Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Wie Claro-Search bei Firefox entfernen?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 13.11.2012, 12:05   #1
F.H.
 
Wie Claro-Search bei Firefox entfernen? - Standard

Wie Claro-Search bei Firefox entfernen?



Hallo,

ich habe mir leider durch einen Download Claro-Search bei Firefox eingefangen und werde ihn jetzt nicht los.
Da in diesem Unterforum schon einige Anfragen deswegen sind, poste ich einfach mal hier. Ich hoffe das ist richtig. Falls nicht, bitte ich um einen kurzen Hinweis.

Jetzt ist meine Frage, wie ich diesen Claro-Search-Mist wieder los werde.

Viele Grüße

F.H.

Hier, die Auswertung:OTL Logfile:
OTL EXTRAS Logfile:
Code:
ATTFilter
OTL logfile created on: 13.11.2012 13:47:26 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Friederike\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,95 Gb Available Physical Memory | 64,90% Memory free
6,00 Gb Paging File | 4,64 Gb Available in Paging File | 77,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 273,40 Gb Total Space | 230,81 Gb Free Space | 84,42% Space Free | Partition Type: NTFS
Drive D: | 182,26 Gb Total Space | 179,91 Gb Free Space | 98,71% Space Free | Partition Type: NTFS
 
Computer Name: FRIEDERIKE-MSI | User Name: Friederike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.11.13 13:46:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Friederike\Downloads\OTL.exe
PRC - [2012.11.13 11:59:23 | 000,384,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.10.30 20:12:42 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012.10.30 20:12:39 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.10.24 18:49:10 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.10.11 12:17:59 | 002,312,216 | ---- | M] () -- C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
PRC - [2012.09.19 18:20:40 | 000,079,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.05.22 07:13:12 | 000,980,920 | ---- | M] (The Eraser Project) -- C:\Program Files\Eraser\Eraser.exe
PRC - [2011.06.17 18:33:04 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.10.27 18:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010.09.30 13:00:28 | 000,253,264 | ---- | M] () -- C:\Program Files\1&1 Surf-Stick\AssistantServices.exe
PRC - [2010.09.30 13:00:28 | 000,139,088 | ---- | M] () -- C:\Program Files\1&1 Surf-Stick\UIExec.exe
PRC - [2010.08.25 10:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009.09.24 13:00:12 | 000,614,400 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe
PRC - [2009.08.26 20:36:00 | 002,684,256 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2009.08.05 22:28:20 | 002,072,576 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files\System Control Manager\MGSysCtrl.exe
PRC - [2009.07.31 06:20:00 | 000,144,752 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2009.07.10 00:54:42 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files\System Control Manager\MSIService.exe
PRC - [2009.06.08 23:34:00 | 000,660,808 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2009.06.05 04:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009.06.05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009.06.04 00:33:00 | 000,308,552 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
PRC - [2009.03.27 11:10:56 | 000,014,336 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2008.07.24 20:24:00 | 000,083,272 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.10.24 18:49:23 | 002,295,264 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.10.11 12:17:59 | 002,312,216 | ---- | M] () -- C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
MOD - [2012.10.11 12:17:06 | 002,069,528 | ---- | M] () -- c:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll
MOD - [2012.09.16 11:51:31 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll
MOD - [2012.09.16 11:51:17 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll
MOD - [2012.09.16 09:12:10 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012.09.16 09:12:02 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012.09.16 09:11:41 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012.09.16 09:11:35 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.09.16 09:11:28 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012.08.21 09:12:21 | 000,121,856 | ---- | M] () -- C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox\components\CitaviPickerCommunication.dll
MOD - [2010.09.30 13:00:28 | 000,139,088 | ---- | M] () -- C:\Program Files\1&1 Surf-Stick\UIExec.exe
MOD - [2009.09.24 13:00:12 | 000,614,400 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe
MOD - [2006.09.14 08:20:24 | 000,126,464 | ---- | M] () -- C:\Program Files\WinRAR 3.61 Multi\RarExt.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2012.10.30 20:12:42 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.10.30 20:12:39 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.10.24 18:49:17 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.11 12:17:59 | 002,312,216 | ---- | M] () [Auto | Running] -- C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe -- (Browser Manager)
SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.06.17 18:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
SRV - [2010.09.30 13:00:28 | 000,253,264 | ---- | M] () [Auto | Running] -- C:\Program Files\1&1 Surf-Stick\AssistantServices.exe -- (UI Assistant Service)
SRV - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.07.31 06:20:00 | 000,144,752 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Running] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.10 00:54:42 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) [Auto | Running] -- C:\Program Files\System Control Manager\MSIService.exe -- (Micro Star SCM)
SRV - [2009.06.05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2009.03.27 11:10:56 | 000,014,336 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Windows\system32\Drivers\DgiVecp.sys -- (DgiVecp)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\FRIEDE~1\AppData\Local\Temp\aswMBR.sys -- (aswMBR)
DRV - [2012.11.13 11:59:47 | 000,133,824 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.11.13 11:59:47 | 000,083,432 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.11.13 11:59:47 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.08.27 14:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.10.29 18:28:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2009.10.29 18:28:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2009.10.29 18:28:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2009.10.29 18:28:24 | 000,009,216 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2009.09.15 05:40:18 | 006,114,816 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32)
DRV - [2009.09.01 05:49:18 | 009,825,728 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009.08.28 20:49:00 | 000,169,064 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2009.08.05 23:44:00 | 000,049,400 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2009.08.05 21:55:00 | 000,061,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2009.07.29 05:01:00 | 000,069,480 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2009.07.24 20:31:00 | 000,021,608 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2009.07.16 12:31:38 | 001,176,064 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.07.13 23:13:45 | 001,068,032 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2009.06.29 03:17:00 | 000,059,904 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir)
DRV - [2009.06.19 18:58:00 | 000,009,608 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Toshidpt.sys -- (toshidpt)
DRV - [2009.06.19 18:57:00 | 000,079,872 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2009.06.19 18:56:00 | 000,042,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2009.06.17 20:59:00 | 000,046,984 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2009.06.09 05:01:44 | 001,161,664 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009.06.04 09:45:48 | 000,166,912 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009.05.26 23:32:02 | 000,017,408 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2009.05.19 14:59:00 | 000,011,776 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\enecirhid.sys -- (enecirhid)
DRV - [2008.04.24 11:16:00 | 000,005,632 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\enecirhidma.sys -- (enecirhidma)
DRV - [2007.03.05 09:10:50 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msi.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.claro-search.com/?q={searchTerms}&affID=114506&tt=4612_4&babsrc=SP_clro&mntrId=feefe68b0000000000000025d39b5fea
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: {8AA36F4F-6DC7-4c06-77AF-5035170634FE}:2012.02.14
FF - prefs.js..browser.search.selectedEngine: "Claro Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.claro-search.com/?affID=114506&tt=4612_4&babsrc=HP_clro&mntrId=feefe68b0000000000000025d39b5fea"
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}: C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2012.08.21 09:12:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.11.13 12:55:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.30 10:07:49 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012.11.13 12:03:59 | 000,000,000 | ---D | M]
 
[2012.08.16 19:56:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Friederike\AppData\Roaming\Mozilla\Extensions
[2012.11.13 12:19:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Friederike\AppData\Roaming\Mozilla\Firefox\Profiles\wvw6vwfn.default\extensions
[2012.11.13 12:03:59 | 000,002,516 | ---- | M] () -- C:\Users\Friederike\AppData\Roaming\Mozilla\Firefox\Profiles\wvw6vwfn.default\searchplugins\browsemngr.xml
[2012.11.13 12:55:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.08.21 09:12:20 | 000,000,000 | ---D | M] (Citavi Picker) -- C:\PROGRAMDATA\SWISS ACADEMIC SOFTWARE\CITAVI PICKER\FIREFOX
[2012.10.24 18:50:04 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.10.24 23:03:12 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.11.13 12:03:45 | 000,006,522 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012.10.24 23:03:11 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.10.24 23:03:12 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.24 23:03:12 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.24 23:03:12 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.24 23:03:11 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe (The Eraser Project)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe ()
O4 - HKLM..\Run: [UIExec] C:\Program Files\1&1 Surf-Stick\UIExec.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: &Citavi Picker... - C:\ProgramData\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html ()
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 129.217.129.42
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{57B4B11B-F091-4740-9272-58371C560EC4}: DhcpNameServer = 10.3.11.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B568DA77-FCDA-4CFB-8943-51FD96F70FE6}: DhcpNameServer = 129.217.129.42
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~2\browse~1\23796~1.11\{16cdf~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.11.13 12:55:30 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.11.13 12:09:06 | 000,000,000 | ---D | C] -- C:\Users\Friederike\Documents\My Cmaps
[2012.11.13 12:09:06 | 000,000,000 | ---D | C] -- C:\Users\Friederike\AppData\Roaming\CmapTools
[2012.11.13 12:09:05 | 000,000,000 | ---D | C] -- C:\Users\Friederike\CmapToolsLogs
[2012.11.13 12:04:59 | 000,000,000 | ---D | C] -- C:\Users\Friederike\.freemind
[2012.11.13 12:04:16 | 000,000,000 | ---D | C] -- C:\Users\Friederike\AppData\Roaming\PerformerSoft
[2012.11.13 12:04:15 | 000,017,464 | ---- | C] (PerformerSoft LLC) -- C:\Windows\System32\roboot.exe
[2012.11.13 12:04:00 | 000,000,000 | ---D | C] -- C:\Users\Friederike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
[2012.11.13 12:03:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager
[2012.11.13 12:03:37 | 000,000,000 | ---D | C] -- C:\Users\Friederike\AppData\Roaming\Babylon
[2012.11.13 12:03:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012.11.13 12:03:34 | 000,000,000 | ---D | C] -- C:\ProgramData\IBUpdaterService
[2012.11.13 11:59:59 | 000,000,000 | -H-D | C] -- C:\Program Files\Zero G Registry
[2012.11.13 11:59:31 | 000,000,000 | -H-D | C] -- C:\Users\Friederike\InstallAnywhere
[2012.10.30 10:07:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.10.22 14:00:19 | 000,000,000 | ---D | C] -- C:\Users\Friederike\Documents\Bluetooth
[2012.10.21 13:58:39 | 000,000,000 | ---D | C] -- C:\Users\Friederike\AppData\Roaming\Avira
[2012.10.21 13:53:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.10.21 13:52:51 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012.10.21 13:52:50 | 000,133,824 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012.10.21 13:52:50 | 000,083,432 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.10.21 13:52:50 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.10.21 13:52:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.10.21 13:52:46 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.13 13:45:18 | 000,000,000 | ---- | M] () -- C:\Users\Friederike\defogger_reenable
[2012.11.13 12:55:31 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.11.13 12:43:02 | 000,017,376 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.13 12:43:02 | 000,017,376 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.13 12:40:36 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.11.13 12:40:36 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.11.13 12:34:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.13 12:34:45 | 2415,255,552 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.13 12:09:02 | 000,002,389 | ---- | M] () -- C:\Users\Friederike\.powerupdate.user.properties
[2012.11.13 11:59:47 | 000,133,824 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012.11.13 11:59:47 | 000,083,432 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.11.13 11:59:47 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.11.08 17:14:12 | 000,675,506 | ---- | M] () -- C:\Users\Public\Documents\sunshine-shakes.pdf
[2012.10.22 14:00:16 | 000,000,914 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk
[2012.10.21 13:53:12 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
 
========== Files Created - No Company Name ==========
 
[2012.11.13 13:45:18 | 000,000,000 | ---- | C] () -- C:\Users\Friederike\defogger_reenable
[2012.11.13 12:55:31 | 000,001,127 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.11.13 12:55:31 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.11.13 12:09:02 | 000,002,389 | ---- | C] () -- C:\Users\Friederike\.powerupdate.user.properties
[2012.11.08 17:14:12 | 000,675,506 | ---- | C] () -- C:\Users\Public\Documents\sunshine-shakes.pdf
[2012.10.21 13:53:12 | 000,001,950 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.08.21 14:59:54 | 000,482,408 | ---- | C] () -- C:\Windows\ssndii.exe
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012.11.13 12:03:37 | 000,000,000 | ---D | M] -- C:\Users\Friederike\AppData\Roaming\Babylon
[2012.11.13 12:10:16 | 000,000,000 | ---D | M] -- C:\Users\Friederike\AppData\Roaming\CmapTools
[2012.11.13 12:24:26 | 000,000,000 | ---D | M] -- C:\Users\Friederike\AppData\Roaming\PerformerSoft
[2012.11.08 10:18:40 | 000,000,000 | ---D | M] -- C:\Users\Friederike\AppData\Roaming\Swiss Academic Software
 
========== Purity Check ==========
 
 

< End of report >
         
--- --- ---

--- --- ---


Auswertung Extras.TxtOTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 13.11.2012 13:47:26 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Friederike\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,95 Gb Available Physical Memory | 64,90% Memory free
6,00 Gb Paging File | 4,64 Gb Available in Paging File | 77,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 273,40 Gb Total Space | 230,81 Gb Free Space | 84,42% Space Free | Partition Type: NTFS
Drive D: | 182,26 Gb Total Space | 179,91 Gb Free Space | 98,71% Space Free | Partition Type: NTFS
 
Computer Name: FRIEDERIKE-MSI | User Name: Friederike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05156E1B-836C-49F1-9E51-AB9B0A0CFC50}" = lport=139 | protocol=6 | dir=in | app=system | 
"{07AFC22F-65C6-492B-AD6A-98C267030165}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{17D43E0C-B546-4510-A7DB-E580DA4B2E45}" = lport=445 | protocol=6 | dir=in | app=system | 
"{1B90647F-5190-4267-80D6-C3F7D03A32A4}" = lport=137 | protocol=17 | dir=in | app=system | 
"{2C9A404F-852E-42E9-B791-D2D9652CDB22}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{2F96E07D-90FA-47DE-BB5E-0221CBB68EE7}" = rport=445 | protocol=6 | dir=out | app=system | 
"{3154FB4E-FF00-48C6-844B-D84DBF6ECF15}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{50BC5EAF-336F-427B-8841-E9DCEDA6009D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{73634CB8-A70F-4802-9537-3666A5E8FFAF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{87CBF515-D526-494D-AE2C-D0043E02FAFE}" = rport=137 | protocol=17 | dir=out | app=system | 
"{8A09BB94-CB01-4210-9FE7-43A065339403}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{9B141CFF-F7BA-467D-B050-3460170D0DDB}" = rport=138 | protocol=17 | dir=out | app=system | 
"{9BC68A29-CB87-4BCA-9ED5-CBFBB466D620}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{A1CB940D-C984-40EC-A8A6-4A88F030B1C2}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{B6B6AF46-581F-43FC-9C0D-89B99F2906F0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{BE265DCE-58E3-4927-AF85-69CD3ACA283A}" = rport=139 | protocol=6 | dir=out | app=system | 
"{C2ECB3A9-26AA-435B-B263-D07991BFD03D}" = lport=138 | protocol=17 | dir=in | app=system | 
"{D88FB8E6-0600-4782-8885-46BFB960E8E9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{DF400640-54DB-479E-918A-1D6B5BE1E7D1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{EF540469-3442-43DB-9CC6-9065171ACDA0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{FBCF3A19-BF14-492B-92AB-DD6EAD66F2E4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{25C16F6C-8B06-46C0-8D05-0725E6722FCB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{29ECC8C0-BD1F-44D8-91EB-21E33759E3D1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{406DB038-38E0-4C56-8A44-FF50A326FCB3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{4F2CCF78-1738-4330-A8B2-ECED1B321685}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{66B2D108-118E-49A2-A192-F37C83DEA818}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{6B889761-66EB-4DA6-A062-695DA5B4AAF1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{71C8FF14-66E0-49BF-8210-1481CC5500E7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{81AAB32C-F465-456A-B199-9F3CD88FBA5A}" = protocol=6 | dir=out | app=system | 
"{82BDA7ED-0AD9-4BEF-9473-CA5EBDB19CE5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{85332AA3-70D1-42CC-B18F-AE9CB27BC1EB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{8E776E00-4C86-4E3D-AF3C-CB2B30FC1A81}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{96A3B29D-FD71-4643-B3AF-84F62FDD5BFE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{9CAB2E46-7513-4489-832A-EA17295A2B58}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{BB10CA21-83D1-4BF4-87E1-254140DCE284}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{C7CA64B4-FF07-4A70-9EE7-741886D182CC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{CC3C5B46-507A-41CE-8E8F-749EA2A866E8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{D39016F1-6A40-4F16-A21D-4A2BF13FB974}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{DE6095B8-9210-43FA-9FD0-7354292D6909}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{E8677980-7AE0-4C9B-9437-3FEE81204559}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"TCP Query User{3D3C8AC3-A9E1-4B76-B3C6-8D03E9070FD6}C:\program files\ihmc cmaptools\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\ihmc cmaptools\jre\bin\javaw.exe | 
"UDP Query User{1981BE4C-9FA9-427B-8922-0A627BA8D5FF}C:\program files\ihmc cmaptools\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\ihmc cmaptools\jre\bin\javaw.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{01A1A019-E1D8-482A-BE17-5E118D17C0A0}" = ArcSoft Print Creations - Brochures & Flyers
"{07690F1C-04B1-4060-9691-6748ED1826B9}" = MSI Software Install
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = Browser Manager
"{25478065-4CB1-448C-80E4-8C4529017EE3}" = ArcSoft WebCam Companion 3
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}" = BurnRecovery
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CE47E6B-AE27-4E40-AC54-329EED96B933}" = ArcSoft Print Creations - Funhouse II
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{5D1C82E7-7EC0-4404-A8AD-36C3B444BC34}" = ArcSoft Print Creations - Poster Creator
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{8E90189A-A5D4-4C0E-A908-06C4236F98EE}" = ArcSoft Magic-i Visual Effects 2
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2007
"{90120000-00A1-0C0A-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Spanish) 2007
"{90120000-00B2-0407-0000-0000000FF1CE}" = Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{95F875CC-1B85-43E6-B3E0-13EA04F3D995}" = ArcSoft Print Creations - Photo Prints
"{A45C5EC7-F13E-4414-99BE-47373935C0FE}" = Eraser 6.0.10.2620
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = 1&1 Surf-Stick
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{C5D7039E-0803-4FE8-976D-156DE1147E4F}" = ArcSoft Print Creations
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{E12C6653-1FF0-4686-ADB8-589C13AE761F}" = Citavi
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}" = System Control Manager
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"284D9B4A58796481EC5A61D01DCC5E654761629C" = ENE CIR Receiver Driver
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"Digital Editions" = Adobe Digital Editions
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"LSI Soft Modem" = LSI HDA Modem
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"Samsung ML-1630 Series" = Samsung ML-1630 Series
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"WinRAR archiver" = WinRAR archiver
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 09.10.2012 04:27:49 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 09.10.2012 15:56:17 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 09.10.2012 16:42:14 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 21.10.2012 15:02:57 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 22.10.2012 07:17:00 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 23.10.2012 04:36:55 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 27.10.2012 15:40:34 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 28.10.2012 06:05:17 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 29.10.2012 11:37:21 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 02.11.2012 14:48:33 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
[ System Events ]
Error - 09.11.2012 04:25:46 | Computer Name = Friederike-msi | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error - 09.11.2012 04:25:48 | Computer Name = Friederike-msi | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error - 09.11.2012 04:25:48 | Computer Name = Friederike-msi | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error - 09.11.2012 04:25:50 | Computer Name = Friederike-msi | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error - 09.11.2012 04:25:51 | Computer Name = Friederike-msi | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error - 09.11.2012 04:25:58 | Computer Name = Friederike-msi | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error - 09.11.2012 04:26:20 | Computer Name = Friederike-msi | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error - 09.11.2012 04:26:21 | Computer Name = Friederike-msi | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error - 09.11.2012 04:26:21 | Computer Name = Friederike-msi | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error - 09.11.2012 12:12:33 | Computer Name = Friederike-msi | Source = Service Control Manager | ID = 7000
Description = The DgiVecp service failed to start due to the following error:   %%2
 
 
< End of report >
         
--- --- ---

Geändert von F.H. (13.11.2012 um 12:57 Uhr) Grund: Auswertung angehängt

Alt 14.11.2012, 22:04   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Wie Claro-Search bei Firefox entfernen? - Standard

Wie Claro-Search bei Firefox entfernen?



Hallo und

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.


Hast du schon irgendwelche Virenscanner-Logs mit Funden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten
__________________

__________________

Alt 15.11.2012, 08:47   #3
F.H.
 
Wie Claro-Search bei Firefox entfernen? - Standard

Wie Claro-Search bei Firefox entfernen?



Hallo,

erst einmal vielen Dank für die schnelle Reaktion.
Mit meinem normalen Avira-Scan gab es keine Ergebnisse.

Der GMER-Scan sieht folgendermaßen aus.
Leider kann ich damit überhaupt nichts anfangen und nicht sagen, ob das Funde sind oder nicht.

Leider weiß ich auch nicht mehr, wie ich beim letzten mal die Logfiles richtig eingefügt habe. Deswegen konnte ich sie jetzt nur hier hinein kopieren.



SSDT 906E86C2 ZwSystemDebugControl
SSDT 906E864F ZwTerminateProcess

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 82E88A49 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82EC24D2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 11F7 82EC962C 4 Bytes [AE, 86, 6E, 90] {SCASB ; XCHG [ESI-0x70], CH}
.text ntkrnlpa.exe!KeRemoveQueueEx + 1553 82EC9988 4 Bytes [B8, 86, 6E, 90]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1597 82EC99CC 4 Bytes [B3, 86, 6E, 90] {MOV BL, 0x86; OUTSB ; NOP }
.text ntkrnlpa.exe!KeRemoveQueueEx + 1613 82EC9A48 4 Bytes [BD, 86, 6E, 90]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1667 82EC9A9C 4 Bytes [C2, 86, 6E, 90] {RET 0x6e86; NOP }
.text ...

---- Devices - GMER 1.0.15 ----

Device \Driver\ACPI_HAL \Device\00000049 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

---- Threads - GMER 1.0.15 ----

Thread System [4:1076] AAC36F2E

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001d92c91cff
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001d92c91cff (not active ControlSet)

---- EOF - GMER 1.0.15 ----


Viele Grüße

F.H.
__________________

Alt 15.11.2012, 16:21   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Wie Claro-Search bei Firefox entfernen? - Standard

Wie Claro-Search bei Firefox entfernen?



Die Logs bitte in CODE-Tags!

1. aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.


2. TDSS-Killer

Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 15.11.2012, 17:13   #5
F.H.
 
Wie Claro-Search bei Firefox entfernen? - Standard

Wie Claro-Search bei Firefox entfernen?



Hallo,

die beiden Sachen habe ich gemacht. Leider habe ich mich vertan und die Funde nicht mit "skip" behandelt, sondern in Quarantäne verschoben. Ich hoffe, das ist nicht so schlimm

Code:
ATTFilter
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-15 17:57:01
-----------------------------
17:57:01.079    OS Version: Windows 6.1.7601 Service Pack 1
17:57:01.079    Number of processors: 2 586 0x170A
17:57:01.079    ComputerName: FRIEDERIKE-MSI  UserName: Friederike
17:57:01.969    Initialize success
17:57:36.771    AVAST engine defs: 12111500
17:57:39.761    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:57:39.761    Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
17:57:39.791    Disk 0 MBR read successfully
17:57:39.791    Disk 0 MBR scan
17:57:39.821    Disk 0 Windows 7 default MBR code
17:57:39.841    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        10240 MB offset 2048
17:57:39.861    Disk 0 Partition 2 80 (A) 27 Hidden NTFS WinRE NTFS          100 MB offset 20973568
17:57:39.881    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       279959 MB offset 21178368
17:57:39.901    Disk 0 Partition 4 00     07    HPFS/NTFS NTFS       186639 MB offset 594534400
17:57:39.911    Disk 0 scanning sectors +976771072
17:57:39.961    Disk 0 scanning C:\Windows\system32\drivers
17:58:00.771    Service scanning
17:58:25.901    Modules scanning
17:58:34.341    Disk 0 trace - called modules:
17:58:34.391    ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll 
17:58:34.391    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86ae9a78]
17:58:34.401    3 CLASSPNP.SYS[8b79659e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85cbf028]
17:58:35.621    AVAST engine scan C:\Windows
17:58:37.861    AVAST engine scan C:\Windows\system32
18:02:19.061    AVAST engine scan C:\Windows\system32\drivers
18:02:32.031    AVAST engine scan C:\Users\Friederike
18:04:10.091    Disk 0 MBR has been saved successfully to "C:\Users\Friederike\Desktop\MBR.dat"
18:04:10.111    The log file has been saved successfully to "C:\Users\Friederike\Desktop\aswMBR.txt"
         
Code:
ATTFilter
18:07:12.0524 5408  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:07:12.0618 5408  ============================================================
18:07:12.0618 5408  Current date / time: 2012/11/15 18:07:12.0618
18:07:12.0618 5408  SystemInfo:
18:07:12.0618 5408  
18:07:12.0618 5408  OS Version: 6.1.7601 ServicePack: 1.0
18:07:12.0618 5408  Product type: Workstation
18:07:12.0618 5408  ComputerName: FRIEDERIKE-MSI
18:07:12.0618 5408  UserName: Friederike
18:07:12.0618 5408  Windows directory: C:\Windows
18:07:12.0618 5408  System windows directory: C:\Windows
18:07:12.0618 5408  Processor architecture: Intel x86
18:07:12.0618 5408  Number of processors: 2
18:07:12.0618 5408  Page size: 0x1000
18:07:12.0618 5408  Boot type: Normal boot
18:07:12.0618 5408  ============================================================
18:07:13.0070 5408  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:07:13.0070 5408  ============================================================
18:07:13.0070 5408  \Device\Harddisk0\DR0:
18:07:13.0070 5408  MBR partitions:
18:07:13.0070 5408  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1432800, BlocksNum 0x222CB800
18:07:13.0070 5408  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x236FE000, BlocksNum 0x16C87800
18:07:13.0070 5408  ============================================================
18:07:13.0086 5408  C: <-> \Device\Harddisk0\DR0\Partition1
18:07:13.0117 5408  D: <-> \Device\Harddisk0\DR0\Partition2
18:07:13.0117 5408  ============================================================
18:07:13.0117 5408  Initialize success
18:07:13.0117 5408  ============================================================
18:07:27.0017 5328  ============================================================
18:07:27.0017 5328  Scan started
18:07:27.0017 5328  Mode: Manual; SigCheck; TDLFS; 
18:07:27.0017 5328  ============================================================
18:07:27.0454 5328  ================ Scan system memory ========================
18:07:27.0454 5328  System memory - ok
18:07:27.0454 5328  ================ Scan services =============================
18:07:27.0641 5328  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:07:27.0750 5328  1394ohci - ok
18:07:27.0859 5328  [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon        C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
18:07:27.0875 5328  ACDaemon - ok
18:07:27.0922 5328  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:07:27.0937 5328  ACPI - ok
18:07:27.0984 5328  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:07:28.0047 5328  AcpiPmi - ok
18:07:28.0125 5328  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
18:07:28.0140 5328  AdobeARMservice - ok
18:07:28.0203 5328  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
18:07:28.0234 5328  adp94xx - ok
18:07:28.0249 5328  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
18:07:28.0265 5328  adpahci - ok
18:07:28.0281 5328  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
18:07:28.0296 5328  adpu320 - ok
18:07:28.0359 5328  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:07:28.0405 5328  AeLookupSvc - ok
18:07:28.0452 5328  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
18:07:28.0515 5328  AFD - ok
18:07:28.0577 5328  [ 6416F9B6B220F0A890525C38235AFAD7 ] AgereModemAudio C:\Program Files\LSI SoftModem\agrsmsvc.exe
18:07:28.0639 5328  AgereModemAudio - ok
18:07:28.0717 5328  [ 7C4297D354445AD0A3435889A2E4CAC2 ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
18:07:28.0811 5328  AgereSoftModem - ok
18:07:28.0842 5328  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
18:07:28.0842 5328  agp440 - ok
18:07:28.0905 5328  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
18:07:28.0920 5328  aic78xx - ok
18:07:28.0998 5328  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
18:07:29.0061 5328  ALG - ok
18:07:29.0123 5328  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:07:29.0123 5328  aliide - ok
18:07:29.0154 5328  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
18:07:29.0170 5328  amdagp - ok
18:07:29.0217 5328  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
18:07:29.0232 5328  amdide - ok
18:07:29.0279 5328  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
18:07:29.0326 5328  AmdK8 - ok
18:07:29.0326 5328  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
18:07:29.0373 5328  AmdPPM - ok
18:07:29.0419 5328  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:07:29.0435 5328  amdsata - ok
18:07:29.0482 5328  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
18:07:29.0497 5328  amdsbs - ok
18:07:29.0497 5328  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:07:29.0513 5328  amdxata - ok
18:07:29.0591 5328  [ A5569C4429D1C5494049FBFE2B2D20FF ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
18:07:29.0622 5328  AntiVirSchedulerService - ok
18:07:29.0669 5328  [ CB7EA00A4E70DF6828EBB68633D000D2 ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
18:07:29.0669 5328  AntiVirService - ok
18:07:29.0700 5328  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
18:07:29.0747 5328  AppID - ok
18:07:29.0794 5328  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:07:29.0856 5328  AppIDSvc - ok
18:07:29.0887 5328  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo         C:\Windows\System32\appinfo.dll
18:07:29.0919 5328  Appinfo - ok
18:07:29.0965 5328  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
18:07:29.0981 5328  arc - ok
18:07:29.0997 5328  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
18:07:30.0012 5328  arcsas - ok
18:07:30.0059 5328  [ DFD07F0A36BD4F7E7AD2BC5548213694 ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
18:07:30.0075 5328  ArcSoftKsUFilter - ok
18:07:30.0106 5328  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:07:30.0199 5328  AsyncMac - ok
18:07:30.0246 5328  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
18:07:30.0262 5328  atapi - ok
18:07:30.0340 5328  [ 2EB96571FE865F07ED1FD6017575026F ] athr            C:\Windows\system32\DRIVERS\athr.sys
18:07:30.0465 5328  athr - ok
18:07:30.0511 5328  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:07:30.0574 5328  AudioEndpointBuilder - ok
18:07:30.0605 5328  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
18:07:30.0636 5328  Audiosrv - ok
18:07:30.0667 5328  [ 680B3A1BE559B5D5AAC04C7949469DD6 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
18:07:30.0683 5328  avgntflt - ok
18:07:30.0745 5328  [ 6B289080B9752DAD39C1C2B98B479DCE ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
18:07:30.0761 5328  avipbb - ok
18:07:30.0777 5328  [ FFB78D74E1EA5F811341A6E7AC547A46 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
18:07:30.0792 5328  avkmgr - ok
18:07:30.0823 5328  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:07:30.0901 5328  AxInstSV - ok
18:07:30.0933 5328  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
18:07:30.0979 5328  b06bdrv - ok
18:07:31.0011 5328  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
18:07:31.0042 5328  b57nd60x - ok
18:07:31.0120 5328  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:07:31.0182 5328  BDESVC - ok
18:07:31.0198 5328  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:07:31.0276 5328  Beep - ok
18:07:31.0307 5328  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
18:07:31.0369 5328  BFE - ok
18:07:31.0401 5328  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\System32\qmgr.dll
18:07:31.0479 5328  BITS - ok
18:07:31.0494 5328  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:07:31.0525 5328  blbdrive - ok
18:07:31.0557 5328  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:07:31.0572 5328  bowser - ok
18:07:31.0588 5328  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:07:31.0635 5328  BrFiltLo - ok
18:07:31.0635 5328  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:07:31.0681 5328  BrFiltUp - ok
18:07:31.0713 5328  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
18:07:31.0744 5328  Browser - ok
18:07:31.0775 5328  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:07:31.0837 5328  Brserid - ok
18:07:31.0869 5328  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:07:31.0915 5328  BrSerWdm - ok
18:07:31.0915 5328  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:07:31.0962 5328  BrUsbMdm - ok
18:07:31.0962 5328  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:07:32.0009 5328  BrUsbSer - ok
18:07:32.0040 5328  [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
18:07:32.0118 5328  BthEnum - ok
18:07:32.0134 5328  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
18:07:32.0165 5328  BTHMODEM - ok
18:07:32.0181 5328  [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
18:07:32.0196 5328  BthPan - ok
18:07:32.0227 5328  [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
18:07:32.0259 5328  BTHPORT - ok
18:07:32.0305 5328  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
18:07:32.0368 5328  bthserv - ok
18:07:32.0383 5328  [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
18:07:32.0415 5328  BTHUSB - ok
18:07:32.0446 5328  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:07:32.0493 5328  cdfs - ok
18:07:32.0524 5328  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
18:07:32.0539 5328  cdrom - ok
18:07:32.0586 5328  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
18:07:32.0633 5328  CertPropSvc - ok
18:07:32.0664 5328  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:07:32.0727 5328  circlass - ok
18:07:32.0758 5328  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
18:07:32.0789 5328  CLFS - ok
18:07:32.0867 5328  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:07:32.0898 5328  clr_optimization_v2.0.50727_32 - ok
18:07:32.0961 5328  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:07:32.0976 5328  clr_optimization_v4.0.30319_32 - ok
18:07:33.0007 5328  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:07:33.0039 5328  CmBatt - ok
18:07:33.0085 5328  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:07:33.0101 5328  cmdide - ok
18:07:33.0132 5328  [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG             C:\Windows\system32\Drivers\cng.sys
18:07:33.0163 5328  CNG - ok
18:07:33.0195 5328  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:07:33.0210 5328  Compbatt - ok
18:07:33.0241 5328  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
18:07:33.0273 5328  CompositeBus - ok
18:07:33.0288 5328  COMSysApp - ok
18:07:33.0304 5328  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
18:07:33.0319 5328  crcdisk - ok
18:07:33.0351 5328  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:07:33.0397 5328  CryptSvc - ok
18:07:33.0429 5328  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:07:33.0475 5328  DcomLaunch - ok
18:07:33.0507 5328  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
18:07:33.0538 5328  defragsvc - ok
18:07:33.0569 5328  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:07:33.0616 5328  DfsC - ok
18:07:33.0631 5328  DgiVecp - ok
18:07:33.0678 5328  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:07:33.0709 5328  Dhcp - ok
18:07:33.0756 5328  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
18:07:33.0803 5328  discache - ok
18:07:33.0834 5328  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
18:07:33.0850 5328  Disk - ok
18:07:33.0881 5328  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:07:33.0943 5328  Dnscache - ok
18:07:33.0975 5328  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:07:34.0021 5328  dot3svc - ok
18:07:34.0068 5328  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
18:07:34.0115 5328  DPS - ok
18:07:34.0162 5328  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:07:34.0193 5328  drmkaud - ok
18:07:34.0224 5328  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:07:34.0271 5328  DXGKrnl - ok
18:07:34.0287 5328  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
18:07:34.0349 5328  EapHost - ok
18:07:34.0427 5328  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
18:07:34.0552 5328  ebdrv - ok
18:07:34.0583 5328  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
18:07:34.0630 5328  EFS - ok
18:07:34.0677 5328  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:07:34.0755 5328  ehRecvr - ok
18:07:34.0786 5328  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
18:07:34.0833 5328  ehSched - ok
18:07:34.0879 5328  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
18:07:34.0926 5328  elxstor - ok
18:07:34.0973 5328  [ F13C945115B8A8C7C4427D5925F88F23 ] enecir          C:\Windows\system32\DRIVERS\enecir.sys
18:07:35.0004 5328  enecir - ok
18:07:35.0020 5328  [ 65BF24816C2814596253F312DD35F171 ] enecirhid       C:\Windows\system32\DRIVERS\enecirhid.sys
18:07:35.0051 5328  enecirhid - ok
18:07:35.0051 5328  [ 97D41E2831AC117AF9BF8D0D9E9D027F ] enecirhidma     C:\Windows\system32\DRIVERS\enecirhidma.sys
18:07:35.0082 5328  enecirhidma - ok
18:07:35.0098 5328  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:07:35.0145 5328  ErrDev - ok
18:07:35.0207 5328  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
18:07:35.0269 5328  EventSystem - ok
18:07:35.0285 5328  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
18:07:35.0316 5328  exfat - ok
18:07:35.0332 5328  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:07:35.0379 5328  fastfat - ok
18:07:35.0425 5328  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
18:07:35.0503 5328  Fax - ok
18:07:35.0519 5328  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:07:35.0535 5328  fdc - ok
18:07:35.0566 5328  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
18:07:35.0628 5328  fdPHost - ok
18:07:35.0644 5328  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
18:07:35.0722 5328  FDResPub - ok
18:07:35.0737 5328  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:07:35.0753 5328  FileInfo - ok
18:07:35.0753 5328  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:07:35.0800 5328  Filetrace - ok
18:07:35.0815 5328  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:07:35.0847 5328  flpydisk - ok
18:07:35.0862 5328  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:07:35.0878 5328  FltMgr - ok
18:07:35.0925 5328  [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache       C:\Windows\system32\FntCache.dll
18:07:36.0003 5328  FontCache - ok
18:07:36.0065 5328  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:07:36.0096 5328  FontCache3.0.0.0 - ok
18:07:36.0112 5328  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:07:36.0127 5328  FsDepends - ok
18:07:36.0143 5328  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:07:36.0159 5328  Fs_Rec - ok
18:07:36.0190 5328  [ 8A73E79089B282100B9393B644CB853B ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:07:36.0221 5328  fvevol - ok
18:07:36.0268 5328  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
18:07:36.0283 5328  gagp30kx - ok
18:07:36.0346 5328  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:07:36.0424 5328  gpsvc - ok
18:07:36.0455 5328  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:07:36.0486 5328  hcw85cir - ok
18:07:36.0549 5328  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:07:36.0580 5328  HdAudAddService - ok
18:07:36.0611 5328  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
18:07:36.0642 5328  HDAudBus - ok
18:07:36.0658 5328  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
18:07:36.0705 5328  HidBatt - ok
18:07:36.0705 5328  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
18:07:36.0720 5328  HidBth - ok
18:07:36.0767 5328  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:07:36.0783 5328  HidIr - ok
18:07:36.0829 5328  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\system32\hidserv.dll
18:07:36.0861 5328  hidserv - ok
18:07:36.0923 5328  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
18:07:36.0954 5328  HidUsb - ok
18:07:37.0017 5328  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:07:37.0063 5328  hkmsvc - ok
18:07:37.0110 5328  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:07:37.0157 5328  HomeGroupListener - ok
18:07:37.0219 5328  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:07:37.0266 5328  HomeGroupProvider - ok
18:07:37.0329 5328  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:07:37.0329 5328  HpSAMD - ok
18:07:37.0375 5328  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:07:37.0438 5328  HTTP - ok
18:07:37.0469 5328  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:07:37.0485 5328  hwpolicy - ok
18:07:37.0531 5328  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
18:07:37.0563 5328  i8042prt - ok
18:07:37.0625 5328  [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
18:07:37.0641 5328  IAANTMON - ok
18:07:37.0672 5328  [ D483687EACE0C065EE772481A96E05F5 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
18:07:37.0687 5328  iaStor - ok
18:07:37.0719 5328  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:07:37.0734 5328  iaStorV - ok
18:07:37.0797 5328  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:07:37.0859 5328  idsvc - ok
18:07:37.0890 5328  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
18:07:37.0906 5328  iirsp - ok
18:07:37.0953 5328  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
18:07:38.0031 5328  IKEEXT - ok
18:07:38.0124 5328  [ F2BAA4FF548F7F0317F7638951C1CD9C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
18:07:38.0233 5328  IntcAzAudAddService - ok
18:07:38.0265 5328  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:07:38.0265 5328  intelide - ok
18:07:38.0311 5328  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:07:38.0358 5328  intelppm - ok
18:07:38.0389 5328  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:07:38.0452 5328  IPBusEnum - ok
18:07:38.0467 5328  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:07:38.0499 5328  IpFilterDriver - ok
18:07:38.0545 5328  [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:07:38.0592 5328  iphlpsvc - ok
18:07:38.0623 5328  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:07:38.0655 5328  IPMIDRV - ok
18:07:38.0655 5328  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:07:38.0701 5328  IPNAT - ok
18:07:38.0717 5328  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:07:38.0748 5328  IRENUM - ok
18:07:38.0779 5328  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:07:38.0795 5328  isapnp - ok
18:07:38.0826 5328  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:07:38.0842 5328  iScsiPrt - ok
18:07:38.0857 5328  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
18:07:38.0857 5328  kbdclass - ok
18:07:38.0904 5328  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
18:07:38.0935 5328  kbdhid - ok
18:07:38.0951 5328  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
18:07:38.0967 5328  KeyIso - ok
18:07:38.0998 5328  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:07:39.0013 5328  KSecDD - ok
18:07:39.0029 5328  [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:07:39.0045 5328  KSecPkg - ok
18:07:39.0076 5328  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:07:39.0138 5328  KtmRm - ok
18:07:39.0169 5328  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:07:39.0201 5328  LanmanServer - ok
18:07:39.0232 5328  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:07:39.0279 5328  LanmanWorkstation - ok
18:07:39.0325 5328  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:07:39.0388 5328  lltdio - ok
18:07:39.0419 5328  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:07:39.0466 5328  lltdsvc - ok
18:07:39.0481 5328  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:07:39.0528 5328  lmhosts - ok
18:07:39.0559 5328  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
18:07:39.0575 5328  LSI_FC - ok
18:07:39.0591 5328  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
18:07:39.0606 5328  LSI_SAS - ok
18:07:39.0606 5328  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:07:39.0622 5328  LSI_SAS2 - ok
18:07:39.0637 5328  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:07:39.0653 5328  LSI_SCSI - ok
18:07:39.0684 5328  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
18:07:39.0715 5328  luafv - ok
18:07:39.0762 5328  [ 59A2783ABA6019BED0C843C706E10A6A ] massfilter      C:\Windows\system32\drivers\massfilter.sys
18:07:39.0793 5328  massfilter - ok
18:07:39.0856 5328  [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe
18:07:39.0887 5328  McComponentHostService - ok
18:07:39.0903 5328  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:07:39.0918 5328  Mcx2Svc - ok
18:07:39.0949 5328  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
18:07:39.0965 5328  megasas - ok
18:07:39.0981 5328  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
18:07:39.0996 5328  MegaSR - ok
18:07:40.0059 5328  [ 71C6748EE8DE938532057EF10B4B7E44 ] Micro Star SCM  C:\Program Files\System Control Manager\MSIService.exe
18:07:40.0090 5328  Micro Star SCM ( UnsignedFile.Multi.Generic ) - warning
18:07:40.0090 5328  Micro Star SCM - detected UnsignedFile.Multi.Generic (1)
18:07:40.0105 5328  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
18:07:40.0168 5328  MMCSS - ok
18:07:40.0183 5328  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
18:07:40.0230 5328  Modem - ok
18:07:40.0246 5328  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:07:40.0277 5328  monitor - ok
18:07:40.0324 5328  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
18:07:40.0324 5328  mouclass - ok
18:07:40.0339 5328  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:07:40.0371 5328  mouhid - ok
18:07:40.0417 5328  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:07:40.0433 5328  mountmgr - ok
18:07:40.0495 5328  [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:07:40.0511 5328  MozillaMaintenance - ok
18:07:40.0542 5328  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:07:40.0558 5328  mpio - ok
18:07:40.0573 5328  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:07:40.0605 5328  mpsdrv - ok
18:07:40.0651 5328  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:07:40.0729 5328  MpsSvc - ok
18:07:40.0745 5328  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:07:40.0792 5328  MRxDAV - ok
18:07:40.0839 5328  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:07:40.0854 5328  mrxsmb - ok
18:07:40.0870 5328  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:07:40.0901 5328  mrxsmb10 - ok
18:07:40.0917 5328  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:07:40.0948 5328  mrxsmb20 - ok
18:07:40.0963 5328  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
18:07:40.0979 5328  msahci - ok
18:07:40.0995 5328  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:07:41.0010 5328  msdsm - ok
18:07:41.0026 5328  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
18:07:41.0057 5328  MSDTC - ok
18:07:41.0104 5328  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:07:41.0151 5328  Msfs - ok
18:07:41.0166 5328  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:07:41.0197 5328  mshidkmdf - ok
18:07:41.0229 5328  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:07:41.0244 5328  msisadrv - ok
18:07:41.0275 5328  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:07:41.0338 5328  MSiSCSI - ok
18:07:41.0353 5328  msiserver - ok
18:07:41.0385 5328  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:07:41.0416 5328  MSKSSRV - ok
18:07:41.0431 5328  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:07:41.0463 5328  MSPCLOCK - ok
18:07:41.0478 5328  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:07:41.0509 5328  MSPQM - ok
18:07:41.0525 5328  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:07:41.0541 5328  MsRPC - ok
18:07:41.0556 5328  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
18:07:41.0572 5328  mssmbios - ok
18:07:41.0587 5328  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:07:41.0619 5328  MSTEE - ok
18:07:41.0619 5328  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
18:07:41.0650 5328  MTConfig - ok
18:07:41.0665 5328  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
18:07:41.0681 5328  Mup - ok
18:07:41.0712 5328  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
18:07:41.0743 5328  napagent - ok
18:07:41.0775 5328  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:07:41.0790 5328  NativeWifiP - ok
18:07:41.0837 5328  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:07:41.0899 5328  NDIS - ok
18:07:41.0931 5328  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:07:41.0962 5328  NdisCap - ok
18:07:41.0993 5328  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:07:42.0024 5328  NdisTapi - ok
18:07:42.0055 5328  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:07:42.0087 5328  Ndisuio - ok
18:07:42.0118 5328  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:07:42.0165 5328  NdisWan - ok
18:07:42.0180 5328  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:07:42.0211 5328  NDProxy - ok
18:07:42.0243 5328  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:07:42.0274 5328  NetBIOS - ok
18:07:42.0305 5328  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:07:42.0383 5328  NetBT - ok
18:07:42.0399 5328  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
18:07:42.0414 5328  Netlogon - ok
18:07:42.0477 5328  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
18:07:42.0539 5328  Netman - ok
18:07:42.0570 5328  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
18:07:42.0617 5328  netprofm - ok
18:07:42.0633 5328  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:07:42.0648 5328  NetTcpPortSharing - ok
18:07:42.0820 5328  [ EF51B405AD8ACAAE6F0231290D20F516 ] NETw5s32        C:\Windows\system32\DRIVERS\NETw5s32.sys
18:07:43.0038 5328  NETw5s32 - ok
18:07:43.0069 5328  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
18:07:43.0085 5328  nfrd960 - ok
18:07:43.0116 5328  [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:07:43.0179 5328  NlaSvc - ok
18:07:43.0210 5328  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:07:43.0257 5328  Npfs - ok
18:07:43.0288 5328  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
18:07:43.0319 5328  nsi - ok
18:07:43.0335 5328  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:07:43.0381 5328  nsiproxy - ok
18:07:43.0428 5328  [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:07:43.0506 5328  Ntfs - ok
18:07:43.0522 5328  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
18:07:43.0584 5328  Null - ok
18:07:43.0787 5328  [ 2713392707E515EFB671751FA767EBD2 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:07:44.0099 5328  nvlddmkm - ok
18:07:44.0146 5328  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:07:44.0161 5328  nvraid - ok
18:07:44.0193 5328  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:07:44.0208 5328  nvstor - ok
18:07:44.0239 5328  [ D445466C0A10536486FBEBBC271D6E34 ] nvsvc           C:\windows\system32\nvvsvc.exe
18:07:44.0255 5328  nvsvc - ok
18:07:44.0302 5328  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:07:44.0317 5328  nv_agp - ok
18:07:44.0395 5328  [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:07:44.0427 5328  odserv - ok
18:07:44.0458 5328  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:07:44.0473 5328  ohci1394 - ok
18:07:44.0520 5328  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:07:44.0536 5328  ose - ok
18:07:44.0567 5328  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:07:44.0598 5328  p2pimsvc - ok
18:07:44.0645 5328  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
18:07:44.0676 5328  p2psvc - ok
18:07:44.0707 5328  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:07:44.0739 5328  Parport - ok
18:07:44.0754 5328  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:07:44.0770 5328  partmgr - ok
18:07:44.0785 5328  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
18:07:44.0817 5328  Parvdm - ok
18:07:44.0817 5328  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:07:44.0848 5328  PcaSvc - ok
18:07:44.0863 5328  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
18:07:44.0879 5328  pci - ok
18:07:44.0910 5328  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
18:07:44.0926 5328  pciide - ok
18:07:44.0957 5328  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
18:07:44.0973 5328  pcmcia - ok
18:07:44.0988 5328  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
18:07:45.0004 5328  pcw - ok
18:07:45.0051 5328  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:07:45.0082 5328  PEAUTH - ok
18:07:45.0160 5328  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
18:07:45.0253 5328  pla - ok
18:07:45.0300 5328  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:07:45.0363 5328  PlugPlay - ok
18:07:45.0394 5328  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:07:45.0425 5328  PNRPAutoReg - ok
18:07:45.0441 5328  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:07:45.0456 5328  PNRPsvc - ok
18:07:45.0503 5328  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:07:45.0565 5328  PolicyAgent - ok
18:07:45.0597 5328  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
18:07:45.0643 5328  Power - ok
18:07:45.0675 5328  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:07:45.0706 5328  PptpMiniport - ok
18:07:45.0721 5328  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
18:07:45.0737 5328  Processor - ok
18:07:45.0768 5328  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
18:07:45.0815 5328  ProfSvc - ok
18:07:45.0815 5328  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:07:45.0831 5328  ProtectedStorage - ok
18:07:45.0877 5328  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:07:45.0909 5328  Psched - ok
18:07:45.0955 5328  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
18:07:46.0033 5328  ql2300 - ok
18:07:46.0049 5328  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
18:07:46.0049 5328  ql40xx - ok
18:07:46.0080 5328  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
18:07:46.0111 5328  QWAVE - ok
18:07:46.0143 5328  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:07:46.0174 5328  QWAVEdrv - ok
18:07:46.0174 5328  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:07:46.0221 5328  RasAcd - ok
18:07:46.0267 5328  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:07:46.0314 5328  RasAgileVpn - ok
18:07:46.0330 5328  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
18:07:46.0361 5328  RasAuto - ok
18:07:46.0377 5328  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:07:46.0439 5328  Rasl2tp - ok
18:07:46.0486 5328  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
18:07:46.0548 5328  RasMan - ok
18:07:46.0564 5328  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:07:46.0611 5328  RasPppoe - ok
18:07:46.0642 5328  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:07:46.0673 5328  RasSstp - ok
18:07:46.0704 5328  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:07:46.0735 5328  rdbss - ok
18:07:46.0767 5328  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:07:46.0782 5328  rdpbus - ok
18:07:46.0813 5328  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:07:46.0860 5328  RDPCDD - ok
18:07:46.0891 5328  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:07:46.0938 5328  RDPENCDD - ok
18:07:46.0954 5328  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:07:46.0985 5328  RDPREFMP - ok
18:07:47.0016 5328  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:07:47.0063 5328  RDPWD - ok
18:07:47.0125 5328  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:07:47.0157 5328  rdyboost - ok
18:07:47.0188 5328  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:07:47.0235 5328  RemoteAccess - ok
18:07:47.0266 5328  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:07:47.0313 5328  RemoteRegistry - ok
18:07:47.0359 5328  [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
18:07:47.0375 5328  RFCOMM - ok
18:07:47.0406 5328  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:07:47.0437 5328  RpcEptMapper - ok
18:07:47.0469 5328  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
18:07:47.0515 5328  RpcLocator - ok
18:07:47.0547 5328  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\system32\rpcss.dll
18:07:47.0578 5328  RpcSs - ok
18:07:47.0625 5328  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:07:47.0656 5328  rspndr - ok
18:07:47.0703 5328  [ 434DCF7AE4300C876AA40873E3113983 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
18:07:47.0749 5328  RSUSBSTOR - ok
18:07:47.0781 5328  [ 26A9D6227D12B9D9DA5A81BB9B55D810 ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
18:07:47.0812 5328  RTL8167 - ok
18:07:47.0827 5328  RtsUIR - ok
18:07:47.0843 5328  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
18:07:47.0859 5328  SamSs - ok
18:07:47.0874 5328  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:07:47.0890 5328  sbp2port - ok
18:07:47.0937 5328  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:07:47.0999 5328  SCardSvr - ok
18:07:48.0015 5328  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:07:48.0061 5328  scfilter - ok
18:07:48.0093 5328  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
18:07:48.0171 5328  Schedule - ok
18:07:48.0186 5328  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:07:48.0217 5328  SCPolicySvc - ok
18:07:48.0264 5328  [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus           C:\Windows\system32\drivers\sdbus.sys
18:07:48.0311 5328  sdbus - ok
18:07:48.0327 5328  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:07:48.0373 5328  SDRSVC - ok
18:07:48.0420 5328  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:07:48.0467 5328  secdrv - ok
18:07:48.0498 5328  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
18:07:48.0561 5328  seclogon - ok
18:07:48.0592 5328  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\System32\sens.dll
18:07:48.0639 5328  SENS - ok
18:07:48.0639 5328  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:07:48.0670 5328  SensrSvc - ok
18:07:48.0701 5328  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:07:48.0701 5328  Serenum - ok
18:07:48.0717 5328  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:07:48.0732 5328  Serial - ok
18:07:48.0763 5328  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
18:07:48.0779 5328  sermouse - ok
18:07:48.0826 5328  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
18:07:48.0888 5328  SessionEnv - ok
18:07:48.0919 5328  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:07:48.0966 5328  sffdisk - ok
18:07:48.0982 5328  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:07:48.0997 5328  sffp_mmc - ok
18:07:49.0013 5328  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:07:49.0029 5328  sffp_sd - ok
18:07:49.0029 5328  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
18:07:49.0075 5328  sfloppy - ok
18:07:49.0107 5328  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:07:49.0153 5328  SharedAccess - ok
18:07:49.0169 5328  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:07:49.0216 5328  ShellHWDetection - ok
18:07:49.0247 5328  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
18:07:49.0278 5328  sisagp - ok
18:07:49.0309 5328  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:07:49.0325 5328  SiSRaid2 - ok
18:07:49.0356 5328  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
18:07:49.0372 5328  SiSRaid4 - ok
18:07:49.0450 5328  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
18:07:49.0465 5328  SkypeUpdate - ok
18:07:49.0497 5328  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:07:49.0528 5328  Smb - ok
18:07:49.0575 5328  [ 19301C27F3425DC39F6C599F527E507D ] smserial        C:\Windows\system32\DRIVERS\smserial.sys
18:07:49.0653 5328  smserial - ok
18:07:49.0684 5328  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:07:49.0715 5328  SNMPTRAP - ok
18:07:49.0731 5328  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:07:49.0746 5328  spldr - ok
18:07:49.0777 5328  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\Windows\System32\spoolsv.exe
18:07:49.0840 5328  Spooler - ok
18:07:49.0949 5328  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
18:07:50.0058 5328  sppsvc - ok
18:07:50.0089 5328  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:07:50.0121 5328  sppuinotify - ok
18:07:50.0152 5328  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:07:50.0199 5328  srv - ok
18:07:50.0230 5328  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:07:50.0261 5328  srv2 - ok
18:07:50.0292 5328  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:07:50.0323 5328  srvnet - ok
18:07:50.0370 5328  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:07:50.0417 5328  SSDPSRV - ok
18:07:50.0495 5328  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
18:07:50.0526 5328  ssmdrv - ok
18:07:50.0557 5328  [ EF3458337D7341A05169CEFC73709264 ] SSPORT          C:\Windows\system32\Drivers\SSPORT.sys
18:07:50.0557 5328  SSPORT ( UnsignedFile.Multi.Generic ) - warning
18:07:50.0557 5328  SSPORT - detected UnsignedFile.Multi.Generic (1)
18:07:50.0573 5328  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:07:50.0635 5328  SstpSvc - ok
18:07:50.0651 5328  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
18:07:50.0667 5328  stexstor - ok
18:07:50.0713 5328  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
18:07:50.0729 5328  StiSvc - ok
18:07:50.0760 5328  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\drivers\swenum.sys
18:07:50.0776 5328  swenum - ok
18:07:50.0791 5328  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
18:07:50.0838 5328  swprv - ok
18:07:50.0885 5328  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
18:07:50.0947 5328  SysMain - ok
18:07:50.0963 5328  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:07:50.0994 5328  TabletInputService - ok
18:07:51.0025 5328  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:07:51.0057 5328  TapiSrv - ok
18:07:51.0072 5328  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
18:07:51.0119 5328  TBS - ok
18:07:51.0166 5328  [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:07:51.0228 5328  Tcpip - ok
18:07:51.0259 5328  [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:07:51.0291 5328  TCPIP6 - ok
18:07:51.0322 5328  [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:07:51.0353 5328  tcpipreg - ok
18:07:51.0384 5328  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:07:51.0415 5328  TDPIPE - ok
18:07:51.0431 5328  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:07:51.0447 5328  TDTCP - ok
18:07:51.0478 5328  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:07:51.0509 5328  tdx - ok
18:07:51.0540 5328  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\drivers\termdd.sys
18:07:51.0556 5328  TermDD - ok
18:07:51.0603 5328  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
18:07:51.0696 5328  TermService - ok
18:07:51.0727 5328  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
18:07:51.0774 5328  Themes - ok
18:07:51.0790 5328  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
18:07:51.0821 5328  THREADORDER - ok
18:07:51.0868 5328  [ AC88D258F20909EEB91796F490CFBB73 ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
18:07:51.0883 5328  TOSHIBA Bluetooth Service - ok
18:07:51.0915 5328  [ 85B6FF02491B6DB3572B4F93E56CAB7C ] toshidpt        C:\Windows\system32\drivers\Toshidpt.sys
18:07:51.0930 5328  toshidpt - ok
18:07:51.0977 5328  [ 90AFA1A4451BBBEE87C9F18A665D8121 ] tosporte        C:\Windows\system32\DRIVERS\tosporte.sys
18:07:51.0977 5328  tosporte - ok
18:07:52.0024 5328  [ 00371CE4DA09B68BA0FF953E61820981 ] tosrfbd         C:\Windows\system32\DRIVERS\tosrfbd.sys
18:07:52.0039 5328  tosrfbd - ok
18:07:52.0071 5328  [ 74392BAB3F0D4810DA8436EC79D6955D ] tosrfbnp        C:\Windows\system32\Drivers\tosrfbnp.sys
18:07:52.0086 5328  tosrfbnp - ok
18:07:52.0102 5328  [ 1AD9EB1B5ABD0AEEE4084C8153476F1E ] Tosrfcom        C:\Windows\system32\Drivers\tosrfcom.sys
18:07:52.0102 5328  Tosrfcom - ok
18:07:52.0117 5328  [ A72A3473180F378CC07D342803FFD580 ] Tosrfhid        C:\Windows\system32\DRIVERS\Tosrfhid.sys
18:07:52.0133 5328  Tosrfhid - ok
18:07:52.0164 5328  [ B2A1A6538245FD69578224BBF2FD4677 ] tosrfnds        C:\Windows\system32\DRIVERS\tosrfnds.sys
18:07:52.0164 5328  tosrfnds - ok
18:07:52.0180 5328  [ F1CA74CCA8241D8B8A024AECC643C547 ] TosRfSnd        C:\Windows\system32\drivers\tosrfsnd.sys
18:07:52.0195 5328  TosRfSnd - ok
18:07:52.0195 5328  [ F400FB9616261A1B66E6D2E04B6C3538 ] Tosrfusb        C:\Windows\system32\DRIVERS\tosrfusb.sys
18:07:52.0211 5328  Tosrfusb - ok
18:07:52.0242 5328  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
18:07:52.0289 5328  TrkWks - ok
18:07:52.0351 5328  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:07:52.0398 5328  TrustedInstaller - ok
18:07:52.0414 5328  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:07:52.0429 5328  tssecsrv - ok
18:07:52.0476 5328  [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:07:52.0523 5328  TsUsbFlt - ok
18:07:52.0570 5328  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:07:52.0632 5328  tunnel - ok
18:07:52.0663 5328  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
18:07:52.0679 5328  uagp35 - ok
18:07:52.0695 5328  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:07:52.0741 5328  udfs - ok
18:07:52.0835 5328  [ 13BFF97E926BF8D9C1230CECC371A0C0 ] UI Assistant Service C:\Program Files\1&1 Surf-Stick\AssistantServices.exe
18:07:52.0851 5328  UI Assistant Service - ok
18:07:52.0866 5328  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:07:52.0913 5328  UI0Detect - ok
18:07:52.0944 5328  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:07:52.0960 5328  uliagpkx - ok
18:07:53.0007 5328  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\drivers\umbus.sys
18:07:53.0038 5328  umbus - ok
18:07:53.0069 5328  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
18:07:53.0085 5328  UmPass - ok
18:07:53.0116 5328  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
18:07:53.0147 5328  upnphost - ok
18:07:53.0163 5328  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:07:53.0178 5328  usbccgp - ok
18:07:53.0178 5328  USBCCID - ok
18:07:53.0225 5328  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:07:53.0256 5328  usbcir - ok
18:07:53.0287 5328  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
18:07:53.0303 5328  usbehci - ok
18:07:53.0334 5328  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:07:53.0365 5328  usbhub - ok
18:07:53.0365 5328  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:07:53.0397 5328  usbohci - ok
18:07:53.0428 5328  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:07:53.0475 5328  usbprint - ok
18:07:53.0490 5328  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:07:53.0537 5328  USBSTOR - ok
18:07:53.0553 5328  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
18:07:53.0568 5328  usbuhci - ok
18:07:53.0615 5328  [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
18:07:53.0631 5328  usbvideo - ok
18:07:53.0646 5328  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
18:07:53.0677 5328  UxSms - ok
18:07:53.0693 5328  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
18:07:53.0693 5328  VaultSvc - ok
18:07:53.0724 5328  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:07:53.0740 5328  vdrvroot - ok
18:07:53.0771 5328  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
18:07:53.0849 5328  vds - ok
18:07:53.0880 5328  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:07:53.0896 5328  vga - ok
18:07:53.0911 5328  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:07:53.0943 5328  VgaSave - ok
18:07:53.0974 5328  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:07:53.0989 5328  vhdmp - ok
18:07:54.0005 5328  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
18:07:54.0021 5328  viaagp - ok
18:07:54.0036 5328  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
18:07:54.0067 5328  ViaC7 - ok
18:07:54.0083 5328  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
18:07:54.0099 5328  viaide - ok
18:07:54.0114 5328  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:07:54.0130 5328  volmgr - ok
18:07:54.0145 5328  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:07:54.0161 5328  volmgrx - ok
18:07:54.0177 5328  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:07:54.0192 5328  volsnap - ok
18:07:54.0223 5328  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
18:07:54.0239 5328  vsmraid - ok
18:07:54.0286 5328  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
18:07:54.0364 5328  VSS - ok
18:07:54.0379 5328  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
18:07:54.0411 5328  vwifibus - ok
18:07:54.0442 5328  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:07:54.0457 5328  vwififlt - ok
18:07:54.0504 5328  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
18:07:54.0567 5328  W32Time - ok
18:07:54.0582 5328  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
18:07:54.0613 5328  WacomPen - ok
18:07:54.0660 5328  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:07:54.0707 5328  WANARP - ok
18:07:54.0707 5328  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:07:54.0738 5328  Wanarpv6 - ok
18:07:54.0785 5328  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
18:07:54.0863 5328  wbengine - ok
18:07:54.0894 5328  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:07:54.0925 5328  WbioSrvc - ok
18:07:54.0957 5328  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:07:54.0988 5328  wcncsvc - ok
18:07:55.0003 5328  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:07:55.0035 5328  WcsPlugInService - ok
18:07:55.0066 5328  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
18:07:55.0066 5328  Wd - ok
18:07:55.0097 5328  [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:07:55.0113 5328  Wdf01000 - ok
18:07:55.0128 5328  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:07:55.0175 5328  WdiServiceHost - ok
18:07:55.0191 5328  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:07:55.0206 5328  WdiSystemHost - ok
18:07:55.0222 5328  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
18:07:55.0253 5328  WebClient - ok
18:07:55.0269 5328  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:07:55.0300 5328  Wecsvc - ok
18:07:55.0315 5328  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:07:55.0347 5328  wercplsupport - ok
18:07:55.0362 5328  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:07:55.0409 5328  WerSvc - ok
18:07:55.0471 5328  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:07:55.0503 5328  WfpLwf - ok
18:07:55.0518 5328  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:07:55.0534 5328  WIMMount - ok
18:07:55.0596 5328  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
18:07:55.0659 5328  WinDefend - ok
18:07:55.0659 5328  WinHttpAutoProxySvc - ok
18:07:55.0737 5328  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:07:55.0799 5328  Winmgmt - ok
18:07:55.0846 5328  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
18:07:55.0939 5328  WinRM - ok
18:07:55.0986 5328  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\Windows\system32\DRIVERS\WinUSB.sys
18:07:56.0017 5328  WinUsb - ok
18:07:56.0064 5328  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:07:56.0127 5328  Wlansvc - ok
18:07:56.0173 5328  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:07:56.0205 5328  WmiAcpi - ok
18:07:56.0251 5328  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:07:56.0283 5328  wmiApSrv - ok
18:07:56.0361 5328  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
18:07:56.0454 5328  WMPNetworkSvc - ok
18:07:56.0470 5328  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:07:56.0532 5328  WPCSvc - ok
18:07:56.0563 5328  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:07:56.0579 5328  WPDBusEnum - ok
18:07:56.0610 5328  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:07:56.0641 5328  ws2ifsl - ok
18:07:56.0657 5328  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\System32\wscsvc.dll
18:07:56.0704 5328  wscsvc - ok
18:07:56.0704 5328  WSearch - ok
18:07:56.0797 5328  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
18:07:56.0891 5328  wuauserv - ok
18:07:56.0922 5328  [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:07:56.0969 5328  WudfPf - ok
18:07:57.0016 5328  [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:07:57.0063 5328  WUDFRd - ok
18:07:57.0109 5328  [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:07:57.0172 5328  wudfsvc - ok
18:07:57.0203 5328  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:07:57.0219 5328  WwanSvc - ok
18:07:57.0250 5328  [ 3862318F85BE7A91957ADA5E814ED58C ] ZTEusbmdm6k     C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
18:07:57.0312 5328  ZTEusbmdm6k - ok
18:07:57.0343 5328  [ 3862318F85BE7A91957ADA5E814ED58C ] ZTEusbnmea      C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
18:07:57.0359 5328  ZTEusbnmea - ok
18:07:57.0406 5328  [ 3862318F85BE7A91957ADA5E814ED58C ] ZTEusbser6k     C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
18:07:57.0406 5328  ZTEusbser6k - ok
18:07:57.0437 5328  ================ Scan global ===============================
18:07:57.0468 5328  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
18:07:57.0499 5328  [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
18:07:57.0515 5328  [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
18:07:57.0562 5328  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
18:07:57.0593 5328  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
18:07:57.0609 5328  [Global] - ok
18:07:57.0609 5328  ================ Scan MBR ==================================
18:07:57.0624 5328  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:07:57.0921 5328  \Device\Harddisk0\DR0 - ok
18:07:57.0921 5328  ================ Scan VBR ==================================
18:07:57.0936 5328  [ FD1A05EB21DD92D9D3644AE8F4376E1B ] \Device\Harddisk0\DR0\Partition1
18:07:57.0936 5328  \Device\Harddisk0\DR0\Partition1 - ok
18:07:57.0952 5328  [ 0BAECE3662EFD8A20E6E9F3703269473 ] \Device\Harddisk0\DR0\Partition2
18:07:57.0952 5328  \Device\Harddisk0\DR0\Partition2 - ok
18:07:57.0952 5328  ============================================================
18:07:57.0952 5328  Scan finished
18:07:57.0952 5328  ============================================================
18:07:57.0967 4244  Detected object count: 2
18:07:57.0967 4244  Actual detected object count: 2
18:09:41.0143 4244  C:\Program Files\System Control Manager\MSIService.exe - copied to quarantine
18:09:41.0143 4244  Micro Star SCM ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 
18:09:41.0158 4244  C:\Windows\system32\Drivers\SSPORT.sys - copied to quarantine
18:09:41.0158 4244  SSPORT ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
         


Alt 15.11.2012, 20:59   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Wie Claro-Search bei Firefox entfernen? - Standard

Wie Claro-Search bei Firefox entfernen?



Zitat:
18:09:41.0143 4244 C:\Program Files\System Control Manager\MSIService.exe - copied to quarantine
18:09:41.0143 4244 Micro Star SCM ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
18:09:41.0158 4244 C:\Windows\system32\Drivers\SSPORT.sys - copied to quarantine
18:09:41.0158 4244 SSPORT ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
Was soll das?!
Ich hab dich anfangs gebeten die Anleitungen sorgfältig zu lesen und umzusetzen und dennoch schlägst du die gut sichtbar geposteten Hinweise zum TDSS-Killer in den Wind!

Du solltest doch alles was der listet auf skip lassen!
__________________
--> Wie Claro-Search bei Firefox entfernen?

Alt 16.11.2012, 02:57   #7
F.H.
 
Wie Claro-Search bei Firefox entfernen? - Standard

Wie Claro-Search bei Firefox entfernen?



Hallo,

das stimmt. Ich war unaufmerksam. Dies ist nun leider nicht mehr zu ändern und ich werde versuchen in Zukunft besser aufzupassen.
Es tut mir leid.

F.H.

Alt 16.11.2012, 08:49   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Wie Claro-Search bei Firefox entfernen? - Standard

Wie Claro-Search bei Firefox entfernen?



Ich hoffe mal nur, dass der TDSS-Killer die Sachen nur in seine Q kopiert und nicht verschoben hat. Führ den TDSS-Killer bitte nochmal richtig aus und poste das neue Log.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 16.11.2012, 10:22   #9
F.H.
 
Wie Claro-Search bei Firefox entfernen? - Standard

Wie Claro-Search bei Firefox entfernen?



Hallo,

hier die neue Auswertung. Ich hoffe auch, dass ich durch meinen Fehler nicht noch mehr Schaden angerichtet habe. Ich danke sehr für die Bereitschaft weiter mit mir zu arbeiten.

Code:
ATTFilter
11:19:28.0585 2588  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:19:28.0715 2588  ============================================================
11:19:28.0715 2588  Current date / time: 2012/11/16 11:19:28.0715
11:19:28.0715 2588  SystemInfo:
11:19:28.0715 2588  
11:19:28.0715 2588  OS Version: 6.1.7601 ServicePack: 1.0
11:19:28.0715 2588  Product type: Workstation
11:19:28.0715 2588  ComputerName: FRIEDERIKE-MSI
11:19:28.0715 2588  UserName: Friederike
11:19:28.0715 2588  Windows directory: C:\Windows
11:19:28.0715 2588  System windows directory: C:\Windows
11:19:28.0715 2588  Processor architecture: Intel x86
11:19:28.0715 2588  Number of processors: 2
11:19:28.0715 2588  Page size: 0x1000
11:19:28.0715 2588  Boot type: Normal boot
11:19:28.0715 2588  ============================================================
11:19:32.0347 2588  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:19:32.0347 2588  ============================================================
11:19:32.0347 2588  \Device\Harddisk0\DR0:
11:19:32.0347 2588  MBR partitions:
11:19:32.0347 2588  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1432800, BlocksNum 0x222CB800
11:19:32.0347 2588  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x236FE000, BlocksNum 0x16C87800
11:19:32.0347 2588  ============================================================
11:19:32.0387 2588  C: <-> \Device\Harddisk0\DR0\Partition1
11:19:32.0417 2588  D: <-> \Device\Harddisk0\DR0\Partition2
11:19:32.0417 2588  ============================================================
11:19:32.0417 2588  Initialize success
11:19:32.0417 2588  ============================================================
11:19:53.0977 2780  ============================================================
11:19:53.0977 2780  Scan started
11:19:53.0977 2780  Mode: Manual; SigCheck; TDLFS; 
11:19:53.0977 2780  ============================================================
11:19:57.0117 2780  ================ Scan system memory ========================
11:19:57.0117 2780  System memory - ok
11:19:57.0117 2780  ================ Scan services =============================
11:19:57.0597 2780  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:19:57.0787 2780  1394ohci - ok
11:19:57.0917 2780  [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon        C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
11:19:57.0937 2780  ACDaemon - ok
11:19:57.0987 2780  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:19:58.0007 2780  ACPI - ok
11:19:58.0057 2780  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:19:58.0177 2780  AcpiPmi - ok
11:19:58.0297 2780  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
11:19:58.0317 2780  AdobeARMservice - ok
11:19:58.0377 2780  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
11:19:58.0477 2780  adp94xx - ok
11:19:58.0517 2780  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
11:19:58.0557 2780  adpahci - ok
11:19:58.0587 2780  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
11:19:58.0607 2780  adpu320 - ok
11:19:58.0707 2780  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:19:58.0807 2780  AeLookupSvc - ok
11:19:58.0867 2780  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
11:19:58.0987 2780  AFD - ok
11:19:59.0047 2780  [ 6416F9B6B220F0A890525C38235AFAD7 ] AgereModemAudio C:\Program Files\LSI SoftModem\agrsmsvc.exe
11:19:59.0117 2780  AgereModemAudio - ok
11:19:59.0187 2780  [ 7C4297D354445AD0A3435889A2E4CAC2 ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
11:19:59.0537 2780  AgereSoftModem - ok
11:19:59.0557 2780  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
11:19:59.0597 2780  agp440 - ok
11:19:59.0627 2780  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
11:19:59.0647 2780  aic78xx - ok
11:19:59.0697 2780  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
11:19:59.0737 2780  ALG - ok
11:19:59.0767 2780  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:19:59.0777 2780  aliide - ok
11:19:59.0797 2780  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
11:19:59.0817 2780  amdagp - ok
11:19:59.0837 2780  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
11:19:59.0857 2780  amdide - ok
11:19:59.0877 2780  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
11:19:59.0947 2780  AmdK8 - ok
11:19:59.0947 2780  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
11:20:00.0017 2780  AmdPPM - ok
11:20:00.0057 2780  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:20:00.0077 2780  amdsata - ok
11:20:00.0107 2780  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
11:20:00.0127 2780  amdsbs - ok
11:20:00.0137 2780  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:20:00.0157 2780  amdxata - ok
11:20:00.0227 2780  [ A5569C4429D1C5494049FBFE2B2D20FF ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
11:20:00.0247 2780  AntiVirSchedulerService - ok
11:20:00.0337 2780  [ CB7EA00A4E70DF6828EBB68633D000D2 ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
11:20:00.0347 2780  AntiVirService - ok
11:20:00.0397 2780  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
11:20:00.0587 2780  AppID - ok
11:20:00.0617 2780  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:20:00.0777 2780  AppIDSvc - ok
11:20:00.0837 2780  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo         C:\Windows\System32\appinfo.dll
11:20:01.0047 2780  Appinfo - ok
11:20:01.0107 2780  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
11:20:01.0157 2780  arc - ok
11:20:01.0167 2780  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
11:20:01.0197 2780  arcsas - ok
11:20:01.0247 2780  [ DFD07F0A36BD4F7E7AD2BC5548213694 ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
11:20:01.0267 2780  ArcSoftKsUFilter - ok
11:20:01.0327 2780  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:20:01.0417 2780  AsyncMac - ok
11:20:01.0497 2780  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
11:20:01.0517 2780  atapi - ok
11:20:01.0597 2780  [ 2EB96571FE865F07ED1FD6017575026F ] athr            C:\Windows\system32\DRIVERS\athr.sys
11:20:01.0807 2780  athr - ok
11:20:01.0907 2780  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:20:02.0007 2780  AudioEndpointBuilder - ok
11:20:02.0017 2780  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
11:20:02.0047 2780  Audiosrv - ok
11:20:02.0117 2780  [ 680B3A1BE559B5D5AAC04C7949469DD6 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
11:20:02.0147 2780  avgntflt - ok
11:20:02.0227 2780  [ 6B289080B9752DAD39C1C2B98B479DCE ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
11:20:02.0267 2780  avipbb - ok
11:20:02.0317 2780  [ FFB78D74E1EA5F811341A6E7AC547A46 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
11:20:02.0337 2780  avkmgr - ok
11:20:02.0407 2780  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:20:02.0447 2780  AxInstSV - ok
11:20:02.0497 2780  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
11:20:02.0537 2780  b06bdrv - ok
11:20:02.0567 2780  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
11:20:02.0617 2780  b57nd60x - ok
11:20:02.0687 2780  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:20:02.0737 2780  BDESVC - ok
11:20:02.0757 2780  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:20:02.0797 2780  Beep - ok
11:20:02.0847 2780  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
11:20:02.0917 2780  BFE - ok
11:20:02.0967 2780  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\System32\qmgr.dll
11:20:03.0017 2780  BITS - ok
11:20:03.0027 2780  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:20:03.0067 2780  blbdrive - ok
11:20:03.0097 2780  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:20:03.0137 2780  bowser - ok
11:20:03.0147 2780  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:20:03.0197 2780  BrFiltLo - ok
11:20:03.0207 2780  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:20:03.0247 2780  BrFiltUp - ok
11:20:03.0277 2780  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
11:20:03.0337 2780  Browser - ok
11:20:03.0377 2780  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:20:03.0447 2780  Brserid - ok
11:20:03.0447 2780  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:20:03.0497 2780  BrSerWdm - ok
11:20:03.0497 2780  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:20:03.0547 2780  BrUsbMdm - ok
11:20:03.0557 2780  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:20:03.0607 2780  BrUsbSer - ok
11:20:03.0637 2780  [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
11:20:03.0717 2780  BthEnum - ok
11:20:03.0727 2780  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
11:20:03.0767 2780  BTHMODEM - ok
11:20:03.0777 2780  [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
11:20:03.0817 2780  BthPan - ok
11:20:03.0857 2780  [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
11:20:03.0937 2780  BTHPORT - ok
11:20:03.0987 2780  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
11:20:04.0077 2780  bthserv - ok
11:20:04.0087 2780  [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
11:20:04.0127 2780  BTHUSB - ok
11:20:04.0167 2780  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:20:04.0227 2780  cdfs - ok
11:20:04.0267 2780  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
11:20:04.0317 2780  cdrom - ok
11:20:04.0367 2780  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
11:20:04.0437 2780  CertPropSvc - ok
11:20:04.0477 2780  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
11:20:04.0547 2780  circlass - ok
11:20:04.0587 2780  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
11:20:04.0637 2780  CLFS - ok
11:20:04.0737 2780  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:20:04.0767 2780  clr_optimization_v2.0.50727_32 - ok
11:20:04.0837 2780  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:20:04.0877 2780  clr_optimization_v4.0.30319_32 - ok
11:20:04.0907 2780  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
11:20:04.0947 2780  CmBatt - ok
11:20:04.0977 2780  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:20:05.0007 2780  cmdide - ok
11:20:05.0047 2780  [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG             C:\Windows\system32\Drivers\cng.sys
11:20:05.0127 2780  CNG - ok
11:20:05.0157 2780  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
11:20:05.0187 2780  Compbatt - ok
11:20:05.0227 2780  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
11:20:05.0267 2780  CompositeBus - ok
11:20:05.0277 2780  COMSysApp - ok
11:20:05.0307 2780  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
11:20:05.0337 2780  crcdisk - ok
11:20:05.0387 2780  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:20:05.0447 2780  CryptSvc - ok
11:20:05.0477 2780  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:20:05.0567 2780  DcomLaunch - ok
11:20:05.0607 2780  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
11:20:05.0697 2780  defragsvc - ok
11:20:05.0737 2780  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:20:05.0797 2780  DfsC - ok
11:20:05.0837 2780  DgiVecp - ok
11:20:05.0897 2780  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:20:05.0937 2780  Dhcp - ok
11:20:05.0967 2780  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
11:20:06.0037 2780  discache - ok
11:20:06.0077 2780  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
11:20:06.0097 2780  Disk - ok
11:20:06.0127 2780  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:20:06.0187 2780  Dnscache - ok
11:20:06.0227 2780  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:20:06.0307 2780  dot3svc - ok
11:20:06.0327 2780  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
11:20:06.0407 2780  DPS - ok
11:20:06.0447 2780  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:20:06.0497 2780  drmkaud - ok
11:20:06.0547 2780  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:20:06.0607 2780  DXGKrnl - ok
11:20:06.0627 2780  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
11:20:06.0677 2780  EapHost - ok
11:20:06.0757 2780  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
11:20:06.0917 2780  ebdrv - ok
11:20:06.0947 2780  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
11:20:06.0967 2780  EFS - ok
11:20:07.0027 2780  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:20:07.0117 2780  ehRecvr - ok
11:20:07.0157 2780  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
11:20:07.0197 2780  ehSched - ok
11:20:07.0257 2780  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
11:20:07.0297 2780  elxstor - ok
11:20:07.0337 2780  [ F13C945115B8A8C7C4427D5925F88F23 ] enecir          C:\Windows\system32\DRIVERS\enecir.sys
11:20:07.0387 2780  enecir - ok
11:20:07.0407 2780  [ 65BF24816C2814596253F312DD35F171 ] enecirhid       C:\Windows\system32\DRIVERS\enecirhid.sys
11:20:07.0427 2780  enecirhid - ok
11:20:07.0437 2780  [ 97D41E2831AC117AF9BF8D0D9E9D027F ] enecirhidma     C:\Windows\system32\DRIVERS\enecirhidma.sys
11:20:07.0457 2780  enecirhidma - ok
11:20:07.0487 2780  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:20:07.0517 2780  ErrDev - ok
11:20:07.0577 2780  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
11:20:07.0657 2780  EventSystem - ok
11:20:07.0677 2780  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
11:20:07.0767 2780  exfat - ok
11:20:07.0777 2780  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:20:07.0857 2780  fastfat - ok
11:20:07.0907 2780  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
11:20:07.0977 2780  Fax - ok
11:20:07.0997 2780  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
11:20:08.0027 2780  fdc - ok
11:20:08.0057 2780  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
11:20:08.0127 2780  fdPHost - ok
11:20:08.0147 2780  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
11:20:08.0207 2780  FDResPub - ok
11:20:08.0237 2780  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:20:08.0257 2780  FileInfo - ok
11:20:08.0257 2780  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:20:08.0327 2780  Filetrace - ok
11:20:08.0327 2780  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
11:20:08.0357 2780  flpydisk - ok
11:20:08.0377 2780  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:20:08.0437 2780  FltMgr - ok
11:20:08.0497 2780  [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache       C:\Windows\system32\FntCache.dll
11:20:08.0577 2780  FontCache - ok
11:20:08.0637 2780  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:20:08.0667 2780  FontCache3.0.0.0 - ok
11:20:08.0677 2780  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:20:08.0707 2780  FsDepends - ok
11:20:08.0727 2780  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:20:08.0757 2780  Fs_Rec - ok
11:20:08.0817 2780  [ 8A73E79089B282100B9393B644CB853B ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:20:08.0877 2780  fvevol - ok
11:20:08.0917 2780  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
11:20:08.0957 2780  gagp30kx - ok
11:20:09.0007 2780  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
11:20:09.0107 2780  gpsvc - ok
11:20:09.0137 2780  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:20:09.0157 2780  hcw85cir - ok
11:20:09.0217 2780  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:20:09.0357 2780  HdAudAddService - ok
11:20:09.0387 2780  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
11:20:09.0427 2780  HDAudBus - ok
11:20:09.0447 2780  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
11:20:09.0487 2780  HidBatt - ok
11:20:09.0487 2780  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
11:20:09.0527 2780  HidBth - ok
11:20:09.0587 2780  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
11:20:09.0627 2780  HidIr - ok
11:20:09.0667 2780  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\system32\hidserv.dll
11:20:09.0737 2780  hidserv - ok
11:20:09.0777 2780  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
11:20:09.0817 2780  HidUsb - ok
11:20:09.0847 2780  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:20:09.0917 2780  hkmsvc - ok
11:20:09.0957 2780  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:20:10.0037 2780  HomeGroupListener - ok
11:20:10.0067 2780  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:20:10.0137 2780  HomeGroupProvider - ok
11:20:10.0177 2780  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:20:10.0217 2780  HpSAMD - ok
11:20:10.0247 2780  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:20:10.0337 2780  HTTP - ok
11:20:10.0377 2780  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:20:10.0387 2780  hwpolicy - ok
11:20:10.0447 2780  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
11:20:10.0477 2780  i8042prt - ok
11:20:10.0547 2780  [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
11:20:10.0567 2780  IAANTMON - ok
11:20:10.0617 2780  [ D483687EACE0C065EE772481A96E05F5 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
11:20:10.0627 2780  iaStor - ok
11:20:10.0647 2780  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:20:10.0687 2780  iaStorV - ok
11:20:10.0747 2780  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:20:10.0857 2780  idsvc - ok
11:20:10.0897 2780  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
11:20:10.0937 2780  iirsp - ok
11:20:10.0977 2780  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
11:20:11.0097 2780  IKEEXT - ok
11:20:11.0207 2780  [ F2BAA4FF548F7F0317F7638951C1CD9C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
11:20:11.0287 2780  IntcAzAudAddService - ok
11:20:11.0307 2780  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
11:20:11.0327 2780  intelide - ok
11:20:11.0347 2780  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:20:11.0367 2780  intelppm - ok
11:20:11.0407 2780  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:20:11.0467 2780  IPBusEnum - ok
11:20:11.0487 2780  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:20:11.0537 2780  IpFilterDriver - ok
11:20:11.0567 2780  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:20:11.0607 2780  iphlpsvc - ok
11:20:11.0627 2780  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:20:11.0657 2780  IPMIDRV - ok
11:20:11.0677 2780  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:20:11.0707 2780  IPNAT - ok
11:20:11.0737 2780  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:20:11.0787 2780  IRENUM - ok
11:20:11.0827 2780  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:20:11.0857 2780  isapnp - ok
11:20:11.0877 2780  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:20:11.0927 2780  iScsiPrt - ok
11:20:11.0957 2780  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
11:20:11.0987 2780  kbdclass - ok
11:20:12.0027 2780  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
11:20:12.0077 2780  kbdhid - ok
11:20:12.0087 2780  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
11:20:12.0117 2780  KeyIso - ok
11:20:12.0137 2780  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:20:12.0177 2780  KSecDD - ok
11:20:12.0187 2780  [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:20:12.0227 2780  KSecPkg - ok
11:20:12.0277 2780  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:20:12.0367 2780  KtmRm - ok
11:20:12.0397 2780  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:20:12.0447 2780  LanmanServer - ok
11:20:12.0477 2780  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:20:12.0557 2780  LanmanWorkstation - ok
11:20:12.0617 2780  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:20:12.0697 2780  lltdio - ok
11:20:12.0737 2780  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:20:12.0797 2780  lltdsvc - ok
11:20:12.0817 2780  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:20:12.0857 2780  lmhosts - ok
11:20:12.0887 2780  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
11:20:12.0907 2780  LSI_FC - ok
11:20:12.0917 2780  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
11:20:12.0937 2780  LSI_SAS - ok
11:20:12.0947 2780  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:20:12.0967 2780  LSI_SAS2 - ok
11:20:12.0987 2780  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:20:13.0007 2780  LSI_SCSI - ok
11:20:13.0027 2780  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
11:20:13.0077 2780  luafv - ok
11:20:13.0137 2780  [ 59A2783ABA6019BED0C843C706E10A6A ] massfilter      C:\Windows\system32\drivers\massfilter.sys
11:20:13.0177 2780  massfilter - ok
11:20:13.0237 2780  [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe
11:20:13.0317 2780  McComponentHostService - ok
11:20:13.0337 2780  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:20:13.0377 2780  Mcx2Svc - ok
11:20:13.0427 2780  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
11:20:13.0447 2780  megasas - ok
11:20:13.0477 2780  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
11:20:13.0507 2780  MegaSR - ok
11:20:13.0577 2780  [ 71C6748EE8DE938532057EF10B4B7E44 ] Micro Star SCM  C:\Program Files\System Control Manager\MSIService.exe
11:20:13.0597 2780  Micro Star SCM ( UnsignedFile.Multi.Generic ) - warning
11:20:13.0597 2780  Micro Star SCM - detected UnsignedFile.Multi.Generic (1)
11:20:13.0627 2780  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
11:20:13.0677 2780  MMCSS - ok
11:20:13.0697 2780  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
11:20:13.0737 2780  Modem - ok
11:20:13.0757 2780  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:20:13.0787 2780  monitor - ok
11:20:13.0817 2780  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
11:20:13.0837 2780  mouclass - ok
11:20:13.0847 2780  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:20:13.0887 2780  mouhid - ok
11:20:13.0907 2780  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:20:13.0927 2780  mountmgr - ok
11:20:13.0977 2780  [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:20:13.0997 2780  MozillaMaintenance - ok
11:20:14.0037 2780  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:20:14.0067 2780  mpio - ok
11:20:14.0077 2780  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:20:14.0127 2780  mpsdrv - ok
11:20:14.0167 2780  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:20:14.0247 2780  MpsSvc - ok
11:20:14.0297 2780  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:20:14.0367 2780  MRxDAV - ok
11:20:14.0387 2780  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:20:14.0417 2780  mrxsmb - ok
11:20:14.0437 2780  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:20:14.0487 2780  mrxsmb10 - ok
11:20:14.0517 2780  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:20:14.0557 2780  mrxsmb20 - ok
11:20:14.0587 2780  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
11:20:14.0617 2780  msahci - ok
11:20:14.0637 2780  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:20:14.0657 2780  msdsm - ok
11:20:14.0677 2780  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
11:20:14.0717 2780  MSDTC - ok
11:20:14.0767 2780  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:20:14.0877 2780  Msfs - ok
11:20:14.0937 2780  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:20:14.0977 2780  mshidkmdf - ok
11:20:15.0007 2780  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:20:15.0017 2780  msisadrv - ok
11:20:15.0077 2780  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:20:15.0127 2780  MSiSCSI - ok
11:20:15.0127 2780  msiserver - ok
11:20:15.0147 2780  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:20:15.0197 2780  MSKSSRV - ok
11:20:15.0207 2780  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:20:15.0257 2780  MSPCLOCK - ok
11:20:15.0267 2780  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:20:15.0327 2780  MSPQM - ok
11:20:15.0347 2780  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:20:15.0387 2780  MsRPC - ok
11:20:15.0417 2780  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
11:20:15.0437 2780  mssmbios - ok
11:20:15.0457 2780  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:20:15.0487 2780  MSTEE - ok
11:20:15.0497 2780  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
11:20:15.0527 2780  MTConfig - ok
11:20:15.0557 2780  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
11:20:15.0587 2780  Mup - ok
11:20:15.0617 2780  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
11:20:15.0677 2780  napagent - ok
11:20:15.0697 2780  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:20:15.0717 2780  NativeWifiP - ok
11:20:15.0777 2780  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:20:15.0827 2780  NDIS - ok
11:20:15.0877 2780  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:20:15.0937 2780  NdisCap - ok
11:20:15.0967 2780  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:20:15.0997 2780  NdisTapi - ok
11:20:16.0037 2780  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:20:16.0067 2780  Ndisuio - ok
11:20:16.0107 2780  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:20:16.0157 2780  NdisWan - ok
11:20:16.0167 2780  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:20:16.0217 2780  NDProxy - ok
11:20:16.0247 2780  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:20:16.0297 2780  NetBIOS - ok
11:20:16.0327 2780  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:20:16.0407 2780  NetBT - ok
11:20:16.0427 2780  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
11:20:16.0437 2780  Netlogon - ok
11:20:16.0517 2780  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
11:20:16.0577 2780  Netman - ok
11:20:16.0597 2780  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
11:20:16.0657 2780  netprofm - ok
11:20:16.0687 2780  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:20:16.0707 2780  NetTcpPortSharing - ok
11:20:16.0867 2780  [ EF51B405AD8ACAAE6F0231290D20F516 ] NETw5s32        C:\Windows\system32\DRIVERS\NETw5s32.sys
11:20:17.0097 2780  NETw5s32 - ok
11:20:17.0117 2780  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
11:20:17.0137 2780  nfrd960 - ok
11:20:17.0167 2780  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:20:17.0187 2780  NlaSvc - ok
11:20:17.0217 2780  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:20:17.0267 2780  Npfs - ok
11:20:17.0297 2780  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
11:20:17.0337 2780  nsi - ok
11:20:17.0357 2780  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:20:17.0407 2780  nsiproxy - ok
11:20:17.0517 2780  [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:20:17.0677 2780  Ntfs - ok
11:20:17.0707 2780  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
11:20:17.0757 2780  Null - ok
11:20:18.0007 2780  [ 2713392707E515EFB671751FA767EBD2 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:20:18.0437 2780  nvlddmkm - ok
11:20:18.0477 2780  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:20:18.0497 2780  nvraid - ok
11:20:18.0527 2780  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:20:18.0557 2780  nvstor - ok
11:20:18.0587 2780  [ D445466C0A10536486FBEBBC271D6E34 ] nvsvc           C:\windows\system32\nvvsvc.exe
11:20:18.0607 2780  nvsvc - ok
11:20:18.0647 2780  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:20:18.0667 2780  nv_agp - ok
11:20:18.0737 2780  [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:20:18.0777 2780  odserv - ok
11:20:18.0797 2780  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:20:18.0827 2780  ohci1394 - ok
11:20:18.0887 2780  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:20:18.0907 2780  ose - ok
11:20:18.0937 2780  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:20:18.0997 2780  p2pimsvc - ok
11:20:19.0037 2780  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
11:20:19.0077 2780  p2psvc - ok
11:20:19.0127 2780  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
11:20:19.0157 2780  Parport - ok
11:20:19.0187 2780  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:20:19.0207 2780  partmgr - ok
11:20:19.0217 2780  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
11:20:19.0267 2780  Parvdm - ok
11:20:19.0287 2780  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:20:19.0317 2780  PcaSvc - ok
11:20:19.0347 2780  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
11:20:19.0387 2780  pci - ok
11:20:19.0417 2780  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
11:20:19.0437 2780  pciide - ok
11:20:19.0457 2780  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
11:20:19.0487 2780  pcmcia - ok
11:20:19.0497 2780  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
11:20:19.0517 2780  pcw - ok
11:20:19.0537 2780  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:20:19.0597 2780  PEAUTH - ok
11:20:19.0707 2780  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
11:20:19.0857 2780  pla - ok
11:20:19.0897 2780  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:20:19.0957 2780  PlugPlay - ok
11:20:19.0977 2780  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:20:20.0007 2780  PNRPAutoReg - ok
11:20:20.0027 2780  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:20:20.0047 2780  PNRPsvc - ok
11:20:20.0087 2780  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:20:20.0157 2780  PolicyAgent - ok
11:20:20.0177 2780  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
11:20:20.0237 2780  Power - ok
11:20:20.0277 2780  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:20:20.0307 2780  PptpMiniport - ok
11:20:20.0347 2780  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
11:20:20.0367 2780  Processor - ok
11:20:20.0407 2780  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
11:20:20.0437 2780  ProfSvc - ok
11:20:20.0457 2780  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:20:20.0467 2780  ProtectedStorage - ok
11:20:20.0517 2780  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:20:20.0547 2780  Psched - ok
11:20:20.0597 2780  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
11:20:20.0687 2780  ql2300 - ok
11:20:20.0697 2780  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
11:20:20.0717 2780  ql40xx - ok
11:20:20.0747 2780  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
11:20:20.0797 2780  QWAVE - ok
11:20:20.0827 2780  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:20:20.0877 2780  QWAVEdrv - ok
11:20:20.0877 2780  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:20:20.0927 2780  RasAcd - ok
11:20:20.0977 2780  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:20:21.0017 2780  RasAgileVpn - ok
11:20:21.0027 2780  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
11:20:21.0077 2780  RasAuto - ok
11:20:21.0097 2780  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:20:21.0137 2780  Rasl2tp - ok
11:20:21.0207 2780  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
11:20:21.0267 2780  RasMan - ok
11:20:21.0277 2780  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:20:21.0327 2780  RasPppoe - ok
11:20:21.0367 2780  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:20:21.0437 2780  RasSstp - ok
11:20:21.0487 2780  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:20:21.0577 2780  rdbss - ok
11:20:21.0607 2780  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
11:20:21.0627 2780  rdpbus - ok
11:20:21.0657 2780  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:20:21.0687 2780  RDPCDD - ok
11:20:21.0727 2780  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:20:21.0767 2780  RDPENCDD - ok
11:20:21.0787 2780  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:20:21.0847 2780  RDPREFMP - ok
11:20:21.0887 2780  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:20:21.0937 2780  RDPWD - ok
11:20:21.0997 2780  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:20:22.0027 2780  rdyboost - ok
11:20:22.0057 2780  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:20:22.0097 2780  RemoteAccess - ok
11:20:22.0137 2780  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:20:22.0197 2780  RemoteRegistry - ok
11:20:22.0257 2780  [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
11:20:22.0297 2780  RFCOMM - ok
11:20:22.0347 2780  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:20:22.0417 2780  RpcEptMapper - ok
11:20:22.0457 2780  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
11:20:22.0497 2780  RpcLocator - ok
11:20:22.0537 2780  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\system32\rpcss.dll
11:20:22.0587 2780  RpcSs - ok
11:20:22.0627 2780  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:20:22.0707 2780  rspndr - ok
11:20:22.0747 2780  [ 434DCF7AE4300C876AA40873E3113983 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
11:20:22.0817 2780  RSUSBSTOR - ok
11:20:22.0867 2780  [ 26A9D6227D12B9D9DA5A81BB9B55D810 ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
11:20:22.0937 2780  RTL8167 - ok
11:20:22.0967 2780  RtsUIR - ok
11:20:22.0977 2780  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
11:20:23.0007 2780  SamSs - ok
11:20:23.0037 2780  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:20:23.0077 2780  sbp2port - ok
11:20:23.0127 2780  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:20:23.0207 2780  SCardSvr - ok
11:20:23.0227 2780  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:20:23.0267 2780  scfilter - ok
11:20:23.0327 2780  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
11:20:23.0437 2780  Schedule - ok
11:20:23.0467 2780  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:20:23.0497 2780  SCPolicySvc - ok
11:20:23.0547 2780  [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus           C:\Windows\system32\drivers\sdbus.sys
11:20:23.0607 2780  sdbus - ok
11:20:23.0657 2780  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:20:23.0727 2780  SDRSVC - ok
11:20:23.0777 2780  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:20:23.0837 2780  secdrv - ok
11:20:23.0877 2780  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
11:20:23.0947 2780  seclogon - ok
11:20:23.0967 2780  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\System32\sens.dll
11:20:24.0017 2780  SENS - ok
11:20:24.0027 2780  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:20:24.0047 2780  SensrSvc - ok
11:20:24.0067 2780  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
11:20:24.0077 2780  Serenum - ok
11:20:24.0087 2780  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
11:20:24.0117 2780  Serial - ok
11:20:24.0137 2780  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
11:20:24.0167 2780  sermouse - ok
11:20:24.0217 2780  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
11:20:24.0267 2780  SessionEnv - ok
11:20:24.0297 2780  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:20:24.0327 2780  sffdisk - ok
11:20:24.0347 2780  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:20:24.0387 2780  sffp_mmc - ok
11:20:24.0407 2780  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:20:24.0437 2780  sffp_sd - ok
11:20:24.0447 2780  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
11:20:24.0487 2780  sfloppy - ok
11:20:24.0527 2780  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:20:24.0627 2780  SharedAccess - ok
11:20:24.0647 2780  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:20:24.0737 2780  ShellHWDetection - ok
11:20:24.0767 2780  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
11:20:24.0797 2780  sisagp - ok
11:20:24.0817 2780  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:20:24.0857 2780  SiSRaid2 - ok
11:20:24.0897 2780  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
11:20:24.0927 2780  SiSRaid4 - ok
11:20:24.0987 2780  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
11:20:25.0007 2780  SkypeUpdate - ok
11:20:25.0037 2780  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:20:25.0087 2780  Smb - ok
11:20:25.0137 2780  [ 19301C27F3425DC39F6C599F527E507D ] smserial        C:\Windows\system32\DRIVERS\smserial.sys
11:20:25.0207 2780  smserial - ok
11:20:25.0247 2780  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:20:25.0267 2780  SNMPTRAP - ok
11:20:25.0297 2780  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:20:25.0317 2780  spldr - ok
11:20:25.0347 2780  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\Windows\System32\spoolsv.exe
11:20:25.0407 2780  Spooler - ok
11:20:25.0507 2780  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
11:20:25.0627 2780  sppsvc - ok
11:20:25.0697 2780  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:20:25.0777 2780  sppuinotify - ok
11:20:25.0827 2780  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:20:25.0917 2780  srv - ok
11:20:25.0937 2780  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:20:25.0987 2780  srv2 - ok
11:20:26.0017 2780  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:20:26.0067 2780  srvnet - ok
11:20:26.0097 2780  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:20:26.0177 2780  SSDPSRV - ok
11:20:26.0217 2780  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
11:20:26.0247 2780  ssmdrv - ok
11:20:26.0287 2780  [ EF3458337D7341A05169CEFC73709264 ] SSPORT          C:\Windows\system32\Drivers\SSPORT.sys
11:20:26.0307 2780  SSPORT ( UnsignedFile.Multi.Generic ) - warning
11:20:26.0307 2780  SSPORT - detected UnsignedFile.Multi.Generic (1)
11:20:26.0317 2780  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:20:26.0377 2780  SstpSvc - ok
11:20:26.0397 2780  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
11:20:26.0427 2780  stexstor - ok
11:20:26.0467 2780  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
11:20:26.0527 2780  StiSvc - ok
11:20:26.0567 2780  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\drivers\swenum.sys
11:20:26.0587 2780  swenum - ok
11:20:26.0607 2780  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
11:20:26.0687 2780  swprv - ok
11:20:26.0737 2780  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
11:20:26.0827 2780  SysMain - ok
11:20:26.0857 2780  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:20:26.0907 2780  TabletInputService - ok
11:20:26.0947 2780  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:20:27.0007 2780  TapiSrv - ok
11:20:27.0047 2780  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
11:20:27.0087 2780  TBS - ok
11:20:27.0137 2780  [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:20:27.0257 2780  Tcpip - ok
11:20:27.0297 2780  [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:20:27.0347 2780  TCPIP6 - ok
11:20:27.0377 2780  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:20:27.0407 2780  tcpipreg - ok
11:20:27.0447 2780  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:20:27.0477 2780  TDPIPE - ok
11:20:27.0497 2780  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:20:27.0517 2780  TDTCP - ok
11:20:27.0547 2780  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:20:27.0617 2780  tdx - ok
11:20:27.0637 2780  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\drivers\termdd.sys
11:20:27.0667 2780  TermDD - ok
11:20:27.0717 2780  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
11:20:27.0817 2780  TermService - ok
11:20:27.0837 2780  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
11:20:27.0877 2780  Themes - ok
11:20:27.0897 2780  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
11:20:27.0917 2780  THREADORDER - ok
11:20:27.0987 2780  [ AC88D258F20909EEB91796F490CFBB73 ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
11:20:27.0997 2780  TOSHIBA Bluetooth Service - ok
11:20:28.0037 2780  [ 85B6FF02491B6DB3572B4F93E56CAB7C ] toshidpt        C:\Windows\system32\drivers\Toshidpt.sys
11:20:28.0047 2780  toshidpt - ok
11:20:28.0087 2780  [ 90AFA1A4451BBBEE87C9F18A665D8121 ] tosporte        C:\Windows\system32\DRIVERS\tosporte.sys
11:20:28.0107 2780  tosporte - ok
11:20:28.0137 2780  [ 00371CE4DA09B68BA0FF953E61820981 ] tosrfbd         C:\Windows\system32\DRIVERS\tosrfbd.sys
11:20:28.0177 2780  tosrfbd - ok
11:20:28.0187 2780  [ 74392BAB3F0D4810DA8436EC79D6955D ] tosrfbnp        C:\Windows\system32\Drivers\tosrfbnp.sys
11:20:28.0217 2780  tosrfbnp - ok
11:20:28.0247 2780  [ 1AD9EB1B5ABD0AEEE4084C8153476F1E ] Tosrfcom        C:\Windows\system32\Drivers\tosrfcom.sys
11:20:28.0267 2780  Tosrfcom - ok
11:20:28.0287 2780  [ A72A3473180F378CC07D342803FFD580 ] Tosrfhid        C:\Windows\system32\DRIVERS\Tosrfhid.sys
11:20:28.0307 2780  Tosrfhid - ok
11:20:28.0347 2780  [ B2A1A6538245FD69578224BBF2FD4677 ] tosrfnds        C:\Windows\system32\DRIVERS\tosrfnds.sys
11:20:28.0377 2780  tosrfnds - ok
11:20:28.0397 2780  [ F1CA74CCA8241D8B8A024AECC643C547 ] TosRfSnd        C:\Windows\system32\drivers\tosrfsnd.sys
11:20:28.0427 2780  TosRfSnd - ok
11:20:28.0427 2780  [ F400FB9616261A1B66E6D2E04B6C3538 ] Tosrfusb        C:\Windows\system32\DRIVERS\tosrfusb.sys
11:20:28.0457 2780  Tosrfusb - ok
11:20:28.0507 2780  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
11:20:28.0587 2780  TrkWks - ok
11:20:28.0647 2780  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:20:28.0707 2780  TrustedInstaller - ok
11:20:28.0737 2780  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:20:28.0767 2780  tssecsrv - ok
11:20:28.0807 2780  [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:20:28.0847 2780  TsUsbFlt - ok
11:20:28.0897 2780  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:20:28.0977 2780  tunnel - ok
11:20:28.0997 2780  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
11:20:29.0017 2780  uagp35 - ok
11:20:29.0037 2780  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:20:29.0087 2780  udfs - ok
11:20:29.0157 2780  [ 13BFF97E926BF8D9C1230CECC371A0C0 ] UI Assistant Service C:\Program Files\1&1 Surf-Stick\AssistantServices.exe
11:20:29.0177 2780  UI Assistant Service - ok
11:20:29.0207 2780  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:20:29.0257 2780  UI0Detect - ok
11:20:29.0297 2780  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:20:29.0327 2780  uliagpkx - ok
11:20:29.0367 2780  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\drivers\umbus.sys
11:20:29.0417 2780  umbus - ok
11:20:29.0447 2780  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
11:20:29.0487 2780  UmPass - ok
11:20:29.0517 2780  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
11:20:29.0587 2780  upnphost - ok
11:20:29.0617 2780  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:20:29.0647 2780  usbccgp - ok
11:20:29.0647 2780  USBCCID - ok
11:20:29.0707 2780  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:20:29.0767 2780  usbcir - ok
11:20:29.0797 2780  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
11:20:29.0837 2780  usbehci - ok
11:20:29.0857 2780  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:20:29.0917 2780  usbhub - ok
11:20:29.0937 2780  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
11:20:29.0987 2780  usbohci - ok
11:20:30.0027 2780  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:20:30.0077 2780  usbprint - ok
11:20:30.0097 2780  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:20:30.0147 2780  USBSTOR - ok
11:20:30.0177 2780  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
11:20:30.0207 2780  usbuhci - ok
11:20:30.0247 2780  [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
11:20:30.0287 2780  usbvideo - ok
11:20:30.0317 2780  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
11:20:30.0377 2780  UxSms - ok
11:20:30.0387 2780  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
11:20:30.0417 2780  VaultSvc - ok
11:20:30.0457 2780  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:20:30.0487 2780  vdrvroot - ok
11:20:30.0537 2780  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
11:20:30.0617 2780  vds - ok
11:20:30.0647 2780  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:20:30.0667 2780  vga - ok
11:20:30.0697 2780  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:20:30.0727 2780  VgaSave - ok
11:20:30.0757 2780  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:20:30.0787 2780  vhdmp - ok
11:20:30.0817 2780  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
11:20:30.0827 2780  viaagp - ok
11:20:30.0847 2780  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
11:20:30.0897 2780  ViaC7 - ok
11:20:30.0917 2780  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
11:20:30.0937 2780  viaide - ok
11:20:30.0957 2780  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:20:30.0977 2780  volmgr - ok
11:20:30.0997 2780  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:20:31.0027 2780  volmgrx - ok
11:20:31.0037 2780  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:20:31.0087 2780  volsnap - ok
11:20:31.0117 2780  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
11:20:31.0147 2780  vsmraid - ok
11:20:31.0197 2780  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
11:20:31.0307 2780  VSS - ok
11:20:31.0317 2780  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
11:20:31.0347 2780  vwifibus - ok
11:20:31.0377 2780  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:20:31.0417 2780  vwififlt - ok
11:20:31.0457 2780  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
11:20:31.0557 2780  W32Time - ok
11:20:31.0567 2780  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
11:20:31.0597 2780  WacomPen - ok
11:20:31.0637 2780  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:20:31.0707 2780  WANARP - ok
11:20:31.0717 2780  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:20:31.0737 2780  Wanarpv6 - ok
11:20:31.0787 2780  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
11:20:31.0867 2780  wbengine - ok
11:20:31.0897 2780  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:20:31.0947 2780  WbioSrvc - ok
11:20:31.0987 2780  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:20:32.0037 2780  wcncsvc - ok
11:20:32.0067 2780  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:20:32.0097 2780  WcsPlugInService - ok
11:20:32.0117 2780  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
11:20:32.0147 2780  Wd - ok
11:20:32.0177 2780  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:20:32.0247 2780  Wdf01000 - ok
11:20:32.0267 2780  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:20:32.0297 2780  WdiServiceHost - ok
11:20:32.0297 2780  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:20:32.0317 2780  WdiSystemHost - ok
11:20:32.0347 2780  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
11:20:32.0397 2780  WebClient - ok
11:20:32.0417 2780  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:20:32.0447 2780  Wecsvc - ok
11:20:32.0467 2780  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:20:32.0517 2780  wercplsupport - ok
11:20:32.0537 2780  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:20:32.0577 2780  WerSvc - ok
11:20:32.0637 2780  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:20:32.0707 2780  WfpLwf - ok
11:20:32.0717 2780  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:20:32.0737 2780  WIMMount - ok
11:20:32.0807 2780  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
11:20:32.0877 2780  WinDefend - ok
11:20:32.0887 2780  WinHttpAutoProxySvc - ok
11:20:32.0967 2780  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:20:33.0047 2780  Winmgmt - ok
11:20:33.0097 2780  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
11:20:33.0237 2780  WinRM - ok
11:20:33.0287 2780  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\Windows\system32\DRIVERS\WinUSB.sys
11:20:33.0337 2780  WinUsb - ok
11:20:33.0387 2780  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:20:33.0447 2780  Wlansvc - ok
11:20:33.0477 2780  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
11:20:33.0527 2780  WmiAcpi - ok
11:20:33.0547 2780  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:20:33.0607 2780  wmiApSrv - ok
11:20:33.0687 2780  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
11:20:33.0767 2780  WMPNetworkSvc - ok
11:20:33.0787 2780  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:20:33.0827 2780  WPCSvc - ok
11:20:33.0867 2780  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:20:33.0917 2780  WPDBusEnum - ok
11:20:33.0947 2780  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:20:34.0007 2780  ws2ifsl - ok
11:20:34.0027 2780  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\System32\wscsvc.dll
11:20:34.0097 2780  wscsvc - ok
11:20:34.0107 2780  WSearch - ok
11:20:34.0197 2780  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
11:20:34.0297 2780  wuauserv - ok
11:20:34.0317 2780  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:20:34.0337 2780  WudfPf - ok
11:20:34.0357 2780  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:20:34.0387 2780  WUDFRd - ok
11:20:34.0407 2780  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:20:34.0427 2780  wudfsvc - ok
11:20:34.0457 2780  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:20:34.0497 2780  WwanSvc - ok
11:20:34.0527 2780  [ 3862318F85BE7A91957ADA5E814ED58C ] ZTEusbmdm6k     C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
11:20:34.0557 2780  ZTEusbmdm6k - ok
11:20:34.0587 2780  [ 3862318F85BE7A91957ADA5E814ED58C ] ZTEusbnmea      C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
11:20:34.0617 2780  ZTEusbnmea - ok
11:20:34.0637 2780  [ 3862318F85BE7A91957ADA5E814ED58C ] ZTEusbser6k     C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
11:20:34.0667 2780  ZTEusbser6k - ok
11:20:34.0687 2780  ================ Scan global ===============================
11:20:34.0727 2780  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
11:20:34.0767 2780  [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
11:20:34.0797 2780  [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
11:20:34.0837 2780  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
11:20:34.0877 2780  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
11:20:34.0897 2780  [Global] - ok
11:20:34.0897 2780  ================ Scan MBR ==================================
11:20:34.0927 2780  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:20:35.0357 2780  \Device\Harddisk0\DR0 - ok
11:20:35.0357 2780  ================ Scan VBR ==================================
11:20:35.0367 2780  [ FD1A05EB21DD92D9D3644AE8F4376E1B ] \Device\Harddisk0\DR0\Partition1
11:20:35.0367 2780  \Device\Harddisk0\DR0\Partition1 - ok
11:20:35.0387 2780  [ 0BAECE3662EFD8A20E6E9F3703269473 ] \Device\Harddisk0\DR0\Partition2
11:20:35.0397 2780  \Device\Harddisk0\DR0\Partition2 - ok
11:20:35.0397 2780  ============================================================
11:20:35.0397 2780  Scan finished
11:20:35.0397 2780  ============================================================
11:20:35.0407 2948  Detected object count: 2
11:20:35.0407 2948  Actual detected object count: 2
11:20:43.0327 2948  Micro Star SCM ( UnsignedFile.Multi.Generic ) - skipped by user
11:20:43.0327 2948  Micro Star SCM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:20:43.0327 2948  SSPORT ( UnsignedFile.Multi.Generic ) - skipped by user
11:20:43.0327 2948  SSPORT ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 16.11.2012, 10:40   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Wie Claro-Search bei Firefox entfernen? - Standard

Wie Claro-Search bei Firefox entfernen?



Ist ok, da wurde zum Glück nichts gelöscht. Der TDSS-Killer hat die Sachen nur in seine Q kopiert und nicht verschoben.

adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 16.11.2012, 11:14   #11
F.H.
 
Wie Claro-Search bei Firefox entfernen? - Standard

Wie Claro-Search bei Firefox entfernen?



Hallo,

das ist die Datei:

Code:
ATTFilter
# AdwCleaner v2.007 - Logfile created 11/16/2012 at 12:14:01
# Updated 06/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : Friederike - FRIEDERIKE-MSI
# Boot Mode : Normal
# Running from : C:\Users\Friederike\Downloads\adwcleaner(1).exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Found : C:\Users\Friederike\AppData\Roaming\Mozilla\Firefox\Profiles\wvw6vwfn.default\searchplugins\browsemngr.xml
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\IBUpdaterService
Folder Found : C:\Users\Friederike\AppData\Roaming\Babylon

***** [Registry] *****

Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Softonic
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Key Found : HKU\S-1-5-21-205577914-2600898699-3477215697-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.2 (de)

Profile name : default 
File : C:\Users\Friederike\AppData\Roaming\Mozilla\Firefox\Profiles\wvw6vwfn.default\prefs.js

Found : user_pref("browser.search.selectedEngine", "Claro Search");
Found : user_pref("browser.startup.homepage", "hxxp://www.claro-search.com/?affID=114506&tt=4612_4&babsrc=HP[...]
Found : user_pref("extensions.BabylonToolbar_i.newTab", true);
Found : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.claro-search.com/?affID=114506&tt=461[...]
Found : user_pref("extensions.claro.admin", false);
Found : user_pref("extensions.claro.aflt", "babsst");
Found : user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}");
Found : user_pref("extensions.claro.dfltLng", "en");
Found : user_pref("extensions.claro.excTlbr", false);
Found : user_pref("extensions.claro.id", "feefe68b0000000000000025d39b5fea");
Found : user_pref("extensions.claro.instlDay", "15657");
Found : user_pref("extensions.claro.instlRef", "sst");
Found : user_pref("extensions.claro.prdct", "claro");
Found : user_pref("extensions.claro.prtnrId", "claro");
Found : user_pref("extensions.claro.tlbrId", "claro");
Found : user_pref("extensions.claro.tlbrSrchUrl", "");
Found : user_pref("extensions.claro.vrsn", "1.8.3.10");
Found : user_pref("extensions.claro.vrsni", "1.8.3.10");
Found : user_pref("extensions.claro_i.smplGrp", "none");
Found : user_pref("extensions.claro_i.vrsnTs", "1.8.3.1012:03:54");

*************************

AdwCleaner[R3].txt - [3132 octets] - [16/11/2012 12:14:01]

########## EOF - C:\AdwCleaner[R3].txt - [3192 octets] ##########
         
Viele Grüße F.H.

Noch eine Frage:

Kann ich den cleaner einfach schließen. Der zeigt mir gerade an "Waiting for an action".

F.H.

Alt 16.11.2012, 13:08   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Wie Claro-Search bei Firefox entfernen? - Standard

Wie Claro-Search bei Firefox entfernen?



Versuch bitte alle im adwCleaner-Log erwähnten Einträge (wie zB Babylon oder Softonic) über die Systemsteuerung zu deinstallieren, danach ein neues Suchlog mit dem adwCleaner machen.
Reste und was sich nicht deinstallieren lassen will machen wir mit dem adwCleaner weg.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 16.11.2012, 14:03   #13
F.H.
 
Wie Claro-Search bei Firefox entfernen? - Standard

Wie Claro-Search bei Firefox entfernen?



Hallo,

mein Computer läuft auf englisch, deshalb habe ich jetzt unter "control panel" und dann unter "Programs" "Uninstall a Program" nachgeschaut.
Babylon und Softonic konnte ich dort nicht finden. Kann es sein, dass ich woanders nachschauen muss? Das ist bestimmt eine ziemlich blöde Frage, aber ich weiß es nicht besser.

Viele Grüße

F.H.

Alt 16.11.2012, 15:15   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Wie Claro-Search bei Firefox entfernen? - Standard

Wie Claro-Search bei Firefox entfernen?



adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)

Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 16.11.2012, 15:54   #15
F.H.
 
Wie Claro-Search bei Firefox entfernen? - Standard

Wie Claro-Search bei Firefox entfernen?



Hallo,

hier die Auswertung des adw.cleaners:

Code:
ATTFilter
# AdwCleaner v2.007 - Logfile created 11/16/2012 at 16:39:22
# Updated 06/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : Friederike - FRIEDERIKE-MSI
# Boot Mode : Normal
# Running from : C:\Users\Friederike\Downloads\adwcleaner(2).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\Users\Friederike\AppData\Roaming\Mozilla\Firefox\Profiles\wvw6vwfn.default\searchplugins\browsemngr.xml
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\IBUpdaterService
Folder Deleted : C:\Users\Friederike\AppData\Roaming\Babylon

***** [Registry] *****

Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.2 (de)

Profile name : default 
File : C:\Users\Friederike\AppData\Roaming\Mozilla\Firefox\Profiles\wvw6vwfn.default\prefs.js

C:\Users\Friederike\AppData\Roaming\Mozilla\Firefox\Profiles\wvw6vwfn.default\user.js ... Deleted !

Deleted : user_pref("browser.search.selectedEngine", "Claro Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://www.claro-search.com/?affID=114506&tt=4612_4&babsrc=HP[...]
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.claro-search.com/?affID=114506&tt=461[...]
Deleted : user_pref("extensions.claro.admin", false);
Deleted : user_pref("extensions.claro.aflt", "babsst");
Deleted : user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}");
Deleted : user_pref("extensions.claro.dfltLng", "en");
Deleted : user_pref("extensions.claro.excTlbr", false);
Deleted : user_pref("extensions.claro.id", "feefe68b0000000000000025d39b5fea");
Deleted : user_pref("extensions.claro.instlDay", "15657");
Deleted : user_pref("extensions.claro.instlRef", "sst");
Deleted : user_pref("extensions.claro.prdct", "claro");
Deleted : user_pref("extensions.claro.prtnrId", "claro");
Deleted : user_pref("extensions.claro.tlbrId", "claro");
Deleted : user_pref("extensions.claro.tlbrSrchUrl", "");
Deleted : user_pref("extensions.claro.vrsn", "1.8.3.10");
Deleted : user_pref("extensions.claro.vrsni", "1.8.3.10");
Deleted : user_pref("extensions.claro_i.smplGrp", "none");
Deleted : user_pref("extensions.claro_i.vrsnTs", "1.8.3.1012:03:54");

*************************

AdwCleaner[R3].txt - [3261 octets] - [16/11/2012 12:14:01]
AdwCleaner[R4].txt - [3321 octets] - [16/11/2012 16:38:57]
AdwCleaner[S1].txt - [3273 octets] - [16/11/2012 16:39:22]

########## EOF - C:\AdwCleaner[S1].txt - [3333 octets] ##########
         



Code:
ATTFilter
OTL Extras logfile created on: 16.11.2012 16:43:20 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Friederike\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 66,83% Memory free
6,00 Gb Paging File | 4,94 Gb Available in Paging File | 82,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 273,40 Gb Total Space | 229,47 Gb Free Space | 83,93% Space Free | Partition Type: NTFS
Drive D: | 182,26 Gb Total Space | 179,91 Gb Free Space | 98,71% Space Free | Partition Type: NTFS
 
Computer Name: FRIEDERIKE-MSI | User Name: Friederike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-205577914-2600898699-3477215697-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05156E1B-836C-49F1-9E51-AB9B0A0CFC50}" = lport=139 | protocol=6 | dir=in | app=system | 
"{07AFC22F-65C6-492B-AD6A-98C267030165}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{17D43E0C-B546-4510-A7DB-E580DA4B2E45}" = lport=445 | protocol=6 | dir=in | app=system | 
"{1B90647F-5190-4267-80D6-C3F7D03A32A4}" = lport=137 | protocol=17 | dir=in | app=system | 
"{2C9A404F-852E-42E9-B791-D2D9652CDB22}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{2F96E07D-90FA-47DE-BB5E-0221CBB68EE7}" = rport=445 | protocol=6 | dir=out | app=system | 
"{3154FB4E-FF00-48C6-844B-D84DBF6ECF15}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{50BC5EAF-336F-427B-8841-E9DCEDA6009D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{73634CB8-A70F-4802-9537-3666A5E8FFAF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{87CBF515-D526-494D-AE2C-D0043E02FAFE}" = rport=137 | protocol=17 | dir=out | app=system | 
"{8A09BB94-CB01-4210-9FE7-43A065339403}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{9B141CFF-F7BA-467D-B050-3460170D0DDB}" = rport=138 | protocol=17 | dir=out | app=system | 
"{9BC68A29-CB87-4BCA-9ED5-CBFBB466D620}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{A1CB940D-C984-40EC-A8A6-4A88F030B1C2}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{B6B6AF46-581F-43FC-9C0D-89B99F2906F0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{BE265DCE-58E3-4927-AF85-69CD3ACA283A}" = rport=139 | protocol=6 | dir=out | app=system | 
"{C2ECB3A9-26AA-435B-B263-D07991BFD03D}" = lport=138 | protocol=17 | dir=in | app=system | 
"{D88FB8E6-0600-4782-8885-46BFB960E8E9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{DF400640-54DB-479E-918A-1D6B5BE1E7D1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{EF540469-3442-43DB-9CC6-9065171ACDA0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{FBCF3A19-BF14-492B-92AB-DD6EAD66F2E4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{25C16F6C-8B06-46C0-8D05-0725E6722FCB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{29ECC8C0-BD1F-44D8-91EB-21E33759E3D1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{406DB038-38E0-4C56-8A44-FF50A326FCB3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{4F2CCF78-1738-4330-A8B2-ECED1B321685}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{66B2D108-118E-49A2-A192-F37C83DEA818}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{6B889761-66EB-4DA6-A062-695DA5B4AAF1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{71C8FF14-66E0-49BF-8210-1481CC5500E7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{81AAB32C-F465-456A-B199-9F3CD88FBA5A}" = protocol=6 | dir=out | app=system | 
"{82BDA7ED-0AD9-4BEF-9473-CA5EBDB19CE5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{85332AA3-70D1-42CC-B18F-AE9CB27BC1EB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{8E776E00-4C86-4E3D-AF3C-CB2B30FC1A81}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{96A3B29D-FD71-4643-B3AF-84F62FDD5BFE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{9CAB2E46-7513-4489-832A-EA17295A2B58}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{BB10CA21-83D1-4BF4-87E1-254140DCE284}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{C7CA64B4-FF07-4A70-9EE7-741886D182CC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{CC3C5B46-507A-41CE-8E8F-749EA2A866E8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{D39016F1-6A40-4F16-A21D-4A2BF13FB974}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{DE6095B8-9210-43FA-9FD0-7354292D6909}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{E8677980-7AE0-4C9B-9437-3FEE81204559}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"TCP Query User{3D3C8AC3-A9E1-4B76-B3C6-8D03E9070FD6}C:\program files\ihmc cmaptools\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\ihmc cmaptools\jre\bin\javaw.exe | 
"UDP Query User{1981BE4C-9FA9-427B-8922-0A627BA8D5FF}C:\program files\ihmc cmaptools\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\ihmc cmaptools\jre\bin\javaw.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{01A1A019-E1D8-482A-BE17-5E118D17C0A0}" = ArcSoft Print Creations - Brochures & Flyers
"{07690F1C-04B1-4060-9691-6748ED1826B9}" = MSI Software Install
"{25478065-4CB1-448C-80E4-8C4529017EE3}" = ArcSoft WebCam Companion 3
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}" = BurnRecovery
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CE47E6B-AE27-4E40-AC54-329EED96B933}" = ArcSoft Print Creations - Funhouse II
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{5D1C82E7-7EC0-4404-A8AD-36C3B444BC34}" = ArcSoft Print Creations - Poster Creator
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{8E90189A-A5D4-4C0E-A908-06C4236F98EE}" = ArcSoft Magic-i Visual Effects 2
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2007
"{90120000-00A1-0C0A-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Spanish) 2007
"{90120000-00B2-0407-0000-0000000FF1CE}" = Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{95F875CC-1B85-43E6-B3E0-13EA04F3D995}" = ArcSoft Print Creations - Photo Prints
"{A45C5EC7-F13E-4414-99BE-47373935C0FE}" = Eraser 6.0.10.2620
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = 1&1 Surf-Stick
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{C5D7039E-0803-4FE8-976D-156DE1147E4F}" = ArcSoft Print Creations
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{E12C6653-1FF0-4686-ADB8-589C13AE761F}" = Citavi
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}" = System Control Manager
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"284D9B4A58796481EC5A61D01DCC5E654761629C" = ENE CIR Receiver Driver
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"Digital Editions" = Adobe Digital Editions
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"LSI Soft Modem" = LSI HDA Modem
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"Samsung ML-1630 Series" = Samsung ML-1630 Series
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"WinRAR archiver" = WinRAR archiver
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 09.10.2012 16:42:14 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 21.10.2012 15:02:57 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 22.10.2012 07:17:00 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 23.10.2012 04:36:55 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 27.10.2012 15:40:34 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 28.10.2012 06:05:17 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 29.10.2012 11:37:21 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 02.11.2012 14:48:33 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 07.11.2012 15:25:08 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 09.11.2012 13:07:08 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
[ System Events ]
Error - 09.11.2012 15:42:13 | Computer Name = Friederike-msi | Source = Service Control Manager | ID = 7000
Description = The DgiVecp service failed to start due to the following error:   %%2
 
Error - 09.11.2012 22:24:54 | Computer Name = Friederike-msi | Source = Service Control Manager | ID = 7000
Description = The DgiVecp service failed to start due to the following error:   %%2
 
Error - 10.11.2012 04:37:21 | Computer Name = Friederike-msi | Source = Service Control Manager | ID = 7000
Description = The DgiVecp service failed to start due to the following error:   %%2
 
Error - 11.11.2012 14:46:33 | Computer Name = Friederike-msi | Source = Service Control Manager | ID = 7000
Description = The DgiVecp service failed to start due to the following error:   %%2
 
Error - 11.11.2012 18:21:11 | Computer Name = Friederike-msi | Source = Service Control Manager | ID = 7000
Description = The DgiVecp service failed to start due to the following error:   %%2
 
Error - 12.11.2012 05:14:06 | Computer Name = Friederike-msi | Source = Service Control Manager | ID = 7000
Description = The DgiVecp service failed to start due to the following error:   %%2
 
Error - 12.11.2012 11:21:23 | Computer Name = Friederike-msi | Source = Service Control Manager | ID = 7000
Description = The DgiVecp service failed to start due to the following error:   %%2
 
Error - 12.11.2012 14:11:28 | Computer Name = Friederike-msi | Source = Service Control Manager | ID = 7000
Description = The DgiVecp service failed to start due to the following error:   %%2
 
Error - 12.11.2012 16:59:33 | Computer Name = Friederike-msi | Source = Service Control Manager | ID = 7000
Description = The DgiVecp service failed to start due to the following error:   %%2
 
Error - 13.11.2012 06:49:59 | Computer Name = Friederike-msi | Source = Service Control Manager | ID = 7000
Description = The DgiVecp service failed to start due to the following error:   %%2
 
 
< End of report >
         
Code:
ATTFilter
OTL logfile created on: 16.11.2012 16:43:20 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Friederike\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 66,83% Memory free
6,00 Gb Paging File | 4,94 Gb Available in Paging File | 82,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 273,40 Gb Total Space | 229,47 Gb Free Space | 83,93% Space Free | Partition Type: NTFS
Drive D: | 182,26 Gb Total Space | 179,91 Gb Free Space | 98,71% Space Free | Partition Type: NTFS
 
Computer Name: FRIEDERIKE-MSI | User Name: Friederike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Friederike\Downloads\OTL(2).exe (OldTimer Tools)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe (Adobe Systems, Inc.)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Eraser\Eraser.exe (The Eraser Project)
PRC - C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
PRC - C:\Program Files\1&1 Surf-Stick\AssistantServices.exe ()
PRC - C:\Program Files\1&1 Surf-Stick\UIExec.exe ()
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac (ArcSoft Inc.)
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\System Control Manager\MSIService.exe (Micro-Star International Co., Ltd.)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\LSI SoftModem\agrsmsvc.exe (LSI Corporation)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\4a29fb5e489e57ccc97b19ca70db94a8\Microsoft.VisualBasic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\239d84cfdb9de9730c1efb43840ef2eb\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll ()
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox\components\CitaviPickerCommunication.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
MOD - C:\Program Files\1&1 Surf-Stick\UIExec.exe ()
MOD - C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
 
 
========== Services (SafeList) ==========
 
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe (McAfee, Inc.)
SRV - (UI Assistant Service) -- C:\Program Files\1&1 Surf-Stick\AssistantServices.exe ()
SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (TOSHIBA Bluetooth Service) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Micro Star SCM) -- C:\Program Files\System Control Manager\MSIService.exe (Micro-Star International Co., Ltd.)
SRV - (IAANTMON) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (AgereModemAudio) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe (LSI Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (USBCCID) -- system32\DRIVERS\RtsUCcid.sys File not found
DRV - (RtsUIR) -- system32\DRIVERS\Rts516xIR.sys File not found
DRV - (DgiVecp) -- C:\Windows\system32\Drivers\DgiVecp.sys File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (ZTEusbser6k) -- C:\Windows\System32\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV - (ZTEusbnmea) -- C:\Windows\System32\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV - (ZTEusbmdm6k) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV - (massfilter) -- C:\Windows\System32\drivers\massfilter.sys (ZTE Incorporated)
DRV - (NETw5s32) -- C:\Windows\System32\drivers\NETw5s32.sys (Intel Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (tosrfbd) -- C:\Windows\System32\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV - (Tosrfusb) -- C:\Windows\System32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (TosRfSnd) -- C:\Windows\System32\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV - (Tosrfcom) -- C:\Windows\System32\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (tosrfnds) -- C:\Windows\System32\drivers\tosrfnds.sys (TOSHIBA Corporation.)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (enecir) -- C:\Windows\System32\drivers\enecir.sys (ENE TECHNOLOGY INC.)
DRV - (toshidpt) -- C:\Windows\System32\drivers\Toshidpt.sys (TOSHIBA Corporation.)
DRV - (Tosrfhid) -- C:\Windows\System32\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV - (tosrfbnp) -- C:\Windows\System32\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (tosporte) -- C:\Windows\System32\drivers\tosporte.sys (TOSHIBA Corporation)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (LSI Corporation)
DRV - (RSUSBSTOR) -- C:\Windows\System32\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - (ArcSoftKsUFilter) -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV - (enecirhid) -- C:\Windows\System32\drivers\enecirhid.sys (ENE TECHNOLOGY INC.)
DRV - (enecirhidma) -- C:\Windows\System32\drivers\enecirhidma.sys (ENE TECHNOLOGY INC.)
DRV - (SSPORT) -- C:\Windows\System32\drivers\SSPORT.SYS (Samsung Electronics)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-205577914-2600898699-3477215697-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msi.com
IE - HKU\S-1-5-21-205577914-2600898699-3477215697-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-205577914-2600898699-3477215697-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-205577914-2600898699-3477215697-1000\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-205577914-2600898699-3477215697-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-205577914-2600898699-3477215697-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: {8AA36F4F-6DC7-4c06-77AF-5035170634FE}:2012.02.14
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}: C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2012.08.21 09:12:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.11.13 12:55:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.30 10:07:49 | 000,000,000 | ---D | M]
 
[2012.08.16 19:56:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Friederike\AppData\Roaming\Mozilla\Extensions
[2012.11.13 12:19:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Friederike\AppData\Roaming\Mozilla\Firefox\Profiles\wvw6vwfn.default\extensions
[2012.11.13 12:55:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.08.21 09:12:20 | 000,000,000 | ---D | M] (Citavi Picker) -- C:\PROGRAMDATA\SWISS ACADEMIC SOFTWARE\CITAVI PICKER\FIREFOX
[2012.10.24 18:50:04 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.10.24 23:03:12 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.24 23:03:11 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.10.24 23:03:12 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.24 23:03:12 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.24 23:03:12 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.24 23:03:11 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe (The Eraser Project)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe ()
O4 - HKLM..\Run: [UIExec] C:\Program Files\1&1 Surf-Stick\UIExec.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: &Citavi Picker... - C:\ProgramData\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html ()
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 129.217.129.42
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{57B4B11B-F091-4740-9272-58371C560EC4}: DhcpNameServer = 10.3.11.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B568DA77-FCDA-4CFB-8943-51FD96F70FE6}: DhcpNameServer = 129.217.129.42
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~2\browse~1\23796~1.11\{16cdf~1\browse~1.dll) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.11.16 04:15:23 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2012.11.16 04:15:23 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2012.11.16 04:14:59 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2012.11.16 04:14:59 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2012.11.16 04:14:59 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2012.11.16 04:14:36 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.11.16 04:14:35 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.11.16 04:14:35 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.11.16 04:14:35 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.11.16 04:14:35 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.11.16 04:14:34 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.11.16 04:14:34 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.11.16 04:14:33 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.11.16 03:58:48 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2012.11.16 03:58:47 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcorehc.dll
[2012.11.16 03:58:46 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2012.11.16 03:58:43 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2012.11.16 03:58:42 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.11.16 03:58:41 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcore6.dll
[2012.11.16 03:58:41 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2012.11.15 18:09:41 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012.11.13 12:55:30 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.11.13 12:09:06 | 000,000,000 | ---D | C] -- C:\Users\Friederike\Documents\My Cmaps
[2012.11.13 12:09:06 | 000,000,000 | ---D | C] -- C:\Users\Friederike\AppData\Roaming\CmapTools
[2012.11.13 12:09:05 | 000,000,000 | ---D | C] -- C:\Users\Friederike\CmapToolsLogs
[2012.11.13 12:04:59 | 000,000,000 | ---D | C] -- C:\Users\Friederike\.freemind
[2012.11.13 12:04:16 | 000,000,000 | ---D | C] -- C:\Users\Friederike\AppData\Roaming\PerformerSoft
[2012.11.13 12:04:15 | 000,017,464 | ---- | C] (PerformerSoft LLC) -- C:\Windows\System32\roboot.exe
[2012.11.13 11:59:59 | 000,000,000 | -H-D | C] -- C:\Program Files\Zero G Registry
[2012.11.13 11:59:31 | 000,000,000 | -H-D | C] -- C:\Users\Friederike\InstallAnywhere
[2012.10.30 10:07:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.10.22 14:00:19 | 000,000,000 | ---D | C] -- C:\Users\Friederike\Documents\Bluetooth
[2012.10.21 13:58:39 | 000,000,000 | ---D | C] -- C:\Users\Friederike\AppData\Roaming\Avira
[2012.10.21 13:53:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.10.21 13:52:51 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012.10.21 13:52:50 | 000,133,824 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012.10.21 13:52:50 | 000,083,432 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.10.21 13:52:50 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.10.21 13:52:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.10.21 13:52:46 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.16 16:40:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.16 16:40:21 | 2415,255,552 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.16 16:37:30 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.11.16 16:37:30 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.11.16 11:23:15 | 000,017,376 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.16 11:23:15 | 000,017,376 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.16 11:15:30 | 000,302,968 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.11.15 18:04:10 | 000,000,512 | ---- | M] () -- C:\Users\Friederike\Desktop\MBR.dat
[2012.11.13 14:19:12 | 000,031,744 | ---- | M] () -- C:\Users\Friederike\Documents\Rescue.asd
[2012.11.13 13:45:18 | 000,000,000 | ---- | M] () -- C:\Users\Friederike\defogger_reenable
[2012.11.13 12:55:31 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.11.13 12:09:02 | 000,002,389 | ---- | M] () -- C:\Users\Friederike\.powerupdate.user.properties
[2012.11.13 11:59:47 | 000,133,824 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012.11.13 11:59:47 | 000,083,432 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.11.13 11:59:47 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.11.08 17:14:12 | 000,675,506 | ---- | M] () -- C:\Users\Public\Documents\sunshine-shakes.pdf
[2012.10.22 14:00:16 | 000,000,914 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk
[2012.10.21 13:53:12 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.10.18 18:59:05 | 002,345,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
 
========== Files Created - No Company Name ==========
 
[2012.11.16 04:15:24 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.11.16 04:14:59 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.11.15 18:04:10 | 000,000,512 | ---- | C] () -- C:\Users\Friederike\Desktop\MBR.dat
[2012.11.13 14:19:12 | 000,031,744 | ---- | C] () -- C:\Users\Friederike\Documents\Rescue.asd
[2012.11.13 13:45:18 | 000,000,000 | ---- | C] () -- C:\Users\Friederike\defogger_reenable
[2012.11.13 12:55:31 | 000,001,127 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.11.13 12:55:31 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.11.13 12:09:02 | 000,002,389 | ---- | C] () -- C:\Users\Friederike\.powerupdate.user.properties
[2012.11.08 17:14:12 | 000,675,506 | ---- | C] () -- C:\Users\Public\Documents\sunshine-shakes.pdf
[2012.10.21 13:53:12 | 000,001,950 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.08.21 14:59:54 | 000,482,408 | ---- | C] () -- C:\Windows\ssndii.exe
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
         

Ich hoffe, ich habe alles richtig gemacht.

Viele Grüße

F.H.

Antwort

Themen zu Wie Claro-Search bei Firefox entfernen?
anfrage, anfragen, browser manager, claro-search, download, einfach, eingefangen, entferne, entfernen, eraser, firefox, frage, fragen, gefangen, gen, hoffe, install.exe, kurze, poste, unterforum



Ähnliche Themen: Wie Claro-Search bei Firefox entfernen?


  1. Claro search entfernen
    Plagegeister aller Art und deren Bekämpfung - 23.05.2013 (24)
  2. Claro Search entfernen- Wie?
    Plagegeister aller Art und deren Bekämpfung - 23.02.2013 (11)
  3. Claro - Search entfernen
    Plagegeister aller Art und deren Bekämpfung - 17.01.2013 (20)
  4. Claro Search entfernen
    Plagegeister aller Art und deren Bekämpfung - 28.12.2012 (9)
  5. Wie entferne ich den Firefox Claro search?
    Plagegeister aller Art und deren Bekämpfung - 13.12.2012 (11)
  6. Claro Search entfernen?!
    Plagegeister aller Art und deren Bekämpfung - 10.12.2012 (14)
  7. Claro-Search von Firefox entfernen
    Plagegeister aller Art und deren Bekämpfung - 09.12.2012 (15)
  8. Claro-Search von Firefox entfernen
    Log-Analyse und Auswertung - 05.12.2012 (20)
  9. Claro Search (Firefox) lässt sich nicht deinstallieren!
    Plagegeister aller Art und deren Bekämpfung - 29.11.2012 (27)
  10. Claro-Search entfernen
    Plagegeister aller Art und deren Bekämpfung - 25.11.2012 (8)
  11. Claro Search entfernen
    Plagegeister aller Art und deren Bekämpfung - 24.11.2012 (16)
  12. Claro Search im Firefox
    Log-Analyse und Auswertung - 16.11.2012 (10)
  13. Claro-Search entfernen
    Plagegeister aller Art und deren Bekämpfung - 15.11.2012 (12)
  14. claro-search in Firefox und IE
    Log-Analyse und Auswertung - 06.11.2012 (18)
  15. virus auf dem pc search.chatzum.com bei Mozilla Firefox und search.claro.com bei IE
    Plagegeister aller Art und deren Bekämpfung - 02.11.2012 (1)
  16. Claro-search Firefox entfernen
    Log-Analyse und Auswertung - 31.10.2012 (11)
  17. claro-search nicht aus Firefox zu löschen
    Log-Analyse und Auswertung - 29.10.2012 (9)

Zum Thema Wie Claro-Search bei Firefox entfernen? - Hallo, ich habe mir leider durch einen Download Claro-Search bei Firefox eingefangen und werde ihn jetzt nicht los. Da in diesem Unterforum schon einige Anfragen deswegen sind, poste ich einfach - Wie Claro-Search bei Firefox entfernen?...
Archiv
Du betrachtest: Wie Claro-Search bei Firefox entfernen? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.