:09 | 000,008,192 | ---- | M] () -- C:\Windows\System32\drivers\IntelMEFWVer.dll
[2012.09.07 16:34:01 | 000,144,680 | ---- | M] (Synaptics Incorporated) -- C:\Windows\System32\SynGlwPadShlExt.dll
[2012.09.07 16:32:46 | 000,053,248 | ---- | M] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll
[2012.09.07 16:20:04 | 001,783,056 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2012.09.07 16:20:04 | 001,725,784 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2012.09.07 16:20:03 | 000,345,328 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2012.09.07 16:20:03 | 000,185,584 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2012.09.07 16:20:03 | 000,173,296 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2012.09.07 16:20:03 | 000,140,528 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2012.09.07 16:20:02 | 000,214,368 | ---- | M] (Synopsys, Inc.) -- C:\Windows\System32\SFNHK.dll
[2012.09.07 16:20:02 | 000,074,080 | ---- | M] (Synopsys, Inc.) -- C:\Windows\System32\SFCOM.dll
[2012.09.07 16:20:02 | 000,068,960 | ---- | M] (Synopsys, Inc.) -- C:\Windows\System32\SFAPO.dll
[2012.09.07 16:19:59 | 000,359,768 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2012.09.07 16:19:59 | 000,170,840 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2012.09.07 16:19:59 | 000,078,680 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2012.09.07 16:19:59 | 000,064,856 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2012.09.07 16:19:58 | 003,327,320 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2012.09.07 16:19:58 | 000,295,768 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2012.09.07 16:19:58 | 000,295,768 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2012.09.07 16:19:58 | 000,252,760 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2012.09.07 16:19:57 | 001,836,376 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2012.09.07 16:19:57 | 000,259,928 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2012.09.07 16:19:57 | 000,232,792 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2012.09.07 16:19:57 | 000,132,368 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2012.09.07 16:19:54 | 001,740,352 | ---- | M] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2012.09.07 16:19:54 | 000,601,704 | ---- | M] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2012.09.07 16:19:53 | 001,509,480 | ---- | M] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2012.09.07 16:19:53 | 001,292,904 | ---- | M] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2012.09.07 16:19:53 | 001,220,200 | ---- | M] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2012.09.07 16:19:53 | 000,654,952 | ---- | M] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2012.09.07 16:19:53 | 000,631,400 | ---- | M] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2012.09.07 16:19:53 | 000,458,344 | ---- | M] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2012.09.07 16:19:53 | 000,389,736 | ---- | M] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2012.09.07 16:19:53 | 000,375,400 | ---- | M] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2012.09.07 16:19:53 | 000,218,728 | ---- | M] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2012.09.07 16:19:53 | 000,218,728 | ---- | M] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2012.09.07 16:19:53 | 000,218,216 | ---- | M] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2012.09.07 16:19:43 | 000,247,560 | ---- | M] () -- C:\Windows\System32\drivers\RTConvEQ.dat
[2012.09.07 16:19:43 | 000,039,672 | ---- | M] () -- C:\Windows\System32\drivers\RtPCEE3.DAT
[2012.09.07 16:19:43 | 000,003,206 | ---- | M] () -- C:\Windows\System32\drivers\RtPCEE4.DAT
[2012.09.07 16:19:43 | 000,001,448 | ---- | M] () -- C:\Windows\System32\drivers\RtHdatEx.dat
[2012.09.07 16:19:43 | 000,000,520 | ---- | M] () -- C:\Windows\System32\drivers\RTEQEX3.dat
[2012.09.07 16:19:43 | 000,000,520 | ---- | M] () -- C:\Windows\System32\drivers\RTEQEX2.dat
[2012.09.07 16:19:43 | 000,000,520 | ---- | M] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2012.09.07 16:19:43 | 000,000,520 | ---- | M] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2012.09.07 16:19:43 | 000,000,176 | ---- | M] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
[2012.09.07 16:19:43 | 000,000,016 | ---- | M] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2012.09.06 20:25:39 | 000,046,512 | ---- | M] () -- C:\Users\Jack\Desktop\Unbenannt.PNG
[2012.09.05 17:09:12 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012.09.05 16:07:20 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.09.05 15:22:56 | 000,057,035 | ---- | M] () -- C:\Windows\System32\license.rtf
 
========== Files Created - No Company Name ==========
 
[2012.09.11 19:10:59 | 000,000,855 | ---- | C] () -- C:\Users\Jack\AppData\Local\recently-used.xbel
[2012.09.11 14:03:49 | 000,512,399 | ---- | C] () -- C:\Users\Jack\Desktop\adwcleaner.exe
[2012.09.11 11:02:40 | 000,001,045 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2012.09.10 23:37:30 | 000,001,100 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.09.10 16:19:29 | 000,000,977 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
[2012.09.10 13:45:35 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.09.10 13:27:15 | 000,002,044 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2012.09.07 17:07:19 | 000,749,082 | ---- | C] () -- C:\Windows\System32\oem31.inf
[2012.09.07 17:06:56 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2012.09.07 17:03:12 | 002,417,322 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2012.09.07 17:02:32 | 000,004,359 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2012.09.07 16:56:54 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2012.09.07 16:51:25 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_b57xdbd_01009.Wdf
[2012.09.07 16:20:54 | 000,247,560 | ---- | C] () -- C:\Windows\System32\drivers\RTConvEQ.dat
[2012.09.07 16:20:54 | 000,039,672 | ---- | C] () -- C:\Windows\System32\drivers\RtPCEE3.DAT
[2012.09.07 16:20:54 | 000,003,206 | ---- | C] () -- C:\Windows\System32\drivers\RtPCEE4.DAT
[2012.09.07 16:20:54 | 000,001,448 | ---- | C] () -- C:\Windows\System32\drivers\RtHdatEx.dat
[2012.09.07 16:20:54 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX3.dat
[2012.09.07 16:20:54 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX2.dat
[2012.09.07 16:20:54 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2012.09.07 16:20:54 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2012.09.07 16:20:54 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
[2012.09.07 16:20:54 | 000,000,016 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2012.09.07 16:18:29 | 000,008,192 | ---- | C] () -- C:\Windows\System32\drivers\IntelMEFWVer.dll
[2012.09.06 20:25:39 | 000,046,512 | ---- | C] () -- C:\Users\Jack\Desktop\Unbenannt.PNG
[2012.09.06 19:38:11 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2012.09.06 19:37:26 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012.09.06 19:37:25 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2012.09.06 19:37:16 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2012.09.05 17:09:12 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012.09.05 16:07:20 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.09.05 15:38:04 | 000,001,409 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.09.05 15:22:51 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012.09.05 15:22:42 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012.09.05 15:19:46 | 1898,336,256 | -HS- | C] () -- C:\hiberfil.sys
[2012.03.19 23:26:08 | 000,145,804 | ---- | C] () -- C:\Windows\System32\igcompkrng600.bin
[2012.03.19 23:26:06 | 000,963,912 | ---- | C] () -- C:\Windows\System32\igkrng600.bin
[2012.03.19 23:26:06 | 000,261,208 | ---- | C] () -- C:\Windows\System32\igfcg600m.bin
[2012.03.19 23:25:58 | 000,058,880 | ---- | C] () -- C:\Windows\System32\igdde32.dll
[2012.03.19 22:21:14 | 013,212,672 | ---- | C] () -- C:\Windows\System32\ig4icd32.dll
[2012.03.19 22:11:22 | 000,009,216 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2012.03.19 22:09:28 | 000,000,264 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2012.03.19 22:09:08 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll
[2011.09.16 15:16:08 | 000,246,804 | ---- | C] () -- C:\Windows\System32\drivers\AtherosBt.bin
 
========== LOP Check ==========
 
[2012.09.10 16:22:46 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Audacity
[2012.09.11 17:42:01 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Dropbox
[2012.09.11 11:05:51 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\FreeFileSync
[2012.09.10 12:38:46 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Thunderbird
[2012.09.08 22:29:58 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Windows Live Writer
[2009.07.14 06:53:46 | 000,010,708 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.09.10 13:46:38 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Adobe
[2012.09.07 16:42:48 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Atheros
[2012.09.10 16:22:46 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Audacity
[2012.09.05 16:34:05 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Avira
[2012.09.11 17:42:01 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Dropbox
[2012.09.11 11:05:51 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\FreeFileSync
[2012.09.05 15:37:55 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Identities
[2012.09.07 10:24:58 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\InstallShield
[2012.09.07 17:14:37 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Intel
[2012.09.07 10:27:54 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Intel Corporation
[2012.09.10 18:53:22 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Macromedia
[2012.09.10 20:41:42 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Malwarebytes
[2009.07.14 10:56:56 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Media Center Programs
[2012.09.11 12:36:06 | 000,000,000 | --SD | M] -- C:\Users\Jack\AppData\Roaming\Microsoft
[2012.09.07 17:33:13 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Mozilla
[2012.09.10 16:16:16 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Skype
[2012.09.10 12:38:46 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Thunderbird
[2012.09.11 22:16:42 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\vlc
[2012.09.08 22:29:58 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Windows Live Writer
 
< %APPDATA%\*.exe /s >
[2012.08.28 00:56:34 | 027,031,312 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jack\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2012.08.28 00:56:36 | 000,874,424 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jack\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2012.08.28 00:56:44 | 000,181,784 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jack\AppData\Roaming\Dropbox\bin\Uninstall.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: IASTOR.SYS  >
[2011.04.26 10:57:06 | 000,461,080 | ---- | M] (Intel Corporation) MD5=9615DAF540B2C04DC871D10D7AE59F38 -- C:\Windows\System32\drivers\iaStor.sys
[2011.04.26 10:57:06 | 000,461,080 | ---- | M] (Intel Corporation) MD5=9615DAF540B2C04DC871D10D7AE59F38 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_868c7a2987d8afc0\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >

< End of report >
         

Alt 13.09.2012, 16:04   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
MyStart Incredibar vollständig entfernt? - Standard

MyStart Incredibar vollständig entfernt?



Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
FF - user.js - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
:Files
C:\Users\Jack\AppData\Local\{* 
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
         
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 13.09.2012, 19:52   #13
hh107
 
MyStart Incredibar vollständig entfernt? - Standard

MyStart Incredibar vollständig entfernt?



Das OTL-Logfile "09132012_194041":

Code:
ATTFilter
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
========== FILES ==========
C:\Users\Jack\AppData\Local\{4D2C8553-BD6F-4C19-8C97-7F12F83C1B58} folder moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Jack\Desktop\cmd.bat deleted successfully.
C:\Users\Jack\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Jack
->Temp folder emptied: 29390030 bytes
->Temporary Internet Files folder emptied: 87112123 bytes
->FireFox cache emptied: 143278400 bytes
->Flash cache emptied: 1190 bytes
 
User: Public
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 9728 bytes
RecycleBin emptied: 8517969 bytes
 
Total Files Cleaned = 256,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.61.3 log created on 09132012_194041

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
         
Ich danke dir tausend mal für deine Hilfe!

Alt 14.09.2012, 13:30   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
MyStart Incredibar vollständig entfernt? - Standard

MyStart Incredibar vollständig entfernt?



Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 14.09.2012, 17:48   #15
hh107
 
MyStart Incredibar vollständig entfernt? - Standard

MyStart Incredibar vollständig entfernt?



TDSS-Killer-Report:

Code:
ATTFilter
17:43:41.0255 3628  TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
17:43:41.0285 3628  ============================================================
17:43:41.0285 3628  Current date / time: 2012/09/14 17:43:41.0285
17:43:41.0285 3628  SystemInfo:
17:43:41.0285 3628  
17:43:41.0285 3628  OS Version: 6.1.7601 ServicePack: 1.0
17:43:41.0285 3628  Product type: Workstation
17:43:41.0285 3628  ComputerName: JACK-PC
17:43:41.0285 3628  UserName: Jack
17:43:41.0285 3628  Windows directory: C:\Windows
17:43:41.0285 3628  System windows directory: C:\Windows
17:43:41.0285 3628  Processor architecture: Intel x86
17:43:41.0285 3628  Number of processors: 8
17:43:41.0285 3628  Page size: 0x1000
17:43:41.0285 3628  Boot type: Normal boot
17:43:41.0285 3628  ============================================================
17:43:41.0805 3628  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:43:41.0805 3628  ============================================================
17:43:41.0805 3628  \Device\Harddisk0\DR0:
17:43:41.0815 3628  MBR partitions:
17:43:41.0815 3628  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:43:41.0815 3628  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x6176000
17:43:41.0815 3628  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x61A8800, BlocksNum 0x446AF000
17:43:41.0815 3628  ============================================================
17:43:41.0835 3628  C: <-> \Device\Harddisk0\DR0\Partition2
17:43:41.0875 3628  D: <-> \Device\Harddisk0\DR0\Partition3
17:43:41.0875 3628  ============================================================
17:43:41.0875 3628  Initialize success
17:43:41.0875 3628  ============================================================
17:44:39.0106 5532  ============================================================
17:44:39.0106 5532  Scan started
17:44:39.0106 5532  Mode: Manual; SigCheck; TDLFS; 
17:44:39.0106 5532  ============================================================
17:44:39.0309 5532  ================ Scan system memory ========================
17:44:39.0309 5532  System memory - ok
17:44:39.0309 5532  ================ Scan services =============================
17:44:39.0512 5532  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
17:44:39.0668 5532  1394ohci - ok
17:44:39.0699 5532  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:44:39.0730 5532  ACPI - ok
17:44:39.0761 5532  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:44:39.0824 5532  AcpiPmi - ok
17:44:39.0933 5532  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
17:44:39.0949 5532  AdobeARMservice - ok
17:44:40.0011 5532  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
17:44:40.0058 5532  adp94xx - ok
17:44:40.0073 5532  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
17:44:40.0089 5532  adpahci - ok
17:44:40.0089 5532  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
17:44:40.0105 5532  adpu320 - ok
17:44:40.0151 5532  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:44:40.0214 5532  AeLookupSvc - ok
17:44:40.0276 5532  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
17:44:40.0339 5532  AFD - ok
17:44:40.0385 5532  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
17:44:40.0417 5532  agp440 - ok
17:44:40.0463 5532  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
17:44:40.0479 5532  aic78xx - ok
17:44:40.0541 5532  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
17:44:40.0604 5532  ALG - ok
17:44:40.0635 5532  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:44:40.0651 5532  aliide - ok
17:44:40.0666 5532  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
17:44:40.0682 5532  amdagp - ok
17:44:40.0697 5532  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
17:44:40.0713 5532  amdide - ok
17:44:40.0744 5532  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
17:44:40.0791 5532  AmdK8 - ok
17:44:40.0807 5532  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
17:44:40.0838 5532  AmdPPM - ok
17:44:40.0885 5532  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:44:40.0900 5532  amdsata - ok
17:44:40.0916 5532  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
17:44:40.0947 5532  amdsbs - ok
17:44:40.0963 5532  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:44:40.0978 5532  amdxata - ok
17:44:41.0041 5532  [ B9B5DFAFEA592BD4CA967824EBB42E3D ] AntiVirMailService C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
17:44:41.0103 5532  AntiVirMailService - ok
17:44:41.0150 5532  [ 67B1D78711B4386C26241096326EE14A ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
17:44:41.0165 5532  AntiVirSchedulerService - ok
17:44:41.0181 5532  [ 845C4E7AE211EDAD5E0B832126F56932 ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
17:44:41.0197 5532  AntiVirService - ok
17:44:41.0228 5532  [ 30D71E0C149943A8985D02EA0944F2FE ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
17:44:41.0243 5532  AntiVirWebService - ok
17:44:41.0275 5532  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
17:44:41.0399 5532  AppID - ok
17:44:41.0446 5532  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:44:41.0524 5532  AppIDSvc - ok
17:44:41.0555 5532  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo         C:\Windows\System32\appinfo.dll
17:44:41.0618 5532  Appinfo - ok
17:44:41.0649 5532  [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt         C:\Windows\System32\appmgmts.dll
17:44:41.0696 5532  AppMgmt - ok
17:44:41.0743 5532  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
17:44:41.0774 5532  arc - ok
17:44:41.0774 5532  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
17:44:41.0774 5532  arcsas - ok
17:44:41.0789 5532  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:44:41.0914 5532  AsyncMac - ok
17:44:41.0945 5532  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
17:44:41.0961 5532  atapi - ok
17:44:42.0023 5532  [ FF18F1868EFF449D51BA35E67BA1CC52 ] AtherosSvc      C:\Program Files\Bluetooth Suite\adminservice.exe
17:44:42.0039 5532  AtherosSvc - ok
17:44:42.0086 5532  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:44:42.0164 5532  AudioEndpointBuilder - ok
17:44:42.0179 5532  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
17:44:42.0195 5532  Audiosrv - ok
17:44:42.0226 5532  [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
17:44:42.0273 5532  avgntflt - ok
17:44:42.0304 5532  [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
17:44:42.0320 5532  avipbb - ok
17:44:42.0335 5532  [ 53E56450DA16A1A7F0D002F511113F67 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
17:44:42.0351 5532  avkmgr - ok
17:44:42.0398 5532  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:44:42.0460 5532  AxInstSV - ok
17:44:42.0507 5532  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
17:44:42.0585 5532  b06bdrv - ok
17:44:42.0616 5532  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
17:44:42.0647 5532  b57nd60x - ok
17:44:42.0679 5532  [ 49FDCF47003B3C676BF6F455E4985E54 ] b57xdbd         C:\Windows\system32\DRIVERS\b57xdbd.sys
17:44:42.0710 5532  b57xdbd - ok
17:44:42.0725 5532  [ 86F6372EC5FD10197CF8B6F18DC5783C ] b57xdmp         C:\Windows\system32\DRIVERS\b57xdmp.sys
17:44:42.0741 5532  b57xdmp - ok
17:44:42.0913 5532  [ EA0B976854393EBD1FAAB4A0A22B1124 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl6.sys
17:44:43.0037 5532  BCM43XX - ok
17:44:43.0069 5532  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:44:43.0115 5532  BDESVC - ok
17:44:43.0147 5532  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:44:43.0193 5532  Beep - ok
17:44:43.0240 5532  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
17:44:43.0303 5532  BFE - ok
17:44:43.0349 5532  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\System32\qmgr.dll
17:44:43.0396 5532  BITS - ok
17:44:43.0427 5532  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:44:43.0459 5532  blbdrive - ok
17:44:43.0505 5532  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:44:43.0537 5532  bowser - ok
17:44:43.0568 5532  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:44:43.0646 5532  BrFiltLo - ok
17:44:43.0661 5532  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:44:43.0724 5532  BrFiltUp - ok
17:44:43.0755 5532  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
17:44:43.0802 5532  Browser - ok
17:44:43.0833 5532  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:44:43.0895 5532  Brserid - ok
17:44:43.0911 5532  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:44:43.0958 5532  BrSerWdm - ok
17:44:43.0958 5532  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:44:43.0989 5532  BrUsbMdm - ok
17:44:44.0005 5532  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:44:44.0036 5532  BrUsbSer - ok
17:44:44.0067 5532  [ DBE5DE5140434AFE5644E5D1E9000D0B ] bScsiMSx        C:\Windows\system32\DRIVERS\bScsiMSx.sys
17:44:44.0083 5532  bScsiMSx - ok
17:44:44.0114 5532  [ BEB2B8B90B210ECDEAE46AA702DF0DC8 ] bScsiSDx        C:\Windows\system32\DRIVERS\bScsiSDx.sys
17:44:44.0145 5532  bScsiSDx - ok
17:44:44.0192 5532  [ C32FB5FDE56302258C2A44A57116979F ] BTATH_BUS       C:\Windows\system32\DRIVERS\btath_bus.sys
17:44:44.0207 5532  BTATH_BUS - ok
17:44:44.0239 5532  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
17:44:44.0285 5532  BTHMODEM - ok
17:44:44.0317 5532  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
17:44:44.0379 5532  bthserv - ok
17:44:44.0395 5532  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:44:44.0426 5532  cdfs - ok
17:44:44.0457 5532  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:44:44.0488 5532  cdrom - ok
17:44:44.0535 5532  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
17:44:44.0597 5532  CertPropSvc - ok
17:44:44.0613 5532  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
17:44:44.0629 5532  circlass - ok
17:44:44.0644 5532  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
17:44:44.0660 5532  CLFS - ok
17:44:44.0722 5532  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:44:44.0753 5532  clr_optimization_v2.0.50727_32 - ok
17:44:44.0831 5532  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:44:44.0863 5532  clr_optimization_v4.0.30319_32 - ok
17:44:44.0894 5532  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
17:44:44.0925 5532  CmBatt - ok
17:44:44.0941 5532  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:44:44.0956 5532  cmdide - ok
17:44:44.0987 5532  [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG             C:\Windows\system32\Drivers\cng.sys
17:44:45.0034 5532  CNG - ok
17:44:45.0065 5532  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
17:44:45.0081 5532  Compbatt - ok
17:44:45.0128 5532  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
17:44:45.0159 5532  CompositeBus - ok
17:44:45.0175 5532  COMSysApp - ok
17:44:45.0206 5532  [ 085D4E5714BC641286C43239E8CB267F ] cphs            C:\Windows\system32\IntelCpHeciSvc.exe
17:44:45.0221 5532  cphs - ok
17:44:45.0253 5532  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
17:44:45.0268 5532  crcdisk - ok
17:44:45.0315 5532  [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:44:45.0346 5532  CryptSvc - ok
17:44:45.0377 5532  [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC             C:\Windows\system32\drivers\csc.sys
17:44:45.0440 5532  CSC - ok
17:44:45.0487 5532  [ 15F93B37F6801943360D9EB42485D5D3 ] CscService      C:\Windows\System32\cscsvc.dll
17:44:45.0518 5532  CscService - ok
17:44:45.0565 5532  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:44:45.0611 5532  DcomLaunch - ok
17:44:45.0627 5532  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
17:44:45.0658 5532  defragsvc - ok
17:44:45.0689 5532  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:44:45.0752 5532  DfsC - ok
17:44:45.0799 5532  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:44:45.0830 5532  Dhcp - ok
17:44:45.0845 5532  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
17:44:45.0877 5532  discache - ok
17:44:45.0908 5532  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
17:44:45.0908 5532  Disk - ok
17:44:45.0939 5532  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:44:45.0970 5532  Dnscache - ok
17:44:45.0986 5532  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:44:46.0033 5532  dot3svc - ok
17:44:46.0064 5532  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
17:44:46.0111 5532  DPS - ok
17:44:46.0142 5532  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:44:46.0157 5532  drmkaud - ok
17:44:46.0204 5532  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:44:46.0267 5532  DXGKrnl - ok
17:44:46.0298 5532  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
17:44:46.0345 5532  EapHost - ok
17:44:46.0454 5532  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
17:44:46.0594 5532  ebdrv - ok
17:44:46.0610 5532  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
17:44:46.0657 5532  EFS - ok
17:44:46.0719 5532  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:44:46.0797 5532  ehRecvr - ok
17:44:46.0813 5532  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
17:44:46.0875 5532  ehSched - ok
17:44:46.0937 5532  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
17:44:46.0984 5532  elxstor - ok
17:44:47.0000 5532  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:44:47.0031 5532  ErrDev - ok
17:44:47.0078 5532  [ 124F691F37B131EB77785A176F565511 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
17:44:47.0109 5532  ETD - ok
17:44:47.0140 5532  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
17:44:47.0203 5532  EventSystem - ok
17:44:47.0312 5532  [ 00FA69825F68032B601AA1C60E75F06A ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:44:47.0374 5532  EvtEng - ok
17:44:47.0405 5532  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
17:44:47.0437 5532  exfat - ok
17:44:47.0452 5532  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:44:47.0483 5532  fastfat - ok
17:44:47.0530 5532  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
17:44:47.0577 5532  Fax - ok
17:44:47.0608 5532  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
17:44:47.0624 5532  fdc - ok
17:44:47.0655 5532  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
17:44:47.0717 5532  fdPHost - ok
17:44:47.0717 5532  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
17:44:47.0764 5532  FDResPub - ok
17:44:47.0764 5532  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:44:47.0780 5532  FileInfo - ok
17:44:47.0795 5532  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:44:47.0827 5532  Filetrace - ok
17:44:47.0842 5532  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:44:47.0873 5532  flpydisk - ok
17:44:47.0905 5532  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:44:47.0920 5532  FltMgr - ok
17:44:47.0967 5532  [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache       C:\Windows\system32\FntCache.dll
17:44:48.0014 5532  FontCache - ok
17:44:48.0076 5532  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:44:48.0092 5532  FontCache3.0.0.0 - ok
17:44:48.0107 5532  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:44:48.0139 5532  FsDepends - ok
17:44:48.0170 5532  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:44:48.0170 5532  Fs_Rec - ok
17:44:48.0201 5532  [ 8A73E79089B282100B9393B644CB853B ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:44:48.0217 5532  fvevol - ok
17:44:48.0248 5532  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
17:44:48.0248 5532  gagp30kx - ok
17:44:48.0295 5532  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
17:44:48.0341 5532  gpsvc - ok
17:44:48.0357 5532  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:44:48.0388 5532  hcw85cir - ok
17:44:48.0419 5532  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:44:48.0482 5532  HdAudAddService - ok
17:44:48.0497 5532  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
17:44:48.0529 5532  HDAudBus - ok
17:44:48.0575 5532  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
17:44:48.0607 5532  HidBatt - ok
17:44:48.0638 5532  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
17:44:48.0669 5532  HidBth - ok
17:44:48.0685 5532  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
17:44:48.0716 5532  HidIr - ok
17:44:48.0747 5532  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\system32\hidserv.dll
17:44:48.0794 5532  hidserv - ok
17:44:48.0825 5532  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
17:44:48.0856 5532  HidUsb - ok
17:44:48.0887 5532  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:44:48.0934 5532  hkmsvc - ok
17:44:48.0965 5532  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:44:49.0012 5532  HomeGroupListener - ok
17:44:49.0043 5532  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:44:49.0059 5532  HomeGroupProvider - ok
17:44:49.0090 5532  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:44:49.0106 5532  HpSAMD - ok
17:44:49.0137 5532  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:44:49.0184 5532  HTTP - ok
17:44:49.0215 5532  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:44:49.0215 5532  hwpolicy - ok
17:44:49.0246 5532  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
17:44:49.0293 5532  i8042prt - ok
17:44:49.0340 5532  [ 9615DAF540B2C04DC871D10D7AE59F38 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
17:44:49.0371 5532  iaStor - ok
17:44:49.0418 5532  [ E79A8E33BD136D14BAE1FA20EB2EF124 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:44:49.0433 5532  IAStorDataMgrSvc - ok
17:44:49.0465 5532  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:44:49.0511 5532  iaStorV - ok
17:44:49.0574 5532  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:44:49.0621 5532  idsvc - ok
17:44:49.0901 5532  [ 0FEB90F92A8AB77A7E5E6BA052138351 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
17:44:50.0260 5532  igfx - ok
17:44:50.0307 5532  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
17:44:50.0307 5532  iirsp - ok
17:44:50.0369 5532  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
17:44:50.0416 5532  IKEEXT - ok
17:44:50.0525 5532  [ 6CAC927C002DD79D666AA71332EAF03A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
17:44:50.0666 5532  IntcAzAudAddService - ok
17:44:50.0681 5532  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
17:44:50.0697 5532  intelide - ok
17:44:50.0728 5532  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:44:50.0759 5532  intelppm - ok
17:44:50.0791 5532  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:44:50.0853 5532  IPBusEnum - ok
17:44:50.0869 5532  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:44:50.0884 5532  IpFilterDriver - ok
17:44:50.0915 5532  [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:44:50.0947 5532  iphlpsvc - ok
17:44:50.0978 5532  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:44:51.0009 5532  IPMIDRV - ok
17:44:51.0025 5532  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:44:51.0071 5532  IPNAT - ok
17:44:51.0118 5532  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:44:51.0165 5532  IRENUM - ok
17:44:51.0196 5532  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:44:51.0227 5532  isapnp - ok
17:44:51.0259 5532  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:44:51.0290 5532  iScsiPrt - ok
17:44:51.0337 5532  [ 410765797CF25CA4B94493D21CCFD487 ] k57nd60x        C:\Windows\system32\DRIVERS\k57nd60x.sys
17:44:51.0368 5532  k57nd60x - ok
17:44:51.0399 5532  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
17:44:51.0415 5532  kbdclass - ok
17:44:51.0430 5532  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
17:44:51.0446 5532  kbdhid - ok
17:44:51.0477 5532  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
17:44:51.0493 5532  KeyIso - ok
17:44:51.0524 5532  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:44:51.0539 5532  KSecDD - ok
17:44:51.0539 5532  [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:44:51.0555 5532  KSecPkg - ok
17:44:51.0586 5532  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:44:51.0617 5532  KtmRm - ok
17:44:51.0649 5532  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:44:51.0680 5532  LanmanServer - ok
17:44:51.0695 5532  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:44:51.0727 5532  LanmanWorkstation - ok
17:44:51.0773 5532  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:44:51.0789 5532  lltdio - ok
17:44:51.0820 5532  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:44:51.0836 5532  lltdsvc - ok
17:44:51.0851 5532  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:44:51.0867 5532  lmhosts - ok
17:44:51.0914 5532  [ 50C7CE53EF461870410355F1F2E7D515 ] LMS             C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:44:51.0945 5532  LMS - ok
17:44:51.0992 5532  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
17:44:52.0023 5532  LSI_FC - ok
17:44:52.0023 5532  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
17:44:52.0039 5532  LSI_SAS - ok
17:44:52.0039 5532  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:44:52.0054 5532  LSI_SAS2 - ok
17:44:52.0070 5532  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:44:52.0070 5532  LSI_SCSI - ok
17:44:52.0085 5532  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
17:44:52.0101 5532  luafv - ok
17:44:52.0148 5532  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:44:52.0179 5532  Mcx2Svc - ok
17:44:52.0195 5532  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
17:44:52.0210 5532  megasas - ok
17:44:52.0226 5532  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
17:44:52.0241 5532  MegaSR - ok
17:44:52.0273 5532  [ D86AC00883B9C98B570E7643AAF8E554 ] MEI             C:\Windows\system32\DRIVERS\HECI.sys
17:44:52.0319 5532  MEI - ok
17:44:52.0335 5532  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
17:44:52.0382 5532  MMCSS - ok
17:44:52.0382 5532  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
17:44:52.0413 5532  Modem - ok
17:44:52.0444 5532  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:44:52.0460 5532  monitor - ok
17:44:52.0507 5532  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:44:52.0538 5532  mouclass - ok
17:44:52.0538 5532  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:44:52.0553 5532  mouhid - ok
17:44:52.0600 5532  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:44:52.0616 5532  mountmgr - ok
17:44:52.0678 5532  [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:44:52.0694 5532  MozillaMaintenance - ok
17:44:52.0709 5532  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:44:52.0725 5532  mpio - ok
17:44:52.0741 5532  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:44:52.0756 5532  mpsdrv - ok
17:44:52.0803 5532  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:44:52.0897 5532  MpsSvc - ok
17:44:52.0912 5532  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:44:52.0928 5532  MRxDAV - ok
17:44:52.0959 5532  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:44:53.0006 5532  mrxsmb - ok
17:44:53.0021 5532  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:44:53.0053 5532  mrxsmb10 - ok
17:44:53.0084 5532  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:44:53.0099 5532  mrxsmb20 - ok
17:44:53.0146 5532  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
17:44:53.0162 5532  msahci - ok
17:44:53.0177 5532  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:44:53.0193 5532  msdsm - ok
17:44:53.0209 5532  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
17:44:53.0240 5532  MSDTC - ok
17:44:53.0271 5532  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:44:53.0287 5532  Msfs - ok
17:44:53.0302 5532  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:44:53.0333 5532  mshidkmdf - ok
17:44:53.0365 5532  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:44:53.0365 5532  msisadrv - ok
17:44:53.0396 5532  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:44:53.0458 5532  MSiSCSI - ok
17:44:53.0458 5532  msiserver - ok
17:44:53.0489 5532  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:44:53.0552 5532  MSKSSRV - ok
17:44:53.0552 5532  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:44:53.0583 5532  MSPCLOCK - ok
17:44:53.0599 5532  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:44:53.0645 5532  MSPQM - ok
17:44:53.0661 5532  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:44:53.0677 5532  MsRPC - ok
17:44:53.0692 5532  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
17:44:53.0708 5532  mssmbios - ok
17:44:53.0723 5532  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:44:53.0755 5532  MSTEE - ok
17:44:53.0755 5532  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
17:44:53.0770 5532  MTConfig - ok
17:44:53.0786 5532  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
17:44:53.0786 5532  Mup - ok
17:44:53.0833 5532  [ E14ACF696EA9F7A9C2F4938E23B78854 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
17:44:53.0864 5532  MyWiFiDHCPDNS - ok
17:44:53.0879 5532  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
17:44:53.0926 5532  napagent - ok
17:44:53.0973 5532  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:44:54.0004 5532  NativeWifiP - ok
17:44:54.0051 5532  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:44:54.0082 5532  NDIS - ok
17:44:54.0082 5532  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:44:54.0129 5532  NdisCap - ok
17:44:54.0145 5532  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:44:54.0176 5532  NdisTapi - ok
17:44:54.0207 5532  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:44:54.0223 5532  Ndisuio - ok
17:44:54.0223 5532  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:44:54.0269 5532  NdisWan - ok
17:44:54.0269 5532  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:44:54.0316 5532  NDProxy - ok
17:44:54.0347 5532  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:44:54.0394 5532  NetBIOS - ok
17:44:54.0425 5532  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:44:54.0472 5532  NetBT - ok
17:44:54.0488 5532  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
17:44:54.0488 5532  Netlogon - ok
17:44:54.0535 5532  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
17:44:54.0566 5532  Netman - ok
17:44:54.0581 5532  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
17:44:54.0613 5532  netprofm - ok
17:44:54.0644 5532  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:44:54.0644 5532  NetTcpPortSharing - ok
17:44:54.0691 5532  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
17:44:54.0706 5532  nfrd960 - ok
17:44:54.0737 5532  [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:44:54.0815 5532  NlaSvc - ok
17:44:54.0815 5532  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:44:54.0831 5532  Npfs - ok
17:44:54.0847 5532  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
17:44:54.0909 5532  nsi - ok
17:44:54.0909 5532  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:44:54.0940 5532  nsiproxy - ok
17:44:54.0987 5532  [ 81189C3D7763838E55C397759D49007A ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:44:55.0034 5532  Ntfs - ok
17:44:55.0065 5532  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
17:44:55.0112 5532  Null - ok
17:44:55.0159 5532  [ BAD636EE7FF5BF539854BBA33868EFC2 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
17:44:55.0190 5532  nusb3hub - ok
17:44:55.0221 5532  [ DFAFDC3051E04FFAFDDC4872394C1FC8 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
17:44:55.0252 5532  nusb3xhc - ok
17:44:55.0517 5532  [ 7A421C173F2ECDD8D762163500739BDA ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:44:55.0798 5532  nvlddmkm - ok
17:44:55.0814 5532  [ FC946892AF250A5F45666B2D03333C70 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
17:44:55.0829 5532  nvpciflt - ok
17:44:55.0861 5532  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:44:55.0892 5532  nvraid - ok
17:44:55.0907 5532  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:44:55.0923 5532  nvstor - ok
17:44:55.0970 5532  [ 6F9261804863E79B273D4D85F0E7053A ] nvsvc           C:\Windows\system32\nvvsvc.exe
17:44:56.0017 5532  nvsvc - ok
17:44:56.0110 5532  [ 3AAF7D610C6A3FE423873246A0B9A2B9 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
17:44:56.0157 5532  nvUpdatusService - ok
17:44:56.0204 5532  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:44:56.0219 5532  nv_agp - ok
17:44:56.0297 5532  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:44:56.0344 5532  odserv - ok
17:44:56.0375 5532  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:44:56.0407 5532  ohci1394 - ok
17:44:56.0422 5532  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:44:56.0438 5532  ose - ok
17:44:56.0469 5532  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:44:56.0516 5532  p2pimsvc - ok
17:44:56.0547 5532  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:44:56.0578 5532  p2psvc - ok
17:44:56.0594 5532  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
17:44:56.0625 5532  Parport - ok
17:44:56.0641 5532  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:44:56.0656 5532  partmgr - ok
17:44:56.0672 5532  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
17:44:56.0687 5532  Parvdm - ok
17:44:56.0719 5532  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:44:56.0734 5532  PcaSvc - ok
17:44:56.0781 5532  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
17:44:56.0797 5532  pci - ok
17:44:56.0812 5532  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
17:44:56.0812 5532  pciide - ok
17:44:56.0843 5532  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
17:44:56.0859 5532  pcmcia - ok
17:44:56.0875 5532  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
17:44:56.0875 5532  pcw - ok
17:44:56.0906 5532  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:44:56.0937 5532  PEAUTH - ok
17:44:56.0999 5532  [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
17:44:57.0062 5532  PeerDistSvc - ok
17:44:57.0109 5532  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
17:44:57.0187 5532  pla - ok
17:44:57.0249 5532  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:44:57.0280 5532  PlugPlay - ok
17:44:57.0296 5532  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:44:57.0327 5532  PNRPAutoReg - ok
17:44:57.0358 5532  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:44:57.0374 5532  PNRPsvc - ok
17:44:57.0405 5532  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:44:57.0436 5532  PolicyAgent - ok
17:44:57.0467 5532  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
17:44:57.0483 5532  Power - ok
17:44:57.0514 5532  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:44:57.0545 5532  PptpMiniport - ok
17:44:57.0561 5532  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
17:44:57.0577 5532  Processor - ok
17:44:57.0608 5532  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
17:44:57.0623 5532  ProfSvc - ok
17:44:57.0639 5532  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:44:57.0655 5532  ProtectedStorage - ok
17:44:57.0686 5532  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:44:57.0733 5532  Psched - ok
17:44:57.0764 5532  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
17:44:57.0811 5532  ql2300 - ok
17:44:57.0826 5532  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
17:44:57.0826 5532  ql40xx - ok
17:44:57.0857 5532  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
17:44:57.0889 5532  QWAVE - ok
17:44:57.0904 5532  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:44:57.0904 5532  QWAVEdrv - ok
17:44:57.0920 5532  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:44:57.0935 5532  RasAcd - ok
17:44:57.0967 5532  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:44:57.0998 5532  RasAgileVpn - ok
17:44:57.0998 5532  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
17:44:58.0029 5532  RasAuto - ok
17:44:58.0076 5532  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:44:58.0123 5532  Rasl2tp - ok
17:44:58.0154 5532  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
17:44:58.0185 5532  RasMan - ok
17:44:58.0185 5532  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:44:58.0216 5532  RasPppoe - ok
17:44:58.0232 5532  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:44:58.0263 5532  RasSstp - ok
17:44:58.0279 5532  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:44:58.0294 5532  rdbss - ok
17:44:58.0325 5532  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:44:58.0341 5532  rdpbus - ok
17:44:58.0357 5532  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:44:58.0388 5532  RDPCDD - ok
17:44:58.0419 5532  [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
17:44:58.0435 5532  RDPDR - ok
17:44:58.0466 5532  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:44:58.0513 5532  RDPENCDD - ok
17:44:58.0513 5532  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:44:58.0544 5532  RDPREFMP - ok
17:44:58.0575 5532  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:44:58.0622 5532  RDPWD - ok
17:44:58.0653 5532  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:44:58.0669 5532  rdyboost - ok
17:44:58.0731 5532  [ 7031A7D5C3B773BFA14EA5956A18942A ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:44:58.0778 5532  RegSrvc - ok
17:44:58.0793 5532  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:44:58.0825 5532  RemoteAccess - ok
17:44:58.0856 5532  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:44:58.0887 5532  RemoteRegistry - ok
17:44:58.0903 5532  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:44:58.0934 5532  RpcEptMapper - ok
17:44:58.0965 5532  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
17:44:58.0996 5532  RpcLocator - ok
17:44:59.0027 5532  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\system32\rpcss.dll
17:44:59.0059 5532  RpcSs - ok
17:44:59.0105 5532  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:44:59.0168 5532  rspndr - ok
17:44:59.0183 5532  [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
17:44:59.0215 5532  s3cap - ok
17:44:59.0230 5532  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
17:44:59.0246 5532  SamSs - ok
17:44:59.0277 5532  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:44:59.0293 5532  sbp2port - ok
17:44:59.0324 5532  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:44:59.0355 5532  SCardSvr - ok
17:44:59.0386 5532  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:44:59.0433 5532  scfilter - ok
17:44:59.0480 5532  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
17:44:59.0573 5532  Schedule - ok
17:44:59.0589 5532  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:44:59.0605 5532  SCPolicySvc - ok
17:44:59.0651 5532  [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus           C:\Windows\system32\drivers\sdbus.sys
17:44:59.0683 5532  sdbus - ok
17:44:59.0729 5532  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:44:59.0776 5532  SDRSVC - ok
17:44:59.0807 5532  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:44:59.0885 5532  secdrv - ok
17:44:59.0901 5532  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
17:44:59.0948 5532  seclogon - ok
17:44:59.0979 5532  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\System32\sens.dll
17:45:00.0026 5532  SENS - ok
17:45:00.0057 5532  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:45:00.0088 5532  SensrSvc - ok
17:45:00.0104 5532  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:45:00.0135 5532  Serenum - ok
17:45:00.0151 5532  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:45:00.0197 5532  Serial - ok
17:45:00.0213 5532  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
17:45:00.0229 5532  sermouse - ok
17:45:00.0260 5532  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:45:00.0291 5532  SessionEnv - ok
17:45:00.0322 5532  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:45:00.0369 5532  sffdisk - ok
17:45:00.0369 5532  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:45:00.0400 5532  sffp_mmc - ok
17:45:00.0416 5532  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:45:00.0447 5532  sffp_sd - ok
17:45:00.0478 5532  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
17:45:00.0494 5532  sfloppy - ok
17:45:00.0525 5532  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:45:00.0556 5532  SharedAccess - ok
17:45:00.0572 5532  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:45:00.0603 5532  ShellHWDetection - ok
17:45:00.0619 5532  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
17:45:00.0634 5532  sisagp - ok
17:45:00.0665 5532  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:45:00.0681 5532  SiSRaid2 - ok
17:45:00.0697 5532  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
17:45:00.0712 5532  SiSRaid4 - ok
17:45:00.0743 5532  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
17:45:00.0759 5532  SkypeUpdate - ok
17:45:00.0775 5532  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:45:00.0806 5532  Smb - ok
17:45:00.0853 5532  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:45:00.0884 5532  SNMPTRAP - ok
17:45:00.0899 5532  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:45:00.0915 5532  spldr - ok
17:45:00.0931 5532  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\Windows\System32\spoolsv.exe
17:45:00.0962 5532  Spooler - ok
17:45:01.0055 5532  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
17:45:01.0118 5532  sppsvc - ok
17:45:01.0149 5532  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:45:01.0180 5532  sppuinotify - ok
17:45:01.0227 5532  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:45:01.0243 5532  srv - ok
17:45:01.0258 5532  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:45:01.0274 5532  srv2 - ok
17:45:01.0289 5532  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:45:01.0321 5532  srvnet - ok
17:45:01.0336 5532  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:45:01.0367 5532  SSDPSRV - ok
17:45:01.0383 5532  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
17:45:01.0399 5532  ssmdrv - ok
17:45:01.0399 5532  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:45:01.0430 5532  SstpSvc - ok
17:45:01.0445 5532  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
17:45:01.0461 5532  stexstor - ok
17:45:01.0492 5532  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
17:45:01.0523 5532  StiSvc - ok
17:45:01.0539 5532  [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
17:45:01.0539 5532  storflt - ok
17:45:01.0555 5532  [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc         C:\Windows\system32\storsvc.dll
17:45:01.0586 5532  StorSvc - ok
17:45:01.0617 5532  [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
17:45:01.0648 5532  storvsc - ok
17:45:01.0664 5532  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\drivers\swenum.sys
17:45:01.0664 5532  swenum - ok
17:45:01.0695 5532  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
17:45:01.0742 5532  swprv - ok
17:45:01.0820 5532  [ 5925388FA2DB31B11CA704AD6937739E ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
17:45:01.0898 5532  SynTP - ok
17:45:01.0945 5532  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
17:45:01.0976 5532  SysMain - ok
17:45:02.0007 5532  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:45:02.0023 5532  TabletInputService - ok
17:45:02.0038 5532  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:45:02.0069 5532  TapiSrv - ok
17:45:02.0085 5532  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
17:45:02.0132 5532  TBS - ok
17:45:02.0194 5532  [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:45:02.0272 5532  Tcpip - ok
17:45:02.0319 5532  [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:45:02.0335 5532  TCPIP6 - ok
17:45:02.0366 5532  [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:45:02.0413 5532  tcpipreg - ok
17:45:02.0444 5532  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:45:02.0475 5532  TDPIPE - ok
17:45:02.0491 5532  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:45:02.0522 5532  TDTCP - ok
17:45:02.0537 5532  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:45:02.0569 5532  tdx - ok
17:45:02.0584 5532  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\drivers\termdd.sys
17:45:02.0600 5532  TermDD - ok
17:45:02.0631 5532  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
17:45:02.0647 5532  TermService - ok
17:45:02.0678 5532  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
17:45:02.0693 5532  Themes - ok
17:45:02.0693 5532  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
17:45:02.0709 5532  THREADORDER - ok
17:45:02.0725 5532  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
17:45:02.0756 5532  TrkWks - ok
17:45:02.0803 5532  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:45:02.0865 5532  TrustedInstaller - ok
17:45:02.0881 5532  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:45:02.0896 5532  tssecsrv - ok
17:45:02.0927 5532  [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:45:02.0990 5532  TsUsbFlt - ok
17:45:03.0021 5532  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:45:03.0083 5532  tunnel - ok
17:45:03.0115 5532  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
17:45:03.0130 5532  uagp35 - ok
17:45:03.0146 5532  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:45:03.0177 5532  udfs - ok
17:45:03.0208 5532  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:45:03.0239 5532  UI0Detect - ok
17:45:03.0271 5532  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:45:03.0302 5532  uliagpkx - ok
17:45:03.0317 5532  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\drivers\umbus.sys
17:45:03.0364 5532  umbus - ok
17:45:03.0380 5532  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
17:45:03.0411 5532  UmPass - ok
17:45:03.0442 5532  [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService    C:\Windows\System32\umrdp.dll
17:45:03.0458 5532  UmRdpService - ok
17:45:03.0583 5532  [ 374EBDA379A8F38E0CFC2211611E7167 ] UNS             C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:45:03.0614 5532  UNS - ok
17:45:03.0629 5532  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
17:45:03.0661 5532  upnphost - ok
17:45:03.0676 5532  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:45:03.0707 5532  usbccgp - ok
17:45:03.0739 5532  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:45:03.0770 5532  usbcir - ok
17:45:03.0785 5532  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
17:45:03.0801 5532  usbehci - ok
17:45:03.0817 5532  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:45:03.0848 5532  usbhub - ok
17:45:03.0863 5532  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
17:45:03.0879 5532  usbohci - ok
17:45:03.0910 5532  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:45:03.0941 5532  usbprint - ok
17:45:03.0973 5532  [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
17:45:04.0004 5532  usbscan - ok
17:45:04.0019 5532  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:45:04.0035 5532  USBSTOR - ok
17:45:04.0051 5532  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
17:45:04.0066 5532  usbuhci - ok
17:45:04.0097 5532  [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
17:45:04.0113 5532  usbvideo - ok
17:45:04.0129 5532  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
17:45:04.0175 5532  UxSms - ok
17:45:04.0191 5532  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
17:45:04.0207 5532  VaultSvc - ok
17:45:04.0222 5532  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:45:04.0238 5532  vdrvroot - ok
17:45:04.0269 5532  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
17:45:04.0316 5532  vds - ok
17:45:04.0331 5532  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:45:04.0347 5532  vga - ok
17:45:04.0378 5532  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:45:04.0394 5532  VgaSave - ok
17:45:04.0425 5532  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:45:04.0425 5532  vhdmp - ok
17:45:04.0456 5532  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
17:45:04.0456 5532  viaagp - ok
17:45:04.0472 5532  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
17:45:04.0503 5532  ViaC7 - ok
17:45:04.0534 5532  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
17:45:04.0550 5532  viaide - ok
17:45:04.0597 5532  [ C2F2911156FDC7817C52829C86DA494E ] vmbus           C:\Windows\system32\drivers\vmbus.sys
17:45:04.0628 5532  vmbus - ok
17:45:04.0643 5532  [ D4D77455211E204F370D08F4963063CE ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
17:45:04.0675 5532  VMBusHID - ok
17:45:04.0690 5532  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:45:04.0706 5532  volmgr - ok
17:45:04.0721 5532  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:45:04.0737 5532  volmgrx - ok
17:45:04.0753 5532  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:45:04.0768 5532  volsnap - ok
17:45:04.0799 5532  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
17:45:04.0831 5532  vsmraid - ok
17:45:04.0877 5532  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
17:45:04.0940 5532  VSS - ok
17:45:04.0940 5532  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
17:45:04.0955 5532  vwifibus - ok
17:45:04.0971 5532  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
17:45:04.0971 5532  vwififlt - ok
17:45:04.0987 5532  [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
17:45:05.0002 5532  vwifimp - ok
17:45:05.0033 5532  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
17:45:05.0049 5532  W32Time - ok
17:45:05.0080 5532  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
17:45:05.0096 5532  WacomPen - ok
17:45:05.0127 5532  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:45:05.0174 5532  WANARP - ok
17:45:05.0174 5532  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:45:05.0189 5532  Wanarpv6 - ok
17:45:05.0236 5532  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
17:45:05.0299 5532  wbengine - ok
17:45:05.0330 5532  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:45:05.0361 5532  WbioSrvc - ok
17:45:05.0392 5532  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:45:05.0423 5532  wcncsvc - ok
17:45:05.0439 5532  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:45:05.0470 5532  WcsPlugInService - ok
17:45:05.0486 5532  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
17:45:05.0486 5532  Wd - ok
17:45:05.0517 5532  [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:45:05.0533 5532  Wdf01000 - ok
17:45:05.0533 5532  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:45:05.0611 5532  WdiServiceHost - ok
17:45:05.0611 5532  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:45:05.0626 5532  WdiSystemHost - ok
17:45:05.0642 5532  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
17:45:05.0673 5532  WebClient - ok
17:45:05.0689 5532  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:45:05.0720 5532  Wecsvc - ok
17:45:05.0735 5532  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:45:05.0751 5532  wercplsupport - ok
17:45:05.0767 5532  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:45:05.0798 5532  WerSvc - ok
17:45:05.0829 5532  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:45:05.0845 5532  WfpLwf - ok
17:45:05.0845 5532  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:45:05.0860 5532  WIMMount - ok
17:45:05.0907 5532  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
17:45:05.0969 5532  WinDefend - ok
17:45:05.0969 5532  WinHttpAutoProxySvc - ok
17:45:06.0016 5532  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:45:06.0032 5532  Winmgmt - ok
17:45:06.0079 5532  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
17:45:06.0125 5532  WinRM - ok
17:45:06.0172 5532  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:45:06.0219 5532  Wlansvc - ok
17:45:06.0250 5532  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
17:45:06.0281 5532  WmiAcpi - ok
17:45:06.0297 5532  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:45:06.0328 5532  wmiApSrv - ok
17:45:06.0391 5532  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
17:45:06.0469 5532  WMPNetworkSvc - ok
17:45:06.0484 5532  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:45:06.0531 5532  WPCSvc - ok
17:45:06.0562 5532  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:45:06.0593 5532  WPDBusEnum - ok
17:45:06.0625 5532  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:45:06.0671 5532  ws2ifsl - ok
17:45:06.0687 5532  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\System32\wscsvc.dll
17:45:06.0718 5532  wscsvc - ok
17:45:06.0718 5532  WSearch - ok
17:45:06.0781 5532  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
17:45:06.0812 5532  wuauserv - ok
17:45:06.0827 5532  [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:45:06.0843 5532  WudfPf - ok
17:45:06.0905 5532  [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:45:06.0952 5532  WUDFRd - ok
17:45:06.0999 5532  [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:45:07.0061 5532  wudfsvc - ok
17:45:07.0093 5532  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:45:07.0124 5532  WwanSvc - ok
17:45:07.0124 5532  ================ Scan global ===============================
17:45:07.0155 5532  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
17:45:07.0186 5532  [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
17:45:07.0217 5532  [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
17:45:07.0249 5532  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
17:45:07.0280 5532  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
17:45:07.0295 5532  [Global] - ok
17:45:07.0295 5532  ================ Scan MBR ==================================
17:45:07.0311 5532  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:45:07.0654 5532  \Device\Harddisk0\DR0 - ok
17:45:07.0654 5532  ================ Scan VBR ==================================
17:45:07.0654 5532  [ DAB52BD9C5AF51AA62A39D1E13C71169 ] \Device\Harddisk0\DR0\Partition1
17:45:07.0670 5532  \Device\Harddisk0\DR0\Partition1 - ok
17:45:07.0717 5532  [ 2AF5678CAB9F6B3B01DED5509272F2D3 ] \Device\Harddisk0\DR0\Partition2
17:45:07.0717 5532  \Device\Harddisk0\DR0\Partition2 - ok
17:45:07.0732 5532  [ 1F61D123712C61E9AF4CD25CA4E20E0A ] \Device\Harddisk0\DR0\Partition3
17:45:07.0732 5532  \Device\Harddisk0\DR0\Partition3 - ok
17:45:07.0732 5532  ============================================================
17:45:07.0732 5532  Scan finished
17:45:07.0732 5532  ============================================================
17:45:07.0748 5852  Detected object count: 0
17:45:07.0748 5852  Actual detected object count: 0
         

Antwort

Themen zu MyStart Incredibar vollständig entfernt?
administrator, anleitung, anti-malware, antivir, autostart, chip.de, code, dateien, entfernt, ergebnisse, explorer, firefox, folge, foren, kurze, leute, malware, malwarebytes, problem, schnell, service, speicher, suchmaschine, trojaner, version, öffnen



Ähnliche Themen: MyStart Incredibar vollständig entfernt?


  1. MyStart/Incredibar
    Plagegeister aller Art und deren Bekämpfung - 05.10.2013 (9)
  2. MyStart Incredibar
    Plagegeister aller Art und deren Bekämpfung - 29.01.2013 (24)
  3. MyStart by IncrediBar.com
    Plagegeister aller Art und deren Bekämpfung - 21.12.2012 (9)
  4. MyStart by IncrediBar.com VOLLSTÄNDIG aus Firefox entfernen
    Plagegeister aller Art und deren Bekämpfung - 09.12.2012 (8)
  5. mystart.incredibar.com
    Plagegeister aller Art und deren Bekämpfung - 11.11.2012 (13)
  6. http://mystart.incredibar.com/?loc=CH_NT - wie bekomme ich es entfernt?
    Plagegeister aller Art und deren Bekämpfung - 29.10.2012 (23)
  7. MyStart by IncrediBar.com
    Plagegeister aller Art und deren Bekämpfung - 24.10.2012 (18)
  8. MyStart by IncrediBar.com
    Log-Analyse und Auswertung - 18.10.2012 (1)
  9. mystart.incredibar.com
    Log-Analyse und Auswertung - 29.09.2012 (2)
  10. Wie entfernt man das mystart.incredibar.com-zeug vom Rechner
    Log-Analyse und Auswertung - 09.09.2012 (4)
  11. mystart incredibar
    Plagegeister aller Art und deren Bekämpfung - 09.09.2012 (2)
  12. MyStart @ Incredibar und MyStart Search trotz Deinstallation des Programms
    Plagegeister aller Art und deren Bekämpfung - 09.09.2012 (2)
  13. Mystart Incredibar mit Systemwiederherstellung entfernt - Computer wirklich bereinigt?
    Plagegeister aller Art und deren Bekämpfung - 07.09.2012 (27)
  14. MyStart by IncrediBar.com VOLLSTÄNDIG entfernen
    Plagegeister aller Art und deren Bekämpfung - 15.08.2012 (1)
  15. Mystart Incredibar
    Log-Analyse und Auswertung - 20.07.2012 (32)
  16. MyStart by IncrediBar
    Plagegeister aller Art und deren Bekämpfung - 18.07.2012 (11)
  17. Mystart Incredibar
    Log-Analyse und Auswertung - 16.07.2012 (7)

Zum Thema MyStart Incredibar vollständig entfernt? - Hi, Zu aller erst einen großen Dank an die Leute, die mit großem Engagement in solchen Foren wie hier Leuten wie mir aus der Patsche helfen! Habe folgendes Problem: Wollte - MyStart Incredibar vollständig entfernt?...
Archiv
Du betrachtest: MyStart Incredibar vollständig entfernt? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.