Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Google redirect Virus

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 19.09.2012, 00:52   #1
haddy22
 
Google redirect Virus - Standard

Google redirect Virus



Hallo,

ich habe das was in letzter Zeit öfter vor zukommen scheint, den Google redirect Virus.

Manchmal sind die die Google Ergebnisse Werbeanzeigen und ich werde auf kostenpflichtige Webseiten anstatt auf das Suchergebnis weitergeleitet.

Ativir und Malwarebytes haben nichts gefunden.

Ich hoffe ihr könnt mir weiterhelfen.

Vielen Dank

OTL.txt
Code:
ATTFilter
OTL logfile created on: 18.09.2012 05:58:59 - Run 1
OTL by OldTimer - Version 3.2.63.0     Folder = D:\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,89 Gb Total Physical Memory | 0,53 Gb Available Physical Memory | 13,57% Memory free
7,78 Gb Paging File | 2,07 Gb Available in Paging File | 26,57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 96,92 Gb Total Space | 39,50 Gb Free Space | 40,76% Space Free | Partition Type: NTFS
Drive D: | 123,45 Gb Total Space | 28,39 Gb Free Space | 23,00% Space Free | Partition Type: NTFS
 
Computer Name: *****-ULTRABOOK | User Name: ***** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - D:\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (ASUSTeK Computer Inc.)
PRC - D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - D:\Program Files\VLC\vlc.exe ()
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe (Apple Inc.)
PRC - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe (ASUS)
PRC - C:\Windows\SysWOW64\irstrtsv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
PRC - C:\Windows\SysWOW64\ACEngSvr.exe (ASUSTeK)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe ()
PRC - C:\Windows\SysWOW64\DptfPolicyConfigTDPService.exe ()
PRC - C:\Windows\SysWOW64\DptfParticipantProcessorService.exe ()
PRC - C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE (CANON INC.)
PRC - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
PRC - C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Users\*****\AppData\Roaming\vfwsde.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\avutil-51.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\avformat-54.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\avcodec-54.dll ()
MOD - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2native.dll ()
MOD - D:\Program Files\VLC\libvlccore.dll ()
MOD - D:\Program Files\VLC\plugins\gui\libqt4_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\audio_output\libwaveout_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\audio_output\libaout_directx_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\codec\libvorbis_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\codec\libpng_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\codec\libdts_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\codec\libcdg_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\codec\libschroedinger_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\codec\libfaad_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\control\libhotkeys_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\codec\libaraw_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\control\libglobalhotkeys_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\audio_mixer\libfloat32_mixer_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\lua\liblua_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\audio_filter\libaudio_format_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\audio_filter\libdtstospdif_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\audio_filter\libconverter_fixed_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\audio_filter\libsamplerate_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\meta_engine\libtaglib_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\audio_filter\libspeex_resampler_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\audio_filter\libscaletempo_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\audio_filter\libugly_resampler_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\audio_filter\liba52tospdif_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\misc\libxml_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\mmxext\libmemcpymmxext_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\video_output\libdirectx_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\access\libdvdnav_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\access\liblibbluray_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\access\libdshow_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\access\libaccess_bd_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\access\libzip_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\access\libaccess_vdr_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\access\libfilesystem_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\access\libstream_filter_rar_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\stream_filter\libstream_filter_dash_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\stream_filter\libstream_filter_httplive_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\demux\libmp4_plugin.dll ()
MOD - D:\Program Files\VLC\plugins\demux\libplaylist_plugin.dll ()
MOD - D:\Program Files\VLC\libvlc.dll ()
MOD - D:\Program Files\VLC\vlc.exe ()
MOD - D:\Program Files\VLC\plugins\stream_filter\libstream_filter_record_plugin.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll ()
MOD - C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll ()
MOD - D:\Program Files\FileZilla\fzshellext.dll ()
MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (ZeroConfigService) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (BTHSSecurityMgr) -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel(R) Corporation)
SRV:64bit: - (AMPPALR3) -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (MBAMService) -- D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (ASUS InstantOn) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe (ASUS)
SRV - (irstrtsv) -- C:\Windows\SysWOW64\irstrtsv.exe (Intel Corporation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
SRV - (Bluetooth Media Service) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe ()
SRV - (DptfPolicyConfigTDPService) -- C:\Windows\SysWOW64\DptfPolicyConfigTDPService.exe ()
SRV - (DptfParticipantProcessorService) -- C:\Windows\SysWOW64\DptfParticipantProcessorService.exe ()
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (ATP) -- C:\Windows\SysNative\drivers\AsusTP.sys (ASUS Corporation)
DRV:64bit: - (AsusVTouch) -- C:\Windows\SysNative\drivers\AsusVTouch.sys (ASUS)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (irstrtdv) -- C:\Windows\SysNative\drivers\irstrtdv.sys (Intel Corporation)
DRV:64bit: - (AX88772B) -- C:\Windows\SysNative\drivers\ax88772b.sys (ASIX Electronics Corp.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (ibtfltcoex) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys (Intel Corporation)
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\Netwsw00.sys (Intel Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (AiCharger) -- C:\Windows\SysNative\drivers\AiCharger.sys (ASUSTek Computer Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (DptfManager) -- C:\Windows\SysNative\drivers\DptfManager.sys (Intel Corporation)
DRV:64bit: - (DptfDevProc) -- C:\Windows\SysNative\drivers\DptfDevProc.sys (Intel Corporation)
DRV:64bit: - (DptfDevDram) -- C:\Windows\SysNative\drivers\DptfDevDram.sys (Intel Corporation)
DRV:64bit: - (DptfDevPch) -- C:\Windows\SysNative\drivers\DptfDevPch.sys (Intel Corporation)
DRV:64bit: - (DptfDevGen) -- C:\Windows\SysNative\drivers\DptfDevGen.sys (Intel Corporation)
DRV:64bit: - (DptfDevFan) -- C:\Windows\SysNative\drivers\DptfDevFan.sys (Intel Corporation)
DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Intel Corporation)
DRV:64bit: - (btmaux) -- C:\Windows\SysNative\drivers\btmaux.sys (Intel Corporation)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (AMPPALP) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (AMPPAL) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (AsusVBus) -- C:\Windows\SysNative\drivers\AsusVBus.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (assd) -- C:\Windows\SysNative\drivers\assd.sys (ASUS Corporation)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\rtsuvstor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corp)
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (AiCharger) -- C:\Windows\SysWOW64\drivers\AiCharger.sys (ASUSTek Computer Inc.)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10395&gct=hp&dc=EU&locale=de_DE
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10395&gct=hp&dc=EU&locale=de_DE
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2081708531-2890620532-2473925903-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKU\S-1-5-21-2081708531-2890620532-2473925903-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE - HKU\S-1-5-21-2081708531-2890620532-2473925903-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2081708531-2890620532-2473925903-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2081708531-2890620532-2473925903-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaulturl: "hxxp://google.de"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.gmx.net/"
FF - prefs.js..extensions.enabledAddons: contact@domainhammer.com:1.5
FF - prefs.js..extensions.enabledAddons: de-DE@dictionaries.addons.mozilla.org:2.0.2
FF - prefs.js..extensions.enabledAddons: en-US@dictionaries.addons.mozilla.org:6.0
FF - prefs.js..extensions.enabledAddons: faviconizetab@espion.just-size.jp:1.0.6
FF - prefs.js..extensions.enabledAddons: foxmarks@kei.com:4.1.2
FF - prefs.js..extensions.enabledAddons: googledictionary@toptip.ca:5.11
FF - prefs.js..extensions.enabledAddons: ich@maltegoetz.de:1.4.2
FF - prefs.js..extensions.enabledAddons: seo@profesional:1.3.1
FF - prefs.js..extensions.enabledAddons: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.6
FF - prefs.js..extensions.enabledAddons: {D9A7CBEC-DE1A-444f-A092-844461596C4D}:4.6.1
FF - prefs.js..extensions.enabledAddons: {0FF79337-F92F-11E1-8270-B8AC6F996F26}:2.0.14
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33
FF - prefs.js..extensions.enabledItems: foxmarks@kei.com:3.9.5
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {b749fc7c-e949-447f-926c-3f4eed6accfe}:0.7.0.2
FF - prefs.js..keyword.URL: "hxxp://www.google.de/search?hl=&q="
FF - prefs.js..network.proxy.backup.ftp: "216.114.194.18"
FF - prefs.js..network.proxy.backup.ftp_port: 6588
FF - prefs.js..network.proxy.backup.gopher: "216.114.194.18"
FF - prefs.js..network.proxy.backup.gopher_port: 6588
FF - prefs.js..network.proxy.backup.socks: "216.114.194.18"
FF - prefs.js..network.proxy.backup.socks_port: 6588
FF - prefs.js..network.proxy.backup.ssl: "216.114.194.18"
FF - prefs.js..network.proxy.backup.ssl_port: 6588
FF - prefs.js..network.proxy.ftp: "65.65.219.98"
FF - prefs.js..network.proxy.ftp_port: 29122
FF - prefs.js..network.proxy.gopher: "65.65.219.98"
FF - prefs.js..network.proxy.gopher_port: 29122
FF - prefs.js..network.proxy.http: "65.65.219.98"
FF - prefs.js..network.proxy.http_port: 29122
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "65.65.219.98"
FF - prefs.js..network.proxy.socks_port: 29122
FF - prefs.js..network.proxy.ssl: "65.65.219.98"
FF - prefs.js..network.proxy.ssl_port: 29122
FF - prefs.js..network.proxy.type: 0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\itunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.09 17:54:42 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{0FF79337-F92F-11E1-8270-B8AC6F996F26}: C:\Users\*****\AppData\Local\{0FF79337-F92F-11E1-8270-B8AC6F996F26}\ [2012.09.07 23:00:37 | 000,000,000 | ---D | M]
 
[2012.07.25 13:22:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Extensions
[2012.09.03 05:06:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\5g967del.default\extensions
[2012.07.25 13:31:48 | 000,000,000 | ---D | M] (Tradesignal Online Chart) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\5g967del.default\extensions\{1acd747e-8470-11db-96a9-00e08161165f}
[2012.07.25 13:31:50 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\5g967del.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2012.07.25 23:08:30 | 000,000,000 | ---D | M] ("Default Full Zoom Level") -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\5g967del.default\extensions\{D9A7CBEC-DE1A-444f-A092-844461596C4D}
[2012.07.25 13:31:45 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\5g967del.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2012.07.25 13:31:45 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\5g967del.default\extensions\en-US@dictionaries.addons.mozilla.org
[2012.09.03 05:06:10 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\5g967del.default\extensions\foxmarks@kei.com
[2012.07.28 23:41:17 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\5g967del.default\extensions\ich@maltegoetz.de
[2011.10.17 19:54:53 | 000,092,035 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\5g967del.default\extensions\contact@domainhammer.com.xpi
[2011.09.05 10:49:12 | 000,010,259 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\5g967del.default\extensions\faviconizetab@espion.just-size.jp.xpi
[2012.08.11 07:18:34 | 000,048,692 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\5g967del.default\extensions\googledictionary@toptip.ca.xpi
[2011.12.29 12:09:54 | 000,168,184 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\5g967del.default\extensions\seo@profesional.xpi
[2011.03.24 16:09:49 | 000,079,135 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\5g967del.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi
[2012.07.26 20:11:55 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\5g967del.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.03.04 15:33:18 | 000,002,101 | ---- | M] () -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\5g967del.default\searchplugins\googlede.xml
[2012.08.31 14:31:41 | 000,000,950 | ---- | M] () -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\5g967del.default\searchplugins\icqplugin-10.xml
[2008.04.17 21:00:06 | 000,000,950 | ---- | M] () -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\5g967del.default\searchplugins\icqplugin-2.xml
[2008.06.27 13:25:52 | 000,000,950 | ---- | M] () -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\5g967del.default\searchplugins\icqplugin-3.xml
[2008.07.03 10:01:00 | 000,000,950 | ---- | M] () -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\5g967del.default\searchplugins\icqplugin-4.xml
[2008.07.17 12:24:52 | 000,000,950 | ---- | M] () -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\5g967del.default\searchplugins\icqplugin-5.xml
[2008.09.03 22:06:56 | 000,000,950 | ---- | M] () -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\5g967del.default\searchplugins\icqplugin-6.xml
[2008.09.27 10:41:16 | 000,000,950 | ---- | M] () -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\5g967del.default\searchplugins\icqplugin-7.xml
[2008.10.08 14:04:00 | 000,000,950 | ---- | M] () -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\5g967del.default\searchplugins\icqplugin-8.xml
[2008.11.17 14:30:34 | 000,000,950 | ---- | M] () -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\5g967del.default\searchplugins\icqplugin-9.xml
[2010.05.12 18:40:48 | 000,001,042 | ---- | M] () -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\5g967del.default\searchplugins\icqplugin.xml
[2012.07.26 23:57:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.07.26 23:57:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.09.07 23:00:37 | 000,000,000 | ---D | M] (Mozilla Safe Browsing) -- C:\USERS\*****\APPDATA\LOCAL\{0FF79337-F92F-11E1-8270-B8AC6F996F26}
[2012.09.09 17:54:42 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.07.14 02:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.09 17:54:42 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.07.14 02:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.14 02:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.14 02:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.14 02:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = D:\Program Files\itunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (ASUS Browser Extension x64) - {78234974-0C4B-4111-BDEB-D9A104418772} - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll (ASUSTeK Computer Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ASUS Browser Extension x86) - {78234974-0C4B-4111-BDEB-D9A104418771} - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll (ASUSTeK Computer Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [ASUS Quick Gesture (x64)] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (ASUSTeK Computer Inc.)
O4:64bit: - HKLM..\Run: [ASUS Quick Gesture (x86)] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (ASUSTeK Computer Inc.)
O4:64bit: - HKLM..\Run: [ASUS TP Center (x64)] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (AsusTek)
O4:64bit: - HKLM..\Run: [BLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [rsacac] C:\Users\*****\AppData\Roaming\rsacac.dll (C-Media Electronics Inc.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [vfwsde] C:\Users\*****\AppData\Roaming\vfwsde.dll ()
O4 - HKLM..\Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [AsusVibeLuncher] C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUSTeK Computer Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.7.0_05)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E89073AD-4FD2-4FD4-97A9-E68F155328A4}: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F6BD32AB-AD77-44AF-918E-05D834617F3A}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.18 04:03:10 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\Macroplant
[2012.09.18 04:03:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iExplorer
[2012.09.18 04:03:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iExplorer
[2012.09.18 03:45:35 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\DiskAid
[2012.09.18 03:33:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2012.09.18 03:33:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2012.09.14 01:28:48 | 000,000,000 | ---D | C] -- C:\Users\*****\Desktop\2012_09_14
[2012.09.12 18:17:12 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012.09.12 18:17:11 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012.09.12 18:17:09 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012.09.12 18:17:09 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012.09.12 02:51:41 | 000,000,000 | ---D | C] -- C:\Users\*****\Desktop\Neuer Ordner
[2012.09.10 06:48:34 | 000,000,000 | ---D | C] -- C:\Users\*****\Desktop\2012_09_10
[2012.09.10 06:47:35 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJScan
[2012.09.09 17:54:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012.09.09 17:54:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.09.07 23:00:37 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{0FF79337-F92F-11E1-8270-B8AC6F996F26}
[2012.09.07 23:00:33 | 000,819,712 | ---- | C] (C-Media Electronics Inc.) -- C:\Users\*****\AppData\Roaming\rsacac.dll
[2012.08.27 00:17:53 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2012.08.27 00:16:15 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Canon
[2012.08.27 00:16:11 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJWSpt
[2012.08.27 00:09:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Canon IJ Network Tool
[2012.08.27 00:09:57 | 000,323,584 | ---- | C] (CANON INC.) -- C:\Windows\SysWow64\CNC_ARL.dll
[2012.08.27 00:09:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2012.08.27 00:09:56 | 000,114,688 | ---- | C] (CANON INC.) -- C:\Windows\SysWow64\CNC_ARU.dll
[2012.08.27 00:09:56 | 000,015,872 | ---- | C] (CANON INC.) -- C:\Windows\SysWow64\CNHMCA.dll
[2012.08.27 00:09:34 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2012.08.27 00:09:33 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information
[2012.08.27 00:09:28 | 000,385,536 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMLMAR.DLL
[2012.08.27 00:09:27 | 000,256,000 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMIUAR.DLL
[2012.08.27 00:09:23 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2012.08.27 00:09:22 | 000,363,008 | ---- | C] (CANON INC.) -- C:\Windows\SysWow64\CNMNPPM.DLL
[2012.08.27 00:09:22 | 000,355,840 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMN6PPM.DLL
[2012.08.27 00:09:22 | 000,038,400 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMN6UI.DLL
[2012.08.27 00:09:22 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\STRING
[2012.08.27 00:08:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2012.08.26 22:35:56 | 000,000,000 | ---D | C] -- C:\Users\*****\Desktop\CSUF Courses
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.18 06:03:53 | 000,000,000 | ---- | M] () -- C:\Users\*****\AppData\Local\¹º»¼½¾¿ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿ
[2012.09.18 05:57:07 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.09.18 05:53:21 | 000,011,810 | ---- | M] () -- C:\Users\*****\Desktop\vix.ods
[2012.09.18 04:11:10 | 013,695,282 | ---- | M] () -- C:\Users\*****\Desktop\20120916 130205.m4a
[2012.09.18 04:03:05 | 000,001,025 | ---- | M] () -- C:\Users\Public\Desktop\iExplorer.lnk
[2012.09.18 01:57:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.09.17 21:50:09 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2012.09.17 21:50:06 | 000,000,380 | ---- | M] () -- C:\Users\*****\AppData\Roaming\sp_data.sys
[2012.09.17 21:50:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.13 03:25:52 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.13 03:25:52 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.13 03:23:12 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.09.13 03:23:12 | 000,704,488 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.09.13 03:23:12 | 000,659,766 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.09.13 03:23:12 | 000,151,270 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.09.13 03:23:12 | 000,124,216 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.09.13 03:19:18 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2012.09.13 03:18:27 | 3131,551,744 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.12 02:57:54 | 000,000,355 | ---- | M] () -- C:\Windows\cedt.INI
[2012.09.07 23:00:36 | 000,819,712 | ---- | M] (C-Media Electronics Inc.) -- C:\Users\*****\AppData\Roaming\rsacac.dll
[2012.09.07 22:59:18 | 000,158,208 | -HS- | M] () -- C:\Users\*****\AppData\Roaming\vfwsde.dll
[2012.09.05 20:33:42 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.09.05 20:33:42 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.08.28 02:22:28 | 000,001,975 | ---- | M] () -- C:\Users\Public\Desktop\Canon My Printer.lnk
[2012.08.27 00:16:35 | 000,002,081 | ---- | M] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
[2012.08.27 00:16:15 | 000,002,101 | ---- | M] () -- C:\Users\Public\Desktop\Canon MP Navigator EX 5.0.lnk
[2012.08.22 20:12:40 | 000,376,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012.08.22 20:12:33 | 000,288,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012.08.21 20:48:47 | 000,017,334 | R--- | M] () -- C:\Users\*****\Desktop\VECTTOR SYSTEM ORDER FORM.pdf
 
========== Files Created - No Company Name ==========
 
[2012.09.18 04:11:08 | 013,695,282 | ---- | C] () -- C:\Users\*****\Desktop\20120916 130205.m4a
[2012.09.18 04:03:05 | 000,001,025 | ---- | C] () -- C:\Users\Public\Desktop\iExplorer.lnk
[2012.09.18 03:33:38 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012.09.07 23:00:37 | 000,000,000 | ---- | C] () -- C:\Users\*****\AppData\Local\¹º»¼½¾¿ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿ
[2012.09.07 22:59:42 | 000,158,208 | -HS- | C] () -- C:\Users\*****\AppData\Roaming\vfwsde.dll
[2012.08.27 00:17:55 | 000,001,975 | ---- | C] () -- C:\Users\Public\Desktop\Canon My Printer.lnk
[2012.08.27 00:16:15 | 000,002,101 | ---- | C] () -- C:\Users\Public\Desktop\Canon MP Navigator EX 5.0.lnk
[2012.08.27 00:16:13 | 000,002,081 | ---- | C] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
[2012.08.27 00:09:57 | 000,063,744 | ---- | C] () -- C:\Windows\SysWow64\CNC1752D.TBL
[2012.08.22 04:43:17 | 000,017,334 | R--- | C] () -- C:\Users\*****\Desktop\VECTTOR SYSTEM ORDER FORM.pdf
[2012.08.20 23:06:41 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.08.17 03:55:21 | 000,000,355 | ---- | C] () -- C:\Windows\cedt.INI
[2012.07.25 12:24:43 | 000,000,380 | ---- | C] () -- C:\Users\*****\AppData\Roaming\sp_data.sys
[2012.04.30 10:10:08 | 000,019,968 | ---- | C] () -- C:\Windows\SysWow64\DptfPolicyConfigTDPService.exe
[2012.04.30 10:10:08 | 000,018,944 | ---- | C] () -- C:\Windows\SysWow64\DptfParticipantProcessorService.exe
[2012.04.30 10:10:07 | 000,012,288 | ---- | C] () -- C:\Windows\SysWow64\DptfPolicyConfigTDPDll.dll
[2012.04.30 10:09:28 | 000,755,188 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012.04.30 10:09:21 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012.04.30 10:09:14 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.04.30 10:09:09 | 013,024,256 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
[2012.02.24 04:42:37 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2012.02.24 04:28:11 | 009,074,564 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.02.03 07:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
========== LOP Check ==========
 
[2012.07.25 13:13:34 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\ASUS WebStorage
[2012.09.10 06:47:35 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Canon
[2012.09.18 03:45:35 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\DiskAid
[2012.09.15 02:08:16 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Dropbox
[2012.09.12 03:17:16 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\FileZilla
[2012.07.27 00:17:02 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\OpenOffice.org
[2012.07.25 20:32:58 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\TuneUp Software
[2012.07.29 22:56:56 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\WindSolutions
[2012.09.13 03:19:18 | 000,000,828 | ---- | M] () -- C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2012.09.17 21:50:09 | 000,000,830 | ---- | M] () -- C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2009.07.14 07:08:49 | 000,010,964 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:2CFBE2D1

< End of report >
         
Extras.txt
Code:
ATTFilter
OTL Extras logfile created on: 18.09.2012 05:58:59 - Run 1
OTL by OldTimer - Version 3.2.63.0     Folder = D:\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,89 Gb Total Physical Memory | 0,53 Gb Available Physical Memory | 13,57% Memory free
7,78 Gb Paging File | 2,07 Gb Available in Paging File | 26,57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 96,92 Gb Total Space | 39,50 Gb Free Space | 40,76% Space Free | Partition Type: NTFS
Drive D: | 123,45 Gb Total Space | 28,39 Gb Free Space | 23,00% Space Free | Partition Type: NTFS
 
Computer Name: *******-ULTRABOOK | User Name: ******* | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-2081708531-2890620532-2473925903-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1C63BFBF-FE7A-474D-9E60-8E25EA1D5231}" = lport=137 | protocol=17 | dir=in | app=system | 
"{1F3DA0F6-8F8A-456B-AA84-1BCA9B2FAFD1}" = lport=445 | protocol=6 | dir=in | app=system | 
"{422FCC8F-D4C4-4F89-BFCA-E25E82121AFE}" = rport=139 | protocol=6 | dir=out | app=system | 
"{65CD4BBE-A627-451F-81F6-81C450C1874B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{69183ADE-7FE3-4FD6-9060-84C2B1BA61AE}" = rport=138 | protocol=17 | dir=out | app=system | 
"{7200A232-CB9A-4548-89E0-CF072E6C2E3E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{72B06CF3-402A-4827-A9C6-08D0925D2901}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{740C3757-3401-4C8A-A7AD-506B4EF77598}" = rport=445 | protocol=6 | dir=out | app=system | 
"{78C9E203-87D6-4B76-B7BA-B53C2CEAD327}" = lport=138 | protocol=17 | dir=in | app=system | 
"{7DFAB921-3EF2-495D-B0F3-73FE1F95FE9F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{8AE95350-FDBF-41D8-A60C-DAEA2343BDA9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{A56F99CF-933B-4F79-9B77-D54139039647}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{BCD3162F-D502-4C41-A8F2-B1390273707A}" = lport=139 | protocol=6 | dir=in | app=system | 
"{C65D6EE6-64D2-4687-A1BD-02D97B275E91}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{D1B38A3B-EE72-4F37-9612-F175B9BACE1F}" = rport=137 | protocol=17 | dir=out | app=system | 
"{FAE20550-B9E4-4F71-B04D-FDE9DA9D26CC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0470D62A-558E-4296-B3C0-C7F864A2A216}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{0EEAB04A-89BB-4DD0-A319-4788EB9A7E2E}" = dir=out | app=%programfiles% (x86)\tuneup utilities 2012\report.exe | 
"{10997BE9-6D08-423D-AD51-03AA7388A225}" = dir=in | app=d:\program files\itunes\itunes.exe | 
"{123F3215-C535-408A-BF03-34A79E0DFFE3}" = protocol=17 | dir=in | app=c:\users\*******\appdata\roaming\dropbox\bin\dropbox.exe | 
"{1B288973-64DA-45B4-8817-AAEE330A87AD}" = dir=out | app=%programfiles% (x86)\tuneup utilities 2012\diskdoctor.exe | 
"{248C84C2-B45C-40C3-B2FA-FC4FC0907D45}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{2F6910D5-DAD2-41D9-92EF-FCB8182F10BF}" = dir=out | app=%programfiles% (x86)\tuneup utilities 2012\updatewizard.exe | 
"{312FE2E7-1E10-47FF-B3D3-886E96C206A0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{33E5D1C2-0214-4725-8A98-2EC92ABF74FD}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe | 
"{33E80C1F-28C5-4D7D-B53C-DFAAB9290EB1}" = dir=out | app=%programfiles% (x86)\tuneup utilities 2012\energyoptimizer.exe | 
"{3596C018-4B11-4246-853C-3A35E80603C4}" = dir=out | app=%programfiles% (x86)\tuneup utilities 2012\diskexplorer.exe | 
"{3E42EDF3-C1FA-4B5D-97FC-CA8BAF38401E}" = protocol=17 | dir=in | app=c:\users\*******\appdata\roaming\dropbox\bin\dropbox.exe | 
"{3EFE8D3A-E078-4B46-A71D-820B5B8AED70}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 
"{3FD417C6-6B05-43C7-8536-593A6DCC01DD}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{435072ED-4075-4EFC-BA0D-30C663EC6251}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{4E2C1EDF-BDA1-44DC-B843-A5853770A3EC}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{56048913-2EE4-4FB6-9B10-B11FD9535645}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{561DBF33-EED3-4857-8992-86DBCF8E5D0C}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 
"{5A278DBB-313E-417C-A326-AF275605FF6C}" = dir=out | app=%programfiles% (x86)\tuneup utilities 2012\tuautoupdatecheck.exe | 
"{5DD1F226-FD9E-4FAF-A7C7-0976AC4F968A}" = dir=out | app=%programfiles% (x86)\tuneup utilities 2012\tuneuputilitiesapp64.exe | 
"{630A51BF-86FC-4E97-97CC-55CEC9EE42BE}" = dir=out | app=%programfiles% (x86)\tuneup utilities 2012\tux64thk.exe | 
"{65A80A04-A551-45D7-9254-89FB4D5A9454}" = dir=out | app=%programfiles% (x86)\tuneup utilities 2012\updatewizard.exe | 
"{71347B18-55B1-4755-8726-C4FA7487C5DF}" = dir=out | app=%programfiles% (x86)\tuneup utilities 2012\drivedefrag.exe | 
"{7922884C-BCE4-469F-AB6B-17CCFF2EA78C}" = protocol=6 | dir=in | app=c:\users\*******\appdata\roaming\dropbox\bin\dropbox.exe | 
"{7AE9B8EB-E852-4E47-BA7F-FFE9D928A9F4}" = dir=out | app=%programfiles% (x86)\tuneup utilities 2012\oneclickstarter.exe | 
"{872C618B-D2DA-4C94-8DE1-9C6F59BF06AC}" = dir=out | app=%programfiles% (x86)\tuneup utilities 2012\regwiz.exe | 
"{A4A80109-CF73-43C5-8438-CA9ACD8AD284}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{B47DCE39-BD05-4FD0-BC5F-8FCE7C3FBB7F}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{BE0EC94A-88B6-4356-B121-F67FE5BE0F40}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{C1380E25-69C4-4A07-B235-7158326D47E6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{C275D707-9425-40F4-ABA9-045B73D16B5F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{DEFEF155-1584-4FF3-AFC0-AAEFA0460C27}" = dir=out | app=%programfiles% (x86)\tuneup utilities 2012\tuautoreactivator64.exe | 
"{ED50256B-DDC1-49A7-9566-A6EB7E562C20}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{EEAB91AC-1199-4861-A36A-F86860BC291E}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | 
"{FD5AFF63-B7DE-48A6-B7E6-ED1893E7F093}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{FFFA93E5-18BA-4F6C-B70F-C106A3CD065F}" = dir=out | app=%programfiles% (x86)\tuneup utilities 2012\oneclick.exe | 
"TCP Query User{055FDFAA-0032-4D73-832C-5DD5C938251B}C:\users\*******\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\*******\appdata\roaming\dropbox\bin\dropbox.exe | 
"TCP Query User{0E6739EF-CF0C-4372-8232-8658CD22BBF7}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"TCP Query User{76A7B619-9A96-497C-87D3-E156E52EC0B2}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"TCP Query User{7DA6AD17-8D03-43C8-82C9-7913F7D7454C}C:\users\*******\appdata\local\temp\rarsfx0\bie_kms.exe" = protocol=6 | dir=in | app=c:\users\*******\appdata\local\temp\rarsfx0\bie_kms.exe | 
"UDP Query User{1154B6F9-AC37-465E-8702-214ABDBB5EEF}C:\users\*******\appdata\local\temp\rarsfx0\bie_kms.exe" = protocol=17 | dir=in | app=c:\users\*******\appdata\local\temp\rarsfx0\bie_kms.exe | 
"UDP Query User{7FCC8B8A-CDCE-4EB4-B532-330BD39E0C91}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"UDP Query User{D0B7B302-1250-423C-9C45-326FDA7F4ACD}C:\users\*******\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\*******\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{FC08709F-AB8B-4D43-A7A2-A4E73ADFB273}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3100_series" = Canon MG3100 series MP Drivers
"{11BA2B00-1495-47B8-BFA8-D08C605AB2CC}" = Windows Live Family Safety
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}" = Windows Live Family Safety
"{3015F546-6C3E-4E6A-B564-BCDF88C0BA2A}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{37EC048A-81A2-452A-8D1F-3BE2018E767D}" = Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed
"{3CE222BA-66A6-4D18-BEE9-5D21C5798C3E}" = Windows Live Family Safety
"{3D7F836A-AE1F-4FA6-8DB9-4FE06697AB0A}" = Windows Live Family Safety
"{3E776E7A-F4C3-4A89-8EAD-535E722C8397}" = Windows Live Family Safety
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{53375A2B-FE08-42B6-8EB8-16818CD27B2C}" = Windows Live Family Safety
"{54EB8041-1115-4406-AA4B-44D236E84B3B}" = Intel® PROSet/Wireless WiFi Software
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{63919769-655A-48A8-AD6C-39B471F683ED}" = Windows Live Family Safety
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6DDCFF78-6F91-438C-9567-C5CAA9D7F56C}" = Windows Live Family Safety
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{761C6783-D3BC-48AB-8E7C-61CE918A8436}" = ASUS Secure Delete
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources
"{B36055BF-5F0E-4EAB-804D-9203DFB34ADC}" = Windows Live Family Safety
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E01819BD-709F-43A1-9600-6F5E4C584C37}" = Windows Live Family Safety
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E60F14FA-E114-4F25-AEE0-33FE9EC9B1C3}" = Windows Live Family Safety
"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources
"{F11009B0-F4DB-463B-B717-5266E47498AA}" = Windows Live Family Safety
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources
"747C94D329BB5CCC3231C84E4D319B6CEC7BBAB3" = Windows-Treiberpaket - ASUS (ATP) Mouse  (07/08/2012 1.0.0.93)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"ProInst" = Intel PROSet Wireless
"WinRAR archiver" = WinRAR 4.00 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19EA33FB-B34E-40EA-8B8A-61743AEB795A}" = Wireless Console 3
"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4D3286A6-F6AB-498A-82A4-E4F040529F3D}" = ASUS Smart Gesture
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{54A168C9-2250-4058-80EB-1F4A4192548A}" = AX88772B Windows 7 Drivers
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{58172D66-2F69-4215-9AEC-ED8196023736}" = ASUS Tutor
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{622DE1BE-9EDE-49D3-B349-29D64760342A}" = 適用遠端連線的 Windows Live Mesh ActiveX 控制項
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS FaceLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{749F674B-2674-47E8-879C-5626A06B2A91}" = InstantOn for NB
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{78DBE8CE-61F6-4D6C-806C-A0FFF65F5E1D}" = Windows Live Messenger
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7FCB8D5D-9396-4D17-8CFA-349D6D49CD32}" = Intel(R) WiDi
"{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1" = iExplorer 2.2.1.3
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111249233}" = Dream Vacation Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115290153}" = Go Go Gourmet Chef of the Year
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115320460}" = Turbo Fiesta
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116672750}" = World of Goo
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117080787}" = Plants vs Zombies
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117948443}" = Mahjong Memoirs
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119205603}" = Farm Frenzy 3 - Madagascar
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUS_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUS_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}" = פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel(R) Manageability Engine Firmware Recovery Agent
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}" = ASUS USB Charger Plus
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B2E90616-C50D-4B89-A40D-92377AC669E5}" = Windows Live Messenger
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{B800CE44-D206-475D-A6E2-5B3808E2D60A}" = ASUS PWR Option
"{BAEE89D5-6E87-4F89-9603-A1C100479181}" = Windows Live Messenger
"{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}" = Элемент управления Windows Live Mesh ActiveX для удаленных подключений
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C95A5A77-622F-45CA-9540-84468FCB18B1}" = Windows Live Messenger
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CBFD061C-4B27-4A89-ADD8-210316EEFA11}" = Windows Live Messenger
"{CD49AEDB-FFB4-4A9A-A3C2-E9AF814FE6FE}" = Intel® AT Service signup
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D39F0676-163E-4595-A917-E28F99BBD4D2}" = ASUS AI Recovery
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E18B30AA-6E2D-480C-B918-AF61009F4010}" = عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
"{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις
"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"3D073343-CEEB-4ce7-85AC-A69A7631B5D6" = Intel(R) Rapid Start Technology
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"ASUS_Scr_ZenbookPrime" = ASUS_Scr_ZenbookPrime
"Avira AntiVir Desktop" = Avira Free Antivirus
"Canon_IJ_Network_Scanner_Selector_EX" = Canon IJ Network Scanner Selector EX
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"Crimson Editor SVN286" = Crimson Editor SVN286
"FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C" = Intel(R) Dynamic Platform & Thermal Framework
"FileZilla Client" = FileZilla Client 3.5.3
"Game Park Console" = Game Park Console
"Google Chrome" = Google Chrome
"InstallShield_{54A168C9-2250-4058-80EB-1F4A4192548A}" = AX88772B Windows 7 Drivers
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.2.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 5.0" = Canon MP Navigator EX 5.0
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"VLC media player" = VLC media player 2.0.2
"WinLiveSuite" = Windows Live Essentials
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2081708531-2890620532-2473925903-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ActiveTrader 5.4.0_b7" = ActiveTrader 5.4.0_b7
"Dropbox" = Dropbox
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 31.07.2012 07:33:12 | Computer Name = *******-ultrabook | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1144033
 
Error - 31.07.2012 07:41:32 | Computer Name = *******-ultrabook | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 31.07.2012 07:41:32 | Computer Name = *******-ultrabook | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1014
 
Error - 31.07.2012 07:41:32 | Computer Name = *******-ultrabook | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1014
 
Error - 31.07.2012 07:41:34 | Computer Name = *******-ultrabook | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 31.07.2012 07:41:34 | Computer Name = *******-ultrabook | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2481
 
Error - 31.07.2012 07:41:34 | Computer Name = *******-ultrabook | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2481
 
Error - 01.08.2012 09:12:39 | Computer Name = *******-ultrabook | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 01.08.2012 09:12:39 | Computer Name = *******-ultrabook | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2340
 
Error - 01.08.2012 09:12:39 | Computer Name = *******-ultrabook | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2340
 
[ System Events ]
Error - 29.07.2012 14:18:37 | Computer Name = *******-ultrabook | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers 
nicht gestartet:   %%14001
 
Error - 29.07.2012 14:18:42 | Computer Name = *******-ultrabook | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers 
nicht gestartet:   %%14001
 
Error - 29.07.2012 14:18:48 | Computer Name = *******-ultrabook | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers 
nicht gestartet:   %%14001
 
Error - 29.07.2012 14:18:53 | Computer Name = *******-ultrabook | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers 
nicht gestartet:   %%14001
 
Error - 29.07.2012 14:18:58 | Computer Name = *******-ultrabook | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers 
nicht gestartet:   %%14001
 
Error - 29.07.2012 14:19:03 | Computer Name = *******-ultrabook | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers 
nicht gestartet:   %%14001
 
Error - 29.07.2012 14:28:38 | Computer Name = *******-ultrabook | Source = DCOM | ID = 10010
Description = 
 
Error - 29.07.2012 14:28:38 | Computer Name = *******-ultrabook | Source = Microsoft-Windows-LanguagePackSetup | ID = 1000
Description = Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x80080005
 
Error - 31.07.2012 07:33:49 | Computer Name = *******-ultrabook | Source = NetBT | ID = 4321
Description = Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.178.22  registriert werden. Der Computer mit IP-Adresse 192.168.178.1
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 08.08.2012 13:49:45 | Computer Name = *******-ultrabook | Source = AX88772B | ID = 17
Description = 
 
 
< End of report >
         

Alt 19.09.2012, 01:44   #2
markusg
/// Malware-holic
 
Google redirect Virus - Standard

Google redirect Virus



hi
öffne bitte malwarebytes, berichte, poste logs mit funden, avira, ereignisse, poste fundmeldungen, avira, verwaltung quarantäne, poste die fundmeldungen mit pfadangaben
__________________

__________________

Alt 19.09.2012, 02:05   #3
haddy22
 
Google redirect Virus - Standard

Google redirect Virus



hi ok,

malwarebytes reiter "logdateien"

Code:
ATTFilter
2012/09/14 22:12:13 +0200	*****-ULTRABOOK	*****	DETECTION	C:\Users\*****\AppData\Local\Temp\124kkk290347.exe	Exploit.Drop.GS	QUARANTINE



2012/09/07 22:59:37 +0200	*****ULTRABOOK	*****	IP-BLOCK	91.220.35.115 (Type: outgoing, Port: 49261, Process: svchost.exe)
2012/09/07 22:59:40 +0200	*****-ULTRABOOK	*****	DETECTION	C:\Users\*****\AppData\Local\Temp\~!#49AD.tmp	Trojan.Siredef	QUARANTINE
2012/09/07 22:59:40 +0200	*****-ULTRABOOK	*****	IP-BLOCK	91.220.35.115 (Type: outgoing, Port: 49264, Process: svchost.exe)
2012/09/07 22:59:41 +0200	*****-ULTRABOOK	*****	DETECTION	C:\Users\*****\AppData\Local\Temp\~!#5468.tmp	Trojan.LameShield	QUARANTINE
         

Avira

Code:
ATTFilter
C:\Users\*****\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\3a871a6c-60fef1f8
  [0] Archivtyp: ZIP
  --> rt0a/rt0b.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/2012-1723.DH.1
  --> rt0a/rt0c.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/2012-0507.CV.1
  --> rt0a/rt0a.class
      [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Dldr.Kara.AC.1
  --> rt0a/rt0d.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/2012-1723.DV



Beginne mit der Suche in 'C:\Users\*****\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\5b35b8ce-4385a83c'
C:\Users\*****\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\5b35b8ce-4385a83c
  [FUND]      Ist das Trojanische Pferd TR/Dldr.Karagany.I.37
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '558b0358.qua' verschoben!



Beginne mit der Suche in 'C:\Users\****\AppData\Local\Mozilla\Firefox\Profiles\5g967del.default\Cache\C\A0\4FF6Bd01'
C:\Users\****\AppData\Local\Mozilla\Firefox\Profiles\5g967del.default\Cache\C\A0\4FF6Bd01
  [FUND]      Enthält Erkennungsmuster des HTML-Scriptvirus HTML/Rce.Gen3
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '553604f9.qua' verschoben!


Beginne mit der Suche in 'C:\Users\****\AppData\Local\Temp\jar_cache4161029078703004410.tmp'
C:\Users\****\AppData\Local\Temp\jar_cache4161029078703004410.tmp
  [0] Archivtyp: ZIP
  --> Bil.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/2012-4681.J.1
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5430979f.qua' verschoben!


Beginne mit der Suche in 'C:\Users\*****\AppData\Local\Temp\tsft.exe'
C:\Users\****\AppData\Local\Temp\tsft.exe
  [FUND]      Ist das Trojanische Pferd TR/Dldr.Karagany.I.37
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '56f096ca.qua' verschoben!
         
__________________

Alt 19.09.2012, 19:53   #4
markusg
/// Malware-holic
 
Google redirect Virus - Standard

Google redirect Virus



hi
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 19.09.2012, 20:53   #5
haddy22
 
Google redirect Virus - Standard

Google redirect Virus



ok,

Code:
ATTFilter
21:29:35.0468 7420  TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
21:29:35.0468 7420  UEFI system
21:29:35.0855 7420  ============================================================
21:29:35.0855 7420  Current date / time: 2012/09/19 21:29:35.0855
21:29:35.0855 7420  SystemInfo:
21:29:35.0855 7420  
21:29:35.0855 7420  OS Version: 6.1.7601 ServicePack: 1.0
21:29:35.0855 7420  Product type: Workstation
21:29:35.0855 7420  ComputerName: ******-ULTRABOOK
21:29:35.0855 7420  UserName: ******
21:29:35.0855 7420  Windows directory: C:\Windows
21:29:35.0855 7420  System windows directory: C:\Windows
21:29:35.0855 7420  Running under WOW64
21:29:35.0855 7420  Processor architecture: Intel x64
21:29:35.0855 7420  Number of processors: 4
21:29:35.0855 7420  Page size: 0x1000
21:29:35.0855 7420  Boot type: Normal boot
21:29:35.0855 7420  ============================================================
21:29:36.0204 7420  Drive \Device\Harddisk0\DR0 - Size: 0x3AAC5ED800 (234.69 Gb), SectorSize: 0x200, Cylinders: 0x77AD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:29:36.0209 7420  ============================================================
21:29:36.0209 7420  \Device\Harddisk0\DR0:
21:29:36.0209 7420  GPT partitions:
21:29:36.0210 7420  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {B6F4A044-715D-4930-A889-3ECB279E6335}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x64000
21:29:36.0210 7420  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {5CF18A03-8204-41C2-89BE-DBA0DDE278C9}, Name: Microsoft reserved partition, StartLBA 0x64800, BlocksNum 0x40000
21:29:36.0210 7420  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {32683BCE-7127-4747-9CC5-AB0ED7C0DB93}, Name: Basic data partition, StartLBA 0xA4800, BlocksNum 0xC1D5800
21:29:36.0210 7420  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {D3BFE2DE-3DAF-11DF-BA40-E3A556D89593}, UniqueGUID: {A4C30336-BC18-481B-A7CC-9E499217EFB8}, Name: Basic data partition, StartLBA 0xC27A000, BlocksNum 0x800000
21:29:36.0210 7420  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {60CBF359-CBA3-4C1B-92A2-FB275FC8D1B0}, Name: Basic data partition, StartLBA 0xCA7A000, BlocksNum 0xF6E8800
21:29:36.0210 7420  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {992C9F4C-E6DB-4A9A-BDC5-5C5CA882E2F3}, Name: Basic data partition, StartLBA 0x1C162800, BlocksNum 0x1400000
21:29:36.0210 7420  MBR partitions:
21:29:36.0210 7420  ============================================================
21:29:36.0212 7420  C: <-> \Device\Harddisk0\DR0\Partition3
21:29:36.0213 7420  D: <-> \Device\Harddisk0\DR0\Partition5
21:29:36.0213 7420  ============================================================
21:29:36.0213 7420  Initialize success
21:29:36.0213 7420  ============================================================
21:50:17.0029 7936  ============================================================
21:50:17.0029 7936  Scan started
21:50:17.0029 7936  Mode: Manual; SigCheck; TDLFS; 
21:50:17.0029 7936  ============================================================
21:50:17.0163 7936  ================ Scan system memory ========================
21:50:17.0163 7936  System memory - ok
21:50:17.0163 7936  ================ Scan services =============================
21:50:17.0270 7936  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:50:17.0325 7936  1394ohci - ok
21:50:17.0332 7936  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:50:17.0347 7936  ACPI - ok
21:50:17.0351 7936  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:50:17.0376 7936  AcpiPmi - ok
21:50:17.0383 7936  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:50:17.0392 7936  AdobeARMservice - ok
21:50:17.0401 7936  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:50:17.0417 7936  adp94xx - ok
21:50:17.0424 7936  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:50:17.0437 7936  adpahci - ok
21:50:17.0442 7936  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:50:17.0454 7936  adpu320 - ok
21:50:17.0459 7936  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:50:17.0511 7936  AeLookupSvc - ok
21:50:17.0520 7936  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
21:50:17.0539 7936  AFD - ok
21:50:17.0552 7936  [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
21:50:17.0579 7936  AgereSoftModem - ok
21:50:17.0582 7936  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
21:50:17.0592 7936  agp440 - ok
21:50:17.0596 7936  [ 16F6F6B7903B913AB41AB848C8BB5658 ] AiCharger       C:\Windows\system32\DRIVERS\AiCharger.sys
21:50:17.0609 7936  AiCharger - ok
21:50:17.0614 7936  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
21:50:17.0634 7936  ALG - ok
21:50:17.0637 7936  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:50:17.0646 7936  aliide - ok
21:50:17.0649 7936  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
21:50:17.0657 7936  amdide - ok
21:50:17.0661 7936  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
21:50:17.0675 7936  AmdK8 - ok
21:50:17.0678 7936  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
21:50:17.0689 7936  AmdPPM - ok
21:50:17.0693 7936  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:50:17.0703 7936  amdsata - ok
21:50:17.0709 7936  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
21:50:17.0720 7936  amdsbs - ok
21:50:17.0723 7936  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:50:17.0731 7936  amdxata - ok
21:50:17.0737 7936  [ 157B1C973637919DCD0D0464167C86BA ] AMPPAL          C:\Windows\system32\DRIVERS\AMPPAL.sys
21:50:17.0750 7936  AMPPAL - ok
21:50:17.0756 7936  [ 157B1C973637919DCD0D0464167C86BA ] AMPPALP         C:\Windows\system32\DRIVERS\amppal.sys
21:50:17.0764 7936  AMPPALP - ok
21:50:17.0777 7936  [ FB70F8C1283C8CC6BFAA6F9971107E68 ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
21:50:17.0794 7936  AMPPALR3 - ok
21:50:17.0805 7936  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
21:50:17.0816 7936  AntiVirSchedulerService - ok
21:50:17.0821 7936  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
21:50:17.0830 7936  AntiVirService - ok
21:50:17.0834 7936  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
21:50:17.0909 7936  AppID - ok
21:50:17.0913 7936  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:50:17.0947 7936  AppIDSvc - ok
21:50:17.0952 7936  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
21:50:17.0986 7936  Appinfo - ok
21:50:17.0995 7936  [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:50:18.0003 7936  Apple Mobile Device - ok
21:50:18.0007 7936  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
21:50:18.0016 7936  arc - ok
21:50:18.0021 7936  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:50:18.0032 7936  arcsas - ok
21:50:18.0037 7936  [ A3626C6D3F2DC95497F3F61842D7FD89 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
21:50:18.0045 7936  ASLDRService - ok
21:50:18.0049 7936  [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
21:50:18.0056 7936  ASMMAP64 - ok
21:50:18.0074 7936  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:50:18.0086 7936  aspnet_state - ok
21:50:18.0090 7936  [ C7F7FA07C719A43ADBA5674F27893278 ] assd            C:\Windows\system32\drivers\assd.sys
21:50:18.0097 7936  assd ( UnsignedFile.Multi.Generic ) - warning
21:50:18.0097 7936  assd - detected UnsignedFile.Multi.Generic (1)
21:50:18.0105 7936  [ 6A122B4F0E5293CACFA8A5F2CBA9B356 ] ASUS InstantOn  C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
21:50:18.0118 7936  ASUS InstantOn - ok
21:50:18.0122 7936  [ CBF4C9263F35A9E80E4AD5CBBAE6049C ] AsusVBus        C:\Windows\system32\DRIVERS\AsusVBus.sys
21:50:18.0129 7936  AsusVBus - ok
21:50:18.0133 7936  [ E75C5ED96DE15D2865E63890362771D1 ] AsusVTouch      C:\Windows\system32\DRIVERS\AsusVTouch.sys
21:50:18.0140 7936  AsusVTouch - ok
21:50:18.0143 7936  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:50:18.0174 7936  AsyncMac - ok
21:50:18.0177 7936  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
21:50:18.0185 7936  atapi - ok
21:50:18.0200 7936  [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
21:50:18.0240 7936  athr - ok
21:50:18.0244 7936  [ DBC598E47E7A382E60E2A4745D41FEF9 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
21:50:18.0252 7936  ATKGFNEXSrv - ok
21:50:18.0256 7936  [ 41CEAFFCF3550785E59E3EC9BEE8D97A ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
21:50:18.0263 7936  ATKWMIACPIIO - ok
21:50:18.0267 7936  [ 2371654AA0BB31F1B5FCEE575CEE1418 ] ATP             C:\Windows\system32\DRIVERS\AsusTP.sys
21:50:18.0275 7936  ATP - ok
21:50:18.0284 7936  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:50:18.0334 7936  AudioEndpointBuilder - ok
21:50:18.0343 7936  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:50:18.0375 7936  AudioSrv - ok
21:50:18.0379 7936  [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
21:50:18.0388 7936  avgntflt - ok
21:50:18.0394 7936  [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
21:50:18.0406 7936  avipbb - ok
21:50:18.0410 7936  [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
21:50:18.0418 7936  avkmgr - ok
21:50:18.0422 7936  [ 95920D4BE86DD1F60A2D4D23A869A043 ] AX88772B        C:\Windows\system32\DRIVERS\ax88772b.sys
21:50:18.0433 7936  AX88772B - ok
21:50:18.0441 7936  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:50:18.0468 7936  AxInstSV - ok
21:50:18.0476 7936  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
21:50:18.0493 7936  b06bdrv - ok
21:50:18.0499 7936  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:50:18.0514 7936  b57nd60a - ok
21:50:18.0520 7936  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:50:18.0537 7936  BDESVC - ok
21:50:18.0540 7936  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:50:18.0569 7936  Beep - ok
21:50:18.0580 7936  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
21:50:18.0630 7936  BFE - ok
21:50:18.0642 7936  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
21:50:18.0681 7936  BITS - ok
21:50:18.0684 7936  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:50:18.0695 7936  blbdrive - ok
21:50:18.0710 7936  [ 6D625A18DDFCD0464B914B71293AD837 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
21:50:18.0731 7936  Bluetooth Device Monitor - ok
21:50:18.0746 7936  [ 74B2BF80D966CFE8BC8005D19E40608D ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
21:50:18.0772 7936  Bluetooth Media Service - ok
21:50:18.0784 7936  [ 707BF27D30ADAB7798C69D5BF41C7131 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
21:50:18.0807 7936  Bluetooth OBEX Service - ok
21:50:18.0816 7936  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:50:18.0829 7936  Bonjour Service - ok
21:50:18.0834 7936  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:50:18.0850 7936  bowser - ok
21:50:18.0854 7936  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
21:50:18.0865 7936  BrFiltLo - ok
21:50:18.0869 7936  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
21:50:18.0881 7936  BrFiltUp - ok
21:50:18.0885 7936  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
21:50:18.0903 7936  Browser - ok
21:50:18.0909 7936  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:50:18.0923 7936  Brserid - ok
21:50:18.0927 7936  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:50:18.0939 7936  BrSerWdm - ok
21:50:18.0942 7936  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:50:18.0963 7936  BrUsbMdm - ok
21:50:18.0966 7936  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:50:18.0999 7936  BrUsbSer - ok
21:50:19.0003 7936  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
21:50:19.0020 7936  BthEnum - ok
21:50:19.0024 7936  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:50:19.0038 7936  BTHMODEM - ok
21:50:19.0042 7936  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
21:50:19.0055 7936  BthPan - ok
21:50:19.0064 7936  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
21:50:19.0089 7936  BTHPORT - ok
21:50:19.0093 7936  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
21:50:19.0128 7936  bthserv - ok
21:50:19.0133 7936  [ FA2D081709A764F6BEE16B7FFE03E36C ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
21:50:19.0141 7936  BTHSSecurityMgr - ok
21:50:19.0146 7936  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
21:50:19.0157 7936  BTHUSB - ok
21:50:19.0161 7936  [ 3676BEAA7D842047D30E95D59B241F22 ] btmaux          C:\Windows\system32\DRIVERS\btmaux.sys
21:50:19.0172 7936  btmaux - ok
21:50:19.0182 7936  [ FA0E7B5AFB8FD335234916764A2D6CF9 ] btmhsf          C:\Windows\system32\DRIVERS\btmhsf.sys
21:50:19.0201 7936  btmhsf - ok
21:50:19.0206 7936  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:50:19.0238 7936  cdfs - ok
21:50:19.0244 7936  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
21:50:19.0255 7936  cdrom - ok
21:50:19.0260 7936  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
21:50:19.0293 7936  CertPropSvc - ok
21:50:19.0296 7936  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
21:50:19.0308 7936  circlass - ok
21:50:19.0316 7936  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
21:50:19.0329 7936  CLFS - ok
21:50:19.0338 7936  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:50:19.0349 7936  clr_optimization_v2.0.50727_32 - ok
21:50:19.0358 7936  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:50:19.0367 7936  clr_optimization_v2.0.50727_64 - ok
21:50:19.0383 7936  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:50:19.0403 7936  clr_optimization_v4.0.30319_32 - ok
21:50:19.0407 7936  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:50:19.0419 7936  clr_optimization_v4.0.30319_64 - ok
21:50:19.0423 7936  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:50:19.0436 7936  CmBatt - ok
21:50:19.0440 7936  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:50:19.0448 7936  cmdide - ok
21:50:19.0458 7936  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
21:50:19.0489 7936  CNG - ok
21:50:19.0493 7936  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
21:50:19.0504 7936  Compbatt - ok
21:50:19.0507 7936  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
21:50:19.0523 7936  CompositeBus - ok
21:50:19.0526 7936  COMSysApp - ok
21:50:19.0570 7936  [ F08C6020E57F5E5BF2FD034DB10BEDFB ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
21:50:19.0583 7936  cphs - ok
21:50:19.0587 7936  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:50:19.0597 7936  crcdisk - ok
21:50:19.0604 7936  [ 4F5414602E2544A4554D95517948B705 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:50:19.0625 7936  CryptSvc - ok
21:50:19.0635 7936  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:50:19.0670 7936  DcomLaunch - ok
21:50:19.0677 7936  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
21:50:19.0717 7936  defragsvc - ok
21:50:19.0721 7936  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:50:19.0753 7936  DfsC - ok
21:50:19.0759 7936  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:50:19.0791 7936  Dhcp - ok
21:50:19.0795 7936  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
21:50:19.0825 7936  discache - ok
21:50:19.0829 7936  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
21:50:19.0842 7936  Disk - ok
21:50:19.0847 7936  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:50:19.0868 7936  Dnscache - ok
21:50:19.0874 7936  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:50:19.0911 7936  dot3svc - ok
21:50:19.0927 7936  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
21:50:19.0957 7936  DPS - ok
21:50:19.0961 7936  [ B57B6CAFABC6E4F9CD0E4178585E793A ] DptfDevDram     C:\Windows\system32\DRIVERS\DptfDevDram.sys
21:50:19.0969 7936  DptfDevDram - ok
21:50:19.0973 7936  [ 3D4E77C43E9320845D37D6174E61D1C4 ] DptfDevFan      C:\Windows\system32\DRIVERS\DptfDevFan.sys
21:50:19.0980 7936  DptfDevFan - ok
21:50:19.0984 7936  [ 503BB50D87387C11EEA9315D81F66E75 ] DptfDevGen      C:\Windows\system32\DRIVERS\DptfDevGen.sys
21:50:19.0992 7936  DptfDevGen - ok
21:50:19.0996 7936  [ C924AF49E62D8255DF89BAA91770344E ] DptfDevPch      C:\Windows\system32\DRIVERS\DptfDevPch.sys
21:50:20.0005 7936  DptfDevPch - ok
21:50:20.0011 7936  [ C89D695BEDD341AD56A4D5D57D6DFF5C ] DptfDevProc     C:\Windows\system32\DRIVERS\DptfDevProc.sys
21:50:20.0022 7936  DptfDevProc - ok
21:50:20.0028 7936  [ 80198E50E63EA9F9B472B1FEC7E8BEB4 ] DptfManager     C:\Windows\system32\DRIVERS\DptfManager.sys
21:50:20.0041 7936  DptfManager - ok
21:50:20.0044 7936  [ E5EBBE07DCE63C2F2DB3F52FECA1DCE2 ] DptfParticipantProcessorService C:\Windows\SysWOW64\DptfParticipantProcessorService.exe
21:50:20.0054 7936  DptfParticipantProcessorService - ok
21:50:20.0058 7936  [ A9B530EC5F3D11B0B0DBC2947B10F700 ] DptfPolicyConfigTDPService C:\Windows\SysWOW64\DptfPolicyConfigTDPService.exe
21:50:20.0066 7936  DptfPolicyConfigTDPService - ok
21:50:20.0070 7936  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:50:20.0084 7936  drmkaud - ok
21:50:20.0096 7936  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:50:20.0128 7936  DXGKrnl - ok
21:50:20.0132 7936  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
21:50:20.0166 7936  EapHost - ok
21:50:20.0199 7936  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
21:50:20.0246 7936  ebdrv - ok
21:50:20.0251 7936  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
21:50:20.0264 7936  EFS - ok
21:50:20.0276 7936  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:50:20.0299 7936  ehRecvr - ok
21:50:20.0304 7936  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
21:50:20.0318 7936  ehSched - ok
21:50:20.0327 7936  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:50:20.0343 7936  elxstor - ok
21:50:20.0347 7936  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:50:20.0357 7936  ErrDev - ok
21:50:20.0368 7936  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
21:50:20.0401 7936  EventSystem - ok
21:50:20.0413 7936  [ 52AE29A233832E0C704FD7FC534AF9FB ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
21:50:20.0432 7936  EvtEng - ok
21:50:20.0438 7936  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
21:50:20.0472 7936  exfat - ok
21:50:20.0478 7936  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:50:20.0513 7936  fastfat - ok
21:50:20.0523 7936  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
21:50:20.0544 7936  Fax - ok
21:50:20.0547 7936  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
21:50:20.0558 7936  fdc - ok
21:50:20.0562 7936  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
21:50:20.0593 7936  fdPHost - ok
21:50:20.0596 7936  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:50:20.0630 7936  FDResPub - ok
21:50:20.0640 7936  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:50:20.0654 7936  FileInfo - ok
21:50:20.0657 7936  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:50:20.0688 7936  Filetrace - ok
21:50:20.0691 7936  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
21:50:20.0701 7936  flpydisk - ok
21:50:20.0708 7936  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:50:20.0721 7936  FltMgr - ok
21:50:20.0734 7936  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
21:50:20.0768 7936  FontCache - ok
21:50:20.0772 7936  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:50:20.0780 7936  FontCache3.0.0.0 - ok
21:50:20.0783 7936  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:50:20.0796 7936  FsDepends - ok
21:50:20.0799 7936  [ DC0DCE4EC2C5D2CF6472F9FD6AA9A7DC ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
21:50:20.0807 7936  fssfltr - ok
21:50:20.0827 7936  [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
21:50:20.0856 7936  fsssvc - ok
21:50:20.0860 7936  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:50:20.0872 7936  Fs_Rec - ok
21:50:20.0877 7936  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:50:20.0892 7936  fvevol - ok
21:50:20.0897 7936  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:50:20.0907 7936  gagp30kx - ok
21:50:20.0911 7936  [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:50:20.0918 7936  GEARAspiWDM - ok
21:50:20.0940 7936  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
21:50:20.0979 7936  gpsvc - ok
21:50:20.0985 7936  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:50:20.0993 7936  gupdate - ok
21:50:20.0996 7936  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:50:21.0003 7936  gupdatem - ok
21:50:21.0007 7936  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:50:21.0018 7936  hcw85cir - ok
21:50:21.0025 7936  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:50:21.0048 7936  HdAudAddService - ok
21:50:21.0053 7936  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:50:21.0066 7936  HDAudBus - ok
21:50:21.0069 7936  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
21:50:21.0080 7936  HidBatt - ok
21:50:21.0084 7936  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:50:21.0097 7936  HidBth - ok
21:50:21.0100 7936  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
21:50:21.0112 7936  HidIr - ok
21:50:21.0116 7936  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
21:50:21.0148 7936  hidserv - ok
21:50:21.0152 7936  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:50:21.0165 7936  HidUsb - ok
21:50:21.0169 7936  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:50:21.0202 7936  hkmsvc - ok
21:50:21.0209 7936  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:50:21.0231 7936  HomeGroupListener - ok
21:50:21.0237 7936  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:50:21.0251 7936  HomeGroupProvider - ok
21:50:21.0255 7936  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:50:21.0264 7936  HpSAMD - ok
21:50:21.0274 7936  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:50:21.0311 7936  HTTP - ok
21:50:21.0314 7936  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:50:21.0321 7936  hwpolicy - ok
21:50:21.0326 7936  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
21:50:21.0340 7936  i8042prt - ok
21:50:21.0351 7936  [ D1753C06EE17E29352B065EACF3F10D0 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
21:50:21.0364 7936  iaStor - ok
21:50:21.0371 7936  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:50:21.0386 7936  iaStorV - ok
21:50:21.0390 7936  [ 653A38B868A5F20BB506AB57AC41B936 ] ibtfltcoex      C:\Windows\system32\DRIVERS\iBtFltCoex.sys
21:50:21.0398 7936  ibtfltcoex - ok
21:50:21.0410 7936  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:50:21.0431 7936  idsvc - ok
21:50:21.0546 7936  [ 371D7F91C0D2314EB984A4A6CBEABC92 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
21:50:21.0772 7936  igfx - ok
21:50:21.0777 7936  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:50:21.0787 7936  iirsp - ok
21:50:21.0798 7936  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
21:50:21.0846 7936  IKEEXT - ok
21:50:21.0852 7936  [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
21:50:21.0860 7936  intaud_WaveExtensible - ok
21:50:21.0898 7936  [ 6EF96DF5184DDB95A12107B8D7531FB7 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:50:21.0967 7936  IntcAzAudAddService - ok
21:50:21.0975 7936  [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
21:50:21.0988 7936  IntcDAud - ok
21:50:21.0997 7936  [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:50:22.0014 7936  Intel(R) Capability Licensing Service Interface - ok
21:50:22.0020 7936  [ 896AA2F1D79662B17D5DBBE588E24E30 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
21:50:22.0028 7936  Intel(R) ME Service - ok
21:50:22.0032 7936  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
21:50:22.0041 7936  intelide - ok
21:50:22.0045 7936  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:50:22.0056 7936  intelppm - ok
21:50:22.0060 7936  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:50:22.0093 7936  IPBusEnum - ok
21:50:22.0097 7936  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:50:22.0128 7936  IpFilterDriver - ok
21:50:22.0139 7936  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:50:22.0173 7936  iphlpsvc - ok
21:50:22.0178 7936  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:50:22.0189 7936  IPMIDRV - ok
21:50:22.0193 7936  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:50:22.0225 7936  IPNAT - ok
21:50:22.0237 7936  [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:50:22.0258 7936  iPod Service - ok
21:50:22.0262 7936  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:50:22.0282 7936  IRENUM - ok
21:50:22.0287 7936  [ 6DC22BDAA595BE00F19696E72F2F3312 ] irstrtdv        C:\Windows\system32\DRIVERS\irstrtdv.sys
21:50:22.0294 7936  irstrtdv - ok
21:50:22.0301 7936  [ 205FD80EF4B9832F9763B9A187957260 ] irstrtsv        C:\Windows\SysWOW64\irstrtsv.exe
21:50:22.0312 7936  irstrtsv - ok
21:50:22.0315 7936  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:50:22.0324 7936  isapnp - ok
21:50:22.0330 7936  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:50:22.0343 7936  iScsiPrt - ok
21:50:22.0346 7936  [ B2381712638B0B714D0EEAB9A1F7C640 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
21:50:22.0353 7936  iusb3hcs - ok
21:50:22.0361 7936  [ FD2C6457232E95C014DAD21DEBC64867 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
21:50:22.0373 7936  iusb3hub - ok
21:50:22.0384 7936  [ F6A2B5D030BE7EDF8ADC12C9A40825A8 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
21:50:22.0403 7936  iusb3xhc - ok
21:50:22.0407 7936  [ 716F66336F10885D935B08174DC54242 ] iwdbus          C:\Windows\system32\DRIVERS\iwdbus.sys
21:50:22.0415 7936  iwdbus - ok
21:50:22.0420 7936  [ 3C6630473DD42FFC57D9F5564F533127 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:50:22.0429 7936  jhi_service - ok
21:50:22.0433 7936  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:50:22.0446 7936  kbdclass - ok
21:50:22.0449 7936  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:50:22.0463 7936  kbdhid - ok
21:50:22.0467 7936  [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
21:50:22.0474 7936  kbfiltr - ok
21:50:22.0477 7936  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
21:50:22.0486 7936  KeyIso - ok
21:50:22.0490 7936  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:50:22.0504 7936  KSecDD - ok
21:50:22.0508 7936  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:50:22.0524 7936  KSecPkg - ok
21:50:22.0527 7936  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:50:22.0556 7936  ksthunk - ok
21:50:22.0564 7936  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:50:22.0606 7936  KtmRm - ok
21:50:22.0610 7936  [ 033B4AED2C5519072C0D81E00804D003 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
21:50:22.0621 7936  L1C - ok
21:50:22.0627 7936  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:50:22.0677 7936  LanmanServer - ok
21:50:22.0682 7936  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:50:22.0715 7936  LanmanWorkstation - ok
21:50:22.0721 7936  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:50:22.0753 7936  lltdio - ok
21:50:22.0760 7936  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:50:22.0797 7936  lltdsvc - ok
21:50:22.0801 7936  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:50:22.0829 7936  lmhosts - ok
21:50:22.0837 7936  [ 2B23FAA39D8F949ED5EEE03ECA50BCD5 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:50:22.0848 7936  LMS - ok
21:50:22.0855 7936  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:50:22.0864 7936  LSI_FC - ok
21:50:22.0869 7936  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:50:22.0879 7936  LSI_SAS - ok
21:50:22.0883 7936  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
21:50:22.0892 7936  LSI_SAS2 - ok
21:50:22.0896 7936  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:50:22.0907 7936  LSI_SCSI - ok
21:50:22.0911 7936  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
21:50:22.0945 7936  luafv - ok
21:50:22.0949 7936  [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
21:50:22.0957 7936  MBAMProtector - ok
21:50:22.0968 7936  [ 43683E970F008C93C9429EF428147A54 ] MBAMService     D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
21:50:22.0985 7936  MBAMService - ok
21:50:22.0990 7936  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:50:23.0004 7936  Mcx2Svc - ok
21:50:23.0007 7936  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
21:50:23.0016 7936  megasas - ok
21:50:23.0022 7936  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
21:50:23.0035 7936  MegaSR - ok
21:50:23.0039 7936  [ 6B01B7414A105B9E51652089A03027CF ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
21:50:23.0047 7936  MEIx64 - ok
21:50:23.0057 7936  Microsoft SharePoint Workspace Audit Service - ok
21:50:23.0061 7936  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
21:50:23.0091 7936  MMCSS - ok
21:50:23.0095 7936  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
21:50:23.0128 7936  Modem - ok
21:50:23.0132 7936  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:50:23.0144 7936  monitor - ok
21:50:23.0148 7936  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:50:23.0161 7936  mouclass - ok
21:50:23.0164 7936  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:50:23.0177 7936  mouhid - ok
21:50:23.0181 7936  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:50:23.0191 7936  mountmgr - ok
21:50:23.0195 7936  [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:50:23.0205 7936  MozillaMaintenance - ok
21:50:23.0209 7936  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:50:23.0220 7936  mpio - ok
21:50:23.0224 7936  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:50:23.0255 7936  mpsdrv - ok
21:50:23.0266 7936  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:50:23.0304 7936  MpsSvc - ok
21:50:23.0309 7936  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:50:23.0330 7936  MRxDAV - ok
21:50:23.0335 7936  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:50:23.0352 7936  mrxsmb - ok
21:50:23.0358 7936  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:50:23.0377 7936  mrxsmb10 - ok
21:50:23.0381 7936  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:50:23.0396 7936  mrxsmb20 - ok
21:50:23.0399 7936  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:50:23.0408 7936  msahci - ok
21:50:23.0414 7936  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:50:23.0424 7936  msdsm - ok
21:50:23.0430 7936  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
21:50:23.0448 7936  MSDTC - ok
21:50:23.0454 7936  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:50:23.0486 7936  Msfs - ok
21:50:23.0489 7936  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:50:23.0520 7936  mshidkmdf - ok
21:50:23.0523 7936  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:50:23.0534 7936  msisadrv - ok
21:50:23.0539 7936  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:50:23.0574 7936  MSiSCSI - ok
21:50:23.0577 7936  msiserver - ok
21:50:23.0580 7936  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:50:23.0609 7936  MSKSSRV - ok
21:50:23.0612 7936  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:50:23.0642 7936  MSPCLOCK - ok
21:50:23.0645 7936  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:50:23.0675 7936  MSPQM - ok
21:50:23.0682 7936  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:50:23.0702 7936  MsRPC - ok
21:50:23.0707 7936  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:50:23.0716 7936  mssmbios - ok
21:50:23.0720 7936  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:50:23.0750 7936  MSTEE - ok
21:50:23.0754 7936  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
21:50:23.0764 7936  MTConfig - ok
21:50:23.0768 7936  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
21:50:23.0781 7936  Mup - ok
21:50:23.0787 7936  [ 4D02A9A4AAE43280D8631F232AAD79BC ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
21:50:23.0799 7936  MyWiFiDHCPDNS - ok
21:50:23.0808 7936  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
21:50:23.0842 7936  napagent - ok
21:50:23.0850 7936  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:50:23.0875 7936  NativeWifiP - ok
21:50:23.0887 7936  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:50:23.0910 7936  NDIS - ok
21:50:23.0914 7936  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:50:23.0946 7936  NdisCap - ok
21:50:23.0949 7936  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:50:23.0980 7936  NdisTapi - ok
21:50:23.0983 7936  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:50:24.0019 7936  Ndisuio - ok
21:50:24.0024 7936  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:50:24.0059 7936  NdisWan - ok
21:50:24.0063 7936  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:50:24.0096 7936  NDProxy - ok
21:50:24.0099 7936  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:50:24.0133 7936  NetBIOS - ok
21:50:24.0139 7936  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:50:24.0170 7936  NetBT - ok
21:50:24.0173 7936  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
21:50:24.0182 7936  Netlogon - ok
21:50:24.0190 7936  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
21:50:24.0226 7936  Netman - ok
21:50:24.0240 7936  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:50:24.0251 7936  NetMsmqActivator - ok
21:50:24.0254 7936  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:50:24.0262 7936  NetPipeActivator - ok
21:50:24.0270 7936  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
21:50:24.0305 7936  netprofm - ok
21:50:24.0309 7936  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:50:24.0317 7936  NetTcpActivator - ok
21:50:24.0320 7936  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:50:24.0328 7936  NetTcpPortSharing - ok
21:50:24.0429 7936  [ 262225F08B891FD7F16B3B93A3177C1F ] NETwNs64        C:\Windows\system32\DRIVERS\Netwsw00.sys
21:50:24.0581 7936  NETwNs64 - ok
21:50:24.0587 7936  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:50:24.0596 7936  nfrd960 - ok
21:50:24.0603 7936  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:50:24.0636 7936  NlaSvc - ok
21:50:24.0640 7936  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:50:24.0671 7936  Npfs - ok
21:50:24.0675 7936  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
21:50:24.0707 7936  nsi - ok
21:50:24.0710 7936  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:50:24.0737 7936  nsiproxy - ok
21:50:24.0758 7936  [ A2F74975097F52A00745F9637451FDD8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:50:24.0804 7936  Ntfs - ok
21:50:24.0808 7936  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
21:50:24.0839 7936  Null - ok
21:50:24.0843 7936  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:50:24.0854 7936  nvraid - ok
21:50:24.0858 7936  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:50:24.0870 7936  nvstor - ok
21:50:24.0874 7936  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:50:24.0884 7936  nv_agp - ok
21:50:24.0888 7936  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:50:24.0898 7936  ohci1394 - ok
21:50:24.0905 7936  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:50:24.0915 7936  ose - ok
21:50:24.0960 7936  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:50:25.0059 7936  osppsvc - ok
21:50:25.0070 7936  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:50:25.0091 7936  p2pimsvc - ok
21:50:25.0100 7936  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:50:25.0129 7936  p2psvc - ok
21:50:25.0134 7936  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
21:50:25.0152 7936  Parport - ok
21:50:25.0157 7936  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:50:25.0175 7936  partmgr - ok
21:50:25.0182 7936  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:50:25.0199 7936  PcaSvc - ok
21:50:25.0205 7936  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
21:50:25.0225 7936  pci - ok
21:50:25.0229 7936  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
21:50:25.0238 7936  pciide - ok
21:50:25.0244 7936  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:50:25.0256 7936  pcmcia - ok
21:50:25.0260 7936  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:50:25.0276 7936  pcw - ok
21:50:25.0286 7936  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:50:25.0339 7936  PEAUTH - ok
21:50:25.0345 7936  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:50:25.0361 7936  PerfHost - ok
21:50:25.0381 7936  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
21:50:25.0438 7936  pla - ok
21:50:25.0446 7936  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:50:25.0462 7936  PlugPlay - ok
21:50:25.0465 7936  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:50:25.0479 7936  PNRPAutoReg - ok
21:50:25.0486 7936  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:50:25.0500 7936  PNRPsvc - ok
21:50:25.0509 7936  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:50:25.0558 7936  PolicyAgent - ok
21:50:25.0565 7936  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
21:50:25.0604 7936  Power - ok
21:50:25.0609 7936  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:50:25.0642 7936  PptpMiniport - ok
21:50:25.0646 7936  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
21:50:25.0658 7936  Processor - ok
21:50:25.0665 7936  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:50:25.0678 7936  ProfSvc - ok
21:50:25.0681 7936  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:50:25.0690 7936  ProtectedStorage - ok
21:50:25.0695 7936  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:50:25.0728 7936  Psched - ok
21:50:25.0799 7936  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:50:25.0831 7936  ql2300 - ok
21:50:25.0836 7936  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:50:25.0849 7936  ql40xx - ok
21:50:25.0856 7936  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
21:50:25.0881 7936  QWAVE - ok
21:50:25.0884 7936  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:50:25.0901 7936  QWAVEdrv - ok
21:50:25.0904 7936  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:50:25.0934 7936  RasAcd - ok
21:50:25.0938 7936  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:50:25.0971 7936  RasAgileVpn - ok
21:50:25.0976 7936  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
21:50:26.0012 7936  RasAuto - ok
21:50:26.0016 7936  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:50:26.0050 7936  Rasl2tp - ok
21:50:26.0057 7936  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
21:50:26.0097 7936  RasMan - ok
21:50:26.0101 7936  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:50:26.0136 7936  RasPppoe - ok
21:50:26.0141 7936  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:50:26.0176 7936  RasSstp - ok
21:50:26.0183 7936  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:50:26.0224 7936  rdbss - ok
21:50:26.0228 7936  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
21:50:26.0240 7936  rdpbus - ok
21:50:26.0243 7936  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:50:26.0272 7936  RDPCDD - ok
21:50:26.0277 7936  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:50:26.0306 7936  RDPENCDD - ok
21:50:26.0313 7936  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:50:26.0341 7936  RDPREFMP - ok
21:50:26.0348 7936  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:50:26.0365 7936  RDPWD - ok
21:50:26.0371 7936  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:50:26.0389 7936  rdyboost - ok
21:50:26.0394 7936  [ C480D028012881E0136962A49379688D ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
21:50:26.0404 7936  RegSrvc - ok
21:50:26.0409 7936  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:50:26.0442 7936  RemoteAccess - ok
21:50:26.0448 7936  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:50:26.0485 7936  RemoteRegistry - ok
21:50:26.0490 7936  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
21:50:26.0508 7936  RFCOMM - ok
21:50:26.0512 7936  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:50:26.0546 7936  RpcEptMapper - ok
21:50:26.0550 7936  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
21:50:26.0564 7936  RpcLocator - ok
21:50:26.0573 7936  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
21:50:26.0605 7936  RpcSs - ok
21:50:26.0609 7936  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:50:26.0642 7936  rspndr - ok
21:50:26.0652 7936  [ CE0A1D8A59410E698140821E4E69DA0D ] RSUSBVSTOR      C:\Windows\system32\Drivers\RtsUVStor.sys
21:50:26.0665 7936  RSUSBVSTOR - ok
21:50:26.0669 7936  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
21:50:26.0678 7936  SamSs - ok
21:50:26.0682 7936  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:50:26.0692 7936  sbp2port - ok
21:50:26.0697 7936  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:50:26.0733 7936  SCardSvr - ok
21:50:26.0736 7936  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:50:26.0767 7936  scfilter - ok
21:50:26.0779 7936  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
21:50:26.0840 7936  Schedule - ok
21:50:26.0844 7936  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:50:26.0871 7936  SCPolicySvc - ok
21:50:26.0877 7936  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:50:26.0898 7936  SDRSVC - ok
21:50:26.0902 7936  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:50:26.0930 7936  secdrv - ok
21:50:26.0934 7936  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
21:50:26.0965 7936  seclogon - ok
21:50:26.0970 7936  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
21:50:26.0999 7936  SENS - ok
21:50:27.0002 7936  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:50:27.0018 7936  SensrSvc - ok
21:50:27.0021 7936  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
21:50:27.0031 7936  Serenum - ok
21:50:27.0035 7936  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
21:50:27.0046 7936  Serial - ok
21:50:27.0050 7936  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:50:27.0062 7936  sermouse - ok
21:50:27.0073 7936  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:50:27.0106 7936  SessionEnv - ok
21:50:27.0110 7936  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:50:27.0122 7936  sffdisk - ok
21:50:27.0125 7936  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:50:27.0138 7936  sffp_mmc - ok
21:50:27.0141 7936  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:50:27.0154 7936  sffp_sd - ok
21:50:27.0158 7936  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
21:50:27.0168 7936  sfloppy - ok
21:50:27.0176 7936  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:50:27.0216 7936  SharedAccess - ok
21:50:27.0223 7936  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:50:27.0267 7936  ShellHWDetection - ok
21:50:27.0271 7936  [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSG664.sys
21:50:27.0282 7936  SiSGbeLH - ok
21:50:27.0285 7936  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
21:50:27.0296 7936  SiSRaid2 - ok
21:50:27.0300 7936  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:50:27.0311 7936  SiSRaid4 - ok
21:50:27.0317 7936  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
21:50:27.0329 7936  SkypeUpdate - ok
21:50:27.0334 7936  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:50:27.0368 7936  Smb - ok
21:50:27.0375 7936  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:50:27.0386 7936  SNMPTRAP - ok
21:50:27.0389 7936  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:50:27.0400 7936  spldr - ok
21:50:27.0410 7936  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
21:50:27.0438 7936  Spooler - ok
21:50:27.0473 7936  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
21:50:27.0541 7936  sppsvc - ok
21:50:27.0546 7936  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:50:27.0579 7936  sppuinotify - ok
21:50:27.0587 7936  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:50:27.0611 7936  srv - ok
21:50:27.0617 7936  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:50:27.0639 7936  srv2 - ok
21:50:27.0645 7936  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:50:27.0662 7936  srvnet - ok
21:50:27.0667 7936  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:50:27.0704 7936  SSDPSRV - ok
21:50:27.0708 7936  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:50:27.0738 7936  SstpSvc - ok
21:50:27.0741 7936  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
21:50:27.0750 7936  stexstor - ok
21:50:27.0759 7936  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
21:50:27.0789 7936  stisvc - ok
21:50:27.0792 7936  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
21:50:27.0800 7936  swenum - ok
21:50:27.0808 7936  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
21:50:27.0852 7936  swprv - ok
21:50:27.0870 7936  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
21:50:27.0919 7936  SysMain - ok
21:50:27.0924 7936  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:50:27.0944 7936  TabletInputService - ok
21:50:27.0951 7936  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:50:27.0992 7936  TapiSrv - ok
21:50:27.0996 7936  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
21:50:28.0025 7936  TBS - ok
21:50:28.0047 7936  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:50:28.0086 7936  Tcpip - ok
21:50:28.0105 7936  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:50:28.0138 7936  TCPIP6 - ok
21:50:28.0145 7936  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:50:28.0178 7936  tcpipreg - ok
21:50:28.0183 7936  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:50:28.0197 7936  TDPIPE - ok
21:50:28.0201 7936  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:50:28.0213 7936  TDTCP - ok
21:50:28.0217 7936  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:50:28.0250 7936  tdx - ok
21:50:28.0254 7936  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
21:50:28.0266 7936  TermDD - ok
21:50:28.0276 7936  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
21:50:28.0313 7936  TermService - ok
21:50:28.0317 7936  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
21:50:28.0335 7936  Themes - ok
21:50:28.0339 7936  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
21:50:28.0367 7936  THREADORDER - ok
21:50:28.0371 7936  [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM             C:\Windows\system32\drivers\tpm.sys
21:50:28.0382 7936  TPM - ok
21:50:28.0386 7936  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
21:50:28.0422 7936  TrkWks - ok
21:50:28.0428 7936  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:50:28.0457 7936  TrustedInstaller - ok
21:50:28.0463 7936  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:50:28.0492 7936  tssecsrv - ok
21:50:28.0497 7936  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:50:28.0512 7936  TsUsbFlt - ok
21:50:28.0515 7936  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
21:50:28.0526 7936  TsUsbGD - ok
21:50:28.0554 7936  [ 811A229718C85356BC81EB20F35EB7F6 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
21:50:28.0595 7936  TuneUp.UtilitiesSvc - ok
21:50:28.0599 7936  [ DCC94C51D27C7EC0DADECA8F64C94FCF ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
21:50:28.0608 7936  TuneUpUtilitiesDrv - ok
21:50:28.0613 7936  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:50:28.0643 7936  tunnel - ok
21:50:28.0647 7936  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:50:28.0657 7936  uagp35 - ok
21:50:28.0664 7936  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:50:28.0704 7936  udfs - ok
21:50:28.0711 7936  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:50:28.0728 7936  UI0Detect - ok
21:50:28.0732 7936  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:50:28.0742 7936  uliagpkx - ok
21:50:28.0745 7936  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:50:28.0760 7936  umbus - ok
21:50:28.0763 7936  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
21:50:28.0773 7936  UmPass - ok
21:50:28.0783 7936  [ 3C5405EF78576E8E4D791EB18F6856A8 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:50:28.0795 7936  UNS - ok
21:50:28.0802 7936  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
21:50:28.0844 7936  upnphost - ok
21:50:28.0848 7936  [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
21:50:28.0859 7936  USBAAPL64 - ok
21:50:28.0863 7936  [ EBF228A52517042DE4F38A40285BC8D9 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:50:28.0879 7936  usbccgp - ok
21:50:28.0883 7936  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:50:28.0896 7936  usbcir - ok
21:50:28.0900 7936  [ 6B3D5E6A9DA786EC755B00BC180C700B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
21:50:28.0912 7936  usbehci - ok
21:50:28.0919 7936  [ 94ABE9DA48E466BBE84C73E0C6652ED1 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:50:28.0942 7936  usbhub - ok
21:50:28.0946 7936  [ 660B2C08CE7103E71EAA26F85B0B0A56 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:50:28.0963 7936  usbohci - ok
21:50:28.0967 7936  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
21:50:28.0984 7936  usbprint - ok
21:50:28.0989 7936  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:50:29.0009 7936  USBSTOR - ok
21:50:29.0013 7936  [ 1529632FC96032D337B298F8A285D640 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:50:29.0027 7936  usbuhci - ok
21:50:29.0035 7936  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
21:50:29.0059 7936  usbvideo - ok
21:50:29.0063 7936  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
21:50:29.0105 7936  UxSms - ok
21:50:29.0110 7936  [ 5BF180F7F7C2F68ED6D5777840270BCE ] UxTuneUp        C:\Windows\System32\uxtuneup.dll
21:50:29.0117 7936  UxTuneUp - ok
21:50:29.0120 7936  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
21:50:29.0129 7936  VaultSvc - ok
21:50:29.0132 7936  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:50:29.0145 7936  vdrvroot - ok
21:50:29.0153 7936  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
21:50:29.0196 7936  vds - ok
21:50:29.0199 7936  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:50:29.0213 7936  vga - ok
21:50:29.0216 7936  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:50:29.0245 7936  VgaSave - ok
21:50:29.0251 7936  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:50:29.0263 7936  vhdmp - ok
21:50:29.0266 7936  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:50:29.0274 7936  viaide - ok
21:50:29.0278 7936  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:50:29.0291 7936  volmgr - ok
21:50:29.0298 7936  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:50:29.0312 7936  volmgrx - ok
21:50:29.0319 7936  [ DF8126BD41180351A093A3AD2FC8903B ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:50:29.0332 7936  volsnap - ok
21:50:29.0337 7936  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:50:29.0349 7936  vsmraid - ok
21:50:29.0365 7936  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
21:50:29.0422 7936  VSS - ok
21:50:29.0426 7936  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
21:50:29.0441 7936  vwifibus - ok
21:50:29.0445 7936  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:50:29.0463 7936  vwififlt - ok
21:50:29.0466 7936  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
21:50:29.0482 7936  vwifimp - ok
21:50:29.0489 7936  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
21:50:29.0522 7936  W32Time - ok
21:50:29.0528 7936  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:50:29.0540 7936  WacomPen - ok
21:50:29.0545 7936  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:50:29.0578 7936  WANARP - ok
21:50:29.0581 7936  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:50:29.0609 7936  Wanarpv6 - ok
21:50:29.0623 7936  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:50:29.0653 7936  WatAdminSvc - ok
21:50:29.0670 7936  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
21:50:29.0709 7936  wbengine - ok
21:50:29.0715 7936  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:50:29.0738 7936  WbioSrvc - ok
21:50:29.0745 7936  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:50:29.0771 7936  wcncsvc - ok
21:50:29.0775 7936  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:50:29.0790 7936  WcsPlugInService - ok
21:50:29.0793 7936  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
21:50:29.0802 7936  Wd - ok
21:50:29.0811 7936  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:50:29.0838 7936  Wdf01000 - ok
21:50:29.0842 7936  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:50:29.0879 7936  WdiServiceHost - ok
21:50:29.0882 7936  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:50:29.0895 7936  WdiSystemHost - ok
21:50:29.0902 7936  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
21:50:29.0926 7936  WebClient - ok
21:50:29.0931 7936  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:50:29.0968 7936  Wecsvc - ok
21:50:29.0972 7936  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:50:30.0003 7936  wercplsupport - ok
21:50:30.0007 7936  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:50:30.0041 7936  WerSvc - ok
21:50:30.0045 7936  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:50:30.0074 7936  WfpLwf - ok
21:50:30.0080 7936  [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
21:50:30.0092 7936  WimFltr - ok
21:50:30.0096 7936  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:50:30.0107 7936  WIMMount - ok
21:50:30.0109 7936  WinDefend - ok
21:50:30.0114 7936  WinHttpAutoProxySvc - ok
21:50:30.0127 7936  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:50:30.0167 7936  Winmgmt - ok
21:50:30.0188 7936  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
21:50:30.0248 7936  WinRM - ok
21:50:30.0256 7936  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUSB.sys
21:50:30.0267 7936  WinUsb - ok
21:50:30.0279 7936  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:50:30.0303 7936  Wlansvc - ok
21:50:30.0308 7936  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:50:30.0316 7936  wlcrasvc - ok
21:50:30.0339 7936  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:50:30.0379 7936  wlidsvc - ok
21:50:30.0383 7936  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
21:50:30.0393 7936  WmiAcpi - ok
21:50:30.0400 7936  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:50:30.0418 7936  wmiApSrv - ok
21:50:30.0422 7936  WMPNetworkSvc - ok
21:50:30.0425 7936  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:50:30.0440 7936  WPCSvc - ok
21:50:30.0444 7936  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:50:30.0467 7936  WPDBusEnum - ok
21:50:30.0471 7936  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:50:30.0502 7936  ws2ifsl - ok
21:50:30.0506 7936  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
21:50:30.0526 7936  wscsvc - ok
21:50:30.0529 7936  WSearch - ok
21:50:30.0555 7936  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:50:30.0598 7936  wuauserv - ok
21:50:30.0603 7936  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:50:30.0636 7936  WudfPf - ok
21:50:30.0643 7936  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:50:30.0671 7936  WUDFRd - ok
21:50:30.0675 7936  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:50:30.0707 7936  wudfsvc - ok
21:50:30.0713 7936  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:50:30.0737 7936  WwanSvc - ok
21:50:30.0765 7936  [ 118C018DF1C53B94F8C06D2CABBBDA52 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
21:50:30.0811 7936  ZeroConfigService - ok
21:50:30.0821 7936  ================ Scan global ===============================
21:50:30.0824 7936  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:50:30.0834 7936  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
21:50:30.0851 7936  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
21:50:30.0856 7936  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:50:30.0865 7936  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:50:30.0869 7936  [Global] - ok
21:50:30.0870 7936  ================ Scan MBR ==================================
21:50:30.0872 7936  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:50:31.0086 7936  \Device\Harddisk0\DR0 - ok
21:50:31.0086 7936  ================ Scan VBR ==================================
21:50:31.0088 7936  [ 421B5C34F8BBF938AE20C04B6C651422 ] \Device\Harddisk0\DR0\Partition1
21:50:31.0089 7936  \Device\Harddisk0\DR0\Partition1 - ok
21:50:31.0092 7936  [ F95C6499DB28041210DAD54F30FD7FFC ] \Device\Harddisk0\DR0\Partition2
21:50:31.0092 7936  \Device\Harddisk0\DR0\Partition2 - ok
21:50:31.0095 7936  [ 5CBDD8F0E6C8B9CE8E0824A78CE12390 ] \Device\Harddisk0\DR0\Partition3
21:50:31.0096 7936  \Device\Harddisk0\DR0\Partition3 - ok
21:50:31.0099 7936  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition4
21:50:31.0099 7936  \Device\Harddisk0\DR0\Partition4 - ok
21:50:31.0102 7936  [ 34A8A99C42CA773CB6E93D495094D223 ] \Device\Harddisk0\DR0\Partition5
21:50:31.0104 7936  \Device\Harddisk0\DR0\Partition5 - ok
21:50:31.0106 7936  [ C5C62BE79BF58E4A24EDCA267A9D449C ] \Device\Harddisk0\DR0\Partition6
21:50:31.0107 7936  \Device\Harddisk0\DR0\Partition6 - ok
21:50:31.0108 7936  ============================================================
21:50:31.0108 7936  Scan finished
21:50:31.0108 7936  ============================================================
21:50:31.0116 3720  Detected object count: 1
21:50:31.0116 3720  Actual detected object count: 1
21:51:11.0675 3720  assd ( UnsignedFile.Multi.Generic ) - skipped by user
21:51:11.0675 3720  assd ( UnsignedFile.Multi.Generic ) - User select action: Skip
         


Alt 21.09.2012, 17:55   #6
markusg
/// Malware-holic
 
Google redirect Virus - Standard

Google redirect Virus



hi
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
--> Google redirect Virus

Alt 21.09.2012, 21:12   #7
haddy22
 
Google redirect Virus - Standard

Google redirect Virus



hi,

ok hab ich gemacht.

Code:
ATTFilter
ComboFix 12-09-20.03 - ***** 21.09.2012  22:04:01.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3982.1558 [GMT 2:00]
ausgeführt von:: c:\users\*****\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\programdata\Roaming
c:\users\*****\AppData\Roaming\rsacac.dll
c:\users\*****\AppData\Roaming\vfwsde.dll
c:\windows\msvcr71.dll
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-08-21 bis 2012-09-21  ))))))))))))))))))))))))))))))
.
.
2012-09-21 20:07 . 2012-09-21 20:07	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-09-19 05:20 . 2012-09-19 05:20	69000	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{48A89CD8-1872-4278-9FF1-C74CDCBC6E7F}\offreg.dll
2012-09-18 16:10 . 2012-08-23 08:26	9310152	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{48A89CD8-1872-4278-9FF1-C74CDCBC6E7F}\mpengine.dll
2012-09-18 02:03 . 2012-09-18 02:03	--------	d-----w-	c:\users\*****\AppData\Local\Macroplant
2012-09-18 02:03 . 2012-09-18 02:03	--------	d-----w-	c:\program files (x86)\iExplorer
2012-09-18 01:45 . 2012-09-18 01:45	--------	d-----w-	c:\users\*****\AppData\Roaming\DiskAid
2012-09-18 01:33 . 2012-06-09 17:21	178688	----a-w-	c:\windows\SysWow64\unrar.dll
2012-09-18 01:33 . 2012-09-18 01:33	--------	d-----w-	c:\program files (x86)\K-Lite Codec Pack
2012-09-12 16:17 . 2012-08-22 18:12	950128	----a-w-	c:\windows\system32\drivers\ndis.sys
2012-09-12 16:17 . 2012-07-04 20:26	41472	----a-w-	c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 16:17 . 2012-08-02 17:58	574464	----a-w-	c:\windows\system32\d3d10level9.dll
2012-09-12 16:17 . 2012-08-02 16:57	490496	----a-w-	c:\windows\SysWow64\d3d10level9.dll
2012-09-12 16:17 . 2012-08-22 18:12	1913200	----a-w-	c:\windows\system32\drivers\tcpip.sys
2012-09-12 16:17 . 2012-08-22 18:12	376688	----a-w-	c:\windows\system32\drivers\netio.sys
2012-09-12 16:17 . 2012-08-22 18:12	288624	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-10 04:47 . 2012-09-10 04:47	--------	d--h--w-	c:\programdata\CanonIJScan
2012-09-09 15:54 . 2012-09-09 15:54	--------	d-----w-	c:\program files (x86)\Mozilla Maintenance Service
2012-09-09 15:54 . 2012-09-09 15:54	73696	----a-w-	c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
2012-09-07 21:00 . 2012-09-07 21:00	--------	d-----w-	c:\users\*****\AppData\Local\{0FF79337-F92F-11E1-8270-B8AC6F996F26}
2012-08-26 22:17 . 2012-08-26 22:17	--------	d-----w-	c:\program files\Canon
2012-08-26 22:16 . 2012-09-10 04:47	--------	d-----w-	c:\users\*****\AppData\Roaming\Canon
2012-08-26 22:16 . 2012-08-26 22:16	--------	d-----w-	c:\programdata\CanonIJWSpt
2012-08-26 22:08 . 2012-08-26 22:17	--------	d-----w-	c:\program files (x86)\Canon
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-21 19:17 . 2012-07-25 10:24	380	----a-w-	c:\users\*****\AppData\Roaming\sp_data.sys
2012-09-13 01:00 . 2012-07-26 16:04	64462936	----a-w-	c:\windows\system32\MRT.exe
2012-09-05 18:33 . 2012-07-25 15:37	73416	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-05 18:33 . 2012-07-25 15:37	696520	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-25 10:23 . 2011-03-29 02:36	19736	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-07-18 18:15 . 2012-08-14 18:52	3148800	----a-w-	c:\windows\system32\win32k.sys
2012-07-18 16:04 . 2012-07-26 15:48	27760	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2012-07-18 16:04 . 2012-07-26 15:48	132832	----a-w-	c:\windows\system32\drivers\avipbb.sys
2012-07-18 16:04 . 2012-07-26 15:48	98848	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2012-07-13 15:37 . 2012-07-13 15:37	49824	----a-w-	c:\windows\system32\drivers\AsusTP.sys
2012-07-13 15:37 . 2012-07-13 15:37	19104	----a-w-	c:\windows\system32\drivers\AsusVTouch.sys
2012-07-06 22:32 . 2012-07-06 22:32	80512	----a-w-	c:\windows\ASUS_Scr_ZenbookPrime Uninstaller.exe
2012-07-06 22:32 . 2012-07-06 22:32	3058304	----a-w-	c:\windows\AsScrPro.exe
2012-07-06 20:07 . 2012-08-15 03:06	552960	----a-w-	c:\windows\system32\drivers\bthport.sys
2012-07-05 20:06 . 2012-07-25 11:41	772544	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2012-07-05 20:06 . 2012-07-25 11:41	687544	----a-w-	c:\windows\SysWow64\deployJava1.dll
2012-07-04 22:16 . 2012-08-14 18:52	73216	----a-w-	c:\windows\system32\netapi32.dll
2012-07-04 22:13 . 2012-08-14 18:52	59392	----a-w-	c:\windows\system32\browcli.dll
2012-07-04 22:13 . 2012-08-14 18:52	136704	----a-w-	c:\windows\system32\browser.dll
2012-07-04 21:14 . 2012-08-14 18:52	41984	----a-w-	c:\windows\SysWow64\browcli.dll
2012-07-03 11:46 . 2012-07-26 14:38	24904	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-06-29 04:55 . 2012-08-15 03:05	17809920	----a-w-	c:\windows\system32\mshtml.dll
2012-06-29 04:09 . 2012-08-15 03:05	10925568	----a-w-	c:\windows\system32\ieframe.dll
2012-06-29 03:56 . 2012-08-15 03:05	2312704	----a-w-	c:\windows\system32\jscript9.dll
2012-06-29 03:49 . 2012-08-15 03:05	1346048	----a-w-	c:\windows\system32\urlmon.dll
2012-06-29 03:49 . 2012-08-15 03:05	1392128	----a-w-	c:\windows\system32\wininet.dll
2012-06-29 03:48 . 2012-08-15 03:05	1494528	----a-w-	c:\windows\system32\inetcpl.cpl
2012-06-29 03:47 . 2012-08-15 03:05	237056	----a-w-	c:\windows\system32\url.dll
2012-06-29 03:45 . 2012-08-15 03:05	85504	----a-w-	c:\windows\system32\jsproxy.dll
2012-06-29 03:44 . 2012-08-15 03:05	816640	----a-w-	c:\windows\system32\jscript.dll
2012-06-29 03:43 . 2012-08-15 03:05	173056	----a-w-	c:\windows\system32\ieUnatt.exe
2012-06-29 03:42 . 2012-08-15 03:05	2144768	----a-w-	c:\windows\system32\iertutil.dll
2012-06-29 03:40 . 2012-08-15 03:05	96768	----a-w-	c:\windows\system32\mshtmled.dll
2012-06-29 03:39 . 2012-08-15 03:05	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2012-06-29 03:35 . 2012-08-15 03:05	248320	----a-w-	c:\windows\system32\ieui.dll
2012-06-29 00:16 . 2012-08-15 03:05	1800704	----a-w-	c:\windows\SysWow64\jscript9.dll
2012-06-29 00:09 . 2012-08-15 03:05	1129472	----a-w-	c:\windows\SysWow64\wininet.dll
2012-06-29 00:08 . 2012-08-15 03:05	1427968	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2012-06-29 00:04 . 2012-08-15 03:05	142848	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2012-06-29 00:00 . 2012-08-15 03:05	2382848	----a-w-	c:\windows\SysWow64\mshtml.tlb
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{78234974-0C4B-4111-BDEB-D9A104418771}]
2012-07-13 15:37	18400	----a-w-	c:\program files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19	94208	----a-w-	c:\users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19	94208	----a-w-	c:\users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19	94208	----a-w-	c:\users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2012-02-24 3331312]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe" [2011-07-29 737104]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-03-26 291608]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2012-02-02 2321072]
"ACMON"="c:\program files (x86)\ASUS\Splendid\ACMON.exe" [2012-02-21 102568]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2012-04-06 322176]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2011-10-24 174720]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"AsusVibeLuncher"="c:\program files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe" [2012-07-18 549040]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-07-18 348664]
"Malwarebytes' Anti-Malware"="d:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2011-01-15 452016]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2011-08-04 1637496]
.
c:\users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-7-3 26868192]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2012-2-24 549040]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="d:\program files\itunes\iTunesHelper.exe"
"ASUS Screen Saver Protector"=c:\windows\AsScrPro.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-24 136176]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2012-01-09 195584]
R3 AX88772B;ASIX AX88772B USB2.0 to Fast Ethernet Adapter;c:\windows\system32\DRIVERS\ax88772b.sys [2012-04-05 110592]
R3 cphs;Intel(R) Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-04-02 276248]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-24 136176]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2012-01-27 34200]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-09 114144]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2012-03-29 273168]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-09 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 assd;assd; [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-03-26 19224]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-07-18 27760]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-01-09 659968]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-07-18 86224]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-04-13 277120]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-03-27 1014096]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2012-03-27 1104208]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-01-17 135952]
S2 DptfParticipantProcessorService;Intel(R) Dynamic Platform & Thermal Framework Processor Participant Service Application;c:\windows\SysWOW64\DptfParticipantProcessorService.exe [2012-02-20 18944]
S2 DptfPolicyConfigTDPService;Intel(R) Dynamic Platform & Thermal Framework Config TDP Service Application;c:\windows\SysWOW64\DptfPolicyConfigTDPService.exe [2012-02-20 19968]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-02-21 128280]
S2 irstrtsv;Intel(R) Rapid Start Technology Service;c:\windows\SysWOW64\irstrtsv.exe [2012-04-10 193536]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-21 161560]
S2 MBAMService;MBAMService;d:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2012-05-29 2143072]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-29 363800]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2012-03-29 2669840]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys [2012-02-29 17152]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2012-01-09 195584]
S3 AsusVBus;AsusVBus;c:\windows\system32\DRIVERS\AsusVBus.sys [2011-12-21 35968]
S3 AsusVTouch;AsusVTouch;c:\windows\system32\DRIVERS\AsusVTouch.sys [2012-07-13 19104]
S3 ATP;ASUS PS/2 Port Input Device;c:\windows\system32\DRIVERS\AsusTP.sys [2012-07-13 49824]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2012-03-27 1304912]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2012-02-13 95232]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2012-02-13 747008]
S3 DptfDevDram;DptfDevDram;c:\windows\system32\DRIVERS\DptfDevDram.sys [2012-02-20 107288]
S3 DptfDevFan;DptfDevFan;c:\windows\system32\DRIVERS\DptfDevFan.sys [2012-02-20 42776]
S3 DptfDevGen;DptfDevGen;c:\windows\system32\DRIVERS\DptfDevGen.sys [2012-02-20 64792]
S3 DptfDevPch;DptfDevPch;c:\windows\system32\DRIVERS\DptfDevPch.sys [2012-02-20 96024]
S3 DptfDevProc;DptfDevProc;c:\windows\system32\DRIVERS\DptfDevProc.sys [2012-02-20 220952]
S3 DptfManager;DptfManager;c:\windows\system32\DRIVERS\DptfManager.sys [2012-02-20 357656]
S3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2012-03-21 60928]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2012-03-27 331264]
S3 irstrtdv;Intel(R) Rapid Start Technology Driver;c:\windows\system32\DRIVERS\irstrtdv.sys [2012-04-10 26504]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-03-26 356632]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-03-26 789272]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2012-01-27 25496]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [2011-11-10 60184]
S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\Netwsw00.sys [2012-03-12 11471872]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [2011-03-15 311400]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-12-12 11856]
S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-04-25 52736]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 58873296
*Deregistered* - 58873296
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-24 02:28]
.
2012-09-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-24 02:28]
.
2012-09-19 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]
.
2012-09-21 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{78234974-0C4B-4111-BDEB-D9A104418772}]
2012-07-13 15:37	20448	----a-w-	c:\program files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2011-05-25 07:09	227840	----a-w-	c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2011-05-25 07:09	227840	----a-w-	c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19	97792	----a-w-	c:\users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19	97792	----a-w-	c:\users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19	97792	----a-w-	c:\users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19	97792	----a-w-	c:\users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-04-02 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-04-02 398616]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-03-29 12460136]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-03-15 178960]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2012-03-27 11407120]
"ASUS Quick Gesture (x86)"="c:\program files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe" [2012-07-13 17376]
"ASUS TP Center (x64)"="c:\program files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe" [2012-07-13 235488]
"ASUS Quick Gesture (x64)"="c:\program files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe" [2012-07-13 19424]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://asus.msn.com
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
FF - ProfilePath - c:\users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\5g967del.default\
FF - prefs.js: browser.search.defaulturl - hxxp://google.de
FF - prefs.js: browser.startup.homepage - hxxp://www.gmx.net/
FF - prefs.js: keyword.URL - hxxp://www.google.de/search?hl=&q=
FF - prefs.js: network.proxy.ftp - 65.65.219.98
FF - prefs.js: network.proxy.ftp_port - 29122
FF - prefs.js: network.proxy.gopher - 65.65.219.98
FF - prefs.js: network.proxy.gopher_port - 29122
FF - prefs.js: network.proxy.http - 65.65.219.98
FF - prefs.js: network.proxy.http_port - 29122
FF - prefs.js: network.proxy.socks - 65.65.219.98
FF - prefs.js: network.proxy.socks_port - 29122
FF - prefs.js: network.proxy.ssl - 65.65.219.98
FF - prefs.js: network.proxy.ssl_port - 29122
FF - prefs.js: network.proxy.type - 0
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: yahoo.homepage.dontask - true);user_pref(yahoo.ytff.general.dontshowhpoffer, true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-vfwsde - c:\users\*****\AppData\Roaming\vfwsde.dll
HKLM-Run-rsacac - c:\users\*****\AppData\Roaming\rsacac.dll
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-09-21  22:09:29
ComboFix-quarantined-files.txt  2012-09-21 20:09
.
Vor Suchlauf: 9 Verzeichnis(se), 41.894.379.520 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 41.717.383.168 Bytes frei
.
- - End Of File - - 68448DC7AA6B9117540F3675310AF7ED
         
jetzt kommen Fehler, aber google redirect besteht weiterhin

hxxp://www.datenkeule.de/dl.php?file=file1348274248fehler.jpg

Alt 25.09.2012, 18:34   #8
markusg
/// Malware-holic
 
Google redirect Virus - Standard

Google redirect Virus



hi
öffne mal computer,c: qoobox
rechtsklick quarantain mit winrar oder zip packen und im upload channel hochladen bitte
wenn fertig, melden
Trojaner-Board Upload Channel
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 26.09.2012, 00:18   #9
haddy22
 
Google redirect Virus - Standard

Google redirect Virus



ok ist dort hochgeladen

Alt 27.09.2012, 16:35   #10
markusg
/// Malware-holic
 
Google redirect Virus - Standard

Google redirect Virus



danke
nutzt du den pc für oninebanking, zum einkaufen, für sonstige zahlungsabwicklungen oder ähnlich wichtiges, wie berufliches?
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 27.09.2012, 22:41   #11
haddy22
 
Google redirect Virus - Standard

Google redirect Virus



Hi,

leider trifft alles zu

Alt 01.10.2012, 18:50   #12
markusg
/// Malware-holic
 
Google redirect Virus - Standard

Google redirect Virus



sorry für die wartezeit, war am wochenende kaum zu hause.
bitte rufe die bank an, lasse onlinebanking sperren.
der pc muss neu aufgesetzt und dann abgesichert werden
1. Datenrettung:2. Formatieren, Windows neu instalieren:3. PC absichern: http://www.trojaner-board.de/96344-a...-rechners.html
ich werde außerdem noch weitere punkte dazu posten.
4. alle Passwörter ändern!
5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen.
6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Google redirect Virus
antivir, autorun, avira, bonjour, cpu, desktop, document, error, firefox, flash player, format, gfnexsrv.exe, google, helper, home, install.exe, ip-adresse, jdownloader, logfile, mozilla, rarsfx0, realtek, registry, rundll, scan, software, svchost.exe, udp, usb, usb 2.0, usb 3.0, virus, werbeanzeigen, windows



Ähnliche Themen: Google redirect Virus


  1. google redirect virus
    Plagegeister aller Art und deren Bekämpfung - 30.06.2013 (26)
  2. Google Redirect Virus (?)
    Plagegeister aller Art und deren Bekämpfung - 15.04.2013 (11)
  3. Google Redirect Virus
    Plagegeister aller Art und deren Bekämpfung - 05.01.2013 (18)
  4. Google Redirect-Virus
    Log-Analyse und Auswertung - 02.11.2012 (3)
  5. Google Redirect Virus
    Log-Analyse und Auswertung - 31.10.2012 (49)
  6. google redirect virus
    Log-Analyse und Auswertung - 11.09.2012 (9)
  7. Google Redirect Virus bzw. Google Hijack + PC Langsam
    Plagegeister aller Art und deren Bekämpfung - 10.07.2012 (2)
  8. Google Redirect Virus
    Plagegeister aller Art und deren Bekämpfung - 22.05.2012 (44)
  9. Google Redirect Virus
    Plagegeister aller Art und deren Bekämpfung - 14.05.2012 (21)
  10. Google Redirect Virus
    Plagegeister aller Art und deren Bekämpfung - 22.04.2012 (9)
  11. Google redirect virus
    Plagegeister aller Art und deren Bekämpfung - 21.04.2012 (20)
  12. Google Redirect Virus
    Plagegeister aller Art und deren Bekämpfung - 05.04.2012 (29)
  13. Google Redirect Virus
    Log-Analyse und Auswertung - 04.04.2012 (1)
  14. Google redirect Virus.
    Plagegeister aller Art und deren Bekämpfung - 08.03.2012 (22)
  15. google redirect virus
    Log-Analyse und Auswertung - 09.07.2011 (7)
  16. Google Redirect Virus was nun ?
    Plagegeister aller Art und deren Bekämpfung - 21.06.2011 (3)
  17. Google Redirect Virus
    Log-Analyse und Auswertung - 17.06.2011 (6)

Zum Thema Google redirect Virus - Hallo, ich habe das was in letzter Zeit öfter vor zukommen scheint, den Google redirect Virus. Manchmal sind die die Google Ergebnisse Werbeanzeigen und ich werde auf kostenpflichtige Webseiten anstatt - Google redirect Virus...
Archiv
Du betrachtest: Google redirect Virus auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.