Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Virus: Updates nicht möglich und Installation von Malwarebytes Anti-Malware 1.70 nicht möglich

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 08.02.2013, 17:50   #1
Goldedgar
 
Virus: Updates nicht möglich und Installation von Malwarebytes Anti-Malware 1.70 nicht möglich - Standard

Virus: Updates nicht möglich und Installation von Malwarebytes Anti-Malware 1.70 nicht möglich



Hallo
Seit einiger Zeit sind bei meinen Laptop keine Updates mehr möglich weder bei Windows Defender noch bei McAfee. Jetzt wollte ich Malwarebytes Anti-Malware 1.70 installieren jedoch kommt immer die Meldung:

Was soll ich tun?

Alt 08.02.2013, 17:51   #2
markusg
/// Malware-holic
 
Virus: Updates nicht möglich und Installation von Malwarebytes Anti-Malware 1.70 nicht möglich - Standard

Virus: Updates nicht möglich und Installation von Malwarebytes Anti-Malware 1.70 nicht möglich



hi

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 08.02.2013, 18:20   #3
Goldedgar
 
Virus: Updates nicht möglich und Installation von Malwarebytes Anti-Malware 1.70 nicht möglich - Standard

Virus: Updates nicht möglich und Installation von Malwarebytes Anti-Malware 1.70 nicht möglich



Extras.txt

Code:
ATTFilter
OTL Extras logfile created on: 08.02.2013 18:54:26 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Holger\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
7,89 Gb Total Physical Memory | 5,61 Gb Available Physical Memory | 71,10% Memory free
15,78 Gb Paging File | 13,45 Gb Available in Paging File | 85,19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 240,57 Gb Total Space | 170,26 Gb Free Space | 70,78% Space Free | Partition Type: NTFS
Drive D: | 439,45 Gb Total Space | 373,31 Gb Free Space | 84,95% Space Free | Partition Type: NTFS
 
Computer Name: ADMIN-TOSH | User Name: Holger | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04841FE3-D9ED-402D-84CC-38021A42B619}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{0CE4E775-61F3-4A93-8247-36F773118EED}" = rport=139 | protocol=6 | dir=out | app=system | 
"{160DBE63-2242-4A3B-A828-D4A3CA52606E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{16E13C8C-D232-4A20-B2A0-0E6C40FFFE3D}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | 
"{1A2940BB-6A30-4DFB-83BA-323B10C74ECA}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{20B7AB25-708F-4329-996F-3982188CE5D5}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{27150E0D-A17C-4F0B-AE5D-3A0C40A99218}" = lport=137 | protocol=17 | dir=in | app=system | 
"{2B99D1E1-B5B9-475D-95CE-3C683471CD81}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{30D9C2F7-C7A2-4ED4-B6C6-8ADEBC1AB562}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{348656AE-A8F2-441B-80BE-E1C975DD3245}" = rport=138 | protocol=17 | dir=out | app=system | 
"{3576D0DD-33AE-4AD9-A425-78A0A604BE77}" = rport=445 | protocol=6 | dir=out | app=system | 
"{38FAD297-2072-411F-A6E8-6DE2A4BFBCFA}" = rport=137 | protocol=17 | dir=out | app=system | 
"{392D5557-2637-4A4A-96AC-8288900533E3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{3E8D98C7-7C79-4A68-AC27-F7B76B6F935C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{42418ACA-3F73-42EC-A291-AE6B506DFC77}" = lport=445 | protocol=6 | dir=in | app=system | 
"{4BF34640-1278-4D81-8121-546D4E79DA68}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{56048C26-7C0C-4BE1-8ACD-CDEF0183EFD6}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{6ABE66F3-DC6E-42BE-8297-928FD016CFF5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{6F9F9E6C-53D2-463D-A403-C2BD186EB636}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{77589DF7-3ACB-4173-8875-CFB7F38AA225}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{A639A60E-CE61-405B-BB46-72B429986D12}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{AA349934-836F-4C21-A4F5-32D43CE41340}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{AF0347D3-4547-4657-90DB-960EB813CEF3}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | 
"{C711C27E-F030-4A7B-B316-28DF0001FFEB}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{DCE70B49-A1AA-49C9-AB21-3C77FB9F7281}" = lport=138 | protocol=17 | dir=in | app=system | 
"{F7159F39-08EB-4EAD-B5FF-324FB3CA0F0C}" = lport=139 | protocol=6 | dir=in | app=system | 
"{FA8941BA-3919-4225-8AAF-3120CA02CC49}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0526571C-5138-4E00-BEAE-941276293F9E}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{05721CF1-C561-43B7-B24F-18C2B3C4082D}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{063C23A5-069B-4203-85E5-D5394A17AD41}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{1B4D36DC-8CC1-4884-9F48-A36D6D068CEB}" = protocol=6 | dir=in | app=c:\program files (x86)\mcafee\common framework\frameworkservice.exe | 
"{22C99787-3656-4969-9164-E3522B49E3C2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{25E04472-9686-4129-8A2B-A8AE416D4762}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{2E0AA61E-1B85-438B-BE71-7D8C2A79B36C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{2FFC24F8-EA65-4379-A7EA-B7EE24FE5273}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{335AD59D-21A6-4B17-ADAF-2251DCD534A4}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 
"{3E4241F2-C9B3-45A6-ACED-C30FBD9C87B7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{49C12192-595F-4AC3-A6A3-2F108F37B9D8}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | 
"{52D50DB9-5C6A-462A-9919-323958F04EBB}" = protocol=6 | dir=out | app=system | 
"{613DB95C-5592-4DD0-BE52-56F65495FFC5}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 
"{6B8AA4F5-1ECC-4EA6-BA62-53364979A64A}" = protocol=17 | dir=in | app=c:\program files (x86)\mcafee\common framework\frameworkservice.exe | 
"{79ABDB65-2C97-44E1-A408-D63769351EC6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{7F170D60-D09B-4571-90B4-9A49D476BE96}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{84FD481E-ACF7-4FEF-8FEE-EE7BBDB3CC77}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 
"{8B731CCB-CD26-42E5-A574-A17CF813CCDD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{914F9FAE-EE8C-4E60-8123-2208ACDDF89F}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{94B85F5D-965F-4FBF-A191-BF19948B514D}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{995EDC00-D25F-4090-9CA8-2E1581FC31E7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{A930D57A-BAB6-41D9-9C70-A04E6FC99196}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{A937C964-701B-4BAC-8C36-47F887685859}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{ABA96210-A402-40C9-BF72-702C5AF4C9A5}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{AF763AEE-7781-4134-A545-B08F02B6C58C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{BA47B43A-2572-4F59-95CF-528FEC0E1A7E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{BA828DFE-28E8-47A3-B44B-58D02040CF2B}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{BD0F7BC9-EBB1-418F-91C6-BC5AE6371B61}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{C01C6152-F96F-4568-B284-2B4E30698CB4}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe | 
"{D1FABE4A-369F-4FBA-994C-C6EA911B719C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{D3A24743-28FF-42AB-9B6F-03B63F6A5F89}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{DCBAE1A5-408C-4448-A487-58793CE681DF}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{DE1C8D4B-5D89-4914-9CB9-7E831AF02373}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 
"{E78165DF-09EE-49F0-AD8C-4EAA9631A47F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{EDDB5375-0B79-4D34-A247-C0764015899D}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{F1B98088-8CF3-4688-B842-F912ACEF1632}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{F2703EA4-052B-477E-8194-5CC81658F96C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{F7C50263-7DB7-4819-812F-C137E7963C3F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"TCP Query User{2E8D990B-28A9-404D-8551-C4BBE135B176}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | 
"TCP Query User{A688AB56-C64D-4DEA-B216-9840233C8352}C:\program files (x86)\nordic games\dungeon lords mmxii\dlords2012.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nordic games\dungeon lords mmxii\dlords2012.exe | 
"TCP Query User{D0F68DF8-6490-4ACD-A4B6-3030EC7B6C71}G:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=g:\xampp\apache\bin\httpd.exe | 
"TCP Query User{F27F2B7D-0F08-4871-AF88-28FE42D9DBF5}G:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=g:\xampp\mysql\bin\mysqld.exe | 
"UDP Query User{1875B92D-BEE4-445C-B207-557A47BA2F0F}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | 
"UDP Query User{8F735A78-1989-4082-ACED-1A7F6CD53D0D}G:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=g:\xampp\apache\bin\httpd.exe | 
"UDP Query User{A2CE2C5F-3B9C-42C0-94A1-527C729BAE53}C:\program files (x86)\nordic games\dungeon lords mmxii\dlords2012.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nordic games\dungeon lords mmxii\dlords2012.exe | 
"UDP Query User{BD5023D1-9F2A-4CFE-982B-6BF683C7EE4F}G:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=g:\xampp\mysql\bin\mysqld.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0611B3CC-B5DB-4B93-ACE4-97B8F938E6B7}" = 64 Bit HP CIO Components Installer
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{27C3DB42-A9C1-4B44-A164-93849D160D12}" = TOSHIBA VIDEO PLAYER
"{439A73C2-8CFA-4630-8484-36BCA2AEBB0A}" = SRS Premium Sound Control Panel
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{94A90C69-71C1-470A-88F5-AA47ECC96B40}" = TOSHIBA HDD Protection
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 295.55
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 295.55
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.7.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.11.1111
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{C9C56642-9AAB-4267-9454-36FF1CC59168}" = TOSHIBA eco Utility
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D600D357-5CB9-4DE9-8FD4-14E208BD1970}" = Nero Backup Drivers
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{DF7756DD-656A-45C3-BA71-74673E8259A9}" = Intel® PROSet/Wireless WiFi Software
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"4252DED1757A5AF456930285C3002FA53FC10F32" = ENE CIR Receiver Driver
"GPL Ghostscript 9.04" = GPL Ghostscript
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"ProInst" = Intel PROSet Wireless
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"sp6" = Logitech SetPoint 6.51
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{147BCE03-C0F1-4C9F-8157-6A89B6D2D973}" = McAfee VirusScan Enterprise
"{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{216DF734-6004-42C7-AFC9-A81DFD344BA8}" = Nero BurnRights 11
"{2290A680-4083-410A-ADCC-7092C67FC052}" = TOSHIBA Online Product Information
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{461F6F0D-7173-4902-9604-AB1A29108AF2}" = TOSHIBA Places Icon Utility
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}" = NVIDIA PhysX
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{49DC7D87-B9F9-4782-9386-B7F13BC75E48}" = Adobe Creative Suite 5 Design Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D2122D0-66F7-4A53-96FC-079C900B1CAF}" = Nero BurnRights 11 Help (CHM)
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic
"{5FE4CE4A-593C-4158-951F-75BB5A3CC743_Patch}_is1" = Dungeon Lords MMXII
"{5FE4CE4A-593C-4158-951F-75BB5A3CC743}_is1" = Dungeon Lords MMXII
"{617773AE-ADBA-4479-BB04-65FE7758B35C}" = TOSHIBA Wireless Display Monitor
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{654F7484-88C5-46DC-AB32-C66BCB0E2102}" = TOSHIBA Sleep Utility
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM)
"{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}" = TOSHIBA Resolution+ Plug-in for Windows Media Player
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger
"{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba" = WildTangent Games App (Toshiba Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71972D00-4596-11E2-B6EA-B8AC6F97B88E}" = Google Earth Plug-in
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7FCB8D5D-9396-4D17-8CFA-349D6D49CD32}" = Intel(R) WiDi
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86790597-5E41-47AF-A6E4-6295D0C21B8B}" = A1 Dashboard
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = Toshiba Manuals
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel(R) Manageability Engine Firmware Recovery Agent
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA951B10-7089-4D60-B288-516E641F48E6}" = McAfee Agent
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}" = Nero BackItUp 11
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.5) MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM)
"{BE814218-3919-4EA3-868A-2F60BC135CB4}" = Nero Kwik Media
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}" = TOSHIBA Assist
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7A4F26F-F9B0-41B2-8659-99181108CDE3}" = TOSHIBA Media Controller
"{C8773FDB-D0DB-BE52-D536-F48F9886B57B}" = Adobe Download Assistant
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CCE210DF-7EEF-4A76-A63C-3EB091FDB992}" = welcome
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM)
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E10AAE4A-98B8-420A-BD93-E0520C23D624}" = Nero Express 11
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F082CB11-4794-4259-99A1-D91BA762AD15}" = TOSHIBA TEMPRO
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in
"{F8635CF8-B797-4EFD-80BC-DE2D26C65D4F}" = Nero 11 Essentials
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FEB650EB-7639-444E-9FC2-C33EE6ED1A37}" = TOSHIBA Remote Control Manager
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"A1 Dashboard" = A1 Dashboard
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_acce07fd2c8fe7f9e3f26243e626578" = Adobe Dreamweaver CS4
"Audacity_is1" = Audacity 2.0.2
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"Cool Edit Pro 2.1" = Cool Edit Pro 2.1
"Free Studio_is1" = Free Studio version 5.7.7.1031
"FreePDF_XP" = FreePDF (Remove only)
"Google Chrome" = Google Chrome
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"IrfanView" = IrfanView (remove only)
"Mozilla Firefox 18.0.2 (x86 de)" = Mozilla Firefox 18.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.54
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"RealPlayer 15.0" = RealPlayer
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"VLC media player" = VLC media player 2.0.3
"Vocup_is1" = Vocup 1.4.3
"WildTangent toshiba Master Uninstall" = WildTangent Games
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-Bit)
"WTA-1ff74afd-489f-47f9-8197-5d2f8fad72e4" = Cake Mania
"WTA-2ee4fbf3-fc87-4b33-a68e-a021a3e948cf" = Agatha Christie - Death on the Nile
"WTA-32ffcb79-9215-42e6-b2e6-a76ff9e0e474" = Aloha TriPeaks
"WTA-39b546da-493a-4bd5-b452-7d1914736322" = Bejeweled 3
"WTA-4e59b859-b0dd-4ff5-a962-e4870db7e476" = Virtual Villagers 4 - The Tree of Life
"WTA-687af76a-b1b8-488a-92ec-fb2b74df82d8" = Chuzzle Deluxe
"WTA-695022ae-360e-4a3d-80db-95268fda9d4c" = Insaniquarium Deluxe
"WTA-7d45088d-e09b-4dff-9b74-a0d76ccb416d" = Plants vs. Zombies - Game of the Year
"WTA-828e6ff1-5928-414e-91cc-c161cfedd07e" = Jewel Quest Solitaire 2
"WTA-a5342933-1102-4db7-abba-25cd2b75fe96" = Mystery P.I. - The London Caper
"WTA-a62ac2b1-8184-4471-a539-2b9ccb641d02" = Polar Bowler
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 08.02.2013 13:56:25 | Computer Name = admin-TOSH | Source = VSS | ID = 8193
Description = 
 
Error - 08.02.2013 13:56:25 | Computer Name = admin-TOSH | Source = VSS | ID = 8193
Description = 
 
Error - 08.02.2013 13:56:25 | Computer Name = admin-TOSH | Source = VSS | ID = 8193
Description = 
 
Error - 08.02.2013 13:56:25 | Computer Name = admin-TOSH | Source = VSS | ID = 8193
Description = 
 
Error - 08.02.2013 13:56:30 | Computer Name = admin-TOSH | Source = VSS | ID = 8193
Description = 
 
Error - 08.02.2013 13:56:30 | Computer Name = admin-TOSH | Source = VSS | ID = 8193
Description = 
 
Error - 08.02.2013 13:56:30 | Computer Name = admin-TOSH | Source = VSS | ID = 8193
Description = 
 
Error - 08.02.2013 13:56:49 | Computer Name = admin-TOSH | Source = VSS | ID = 8193
Description = 
 
Error - 08.02.2013 13:56:49 | Computer Name = admin-TOSH | Source = VSS | ID = 8193
Description = 
 
Error - 08.02.2013 13:56:49 | Computer Name = admin-TOSH | Source = VSS | ID = 8193
Description = 
 
[ System Events ]
Error - 05.01.2013 06:48:18 | Computer Name = admin-TOSH | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst IPBusEnum erreicht.
 
Error - 05.01.2013 06:48:49 | Computer Name = admin-TOSH | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst HomeGroupListener erreicht.
 
Error - 05.01.2013 06:48:49 | Computer Name = admin-TOSH | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Heimnetzgruppen-Listener" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 06.01.2013 13:39:38 | Computer Name = admin-TOSH | Source = DCOM | ID = 10010
Description = 
 
Error - 07.01.2013 12:28:50 | Computer Name = admin-TOSH | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde
 mit folgendem Fehler beendet:   %%-2147196306
 
Error - 07.01.2013 12:30:47 | Computer Name = admin-TOSH | Source = Service Control Manager | ID = 7022
Description = Der Dienst "McAfee McShield" wurde nicht richtig gestartet.
 
Error - 09.01.2013 17:12:15 | Computer Name = admin-TOSH | Source = DCOM | ID = 10010
Description = 
 
Error - 10.01.2013 13:51:01 | Computer Name = admin-TOSH | Source = DCOM | ID = 10010
Description = 
 
Error - 10.01.2013 15:39:10 | Computer Name = admin-TOSH | Source = DCOM | ID = 10010
Description = 
 
Error - 11.01.2013 13:17:26 | Computer Name = admin-TOSH | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?10.?01.?2013 um 23:27:27 unerwartet heruntergefahren.
 
[ TuneUp Events ]
Error - 05.02.2013 07:23:51 | Computer Name = admin-TOSH | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 06.02.2013 04:12:43 | Computer Name = admin-TOSH | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 06.02.2013 06:59:39 | Computer Name = admin-TOSH | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 07.02.2013 06:32:32 | Computer Name = admin-TOSH | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 08.02.2013 06:23:39 | Computer Name = admin-TOSH | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 08.02.2013 06:49:54 | Computer Name = admin-TOSH | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 08.02.2013 07:30:30 | Computer Name = admin-TOSH | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 08.02.2013 08:46:38 | Computer Name = admin-TOSH | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 08.02.2013 08:49:22 | Computer Name = admin-TOSH | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 08.02.2013 13:23:38 | Computer Name = admin-TOSH | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
 
< End of report >
         
--- --- ---

[/code]
__________________

Alt 08.02.2013, 18:22   #4
Goldedgar
 
Virus: Updates nicht möglich und Installation von Malwarebytes Anti-Malware 1.70 nicht möglich - Standard

Virus: Updates nicht möglich und Installation von Malwarebytes Anti-Malware 1.70 nicht möglich



OTL.txt

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 08.02.2013 18:54:26 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Holger\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
7,89 Gb Total Physical Memory | 5,61 Gb Available Physical Memory | 71,10% Memory free
15,78 Gb Paging File | 13,45 Gb Available in Paging File | 85,19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 240,57 Gb Total Space | 170,26 Gb Free Space | 70,78% Space Free | Partition Type: NTFS
Drive D: | 439,45 Gb Total Space | 373,31 Gb Free Space | 84,95% Space Free | Partition Type: NTFS
 
Computer Name: ADMIN-TOSH | User Name: Holger | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.02.08 18:52:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Holger\Desktop\OTL.exe
PRC - [2012.12.18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.11.04 19:48:23 | 003,093,624 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2012.06.20 17:13:12 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2012.02.29 01:13:56 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012.02.29 01:13:54 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012.02.21 20:29:38 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2012.02.21 20:29:28 | 000,128,280 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012.02.05 05:41:10 | 000,231,328 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosLeSrvUseMng.exe
PRC - [2012.02.05 05:40:56 | 000,219,048 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosLeSrvProvider.exe
PRC - [2012.02.04 21:47:54 | 000,251,808 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosLeBtMng.exe
PRC - [2012.02.04 21:16:54 | 002,824,104 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2012.01.28 11:24:00 | 002,458,944 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.01.28 01:40:46 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2011.11.21 23:12:48 | 000,253,312 | ---- | M] (TOSHIBA) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
PRC - [2011.11.04 14:40:06 | 000,687,400 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2011.10.19 16:43:38 | 000,718,720 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe
PRC - [2011.08.08 21:43:00 | 000,690,072 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2011.08.08 21:36:00 | 000,087,960 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2011.02.23 22:19:22 | 000,371,200 | ---- | M] (shbox.de) -- C:\Program Files (x86)\FreePDF_XP\fpassist.exe
PRC - [2011.02.03 23:18:00 | 000,742,800 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
PRC - [2010.12.26 00:05:54 | 001,716,144 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\widimon\widimon.exe
PRC - [2010.09.07 00:18:00 | 000,746,384 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
PRC - [2010.08.16 18:54:50 | 000,034,160 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
PRC - [2010.02.22 03:57:06 | 000,406,992 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
PRC - [2009.10.22 20:07:00 | 000,124,240 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\shstat.exe
PRC - [2009.10.22 20:07:00 | 000,066,896 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\vstskmgr.exe
PRC - [2009.08.25 16:00:00 | 000,226,624 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe
PRC - [2009.08.25 16:00:00 | 000,136,512 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exe
PRC - [2009.08.25 16:00:00 | 000,103,744 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.11.04 19:48:23 | 003,093,624 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2012.01.28 11:24:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
MOD - [2012.01.25 18:57:12 | 000,172,032 | ---- | M] () -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosGatt.dll
MOD - [2010.02.22 03:50:20 | 000,060,416 | ---- | M] () -- C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\zlib1.dll
MOD - [2005.08.22 16:38:16 | 003,264,512 | ---- | M] () -- C:\Program Files (x86)\McAfee\Common Framework\cryptocme2.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012.05.29 12:09:50 | 000,035,680 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2012.02.10 03:28:32 | 000,295,360 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2012.02.03 06:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2012.02.02 23:33:46 | 000,580,608 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2011.12.14 23:11:38 | 000,833,976 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2011.12.08 18:44:04 | 000,594,704 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2011.12.08 18:43:56 | 000,273,168 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011.12.08 18:43:48 | 000,618,256 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011.12.08 18:43:44 | 000,148,752 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2011.11.26 02:52:36 | 000,138,152 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2011.04.20 23:16:04 | 000,558,592 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)
SRV:64bit: - [2010.10.20 22:41:00 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2010.09.23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009.10.22 20:07:00 | 000,079,504 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:41:19 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lpdsvc.dll -- (LPDSVC)
SRV - [2013.01.19 10:56:27 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.01.11 19:02:07 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.12.18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.10.10 21:06:01 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.29 12:09:52 | 002,143,072 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.05.29 12:09:50 | 000,029,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2012.05.10 14:20:46 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.02.29 01:13:56 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.02.29 01:13:54 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.02.21 20:29:38 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012.02.21 20:29:28 | 000,128,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012.01.28 11:24:00 | 002,458,944 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2011.11.04 14:40:06 | 000,687,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011.07.12 01:16:06 | 000,057,216 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2011.04.02 01:42:00 | 000,198,064 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Running] -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2011.02.10 09:25:36 | 000,112,080 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService)
SRV - [2010.10.12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.10.22 20:07:00 | 000,178,920 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\mcshield.exe -- (McShield)
SRV - [2009.10.22 20:07:00 | 000,066,896 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\vstskmgr.exe -- (McTaskManager)
SRV - [2009.10.22 20:07:00 | 000,019,720 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\engineserver.exe -- (McAfeeEngineService)
SRV - [2009.08.25 16:00:00 | 000,103,744 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe -- (McAfeeFramework)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.10.09 15:34:50 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012.07.17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012.06.08 06:10:16 | 000,020,592 | ---- | M] (Compal Electronics, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CeKbFilter.sys -- (CeKbFilter)
DRV:64bit: - [2012.05.10 14:11:04 | 014,759,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.25 01:11:54 | 000,412,944 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012.02.25 01:11:52 | 000,022,800 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver.sys -- (SmbDrv)
DRV:64bit: - [2012.02.04 05:01:20 | 000,677,480 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012.01.30 22:14:00 | 000,304,696 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfbd.sys -- (tosrfbd)
DRV:64bit: - [2012.01.28 11:24:00 | 000,028,992 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2012.01.28 01:39:34 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012.01.28 01:39:34 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012.01.28 01:39:34 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012.01.27 02:37:24 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2012.01.27 02:37:24 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2012.01.09 09:44:44 | 011,416,576 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2012.01.05 22:43:52 | 000,259,176 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsP2Stor.sys -- (RSP2STOR)
DRV:64bit: - [2011.12.29 21:37:44 | 000,035,120 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:64bit: - [2011.12.17 01:24:00 | 000,079,040 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfusb.sys -- (Tosrfusb)
DRV:64bit: - [2011.12.07 03:23:10 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011.12.01 11:42:44 | 000,072,240 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVol.sys -- (NBVol)
DRV:64bit: - [2011.12.01 11:42:44 | 000,015,920 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVolUp.sys -- (NBVolUp)
DRV:64bit: - [2011.11.30 03:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.11.17 23:55:08 | 000,020,304 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecirhid.sys -- (enecirhid)
DRV:64bit: - [2011.11.17 23:54:46 | 000,076,112 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir)
DRV:64bit: - [2011.05.03 14:42:40 | 000,222,464 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2011.03.24 01:10:28 | 000,036,992 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\thpdrv.sys -- (Thpdrv)
DRV:64bit: - [2011.03.18 23:03:18 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.09 03:07:00 | 000,038,096 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2011.01.30 17:19:32 | 000,086,016 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2010.11.29 19:47:00 | 000,082,224 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tosrfcom.sys -- (Tosrfcom)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.11 18:27:00 | 000,050,864 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV:64bit: - [2010.08.30 18:48:00 | 000,094,528 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV:64bit: - [2010.06.19 00:45:00 | 000,018,872 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfec.sys -- (tosrfec)
DRV:64bit: - [2010.04.26 19:48:00 | 000,063,488 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV:64bit: - [2010.03.02 13:59:32 | 000,121,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:64bit: - [2010.03.02 13:59:32 | 000,121,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:64bit: - [2010.03.02 13:59:32 | 000,121,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV:64bit: - [2010.02.22 09:09:10 | 000,011,776 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV:64bit: - [2009.12.26 14:09:00 | 000,012,112 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecirhidma.sys -- (enecirhidma)
DRV:64bit: - [2009.10.22 20:07:00 | 000,469,144 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2009.10.22 20:07:00 | 000,119,968 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2009.10.22 20:07:00 | 000,097,576 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2009.10.22 20:07:00 | 000,083,784 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfetdik.sys -- (mfetdik)
DRV:64bit: - [2009.10.22 20:07:00 | 000,077,104 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2009.07.31 04:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009.07.24 19:33:00 | 000,026,472 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfnds.sys -- (tosrfnds)
DRV:64bit: - [2009.07.14 23:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.30 00:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)
DRV:64bit: - [2009.06.20 03:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009.06.17 20:01:00 | 000,054,664 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosporte.sys -- (tosporte)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2011.09.22 17:10:46 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {1AF61748-63E3-42E9-A49F-0A0A1FF1655E}
IE:64bit: - HKLM\..\SearchScopes\{1AF61748-63E3-42E9-A49F-0A0A1FF1655E}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA;
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {1AF61748-63E3-42E9-A49F-0A0A1FF1655E}
IE - HKLM\..\SearchScopes\{1AF61748-63E3-42E9-A49F-0A0A1FF1655E}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA;
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
IE - HKCU\..\SearchScopes,DefaultScope = {1AF61748-63E3-42E9-A49F-0A0A1FF1655E}
IE - HKCU\..\SearchScopes\{1AF61748-63E3-42E9-A49F-0A0A1FF1655E}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA_deAT505
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B0153E448-190B-4987-BDE1-F256CADA672F%7D:15.0.6
FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.2.1.9
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.13
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.10.31 14:14:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013.02.04 18:12:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.08 12:48:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.01.19 10:56:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK
 
[2012.10.10 13:18:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Holger\AppData\Roaming\mozilla\Extensions
[2013.02.01 15:19:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Holger\AppData\Roaming\mozilla\Firefox\Profiles\t6bqy3gy.default\extensions
[2013.01.11 19:11:52 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Holger\AppData\Roaming\mozilla\Firefox\Profiles\t6bqy3gy.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.12.12 18:31:02 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\Holger\AppData\Roaming\mozilla\firefox\profiles\t6bqy3gy.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2013.02.01 15:19:13 | 000,817,973 | ---- | M] () (No name found) -- C:\Users\Holger\AppData\Roaming\mozilla\firefox\profiles\t6bqy3gy.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.02.08 12:48:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.02.08 11:43:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\updated\extensions
[2013.02.08 11:43:53 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012.10.31 14:14:16 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2013.02.01 19:21:57 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2009.10.22 20:07:00 | 000,023,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2012.10.31 14:14:09 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll
[2012.06.20 17:14:20 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2013.02.01 20:33:32 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.02.01 20:33:32 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.02.01 20:33:32 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.02.01 20:33:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.02.01 20:33:32 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.02.01 20:33:32 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\scriptsn.dll (McAfee, Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan Enterprise\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4:64bit: - HKLM..\Run: []  File not found
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SRS Premium Sound 3D] C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe (SRS Labs, Inc.)
O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TRCMan] C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [ShStatEXE] C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe (TOSHIBA)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
O4 - Startup: C:\Users\Holger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun =  [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Holger\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Holger\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\Holger\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Holger\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Vertrauenswürdige Sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CA9DB483-6449-43DF-851C-8A91E3506AC8}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{7622d0d4-5a84-11e2-98c7-b888e314a7c0}\Shell - "" = AutoRun
O33 - MountPoints2\{7622d0d4-5a84-11e2-98c7-b888e314a7c0}\Shell\AutoRun\command - "" = G:\Autorun.exe
O33 - MountPoints2\{7622d0d5-5a84-11e2-98c7-b888e314a7c0}\Shell - "" = AutoRun
O33 - MountPoints2\{7622d0d5-5a84-11e2-98c7-b888e314a7c0}\Shell\AutoRun\command - "" = G:\Autorun.exe
O33 - MountPoints2\{7ddb6162-61aa-11e2-8649-b888e314a7c0}\Shell - "" = AutoRun
O33 - MountPoints2\{7ddb6162-61aa-11e2-8649-b888e314a7c0}\Shell\AutoRun\command - "" = G:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
 
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.08 18:52:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Holger\Desktop\OTL.exe
[2013.02.08 18:36:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.02.08 18:36:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.02.08 18:36:35 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2013.02.08 18:36:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.02.08 18:33:52 | 000,000,000 | ---D | C] -- C:\Users\Holger\AppData\Local\Programs
[2013.02.04 18:12:58 | 000,000,000 | ---D | C] -- C:\Users\Holger\AppData\Roaming\Leadertech
[2013.02.04 18:12:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd
[2013.02.04 18:12:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2013.02.04 18:12:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2013.02.04 18:12:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Logishrd
[2013.02.04 18:11:56 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2013.02.04 18:11:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logishrd
[2013.02.04 18:09:59 | 000,000,000 | ---D | C] -- C:\Users\Holger\AppData\Roaming\Logitech
[2013.02.04 18:09:59 | 000,000,000 | ---D | C] -- C:\Users\Holger\AppData\Roaming\Logishrd
[2013.02.04 17:15:43 | 000,469,144 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfehidk.sys
[2013.02.04 17:15:43 | 000,119,968 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfeavfk.sys
[2013.02.04 17:15:43 | 000,097,576 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfeapfk.sys
[2013.02.04 17:15:43 | 000,083,784 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfetdik.sys
[2013.02.04 17:15:43 | 000,077,104 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mferkdet.sys
[2013.02.04 17:15:42 | 000,079,504 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\mfevtps.exe
[2013.02.04 17:15:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013.02.04 17:15:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\McAfee
[2013.01.28 23:01:40 | 000,000,000 | ---D | C] -- C:\Users\Holger\AppData\Local\{12C80811-F52C-4EAF-8858-270570B999AB}
[2013.01.19 10:56:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.01.19 10:44:05 | 000,000,000 | ---D | C] -- C:\Users\Holger\Desktop\Emu
[2013.01.18 17:45:10 | 000,135,168 | ---- | C] (ZTE Corporation) -- C:\windows\SysNative\drivers\ZTEusbnet.sys
[2013.01.18 17:45:10 | 000,121,344 | ---- | C] (ZTE Incorporated) -- C:\windows\SysNative\drivers\ZTEusbser6k.sys
[2013.01.18 17:45:10 | 000,121,344 | ---- | C] (ZTE Incorporated) -- C:\windows\SysNative\drivers\ZTEusbnmea.sys
[2013.01.18 17:45:10 | 000,121,344 | ---- | C] (ZTE Incorporated) -- C:\windows\SysNative\drivers\ZTEusbmdm6k.sys
[2013.01.18 17:45:10 | 000,011,776 | ---- | C] (MBB Incorporated) -- C:\windows\SysNative\drivers\massfilter.sys
[2013.01.18 17:44:51 | 001,001,472 | ---- | C] (DiBcom SA) -- C:\windows\SysNative\drivers\mod7700.sys
[2013.01.18 17:44:51 | 000,415,744 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\windows\SysNative\drivers\ewusbwwan.sys
[2013.01.18 17:44:51 | 000,222,464 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\windows\SysNative\drivers\ewusbmdm.sys
[2013.01.18 17:44:51 | 000,212,992 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\windows\SysNative\drivers\ew_juwwanecm.sys
[2013.01.18 17:44:51 | 000,098,816 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\windows\SysNative\drivers\ew_jucdcacm.sys
[2013.01.18 17:44:51 | 000,086,016 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\windows\SysNative\drivers\ew_jubusenum.sys
[2013.01.18 17:44:51 | 000,069,632 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\windows\SysNative\drivers\ew_jucdcecm.sys
[2013.01.18 17:44:51 | 000,032,768 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\windows\SysNative\drivers\ewdcsc.sys
[2013.01.18 17:44:51 | 000,028,672 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\windows\SysNative\drivers\ew_juextctrl.sys
[2013.01.18 17:44:51 | 000,022,016 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\windows\SysNative\drivers\ew_hwupgrade.sys
[2013.01.18 17:44:51 | 000,013,952 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\windows\SysNative\drivers\ew_usbenumfilter.sys
[2013.01.18 17:44:50 | 000,117,248 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\windows\SysNative\drivers\ew_hwusbdev.sys
[2013.01.18 17:44:32 | 000,000,000 | -H-D | C] -- C:\ProgramData\{9CEF107B-86D1-4332-AE74-7FDEA6296A94}
[2013.01.18 17:44:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\A1 Dashboard
[2013.01.18 17:44:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A1
[2013.01.16 22:04:57 | 000,000,000 | ---D | C] -- C:\Users\Holger\AppData\Local\PackageAware
[2013.01.15 19:07:48 | 000,000,000 | ---D | C] -- C:\Users\Holger\Desktop\Tencent Art Pack 8.5
[2013.01.14 18:22:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UEFI WinFlash
[2013.01.12 14:41:21 | 000,000,000 | ---D | C] -- C:\Users\Holger\AppData\Local\SCE
[2013.01.12 14:41:21 | 000,000,000 | ---D | C] -- C:\Crash
[2013.01.12 14:38:41 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\directx
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.08 19:01:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013.02.08 18:52:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Holger\Desktop\OTL.exe
[2013.02.08 18:40:00 | 000,001,124 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.08 18:33:04 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.08 18:33:04 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.08 18:25:33 | 000,000,828 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2013.02.08 18:25:32 | 000,001,120 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.08 18:25:19 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.02.08 12:48:07 | 000,001,158 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.02.07 10:37:00 | 000,002,046 | ---- | M] () -- C:\Users\Holger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
[2013.02.06 11:58:47 | 000,000,830 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2013.02.06 09:06:33 | 001,498,506 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013.02.06 09:06:33 | 000,654,166 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2013.02.06 09:06:33 | 000,616,008 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013.02.06 09:06:33 | 000,130,006 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2013.02.06 09:06:33 | 000,106,388 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013.01.18 17:44:31 | 000,001,027 | ---- | M] () -- C:\Users\Public\Desktop\A1 Dashboard.lnk
[2013.01.12 13:28:56 | 000,002,030 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2013.01.09 22:26:25 | 004,969,776 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2013.01.18 17:44:31 | 000,001,027 | ---- | C] () -- C:\Users\Public\Desktop\A1 Dashboard.lnk
[2013.01.04 19:42:09 | 000,000,132 | ---- | C] () -- C:\Users\Holger\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2013.01.02 17:16:17 | 000,003,584 | ---- | C] () -- C:\Users\Holger\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.12.04 18:34:00 | 000,000,132 | ---- | C] () -- C:\Users\Holger\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012.11.04 17:06:50 | 000,007,597 | ---- | C] () -- C:\Users\Holger\AppData\Local\Resmon.ResmonCfg
[2012.05.10 14:14:32 | 000,755,572 | ---- | C] () -- C:\windows\SysWow64\igkrng700.bin
[2012.05.10 14:14:32 | 000,559,972 | ---- | C] () -- C:\windows\SysWow64\igfcg700m.bin
[2012.05.10 14:07:18 | 000,058,880 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2012.05.10 13:25:28 | 013,026,304 | ---- | C] () -- C:\windows\SysWow64\ig7icd32.dll
[2012.02.03 06:08:26 | 000,001,536 | ---- | C] () -- C:\windows\SysWow64\IusEventLog.dll
[2011.12.20 04:21:20 | 000,032,768 | ---- | C] () -- C:\windows\SysWow64\SPCtl.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.10.30 18:51:44 | 000,000,000 | ---D | M] -- C:\Users\Holger\AppData\Roaming\Audacity
[2012.10.25 21:44:52 | 000,000,000 | ---D | M] -- C:\Users\Holger\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.10.10 16:38:55 | 000,000,000 | ---D | M] -- C:\Users\Holger\AppData\Roaming\DAEMON Tools Lite
[2012.12.29 14:58:44 | 000,000,000 | ---D | M] -- C:\Users\Holger\AppData\Roaming\DVDVideoSoft
[2012.10.10 15:03:17 | 000,000,000 | ---D | M] -- C:\Users\Holger\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.12.17 21:23:12 | 000,000,000 | ---D | M] -- C:\Users\Holger\AppData\Roaming\EAC
[2013.01.03 19:15:56 | 000,000,000 | ---D | M] -- C:\Users\Holger\AppData\Roaming\FreePDF
[2012.10.19 21:42:02 | 000,000,000 | ---D | M] -- C:\Users\Holger\AppData\Roaming\GetRightToGo
[2012.10.10 16:57:18 | 000,000,000 | ---D | M] -- C:\Users\Holger\AppData\Roaming\GHISLER
[2013.02.04 18:12:58 | 000,000,000 | ---D | M] -- C:\Users\Holger\AppData\Roaming\Leadertech
[2012.11.04 22:53:50 | 000,000,000 | ---D | M] -- C:\Users\Holger\AppData\Roaming\LolClient
[2013.01.25 19:28:36 | 000,000,000 | ---D | M] -- C:\Users\Holger\AppData\Roaming\Mp3tag
[2012.10.10 13:12:09 | 000,000,000 | ---D | M] -- C:\Users\Holger\AppData\Roaming\Toshiba
[2012.10.10 13:21:33 | 000,000,000 | ---D | M] -- C:\Users\Holger\AppData\Roaming\TOSHIBA Online Product Information
[2013.01.03 20:40:21 | 000,000,000 | ---D | M] -- C:\Users\Holger\AppData\Roaming\ts3overlay
[2012.10.20 13:50:37 | 000,000,000 | ---D | M] -- C:\Users\Holger\AppData\Roaming\TuneUp Software
[2013.01.09 23:37:18 | 000,000,000 | ---D | M] -- C:\Users\Holger\AppData\Roaming\Vocup
[2012.10.10 16:33:08 | 000,000,000 | ---D | M] -- C:\Users\Holger\AppData\Roaming\WildTangent
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012.10.20 09:47:01 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2012.03.15 16:53:32 | 000,000,000 | -HSD | M] -- C:\Boot
[2013.01.12 14:41:21 | 000,000,000 | ---D | M] -- C:\Crash
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2012.06.08 05:49:10 | 000,000,000 | ---D | M] -- C:\Intel
[2012.10.13 10:34:50 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2013.02.04 18:11:56 | 000,000,000 | R--D | M] -- C:\Program Files
[2013.02.08 18:36:28 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2013.02.08 18:36:46 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2013.02.04 17:23:28 | 000,000,000 | ---D | M] -- C:\QUARANTINE
[2012.11.04 21:36:01 | 000,000,000 | ---D | M] -- C:\Riot Games
[2013.02.08 18:56:50 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2013.01.15 14:01:35 | 000,000,000 | ---D | M] -- C:\Temp
[2012.10.09 22:09:41 | 000,000,000 | ---D | M] -- C:\Toshiba
[2012.10.10 15:51:02 | 000,000,000 | R--D | M] -- C:\Users
[2013.02.08 18:25:40 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2009.07.14 02:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009.07.14 02:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009.07.14 02:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009.07.14 02:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2010.11.21 04:23:55 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,640 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2012.03.14 20:51:07 | 000,000,830 | ---- | C] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
[2012.03.14 20:51:29 | 000,001,120 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.03.14 20:51:30 | 000,001,124 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.06.08 05:47:44 | 000,000,830 | ---- | C] () -- C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2012.06.08 05:47:46 | 000,000,828 | ---- | C] () -- C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
 
< MD5 for: AGP440.SYS  >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2010.11.21 04:24:11 | 002,872,320 | ---- | M] () Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] () Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] () Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 04:24:25 | 002,616,320 | ---- | M] () Unable to obtain MD5 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] () Unable to obtain MD5 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] () Unable to obtain MD5 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
 
< MD5 for: IASTOR.SYS  >
[2011.11.30 03:40:32 | 000,568,600 | ---- | M] (Intel Corporation) MD5=C224331A54571C8C9162F7714400BBBD -- C:\windows\SysNative\drivers\iaStor.sys
[2011.11.30 03:40:32 | 000,568,600 | ---- | M] (Intel Corporation) MD5=C224331A54571C8C9162F7714400BBBD -- C:\windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_9c981fcb416c038e\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\windows\SysNative\netlogon.dll
[2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\windows\SysNative\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010.11.21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\windows\SysNative\user32.dll
[2010.11.21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] () Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %USERPROFILE%\*.* >
[2012.10.10 13:12:05 | 000,000,000 | ---- | M] () -- C:\Users\Holger\agent.log
[2013.02.08 19:13:07 | 005,242,880 | -HS- | M] () -- C:\Users\Holger\NTUSER.DAT
[2013.02.08 19:13:07 | 000,262,144 | -HS- | M] () -- C:\Users\Holger\ntuser.dat.LOG1
[2012.12.06 15:47:40 | 000,262,144 | -HS- | M] () -- C:\Users\Holger\ntuser.dat.LOG2
[2012.12.13 22:35:26 | 000,000,000 | -HS- | M] () -- C:\Users\Holger\NTUSER.DAT_tureg_new.LOG1
[2012.12.13 22:35:26 | 000,000,000 | -HS- | M] () -- C:\Users\Holger\NTUSER.DAT_tureg_new.LOG2
[2012.12.13 22:33:25 | 004,718,592 | -HS- | M] () -- C:\Users\Holger\NTUSER.DAT_tureg_old
[2012.10.10 18:17:33 | 000,065,536 | -HS- | M] () -- C:\Users\Holger\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2012.10.10 18:17:33 | 000,524,288 | -HS- | M] () -- C:\Users\Holger\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2012.10.10 18:17:33 | 000,524,288 | -HS- | M] () -- C:\Users\Holger\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2012.12.13 22:47:03 | 000,065,536 | -HS- | M] () -- C:\Users\Holger\NTUSER.DAT{c75ab832-456c-11e2-a2a0-806e6f6e6963}.TM.blf
[2012.12.13 22:47:03 | 000,524,288 | -HS- | M] () -- C:\Users\Holger\NTUSER.DAT{c75ab832-456c-11e2-a2a0-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
[2012.12.13 22:47:03 | 000,524,288 | -HS- | M] () -- C:\Users\Holger\NTUSER.DAT{c75ab832-456c-11e2-a2a0-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms
[2012.10.10 13:11:09 | 000,000,020 | -HS- | M] () -- C:\Users\Holger\ntuser.ini
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
 
<           >

< End of report >
         
--- --- ---

Alt 08.02.2013, 18:25   #5
markusg
/// Malware-holic
 
Virus: Updates nicht möglich und Installation von Malwarebytes Anti-Malware 1.70 nicht möglich - Standard

Virus: Updates nicht möglich und Installation von Malwarebytes Anti-Malware 1.70 nicht möglich



hi
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
c: öffnen, tdsskiller-datum-version.txt öffnen, Inhalt posten

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 08.02.2013, 18:31   #6
Goldedgar
 
Virus: Updates nicht möglich und Installation von Malwarebytes Anti-Malware 1.70 nicht möglich - Standard

Virus: Updates nicht möglich und Installation von Malwarebytes Anti-Malware 1.70 nicht möglich



Code:
ATTFilter
19:28:08.0814 6380  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:28:08.0854 6380  ============================================================
19:28:08.0854 6380  Current date / time: 2013/02/08 19:28:08.0854
19:28:08.0854 6380  SystemInfo:
19:28:08.0854 6380  
19:28:08.0854 6380  OS Version: 6.1.7601 ServicePack: 1.0
19:28:08.0854 6380  Product type: Workstation
19:28:08.0854 6380  ComputerName: ADMIN-TOSH
19:28:08.0854 6380  UserName: Holger
19:28:08.0854 6380  Windows directory: C:\windows
19:28:08.0854 6380  System windows directory: C:\windows
19:28:08.0854 6380  Running under WOW64
19:28:08.0854 6380  Processor architecture: Intel x64
19:28:08.0854 6380  Number of processors: 4
19:28:08.0854 6380  Page size: 0x1000
19:28:08.0854 6380  Boot type: Normal boot
19:28:08.0854 6380  ============================================================
19:28:13.0359 6380  !crdlk
19:28:13.0359 6380  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
19:28:13.0375 6380  ============================================================
19:28:13.0375 6380  \Device\Harddisk0\DR0:
19:28:13.0375 6380  MBR partitions:
19:28:13.0375 6380  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1E122000
19:28:13.0390 6380  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E411000, BlocksNum 0x36EE7800
19:28:13.0390 6380  ============================================================
19:28:13.0422 6380  C: <-> \Device\Harddisk0\DR0\Partition1
19:28:13.0468 6380  D: <-> \Device\Harddisk0\DR0\Partition2
19:28:13.0468 6380  ============================================================
19:28:13.0468 6380  Initialize success
19:28:13.0468 6380  ============================================================
19:28:47.0726 3680  ============================================================
19:28:47.0726 3680  Scan started
19:28:47.0726 3680  Mode: Manual; SigCheck; TDLFS; 
19:28:47.0726 3680  ============================================================
19:28:48.0054 3680  ================ Scan system memory ========================
19:28:48.0054 3680  System memory - ok
19:28:48.0054 3680  ================ Scan services =============================
19:28:48.0256 3680  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
19:28:48.0428 3680  1394ohci - ok
19:28:48.0475 3680  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\windows\system32\drivers\ACPI.sys
19:28:48.0490 3680  ACPI - ok
19:28:48.0522 3680  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
19:28:48.0615 3680  AcpiPmi - ok
19:28:48.0693 3680  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:28:48.0724 3680  AdobeARMservice - ok
19:28:48.0802 3680  [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:28:48.0834 3680  AdobeFlashPlayerUpdateSvc - ok
19:28:48.0880 3680  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
19:28:48.0912 3680  adp94xx - ok
19:28:48.0958 3680  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\windows\system32\drivers\adpahci.sys
19:28:48.0974 3680  adpahci - ok
19:28:48.0990 3680  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\windows\system32\drivers\adpu320.sys
19:28:49.0005 3680  adpu320 - ok
19:28:49.0052 3680  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
19:28:49.0130 3680  AeLookupSvc - ok
19:28:49.0192 3680  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\windows\system32\drivers\afd.sys
19:28:49.0255 3680  AFD - ok
19:28:49.0333 3680  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\windows\system32\drivers\agp440.sys
19:28:49.0364 3680  agp440 - ok
19:28:49.0395 3680  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\windows\System32\alg.exe
19:28:49.0426 3680  ALG - ok
19:28:49.0458 3680  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\windows\system32\drivers\aliide.sys
19:28:49.0473 3680  aliide - ok
19:28:49.0504 3680  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\windows\system32\drivers\amdide.sys
19:28:49.0520 3680  amdide - ok
19:28:49.0536 3680  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\windows\system32\drivers\amdk8.sys
19:28:49.0567 3680  AmdK8 - ok
19:28:49.0582 3680  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\windows\system32\drivers\amdppm.sys
19:28:49.0614 3680  AmdPPM - ok
19:28:49.0645 3680  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\windows\system32\drivers\amdsata.sys
19:28:49.0660 3680  amdsata - ok
19:28:49.0692 3680  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
19:28:49.0707 3680  amdsbs - ok
19:28:49.0738 3680  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\windows\system32\drivers\amdxata.sys
19:28:49.0754 3680  amdxata - ok
19:28:49.0770 3680  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\windows\system32\drivers\appid.sys
19:28:49.0832 3680  AppID - ok
19:28:49.0879 3680  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\windows\System32\appidsvc.dll
19:28:49.0957 3680  AppIDSvc - ok
19:28:50.0004 3680  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\windows\System32\appinfo.dll
19:28:50.0050 3680  Appinfo - ok
19:28:50.0082 3680  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\windows\system32\drivers\arc.sys
19:28:50.0102 3680  arc - ok
19:28:50.0132 3680  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\windows\system32\drivers\arcsas.sys
19:28:50.0142 3680  arcsas - ok
19:28:50.0172 3680  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
19:28:50.0212 3680  AsyncMac - ok
19:28:50.0252 3680  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\windows\system32\drivers\atapi.sys
19:28:50.0262 3680  atapi - ok
19:28:50.0302 3680  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
19:28:50.0352 3680  AudioEndpointBuilder - ok
19:28:50.0402 3680  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\windows\System32\Audiosrv.dll
19:28:50.0452 3680  AudioSrv - ok
19:28:50.0482 3680  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\windows\System32\AxInstSV.dll
19:28:50.0562 3680  AxInstSV - ok
19:28:50.0612 3680  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
19:28:50.0652 3680  b06bdrv - ok
19:28:50.0682 3680  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
19:28:50.0702 3680  b57nd60a - ok
19:28:50.0792 3680  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\windows\System32\bdesvc.dll
19:28:50.0832 3680  BDESVC - ok
19:28:50.0872 3680  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\windows\system32\drivers\Beep.sys
19:28:50.0942 3680  Beep - ok
19:28:50.0992 3680  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\windows\System32\bfe.dll
19:28:51.0062 3680  BFE - ok
19:28:51.0132 3680  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\windows\System32\qmgr.dll
19:28:51.0192 3680  BITS - ok
19:28:51.0252 3680  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
19:28:51.0302 3680  blbdrive - ok
19:28:51.0352 3680  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
19:28:51.0412 3680  bowser - ok
19:28:51.0472 3680  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\windows\system32\drivers\BrFiltLo.sys
19:28:51.0522 3680  BrFiltLo - ok
19:28:51.0562 3680  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\windows\system32\drivers\BrFiltUp.sys
19:28:51.0612 3680  BrFiltUp - ok
19:28:51.0662 3680  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\windows\System32\browser.dll
19:28:51.0702 3680  Browser - ok
19:28:51.0752 3680  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\windows\System32\Drivers\Brserid.sys
19:28:51.0792 3680  Brserid - ok
19:28:51.0832 3680  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
19:28:51.0872 3680  BrSerWdm - ok
19:28:51.0892 3680  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
19:28:51.0922 3680  BrUsbMdm - ok
19:28:51.0942 3680  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
19:28:51.0972 3680  BrUsbSer - ok
19:28:52.0022 3680  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\windows\system32\drivers\bthmodem.sys
19:28:52.0062 3680  BTHMODEM - ok
19:28:52.0132 3680  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\windows\system32\bthserv.dll
19:28:52.0202 3680  bthserv - ok
19:28:52.0242 3680  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
19:28:52.0293 3680  cdfs - ok
19:28:52.0340 3680  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
19:28:52.0386 3680  cdrom - ok
19:28:52.0449 3680  [ A965B206921C55F2D1481789D609B711 ] CeKbFilter      C:\windows\system32\DRIVERS\CeKbFilter.sys
19:28:52.0480 3680  CeKbFilter - ok
19:28:52.0527 3680  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\windows\System32\certprop.dll
19:28:52.0574 3680  CertPropSvc - ok
19:28:52.0620 3680  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\windows\system32\DRIVERS\circlass.sys
19:28:52.0667 3680  circlass - ok
19:28:52.0714 3680  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\windows\system32\CLFS.sys
19:28:52.0745 3680  CLFS - ok
19:28:52.0839 3680  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:28:52.0886 3680  clr_optimization_v2.0.50727_32 - ok
19:28:52.0977 3680  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:28:53.0017 3680  clr_optimization_v2.0.50727_64 - ok
19:28:53.0077 3680  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:28:53.0137 3680  clr_optimization_v4.0.30319_32 - ok
19:28:53.0197 3680  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:28:53.0257 3680  clr_optimization_v4.0.30319_64 - ok
19:28:53.0307 3680  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
19:28:53.0347 3680  CmBatt - ok
19:28:53.0387 3680  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\windows\system32\drivers\cmdide.sys
19:28:53.0417 3680  cmdide - ok
19:28:53.0467 3680  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\windows\system32\Drivers\cng.sys
19:28:53.0507 3680  CNG - ok
19:28:53.0537 3680  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\windows\system32\drivers\compbatt.sys
19:28:53.0557 3680  Compbatt - ok
19:28:53.0597 3680  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\windows\system32\DRIVERS\CompositeBus.sys
19:28:53.0647 3680  CompositeBus - ok
19:28:53.0697 3680  COMSysApp - ok
19:28:53.0757 3680  [ 723E3512D6D1FF75E5398981B38FCEF7 ] cphs            C:\windows\SysWow64\IntelCpHeciSvc.exe
19:28:53.0777 3680  cphs - ok
19:28:53.0837 3680  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\windows\system32\drivers\crcdisk.sys
19:28:53.0847 3680  crcdisk - ok
19:28:53.0937 3680  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\windows\system32\cryptsvc.dll
19:28:53.0977 3680  CryptSvc - ok
19:28:54.0077 3680  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\windows\system32\rpcss.dll
19:28:54.0157 3680  DcomLaunch - ok
19:28:54.0237 3680  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\windows\System32\defragsvc.dll
19:28:54.0317 3680  defragsvc - ok
19:28:54.0357 3680  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\windows\system32\Drivers\dfsc.sys
19:28:54.0407 3680  DfsC - ok
19:28:54.0467 3680  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\windows\system32\dhcpcore.dll
19:28:54.0507 3680  Dhcp - ok
19:28:54.0577 3680  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\windows\system32\drivers\discache.sys
19:28:54.0647 3680  discache - ok
19:28:54.0717 3680  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\windows\system32\drivers\disk.sys
19:28:54.0747 3680  Disk - ok
19:28:54.0817 3680  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\windows\System32\dnsrslvr.dll
19:28:54.0877 3680  Dnscache - ok
19:28:54.0947 3680  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\windows\System32\dot3svc.dll
19:28:55.0017 3680  dot3svc - ok
19:28:55.0067 3680  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\windows\system32\dps.dll
19:28:55.0147 3680  DPS - ok
19:28:55.0217 3680  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
19:28:55.0267 3680  drmkaud - ok
19:28:55.0327 3680  [ ED5B31FFC64B9305DDB468701E4019A0 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
19:28:55.0367 3680  DXGKrnl - ok
19:28:55.0427 3680  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\windows\System32\eapsvc.dll
19:28:55.0497 3680  EapHost - ok
19:28:55.0627 3680  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\windows\system32\drivers\evbda.sys
19:28:55.0697 3680  ebdrv - ok
19:28:55.0747 3680  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\windows\System32\lsass.exe
19:28:55.0807 3680  EFS - ok
19:28:55.0907 3680  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
19:28:56.0007 3680  ehRecvr - ok
19:28:56.0067 3680  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\windows\ehome\ehsched.exe
19:28:56.0127 3680  ehSched - ok
19:28:56.0187 3680  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\windows\system32\drivers\elxstor.sys
19:28:56.0217 3680  elxstor - ok
19:28:56.0277 3680  [ 1A9756AD1F541DABF246F44CB8915402 ] enecir          C:\windows\system32\DRIVERS\enecir.sys
19:28:56.0307 3680  enecir - ok
19:28:56.0357 3680  [ 713F10B69E91DDCD8403B873A9E22DC1 ] enecirhid       C:\windows\system32\DRIVERS\enecirhid.sys
19:28:56.0417 3680  enecirhid - ok
19:28:56.0447 3680  [ 0C1A7AFBF686655FB286406295A1C499 ] enecirhidma     C:\windows\system32\DRIVERS\enecirhidma.sys
19:28:56.0497 3680  enecirhidma - ok
19:28:56.0537 3680  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\windows\system32\drivers\errdev.sys
19:28:56.0577 3680  ErrDev - ok
19:28:56.0727 3680  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\windows\system32\es.dll
19:28:56.0807 3680  EventSystem - ok
19:28:56.0947 3680  [ 64D25284A4E9D11CA0722AF3F30FD970 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
19:28:57.0017 3680  EvtEng - ok
19:28:57.0217 3680  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\windows\system32\drivers\exfat.sys
19:28:57.0277 3680  exfat - ok
19:28:57.0357 3680  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\windows\system32\drivers\fastfat.sys
19:28:57.0437 3680  fastfat - ok
19:28:57.0507 3680  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\windows\system32\fxssvc.exe
19:28:57.0557 3680  Fax - ok
19:28:57.0647 3680  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\windows\system32\drivers\fdc.sys
19:28:57.0697 3680  fdc - ok
19:28:57.0747 3680  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\windows\system32\fdPHost.dll
19:28:57.0817 3680  fdPHost - ok
19:28:57.0897 3680  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\windows\system32\fdrespub.dll
19:28:57.0947 3680  FDResPub - ok
19:28:57.0997 3680  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
19:28:58.0027 3680  FileInfo - ok
19:28:58.0077 3680  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
19:28:58.0147 3680  Filetrace - ok
19:28:58.0257 3680  [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:28:58.0337 3680  FLEXnet Licensing Service - ok
19:28:58.0417 3680  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\windows\system32\drivers\flpydisk.sys
19:28:58.0447 3680  flpydisk - ok
19:28:58.0507 3680  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
19:28:58.0527 3680  FltMgr - ok
19:28:58.0627 3680  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\windows\system32\FntCache.dll
19:28:58.0687 3680  FontCache - ok
19:28:58.0787 3680  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:28:58.0857 3680  FontCache3.0.0.0 - ok
19:28:58.0927 3680  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
19:28:58.0947 3680  FsDepends - ok
19:28:59.0007 3680  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
19:28:59.0037 3680  Fs_Rec - ok
19:28:59.0097 3680  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
19:28:59.0127 3680  fvevol - ok
19:28:59.0177 3680  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
19:28:59.0197 3680  gagp30kx - ok
19:28:59.0297 3680  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
19:28:59.0337 3680  GamesAppService - ok
19:28:59.0427 3680  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\windows\System32\gpsvc.dll
19:28:59.0477 3680  gpsvc - ok
19:28:59.0587 3680  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:28:59.0617 3680  gupdate - ok
19:28:59.0687 3680  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:28:59.0707 3680  gupdatem - ok
19:28:59.0777 3680  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\windows\system32\DRIVERS\hamachi.sys
19:28:59.0797 3680  hamachi - ok
19:28:59.0867 3680  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
19:28:59.0907 3680  hcw85cir - ok
19:28:59.0987 3680  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
19:29:00.0037 3680  HdAudAddService - ok
19:29:00.0097 3680  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\windows\system32\DRIVERS\HDAudBus.sys
19:29:00.0137 3680  HDAudBus - ok
19:29:00.0237 3680  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\windows\system32\drivers\HidBatt.sys
19:29:00.0277 3680  HidBatt - ok
19:29:00.0327 3680  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\windows\system32\drivers\hidbth.sys
19:29:00.0367 3680  HidBth - ok
19:29:00.0427 3680  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\windows\system32\DRIVERS\hidir.sys
19:29:00.0447 3680  HidIr - ok
19:29:00.0527 3680  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\windows\system32\hidserv.dll
19:29:00.0607 3680  hidserv - ok
19:29:00.0717 3680  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
19:29:00.0757 3680  HidUsb - ok
19:29:00.0827 3680  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\windows\system32\kmsvc.dll
19:29:00.0887 3680  hkmsvc - ok
19:29:00.0997 3680  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
19:29:01.0057 3680  HomeGroupListener - ok
19:29:01.0167 3680  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
19:29:01.0217 3680  HomeGroupProvider - ok
19:29:01.0317 3680  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
19:29:01.0347 3680  HpSAMD - ok
19:29:01.0427 3680  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\windows\system32\drivers\HTTP.sys
19:29:01.0477 3680  HTTP - ok
19:29:01.0567 3680  [ 1642C62F1FD5E1FF44608283994A7BB8 ] huawei_enumerator C:\windows\system32\DRIVERS\ew_jubusenum.sys
19:29:01.0647 3680  huawei_enumerator - ok
19:29:01.0797 3680  [ 4B80AF36EE9F31361C1DCB2EE563719A ] hwdatacard      C:\windows\system32\DRIVERS\ewusbmdm.sys
19:29:01.0857 3680  hwdatacard - ok
19:29:01.0927 3680  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
19:29:01.0977 3680  hwpolicy - ok
19:29:02.0127 3680  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\windows\system32\DRIVERS\i8042prt.sys
19:29:02.0167 3680  i8042prt - ok
19:29:02.0337 3680  [ C224331A54571C8C9162F7714400BBBD ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
19:29:02.0377 3680  iaStor - ok
19:29:02.0447 3680  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
19:29:02.0477 3680  iaStorV - ok
19:29:02.0587 3680  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:29:02.0657 3680  idsvc - ok
19:29:02.0967 3680  [ 9AA61DC7AA32C1D1260C4267FF07E0C1 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
19:29:03.0367 3680  igfx - ok
19:29:03.0497 3680  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\windows\system32\drivers\iirsp.sys
19:29:03.0527 3680  iirsp - ok
19:29:03.0637 3680  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\windows\System32\ikeext.dll
19:29:03.0707 3680  IKEEXT - ok
19:29:03.0857 3680  [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\windows\system32\drivers\intelaud.sys
19:29:03.0897 3680  intaud_WaveExtensible - ok
19:29:04.0047 3680  [ F242E36CDA231701CFA702641C20FAEC ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
19:29:04.0187 3680  IntcAzAudAddService - ok
19:29:04.0297 3680  [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys
19:29:04.0367 3680  IntcDAud - ok
19:29:04.0497 3680  [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
19:29:04.0567 3680  Intel(R) Capability Licensing Service Interface - ok
19:29:04.0687 3680  [ 896AA2F1D79662B17D5DBBE588E24E30 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
19:29:04.0757 3680  Intel(R) ME Service - ok
19:29:04.0857 3680  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\windows\system32\drivers\intelide.sys
19:29:04.0897 3680  intelide - ok
19:29:04.0977 3680  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
19:29:05.0017 3680  intelppm - ok
19:29:05.0127 3680  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\windows\system32\ipbusenum.dll
19:29:05.0207 3680  IPBusEnum - ok
19:29:05.0287 3680  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
19:29:05.0347 3680  IpFilterDriver - ok
19:29:05.0437 3680  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
19:29:05.0517 3680  iphlpsvc - ok
19:29:05.0607 3680  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
19:29:05.0657 3680  IPMIDRV - ok
19:29:05.0717 3680  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
19:29:05.0787 3680  IPNAT - ok
19:29:05.0887 3680  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\windows\system32\drivers\irenum.sys
19:29:05.0917 3680  IRENUM - ok
19:29:05.0987 3680  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\windows\system32\drivers\isapnp.sys
19:29:06.0007 3680  isapnp - ok
19:29:06.0097 3680  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
19:29:06.0127 3680  iScsiPrt - ok
19:29:06.0207 3680  [ 6BCEF45131C8B8E1C558BE540B190B3C ] iusb3hcs        C:\windows\system32\DRIVERS\iusb3hcs.sys
19:29:06.0237 3680  iusb3hcs - ok
19:29:06.0327 3680  [ F080EADA8715F811B58BD35BB774F2F9 ] iusb3hub        C:\windows\system32\DRIVERS\iusb3hub.sys
19:29:06.0397 3680  iusb3hub - ok
19:29:06.0477 3680  [ 0F1756D9396740F053221FA6260FCE66 ] iusb3xhc        C:\windows\system32\DRIVERS\iusb3xhc.sys
19:29:06.0507 3680  iusb3xhc - ok
19:29:06.0607 3680  [ 716F66336F10885D935B08174DC54242 ] iwdbus          C:\windows\system32\DRIVERS\iwdbus.sys
19:29:06.0637 3680  iwdbus - ok
19:29:06.0727 3680  [ 3C6630473DD42FFC57D9F5564F533127 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
19:29:06.0797 3680  jhi_service - ok
19:29:06.0897 3680  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
19:29:06.0917 3680  kbdclass - ok
19:29:07.0007 3680  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\windows\system32\DRIVERS\kbdhid.sys
19:29:07.0057 3680  kbdhid - ok
19:29:07.0137 3680  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\windows\system32\lsass.exe
19:29:07.0167 3680  KeyIso - ok
19:29:07.0257 3680  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
19:29:07.0277 3680  KSecDD - ok
19:29:07.0357 3680  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
19:29:07.0387 3680  KSecPkg - ok
19:29:07.0477 3680  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
19:29:07.0537 3680  ksthunk - ok
19:29:07.0647 3680  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\windows\system32\msdtckrm.dll
19:29:07.0707 3680  KtmRm - ok
19:29:07.0817 3680  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\windows\system32\srvsvc.dll
19:29:07.0877 3680  LanmanServer - ok
19:29:07.0967 3680  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
19:29:08.0007 3680  LanmanWorkstation - ok
19:29:08.0147 3680  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
19:29:08.0197 3680  lltdio - ok
19:29:08.0307 3680  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\windows\System32\lltdsvc.dll
19:29:08.0387 3680  lltdsvc - ok
19:29:08.0527 3680  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\windows\System32\lmhsvc.dll
19:29:08.0597 3680  lmhosts - ok
19:29:08.0687 3680  [ 2B23FAA39D8F949ED5EEE03ECA50BCD5 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:29:08.0757 3680  LMS - ok
19:29:08.0867 3680  [ A5080FF109574E41ABF38BBD73EA2405 ] LPCFilter       C:\windows\system32\DRIVERS\LPCFilter.sys
19:29:08.0897 3680  LPCFilter - ok
19:29:08.0997 3680  [ 5DCD36FC4A6ECBF6E7F9B3BF7E0D0F55 ] LPDSVC          C:\windows\system32\lpdsvc.dll
19:29:09.0037 3680  LPDSVC - ok
19:29:09.0217 3680  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\windows\system32\drivers\lsi_fc.sys
19:29:09.0237 3680  LSI_FC - ok
19:29:09.0307 3680  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
19:29:09.0337 3680  LSI_SAS - ok
19:29:09.0407 3680  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
19:29:09.0427 3680  LSI_SAS2 - ok
19:29:09.0497 3680  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
19:29:09.0517 3680  LSI_SCSI - ok
19:29:09.0637 3680  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\windows\system32\drivers\luafv.sys
19:29:09.0687 3680  luafv - ok
19:29:09.0827 3680  [ 830708A5CC0A19196C1DC205BED5A3A8 ] massfilter      C:\windows\system32\drivers\massfilter.sys
19:29:09.0857 3680  massfilter - ok
19:29:10.0007 3680  [ 639DA8F468552785E15F0F2FD8DB44B3 ] McAfeeEngineService C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\engineserver.exe
19:29:10.0057 3680  McAfeeEngineService - ok
19:29:10.0197 3680  [ 1B963D79740B187795407CD03E2F7B4D ] McAfeeFramework C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
19:29:10.0267 3680  McAfeeFramework - ok
19:29:10.0387 3680  [ 4E09D8C4C861348A7F1C12A5AA9C4DE7 ] McShield        C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\mcshield.exe
19:29:10.0457 3680  McShield - ok
19:29:10.0577 3680  [ 3774AAD155F31D58D932861D0A4FD641 ] McTaskManager   C:\Program Files (x86)\McAfee\VirusScan Enterprise\vstskmgr.exe
19:29:10.0647 3680  McTaskManager - ok
19:29:10.0757 3680  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
19:29:10.0787 3680  Mcx2Svc - ok
19:29:10.0867 3680  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\windows\system32\drivers\megasas.sys
19:29:10.0887 3680  megasas - ok
19:29:11.0007 3680  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
19:29:11.0027 3680  MegaSR - ok
19:29:11.0157 3680  [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64          C:\windows\system32\DRIVERS\HECIx64.sys
19:29:11.0177 3680  MEIx64 - ok
19:29:11.0287 3680  [ E2D642A38A8DC4722F859092F731B6A3 ] mfeapfk         C:\windows\system32\drivers\mfeapfk.sys
19:29:11.0317 3680  mfeapfk - ok
19:29:11.0397 3680  [ AE23ED41216E160F54E5EF1A5EE325F7 ] mfeavfk         C:\windows\system32\drivers\mfeavfk.sys
19:29:11.0417 3680  mfeavfk - ok
19:29:11.0647 3680  [ BC76BC7129B2206098AC220B656F15B7 ] mfehidk         C:\windows\system32\drivers\mfehidk.sys
19:29:11.0657 3680  mfehidk - ok
19:29:11.0737 3680  [ C7C15D125AA697BE97087D197C9FAD08 ] mferkdet        C:\windows\system32\drivers\mferkdet.sys
19:29:11.0767 3680  mferkdet - ok
19:29:11.0877 3680  [ 41CA4C4292004486D004D357B9C19718 ] mfetdik         C:\windows\system32\drivers\mfetdik.sys
19:29:11.0907 3680  mfetdik - ok
19:29:11.0987 3680  [ C39855495E82EC6B02E6190C34A1B752 ] mfevtp          C:\windows\system32\mfevtps.exe
19:29:12.0007 3680  mfevtp - ok
19:29:12.0127 3680  Microsoft SharePoint Workspace Audit Service - ok
19:29:12.0267 3680  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\windows\system32\mmcss.dll
19:29:12.0347 3680  MMCSS - ok
19:29:12.0427 3680  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\windows\system32\drivers\modem.sys
19:29:12.0487 3680  Modem - ok
19:29:12.0627 3680  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\windows\system32\DRIVERS\monitor.sys
19:29:12.0687 3680  monitor - ok
19:29:12.0787 3680  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
19:29:12.0817 3680  mouclass - ok
19:29:12.0907 3680  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
19:29:12.0947 3680  mouhid - ok
19:29:13.0077 3680  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
19:29:13.0117 3680  mountmgr - ok
19:29:13.0217 3680  [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:29:13.0237 3680  MozillaMaintenance - ok
19:29:13.0357 3680  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\windows\system32\drivers\mpio.sys
19:29:13.0387 3680  mpio - ok
19:29:13.0477 3680  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
19:29:13.0537 3680  mpsdrv - ok
19:29:13.0667 3680  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\windows\system32\mpssvc.dll
19:29:13.0747 3680  MpsSvc - ok
19:29:13.0887 3680  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
19:29:13.0957 3680  MRxDAV - ok
19:29:14.0087 3680  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
19:29:14.0167 3680  mrxsmb - ok
19:29:14.0277 3680  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
19:29:14.0317 3680  mrxsmb10 - ok
19:29:14.0397 3680  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
19:29:14.0437 3680  mrxsmb20 - ok
19:29:14.0557 3680  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\windows\system32\DRIVERS\msahci.sys
19:29:14.0577 3680  msahci - ok
19:29:14.0677 3680  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\windows\system32\drivers\msdsm.sys
19:29:14.0707 3680  msdsm - ok
19:29:14.0827 3680  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\windows\System32\msdtc.exe
19:29:14.0857 3680  MSDTC - ok
19:29:15.0087 3680  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\windows\system32\drivers\Msfs.sys
19:29:15.0137 3680  Msfs - ok
19:29:15.0247 3680  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
19:29:15.0317 3680  mshidkmdf - ok
19:29:15.0447 3680  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
19:29:15.0467 3680  msisadrv - ok
19:29:15.0587 3680  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
19:29:15.0647 3680  MSiSCSI - ok
19:29:15.0747 3680  msiserver - ok
19:29:15.0847 3680  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
19:29:15.0907 3680  MSKSSRV - ok
19:29:15.0997 3680  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
19:29:16.0037 3680  MSPCLOCK - ok
19:29:16.0147 3680  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
19:29:16.0207 3680  MSPQM - ok
19:29:16.0317 3680  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
19:29:16.0357 3680  MsRPC - ok
19:29:16.0547 3680  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\windows\system32\DRIVERS\mssmbios.sys
19:29:16.0577 3680  mssmbios - ok
19:29:16.0677 3680  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
19:29:16.0747 3680  MSTEE - ok
19:29:16.0857 3680  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\windows\system32\drivers\MTConfig.sys
19:29:16.0917 3680  MTConfig - ok
19:29:17.0037 3680  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\windows\system32\Drivers\mup.sys
19:29:17.0067 3680  Mup - ok
19:29:17.0187 3680  [ E3B58E3011B207C5289D11173B30E298 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
19:29:17.0257 3680  MyWiFiDHCPDNS - ok
19:29:17.0377 3680  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\windows\system32\qagentRT.dll
19:29:17.0437 3680  napagent - ok
19:29:17.0577 3680  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
19:29:17.0647 3680  NativeWifiP - ok
19:29:17.0807 3680  [ DFE14D63F0F649EE94A9E3442B7C8F2C ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
19:29:17.0887 3680  NAUpdate - ok
19:29:18.0027 3680  [ DACA803A8D732FE5EEAA024EC342F81D ] NBVol           C:\windows\system32\DRIVERS\NBVol.sys
19:29:18.0047 3680  NBVol - ok
19:29:18.0157 3680  [ 6208F622E9E35860DFB0753DFF56F0C0 ] NBVolUp         C:\windows\system32\DRIVERS\NBVolUp.sys
19:29:18.0177 3680  NBVolUp - ok
19:29:18.0297 3680  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\windows\system32\drivers\ndis.sys
19:29:18.0327 3680  NDIS - ok
19:29:18.0427 3680  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
19:29:18.0487 3680  NdisCap - ok
19:29:18.0667 3680  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
19:29:18.0707 3680  NdisTapi - ok
19:29:18.0787 3680  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
19:29:18.0827 3680  Ndisuio - ok
19:29:18.0927 3680  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
19:29:18.0977 3680  NdisWan - ok
19:29:19.0087 3680  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
19:29:19.0137 3680  NDProxy - ok
19:29:19.0257 3680  [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
19:29:19.0277 3680  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
19:29:19.0277 3680  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
19:29:19.0437 3680  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
19:29:19.0477 3680  NetBIOS - ok
19:29:19.0607 3680  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
19:29:19.0637 3680  NetBT - ok
19:29:19.0737 3680  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\windows\system32\lsass.exe
19:29:19.0757 3680  Netlogon - ok
19:29:19.0877 3680  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\windows\System32\netman.dll
19:29:19.0957 3680  Netman - ok
19:29:20.0097 3680  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\windows\System32\netprofm.dll
19:29:20.0157 3680  netprofm - ok
19:29:20.0257 3680  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:29:20.0287 3680  NetTcpPortSharing - ok
19:29:20.0607 3680  [ 47DC062656EA661FE9175DBACAD00E9D ] NETwNs64        C:\windows\system32\DRIVERS\NETwNs64.sys
19:29:20.0867 3680  NETwNs64 - ok
19:29:20.0997 3680  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
19:29:21.0027 3680  nfrd960 - ok
19:29:21.0147 3680  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\windows\System32\nlasvc.dll
19:29:21.0187 3680  NlaSvc - ok
19:29:21.0317 3680  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\windows\system32\drivers\Npfs.sys
19:29:21.0367 3680  Npfs - ok
19:29:21.0477 3680  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\windows\system32\nsisvc.dll
19:29:21.0537 3680  nsi - ok
19:29:21.0647 3680  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
19:29:21.0697 3680  nsiproxy - ok
19:29:21.0967 3680  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
19:29:22.0017 3680  Ntfs - ok
19:29:22.0157 3680  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\windows\system32\drivers\Null.sys
19:29:22.0217 3680  Null - ok
19:29:22.0547 3680  [ 12E18E5F438AAD55DAF77E127C0EA25B ] nvlddmkm        C:\windows\system32\DRIVERS\nvlddmkm.sys
19:29:22.0877 3680  nvlddmkm - ok
19:29:22.0997 3680  [ 186290C63FEB79C199A620E36705F9EE ] nvpciflt        C:\windows\system32\DRIVERS\nvpciflt.sys
19:29:23.0027 3680  nvpciflt - ok
19:29:23.0147 3680  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\windows\system32\drivers\nvraid.sys
19:29:23.0167 3680  nvraid - ok
19:29:23.0257 3680  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\windows\system32\drivers\nvstor.sys
19:29:23.0277 3680  nvstor - ok
19:29:23.0407 3680  [ 33A2052D60D4EA6599CEE1D6853D0A42 ] nvsvc           C:\windows\system32\nvvsvc.exe
19:29:23.0437 3680  nvsvc - ok
19:29:23.0627 3680  [ FD6F5B42DB429FD1AE1A4483DB4DD2E0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:29:23.0677 3680  nvUpdatusService - ok
19:29:23.0787 3680  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
19:29:23.0807 3680  nv_agp - ok
19:29:23.0917 3680  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
19:29:23.0947 3680  ohci1394 - ok
19:29:24.0087 3680  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:29:24.0157 3680  ose - ok
19:29:24.0397 3680  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:29:24.0557 3680  osppsvc - ok
19:29:24.0817 3680  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
19:29:24.0857 3680  p2pimsvc - ok
19:29:24.0967 3680  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\windows\system32\p2psvc.dll
19:29:25.0007 3680  p2psvc - ok
19:29:25.0137 3680  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\windows\system32\drivers\parport.sys
19:29:25.0177 3680  Parport - ok
19:29:25.0307 3680  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\windows\system32\drivers\partmgr.sys
19:29:25.0337 3680  partmgr - ok
19:29:25.0487 3680  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\windows\System32\pcasvc.dll
19:29:25.0537 3680  PcaSvc - ok
19:29:25.0657 3680  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\windows\system32\drivers\pci.sys
19:29:25.0687 3680  pci - ok
19:29:25.0807 3680  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\windows\system32\DRIVERS\pciide.sys
19:29:25.0837 3680  pciide - ok
19:29:25.0947 3680  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
19:29:25.0977 3680  pcmcia - ok
19:29:26.0077 3680  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\windows\system32\drivers\pcw.sys
19:29:26.0107 3680  pcw - ok
19:29:26.0227 3680  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\windows\system32\drivers\peauth.sys
19:29:26.0297 3680  PEAUTH - ok
19:29:26.0577 3680  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\windows\SysWow64\perfhost.exe
19:29:26.0627 3680  PerfHost - ok
19:29:27.0057 3680  [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect        C:\windows\system32\DRIVERS\pgeffect.sys
19:29:27.0087 3680  PGEffect - ok
19:29:27.0237 3680  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\windows\system32\pla.dll
19:29:27.0287 3680  pla - ok
19:29:27.0417 3680  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
19:29:27.0477 3680  PlugPlay - ok
19:29:27.0627 3680  [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
19:29:27.0647 3680  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
19:29:27.0647 3680  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
19:29:27.0787 3680  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
19:29:27.0837 3680  PNRPAutoReg - ok
19:29:27.0987 3680  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
19:29:28.0027 3680  PNRPsvc - ok
19:29:28.0157 3680  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
19:29:28.0217 3680  PolicyAgent - ok
19:29:28.0477 3680  [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power           C:\windows\system32\umpo.dll
19:29:28.0537 3680  Power - ok
19:29:28.0657 3680  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
19:29:28.0727 3680  PptpMiniport - ok
19:29:28.0867 3680  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\windows\system32\drivers\processr.sys
19:29:28.0907 3680  Processor - ok
19:29:29.0037 3680  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\windows\system32\profsvc.dll
19:29:29.0097 3680  ProfSvc - ok
19:29:29.0237 3680  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
19:29:29.0257 3680  ProtectedStorage - ok
19:29:29.0367 3680  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\windows\system32\DRIVERS\pacer.sys
19:29:29.0427 3680  Psched - ok
19:29:29.0567 3680  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\windows\system32\drivers\ql2300.sys
19:29:29.0607 3680  ql2300 - ok
19:29:29.0727 3680  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\windows\system32\drivers\ql40xx.sys
19:29:29.0757 3680  ql40xx - ok
19:29:29.0917 3680  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\windows\system32\qwave.dll
19:29:29.0937 3680  QWAVE - ok
19:29:30.0057 3680  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
19:29:30.0097 3680  QWAVEdrv - ok
19:29:30.0237 3680  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
19:29:30.0287 3680  RasAcd - ok
19:29:30.0407 3680  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
19:29:30.0467 3680  RasAgileVpn - ok
19:29:30.0607 3680  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\windows\System32\rasauto.dll
19:29:30.0677 3680  RasAuto - ok
19:29:30.0807 3680  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
19:29:30.0887 3680  Rasl2tp - ok
19:29:31.0047 3680  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\windows\System32\rasmans.dll
19:29:31.0107 3680  RasMan - ok
19:29:31.0257 3680  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
19:29:31.0307 3680  RasPppoe - ok
19:29:31.0417 3680  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
19:29:31.0457 3680  RasSstp - ok
19:29:31.0597 3680  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
19:29:31.0667 3680  rdbss - ok
19:29:31.0797 3680  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\windows\system32\drivers\rdpbus.sys
19:29:31.0837 3680  rdpbus - ok
19:29:31.0967 3680  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
19:29:32.0027 3680  RDPCDD - ok
19:29:32.0257 3680  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
19:29:32.0327 3680  RDPENCDD - ok
19:29:32.0547 3680  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
19:29:32.0617 3680  RDPREFMP - ok
19:29:32.0757 3680  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
19:29:32.0817 3680  RDPWD - ok
19:29:32.0977 3680  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
19:29:33.0047 3680  rdyboost - ok
19:29:33.0227 3680  [ F3AF2B43F35DBB3A0EB9FEEEC7D62217 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
19:29:33.0297 3680  RegSrvc - ok
19:29:33.0477 3680  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\windows\System32\mprdim.dll
19:29:33.0537 3680  RemoteAccess - ok
19:29:33.0707 3680  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\windows\system32\regsvc.dll
19:29:33.0787 3680  RemoteRegistry - ok
19:29:33.0947 3680  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
19:29:34.0007 3680  RpcEptMapper - ok
19:29:34.0157 3680  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\windows\system32\locator.exe
19:29:34.0177 3680  RpcLocator - ok
19:29:34.0357 3680  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\windows\system32\rpcss.dll
19:29:34.0417 3680  RpcSs - ok
19:29:34.0557 3680  [ F1E5986C527151D694D892A0B2F25C6D ] RSP2STOR        C:\windows\system32\DRIVERS\RtsP2Stor.sys
19:29:34.0587 3680  RSP2STOR - ok
19:29:34.0737 3680  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
19:29:34.0817 3680  rspndr - ok
19:29:34.0977 3680  [ 8181B5E7BFC040E0B26349C73E719335 ] RTL8167         C:\windows\system32\DRIVERS\Rt64win7.sys
19:29:35.0017 3680  RTL8167 - ok
19:29:35.0147 3680  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\windows\system32\lsass.exe
19:29:35.0177 3680  SamSs - ok
19:29:35.0317 3680  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
19:29:35.0347 3680  sbp2port - ok
19:29:35.0507 3680  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\windows\System32\SCardSvr.dll
19:29:35.0587 3680  SCardSvr - ok
19:29:35.0747 3680  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
19:29:35.0807 3680  scfilter - ok
19:29:35.0977 3680  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\windows\system32\schedsvc.dll
19:29:36.0047 3680  Schedule - ok
19:29:36.0207 3680  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\windows\System32\certprop.dll
19:29:36.0287 3680  SCPolicySvc - ok
19:29:36.0427 3680  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\windows\System32\SDRSVC.dll
19:29:36.0497 3680  SDRSVC - ok
19:29:36.0657 3680  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\windows\system32\drivers\secdrv.sys
19:29:36.0707 3680  secdrv - ok
19:29:36.0857 3680  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\windows\system32\seclogon.dll
19:29:36.0907 3680  seclogon - ok
19:29:37.0057 3680  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\windows\System32\sens.dll
19:29:37.0107 3680  SENS - ok
19:29:37.0247 3680  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\windows\system32\sensrsvc.dll
19:29:37.0277 3680  SensrSvc - ok
19:29:37.0427 3680  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\windows\system32\drivers\serenum.sys
19:29:37.0477 3680  Serenum - ok
19:29:37.0627 3680  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\windows\system32\drivers\serial.sys
19:29:37.0657 3680  Serial - ok
19:29:37.0797 3680  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\windows\system32\drivers\sermouse.sys
19:29:37.0837 3680  sermouse - ok
19:29:38.0357 3680  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\windows\system32\sessenv.dll
19:29:38.0437 3680  SessionEnv - ok
19:29:38.0607 3680  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
19:29:38.0647 3680  sffdisk - ok
19:29:38.0767 3680  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
19:29:38.0817 3680  sffp_mmc - ok
19:29:38.0977 3680  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
19:29:39.0007 3680  sffp_sd - ok
19:29:39.0147 3680  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\windows\system32\drivers\sfloppy.sys
19:29:39.0177 3680  sfloppy - ok
19:29:39.0337 3680  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\windows\System32\ipnathlp.dll
19:29:39.0387 3680  SharedAccess - ok
19:29:39.0587 3680  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
19:29:39.0647 3680  ShellHWDetection - ok
19:29:39.0887 3680  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
19:29:39.0907 3680  SiSRaid2 - ok
19:29:40.0007 3680  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
19:29:40.0037 3680  SiSRaid4 - ok
19:29:40.0167 3680  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
19:29:44.0417 3680  SkypeUpdate - ok
19:29:44.0617 3680  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\windows\system32\DRIVERS\smb.sys
19:29:44.0677 3680  Smb - ok
19:29:44.0837 3680  [ 20C99358D42DB9585A21BF3BC27FC9BC ] SmbDrv          C:\windows\system32\DRIVERS\Smb_driver.sys
19:29:44.0857 3680  SmbDrv - ok
19:29:45.0387 3680  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\windows\System32\snmptrap.exe
19:29:45.0427 3680  SNMPTRAP - ok
19:29:45.0577 3680  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\windows\system32\drivers\spldr.sys
19:29:45.0597 3680  spldr - ok
19:29:45.0777 3680  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\windows\System32\spoolsv.exe
19:29:45.0837 3680  Spooler - ok
19:29:46.0077 3680  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\windows\system32\sppsvc.exe
19:29:46.0147 3680  sppsvc - ok
19:29:46.0317 3680  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\windows\system32\sppuinotify.dll
19:29:46.0377 3680  sppuinotify - ok
19:29:46.0527 3680  [ 602884696850C86434530790B110E8EB ] sptd            C:\windows\system32\Drivers\sptd.sys
19:29:46.0527 3680  Suspicious file (NoAccess): C:\windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB
19:29:46.0697 3680  sptd ( LockedFile.Multi.Generic ) - warning
19:29:46.0697 3680  sptd - detected LockedFile.Multi.Generic (1)
19:29:46.0837 3680  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\windows\system32\DRIVERS\srv.sys
19:29:46.0877 3680  srv - ok
19:29:47.0047 3680  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
19:29:47.0077 3680  srv2 - ok
19:29:47.0227 3680  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
19:29:47.0277 3680  srvnet - ok
19:29:47.0437 3680  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
19:29:47.0507 3680  SSDPSRV - ok
19:29:47.0677 3680  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\windows\system32\sstpsvc.dll
19:29:47.0727 3680  SstpSvc - ok
19:29:47.0867 3680  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\windows\system32\drivers\stexstor.sys
19:29:47.0897 3680  stexstor - ok
19:29:48.0057 3680  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\windows\System32\wiaservc.dll
19:29:48.0087 3680  stisvc - ok
19:29:48.0217 3680  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\windows\system32\DRIVERS\swenum.sys
19:29:48.0227 3680  swenum - ok
19:29:48.0427 3680  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
19:29:48.0457 3680  SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
19:29:48.0457 3680  SwitchBoard - detected UnsignedFile.Multi.Generic (1)
19:29:48.0667 3680  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\windows\System32\swprv.dll
19:29:48.0727 3680  swprv - ok
19:29:48.0937 3680  [ 7C7E05EEA6407130B3896A7A01390B6F ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys
19:29:48.0967 3680  SynTP - ok
19:29:49.0147 3680  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\windows\system32\sysmain.dll
19:29:49.0227 3680  SysMain - ok
19:29:49.0397 3680  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
19:29:49.0437 3680  TabletInputService - ok
19:29:49.0587 3680  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\windows\System32\tapisrv.dll
19:29:49.0657 3680  TapiSrv - ok
19:29:49.0817 3680  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\windows\System32\tbssvc.dll
19:29:49.0877 3680  TBS - ok
19:29:50.0067 3680  [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
19:29:50.0127 3680  Tcpip - ok
19:29:50.0307 3680  [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
19:29:50.0357 3680  TCPIP6 - ok
19:29:50.0647 3680  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
19:29:50.0707 3680  tcpipreg - ok
19:29:50.0977 3680  [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst        C:\windows\system32\DRIVERS\tdcmdpst.sys
19:29:50.0997 3680  tdcmdpst - ok
19:29:51.0167 3680  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
19:29:51.0197 3680  TDPIPE - ok
19:29:51.0367 3680  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
19:29:51.0397 3680  TDTCP - ok
19:29:51.0557 3680  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
19:29:51.0627 3680  tdx - ok
19:29:51.0807 3680  [ 1B709733A04DCC41A63F9CD1F76A4EBE ] TemproMonitoringService C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
19:29:51.0877 3680  TemproMonitoringService - ok
19:29:52.0037 3680  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\windows\system32\DRIVERS\termdd.sys
19:29:52.0057 3680  TermDD - ok
19:29:52.0247 3680  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\windows\System32\termsrv.dll
19:29:52.0297 3680  TermService - ok
19:29:52.0477 3680  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\windows\system32\themeservice.dll
19:29:52.0537 3680  Themes - ok
19:29:52.0707 3680  [ 7F35CA8296A52C7161088EB1D952E8ED ] Thpdrv          C:\windows\system32\DRIVERS\thpdrv.sys
19:29:52.0747 3680  Thpdrv - ok
19:29:52.0887 3680  [ B4E609047434ED948AF7BDEF2FA66E38 ] Thpevm          C:\windows\system32\DRIVERS\Thpevm.SYS
19:29:52.0917 3680  Thpevm - ok
19:29:53.0077 3680  [ 0B4734AE9EC70B843DF02E7B1C056377 ] Thpsrv          C:\windows\system32\ThpSrv.exe
19:29:53.0107 3680  Thpsrv ( UnsignedFile.Multi.Generic ) - warning
19:29:53.0107 3680  Thpsrv - detected UnsignedFile.Multi.Generic (1)
19:29:53.0287 3680  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\windows\system32\mmcss.dll
19:29:53.0327 3680  THREADORDER - ok
19:29:53.0557 3680  [ 71C321649B28638EE80A2EEB164C1DC8 ] TMachInfo       C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
19:29:53.0617 3680  TMachInfo - ok
19:29:53.0787 3680  [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv         C:\windows\system32\TODDSrv.exe
19:29:53.0807 3680  TODDSrv - ok
19:29:54.0007 3680  [ A7EFE68D424A55FA84CCB6099D1D93C0 ] TosCoSrv        C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
19:29:54.0067 3680  TosCoSrv ( UnsignedFile.Multi.Generic ) - warning
19:29:54.0067 3680  TosCoSrv - detected UnsignedFile.Multi.Generic (1)
19:29:54.0377 3680  [ A22DEB5EC05FEBFDCA1D3FF70FA1FF46 ] TOSHIBA Bluetooth Service C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
19:29:54.0447 3680  TOSHIBA Bluetooth Service - ok
19:29:54.0647 3680  [ 97B57ED45C001E2AB3ABA68F7BA8555A ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
19:29:54.0717 3680  TOSHIBA eco Utility Service - ok
19:29:54.0907 3680  [ 9338C2DEB14CA2804BCB3276CB7EB4FD ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
19:29:54.0977 3680  TOSHIBA HDD SSD Alert Service - ok
19:29:55.0167 3680  [ 8021F63311797085949FA387F7C83583 ] tosporte        C:\windows\system32\DRIVERS\tosporte.sys
19:29:55.0187 3680  tosporte - ok
19:29:55.0357 3680  [ B9FA0498F6CC596FFA5CF47A04CD1785 ] tosrfbd         C:\windows\system32\DRIVERS\tosrfbd.sys
19:29:55.0387 3680  tosrfbd - ok
19:29:55.0537 3680  [ 90F0B1745ABF13F44C2A6ED79F7CE9FB ] tosrfbnp        C:\windows\system32\Drivers\tosrfbnp.sys
19:29:55.0567 3680  tosrfbnp - ok
19:29:55.0737 3680  [ 9E4E65EA51E34647340BD6007467AC54 ] Tosrfcom        C:\windows\system32\Drivers\tosrfcom.sys
19:29:55.0767 3680  Tosrfcom - ok
19:29:55.0937 3680  [ F5E3AC4CBCD154EE80849B21887FD0B0 ] tosrfec         C:\windows\system32\DRIVERS\tosrfec.sys
19:29:55.0957 3680  tosrfec - ok
19:29:56.0117 3680  [ 7D2467D3EB9BAA4B69AE4A28C83DE57A ] Tosrfhid        C:\windows\system32\DRIVERS\Tosrfhid.sys
19:29:56.0137 3680  Tosrfhid - ok
19:29:56.0457 3680  [ B6FDC3C76FFE9C5171EEA9C37EA367C2 ] tosrfnds        C:\windows\system32\DRIVERS\tosrfnds.sys
19:29:56.0487 3680  tosrfnds - ok
19:29:56.0637 3680  [ 7052B10E54B48AF12BD5606596A8E039 ] TosRfSnd        C:\windows\system32\drivers\tosrfsnd.sys
19:29:56.0677 3680  TosRfSnd - ok
19:29:56.0847 3680  [ AF8A0D2E2A41043A77CA77CCBDB8D9C2 ] Tosrfusb        C:\windows\system32\DRIVERS\tosrfusb.sys
19:29:56.0877 3680  Tosrfusb - ok
19:29:57.0047 3680  [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64       C:\windows\system32\DRIVERS\tos_sps64.sys
19:29:57.0077 3680  tos_sps64 - ok
19:29:57.0297 3680  [ 36CDD894395BEC46EFB14F49D77D3D82 ] TPCHSrv         C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
19:29:57.0367 3680  TPCHSrv - ok
19:29:57.0557 3680  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\windows\System32\trkwks.dll
19:29:57.0607 3680  TrkWks - ok
19:29:57.0787 3680  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
19:29:57.0847 3680  TrustedInstaller - ok
19:29:58.0167 3680  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
19:29:58.0217 3680  tssecsrv - ok
19:29:58.0387 3680  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
19:29:58.0417 3680  TsUsbFlt - ok
19:29:58.0587 3680  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\windows\system32\drivers\TsUsbGD.sys
19:29:58.0627 3680  TsUsbGD - ok
19:29:58.0877 3680  [ 811A229718C85356BC81EB20F35EB7F6 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
19:29:58.0947 3680  TuneUp.UtilitiesSvc - ok
19:29:59.0127 3680  [ DCC94C51D27C7EC0DADECA8F64C94FCF ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
19:29:59.0197 3680  TuneUpUtilitiesDrv - ok
19:29:59.0357 3680  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
19:29:59.0447 3680  tunnel - ok
19:29:59.0617 3680  [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ           C:\windows\system32\DRIVERS\TVALZ_O.SYS
19:29:59.0637 3680  TVALZ - ok
19:29:59.0817 3680  [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL         C:\windows\system32\DRIVERS\TVALZFL.sys
19:29:59.0857 3680  TVALZFL - ok
19:30:00.0027 3680  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\windows\system32\drivers\uagp35.sys
19:30:00.0047 3680  uagp35 - ok
19:30:00.0227 3680  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
19:30:00.0307 3680  udfs - ok
19:30:00.0767 3680  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\windows\system32\UI0Detect.exe
19:30:00.0807 3680  UI0Detect - ok
19:30:00.0967 3680  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
19:30:00.0997 3680  uliagpkx - ok
19:30:01.0167 3680  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\windows\system32\DRIVERS\umbus.sys
19:30:01.0207 3680  umbus - ok
19:30:01.0377 3680  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\windows\system32\DRIVERS\umpass.sys
19:30:01.0427 3680  UmPass - ok
19:30:01.0687 3680  [ 3C5405EF78576E8E4D791EB18F6856A8 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:30:01.0767 3680  UNS - ok
19:30:01.0987 3680  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\windows\System32\upnphost.dll
19:30:02.0057 3680  upnphost - ok
19:30:02.0247 3680  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
19:30:02.0297 3680  usbccgp - ok
19:30:02.0467 3680  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\windows\system32\drivers\usbcir.sys
19:30:02.0507 3680  usbcir - ok
19:30:02.0687 3680  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\windows\system32\DRIVERS\usbehci.sys
19:30:02.0727 3680  usbehci - ok
19:30:02.0917 3680  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
19:30:02.0987 3680  usbhub - ok
19:30:03.0157 3680  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\windows\system32\drivers\usbohci.sys
19:30:03.0197 3680  usbohci - ok
19:30:03.0417 3680  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
19:30:03.0477 3680  usbprint - ok
19:30:03.0657 3680  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
19:30:03.0717 3680  USBSTOR - ok
19:30:03.0867 3680  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
19:30:03.0907 3680  usbuhci - ok
19:30:04.0087 3680  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\windows\system32\Drivers\usbvideo.sys
19:30:04.0137 3680  usbvideo - ok
19:30:04.0317 3680  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\windows\System32\uxsms.dll
19:30:04.0367 3680  UxSms - ok
19:30:04.0577 3680  [ 5BF180F7F7C2F68ED6D5777840270BCE ] UxTuneUp        C:\windows\System32\uxtuneup.dll
19:30:04.0597 3680  UxTuneUp - ok
19:30:04.0777 3680  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\windows\system32\lsass.exe
19:30:04.0807 3680  VaultSvc - ok
19:30:04.0987 3680  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
19:30:05.0017 3680  vdrvroot - ok
19:30:05.0217 3680  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\windows\System32\vds.exe
19:30:05.0267 3680  vds - ok
19:30:05.0437 3680  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
19:30:05.0467 3680  vga - ok
19:30:05.0647 3680  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\windows\System32\drivers\vga.sys
19:30:05.0697 3680  VgaSave - ok
19:30:05.0847 3680  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
19:30:05.0877 3680  vhdmp - ok
19:30:06.0047 3680  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\windows\system32\drivers\viaide.sys
19:30:06.0077 3680  viaide - ok
19:30:06.0247 3680  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\windows\system32\drivers\volmgr.sys
19:30:06.0277 3680  volmgr - ok
19:30:06.0427 3680  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
19:30:06.0467 3680  volmgrx - ok
19:30:06.0647 3680  [ DF8126BD41180351A093A3AD2FC8903B ] volsnap         C:\windows\system32\drivers\volsnap.sys
19:30:06.0687 3680  volsnap - ok
19:30:06.0857 3680  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
19:30:06.0877 3680  vsmraid - ok
19:30:07.0087 3680  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\windows\system32\vssvc.exe
19:30:07.0147 3680  VSS - ok
19:30:07.0347 3680  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
19:30:07.0397 3680  vwifibus - ok
19:30:07.0577 3680  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
19:30:07.0637 3680  vwififlt - ok
19:30:07.0817 3680  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
19:30:07.0867 3680  vwifimp - ok
19:30:08.0037 3680  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\windows\system32\w32time.dll
19:30:08.0107 3680  W32Time - ok
19:30:08.0417 3680  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\windows\system32\drivers\wacompen.sys
19:30:08.0467 3680  WacomPen - ok
19:30:08.0637 3680  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
19:30:08.0687 3680  WANARP - ok
19:30:08.0867 3680  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
19:30:08.0907 3680  Wanarpv6 - ok
19:30:09.0127 3680  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe
19:30:09.0197 3680  WatAdminSvc - ok
19:30:09.0407 3680  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\windows\system32\wbengine.exe
19:30:09.0457 3680  wbengine - ok
19:30:09.0657 3680  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
19:30:09.0697 3680  WbioSrvc - ok
19:30:09.0867 3680  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\windows\System32\wcncsvc.dll
19:30:09.0917 3680  wcncsvc - ok
19:30:10.0127 3680  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
19:30:10.0177 3680  WcsPlugInService - ok
19:30:10.0467 3680  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\windows\system32\drivers\wd.sys
19:30:10.0497 3680  Wd - ok
19:30:10.0697 3680  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
19:30:10.0727 3680  Wdf01000 - ok
19:30:10.0927 3680  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\windows\system32\wdi.dll
19:30:10.0987 3680  WdiServiceHost - ok
19:30:11.0157 3680  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\windows\system32\wdi.dll
19:30:11.0197 3680  WdiSystemHost - ok
19:30:11.0387 3680  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\windows\System32\webclnt.dll
19:30:11.0447 3680  WebClient - ok
19:30:11.0637 3680  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\windows\system32\wecsvc.dll
19:30:11.0707 3680  Wecsvc - ok
19:30:11.0897 3680  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\windows\System32\wercplsupport.dll
19:30:11.0957 3680  wercplsupport - ok
19:30:12.0137 3680  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\windows\System32\WerSvc.dll
19:30:12.0217 3680  WerSvc - ok
19:30:12.0397 3680  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
19:30:12.0447 3680  WfpLwf - ok
19:30:12.0617 3680  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\windows\system32\drivers\wimmount.sys
19:30:12.0647 3680  WIMMount - ok
19:30:12.0827 3680  WinDefend - ok
19:30:13.0167 3680  WinHttpAutoProxySvc - ok
19:30:13.0387 3680  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
19:30:13.0447 3680  Winmgmt - ok
19:30:13.0667 3680  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\windows\system32\WsmSvc.dll
19:30:13.0747 3680  WinRM - ok
19:30:14.0277 3680  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\windows\System32\wlansvc.dll
19:30:14.0347 3680  Wlansvc - ok
19:30:14.0557 3680  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:30:14.0617 3680  wlcrasvc - ok
19:30:14.0887 3680  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:30:14.0987 3680  wlidsvc - ok
19:30:15.0177 3680  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\windows\system32\DRIVERS\wmiacpi.sys
19:30:15.0207 3680  WmiAcpi - ok
19:30:15.0577 3680  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
19:30:15.0607 3680  wmiApSrv - ok
19:30:15.0807 3680  WMPNetworkSvc - ok
19:30:16.0007 3680  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\windows\System32\wpcsvc.dll
19:30:16.0057 3680  WPCSvc - ok
19:30:16.0247 3680  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
19:30:16.0297 3680  WPDBusEnum - ok
19:30:16.0497 3680  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
19:30:16.0557 3680  ws2ifsl - ok
19:30:16.0767 3680  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\windows\System32\wscsvc.dll
19:30:16.0807 3680  wscsvc - ok
19:30:16.0967 3680  WSearch - ok
19:30:17.0347 3680  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\windows\system32\wuaueng.dll
19:30:17.0387 3680  wuauserv - ok
19:30:17.0597 3680  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
19:30:17.0647 3680  WudfPf - ok
19:30:17.0837 3680  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
19:30:17.0887 3680  WUDFRd - ok
19:30:18.0087 3680  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
19:30:18.0147 3680  wudfsvc - ok
19:30:18.0387 3680  [ F0B1D8725FAB9F4A559CCC91A960FCE0 ] WwanSvc         C:\windows\System32\wwansvc.dll
19:30:18.0457 3680  WwanSvc - ok
19:30:18.0857 3680  [ 74713CB32792F9C7632DAA7DA22CA974 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
19:30:18.0937 3680  ZeroConfigService - ok
19:30:19.0157 3680  [ D6959A4FC3B56AFD9E31B0E71377C05F ] ZTEusbmdm6k     C:\windows\system32\DRIVERS\ZTEusbmdm6k.sys
19:30:19.0207 3680  ZTEusbmdm6k - ok
19:30:19.0387 3680  [ D6959A4FC3B56AFD9E31B0E71377C05F ] ZTEusbnmea      C:\windows\system32\DRIVERS\ZTEusbnmea.sys
19:30:19.0417 3680  ZTEusbnmea - ok
19:30:19.0627 3680  [ D6959A4FC3B56AFD9E31B0E71377C05F ] ZTEusbser6k     C:\windows\system32\DRIVERS\ZTEusbser6k.sys
19:30:19.0657 3680  ZTEusbser6k - ok
19:30:20.0717 3680  ================ Scan global ===============================
19:30:20.0787 3680  [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
19:30:20.0817 3680  [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\windows\system32\winsrv.dll
19:30:20.0827 3680  [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\windows\system32\winsrv.dll
19:30:20.0857 3680  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
19:30:20.0897 3680  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
19:30:20.0897 3680  [Global] - ok
19:30:20.0897 3680  ================ Scan MBR ==================================
19:30:20.0917 3680  [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
19:30:21.0407 3680  \Device\Harddisk0\DR0 - ok
19:30:21.0407 3680  ================ Scan VBR ==================================
19:30:21.0437 3680  [ C01AD317991FEC484FBB0D0F1FAE77F1 ] \Device\Harddisk0\DR0\Partition1
19:30:21.0437 3680  \Device\Harddisk0\DR0\Partition1 - ok
19:30:21.0457 3680  [ C927F7D234A847AC08B971984621177C ] \Device\Harddisk0\DR0\Partition2
19:30:21.0457 3680  \Device\Harddisk0\DR0\Partition2 - ok
19:30:21.0457 3680  ============================================================
19:30:21.0457 3680  Scan finished
19:30:21.0457 3680  ============================================================
19:30:21.0477 1984  Detected object count: 6
19:30:21.0477 1984  Actual detected object count: 6
19:30:42.0997 1984  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
19:30:42.0997 1984  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:30:42.0997 1984  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
19:30:42.0997 1984  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:30:42.0997 1984  sptd ( LockedFile.Multi.Generic ) - skipped by user
19:30:42.0997 1984  sptd ( LockedFile.Multi.Generic ) - User select action: Skip 
19:30:42.0997 1984  SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
19:30:42.0997 1984  SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:30:42.0997 1984  Thpsrv ( UnsignedFile.Multi.Generic ) - skipped by user
19:30:42.0997 1984  Thpsrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:30:43.0007 1984  TosCoSrv ( UnsignedFile.Multi.Generic ) - skipped by user
19:30:43.0007 1984  TosCoSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:30:45.0977 3280  Deinitialize success
         

Alt 08.02.2013, 18:33   #7
markusg
/// Malware-holic
 
Virus: Updates nicht möglich und Installation von Malwarebytes Anti-Malware 1.70 nicht möglich - Standard

Virus: Updates nicht möglich und Installation von Malwarebytes Anti-Malware 1.70 nicht möglich



hi,
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 08.02.2013, 19:26   #8
Goldedgar
 
Virus: Updates nicht möglich und Installation von Malwarebytes Anti-Malware 1.70 nicht möglich - Standard

Virus: Updates nicht möglich und Installation von Malwarebytes Anti-Malware 1.70 nicht möglich



Combofix Logfile:
Code:
ATTFilter
ComboFix 13-02-07.02 - Holger 08.02.2013  19:50:26.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.43.1031.18.8082.5659 [GMT 1:00]
ausgeführt von:: c:\users\Holger\Desktop\ComboFix.exe
AV: McAfee VirusScan Enterprise *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\windows\SysWow64\DEBUG.log
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-01-08 bis 2013-02-08  ))))))))))))))))))))))))))))))
.
.
2013-02-08 19:00 . 2013-02-08 19:00	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-02-08 19:00 . 2013-02-08 19:00	--------	d-----w-	c:\users\Gast\AppData\Local\temp
2013-02-08 19:00 . 2013-02-08 19:00	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-02-08 19:00 . 2013-02-08 19:00	--------	d-----w-	c:\users\admin\AppData\Local\temp
2013-02-08 17:36 . 2013-02-08 17:36	--------	d-----w-	c:\programdata\Malwarebytes
2013-02-08 17:36 . 2012-12-14 15:49	24176	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-02-08 17:36 . 2013-02-08 17:45	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2013-02-08 17:33 . 2013-02-08 17:33	--------	d-----w-	c:\users\Holger\AppData\Local\Programs
2013-02-04 17:12 . 2013-02-04 17:12	53248	----a-r-	c:\users\Holger\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-02-04 17:12 . 2013-02-04 17:12	--------	d-----w-	c:\users\Holger\AppData\Roaming\Leadertech
2013-02-04 17:12 . 2013-02-04 17:12	--------	d-----w-	c:\program files (x86)\Common Files\LogiShrd
2013-02-04 17:12 . 2013-02-04 17:12	--------	d-----w-	c:\programdata\Logitech
2013-02-04 17:12 . 2013-02-04 17:12	--------	d-----w-	c:\programdata\Logishrd
2013-02-04 17:11 . 2013-02-04 17:11	--------	d-----w-	c:\program files\Logitech
2013-02-04 17:11 . 2013-02-04 17:12	--------	d-----w-	c:\program files\Common Files\Logishrd
2013-02-04 17:09 . 2013-02-04 17:10	--------	d-----w-	c:\users\Holger\AppData\Roaming\Logishrd
2013-02-04 17:09 . 2013-02-04 17:09	--------	d-----w-	c:\users\Holger\AppData\Roaming\Logitech
2013-02-04 16:15 . 2009-10-22 19:07	97576	----a-w-	c:\windows\system32\drivers\mfeapfk.sys
2013-02-04 16:15 . 2009-10-22 19:07	83784	----a-w-	c:\windows\system32\drivers\mfetdik.sys
2013-02-04 16:15 . 2009-10-22 19:07	77104	----a-w-	c:\windows\system32\drivers\mferkdet.sys
2013-02-04 16:15 . 2009-10-22 19:07	469144	----a-w-	c:\windows\system32\drivers\mfehidk.sys
2013-02-04 16:15 . 2009-10-22 19:07	119968	----a-w-	c:\windows\system32\drivers\mfeavfk.sys
2013-02-04 16:15 . 2009-10-22 19:07	79504	----a-w-	c:\windows\system32\mfevtps.exe
2013-02-04 16:15 . 2013-02-04 16:15	--------	d-----w-	c:\program files (x86)\Common Files\McAfee
2013-02-01 16:03 . 2013-01-08 05:32	9161176	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{32C003B2-7C44-4EA8-A474-246877318AD5}\mpengine.dll
2013-01-18 16:45 . 2010-03-02 12:59	121344	----a-w-	c:\windows\system32\drivers\ZTEusbser6k.sys
2013-01-18 16:45 . 2010-03-02 12:59	121344	----a-w-	c:\windows\system32\drivers\ZTEusbnmea.sys
2013-01-18 16:45 . 2010-03-02 12:59	121344	----a-w-	c:\windows\system32\drivers\ZTEusbmdm6k.sys
2013-01-18 16:45 . 2010-02-22 08:09	11776	----a-w-	c:\windows\system32\drivers\massfilter.sys
2013-01-18 16:45 . 2009-12-28 13:06	135168	----a-w-	c:\windows\system32\drivers\ZTEusbnet.sys
2013-01-16 21:04 . 2013-01-16 21:04	--------	d-----w-	c:\users\Holger\AppData\Local\PackageAware
2013-01-14 17:22 . 2013-01-14 17:22	--------	d-----w-	c:\program files (x86)\UEFI WinFlash
2013-01-12 13:41 . 2013-01-12 13:41	--------	d-----w-	c:\users\Holger\AppData\Local\SCE
2013-01-12 13:41 . 2013-01-12 13:41	--------	d-----w-	C:\Crash
2013-01-09 19:16 . 2012-11-09 05:45	750592	----a-w-	c:\windows\system32\win32spl.dll
2013-01-09 19:16 . 2012-11-09 04:43	492032	----a-w-	c:\windows\SysWow64\win32spl.dll
2013-01-09 19:13 . 2012-11-01 05:43	2002432	----a-w-	c:\windows\system32\msxml6.dll
2013-01-09 19:13 . 2012-11-01 05:43	1882624	----a-w-	c:\windows\system32\msxml3.dll
2013-01-09 19:13 . 2012-11-01 04:47	1389568	----a-w-	c:\windows\SysWow64\msxml6.dll
2013-01-09 19:13 . 2012-11-01 04:47	1236992	----a-w-	c:\windows\SysWow64\msxml3.dll
2013-01-09 19:13 . 2012-11-20 05:48	307200	----a-w-	c:\windows\system32\ncrypt.dll
2013-01-09 19:13 . 2012-11-20 04:51	220160	----a-w-	c:\windows\SysWow64\ncrypt.dll
2013-01-09 19:11 . 2012-11-23 03:26	3149824	----a-w-	c:\windows\system32\win32k.sys
2013-01-09 19:11 . 2012-11-23 03:13	68608	----a-w-	c:\windows\system32\taskhost.exe
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-17 00:28 . 2010-11-21 03:27	273840	------w-	c:\windows\system32\MpSigStub.exe
2013-01-11 18:02 . 2012-03-14 19:51	74248	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-11 18:02 . 2012-03-14 19:51	697864	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-09 21:15 . 2012-10-13 16:30	67599240	----a-w-	c:\windows\system32\MRT.exe
2012-12-16 17:11 . 2012-12-22 02:23	46080	----a-w-	c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-22 02:23	367616	----a-w-	c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-22 02:23	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-22 02:23	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2012-11-30 04:45 . 2013-01-09 19:12	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2012-11-14 07:06 . 2012-12-12 23:45	17811968	----a-w-	c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-12 23:45	10925568	----a-w-	c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-12 23:45	2312704	----a-w-	c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-12 23:45	1346048	----a-w-	c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-12 23:45	1392128	----a-w-	c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-12 23:45	1494528	----a-w-	c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-12 23:45	237056	----a-w-	c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-12 23:45	85504	----a-w-	c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-12 23:45	816640	----a-w-	c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-12 23:45	599040	----a-w-	c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-12 23:45	173056	----a-w-	c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-12 23:45	2144768	----a-w-	c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-12 23:45	729088	----a-w-	c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-12 23:45	96768	----a-w-	c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-12 23:45	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-12 23:45	248320	----a-w-	c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-12 23:45	1800704	----a-w-	c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-12 23:45	1427968	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-12 23:45	1129472	----a-w-	c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-12 23:45	142848	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-12 23:45	420864	----a-w-	c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-12 23:45	2382848	----a-w-	c:\windows\SysWow64\mshtml.tlb
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOPI.EXE"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2011-05-16 846936]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2012-11-04 3093624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NBAgent"="c:\program files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" [2011-11-18 1492264]
"ITSecMng"="c:\program files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2011-04-02 80840]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-28 291608]
"SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2011-12-20 532480]
"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2010-08-16 34160]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2011-03-10 423936]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2011-07-12 1298816]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2012-06-20 74752]
"McAfeeUpdaterUI"="c:\program files (x86)\McAfee\Common Framework\udaterui.exe" [2009-08-25 136512]
"FreePDF Assistant"="c:\program files (x86)\FreePDF_XP\fpassist.exe" [2011-02-23 371200]
"ShStatEXE"="c:\program files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2009-10-22 124240]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOPI.EXE"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2011-05-16 846936]
.
c:\users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
c:\users\Holger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2012-2-4 2824104]
Toshiba Places Icon Utility.lnk - c:\program files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe [2012-3-14 1492352]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2012-01-27 34200]
R3 massfilter;MBB Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-02-22 11776]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2009-10-22 77104]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-08 273168]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\DRIVERS\RtsP2Stor.sys [2012-01-05 259176]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2012-10-12 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-01-28 16152]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [2011-12-01 72240]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [2011-12-01 15920]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-01-28 28992]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2012-10-09 834544]
S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys [2011-03-24 36992]
S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS [2009-06-29 14784]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [2011-03-18 482384]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-02-21 128280]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-21 161560]
S2 McAfeeEngineService;McAfee Engine Service;c:\program files (x86)\McAfee\VirusScan Enterprise\x64\engineserver.exe [2009-10-22 19720]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2009-10-22 79504]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-04 687400]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-02-10 112080]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2012-02-10 295360]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2012-05-29 2143072]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-20 14472]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-29 363800]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-08 594704]
S3 CeKbFilter;CeKbFilter;c:\windows\system32\DRIVERS\CeKbFilter.sys [2012-06-08 20592]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2011-11-17 76112]
S3 enecirhid;ENE CIR HID Receiver;c:\windows\system32\DRIVERS\enecirhid.sys [2011-11-17 20304]
S3 enecirhidma;ENE CIR HIDmini Filter;c:\windows\system32\DRIVERS\enecirhidma.sys [2009-12-26 12112]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2011-01-30 86016]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-07 331264]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-01-28 356120]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-01-28 787736]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2012-01-27 25496]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2011-02-09 38096]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-02-04 677480]
S3 SmbDrv;SmbDrv;c:\windows\system32\DRIVERS\Smb_driver.sys [2012-02-25 22800]
S3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-07-12 57216]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-11-26 138152]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2011-12-14 833976]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-09-22 11856]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-02-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-14 18:02]
.
2013-02-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-14 19:51]
.
2013-02-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-14 19:51]
.
2013-02-08 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]
.
2013-02-06 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"="c:\windows\system32\thpsrv" [X]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-02-01 12446824]
"SRS Premium Sound 3D"="c:\program files\SRS Labs\SRS Control Panel\SRSPanel_64.exe" [2012-02-06 2165120]
"TRCMan"="c:\program files (x86)\TOSHIBA\TRCMan\TRCMan.exe" [2011-10-19 718720]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2011-11-26 710560]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2011-02-10 1546720]
"Toshiba Registration"="c:\program files\TOSHIBA\Registration\ToshibaReminder.exe" [2012-03-14 150992]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-05-10 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-05-10 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-05-10 440088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Free YouTube Download - c:\users\Holger\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\Holger\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Holger\AppData\Roaming\Mozilla\Firefox\Profiles\t6bqy3gy.default\
FF - ExtSQL: 2013-02-04 18:12; {F003DA68-8256-4b37-A6C4-350FA04494DF}; c:\program files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-TSleepSrv - %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe
HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-02-08  20:21:46
ComboFix-quarantined-files.txt  2013-02-08 19:21
.
Vor Suchlauf: 11 Verzeichnis(se), 182.304.145.408 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 181.814.632.448 Bytes frei
.
- - End Of File - - DD1C77AAFB5A37FAC83BC95795DF54BE
         
--- --- ---

Alt 08.02.2013, 20:32   #9
markusg
/// Malware-holic
 
Virus: Updates nicht möglich und Installation von Malwarebytes Anti-Malware 1.70 nicht möglich - Standard

Virus: Updates nicht möglich und Installation von Malwarebytes Anti-Malware 1.70 nicht möglich



schaun wir mal was mbam tut
malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 16.02.2013, 23:45   #10
Goldedgar
 
Virus: Updates nicht möglich und Installation von Malwarebytes Anti-Malware 1.70 nicht möglich - Standard

Virus: Updates nicht möglich und Installation von Malwarebytes Anti-Malware 1.70 nicht möglich



Könnte man bitte alle Daten von mir aus den Thread löschen? Problem hat sich erledigt und ich will nicht das die dortstehen.

Alt 17.02.2013, 15:17   #11
markusg
/// Malware-holic
 
Virus: Updates nicht möglich und Installation von Malwarebytes Anti-Malware 1.70 nicht möglich - Standard

Virus: Updates nicht möglich und Installation von Malwarebytes Anti-Malware 1.70 nicht möglich



wir löschen nur vor/nachname kombinationen, oder andere eindeutige Identivikationsmerkmale.
Sollte so was da sein, gehe auf Beitrag melden und schildere was gelöscht werden soll.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Virus: Updates nicht möglich und Installation von Malwarebytes Anti-Malware 1.70 nicht möglich
anti-malware, defender, einiger, installation, installiere, installieren, keine updates, laptop, malwarebytes, malwarebytes anti-malware, meldung, nicht möglich, updates, updates nicht möglich, virus, windows, windows defender



Ähnliche Themen: Virus: Updates nicht möglich und Installation von Malwarebytes Anti-Malware 1.70 nicht möglich


  1. Keine Updates bzw. neue Installation möglich
    Plagegeister aller Art und deren Bekämpfung - 06.10.2015 (41)
  2. Win 7: Updates von Anwenderprogrammen nicht möglich
    Log-Analyse und Auswertung - 30.06.2015 (28)
  3. Installation BS nicht möglich
    Alles rund um Windows - 23.04.2015 (6)
  4. Windows Updates und Grafikkartentreiber Update nicht möglich
    Plagegeister aller Art und deren Bekämpfung - 08.02.2015 (26)
  5. Windows 7 Neuinstallation, Updates nicht möglich.
    Antiviren-, Firewall- und andere Schutzprogramme - 09.12.2014 (3)
  6. XP: Windows Updates nicht möglich, andere Downloads können nicht abgeschlossen werden
    Plagegeister aller Art und deren Bekämpfung - 05.10.2013 (42)
  7. Download/Installation von Updates nicht möglich
    Log-Analyse und Auswertung - 17.08.2013 (19)
  8. Installation von Adobe Reader nicht möglich
    Alles rund um Windows - 14.05.2013 (12)
  9. Verschlüsselung Trojaner - Anti-Malware und Logfile nicht möglich
    Log-Analyse und Auswertung - 09.07.2012 (9)
  10. keine Updates von Win-Defender, Anti-Vir und Win allgemein mehr möglich
    Antiviren-, Firewall- und andere Schutzprogramme - 06.06.2011 (2)
  11. Grafikkartentreiber installation nicht möglich
    Netzwerk und Hardware - 26.05.2011 (9)
  12. virus Alureon.H gefunden und windows vista updates nicht mehr möglich
    Plagegeister aller Art und deren Bekämpfung - 05.08.2010 (13)
  13. Warscheinlicher Virus-Infekt, Kaspersky-Updates nicht mehr möglich
    Log-Analyse und Auswertung - 01.02.2009 (0)
  14. Antiviren Updates nicht möglich. AV Seiten gesperrt
    Antiviren-, Firewall- und andere Schutzprogramme - 18.11.2008 (0)
  15. Updates & Aktualisierungen nicht möglich!
    Alles rund um Windows - 26.07.2008 (2)
  16. Inet, Arbeitsplatz, Programm installation nicht möglich
    Alles rund um Windows - 18.05.2007 (3)

Zum Thema Virus: Updates nicht möglich und Installation von Malwarebytes Anti-Malware 1.70 nicht möglich - Hallo Seit einiger Zeit sind bei meinen Laptop keine Updates mehr möglich weder bei Windows Defender noch bei McAfee. Jetzt wollte ich Malwarebytes Anti-Malware 1.70 installieren jedoch kommt immer die - Virus: Updates nicht möglich und Installation von Malwarebytes Anti-Malware 1.70 nicht möglich...
Archiv
Du betrachtest: Virus: Updates nicht möglich und Installation von Malwarebytes Anti-Malware 1.70 nicht möglich auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.