Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: 'Advanced System Protector' und 'RegClean Pro' eingefangen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 07.06.2013, 16:26   #1
Killerjockel
 
'Advanced System Protector' und 'RegClean Pro' eingefangen - Standard

'Advanced System Protector' und 'RegClean Pro' eingefangen



Wie in der Überschrift schon steht, habe ich mir 'Advanced System Protector' und 'RegClean Pro' eingefangen.

Sorry, habe erst jetzt das hier gesehen, ich erstelle grade alles.

Der defogger hat kein Log erstellt?

Alt 07.06.2013, 16:36   #2
smeenk
/// Malwareteam / Visitor
 
'Advanced System Protector' und 'RegClean Pro' eingefangen - Standard

'Advanced System Protector' und 'RegClean Pro' eingefangen





Ich bin Smeenk und ich werde versuchen Dir zu helfen
Zitat:
Sorry, habe erst jetzt das hier gesehen, ich erstelle grade alles.
Keine Problem.
Logs von OTL kommen noch, nehme ich an?
Mach nachher folgendes:


Systemscan mit ZOEK

Bitte lade die zoek.exe von hier: http://hijackthis.nl/smeenk/
  • Bitte deaktiviere während des Scans alle Virenscanner, da sie das Ergebnis beeinflussen.
  • Starte die Zoek.exe mit einem Doppelklick (nur Windows XP-Benutzer).
  • Windows Vista/7 Benutzer starten das Tool bitte per Rechtsklick auf das Icon und wählen "Als Administrator starten".
  • Kopiere untenstehende Code in das Textfeld:
    Code:
    ATTFilter
    emptyclsid;
    chromelook;
    autoclean;
    startupall;
    filesrcm;
    firefoxlook;
             
  • Nun klicke auf "Run script" und warte geduldig, bis der Scan durchgelaufen ist.
  • Wenn das Tool fertig ist, wird sich Notepad mit dem Logfile öffnen (ggfs. erst nach einem Neustart).
    Nachträglich kannst Du den Bericht unter c:\zoek-results.log einsehen.
  • Poste mir das Log File zoek-results.log


Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.


Bitte alles nach Möglichkeit hier in CODE-Tags posten: [code] Dein Log hier [/code]
__________________


Alt 07.06.2013, 16:58   #3
Killerjockel
 
'Advanced System Protector' und 'RegClean Pro' eingefangen - Standard

'Advanced System Protector' und 'RegClean Pro' eingefangen



OTL.Txt
Code:
ATTFilter
OTL logfile created on: 07.06.2013 16:35:29 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Stefan\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16580)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 1,78 Gb Available Physical Memory | 45,99% Memory free
7,74 Gb Paging File | 5,25 Gb Available in Paging File | 67,85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 443,43 Gb Total Space | 123,62 Gb Free Space | 27,88% Space Free | Partition Type: NTFS
Drive D: | 29,67 Gb Total Space | 28,77 Gb Free Space | 96,97% Space Free | Partition Type: FAT32
 
Computer Name: KILLERJOCKEL | User Name: Stefan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Stefan\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Motorola Solutions, Inc.)
PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Windows\SysWOW64\irstrtsv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe (Intel)
PRC - C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (CyberLink)
PRC - C:\Program Files (x86)\Lenovo\Lenovo Smart Update\Lenovo Smart Update.exe (Lenovo)
PRC - C:\Program Files (x86)\Lenovo\Lenovo Smart Update\Lenovo Smart Update Service.exe (Lenovo)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files (x86)\USB Camera\VM331STI.EXE (Vimicro)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\da04cb0eeee804dc97cac658c87f1457\System.Core.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\38b47b5452863bcadb6b731fe6c5198f\CustomMarshalers.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\ae31f7dc9817e359d05c9c8efdd5f359\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\5cb0754debdf19b9f0d63d4d8721f532\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7e6b074d3f3e3cc8e0270a3552c47aaa\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\28c2c6e7f48ff80c680a97b08df66a72\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\8d2929ad589e1092eb62a43424361465\mscorlib.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\037ba48087deddea3eebed4fc7731c0c\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll ()
MOD - C:\Program Files (x86)\Lenovo\Lenovo Smart Update\HookDll.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McOobeSv) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (CxAudMsg) -- C:\Windows\SysNative\CxAudMsg64.exe (Conexant Systems Inc.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Motorola Solutions, Inc.)
SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.)
SRV - (irstrtsv) -- C:\Windows\SysWOW64\irstrtsv.exe (Intel Corporation)
SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (Lenovo Smart Update Service) -- C:\Program Files (x86)\Lenovo\Lenovo Smart Update\Lenovo Smart Update Service.exe (Lenovo)
SRV - (ZeroConfigService) -- C:\Programme\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation)
SRV - (MyWiFiDHCPDNS) -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (McODS) -- C:\Programme\mcafee\virusscan\mcods.exe (McAfee, Inc.)
SRV - (Intel(R) -- C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (ExpressCache) -- C:\Programme\Diskeeper Corporation\ExpressCache\ExpressCache.exe (Diskeeper Corporation)
SRV - (McAWFwk) -- c:\Programme\mcafee\msc\McAWFwk.exe (McAfee, Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (VClone) -- C:\Windows\SysNative\Drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\Drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\Drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\Drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\Drivers\mferkdet.sys (McAfee, Inc.)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\Drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\Drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\Drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\Drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeelamk) -- C:\Windows\SysNative\Drivers\mfeelamk.sys (McAfee, Inc.)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\Drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (LHDmgr) -- C:\Windows\SysNative\Drivers\LhdX64.sys (Lenovo.)
DRV:64bit: - (ACPIVPC) -- C:\Windows\SysNative\Drivers\AcpiVpc.sys (Lenovo Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\Drivers\btmhsf.sys (Motorola Solutions, Inc.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\Drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\Drivers\Smb_driver_Intel.sys (Synaptics Incorporated)
DRV:64bit: - (btmaux) -- C:\Windows\SysNative\Drivers\btmaux.sys (Motorola Solutions, Inc.)
DRV:64bit: - (vm331avs) -- C:\Windows\SysNative\Drivers\vm331avs.sys (Vimicro Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (irstrtdv) -- C:\Windows\SysNative\Drivers\irstrtdv.sys (Intel Corporation)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\Drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\Drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (XHCIPort) -- C:\Windows\SysNative\Drivers\xHCIPort.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (usb3Hub) -- C:\Windows\SysNative\Drivers\usb3Hub.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (NETwNe64) -- C:\Windows\SysNative\Drivers\NETwew00.sys (Intel Corporation)
DRV:64bit: - (ibtfltcoex) -- C:\Windows\SysNative\Drivers\iBtFltCoex.sys (Intel Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\Drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\Drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (AX88772) -- C:\Windows\SysNative\Drivers\ax88772.sys (ASIX Electronics Corp.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (AmUStor) -- C:\Windows\SysNative\Drivers\AmUStor.sys (Alcor Micro, Corp.)
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\Drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\Drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (wsvd) -- C:\Windows\SysNative\Drivers\wsvd.sys ("CyberLink)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\Drivers\Rt630x64.sys (Realtek                                            )
DRV:64bit: - (LAD) -- C:\Windows\SysNative\Drivers\LAD.sys (TODO: <Company name>)
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\Drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (e1iexpress) -- C:\Windows\SysNative\Drivers\e1i63x64.sys (Intel Corporation)
DRV:64bit: - (HipShieldK) -- C:\Windows\SysNative\Drivers\HipShieldK.sys (McAfee, Inc.)
DRV:64bit: - (excsd) -- C:\Windows\SysNative\Drivers\excsd.sys (Diskeeper Corporation)
DRV:64bit: - (excfs) -- C:\Windows\SysNative\Drivers\excfs.sys (Diskeeper Corporation)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {4C9B9C5C-0760-4415-AB3C-47BD56C20292}
IE:64bit: - HKLM\..\SearchScopes\{4C9B9C5C-0760-4415-AB3C-47BD56C20292}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
IE - HKLM\..\SearchScopes,DefaultScope = {4C9B9C5C-0760-4415-AB3C-47BD56C20292}
IE - HKLM\..\SearchScopes\{4C9B9C5C-0760-4415-AB3C-47BD56C20292}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1749165925-1795840243-1688419422-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
IE - HKU\S-1-5-21-1749165925-1795840243-1688419422-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com [binary data]
IE - HKU\S-1-5-21-1749165925-1795840243-1688419422-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com [binary data]
IE - HKU\S-1-5-21-1749165925-1795840243-1688419422-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com
IE - HKU\S-1-5-21-1749165925-1795840243-1688419422-1001\..\SearchScopes,DefaultScope = {4C9B9C5C-0760-4415-AB3C-47BD56C20292}
IE - HKU\S-1-5-21-1749165925-1795840243-1688419422-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1749165925-1795840243-1688419422-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
FF - HKCU\Software\MozillaPlugins\intel.com/AppUp: C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.06.07 15:42:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2013.06.05 13:25:12 | 000,000,000 | ---D | M]
 
[2013.06.05 15:13:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stefan\AppData\Roaming\mozilla\Extensions
[2013.06.07 16:11:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stefan\AppData\Roaming\mozilla\Firefox\Profiles\gjwd1pwt.default\extensions
[2013.06.07 16:11:38 | 000,000,000 | ---D | M] (ccontuiNueeteosoavE) -- C:\Users\Stefan\AppData\Roaming\mozilla\Firefox\Profiles\gjwd1pwt.default\extensions\pzktsxcd@p-.net
[2013.06.05 15:12:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.06.05 15:12:35 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - Extension: ccontuiNueeteosoavE = C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkdldglmmgimnoeanblhcenhmcbackoi\1\
 
O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (ccontuiNueeteosoavE) - {20705370-7B60-D654-B0CF-1DBD8CC8CBC8} - C:\ProgramData\ccontuiNueeteosoavE\51b1e7f291f47.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [BoxSyncHelper] C:\Program Files\Box Sync\BoxSyncHelper.exe (Box, Inc.)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Programme\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [ForteConfig] C:\Programme\CONEXANT\ForteConfig\fmapp.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SACpl.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [SynLenovoGestureMgr] C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe (Synaptics)
O4 - HKLM..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331STI.EXE (Vimicro)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Dolby Home Theater v4] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Smart Update] C:\Program Files (x86)\Lenovo\Lenovo Smart Update\Lenovo Smart Update.exe (Lenovo)
O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (CyberLink)
O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - Startup: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An Bluetooth senden - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O8 - Extra context menu item: An Bluetooth senden - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E0B220CF-0B1D-4B78-BAE3-1D0ACA4BB57B}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.07 16:10:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013.06.07 16:01:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
[2013.06.07 16:01:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Systweak
[2013.06.07 16:01:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Advanced System Protector
[2013.06.07 16:01:17 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\Systweak
[2013.06.07 16:01:16 | 000,020,488 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\WINDOWS\SysNative\roboot64.exe
[2013.06.07 16:01:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
[2013.06.07 16:01:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RegClean Pro
[2013.06.07 16:00:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ccontuiNueeteosoavE
[2013.06.07 16:00:57 | 000,000,000 | ---D | C] -- C:\ProgramData\ccontuiNueeteosoavE
[2013.06.07 16:00:21 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2013.06.07 15:53:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
[2013.06.07 15:53:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes
[2013.06.07 15:51:58 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\WinRAR
[2013.06.07 15:51:08 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.06.07 15:51:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.06.07 15:50:16 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013.06.07 15:47:16 | 000,000,000 | ---D | C] -- C:\Users\Stefan\Documents\My Box Files
[2013.06.07 15:46:30 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\Box Sync
[2013.06.07 15:46:26 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\Box Desktop
[2013.06.07 15:45:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Box Sync
[2013.06.07 15:45:39 | 000,000,000 | ---D | C] -- C:\Program Files\Box Sync
[2013.06.07 15:45:14 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\Box Sync
[2013.06.07 15:44:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013.06.07 15:44:17 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\Google
[2013.06.07 15:44:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVSMedia
[2013.06.07 15:43:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon
[2013.06.07 15:43:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2013.06.07 15:43:23 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2013.06.07 15:41:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2013.06.07 15:41:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2013.06.07 15:39:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\Adobe
[2013.06.07 15:39:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013.06.07 15:39:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.06.07 15:39:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013.06.07 15:38:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013.06.07 15:37:13 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.06.07 15:36:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\directx
[2013.06.07 15:32:49 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\OpenOffice.org
[2013.06.07 15:22:14 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\Skype
[2013.06.07 15:22:06 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2013.06.07 15:22:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013.06.07 15:22:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.06.07 15:22:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2013.06.07 14:59:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013.06.07 14:59:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2013.06.07 14:33:10 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\Apple Computer
[2013.06.07 14:33:10 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\Apple Computer
[2013.06.07 14:33:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.06.07 14:32:51 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.06.07 14:32:50 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.06.07 14:32:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013.06.07 14:32:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013.06.07 14:32:50 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013.06.07 14:32:14 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\Apple
[2013.06.07 14:32:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013.06.07 14:32:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013.06.07 14:31:51 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013.06.07 14:31:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2013.06.07 14:31:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013.06.07 14:31:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2013.06.07 13:44:19 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
[2013.06.07 13:43:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
[2013.06.06 07:08:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2013.06.06 04:38:59 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\Macromedia
[2013.06.06 04:37:43 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\Adobe
[2013.06.06 02:02:08 | 000,000,000 | R--D | C] -- C:\WINDOWS\BrowserChoice
[2013.06.05 18:35:33 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\vlc
[2013.06.05 18:35:02 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2013.06.05 16:42:09 | 000,000,000 | ---D | C] -- C:\Users\Stefan\Documents\Avatar
[2013.06.05 16:41:37 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\CyberLink
[2013.06.05 16:41:31 | 000,000,000 | ---D | C] -- C:\Users\Stefan\Documents\Youcam
[2013.06.05 16:41:30 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\CyberLink
[2013.06.05 15:12:58 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\Mozilla
[2013.06.05 15:12:58 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\Mozilla
[2013.06.05 15:12:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013.06.05 15:12:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013.06.05 15:12:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.06.05 13:29:37 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\Amazon_Services_LLC
[2013.06.05 13:26:14 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\Absolute_Software
[2013.06.05 13:26:03 | 000,000,000 | R--D | C] -- C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013.06.05 13:26:03 | 000,000,000 | R--D | C] -- C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013.06.05 13:26:02 | 000,000,000 | R--D | C] -- C:\Users\Stefan\Searches
[2013.06.05 13:26:02 | 000,000,000 | R--D | C] -- C:\Users\Stefan\Contacts
[2013.06.05 13:25:38 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\Macromedia
[2013.06.05 13:25:38 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\Adobe
[2013.06.05 13:25:10 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\VirtualStore
[2013.06.05 13:25:04 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\Packages
[2013.06.05 13:25:02 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\Intel
[2013.06.05 13:24:42 | 000,000,000 | -HSD | C] -- C:\Users\Stefan\Vorlagen
[2013.06.05 13:24:42 | 000,000,000 | -HSD | C] -- C:\Users\Stefan\AppData\Local\Verlauf
[2013.06.05 13:24:42 | 000,000,000 | -HSD | C] -- C:\Users\Stefan\AppData\Local\Temporary Internet Files
[2013.06.05 13:24:42 | 000,000,000 | -HSD | C] -- C:\Users\Stefan\Startmenü
[2013.06.05 13:24:42 | 000,000,000 | -HSD | C] -- C:\Users\Stefan\SendTo
[2013.06.05 13:24:42 | 000,000,000 | -HSD | C] -- C:\Users\Stefan\Recent
[2013.06.05 13:24:42 | 000,000,000 | -HSD | C] -- C:\Users\Stefan\Netzwerkumgebung
[2013.06.05 13:24:42 | 000,000,000 | -HSD | C] -- C:\Users\Stefan\Lokale Einstellungen
[2013.06.05 13:24:42 | 000,000,000 | -HSD | C] -- C:\Users\Stefan\Documents\Eigene Videos
[2013.06.05 13:24:42 | 000,000,000 | -HSD | C] -- C:\Users\Stefan\Documents\Eigene Musik
[2013.06.05 13:24:42 | 000,000,000 | -HSD | C] -- C:\Users\Stefan\Eigene Dateien
[2013.06.05 13:24:42 | 000,000,000 | -HSD | C] -- C:\Users\Stefan\Documents\Eigene Bilder
[2013.06.05 13:24:42 | 000,000,000 | -HSD | C] -- C:\Users\Stefan\Druckumgebung
[2013.06.05 13:24:42 | 000,000,000 | -HSD | C] -- C:\Users\Stefan\Cookies
[2013.06.05 13:24:42 | 000,000,000 | -HSD | C] -- C:\Users\Stefan\AppData\Local\Anwendungsdaten
[2013.06.05 13:24:42 | 000,000,000 | -HSD | C] -- C:\Users\Stefan\Anwendungsdaten
[2013.06.05 13:24:42 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\Temp
[2013.06.05 13:24:42 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\Microsoft
[2013.06.05 13:24:41 | 000,000,000 | --SD | C] -- C:\Users\Stefan\AppData\Roaming\Microsoft
[2013.06.05 13:24:41 | 000,000,000 | R--D | C] -- C:\Users\Stefan\Videos
[2013.06.05 13:24:41 | 000,000,000 | R--D | C] -- C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2013.06.05 13:24:41 | 000,000,000 | R--D | C] -- C:\Users\Stefan\Saved Games
[2013.06.05 13:24:41 | 000,000,000 | R--D | C] -- C:\Users\Stefan\Pictures
[2013.06.05 13:24:41 | 000,000,000 | R--D | C] -- C:\Users\Stefan\Music
[2013.06.05 13:24:41 | 000,000,000 | R--D | C] -- C:\Users\Stefan\Links
[2013.06.05 13:24:41 | 000,000,000 | R--D | C] -- C:\Users\Stefan\Favorites
[2013.06.05 13:24:41 | 000,000,000 | R--D | C] -- C:\Users\Stefan\Downloads
[2013.06.05 13:24:41 | 000,000,000 | R--D | C] -- C:\Users\Stefan\Documents
[2013.06.05 13:24:41 | 000,000,000 | R--D | C] -- C:\Users\Stefan\Desktop
[2013.06.05 13:24:41 | 000,000,000 | R--D | C] -- C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013.06.05 13:24:41 | 000,000,000 | R--D | C] -- C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2013.06.05 13:24:41 | 000,000,000 | -H-D | C] -- C:\Users\Stefan\AppData
[2013.06.05 13:24:41 | 000,000,000 | ---D | C] -- C:\Users\Stefan\Roaming
[2013.06.05 13:24:41 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013.05.19 12:54:27 | 000,097,176 | ---- | C] (Elaborate Bytes AG) -- C:\WINDOWS\SysWow64\ElbyCDIO.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.07 16:35:24 | 000,000,000 | -HS- | M] () -- C:\DkHyperbootSync
[2013.06.07 16:29:05 | 000,000,000 | ---- | M] () -- C:\Users\Stefan\defogger_reenable
[2013.06.07 16:04:14 | 000,000,312 | ---- | M] () -- C:\WINDOWS\tasks\RegClean Pro_UPDATES.job
[2013.06.07 16:04:14 | 000,000,304 | ---- | M] () -- C:\WINDOWS\tasks\RegClean Pro_DEFAULT.job
[2013.06.07 16:04:10 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.06.07 16:04:06 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.06.07 16:03:58 | 3317,358,592 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.07 16:01:31 | 000,001,225 | ---- | M] () -- C:\Users\Public\Desktop\Advanced System Protector.lnk
[2013.06.07 16:01:16 | 000,001,074 | ---- | M] () -- C:\Users\Public\Desktop\RegClean Pro.lnk
[2013.06.07 15:52:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.06.07 15:47:16 | 000,001,592 | ---- | M] () -- C:\Users\Stefan\Desktop\My Box Files.lnk
[2013.06.07 15:45:39 | 000,001,874 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Box Sync.lnk
[2013.06.07 15:43:25 | 000,000,987 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2013.06.07 15:33:06 | 000,001,259 | ---- | M] () -- C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
[2013.06.07 15:22:06 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013.06.07 14:59:58 | 000,001,090 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.06.07 14:33:07 | 000,001,803 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.06.07 14:07:05 | 001,748,838 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2013.06.07 14:07:05 | 000,754,172 | ---- | M] () -- C:\WINDOWS\SysNative\perfh007.dat
[2013.06.07 14:07:05 | 000,711,282 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2013.06.07 14:07:05 | 000,156,362 | ---- | M] () -- C:\WINDOWS\SysNative\perfc007.dat
[2013.06.07 14:07:05 | 000,133,150 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2013.06.07 13:44:20 | 000,001,172 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2013.06.06 22:33:59 | 000,003,092 | ---- | M] () -- C:\Users\Stefan\AppData\Roaming\AbsoluteReminder.xml
[2013.06.06 07:08:01 | 545,565,498 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2013.06.05 15:12:41 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.05.19 12:54:27 | 000,097,176 | ---- | M] (Elaborate Bytes AG) -- C:\WINDOWS\SysWow64\ElbyCDIO.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.06.07 16:35:23 | 000,000,000 | -HS- | C] () -- C:\DkHyperbootSync
[2013.06.07 16:29:05 | 000,000,000 | ---- | C] () -- C:\Users\Stefan\defogger_reenable
[2013.06.07 16:01:31 | 000,001,225 | ---- | C] () -- C:\Users\Public\Desktop\Advanced System Protector.lnk
[2013.06.07 16:01:27 | 000,016,896 | ---- | C] () -- C:\WINDOWS\SysNative\sasnative64.exe
[2013.06.07 16:01:22 | 000,000,312 | ---- | C] () -- C:\WINDOWS\tasks\RegClean Pro_UPDATES.job
[2013.06.07 16:01:22 | 000,000,304 | ---- | C] () -- C:\WINDOWS\tasks\RegClean Pro_DEFAULT.job
[2013.06.07 16:01:16 | 000,001,074 | ---- | C] () -- C:\Users\Public\Desktop\RegClean Pro.lnk
[2013.06.07 15:47:16 | 000,001,592 | ---- | C] () -- C:\Users\Stefan\Desktop\My Box Files.lnk
[2013.06.07 15:45:39 | 000,001,874 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Box Sync.lnk
[2013.06.07 15:43:25 | 000,000,987 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2013.06.07 15:42:24 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013.06.07 15:33:06 | 000,001,259 | ---- | C] () -- C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
[2013.06.07 15:22:06 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2013.06.07 14:59:58 | 000,001,090 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.06.07 14:33:07 | 000,001,803 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.06.07 14:32:13 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013.06.07 13:44:20 | 000,001,172 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2013.06.06 07:08:01 | 545,565,498 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP
[2013.06.06 04:38:05 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.06.05 15:12:41 | 000,001,174 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.06.05 15:12:41 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.06.05 15:06:01 | 000,387,688 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2013.06.05 13:26:07 | 000,003,092 | ---- | C] () -- C:\Users\Stefan\AppData\Roaming\AbsoluteReminder.xml
[2012.12.14 02:42:30 | 000,064,512 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2012.12.14 02:42:24 | 000,754,652 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng700.bin
[2012.12.14 02:42:24 | 000,598,384 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng700.bin
[2012.10.12 21:07:50 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2012.10.12 21:02:10 | 000,001,897 | ---- | C] () -- C:\WINDOWS\vm331Rmv.ini
[2012.10.12 21:02:10 | 000,001,897 | ---- | C] () -- C:\WINDOWS\SysWow64\vm331Rmv.ini
[2012.10.12 20:57:08 | 001,774,862 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2012.07.26 02:48:53 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2012.07.25 22:22:56 | 000,267,284 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin
[2012.07.25 22:22:54 | 000,963,376 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin
[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2012.04.20 13:59:44 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
[2013.06.05 13:26:22 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.03.06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.03.06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.06.07 15:47:16 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\Box Desktop
[2013.06.07 16:43:18 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\Box Sync
[2013.06.07 15:32:49 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\OpenOffice.org
[2013.06.07 16:01:33 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\Systweak
 
========== Purity Check ==========
 
 

< End of report >
         
Extras.Txt.
Code:
ATTFilter
OTL Extras logfile created on: 07.06.2013 16:35:29 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Stefan\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16580)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 1,78 Gb Available Physical Memory | 45,99% Memory free
7,74 Gb Paging File | 5,25 Gb Available in Paging File | 67,85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 443,43 Gb Total Space | 123,62 Gb Free Space | 27,88% Space Free | Partition Type: NTFS
Drive D: | 29,67 Gb Total Space | 28,77 Gb Free Space | 96,97% Space Free | Partition Type: FAT32
 
Computer Name: KILLERJOCKEL | User Name: Stefan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files (x86)\Advanced System Protector\filetypehelper.exe -scanunknown "%1" (Systweak)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files (x86)\Advanced System Protector\filetypehelper.exe -scanunknown "%1" (Systweak)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1418017C-3987-449E-BF73-79EB02F8CE0C}" = rport=139 | protocol=6 | dir=out | app=system | 
"{16A0FDA5-E235-4268-BF36-F6322F9526C1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{66B94C8A-6880-4F6D-AC3F-E6ADB5A562CE}" = rport=137 | protocol=17 | dir=out | app=system | 
"{66D00B22-4C95-4516-A437-7263782750B0}" = lport=139 | protocol=6 | dir=in | app=system | 
"{6A3E0477-83C1-4449-808D-95CB2A51A35F}" = rport=138 | protocol=17 | dir=out | app=system | 
"{89BEB90C-DA5D-4F2B-8FE2-9936EE936888}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{8B29242F-9E60-4F00-A349-3F9ABA1A9C80}" = lport=445 | protocol=6 | dir=in | app=system | 
"{91343F43-30EA-480E-A7D4-04D81EFC0ACD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{93D4A249-9A39-4258-9F32-E52C2E9DC1DC}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{A63F48CE-3735-4BB5-AE39-2810086913D5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{A9E28B12-0452-42BA-87AB-C0433C6A6CE3}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{B2F27DE5-4812-4FD7-8124-C3E8C1AB3AB2}" = lport=138 | protocol=17 | dir=in | app=system | 
"{BD1242A2-73DD-4F25-B648-6B029F26D99C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{BDC1DCF2-4BA1-4F37-BFA4-9B6CD4253752}" = rport=445 | protocol=6 | dir=out | app=system | 
"{C42E8664-AF2E-4496-AA41-3B2C0FC95132}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{C965EA77-2592-40BC-A4D5-87EC4CBE420B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{D5ADE754-D11E-4AD9-8A52-04D164682998}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{DB0CAC6D-C19B-421E-94A5-53C8DE8E312A}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{E8BEEE45-EF99-47A3-BCB9-C9B28A58C118}" = lport=137 | protocol=17 | dir=in | app=system | 
"{E9BB6D3A-08D7-4EC5-9194-86D9306C91C4}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{F1D93D9E-1846-4D93-B191-1CC8EE39F582}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{004360FE-34DD-4360-A7A1-365A07D420EA}" = dir=out | name=onenote | 
"{0291F83A-4FB7-476C-BA43-FFD5CA393CAE}" = dir=out | name=@{microsoft.bingnews_2.0.0.273_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | 
"{0CFF1C2C-6108-483D-9B39-84463F52045C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{0F2A2FD6-5880-4766-9932-1E7EE790F24F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{147ACFDA-5826-4C06-B9FC-71DAA38DAEFC}" = dir=out | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{155A00A2-0E32-4DC0-8CAB-517A4DC8AED3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{15638DAE-A159-4E38-AF6F-A213AD632D95}" = dir=in | name=wd | 
"{1951C56F-4223-4B75-A4C5-43F905F7BF15}" = dir=out | name=gleichungen - das mathe-spiel | 
"{1B990B14-DCDB-4331-963E-CBF35309BEFE}" = dir=in | name=mcafee security advisor for lenovo | 
"{214A1C07-F404-4E8B-905B-58A865F7901D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{22187DDA-5006-442A-9EE8-BF83854B2546}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{28F95266-2F35-4AAF-97E2-21C6ACA6A713}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{2926441C-FC0A-4959-B251-88945F38FE0D}" = dir=out | name=@{microsoft.bingweather_2.0.0.288_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{30E8AFCD-3254-48C6-9A69-B8E4B6D7E0FA}" = dir=out | name=@{3574gindasoft.to-dos_1.0.16.2_neutral__vhpcp2ef0a8kc?ms-resource://3574gindasoft.to-dos/resources/manifest_appname} | 
"{3838EDC0-750B-4A72-A662-A214D05A38FC}" = dir=out | name=twitter | 
"{43238C9C-00DE-45D3-BCBB-184085EE0716}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{4761DACC-17BE-43C9-A13D-109BC0280D4C}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{47AF6EA9-E352-4667-9D25-B1CC85E1DFAA}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{48155FCA-EEAA-4AE9-AB5F-01ED07D4F6DE}" = dir=out | name=@{microsoft.zunemusic_1.3.59.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | 
"{4E12BBA7-594C-4D4E-8612-ABD896C1514B}" = dir=out | name=@{12199asparion.asparionclock_2.0.1.12_neutral__f89vgcf3qm37t?ms-resource://12199asparion.asparionclock/resources/sstorename} | 
"{4E972F33-E384-4203-9054-373F0BB557CB}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{509F6196-97C5-456D-BA20-7E1E85A074EB}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{5385EC3A-A9E9-41AC-8B5A-8C1F8F7C4F3E}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{55A2B7A8-63BD-4AE9-9017-603D8CB1B986}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | 
"{5672DD25-6C55-4B53-ADC8-F7F9E210A943}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{5E0CE1BE-0F02-4624-A50C-413630558BE0}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{5E3C08DD-5C50-4BA1-8EFA-F813FBCF56FA}" = dir=out | name=lenovo support | 
"{6DF93BEA-EF6B-42F7-8ACF-8C9C076DEA0D}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{6F18F2D3-939F-411B-B0ED-C3E609B8991E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{6F1BCE96-9489-41E3-B88C-542D0F4D11A2}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{73B4824C-4951-4634-8517-9D0F8ABF8D57}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{7958DCAD-3C73-42AE-9BD1-11D90302C317}" = dir=out | name=@{microsoft.zunevideo_1.3.59.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | 
"{79F59F82-C37B-4D07-875C-AC7E5E542702}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{7A346C69-032E-4A77-9670-1E091AD82FD7}" = dir=out | name=youtube fm | 
"{7BB15497-4137-45BC-A6CA-DEB40E76CC00}" = dir=out | name=hyper for youtube | 
"{7C24A05B-89B2-4D96-8870-F20999F3FF18}" = dir=in | app=c:\program files\intel corporation\intel widi\widiapp.exe | 
"{7C2FB08A-AF18-4343-9035-7D680FB7ACA0}" = dir=in | name=onenote | 
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{82BB31CC-CD87-4F6C-A709-98C6FBE339A3}" = dir=out | name=lenovo companion | 
"{888F21AC-139F-4151-8C13-120CE6D9ACDC}" = dir=out | name=windows_ie_ac_001 | 
"{8E861934-FF3F-4C6C-A2AB-B093E98E3FEB}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{9306BD6D-4F64-4389-BDFB-275D8B5568E7}" = dir=out | name=mcafee security advisor for lenovo | 
"{98BB45FD-0379-4B76-B25A-DAFF46B48411}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{994F95F1-2321-4410-B447-6DC512273D0E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{9A9185D6-38CD-4209-9B92-9086350644B6}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{9DA82D6E-A684-43D6-9D76-270C8CCB61B5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{A08C1CC5-E06E-4415-B061-1D5293620A67}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{A0A8DE0A-674A-4D5F-BF3F-20EBBFDF26F3}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{AB932351-F6B5-4B02-9E30-012C518D7F62}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{B1E9BD82-058E-4336-BE28-598AD526A388}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{B924EF93-A915-4455-874E-B9D89E4235D9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{BE22BC1F-67D2-4255-BC57-2F57471768D8}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{C554E5F6-59ED-4398-9ADB-CD8176A48615}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{C8FEB047-C804-4920-9783-82965C034D0F}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | 
"{CFC06DBB-067C-44EA-B79D-0959402F849E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{D1AF4C53-A1A9-4694-B759-C20D6C596A21}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{D2298D6A-52C0-4527-8814-A1A79DBA5BB1}" = dir=out | name=@{microsoft.bingmaps_1.6.1528.2509_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{D8B9EC7C-02B8-4A20-BB05-F7A453AD0BC7}" = dir=out | name=amazon | 
"{DBCE1BAC-BA7A-4AD0-BFAF-2DBD0C534D1F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{E27D3577-9F8B-4ADC-BC09-712212034857}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{E424D6A4-4E96-4F00-AF10-CA78DB4E7A89}" = protocol=6 | dir=out | app=system | 
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{E91F12C7-C9ED-4DDC-9DD0-15D4122D3555}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{EF17DDEC-31A3-4058-A01E-0D1991DD5B2C}" = dir=in | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{FA38778A-0967-477C-BA1D-CCB58A6FFC54}" = dir=out | name=windows_ie_ac_001 | 
"{FD01FD45-816C-470C-9E29-E60AFCB46D16}" = dir=out | name=wd | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0728A184-F899-4356-B93D-8228674F0DEB}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417009FF}" = Java 7 Update 9 (64-bit)
"{2EBEFDA8-F905-4C39-AC1C-D5ABE7B3E0AE}" = ExpressCache
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0170090}" = Java SE Development Kit 7 Update 9 (64-bit)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{76FF0F03-B707-4332-B5D1-A56C8303514E}" = iTunes
"{83E68458-AF28-4CA4-8AFC-595A10307290}" = LenovoDrv_x64
"{99FDAE3B-6905-45A6-8F73-595363AAD3D1}" = Intel® PROSet/Wireless WiFi-Software
"{B6E694C7-23C3-4A84-B2F6-BDBFAF5C85A4}" = Box Sync (64 bit)
"{EDBA2433-0910-4C72-8C5B-8FEDAE3EF18E}" = Intel(R) WiDi
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42" = Windows-Treiberpaket - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1)
"8A223E56FB1ED4F697B54E5BF96F1EB63B512684" = Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733)
"C48768A2A32F4649238F7DCF737A260911895FDE" = Windows Driver Package - Lenovo Corporation (LAD) System  (06/08/2012 1.0.0.3)
"CNXT_AUDIO_HDA" = Conexant HD Audio
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VLC media player" = VLC media player 2.0.4
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam
"{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}" = Amazon Browser App
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{29B7C0EB-A1E6-4BC3-8344-70EDE4F189F1}" = Lenovo Smart Update
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40F4FF7A-B214-4453-B973-080B09CED019}" = Absolute Reminder
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.5
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8FCCB703-3FBF-49e7-A43F-A81E27D9B07E}" = Lenovo MediaShow6
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FD96807-04A4-452A-AD75-14382EE388DF}" = Alcor Micro USB Card Reader
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}" = Lenovo EasyCamera
"{B26438B4-BF51-49C3-9567-7F14A5E40CB9}" = Dolby Home Theater v4
"{C1C6816E-CBB3-A748-85F9-A8B47B68985B}" = ccontuiNueeteosoavE
"{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = Benutzerhandbuch
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1" = Advanced System Protector
"3D073343-CEEB-4ce7-85AC-A69A7631B5D6" = Intel(R) Rapid Start Technology
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.17
"AmUStor" = Alcor Micro USB Card Reader
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{8FCCB703-3FBF-49e7-A43F-A81E27D9B07E}" = Lenovo MediaShow6
"InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee Internet Security
"RegClean Pro_is1" = RegClean Pro
"SugarSync" = SugarSync Manager
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 2.0.6
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 06.06.2013 03:13:56 | Computer Name = Killerjockel | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Bei der Aktivierung der App „Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic“
 ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie
 im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 
Error - 06.06.2013 03:13:59 | Computer Name = Killerjockel | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: wwahost.exe, Version: 6.2.9200.16384,
 Zeitstempel: 0x50107c6e  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16384,
 Zeitstempel: 0x5010ab2d  Ausnahmecode: 0x00000004  Fehleroffset: 0x00000000000189cc
ID
 des fehlerhaften Prozesses: 0xe60  Startzeit der fehlerhaften Anwendung: 0x01ce62856a98a18b
Pfad
 der fehlerhaften Anwendung: C:\WINDOWS\system32\wwahost.exe  Pfad des fehlerhaften
 Moduls: C:\WINDOWS\system32\KERNELBASE.dll  Berichtskennung: a8537b7c-ce78-11e2-be82-84a6c862460c
Vollständiger
 Name des fehlerhaften Pakets: Microsoft.ZuneMusic_1.3.59.0_x64__8wekyb3d8bbwe  Anwendungs-ID,
 die relativ zum fehlerhaften Paket ist: Microsoft.ZuneMusic
 
Error - 06.06.2013 03:14:00 | Computer Name = Killerjockel | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Bei der Aktivierung der App „Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic“
 ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie
 im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 
Error - 06.06.2013 03:14:34 | Computer Name = Killerjockel | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: wwahost.exe, Version: 6.2.9200.16384,
 Zeitstempel: 0x50107c6e  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16384,
 Zeitstempel: 0x5010ab2d  Ausnahmecode: 0x00000004  Fehleroffset: 0x00000000000189cc
ID
 des fehlerhaften Prozesses: 0x1258  Startzeit der fehlerhaften Anwendung: 0x01ce62857f3c5870
Pfad
 der fehlerhaften Anwendung: C:\WINDOWS\system32\wwahost.exe  Pfad des fehlerhaften
 Moduls: C:\WINDOWS\system32\KERNELBASE.dll  Berichtskennung: bcf00b6d-ce78-11e2-be82-84a6c862460c
Vollständiger
 Name des fehlerhaften Pakets: Microsoft.ZuneMusic_1.3.59.0_x64__8wekyb3d8bbwe  Anwendungs-ID,
 die relativ zum fehlerhaften Paket ist: Microsoft.ZuneMusic
 
Error - 06.06.2013 03:14:34 | Computer Name = Killerjockel | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Bei der Aktivierung der App „Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic“
 ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie
 im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 
Error - 06.06.2013 03:14:42 | Computer Name = Killerjockel | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: wwahost.exe, Version: 6.2.9200.16384,
 Zeitstempel: 0x50107c6e  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16384,
 Zeitstempel: 0x5010ab2d  Ausnahmecode: 0x00000004  Fehleroffset: 0x00000000000189cc
ID
 des fehlerhaften Prozesses: 0x103c  Startzeit der fehlerhaften Anwendung: 0x01ce6285841db98e
Pfad
 der fehlerhaften Anwendung: C:\WINDOWS\system32\wwahost.exe  Pfad des fehlerhaften
 Moduls: C:\WINDOWS\system32\KERNELBASE.dll  Berichtskennung: c1d16caf-ce78-11e2-be82-84a6c862460c
Vollständiger
 Name des fehlerhaften Pakets: Microsoft.ZuneMusic_1.3.59.0_x64__8wekyb3d8bbwe  Anwendungs-ID,
 die relativ zum fehlerhaften Paket ist: Microsoft.ZuneMusic
 
Error - 06.06.2013 03:14:42 | Computer Name = Killerjockel | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Bei der Aktivierung der App „Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic“
 ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie
 im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 
Error - 06.06.2013 03:14:44 | Computer Name = Killerjockel | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: wwahost.exe, Version: 6.2.9200.16384,
 Zeitstempel: 0x50107c6e  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16384,
 Zeitstempel: 0x5010ab2d  Ausnahmecode: 0x00000004  Fehleroffset: 0x00000000000189cc
ID
 des fehlerhaften Prozesses: 0x1068  Startzeit der fehlerhaften Anwendung: 0x01ce628584dc7858
Pfad
 der fehlerhaften Anwendung: C:\WINDOWS\system32\wwahost.exe  Pfad des fehlerhaften
 Moduls: C:\WINDOWS\system32\KERNELBASE.dll  Berichtskennung: c294f020-ce78-11e2-be82-84a6c862460c
Vollständiger
 Name des fehlerhaften Pakets: Microsoft.ZuneMusic_1.3.59.0_x64__8wekyb3d8bbwe  Anwendungs-ID,
 die relativ zum fehlerhaften Paket ist: Microsoft.ZuneMusic
 
Error - 06.06.2013 03:14:44 | Computer Name = Killerjockel | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Bei der Aktivierung der App „Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic“
 ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie
 im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 
Error - 06.06.2013 03:14:59 | Computer Name = Killerjockel | Source = Microsoft-Windows-Immersive-Shell | ID = 2486
Description = Die App „Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic“ wurde
 nicht innerhalb der vorgesehenen Zeit gestartet.
 
 
< End of report >
         
__________________

Alt 07.06.2013, 17:13   #4
Killerjockel
 
'Advanced System Protector' und 'RegClean Pro' eingefangen - Standard

'Advanced System Protector' und 'RegClean Pro' eingefangen



Hier noch das log von "zoek.exe"
Angehängte Dateien
Dateityp: log zoek-results.log (93,8 KB, 154x aufgerufen)

Alt 07.06.2013, 17:21   #5
Killerjockel
 
'Advanced System Protector' und 'RegClean Pro' eingefangen - Standard

'Advanced System Protector' und 'RegClean Pro' eingefangen



Und dann noch Kaspersky's.
Datei Nr. 1 im Anhang, Nr. 2 war zu groß zum Posten, also hier im Code.
Code:
ATTFilter
17:18:07.0553 5624  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:18:07.0553 5624  UEFI system
17:18:07.0694 5624  ============================================================
17:18:07.0694 5624  Current date / time: 2013/06/07 17:18:07.0694
17:18:07.0694 5624  SystemInfo:
17:18:07.0694 5624  
17:18:07.0694 5624  OS Version: 6.2.9200 ServicePack: 0.0
17:18:07.0694 5624  Product type: Workstation
17:18:07.0694 5624  ComputerName: KILLERJOCKEL
17:18:07.0694 5624  UserName: Stefan
17:18:07.0694 5624  Windows directory: C:\WINDOWS
17:18:07.0694 5624  System windows directory: C:\WINDOWS
17:18:07.0694 5624  Running under WOW64
17:18:07.0694 5624  Processor architecture: Intel x64
17:18:07.0694 5624  Number of processors: 4
17:18:07.0694 5624  Page size: 0x1000
17:18:07.0694 5624  Boot type: Normal boot
17:18:07.0694 5624  ============================================================
17:18:07.0866 5624  Drive \Device\Harddisk0\DR0 - Size: 0x5976F6000 (22.37 Gb), SectorSize: 0x200, Cylinders: 0xB67, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:18:07.0897 5624  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:18:07.0897 5624  Drive \Device\Harddisk2\DR2 - Size: 0x76C000000 (29.69 Gb), SectorSize: 0x200, Cylinders: 0xF23, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:18:07.0897 5624  ============================================================
17:18:07.0897 5624  \Device\Harddisk0\DR0:
17:18:07.0897 5624  GPT partitions:
17:18:07.0897 5624  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {B8CB5058-C187-4719-BAF0-379CA2D4C97E}, UniqueGUID: {4613EE39-4727-4347-8134-173F590F716F}, Name: HFS, StartLBA 0x1000, BlocksNum 0x24B9800
17:18:07.0897 5624  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {D3BFE2DE-3DAF-11DF-BA40-E3A556D89593}, UniqueGUID: {138AE540-9491-4434-B402-ABF9E6B3119D}, Name: Basic data partition, StartLBA 0x24BB000, BlocksNum 0x800000
17:18:07.0897 5624  MBR partitions:
17:18:07.0897 5624  \Device\Harddisk1\DR1:
17:18:07.0912 5624  GPT partitions:
17:18:07.0912 5624  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {CC50639D-F1B3-4D73-BDBE-D1A845A5A318}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1F4000
17:18:07.0912 5624  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {22778F9F-CE11-4A9A-A2F4-7086D20A8306}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
17:18:07.0912 5624  \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {8C03678D-CA5A-479E-AAD4-681E80025C71}, Name: Basic data partition, StartLBA 0x276800, BlocksNum 0x1F4000
17:18:07.0912 5624  \Device\Harddisk1\DR1\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {5E2548C8-4DE9-4C33-A836-FA777C8C927E}, Name: Microsoft reserved partition, StartLBA 0x46A800, BlocksNum 0x40000
17:18:07.0912 5624  \Device\Harddisk1\DR1\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {021194C1-A64B-468C-84A4-6562EC373F4A}, Name: Basic data partition, StartLBA 0x4AA800, BlocksNum 0x376DB000
17:18:07.0912 5624  \Device\Harddisk1\DR1\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {2EEA03B2-A9A0-41C3-9E58-80965346D95B}, Name: Basic data partition, StartLBA 0x37B86000, BlocksNum 0x2800000
17:18:07.0912 5624  MBR partitions:
17:18:07.0912 5624  \Device\Harddisk2\DR2:
17:18:07.0912 5624  MBR partitions:
17:18:07.0912 5624  \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x60, BlocksNum 0x3B5FFA0
17:18:07.0912 5624  ============================================================
17:18:08.0006 5624  C: <-> \Device\Harddisk1\DR1\Partition5
17:18:08.0006 5624  ============================================================
17:18:08.0006 5624  Initialize success
17:18:08.0006 5624  ============================================================
17:18:22.0007 5196  ============================================================
17:18:22.0007 5196  Scan started
17:18:22.0007 5196  Mode: Manual; SigCheck; TDLFS; 
17:18:22.0007 5196  ============================================================
17:18:22.0851 5196  ================ Scan system memory ========================
17:18:22.0851 5196  System memory - ok
17:18:22.0851 5196  ================ Scan services =============================
17:18:23.0148 5196  [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
17:18:23.0194 5196  1394ohci - ok
17:18:23.0210 5196  [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
17:18:23.0226 5196  3ware - ok
17:18:23.0319 5196  [ A3BDA4D1186C8F47FA1BC8E91F197537 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
17:18:23.0335 5196  ACPI - ok
17:18:23.0398 5196  [ DC968C37822117E576B933F34A2D130C ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
17:18:23.0413 5196  acpiex - ok
17:18:23.0429 5196  [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
17:18:23.0445 5196  acpipagr - ok
17:18:23.0445 5196  [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
17:18:23.0460 5196  AcpiPmi - ok
17:18:23.0460 5196  [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
17:18:23.0476 5196  acpitime - ok
17:18:23.0538 5196  [ 3B42D95D20CD2AACDB0564471AE43ED7 ] ACPIVPC         C:\WINDOWS\System32\drivers\AcpiVpc.sys
17:18:23.0554 5196  ACPIVPC - ok
17:18:23.0804 5196  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:18:23.0804 5196  AdobeARMservice - ok
17:18:24.0163 5196  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:18:24.0179 5196  AdobeFlashPlayerUpdateSvc - ok
17:18:24.0273 5196  [ 93C6388592B99925C1D1576E465BC80F ] adp94xx         C:\WINDOWS\system32\drivers\adp94xx.sys
17:18:24.0288 5196  adp94xx - ok
17:18:24.0382 5196  [ D27763E0247292654E7F7D16444C7C72 ] adpahci         C:\WINDOWS\system32\drivers\adpahci.sys
17:18:24.0398 5196  adpahci - ok
17:18:24.0491 5196  [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320         C:\WINDOWS\system32\drivers\adpu320.sys
17:18:24.0507 5196  adpu320 - ok
17:18:24.0570 5196  [ AB34A3211A1D2AB977DE00CD7BC5A464 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
17:18:24.0585 5196  AeLookupSvc - ok
17:18:24.0648 5196  [ 9E975BDC89C83900B2C534C4E1B018F8 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
17:18:24.0679 5196  AFD - ok
17:18:24.0710 5196  [ 01590377A5AB19E792528C628A2A68F9 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
17:18:24.0726 5196  agp440 - ok
17:18:24.0757 5196  [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG             C:\WINDOWS\System32\alg.exe
17:18:24.0773 5196  ALG - ok
17:18:24.0804 5196  [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\WINDOWS\system32\AUInstallAgent.dll
17:18:24.0820 5196  AllUserInstallAgent - ok
17:18:24.0835 5196  [ FB88D16B55F788EEB7590584FE2D8F1A ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
17:18:24.0835 5196  AmdK8 - ok
17:18:24.0913 5196  [ 81402FF3373CE4DF77D5C874E369A985 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
17:18:24.0929 5196  AmdPPM - ok
17:18:24.0945 5196  [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
17:18:24.0960 5196  amdsata - ok
17:18:25.0038 5196  [ 00452671904F5EE94B50BF0219C97164 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
17:18:25.0054 5196  amdsbs - ok
17:18:25.0085 5196  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
17:18:25.0101 5196  amdxata - ok
17:18:25.0163 5196  [ C7BE7FBB9B6BDE11E12A0F204384C1D6 ] AmUStor         C:\WINDOWS\system32\drivers\AmUStor.SYS
17:18:25.0179 5196  AmUStor - ok
17:18:25.0195 5196  [ 83B3682CE922FB0F415734B26D9D6233 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
17:18:25.0226 5196  AppID - ok
17:18:25.0241 5196  [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
17:18:25.0273 5196  AppIDSvc - ok
17:18:25.0304 5196  [ 4F750B7EFCB6520AE01E01D082D7D476 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
17:18:25.0320 5196  Appinfo - ok
17:18:25.0445 5196  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:18:25.0460 5196  Apple Mobile Device - ok
17:18:25.0476 5196  [ E933401B392387F4BE34DE8BAF1722A7 ] arc             C:\WINDOWS\system32\drivers\arc.sys
17:18:25.0491 5196  arc - ok
17:18:25.0538 5196  [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
17:18:25.0538 5196  arcsas - ok
17:18:25.0554 5196  [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:18:25.0570 5196  AsyncMac - ok
17:18:25.0570 5196  [ A721FF570C2387E383BDDEA9632863C9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
17:18:25.0585 5196  atapi - ok
17:18:25.0616 5196  [ BCD7A47EF587DC00DD61D12D9C2D1E44 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
17:18:25.0632 5196  AudioEndpointBuilder - ok
17:18:25.0741 5196  [ 810F30FF8490ED5ED510621DF10DE320 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
17:18:25.0757 5196  Audiosrv - ok
17:18:25.0804 5196  [ 555C879F7CD2A5E476F2F46D3FBD5537 ] AX88772         C:\WINDOWS\system32\DRIVERS\ax88772.sys
17:18:25.0851 5196  AX88772 - ok
17:18:25.0898 5196  [ 89491EF71D5EA011127832C588002853 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
17:18:25.0913 5196  AxInstSV - ok
17:18:25.0945 5196  [ 45C6EC94DE3D466B4B452EA0E3870321 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
17:18:25.0960 5196  b06bdrv - ok
17:18:26.0023 5196  [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
17:18:26.0038 5196  BasicDisplay - ok
17:18:26.0038 5196  [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
17:18:26.0054 5196  BasicRender - ok
17:18:26.0163 5196  [ 5BEC02F0A82187227E7457F4600DDFDA ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
17:18:26.0179 5196  BDESVC - ok
17:18:26.0242 5196  [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
17:18:26.0257 5196  Beep - ok
17:18:26.0320 5196  [ 9E6A544F465C582AB42444A217CF04DC ] BFE             C:\WINDOWS\System32\bfe.dll
17:18:26.0335 5196  BFE - ok
17:18:26.0601 5196  [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS            C:\WINDOWS\System32\qmgr.dll
17:18:26.0648 5196  BITS - ok
17:18:26.0742 5196  [ 13C358D27CBFAF537FA7CA48B9052CF3 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
17:18:26.0757 5196  Bluetooth Device Monitor - ok
17:18:26.0804 5196  [ 7525C93645FDA8E9D8F677FEA833798A ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
17:18:26.0820 5196  Bluetooth OBEX Service - ok
17:18:27.0007 5196  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:18:27.0023 5196  Bonjour Service - ok
17:18:27.0054 5196  [ B17AC10B47C7FCB44D22A1F06415840E ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
17:18:27.0070 5196  bowser - ok
17:18:27.0117 5196  [ 88F6F0E54F37F99FE7D5513B7623E444 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
17:18:27.0132 5196  BrokerInfrastructure - ok
17:18:27.0179 5196  [ 310068BDA80B1D55C36580FD8A873FAF ] Browser         C:\WINDOWS\System32\browser.dll
17:18:27.0195 5196  Browser - ok
17:18:27.0242 5196  [ F17DEEAC7D51D44CF1BFF8DD4F0A2B6D ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
17:18:27.0242 5196  BthAvrcpTg - ok
17:18:27.0273 5196  [ A8B20D852B07AE19A13B5D47EC4E4C3B ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
17:18:27.0288 5196  BthEnum - ok
17:18:27.0351 5196  [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
17:18:27.0413 5196  BthHFEnum - ok
17:18:27.0445 5196  [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
17:18:27.0460 5196  bthhfhid - ok
17:18:27.0554 5196  [ 42201C346F0B8C458E1E9CDE04D68A2C ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
17:18:27.0585 5196  BthLEEnum - ok
17:18:27.0601 5196  [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
17:18:27.0632 5196  BTHMODEM - ok
17:18:27.0648 5196  [ 091BB978E9504D0AD14586929431A957 ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys
17:18:27.0663 5196  BthPan - ok
17:18:27.0710 5196  [ B2FD839F9AF51B8580C02B89AC6C6C89 ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys
17:18:27.0742 5196  BTHPORT - ok
17:18:27.0804 5196  [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv         C:\WINDOWS\system32\bthserv.dll
17:18:27.0820 5196  bthserv - ok
17:18:27.0851 5196  [ 1F715957F5236D30B6020A19A4271F6A ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
17:18:27.0867 5196  BTHUSB - ok
17:18:27.0898 5196  [ 7235891AF09D13C4214DEEE57ED331D0 ] btmaux          C:\WINDOWS\system32\DRIVERS\btmaux.sys
17:18:27.0913 5196  btmaux - ok
17:18:28.0163 5196  [ 76D0DDD58A773CA1BFB4D30AAE03517A ] btmhsf          C:\WINDOWS\system32\DRIVERS\btmhsf.sys
17:18:28.0195 5196  btmhsf - ok
17:18:28.0210 5196  [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
17:18:28.0210 5196  cdfs - ok
17:18:28.0289 5196  [ 339BFF85D788268752DA8C9644B188EE ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
17:18:28.0320 5196  cdrom - ok
17:18:28.0398 5196  [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
17:18:28.0414 5196  CertPropSvc - ok
17:18:28.0476 5196  [ D2B3252AD4EB499C935A56467997AA3C ] cfwids          C:\WINDOWS\system32\drivers\cfwids.sys
17:18:28.0492 5196  cfwids - ok
17:18:28.0554 5196  [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
17:18:28.0585 5196  circlass - ok
17:18:28.0617 5196  [ 9905168708DB68849B879B5548F68AB3 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
17:18:28.0632 5196  CLFS - ok
17:18:28.0664 5196  [ 2DC8538A2260647484A6C921CA837313 ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
17:18:28.0679 5196  CmBatt - ok
17:18:28.0710 5196  [ 1894FD2D5966A81D3B07A7C4D8724D59 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
17:18:28.0742 5196  CNG - ok
17:18:28.0960 5196  [ 1F925AA990A6A446E8BA926B2D0A5201 ] CnxtHdAudService C:\WINDOWS\system32\drivers\CHDRT64.sys
17:18:28.0992 5196  CnxtHdAudService - ok
17:18:29.0054 5196  [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
17:18:29.0070 5196  CompositeBus - ok
17:18:29.0085 5196  COMSysApp - ok
17:18:29.0085 5196  [ D9CB0782AF819548072AA45B70F8B22D ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
17:18:29.0117 5196  condrv - ok
17:18:29.0351 5196  [ 815F3180B5117E42E422188E9CCC89C6 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
17:18:29.0367 5196  cphs - ok
17:18:29.0429 5196  [ F0E78B119D12BA81F163D48C0FF30B9A ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
17:18:29.0445 5196  CryptSvc - ok
17:18:29.0476 5196  [ 48AED45DF009081AF3F5144F7D624674 ] CxAudMsg        C:\WINDOWS\system32\CxAudMsg64.exe
17:18:29.0492 5196  CxAudMsg - ok
17:18:29.0539 5196  [ E8A676D196E9A4DED7A6C74DEA90FA4E ] dam             C:\WINDOWS\system32\drivers\dam.sys
17:18:29.0554 5196  dam - ok
17:18:29.0710 5196  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
17:18:29.0726 5196  DcomLaunch - ok
17:18:29.0898 5196  [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
17:18:29.0914 5196  defragsvc - ok
17:18:29.0945 5196  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
17:18:29.0976 5196  DeviceAssociationService - ok
17:18:30.0023 5196  [ D7A3877D9E126E21925DA873677C1D65 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
17:18:30.0039 5196  DeviceInstall - ok
17:18:30.0070 5196  [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
17:18:30.0085 5196  Dfsc - ok
17:18:30.0226 5196  [ 6DBE7FE196F8E9D212DCC34EDDF7C3C1 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
17:18:30.0242 5196  Dhcp - ok
17:18:30.0257 5196  [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache        C:\WINDOWS\system32\drivers\discache.sys
17:18:30.0304 5196  discache - ok
17:18:30.0320 5196  [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk            C:\WINDOWS\system32\drivers\disk.sys
17:18:30.0367 5196  disk - ok
17:18:30.0382 5196  [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
17:18:30.0445 5196  dmvsc - ok
17:18:30.0476 5196  [ 9ACE7E657107EB51E5E89FD883F2FD2D ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
17:18:30.0492 5196  Dnscache - ok
17:18:30.0570 5196  [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
17:18:30.0585 5196  dot3svc - ok
17:18:30.0648 5196  [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS             C:\WINDOWS\system32\dps.dll
17:18:30.0679 5196  DPS - ok
17:18:30.0695 5196  [ 013C53A30F896F00C563FD53E695AEF4 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
17:18:30.0742 5196  drmkaud - ok
17:18:30.0820 5196  [ BF48F32EE248C3D371DA5DC93BBEADA7 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
17:18:30.0836 5196  DsmSvc - ok
17:18:31.0117 5196  [ 6D1B8A9A2C0BD4851D8AF1AB43E67AD9 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
17:18:31.0195 5196  DXGKrnl - ok
17:18:31.0257 5196  [ 651FBD69A9713D623D456A240F96179C ] e1iexpress      C:\WINDOWS\system32\DRIVERS\e1i63x64.sys
17:18:31.0336 5196  e1iexpress - ok
17:18:31.0445 5196  [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
17:18:31.0461 5196  Eaphost - ok
17:18:32.0070 5196  [ C815C4FAE6A816DFB58975F3D0396692 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
17:18:32.0148 5196  ebdrv - ok
17:18:32.0195 5196  [ 6E0E63801FBEF27995107B8269BCFAAD ] EFS             C:\WINDOWS\System32\lsass.exe
17:18:32.0195 5196  EFS - ok
17:18:32.0226 5196  [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
17:18:32.0242 5196  EhStorClass - ok
17:18:32.0304 5196  [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
17:18:32.0336 5196  EhStorTcgDrv - ok
17:18:32.0429 5196  [ BE2902E13CA69383F449B6BF927844FB ] ElbyCDIO        C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
17:18:32.0429 5196  ElbyCDIO - ok
17:18:32.0445 5196  [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
17:18:32.0461 5196  ErrDev - ok
17:18:32.0554 5196  [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem     C:\WINDOWS\system32\es.dll
17:18:32.0586 5196  EventSystem - ok
17:18:32.0711 5196  [ E67E289FA8AA393223AD7F9AFB738FD6 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:18:32.0726 5196  EvtEng - ok
17:18:32.0836 5196  [ D2EAA04AF43154B62FA85B08BAD0A7CA ] excfs           C:\WINDOWS\system32\DRIVERS\excfs.sys
17:18:32.0836 5196  excfs - ok
17:18:32.0929 5196  [ E6082A6C109238A725D83184724C4A36 ] excsd           C:\WINDOWS\system32\DRIVERS\excsd.sys
17:18:32.0929 5196  excsd - ok
17:18:32.0961 5196  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
17:18:32.0976 5196  exfat - ok
17:18:33.0133 5196  [ 68030FF4B7669E15916910885E2E6160 ] ExpressCache    C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
17:18:33.0133 5196  ExpressCache - ok
17:18:33.0148 5196  [ 60996602A7111FD2D086E803F33E4282 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
17:18:33.0164 5196  fastfat - ok
17:18:33.0195 5196  [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax             C:\WINDOWS\system32\fxssvc.exe
17:18:33.0211 5196  Fax - ok
17:18:33.0242 5196  [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
17:18:33.0258 5196  fdc - ok
17:18:33.0289 5196  [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
17:18:33.0304 5196  fdPHost - ok
17:18:33.0336 5196  [ 872506AAB591E8908DF4461475AF92DF ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
17:18:33.0352 5196  FDResPub - ok
17:18:33.0384 5196  [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
17:18:33.0399 5196  fhsvc - ok
17:18:33.0430 5196  [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
17:18:33.0430 5196  FileInfo - ok
17:18:33.0462 5196  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
17:18:33.0477 5196  Filetrace - ok
17:18:33.0524 5196  [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
17:18:33.0571 5196  flpydisk - ok
17:18:33.0602 5196  [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
17:18:33.0618 5196  FltMgr - ok
17:18:33.0680 5196  [ 305CB1E16576F436BC8797E629A3D46D ] FontCache       C:\WINDOWS\system32\FntCache.dll
17:18:33.0727 5196  FontCache - ok
17:18:33.0868 5196  [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:18:33.0884 5196  FontCache3.0.0.0 - ok
17:18:33.0899 5196  [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
17:18:33.0915 5196  FsDepends - ok
17:18:33.0930 5196  [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:18:33.0946 5196  Fs_Rec - ok
17:18:33.0993 5196  [ 79E687A2829B9EBDF488F78260651094 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
17:18:34.0024 5196  fvevol - ok
17:18:34.0024 5196  [ 3EF3FCCC0E70EEC5C2AD996F32BBA642 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
17:18:34.0040 5196  FxPPM - ok
17:18:34.0040 5196  [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
17:18:34.0055 5196  gagp30kx - ok
17:18:34.0102 5196  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
17:18:34.0118 5196  GEARAspiWDM - ok
17:18:34.0165 5196  [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
17:18:34.0180 5196  gencounter - ok
17:18:34.0212 5196  [ A1F17108F3ED752D2614D767792327C5 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
17:18:34.0227 5196  GPIOClx0101 - ok
17:18:34.0274 5196  [ 5358678C6370F2ADC5291849F6503262 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
17:18:34.0305 5196  gpsvc - ok
17:18:34.0337 5196  [ C2504AA983B5D411F7D31402E8B57725 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
17:18:34.0368 5196  HdAudAddService - ok
17:18:34.0384 5196  [ 8D6810577E9C4F56DCB8E9BACAC7287B ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
17:18:34.0415 5196  HDAudBus - ok
17:18:34.0430 5196  [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
17:18:34.0446 5196  HidBatt - ok
17:18:34.0462 5196  [ 085F150D002B7F0153D3C06DDF33A143 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
17:18:34.0493 5196  HidBth - ok
17:18:34.0509 5196  [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
17:18:34.0524 5196  hidi2c - ok
17:18:34.0524 5196  [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
17:18:34.0555 5196  HidIr - ok
17:18:34.0572 5196  [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv         C:\WINDOWS\system32\hidserv.dll
17:18:34.0588 5196  hidserv - ok
17:18:34.0619 5196  [ 9E11EE0F2E117B2D5A835B2B91752827 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
17:18:34.0635 5196  HidUsb - ok
17:18:34.0650 5196  [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK      C:\WINDOWS\system32\drivers\HipShieldK.sys
17:18:34.0650 5196  HipShieldK - ok
17:18:34.0666 5196  [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
17:18:34.0697 5196  hkmsvc - ok
17:18:34.0713 5196  [ 6CC1AD7B0E071C317B7FB8FC6AEF0EDA ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
17:18:34.0728 5196  HomeGroupListener - ok
17:18:34.0775 5196  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
17:18:34.0791 5196  HomeGroupProvider - ok
17:18:34.0822 5196  [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
17:18:34.0822 5196  HpSAMD - ok
17:18:34.0885 5196  [ F4A91D985EB9D1D2717D538F3424603C ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
17:18:34.0900 5196  HTTP - ok
17:18:34.0932 5196  [ 2A98301068801700906C06649860FE94 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
17:18:34.0932 5196  hwpolicy - ok
17:18:34.0963 5196  [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
17:18:34.0978 5196  hyperkbd - ok
17:18:34.0994 5196  [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
17:18:34.0994 5196  HyperVideo - ok
17:18:35.0041 5196  [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
17:18:35.0072 5196  i8042prt - ok
17:18:35.0104 5196  [ 0FE66A51D81A25AACEAAE4C26308121D ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
17:18:35.0119 5196  iaStorA - ok
17:18:35.0197 5196  [ 584068E03829BC5C63F54B05E6244E97 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:18:35.0197 5196  IAStorDataMgrSvc ( UnsignedFile.Multi.Generic ) - warning
17:18:35.0197 5196  IAStorDataMgrSvc - detected UnsignedFile.Multi.Generic (1)
17:18:35.0229 5196  [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
17:18:35.0244 5196  iaStorV - ok
17:18:35.0275 5196  [ C430482AC892D52CED021EDDD4D368A2 ] ibtfltcoex      C:\WINDOWS\system32\DRIVERS\iBtFltCoex.sys
17:18:35.0291 5196  ibtfltcoex - ok
17:18:35.0385 5196  [ 348214F96642FD4FEF630DE021BA3540 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
17:18:35.0479 5196  igfx - ok
17:18:35.0525 5196  [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp           C:\WINDOWS\system32\drivers\iirsp.sys
17:18:35.0541 5196  iirsp - ok
17:18:35.0604 5196  [ 531B5A98145DA689741A0AC18F14EA94 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
17:18:35.0666 5196  IKEEXT - ok
17:18:35.0697 5196  [ FD2032D2EAE8D7F3381EBA5FA3E7FEEA ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
17:18:35.0697 5196  intaud_WaveExtensible - ok
17:18:35.0713 5196  [ F5495B38BFB9149925F54F65AB40EFBF ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
17:18:35.0729 5196  IntcDAud - ok
17:18:35.0775 5196  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
17:18:35.0791 5196  Intel(R) Capability Licensing Service Interface - ok
17:18:35.0838 5196  [ 30E9FAC23E2537D82F2836CB81AEE186 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
17:18:35.0854 5196  Intel(R) ME Service - ok
17:18:35.0869 5196  [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
17:18:35.0885 5196  intelide - ok
17:18:35.0916 5196  [ F9E126AA767E2E6E3128434A43C9F713 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
17:18:35.0916 5196  intelppm - ok
17:18:35.0932 5196  [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:18:35.0947 5196  IpFilterDriver - ok
17:18:35.0979 5196  [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
17:18:36.0041 5196  iphlpsvc - ok
17:18:36.0041 5196  [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
17:18:36.0073 5196  IPMIDRV - ok
17:18:36.0089 5196  [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
17:18:36.0104 5196  IPNAT - ok
17:18:36.0182 5196  [ 0FF335D687C85097725A53458160E81E ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
17:18:36.0198 5196  iPod Service - ok
17:18:36.0214 5196  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
17:18:36.0229 5196  IRENUM - ok
17:18:36.0261 5196  [ 4D9B9A794F22415B8C3E0CCFBE61BC7A ] irstrtdv        C:\WINDOWS\System32\drivers\irstrtdv.sys
17:18:36.0261 5196  irstrtdv - ok
17:18:36.0386 5196  [ E145E934392E7A49FDC6775AC3A347F8 ] irstrtsv        C:\WINDOWS\SysWOW64\irstrtsv.exe
17:18:36.0401 5196  irstrtsv - ok
17:18:36.0448 5196  [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
17:18:36.0448 5196  isapnp - ok
17:18:36.0464 5196  [ F5F0DE1B7F256997501EECECE9648108 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
17:18:36.0479 5196  iScsiPrt - ok
17:18:36.0495 5196  [ C59B9CE2855E667809F9E63C20FC44A5 ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
17:18:36.0495 5196  iwdbus - ok
17:18:36.0558 5196  [ 3C4002D339491AF73D663FFC7F6E5ECB ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
17:18:36.0589 5196  jhi_service - ok
17:18:36.0604 5196  [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
17:18:36.0620 5196  kbdclass - ok
17:18:36.0651 5196  [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
17:18:36.0667 5196  kbdhid - ok
17:18:36.0683 5196  [ FB6C185092E18011EF49989425C2AA87 ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
17:18:36.0698 5196  kdnic - ok
17:18:36.0761 5196  [ 6E0E63801FBEF27995107B8269BCFAAD ] KeyIso          C:\WINDOWS\system32\lsass.exe
17:18:36.0776 5196  KeyIso - ok
17:18:36.0808 5196  [ A4751040DB14E30E61A4E47481C77274 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
17:18:36.0823 5196  KSecDD - ok
17:18:36.0870 5196  [ E427D299CFE267A2465D3AAF81440ED9 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
17:18:36.0886 5196  KSecPkg - ok
17:18:36.0901 5196  [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
17:18:36.0933 5196  ksthunk - ok
17:18:37.0026 5196  [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
17:18:37.0058 5196  KtmRm - ok
17:18:37.0104 5196  [ 61959D7B5A83C524909325AE751F19F9 ] LAD             C:\WINDOWS\System32\drivers\LAD.sys
17:18:37.0120 5196  LAD - ok
17:18:37.0136 5196  [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
17:18:37.0151 5196  LanmanServer - ok
17:18:37.0245 5196  [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
17:18:37.0323 5196  LanmanWorkstation - ok
17:18:37.0417 5196  [ 93138543A4D836E97543BA2B857BDBFF ] Lenovo Smart Update Service C:\Program Files (x86)\Lenovo\Lenovo Smart Update\Lenovo Smart Update Service.exe
17:18:37.0417 5196  Lenovo Smart Update Service - ok
17:18:37.0464 5196  [ BE166935083F9C38EDFDC21B9A7A679B ] LHDmgr          C:\WINDOWS\system32\DRIVERS\LhdX64.sys
17:18:37.0464 5196  LHDmgr - ok
17:18:37.0495 5196  [ CEEFD29FC551F289810B0B9381B321DC ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
17:18:37.0511 5196  lltdio - ok
17:18:37.0573 5196  [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
17:18:37.0589 5196  lltdsvc - ok
17:18:37.0620 5196  [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
17:18:37.0636 5196  lmhosts - ok
17:18:37.0667 5196  [ 4269D44BB47A6DA5D80B11F4C8536458 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:18:37.0683 5196  LMS - ok
17:18:37.0745 5196  [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
17:18:37.0792 5196  LSI_SAS - ok
17:18:37.0823 5196  [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
17:18:37.0839 5196  LSI_SAS2 - ok
17:18:37.0870 5196  [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI        C:\WINDOWS\system32\drivers\lsi_scsi.sys
17:18:37.0870 5196  LSI_SCSI - ok
17:18:37.0901 5196  [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
17:18:37.0917 5196  LSI_SSS - ok
17:18:38.0058 5196  [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM             C:\WINDOWS\System32\lsm.dll
17:18:38.0089 5196  LSM - ok
17:18:38.0120 5196  [ 2BDC5D711FA61307CE6190D47C956368 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
17:18:38.0151 5196  luafv - ok
17:18:38.0276 5196  [ 1E3AF124A3405EEE594BB9FFD4640F48 ] McAWFwk         c:\PROGRA~1\mcafee\msc\mcawfwk.exe
17:18:38.0292 5196  McAWFwk - ok
17:18:38.0339 5196  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
17:18:38.0354 5196  McMPFSvc - ok
17:18:38.0370 5196  [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:18:38.0370 5196  mcmscsvc - ok
17:18:38.0386 5196  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:18:38.0386 5196  McNaiAnn - ok
17:18:38.0401 5196  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc         C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:18:38.0401 5196  McNASvc - ok
17:18:38.0479 5196  [ B26B99CE6218CC586B727CBA7C923233 ] McODS           C:\Program Files\mcafee\VirusScan\mcods.exe
17:18:38.0495 5196  McODS - ok
17:18:38.0511 5196  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McOobeSv        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:18:38.0526 5196  McOobeSv - ok
17:18:38.0526 5196  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy         C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:18:38.0542 5196  McProxy - ok
17:18:38.0620 5196  [ 21F81090A00932C5E96700EDF2977582 ] McShield        C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
17:18:38.0636 5196  McShield - ok
17:18:38.0698 5196  [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
17:18:38.0714 5196  megasas - ok
17:18:38.0745 5196  [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR          C:\WINDOWS\system32\drivers\MegaSR.sys
17:18:38.0761 5196  MegaSR - ok
17:18:38.0823 5196  [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
17:18:38.0839 5196  MEIx64 - ok
17:18:38.0886 5196  [ B1720E97FABBDF7D30B36DAF19C3DEE8 ] mfeapfk         C:\WINDOWS\system32\drivers\mfeapfk.sys
17:18:38.0901 5196  mfeapfk - ok
17:18:38.0948 5196  [ 113F1534B80D65DFDCA660F19967A3B7 ] mfeavfk         C:\WINDOWS\system32\drivers\mfeavfk.sys
17:18:38.0964 5196  mfeavfk - ok
17:18:38.0980 5196  mfeavfk01 - ok
17:18:39.0011 5196  [ AF83010055E18126067D0560069BF11A ] mfeelamk        C:\WINDOWS\system32\drivers\mfeelamk.sys
17:18:39.0011 5196  mfeelamk - ok
17:18:39.0042 5196  [ C4F521310E40327BBC8E8E71DA344F48 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
17:18:39.0042 5196  mfefire - ok
17:18:39.0183 5196  [ CECC9841D036EE008091825272D91331 ] mfefirek        C:\WINDOWS\system32\drivers\mfefirek.sys
17:18:39.0214 5196  mfefirek - ok
17:18:39.0245 5196  [ EF0F85EDBDF6C0AB467E88E0CEE2B346 ] mfehidk         C:\WINDOWS\system32\drivers\mfehidk.sys
17:18:39.0276 5196  mfehidk - ok
17:18:39.0276 5196  [ 6E3A46BF6CBB80450CC24F80FE03ED5A ] mferkdet        C:\WINDOWS\system32\drivers\mferkdet.sys
17:18:39.0292 5196  mferkdet - ok
17:18:39.0323 5196  [ 341BFCAA3A55C08E8C9ECB1654ACA905 ] mfevtp          C:\WINDOWS\system32\mfevtps.exe
17:18:39.0339 5196  mfevtp - ok
17:18:39.0355 5196  [ 2802D09F1B6ED502237539563F3C4992 ] mfewfpk         C:\WINDOWS\system32\drivers\mfewfpk.sys
17:18:39.0370 5196  mfewfpk - ok
17:18:39.0417 5196  [ DBD28A7997CF7303E610989C565C9B29 ] MMCSS           C:\WINDOWS\system32\mmcss.dll
17:18:39.0433 5196  MMCSS - ok
17:18:39.0480 5196  [ 780098AD5DA8A4822E2563984C85EF7B ] Modem           C:\WINDOWS\system32\drivers\modem.sys
17:18:39.0495 5196  Modem - ok
17:18:39.0511 5196  [ 83EB0BF7E6EBD5B1AAC97F9DBD5EB935 ] monitor         C:\WINDOWS\system32\DRIVERS\monitor.sys
17:18:39.0526 5196  monitor - ok
17:18:39.0526 5196  [ 618446B98C79776654340CE27C73485E ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
17:18:39.0542 5196  mouclass - ok
17:18:39.0573 5196  [ CB2527B8B87D83E56FBF3944BBB6F606 ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
17:18:39.0589 5196  mouhid - ok
17:18:39.0605 5196  [ 89D263DBF08119CE16273991C120D6DD ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
17:18:39.0620 5196  mountmgr - ok
17:18:39.0683 5196  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:18:39.0698 5196  MozillaMaintenance - ok
17:18:39.0698 5196  [ 36BF4D86F166ACBC14F0B8B8F90CBCEA ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
17:18:39.0714 5196  mpsdrv - ok
17:18:39.0839 5196  [ 411EA973A1961C287927DF13891EB41E ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
17:18:39.0886 5196  MpsSvc - ok
17:18:39.0933 5196  [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
17:18:39.0948 5196  MRxDAV - ok
17:18:40.0042 5196  [ 93179D48066918323628CB016D8C94DC ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:18:40.0089 5196  mrxsmb - ok
17:18:40.0120 5196  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
17:18:40.0151 5196  mrxsmb10 - ok
17:18:40.0230 5196  [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
17:18:40.0245 5196  mrxsmb20 - ok
17:18:40.0308 5196  [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
17:18:40.0323 5196  MsBridge - ok
17:18:40.0339 5196  [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
17:18:40.0355 5196  MSDTC - ok
17:18:40.0417 5196  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
17:18:40.0417 5196  Msfs - ok
17:18:40.0448 5196  [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
17:18:40.0480 5196  msgpiowin32 - ok
17:18:40.0511 5196  [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
17:18:40.0511 5196  mshidkmdf - ok
17:18:40.0542 5196  [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
17:18:40.0558 5196  mshidumdf - ok
17:18:40.0558 5196  [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
17:18:40.0558 5196  msisadrv - ok
17:18:40.0605 5196  [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
17:18:40.0620 5196  MSiSCSI - ok
17:18:40.0620 5196  msiserver - ok
17:18:40.0667 5196  [ F928E5E72BBA15DD0CE9A26E0413D236 ] MSK80Service    C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
17:18:40.0683 5196  MSK80Service - ok
17:18:40.0698 5196  [ 509809566E49F4411055864EA8D437CD ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:18:40.0714 5196  MSKSSRV - ok
17:18:40.0714 5196  [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
17:18:40.0730 5196  MsLldp - ok
17:18:40.0792 5196  [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:18:40.0792 5196  MSPCLOCK - ok
17:18:40.0808 5196  [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
17:18:40.0808 5196  MSPQM - ok
17:18:40.0855 5196  [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
17:18:40.0886 5196  MsRPC - ok
17:18:40.0917 5196  [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
17:18:40.0933 5196  mssmbios - ok
17:18:40.0964 5196  [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
17:18:40.0964 5196  MSTEE - ok
17:18:40.0980 5196  [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
17:18:40.0995 5196  MTConfig - ok
17:18:41.0027 5196  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
17:18:41.0027 5196  Mup - ok
17:18:41.0058 5196  [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
17:18:41.0151 5196  mvumis - ok
17:18:41.0370 5196  [ 431F065E2A99FC3C670BD20694117C8B ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
17:18:41.0386 5196  MyWiFiDHCPDNS - ok
17:18:41.0511 5196  [ 4B18840511D720BA118D3017E8165875 ] napagent        C:\WINDOWS\system32\qagentRT.dll
17:18:41.0542 5196  napagent - ok
17:18:41.0683 5196  [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
17:18:41.0714 5196  NativeWifiP - ok
17:18:41.0792 5196  [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
17:18:41.0808 5196  NcaSvc - ok
17:18:41.0839 5196  [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
17:18:41.0855 5196  NcdAutoSetup - ok
17:18:42.0058 5196  [ 03CFE4108D1DE16D6C59455B5C73319C ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
17:18:42.0089 5196  NDIS - ok
17:18:42.0120 5196  [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
17:18:42.0136 5196  NdisCap - ok
17:18:42.0183 5196  [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
17:18:42.0261 5196  NdisImPlatform - ok
17:18:42.0308 5196  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:18:42.0308 5196  NdisTapi - ok
17:18:42.0323 5196  [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:18:42.0355 5196  Ndisuio - ok
17:18:42.0355 5196  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:18:42.0370 5196  NdisWan - ok
17:18:42.0386 5196  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:18:42.0402 5196  NDISWANLEGACY - ok
17:18:42.0433 5196  [ 3730942D7DB2F8BB5F84542B7FF6F650 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
17:18:42.0448 5196  NDProxy - ok
17:18:42.0495 5196  [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
17:18:42.0511 5196  Ndu - ok
17:18:42.0542 5196  [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
17:18:42.0558 5196  NetBIOS - ok
17:18:42.0589 5196  [ 7CEC25C682D319D484630B3952C31A11 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
17:18:42.0620 5196  NetBT - ok
17:18:42.0636 5196  [ 6E0E63801FBEF27995107B8269BCFAAD ] Netlogon        C:\WINDOWS\system32\lsass.exe
17:18:42.0652 5196  Netlogon - ok
17:18:42.0745 5196  [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman          C:\WINDOWS\System32\netman.dll
17:18:42.0777 5196  Netman - ok
17:18:42.0839 5196  [ 5FF52E13C72838D87DAF228EC9E92C89 ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
17:18:42.0933 5196  netprofm - ok
17:18:43.0167 5196  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:18:43.0183 5196  NetTcpPortSharing - ok
17:18:43.0370 5196  [ A92DECBD3D9624F298A49A2B25EDE3B0 ] NETwNe64        C:\WINDOWS\system32\DRIVERS\NETwew00.sys
17:18:43.0448 5196  NETwNe64 - ok
17:18:44.0058 5196  [ 57B9C04D673F236D41FAB03842C8640B ] NETwNs64        C:\WINDOWS\system32\DRIVERS\NETwNs64.sys
17:18:44.0230 5196  NETwNs64 - ok
17:18:44.0261 5196  [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960         C:\WINDOWS\system32\drivers\nfrd960.sys
17:18:44.0261 5196  nfrd960 - ok
17:18:44.0355 5196  [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
17:18:44.0370 5196  NlaSvc - ok
17:18:44.0402 5196  [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
17:18:44.0402 5196  Npfs - ok
17:18:44.0433 5196  [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
17:18:44.0449 5196  npsvctrig - ok
17:18:44.0480 5196  [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi             C:\WINDOWS\system32\nsisvc.dll
17:18:44.0495 5196  nsi - ok
17:18:44.0495 5196  [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
17:18:44.0511 5196  nsiproxy - ok
17:18:44.0574 5196  [ 76929F4A69E425911A63B407E26C2589 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
17:18:44.0620 5196  Ntfs - ok
17:18:44.0652 5196  [ 4163ADE07DB51843AE31F65B94F5398D ] Null            C:\WINDOWS\system32\drivers\Null.sys
17:18:44.0667 5196  Null - ok
17:18:44.0683 5196  [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
17:18:44.0699 5196  nvraid - ok
17:18:44.0714 5196  [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
17:18:44.0730 5196  nvstor - ok
17:18:44.0730 5196  [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
17:18:44.0745 5196  nv_agp - ok
17:18:44.0777 5196  [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
17:18:44.0808 5196  p2pimsvc - ok
17:18:44.0839 5196  [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
17:18:44.0855 5196  p2psvc - ok
17:18:44.0886 5196  [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
17:18:44.0902 5196  Parport - ok
17:18:44.0964 5196  [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
17:18:44.0980 5196  partmgr - ok
17:18:45.0011 5196  [ 19E41F140A6ADBD38943710DA7FF0E38 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
17:18:45.0042 5196  PcaSvc - ok
17:18:45.0058 5196  [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci             C:\WINDOWS\system32\drivers\pci.sys
17:18:45.0074 5196  pci - ok
17:18:45.0105 5196  [ F9908D274D458220F91E89B54D78D837 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
17:18:45.0105 5196  pciide - ok
17:18:45.0120 5196  [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
17:18:45.0136 5196  pcmcia - ok
17:18:45.0167 5196  [ CEBBAD5391C2644560C55628A40BFD27 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
17:18:45.0183 5196  pcw - ok
17:18:45.0199 5196  [ 0698DEDEAD6A00AD0D468C687D830FBF ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
17:18:45.0214 5196  pdc - ok
17:18:45.0261 5196  [ 61FE70659CD43E07F94DA4DC31DEC493 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
17:18:45.0277 5196  PEAUTH - ok
17:18:45.0433 5196  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
17:18:45.0449 5196  PerfHost - ok
17:18:45.0527 5196  [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla             C:\WINDOWS\system32\pla.dll
17:18:45.0558 5196  pla - ok
17:18:45.0620 5196  [ D7A3877D9E126E21925DA873677C1D65 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
17:18:45.0652 5196  PlugPlay - ok
17:18:45.0652 5196  [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
17:18:45.0667 5196  PNRPAutoReg - ok
17:18:45.0730 5196  [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
17:18:45.0745 5196  PNRPsvc - ok
17:18:45.0792 5196  [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
17:18:45.0824 5196  PolicyAgent - ok
17:18:45.0870 5196  [ AAD0C7235F804728373026EEFFDBCA6C ] Power           C:\WINDOWS\system32\umpo.dll
17:18:45.0886 5196  Power - ok
17:18:45.0933 5196  [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:18:45.0964 5196  PptpMiniport - ok
17:18:46.0277 5196  [ 9D59831262CAD44E709D695FC9D5E7AB ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
17:18:46.0402 5196  PrintNotify - ok
17:18:46.0433 5196  [ 8DA167F8967AB35A2487095CB1B879A0 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
17:18:46.0449 5196  Processor - ok
17:18:46.0542 5196  [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
17:18:46.0558 5196  ProfSvc - ok
17:18:46.0605 5196  [ EB8034147D4820CD31BFCB11A2A652DF ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
17:18:46.0652 5196  Psched - ok
17:18:46.0746 5196  [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE           C:\WINDOWS\system32\qwave.dll
17:18:46.0777 5196  QWAVE - ok
17:18:46.0792 5196  [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
17:18:46.0808 5196  QWAVEdrv - ok
17:18:46.0824 5196  [ 873C60F8178100557740A832FCE10B5F ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:18:46.0886 5196  RasAcd - ok
17:18:46.0964 5196  [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn     C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
17:18:46.0996 5196  RasAgileVpn - ok
17:18:47.0027 5196  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
17:18:47.0042 5196  RasAuto - ok
17:18:47.0121 5196  [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:18:47.0136 5196  Rasl2tp - ok
17:18:47.0167 5196  [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan          C:\WINDOWS\System32\rasmans.dll
17:18:47.0183 5196  RasMan - ok
17:18:47.0199 5196  [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:18:47.0214 5196  RasPppoe - ok
17:18:47.0246 5196  [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp         C:\WINDOWS\system32\DRIVERS\rassstp.sys
17:18:47.0261 5196  RasSstp - ok
17:18:47.0339 5196  [ B72C33DBD5326B3864CF2091AF8B906B ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:18:47.0371 5196  rdbss - ok
17:18:47.0386 5196  [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
17:18:47.0386 5196  rdpbus - ok
17:18:47.0433 5196  [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
17:18:47.0449 5196  RDPDR - ok
17:18:47.0496 5196  [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
17:18:47.0511 5196  RdpVideoMiniport - ok
17:18:47.0527 5196  [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
17:18:47.0542 5196  RDPWD - ok
17:18:47.0558 5196  [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
17:18:47.0574 5196  rdyboost - ok
17:18:47.0792 5196  [ D4F8266D63800FF9ACFAC838005A974C ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:18:47.0808 5196  RegSrvc - ok
17:18:47.0839 5196  [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
17:18:47.0855 5196  RemoteAccess - ok
17:18:47.0902 5196  [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
17:18:47.0933 5196  RemoteRegistry - ok
17:18:47.0980 5196  [ 17EF582CBC4809F96B9E6D0543480763 ] RFCOMM          C:\WINDOWS\system32\DRIVERS\rfcomm.sys
17:18:48.0011 5196  RFCOMM - ok
17:18:48.0027 5196  [ 381E606B90F32E501D1E2C852D211AB9 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
17:18:48.0042 5196  RpcEptMapper - ok
17:18:48.0074 5196  [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator      C:\WINDOWS\system32\locator.exe
17:18:48.0105 5196  RpcLocator - ok
17:18:48.0167 5196  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs           C:\WINDOWS\system32\rpcss.dll
17:18:48.0183 5196  RpcSs - ok
17:18:48.0214 5196  [ E04E770DD198B9399640717145E79EBF ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
17:18:48.0246 5196  rspndr - ok
17:18:48.0402 5196  [ 7D9DA8EC6784A9EE213C676709D46BE6 ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
17:18:48.0433 5196  RTL8168 - ok
17:18:48.0449 5196  [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
17:18:48.0464 5196  s3cap - ok
17:18:48.0511 5196  [ 6E0E63801FBEF27995107B8269BCFAAD ] SamSs           C:\WINDOWS\system32\lsass.exe
17:18:48.0511 5196  SamSs - ok
17:18:48.0542 5196  [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
17:18:48.0558 5196  sbp2port - ok
17:18:48.0605 5196  [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
17:18:48.0636 5196  SCardSvr - ok
17:18:48.0683 5196  [ 5D7733A12756B267FCA021672B26BC9E ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
17:18:48.0699 5196  scfilter - ok
17:18:48.0949 5196  [ ED40ED9A65F3E79A8C43DD50C5FDADBF ] Schedule        C:\WINDOWS\system32\schedsvc.dll
17:18:48.0980 5196  Schedule - ok
17:18:49.0027 5196  [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
17:18:49.0058 5196  SCPolicySvc - ok
17:18:49.0152 5196  [ 12F06525912BBEF67837DE47D87C60A9 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
17:18:49.0168 5196  sdbus - ok
17:18:49.0199 5196  [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
17:18:49.0214 5196  SDRSVC - ok
17:18:49.0230 5196  [ 6BF842A03DAA25CBBA9A585E25731E06 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
17:18:49.0246 5196  sdstor - ok
17:18:49.0277 5196  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
17:18:49.0293 5196  secdrv - ok
17:18:49.0355 5196  [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon        C:\WINDOWS\system32\seclogon.dll
17:18:49.0371 5196  seclogon - ok
17:18:49.0402 5196  [ 9C51620998F0763039DFA6BF68E475ED ] SENS            C:\WINDOWS\System32\sens.dll
17:18:49.0449 5196  SENS - ok
17:18:49.0480 5196  [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
17:18:49.0511 5196  SensrSvc - ok
17:18:49.0527 5196  [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
17:18:49.0543 5196  SerCx - ok
17:18:49.0574 5196  [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
17:18:49.0605 5196  Serenum - ok
17:18:49.0636 5196  [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
17:18:49.0668 5196  Serial - ok
17:18:49.0683 5196  [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
17:18:49.0714 5196  sermouse - ok
17:18:49.0777 5196  [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
17:18:49.0808 5196  SessionEnv - ok
17:18:49.0824 5196  [ 7EE65419B29302C795714FF8073969A1 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
17:18:49.0855 5196  sfloppy - ok
17:18:49.0933 5196  [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
17:18:49.0980 5196  SharedAccess - ok
17:18:50.0152 5196  [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:18:50.0199 5196  ShellHWDetection - ok
17:18:50.0277 5196  [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
17:18:50.0277 5196  SiSRaid2 - ok
17:18:50.0293 5196  [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
17:18:50.0308 5196  SiSRaid4 - ok
17:18:50.0480 5196  [ 4E8A4BB5B11D828FF986F6228B1CD3DF ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
17:18:50.0511 5196  SkypeUpdate - ok
17:18:50.0543 5196  [ 23D6E5B073B9848D6B9973306A1E9591 ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
17:18:50.0558 5196  SmbDrvI - ok
17:18:50.0605 5196  [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
17:18:50.0668 5196  SNMPTRAP - ok
17:18:50.0730 5196  [ 872E937681910E2456A054331C7D5A18 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
17:18:50.0746 5196  spaceport - ok
17:18:50.0761 5196  [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
17:18:50.0777 5196  SpbCx - ok
17:18:50.0808 5196  [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
17:18:50.0839 5196  Spooler - ok
17:18:50.0980 5196  [ EC84D961501054F87A6878EC5D53388F ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
17:18:51.0074 5196  sppsvc - ok
17:18:51.0105 5196  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
17:18:51.0136 5196  srv - ok
17:18:51.0183 5196  [ 56218A571ECF8D55E0CDFF8DF2546CF1 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
17:18:51.0199 5196  srv2 - ok
17:18:51.0261 5196  [ 14FC338B80CFF7E04215133B568D15C4 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
17:18:51.0308 5196  srvnet - ok
17:18:51.0371 5196  [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
17:18:51.0402 5196  SSDPSRV - ok
17:18:51.0418 5196  [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
17:18:51.0449 5196  SstpSvc - ok
17:18:51.0480 5196  [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
17:18:51.0668 5196  stexstor - ok
17:18:51.0902 5196  [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc          C:\WINDOWS\System32\wiaservc.dll
17:18:51.0918 5196  stisvc - ok
17:18:51.0980 5196  [ C588BBD37B432CE3204E5765B459E6B2 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
17:18:51.0996 5196  storahci - ok
17:18:52.0058 5196  [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
17:18:52.0074 5196  storflt - ok
17:18:52.0105 5196  [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
17:18:52.0121 5196  StorSvc - ok
17:18:52.0136 5196  [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
17:18:52.0152 5196  storvsc - ok
17:18:52.0168 5196  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc           C:\WINDOWS\system32\svsvc.dll
17:18:52.0183 5196  svsvc - ok
17:18:52.0215 5196  [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
17:18:52.0215 5196  swenum - ok
17:18:52.0308 5196  [ 502F9488540051F3E6C39889ECFA76BB ] swprv           C:\WINDOWS\System32\swprv.dll
17:18:52.0340 5196  swprv - ok
17:18:52.0465 5196  [ EC3D443A4D29AA584DB8FD44C27E3262 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
17:18:52.0480 5196  SynTP - ok
17:18:52.0574 5196  [ DC21E1F06343773D7E24362DCEF7944B ] SysMain         C:\WINDOWS\system32\sysmain.dll
17:18:52.0590 5196  SysMain - ok
17:18:52.0636 5196  [ E219BF7BCCFE4881B0C053C7E0B47ECC ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
17:18:52.0652 5196  SystemEventsBroker - ok
17:18:52.0683 5196  [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
17:18:52.0699 5196  TabletInputService - ok
17:18:52.0730 5196  [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
17:18:52.0746 5196  TapiSrv - ok
17:18:52.0793 5196  [ F4F78B7F39BD56BD0BFE4C4399398F6F ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
17:18:52.0840 5196  Tcpip - ok
17:18:52.0965 5196  [ F4F78B7F39BD56BD0BFE4C4399398F6F ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:18:53.0011 5196  TCPIP6 - ok
17:18:53.0090 5196  [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
17:18:53.0105 5196  tcpipreg - ok
17:18:53.0152 5196  [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
17:18:53.0168 5196  tdx - ok
17:18:53.0215 5196  [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
17:18:53.0215 5196  terminpt - ok
17:18:53.0261 5196  [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService     C:\WINDOWS\System32\termsrv.dll
17:18:53.0293 5196  TermService - ok
17:18:53.0308 5196  [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes          C:\WINDOWS\system32\themeservice.dll
17:18:53.0340 5196  Themes - ok
17:18:53.0386 5196  [ DBD28A7997CF7303E610989C565C9B29 ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
17:18:53.0418 5196  THREADORDER - ok
17:18:53.0511 5196  [ FF4135424A79DCC2998276D8E39C9B4D ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
17:18:53.0543 5196  TimeBroker - ok
17:18:53.0574 5196  [ 151BD0387B1B320CC9AACE6DB071803B ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
17:18:53.0590 5196  TPM - ok
17:18:53.0605 5196  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks          C:\WINDOWS\System32\trkwks.dll
17:18:53.0621 5196  TrkWks - ok
17:18:53.0699 5196  [ 8D516AEF3C1DF980664CF17BB1FF6093 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
17:18:53.0715 5196  TrustedInstaller - ok
17:18:53.0715 5196  [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
17:18:53.0730 5196  TsUsbFlt - ok
17:18:53.0730 5196  [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
17:18:53.0746 5196  TsUsbGD - ok
17:18:53.0762 5196  [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
17:18:53.0777 5196  tunnel - ok
17:18:53.0793 5196  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
17:18:53.0808 5196  uagp35 - ok
17:18:53.0808 5196  [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
17:18:53.0840 5196  UASPStor - ok
17:18:53.0887 5196  [ AA48AEC5CEB2AA8ED1B1A5758B017F72 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
17:18:53.0918 5196  UCX01000 - ok
17:18:53.0980 5196  [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
17:18:54.0012 5196  udfs - ok
17:18:54.0058 5196  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
17:18:54.0074 5196  UI0Detect - ok
17:18:54.0230 5196  [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
17:18:54.0246 5196  uliagpkx - ok
17:18:54.0246 5196  [ 02CEB3FE6152668A7BA420B93B664860 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
17:18:54.0262 5196  umbus - ok
17:18:54.0277 5196  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
17:18:54.0293 5196  UmPass - ok
17:18:54.0324 5196  [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
17:18:54.0340 5196  UmRdpService - ok
17:18:54.0574 5196  [ DBE2E6388379D5CC78099650541E9566 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:18:54.0590 5196  UNS - ok
17:18:54.0605 5196  [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost        C:\WINDOWS\System32\upnphost.dll
17:18:54.0637 5196  upnphost - ok
17:18:54.0683 5196  [ 30F02F642C2D141CAABD412B48A29D76 ] usb3Hub         C:\WINDOWS\System32\drivers\usb3Hub.sys
17:18:54.0699 5196  usb3Hub - ok
17:18:54.0762 5196  [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
17:18:54.0793 5196  usbccgp - ok
17:18:54.0808 5196  [ B395B62B62F28106218FA6FB17F4C797 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
17:18:54.0840 5196  usbcir - ok
17:18:54.0871 5196  [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
17:18:54.0887 5196  usbehci - ok
17:18:55.0027 5196  [ ADBF89B8E0BB372FEFE2E4B84E1E20AE ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
17:18:55.0058 5196  usbhub - ok
17:18:55.0090 5196  [ C5986337DE3BF63ABD9ED4D834D34B89 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
17:18:55.0105 5196  USBHUB3 - ok
17:18:55.0121 5196  [ 325F6179009B5A7F6118951A5BA422AB ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
17:18:55.0137 5196  usbohci - ok
17:18:55.0168 5196  [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
17:18:55.0183 5196  usbprint - ok
17:18:55.0183 5196  [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
17:18:55.0199 5196  USBSTOR - ok
17:18:55.0230 5196  [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
17:18:55.0246 5196  usbuhci - ok
17:18:55.0262 5196  [ 75357960FD491E12416342CA12975FDA ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
17:18:55.0277 5196  usbvideo - ok
17:18:55.0324 5196  [ 8ABF3C3ED6BF5ED15DC947795FF6ACAC ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
17:18:55.0340 5196  USBXHCI - ok
17:18:55.0355 5196  [ 6E0E63801FBEF27995107B8269BCFAAD ] VaultSvc        C:\WINDOWS\system32\lsass.exe
17:18:55.0355 5196  VaultSvc - ok
17:18:55.0402 5196  [ 3EEBF3C348C3DEB4CF6F10F2E6E222CD ] VClone          C:\WINDOWS\system32\DRIVERS\VClone.sys
17:18:55.0418 5196  VClone - ok
17:18:55.0465 5196  [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
17:18:55.0480 5196  vdrvroot - ok
17:18:55.0683 5196  [ 8A8CDA9E3CF2E0B4C6CC19FBC6FB9A71 ] vds             C:\WINDOWS\System32\vds.exe
17:18:55.0715 5196  vds - ok
17:18:55.0746 5196  [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
17:18:55.0840 5196  VerifierExt - ok
17:18:55.0871 5196  [ 8628FA679F0EC4B709CCD1F6B6A3233B ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
17:18:55.0902 5196  vhdmp - ok
17:18:55.0918 5196  [ F5B4A14B00E89250C50982AC762DDD1D ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
17:18:55.0933 5196  viaide - ok
17:18:56.0199 5196  [ A87EA7A4ABC27B8F22F905C2C386A9C2 ] vm331avs        C:\WINDOWS\System32\Drivers\vm331avs.sys
17:18:56.0230 5196  vm331avs - ok
17:18:56.0246 5196  [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
17:18:56.0262 5196  vmbus - ok
17:18:56.0262 5196  [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
17:18:56.0277 5196  VMBusHID - ok
17:18:56.0309 5196  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
17:18:56.0324 5196  vmicheartbeat - ok
17:18:56.0387 5196  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
17:18:56.0402 5196  vmickvpexchange - ok
17:18:56.0418 5196  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
17:18:56.0434 5196  vmicrdv - ok
17:18:56.0465 5196  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
17:18:56.0480 5196  vmicshutdown - ok
17:18:56.0496 5196  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
17:18:56.0512 5196  vmictimesync - ok
17:18:56.0527 5196  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
17:18:56.0543 5196  vmicvss - ok
17:18:56.0559 5196  [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
17:18:56.0559 5196  volmgr - ok
17:18:56.0621 5196  [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
17:18:56.0637 5196  volmgrx - ok
17:18:56.0652 5196  [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
17:18:56.0668 5196  volsnap - ok
17:18:56.0715 5196  [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
17:18:56.0715 5196  vpci - ok
17:18:56.0762 5196  [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
17:18:56.0793 5196  vsmraid - ok
17:18:56.0871 5196  [ EA658570314042C914964FC72AB50E6B ] VSS             C:\WINDOWS\system32\vssvc.exe
17:18:56.0918 5196  VSS - ok
17:18:56.0934 5196  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
17:18:56.0965 5196  VSTXRAID - ok
17:18:56.0980 5196  [ 62460A45435A26A334907E3F2EA45611 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
17:18:56.0996 5196  vwifibus - ok
17:18:57.0012 5196  [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
17:18:57.0027 5196  vwififlt - ok
17:18:57.0043 5196  [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
17:18:57.0059 5196  vwifimp - ok
17:18:57.0105 5196  [ F690B6EEAA94576727B24376D7ED3601 ] W32Time         C:\WINDOWS\system32\w32time.dll
17:18:57.0152 5196  W32Time - ok
17:18:57.0168 5196  [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
17:18:57.0184 5196  WacomPen - ok
17:18:57.0215 5196  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:18:57.0230 5196  Wanarp - ok
17:18:57.0246 5196  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:18:57.0246 5196  Wanarpv6 - ok
17:18:57.0434 5196  [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine        C:\WINDOWS\system32\wbengine.exe
17:18:57.0465 5196  wbengine - ok
17:18:57.0559 5196  [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
17:18:57.0590 5196  WbioSrvc - ok
17:18:57.0605 5196  [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
17:18:57.0637 5196  Wcmsvc - ok
17:18:57.0668 5196  [ 68C2831A05A339DA8462C6F45BFCB84C ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
17:18:57.0699 5196  wcncsvc - ok
17:18:57.0730 5196  [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
17:18:57.0746 5196  WcsPlugInService - ok
17:18:57.0777 5196  [ B3A4D918DAB90505B6BC7B70632913CB ] Wd              C:\WINDOWS\system32\drivers\wd.sys
17:18:57.0793 5196  Wd - ok
17:18:57.0840 5196  [ 6F4B5DDDC3B86091E94BC47347A78AF7 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
17:18:57.0855 5196  WdBoot - ok
17:18:58.0027 5196  [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
17:18:58.0059 5196  Wdf01000 - ok
17:18:58.0199 5196  [ 99D404A9A0AFC4734E014EBEBAC13F8F ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
17:18:58.0230 5196  WdFilter - ok
17:18:58.0293 5196  [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
17:18:58.0324 5196  WdiServiceHost - ok
17:18:58.0340 5196  [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
17:18:58.0372 5196  WdiSystemHost - ok
17:18:58.0388 5196  [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient       C:\WINDOWS\System32\webclnt.dll
17:18:58.0482 5196  WebClient - ok
17:18:58.0513 5196  [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
17:18:58.0607 5196  Wecsvc - ok
17:18:58.0622 5196  [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
17:18:58.0653 5196  wercplsupport - ok
17:18:58.0669 5196  [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
17:18:58.0685 5196  WerSvc - ok
17:18:58.0716 5196  [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
17:18:58.0778 5196  WFPLWFS - ok
17:18:58.0810 5196  [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
17:18:58.0841 5196  WiaRpc - ok
17:18:58.0857 5196  [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
17:18:58.0872 5196  WIMMount - ok
17:18:58.0935 5196  WinDefend - ok
17:18:59.0185 5196  [ 1369928779943B5C7AABA263E6E2BBC1 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
17:18:59.0216 5196  WinHttpAutoProxySvc - ok
17:18:59.0310 5196  [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
17:18:59.0341 5196  Winmgmt - ok
17:18:59.0435 5196  [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
17:18:59.0482 5196  WinRM - ok
17:18:59.0607 5196  [ CAC452B32656A0A51356912F4A9943CA ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
17:18:59.0638 5196  WlanSvc - ok
17:18:59.0763 5196  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
17:18:59.0794 5196  wlidsvc - ok
17:18:59.0872 5196  [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
17:18:59.0872 5196  WmiAcpi - ok
17:18:59.0966 5196  [ D113499052C5E541906B727779F0F959 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
17:18:59.0982 5196  wmiApSrv - ok
17:19:00.0013 5196  WMPNetworkSvc - ok
17:19:00.0044 5196  [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
17:19:00.0060 5196  wpcfltr - ok
17:19:00.0091 5196  [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
17:19:00.0107 5196  WPCSvc - ok
17:19:00.0122 5196  [ 39D8AB837F91B729D12D32ED81E2062F ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
17:19:00.0138 5196  WPDBusEnum - ok
17:19:00.0185 5196  [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
17:19:00.0185 5196  WpdUpFltr - ok
17:19:00.0232 5196  [ 58D492F986EC519ECDD54D93618758F8 ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
17:19:00.0247 5196  ws2ifsl - ok
17:19:00.0278 5196  [ 012CFE7F0F95266F554EE3B91EE2128A ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
17:19:00.0294 5196  wscsvc - ok
17:19:00.0294 5196  WSearch - ok
17:19:00.0435 5196  [ FEC16FE5EAC2D8CD4628B69667B90DE6 ] WSService       C:\WINDOWS\System32\WSService.dll
17:19:00.0497 5196  WSService - ok
17:19:00.0529 5196  [ 72B4E9DF6456C43C42A1419B09486045 ] wsvd            C:\WINDOWS\system32\DRIVERS\wsvd.sys
17:19:00.0529 5196  wsvd - ok
17:19:00.0716 5196  [ A8484C0CB54DB48180FB7CA00F1C3F8F ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
17:19:00.0763 5196  wuauserv - ok
17:19:00.0794 5196  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
17:19:00.0872 5196  WudfPf - ok
17:19:00.0919 5196  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
17:19:00.0935 5196  WUDFRd - ok
17:19:00.0966 5196  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
17:19:00.0966 5196  wudfsvc - ok
17:19:00.0982 5196  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:19:00.0982 5196  WUDFWpdFs - ok
17:19:01.0044 5196  [ 9FE55B90B1778C4FE351ECD1AEFD8AAF ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
17:19:01.0060 5196  WwanSvc - ok
17:19:01.0107 5196  [ 6FDEE5E0741A3FFA5E5772C6C94E3F64 ] XHCIPort        C:\WINDOWS\System32\drivers\XHCIPort.sys
17:19:01.0122 5196  XHCIPort - ok
17:19:01.0450 5196  [ 97D3DCBBF3915782644DB56F5C191B9F ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
17:19:01.0497 5196  ZeroConfigService - ok
17:19:01.0513 5196  ================ Scan global ===============================
17:19:01.0560 5196  [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\WINDOWS\system32\basesrv.dll
17:19:01.0591 5196  [ B36597EF454D4FEA2F11429A9A1424BD ] C:\WINDOWS\system32\winsrv.dll
17:19:01.0669 5196  [ BD7C6949984D19AAA609896B675E7357 ] C:\WINDOWS\system32\sxssrv.dll
17:19:01.0779 5196  [ 754A2CC1F32107EA87CBD305ABE3E618 ] C:\WINDOWS\system32\services.exe
17:19:01.0779 5196  [Global] - ok
17:19:01.0779 5196  ================ Scan MBR ==================================
17:19:01.0779 5196  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
17:19:01.0857 5196  \Device\Harddisk0\DR0 - ok
17:19:01.0872 5196  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
17:19:02.0029 5196  \Device\Harddisk1\DR1 - ok
17:19:02.0029 5196  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
17:19:04.0497 5196  \Device\Harddisk2\DR2 - ok
17:19:04.0497 5196  ================ Scan VBR ==================================
17:19:04.0513 5196  [ 4442C0A6C04745FB6E5882AD4133A05F ] \Device\Harddisk0\DR0\Partition1
17:19:04.0513 5196  \Device\Harddisk0\DR0\Partition1 - ok
17:19:04.0591 5196  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition2
17:19:04.0607 5196  \Device\Harddisk0\DR0\Partition2 - ok
17:19:04.0622 5196  [ 3576A066638DE4368E512E7AEE32F839 ] \Device\Harddisk1\DR1\Partition1
17:19:04.0622 5196  \Device\Harddisk1\DR1\Partition1 - ok
17:19:04.0638 5196  [ 11404620863E9481F9F996EBF5D03552 ] \Device\Harddisk1\DR1\Partition2
17:19:04.0638 5196  \Device\Harddisk1\DR1\Partition2 - ok
17:19:04.0638 5196  [ 2329D268FF994D3EB6EE18350A84F366 ] \Device\Harddisk1\DR1\Partition3
17:19:04.0638 5196  \Device\Harddisk1\DR1\Partition3 - ok
17:19:04.0654 5196  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition4
17:19:04.0654 5196  \Device\Harddisk1\DR1\Partition4 - ok
17:19:04.0669 5196  [ DCCB985E07163A212446A9468661934B ] \Device\Harddisk1\DR1\Partition5
17:19:04.0669 5196  \Device\Harddisk1\DR1\Partition5 - ok
17:19:04.0701 5196  [ 89A8895BEFFDF5961B0DB76FE5E4FEBF ] \Device\Harddisk1\DR1\Partition6
17:19:04.0701 5196  \Device\Harddisk1\DR1\Partition6 - ok
17:19:04.0701 5196  [ 3C1D09618C14DEED12DF97684DBFA4A4 ] \Device\Harddisk2\DR2\Partition1
17:19:04.0701 5196  \Device\Harddisk2\DR2\Partition1 - ok
17:19:04.0716 5196  ============================================================
17:19:04.0716 5196  Scan finished
17:19:04.0716 5196  ============================================================
17:19:04.0716 3876  Detected object count: 1
17:19:04.0716 3876  Actual detected object count: 1
17:19:21.0670 3876  IAStorDataMgrSvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:19:21.0670 3876  IAStorDataMgrSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:19:25.0655 2448  Deinitialize success
         
PS: Danke für alles schon mal


Alt 07.06.2013, 18:15   #6
smeenk
/// Malwareteam / Visitor
 
'Advanced System Protector' und 'RegClean Pro' eingefangen - Standard

'Advanced System Protector' und 'RegClean Pro' eingefangen



Sieht schon ziemlich sauber aus

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

Alt 07.06.2013, 19:33   #7
Killerjockel
 
'Advanced System Protector' und 'RegClean Pro' eingefangen - Standard

'Advanced System Protector' und 'RegClean Pro' eingefangen



Hier das Ergebnis des AdwCleaner's
Angehängte Dateien
Dateityp: txt AdwCleaner[S1].txt (1.009 Bytes, 136x aufgerufen)

Geändert von Killerjockel (07.06.2013 um 19:43 Uhr)

Alt 07.06.2013, 19:41   #8
Killerjockel
 
'Advanced System Protector' und 'RegClean Pro' eingefangen - Standard

'Advanced System Protector' und 'RegClean Pro' eingefangen



Das habe ich noch gefunden.
Angehängte Dateien
Dateityp: log defogger_disable.log (474 Bytes, 120x aufgerufen)

Alt 07.06.2013, 20:02   #9
Killerjockel
 
'Advanced System Protector' und 'RegClean Pro' eingefangen - Standard

'Advanced System Protector' und 'RegClean Pro' eingefangen



SecurityCheck sagt:
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.64  
   x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
McAfee  Anti-Virus und Anti-Spyware   
Windows Defender                      
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 9  
 Java version out of Date! 
 Adobe Flash Player 	11.7.700.202  
 Adobe Reader XI  
 Mozilla Firefox (21.0) 
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         

Alt 07.06.2013, 20:50   #10
smeenk
/// Malwareteam / Visitor
 
'Advanced System Protector' und 'RegClean Pro' eingefangen - Standard

'Advanced System Protector' und 'RegClean Pro' eingefangen



Sieht alles sauber aus

Java ist veraltet.
Mach mal diese PluginCheck: https://www.mozilla.org/nl/plugincheck/‎
Veraltete Plugins aktualisieren lassen.

Erzähle mir ob Du noch einige Probleme merkst?

Alt 07.06.2013, 20:59   #11
Killerjockel
 
'Advanced System Protector' und 'RegClean Pro' eingefangen - Standard

'Advanced System Protector' und 'RegClean Pro' eingefangen



Hey, super! Vielen Dank! Vorhin ging mein Mousepad nicht (oder heißt das Trackpad :S - das vom Laptop, dass die Maus ersetzt :S). Keine Ahnung, nach'm Neustart ging's wieder. Ja, ich weiß nicht, woran's lag. Ich war grade dabei meine ganzen Programme auf's nicht mal drei Tage alte Laptop zu spielen und natürlich diiiiirekt den Laptop infiziert -.-
Naja, wie auch immer...
Ich werde mir jetzt noscript installieren und den McAfee wieder einschalten, der mit drauf war.
Hast du vielleicht sonst noch Tipps für mich, wie ich sowas in Zukunft vermeiden kann?

Alt 07.06.2013, 21:03   #12
smeenk
/// Malwareteam / Visitor
 
'Advanced System Protector' und 'RegClean Pro' eingefangen - Standard

'Advanced System Protector' und 'RegClean Pro' eingefangen



Zitat:
Zitat von Killerjockel Beitrag anzeigen
Hey, super! Vielen Dank!
Hast du vielleicht sonst noch Tipps für mich, wie ich sowas in Zukunft vermeiden kann?
Wir helfen Dir gerne hier auf Trojaner-Board



Wir räumen jetzt noch ein wenig auf und dann habe ich am Ende etwas Lesestoff für dich.


Tools deinstallieren

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: jetzt auf re-enable klicken.
  2. Downloade Dir bitte auf jeden Fall delfix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • DelFix entfernt u. a. alle verwendeten Programme und löscht sich abschließend selbst.
  3. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.


Abschließend noch Tipps zu folgenden Themen:
  • Systemupdates
  • Softwareupdates
  • Sicherheitssoftware
  • Sicheres Surfen
Lesestoff:
Systemupdates
Man kann es gar nicht oft genug erwähnen, wie wichtig es ist, sein System aktuell zu halten. Dein Auto bringst du ja auch regelmässig zur Inspektion in die Werkstatt. Stelle also bitte sicher, dass die Systemupdates aktiviert sind:
  • Bitte überprüfe, ob dein System Windows Updates automatisch herunter lädt:
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.


Lesestoff:
Softwareupdates
Ebenso wichtig wie die Systemprogramme ist auch die Software, die du täglich nutzt. Die folgende Liste gibt dir einen kleinen Überblick mit Links zu den Updates, welche Programme dringend aktuell gehalten werden müssen (falls du sie überhaupt installiert hast und nutzt), weil durch deren Sicherheitslücken oft Malware auf die Computer gelangen kann:Auch nicht gelistete Programme sind natürlich wichtig. Ob es für diese eine neue Version gibt, kannst du auf deren Herstellerwebseite oder ganz bequem mit diesen Tools überprüfen:


Lesestoff:
Sicherheitssoftware
Würde dich jemand nackt auf dem Motorrad auf der Autobahn überholen würdest du auch den Kopf schütteln. Dein Computer braucht auch einen Schutz vor den täglichen kleinen Angriffen durch Schädlinge. Neben hervorragenden kommerziellen Anti-Viren-Lösungen gibt es auch durchaus gute Schutzprogramme, die kostenfrei mit reduziertem Funktionsumfang erhältlich sind. Aber vorsicht, hier gilt nicht "je mehr desto besser". Was du brauchst ist genau einen Virenscanner mit Hintergrundwächter. Nicht mehr und nicht weniger. Es gibt hier viele Produkte auf dem Markt, die einem gute Dienste leisten. Ich persönlich empfehle dir Avast Free Antivirus. Es bietet relativ guten Schutz, bei wenig nerviger Werbung und installiert dir ein Browserplugin, das dich vor gefährlichen Webseiten warnt.
  • Wenn du deine Antivirenlösung wechseln solltest, findest du hier Tools mit denen du die Überreste nach der Deinstallation deines alten Scanners entfernen kannst.
  • Installiere niemals mehr als einen Virenscanner. Deren Hintergrundwächter würden sich gegenseitig behindern und dein System ausbremsen.
  • Ein Browserplugin, das dich vor betrügerischen Webseiten schützt, kann dir gute Dienste leisten, wenn du dich nicht gut auskennst (siehe oben).
  • Sorge dafür, dass deine Sicherheitslösung ständig up-to-date ist und sich automatisch Updates besorgt. Wenn du auf manuelle Updates setzt bist du meistens zu spät, da die Virendatenbanken oft täglich sogar mehrfach erneuert werden.
  • Einen zusätzlichen Schutz (und dieser wäre auch erlaubt) bietet ein spezieller Malwarescanner. Hier empfehle ich dir dringend Malwarebytes und einmal wöchentlich damit zu scannen. In der kostenpflichtigen Version hat es sogar einen Hintergrundwächter. Hierfür haben wir eine Anleitung für dich.
Zuletzt empfehle ich dir deine Daten regelmässig (am besten automatisch) zu sichern. Dies kann eine professionelle Backuplösung, externe Festplatten, Brennen auf DVDs oder Überspielen auf ein Online-Laufwerk wie z.B. Dropbox sein. Erzeuge so viele Kopien wie möglich und halte sie aktuell. Nur so bist du auf den schlimmsten Fall vorbereitet, wenn dein Computer - wodurch auch immer - unbrauchbar werden sollte. Leider passiert das ja immer unangekündigt und immer dann wenn man ihn am Nötigsten braucht. Also sorge vor!


Lesestoff:
Sicheres Surfen
Zunächst muss man sagen, dass es üblicherweise immer der menschliche Faktor ist, der es Malware ermöglicht auf einen Computer zu gelangen. Kaufst du Leuten, die an deiner Haustür klingeln, auch sofort ohne nachzudenken irgendwelches Zeug ab? Gewöhne dir daher zunächst einige Verhaltensregeln beim Surfen im Internet an:
  • Klicke nicht irgendwo hin, nur weil es bunt ist und leuchtet, in einer Ecke aufpoppt oder so aussieht, als wäre es eine Systemmeldung.
  • Lade dir keine illegale Software, keine Cracks, keine Keygens, keine Gametrainer usw ... die Webseiten, die so etwas anbieten, sind meist nicht seriös und die angeblichen Helfer sind meist verseuchter als du es dir ausmalen würdest. Es spielt dabei keine Rolle, ob du diese Dateien über einen Browser oder Filesharingprogramme beziehst.
  • Öffne keine Emailanhänge von Leuten, die du nicht kennst, Emails mit seltsamen Rechtschreibfehlern oder starte Dateien, die dir eine Webseite anbietet, ohne dass du sie wolltest.
  • Lasse niemand an deinem Computer surfen, der diese Regeln nicht auch befolgt.
  • Verlasse dich nicht darauf, dass dein Virenscanner schon alles findet. Keine Sicherheitslösung ist 100% sicher!

Aber selbst bei der peinlichen Einhaltung dieser Regeln kann es dennoch zu einer sogenannten Drive-By-Infektion kommen, bei der ein Schädling aus dem Schutzmechanismus des Webbrowsers ausbricht. Um die Sicherheit noch weiter zu erhöhen gibt es spezielle Schutzsoftware, die deinen Browser noch weiter absichert.
  • WOT (Web of trust) Dieses Add-On warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst. Hinweis: Avast enthält ein solches Plugin bereits.
  • Sandboxie schafft eine zusätzliche isolierte Programmumgebung, damit dein Browser wie ein Kleinkind im Sandkasten sicher ist. (Anleitung: Sandboxie)
  • Securebanking ist ein Software, die Verbindungen untersucht und dir meldet, wenn jemand "mithört". Wie der Name sagt, wurde es entwickelt, damit Onlinebanking wirklich sicher ist. Mehr Infos auf der Homepage: Secure Banking

Zuletzt denke bitte über die Benutzung eines alternativen Browsers nach. Programme, die nicht so oft verwendet werden, sind auch nicht so sehr im Focus der "bösen Jungs". D.h. du bist mit einem exotischen Browser eher auf der sicheren Seite. Grundsätzlich bist du erst einmal deutlich sicherer, wenn du nicht den Internet Explorer benutzt.



Damit wünsche ich dir noch viel Spaß beim Surfen im Internet

... und vielleicht möchtest du ja das Trojaner-Board unterstützen?

Grüße
Smeenk

Antwort

Themen zu 'Advanced System Protector' und 'RegClean Pro' eingefangen
advanced, advanced system protector, anleitung, bedrohungen, bereits, eingefangen, entferne, entfernen, gefangen, gen, informationen, leitung, protector, regclean, regclean pro, stelle, system



Ähnliche Themen: 'Advanced System Protector' und 'RegClean Pro' eingefangen


  1. Advanced System Protector
    Log-Analyse und Auswertung - 04.01.2015 (23)
  2. Windows 7: RegClean Pro (selbstständig) entfernt, jetzt Advanced-System Protector da
    Log-Analyse und Auswertung - 17.10.2014 (11)
  3. Win7 mit Advanced System Protector, System Speedup und vielen weiteren Plagegeistern
    Plagegeister aller Art und deren Bekämpfung - 10.06.2014 (12)
  4. RegClean Pro, Advanced System Protector und MyPC Backup sowie Video Converter
    Log-Analyse und Auswertung - 23.11.2013 (7)
  5. Advanced system protector und RegClean Pro und my backup eingefangen
    Plagegeister aller Art und deren Bekämpfung - 14.11.2013 (13)
  6. Advanced System Protector und RegClean- durch einfaches deinstallieren entfernt?
    Plagegeister aller Art und deren Bekämpfung - 08.11.2013 (15)
  7. Windows 7 Home Premium: Advanced System Protector und andere "Plagegeister" eingefangen
    Log-Analyse und Auswertung - 06.11.2013 (11)
  8. Advanced system protector und RegClean Pro eingefangen
    Plagegeister aller Art und deren Bekämpfung - 05.11.2013 (22)
  9. Probleme durch Advanced System Protector und RegClean Pro
    Log-Analyse und Auswertung - 04.11.2013 (11)
  10. win7 mit Befall:Systweak RegClean, Advanced System Protector und My PC Backup
    Log-Analyse und Auswertung - 01.11.2013 (15)
  11. Windows 7: Advanced System Protector & RegClean Pro infiziert
    Log-Analyse und Auswertung - 26.10.2013 (14)
  12. Advanced System Protector löchen
    Log-Analyse und Auswertung - 26.10.2013 (31)
  13. Win Vista Advanced System Protector & RegClean Pro
    Log-Analyse und Auswertung - 18.08.2013 (7)
  14. Windows 7: Advanced System Protector + RegClean Pro
    Log-Analyse und Auswertung - 15.08.2013 (7)
  15. Advanced System Protector
    Log-Analyse und Auswertung - 21.06.2013 (21)
  16. pc MÜLLT SICH ZU. evtl. regclean pro oder advanced system protector?
    Plagegeister aller Art und deren Bekämpfung - 07.05.2013 (9)
  17. Advanced System Protector löschen
    Plagegeister aller Art und deren Bekämpfung - 31.03.2013 (2)

Zum Thema 'Advanced System Protector' und 'RegClean Pro' eingefangen - Wie in der Überschrift schon steht, habe ich mir 'Advanced System Protector' und 'RegClean Pro' eingefangen. Sorry, habe erst jetzt das hier gesehen, ich erstelle grade alles. Der defogger hat - 'Advanced System Protector' und 'RegClean Pro' eingefangen...
Archiv
Du betrachtest: 'Advanced System Protector' und 'RegClean Pro' eingefangen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.