Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 09.06.2013, 10:46   #1
lachshappen
 
Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf - Standard

Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf



Hallo miteinander,

Kennt jemand dieses Phänomen?


Es schleichen sich immer wieder (ca. 5-6 mal am Tag) diese komischen Zeichen/Verknüpfungen einfach von selbst in die "Zuletzt Verwendet" Ansicht. Wenn ich drauf klicke heißt es, dass die Verknüpfung nicht gefunden werden kann. Es sind immer unterschiedlich Viele, so zwischen 5-15 Stück, erkenne auch keine Regelmäßigkeit wann die auftauchen.

Weiß jemand etwas dazu? Sollte man besorgt sein?

Alt 09.06.2013, 22:11   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf - Standard

Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf



Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die jemals fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!


Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 10.06.2013, 18:18   #3
lachshappen
 
Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf - Standard

Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf



Danke für den Hinweis! Malwarebyte hat bei mir in den letzten 12 Monaten nichts gefunden, aber es gab im April zwei Entdeckungen von McAffee:



Sollte aber nicht damit zusammenhängen oder? Die wurden ja (zumindest laut McAffee) isoliert.
__________________

Alt 10.06.2013, 22:41   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf - Standard

Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf



Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Die Logs der aufgegebenen Tools wie zB Malwarebytes sind immer zu posten - egal ob ein Fund dabei war oder nicht!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.


Erstmal eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in CODE-Tags in den Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 11.06.2013, 08:04   #5
lachshappen
 
Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf - Standard

Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf



alles klar, habe den scan mal durchlaufen lassen.
hier die logs:

Extras:
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 11.06.2013 08:39:44 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\computer\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,90 Gb Total Physical Memory | 4,58 Gb Available Physical Memory | 57,95% Memory free
15,79 Gb Paging File | 12,43 Gb Available in Paging File | 78,73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 679,00 Gb Total Space | 261,41 Gb Free Space | 38,50% Space Free | Partition Type: NTFS
 
Computer Name: computer-PC | User Name: computer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\ProgramData\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = C:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = C:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = C:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = C:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D14B239-8D66-440E-A945-0D4001F7FABD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{0F3DAEB8-E11F-42F1-AA84-C82BB34C068E}" = rport=138 | protocol=17 | dir=out | app=system | 
"{15A62134-7E13-42CF-A15B-C6787D3C5FB2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{1A31475E-1A71-4429-A6DC-DA423D8F2AAF}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{2915D83B-08FC-4D58-A1CD-433DB70250DC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{2F18575F-0600-4129-AB65-0785D17D3F08}" = lport=9700 | protocol=6 | dir=in | name=syncup_tcp_9700 | 
"{31BE54B6-26C9-4AB3-B29E-A4D8B162934A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{39938D3F-253B-43A8-A9D1-C6EDF2CCFFFA}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{409E29C9-D5C5-412D-9F46-AEEF33AB3DB4}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{4139D392-EBDA-496C-912F-2EEC32FD1086}" = lport=137 | protocol=17 | dir=in | app=system | 
"{663CBDFE-F086-477D-B03C-556D376E64C9}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | 
"{6D59457A-4475-4822-9089-B9A65898F460}" = lport=445 | protocol=6 | dir=in | app=system | 
"{7641D34F-7E9B-4241-BACD-210A4EEEA2A3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{777F8170-BAFF-4510-B115-175336AB4EB2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{83BD48FD-1D6E-4B74-8B2D-6293F5698AC9}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{84E11FF0-DB55-466C-BE88-98AA06CDDB8A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{931F57A8-ADC6-44BD-A48B-30F24CA83486}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{98234EC8-7C63-4E0F-9D31-33A99C2982F0}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{9D253799-F763-465B-8A2A-14D2FFB9E6EA}" = lport=9702 | protocol=6 | dir=in | name=syncup_tcp_9702 | 
"{A24105DB-281F-4502-8603-563CA12DC15F}" = lport=9701 | protocol=6 | dir=in | name=syncup_tcp_9701 | 
"{A53B3B19-2136-4277-B474-1A8E26A5C795}" = rport=139 | protocol=6 | dir=out | app=system | 
"{A6E89C3A-797D-4301-9A13-CCEC36634C22}" = rport=445 | protocol=6 | dir=out | app=system | 
"{C8F047AA-2C04-4CA8-8515-3F2D11F00C26}" = rport=137 | protocol=17 | dir=out | app=system | 
"{CDCCE2DE-77F5-43F0-A416-F80A71BEBDCF}" = lport=138 | protocol=17 | dir=in | app=system | 
"{D94AA84A-5955-4AEA-A366-C0A2A515DAE2}" = lport=9700 | protocol=17 | dir=in | name=syncup_udp_9700 | 
"{E06EC1CC-9BB3-4866-B19E-60D54A0A20AE}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | 
"{E79A9B39-40AB-4370-9A40-B2318CF94F39}" = lport=810 | protocol=17 | dir=in | name=firstclass client | 
"{F53740FC-8FA6-4347-BB14-4B90212D947A}" = lport=139 | protocol=6 | dir=in | app=system | 
"{F6157F38-5A30-4565-986C-2551A7D567FD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{159F80F0-841E-465A-9473-A9B7116AF903}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{223CC236-6292-43E1-875C-F74E1ED5A807}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{22427539-C60A-4C42-AE02-C32F1BBECAE6}" = dir=in | app=c:\program files (x86)\dell\videostage\videostage.exe | 
"{24E13F28-E238-4AA1-87C1-38ED09456030}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremote.exe | 
"{25D26E3A-4404-4FC5-BFAD-88155D282FD2}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{26BBE5B1-DDA4-4DDA-ACB6-7BB147E36662}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe | 
"{26CCB4D7-A1D4-495A-80D3-1643F5278E26}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{2F91AC72-5293-4FEF-9F34-0158D48F97CB}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{311AD2A8-348D-4F7F-8C45-8A211E6806C2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{374A5A44-D74E-4F2C-8B89-3A0E50880144}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{3BD9D0E4-834B-410C-B3D1-0D48B0787699}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{3DDDA76E-959C-45FC-BECA-1D6CA14C166C}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\controller.exe | 
"{446B1E25-1280-4E4F-A71A-9DD7A1D89A62}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{4A94CBEE-1C45-4F71-AA4C-B561F3E5207A}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{4C789BE5-6B77-4FC5-A2CE-F46A427474A5}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\installerhelp.exe | 
"{4D69A39E-0E3E-4B8D-A096-DD16C8A6D579}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{571A3959-691F-4B91-9FD1-1E8A63CF8B06}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{57ECB1C4-3308-4F0A-B380-7505899C6D6D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{606D6053-05E6-4BEB-B15B-2E4D867EDA52}" = protocol=6 | dir=in | app=c:\users\computer\appdata\roaming\dropbox\bin\dropbox.exe | 
"{610A9D28-2E8E-4559-AE87-6FFD7E440149}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{671AF3AC-3C3E-43E1-8218-76F30ED2C502}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{6D76A7F6-E302-4072-8D96-FE2577345DD2}" = protocol=17 | dir=in | app=c:\users\computer\appdata\roaming\dropbox\bin\dropbox.exe | 
"{71F95CD0-B43C-4140-9CC5-ED2D532422F1}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{7E2B2AF4-F228-4981-B251-E40D5D231A17}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{8246FC97-9110-4EDE-963F-0F1BC54D2B8C}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{8C891216-20F4-4EE7-A32A-F3BFBE1C2106}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{8DFAED6E-C6D7-4D1E-8A5B-69A06A39952B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{8E09EBD1-CDD0-4B12-9032-F67316F95D1C}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\installerhelp.exe | 
"{8F54302C-7376-4E19-8BC6-ED29CE67FF27}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{9280A4D5-A86B-43C2-8AAA-5D8E7B300FE8}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{938C0749-03A2-4C95-8353-A33FDC2301A9}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{94B9044E-AE54-46EE-A511-078E06DFB79E}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\dmr.exe | 
"{98AF2782-6082-4915-9997-DF7D099C5B18}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\dmr.exe | 
"{AB940A14-2247-4ED8-8ECA-B25B92D78D03}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{ABA8E356-C72B-4788-972E-E738589DA765}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{B3BFA51A-06D8-4D5D-89C8-0646826DC4D7}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe | 
"{B6A6E7D8-5841-4C20-A5BE-760E3BB48655}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{B74847EC-70CF-421F-BCDF-88AF1B6FDB07}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremote.exe | 
"{BB22F136-9FFB-4EDE-B687-1F906F618C9A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{C40D8EBA-E9D2-40B3-A373-6D25E07B1D91}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{CA851A77-A531-4360-9E18-65C8A1174637}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{D17432EB-08D0-4A5F-968D-B13A4AF4224C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{D228C48A-4995-411B-805F-1063B5916DCB}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{D8F35086-91F9-45EA-AE61-C830C4A1BF48}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{E4FBCCB5-44B4-4E38-848D-153FBAEEF3DC}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\controller.exe | 
"{E6CD20E5-C78E-4641-99FB-C9A597CA04B8}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{EABB5FEF-5949-4D37-9DD7-3C66C3D628B5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{EBD4DD37-1159-485F-AB03-E25192643E39}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{F8F2FFA4-B408-4B35-B608-FCF06861D509}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{F9617B91-BCDC-4D0E-BB8B-740432A853CD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{FE423B8C-9E05-4EA1-9E0A-533D6AED2BA9}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | 
"{FE522792-92EA-4C69-9D21-34479A4FBE8A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{25FBDA9A-E868-4B3B-B9FF-D923818511A1}" = Intel(R) PROSet/Wireless WiFi-Software
"{26A24AE4-039D-4CA4-87B4-2F86416027FF}" = Java(TM) 6 Update 27 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417021FF}" = Java 7 Update 21 (64-bit)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}" = NetSpeedMonitor 2.5.4.0 x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support
"{9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E}" = iTunes
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 268.30
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 268.30
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 268.30
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.0
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PC-Doctor for Windows" = My Dell
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{3255BC3F-32BA-41ED-93A0-B9AEB6CDD9E6}" = Dell MusicStage
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39D5010F-1F25-4C5F-9A3C-1BD4304A855D}" = FirstClass Client
"{40F06490-8C14-43AA-99D3-EEEFDBAC3CFC}" = SyncUP
"{416DFEDD-9F1B-4EFC-AF70-FCA891AE0251}" = Adobe InDesign CS
"{44257960-C5CC-45BA-8E83-524E4A0F3FD5}" = Cisco AnyConnect VPN Client
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{56A0DD94-47D9-4AC8-B5A1-8A8CA77C4B89}" = Dell Stage
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7E2E123E-A0E7-40B4-B6B2-7F6B81312B77}" = Passware Kit Enterprise 9.0
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{7FB00B6B-6843-97EC-EED6-78BD6D35370A}" = Zinio Reader 4
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 5.2.0
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86B3F2D6-AC2B-0016-8AE1-F2F77F781B0C}" = EndNote X6
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = AccelerometerP11
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A8B88634-7F90-402F-B66A-86429755F6A5}" = eBay
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.7) MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF4D3C63-009B-4A17-B02E-D395065DD3F0}" = Dell Stage Remote
"{AF8FEA18-45B9-4DE0-8CA1-A98125423A93}" = Markstrat Team
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{C2530D63-B66B-48B5-BB50-7C6281FE7AA6}" = Brother MFL-Pro Suite MFC-7420
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D92C9CCE-E5F0-4125-977A-0590F3225B74}" = SyncUP
"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage 
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Anki" = Anki
"ASIO4ALL" = ASIO4ALL
"BitLord" = BitLord 2.0
"CDex" = CDex extraction audio
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cool Edit Pro 2.1" = Cool Edit Pro 2.1
"DAEMON Tools Lite" = DAEMON Tools Lite
"Deckadance" = Deckadance
"Dell Webcam Central" = Dell Webcam Central
"FL Studio 10" = FL Studio 10
"foobar2000" = foobar2000 v1.1.8
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 5.0.24.430
"freeocr_is1" = FreeOCR v4.2
"IL Download Manager" = IL Download Manager
"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage 
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mozilla Firefox 21.0 (x86 en-US)" = Mozilla Firefox 21.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee SecurityCenter
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"OpenVPN" = OpenVPN 2.2.2
"Orbit_is1" = Orbit Downloader
"ProInst" = Intel PROSet Wireless
"Rainmeter" = Rainmeter
"ResearchSoft Direct Export Helper" = ResearchSoft Direct Export Helper
"VeryDOC Screenshot Reader OCR v2.2_is1" = VeryDOC Screenshot Reader OCR v2.2
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite" = Windows Live Essentials
"xp-AntiSpy" = xp-AntiSpy 3.97-11
"ZinioReader4" = Zinio Reader 4
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"RapidMiner 5" = RapidMiner 5
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 08.06.2013 05:16:13 | Computer Name = computer-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 08.06.2013 05:33:51 | Computer Name = computer-PC | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
 took longer than 90000 ms to complete a request.    The process will be terminated.
Thread
 id : 3272 (0xcc8)    Thread address : 0x00000000774D164A    Thread message :      Build VSCORE.15.1.0.520
 / 5500.1093   Object being scanned = \Device\HarddiskVolume3\Program Files (x86)\Dell
 DataSafe Local Backup\Components\DSUpdate\UpdateWorkingDirectory\DSL\Components\ProtectRP\Protect\AUTORUN.INF

 by C:\Users\computer\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe   4(0)(0)   4(0)(0)   
7200(0)(0)   7595(0)(0)   7005(0)(0)   7004(0)(0)   5006(0)(0)   5004(0)(0)  
 
Error - 08.06.2013 10:54:33 | Computer Name = computer-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 08.06.2013 15:13:21 | Computer Name = computer-PC | Source = MsiInstaller | ID = 11609
Description = 
 
Error - 08.06.2013 15:13:20 | Computer Name = computer-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Die Anwendung oder der Dienst "Internet Explorer" konnte nicht heruntergefahren
 werden.
 
Error - 08.06.2013 15:13:20 | Computer Name = computer-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Die Anwendung oder der Dienst "Internet Explorer" konnte nicht heruntergefahren
 werden.
 
Error - 08.06.2013 17:22:55 | Computer Name = computer-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 21.0.0.4879,
 Zeitstempel: 0x518ec367  Name des fehlerhaften Moduls: mozalloc.dll, Version: 21.0.0.4879,
 Zeitstempel: 0x518eaa4a  Ausnahmecode: 0x80000003  Fehleroffset: 0x00001988  ID des fehlerhaften
 Prozesses: 0x2208  Startzeit der fehlerhaften Anwendung: 0x01ce64860ef9d542  Pfad der
 fehlerhaften Anwendung: C:\ProgramData\Mozilla Firefox\plugin-container.exe  Pfad
 des fehlerhaften Moduls: C:\ProgramData\Mozilla Firefox\mozalloc.dll  Berichtskennung:
 94d11e4f-d081-11e2-b3ad-848f69af3fd2
 
Error - 09.06.2013 02:54:40 | Computer Name = computer-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 10.06.2013 12:37:03 | Computer Name = computer-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 10.06.2013 18:40:03 | Computer Name = computer-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 10.06.2013 20:25:02 | Computer Name = computer-PC | Source = Microsoft-Windows-Defrag | ID = 257
Description = 
 
[ Cisco AnyConnect VPN Client Events ]
Error - 08.06.2013 11:34:53 | Computer Name = computer-PC | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::noticeHandler File: .\MainThread.cpp Line: 5283
Invoked
 Function: CMainThread::processNotice Return Code: -33161196 (0xFE060014) Description:
 ROUTEMGR_ERROR_PUBLIC_ADDRESS_UNAVAILABLE 
 
Error - 08.06.2013 11:34:53 | Computer Name = computer-PC | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::internalCallbackHandler File: .\MainThread.cpp
Line:
 5045 Invoked Function: CMainThread::noticeHandler Return Code: -33161196 (0xFE060014)
Description:
 ROUTEMGR_ERROR_PUBLIC_ADDRESS_UNAVAILABLE 
 
Error - 08.06.2013 11:34:53 | Computer Name = computer-PC | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::callbackHandler File: .\MainThread.cpp Line: 
4971 Invoked Function: internalCallbackHandler Return Code: -33161196 (0xFE060014)
Description:
 ROUTEMGR_ERROR_PUBLIC_ADDRESS_UNAVAILABLE 
 
Error - 09.06.2013 02:54:33 | Computer Name = computer-PC | Source = vpnagent | ID = 67108866
Description = Function: fileExists File: .\Utility\sysutils.cpp Line: 500 Invoked Function:
 _tstat Return Code: 2 (0x00000002) Description: Das System kann die angegebene Datei
 nicht finden.   File: C:\ProgramData\Cisco\Cisco AnyConnect VPN Client\InitialFirewallConfig.wfw
Error:
 No such file or directory
 
Error - 10.06.2013 12:36:50 | Computer Name = computer-PC | Source = vpnagent | ID = 67108866
Description = Function: fileExists File: .\Utility\sysutils.cpp Line: 500 Invoked Function:
 _tstat Return Code: 2 (0x00000002) Description: Das System kann die angegebene Datei
 nicht finden.   File: C:\ProgramData\Cisco\Cisco AnyConnect VPN Client\InitialFirewallConfig.wfw
Error:
 No such file or directory
 
Error - 10.06.2013 18:39:51 | Computer Name = computer-PC | Source = vpnagent | ID = 67108866
Description = Function: fileExists File: .\Utility\sysutils.cpp Line: 500 Invoked Function:
 _tstat Return Code: 2 (0x00000002) Description: Das System kann die angegebene Datei
 nicht finden.   File: C:\ProgramData\Cisco\Cisco AnyConnect VPN Client\InitialFirewallConfig.wfw
Error:
 No such file or directory
 
Error - 10.06.2013 18:40:19 | Computer Name = computer-PC | Source = vpnagent | ID = 67108866
Description = Function: CTlsTransport::OnTransportInitiateComplete File: .\IP\TlsTransport.cpp
Line:
 344 Invoked Function: ISocketTransportCB::OnTransportInitiateComplete Return Code:
 -31522780 (0xFE1F0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT 
 
Error - 10.06.2013 18:40:19 | Computer Name = computer-PC | Source = vpnagent | ID = 67108866
Description = Function: CHttpSessionAsync::OnTransportInitiateComplete File: .\IP\HttpSessionAsync.cpp
Line:
 1051 Invoked Function: ISocketTransportCB::OnTransportInitiateComplete Return Code:
 -31522780 (0xFE1F0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT 
 
Error - 10.06.2013 18:40:19 | Computer Name = computer-PC | Source = vpnagent | ID = 67108866
Description = Function: CHttpProbeAsync::OnOpenRequestComplete File: .\IP\HttpProbeAsync.cpp
Line:
 254 Invoked Function: CHttpSessionAsync::OnOpenRequestComplete Return Code: -31522780
 (0xFE1F0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT 
 
Error - 10.06.2013 18:40:19 | Computer Name = computer-PC | Source = vpnagent | ID = 67108866
Description = Function: CSocketTransport::OnTimerExpired File: .\IPC\SocketTransport.cpp
Line:
 1175 Invoked Function: CSocketTransport::postConnectProcessing Return Code: -31522780
 (0xFE1F0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT 
 
[ System Events ]
Error - 08.06.2013 10:56:31 | Computer Name = computer-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst SftService erreicht.
 
Error - 08.06.2013 10:57:01 | Computer Name = computer-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst SftService erreicht.
 
Error - 09.06.2013 02:55:21 | Computer Name = computer-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst SftService erreicht.
 
Error - 09.06.2013 02:55:51 | Computer Name = computer-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst SftService erreicht.
 
Error - 09.06.2013 15:59:12 | Computer Name = computer-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst SftService erreicht.
 
Error - 10.06.2013 12:37:26 | Computer Name = computer-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst SftService erreicht.
 
Error - 10.06.2013 12:37:56 | Computer Name = computer-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst SftService erreicht.
 
Error - 10.06.2013 12:42:31 | Computer Name = computer-PC | Source = Service Control Manager | ID = 7022
Description = Der Dienst "NVIDIA Update Service Daemon" wurde nicht richtig gestartet.
 
Error - 10.06.2013 18:40:28 | Computer Name = computer-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst SftService erreicht.
 
Error - 10.06.2013 18:40:58 | Computer Name = computer-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst SftService erreicht.
 
 
< End of report >
         
--- --- ---
[\Code]

und OTL:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 11.06.2013 08:39:44 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\computer\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,90 Gb Total Physical Memory | 4,58 Gb Available Physical Memory | 57,95% Memory free
15,79 Gb Paging File | 12,43 Gb Available in Paging File | 78,73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 679,00 Gb Total Space | 261,41 Gb Free Space | 38,50% Space Free | Partition Type: NTFS
 
Computer Name: computer-PC | User Name: computer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\computer\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\ProgramData\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
PRC - C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS)
PRC - C:\Program Files (x86)\BitLord 2\Bitlord files\bitlord.exe ()
PRC - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\ProgramData\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dd56ffc9d534de278c79420dcce058a4\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07cdef1a740151932dcf161f3306bd9c\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\70e2ca33ffa52c743285dc5b4910a229\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\31fce331fded94dd06627603f6fe4562\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7c94a121334aeca7553c7f01290740f0\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\_ssl.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\_hashlib.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\pyexpat.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\_ctypes.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\_socket.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\select.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\bitlord.exe ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\cairo._cairo.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\gtk._gtk.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\gio._gio.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\gobject._gobject.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\glib._glib.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\atk.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\pango.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\gtk.glade.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\pangocairo.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\lib\gtk-2.0\2.10.0\engines\libwimp.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\libxml2-2.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\zlib1.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\libpng14-14.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\libpangocairo-1.0-0.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\libcairo-2.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\freetype6.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\libfontconfig-1.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\libglade-2.0-0.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\libffi-5.dll ()
MOD - c:\program files (x86)\bitlord 2\bitlord files\pyopenssl-0.12-py2.6-win32.egg\OpenSSL\crypto.pyd ()
MOD - c:\program files (x86)\bitlord 2\bitlord files\pyopenssl-0.12-py2.6-win32.egg\OpenSSL\SSL.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\pyHook._cpyHook.pyd ()
MOD - c:\program files (x86)\bitlord 2\bitlord files\pyopenssl-0.12-py2.6-win32.egg\OpenSSL\rand.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\twisted.python._initgroups.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\winxpgui.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\win32gui.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\win32api.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\win32process.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\win32event.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\win32com.shell.shell.pyd ()
MOD - c:\program files (x86)\bitlord 2\bitlord files\zope.interface-3.6.2-py2.6-win32.egg\zope\interface\_zope_interface_coptimizations.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\libtorrent.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\libcef.dll ()
MOD - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
MOD - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll ()
MOD - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\pythoncom26.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\pywintypes26.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV:64bit: - (McODS) -- C:\Program Files\mcafee\virusscan\mcods.exe (McAfee, Inc.)
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McOobeSv) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (AMPPALR3) -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation)
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV:64bit: - (BTHSSecurityMgr) -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel(R) Corporation)
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (McAWFwk) -- c:\Program Files\mcafee\msc\McAWFwk.exe (McAfee, Inc.)
SRV:64bit: - (AERTFilters) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (OpenVPNService) -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe ()
SRV - (vpnagent) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (RoxWatch12) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe (Sonic Solutions)
SRV - (RoxMediaDB12OEM) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe (Sonic Solutions)
SRV - (NOBU) -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe (Dell, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (PCDSRVC{D3412D80-CF3B4A27-06020200}_0) -- c:\Program Files\My Dell\pcdsrvc_x64.pkms (PC-Doctor, Inc.)
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (HipShieldK) -- C:\Windows\SysNative\drivers\HipShieldK.sys (McAfee, Inc.)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (AMPPALP) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (AMPPAL) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (vpnva) -- C:\Windows\SysNative\drivers\vpnva64.sys (Cisco Systems, Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation)
DRV:64bit: - (Acceler) -- C:\Windows\SysNative\drivers\Accelern.sys (ST Microelectronics)
DRV:64bit: - (NvStUSB) -- C:\Windows\SysNative\drivers\nvstusb.sys ()
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel(R) Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (stdcfltn) -- C:\Windows\SysNative\drivers\stdcfltn.sys (ST Microelectronics)
DRV:64bit: - (qicflt) -- C:\Windows\SysNative\drivers\qicflt.sys (Quanta Computer)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {09B09277-592F-4F43-A07D-97825D126EFD}
IE:64bit: - HKLM\..\SearchScopes\{09B09277-592F-4F43-A07D-97825D126EFD}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {09B09277-592F-4F43-A07D-97825D126EFD}
IE - HKLM\..\SearchScopes\{09B09277-592F-4F43-A07D-97825D126EFD}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\..\SearchScopes,DefaultScope = {09B09277-592F-4F43-A07D-97825D126EFD}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: searchdictcc%40roughael:3.4
FF - prefs.js..extensions.enabledAddons: chineseperakun%40gmail.com:9.0.0
FF - prefs.js..extensions.enabledAddons: %7B1018e4d6-728f-4b20-ad56-37578a4de76b%7D:4.2.9
FF - prefs.js..extensions.enabledAddons: anttoolbar%40ant.com:2.4.7.8
FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.8
FF - prefs.js..extensions.enabledAddons: %7BE71B541F-5E72-5555-A47C-E47863195841%7D:1.0.33
FF - prefs.js..extensions.enabledAddons: firefox%40ghostery.com:2.9.5
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {ca8b7b3d-b6e6-438f-b935-601b3de48d66}:1.1.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..network.proxy.http: "localhost"
FF - prefs.js..network.proxy.http_port: 8118
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2013.03.08 20:29:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\ProgramData\Mozilla Firefox\components [2013.05.22 22:55:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\ProgramData\Mozilla Firefox\plugins [2013.05.17 07:24:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2012.10.23 19:26:29 | 000,000,000 | ---D | M]
 
[2011.10.19 11:51:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\Extensions
[2013.06.01 11:15:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\17gbtzdc.default\extensions
[2013.05.20 22:59:21 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\17gbtzdc.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2013.05.27 22:51:15 | 000,000,000 | ---D | M] ("SimilarSites") -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\17gbtzdc.default\extensions\{E71B541F-5E72-5555-A47C-E47863195841}
[2013.05.22 19:06:33 | 000,000,000 | ---D | M] (Ant Video Downloader) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\17gbtzdc.default\extensions\anttoolbar@ant.com
[2013.03.05 10:28:57 | 000,000,000 | ---D | M] (Perapera Chinese) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\17gbtzdc.default\extensions\chineseperakun@gmail.com
[2013.06.01 00:22:14 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\17gbtzdc.default\extensions\firefox@ghostery.com
[2013.05.25 15:22:47 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\17gbtzdc.default\extensions\ich@maltegoetz.de
[2011.10.19 12:07:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\8fprm7jq.default\extensions
[2011.10.19 12:07:53 | 000,000,000 | ---D | M] (Firefox Throttle) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\8fprm7jq.default\extensions\{ca8b7b3d-b6e6-438f-b935-601b3de48d66}
[2011.10.19 12:07:53 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\8fprm7jq.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2011.10.19 12:07:53 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\8fprm7jq.default\extensions\moveplayer@movenetworks.com
[2011.10.19 12:06:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\Profiles\8fprm7jq.default\extensions
[2011.10.19 12:06:53 | 000,000,000 | ---D | M] (Firefox Throttle) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\Profiles\8fprm7jq.default\extensions\{ca8b7b3d-b6e6-438f-b935-601b3de48d66}
[2011.10.19 12:06:55 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\Profiles\8fprm7jq.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2011.10.19 12:06:49 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\Profiles\8fprm7jq.default\extensions\moveplayer@movenetworks.com
[2011.10.19 12:06:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\Profiles\rgjaxaqa.profiltest\extensions
[2011.10.19 12:06:59 | 000,000,000 | ---D | M] (Firefox Throttle) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\Profiles\rgjaxaqa.profiltest\extensions\{ca8b7b3d-b6e6-438f-b935-601b3de48d66}
[2011.10.19 12:07:01 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\Profiles\rgjaxaqa.profiltest\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2011.10.19 12:06:57 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\Profiles\rgjaxaqa.profiltest\extensions\moveplayer@movenetworks.com
[2011.10.19 12:07:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\Profiles\trdez4g5.Standard-Benutzer\extensions
[2011.10.19 12:07:07 | 000,000,000 | ---D | M] (Firefox Throttle) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\Profiles\trdez4g5.Standard-Benutzer\extensions\{ca8b7b3d-b6e6-438f-b935-601b3de48d66}
[2011.10.19 12:07:05 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\Profiles\trdez4g5.Standard-Benutzer\extensions\moveplayer@movenetworks.com
[2011.10.19 12:07:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\rgjaxaqa.profiltest\extensions
[2011.10.19 12:07:54 | 000,000,000 | ---D | M] (Firefox Throttle) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\rgjaxaqa.profiltest\extensions\{ca8b7b3d-b6e6-438f-b935-601b3de48d66}
[2011.10.19 12:07:54 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\rgjaxaqa.profiltest\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2011.10.19 12:07:54 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\rgjaxaqa.profiltest\extensions\moveplayer@movenetworks.com
[2011.10.19 12:07:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\trdez4g5.Standard-Benutzer\extensions
[2011.10.19 12:07:54 | 000,000,000 | ---D | M] (Firefox Throttle) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\trdez4g5.Standard-Benutzer\extensions\{ca8b7b3d-b6e6-438f-b935-601b3de48d66}
[2011.10.19 12:07:54 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\trdez4g5.Standard-Benutzer\extensions\moveplayer@movenetworks.com
[2013.05.08 20:51:58 | 000,363,920 | ---- | M] () (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\firefox\profiles\17gbtzdc.default\extensions\client@anonymox.net.xpi
[2013.02.05 23:35:44 | 000,037,531 | ---- | M] () (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\firefox\profiles\17gbtzdc.default\extensions\searchdictcc@roughael.xpi
[2011.10.16 09:37:32 | 000,688,596 | ---- | M] () (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\firefox\profiles\Profiles\trdez4g5.Standard-Benutzer\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2011.10.16 09:37:32 | 000,688,596 | ---- | M] () (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\firefox\profiles\trdez4g5.Standard-Benutzer\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2013.06.01 00:49:47 | 000,001,294 | ---- | M] () -- C:\Users\computer\AppData\Roaming\mozilla\firefox\profiles\17gbtzdc.default\searchplugins\delta.xml
[2013.03.05 10:23:50 | 000,002,194 | ---- | M] () -- C:\Users\computer\AppData\Roaming\mozilla\firefox\profiles\17gbtzdc.default\searchplugins\dictcn-.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20120628125926.dll (McAfee, Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\mcafee\msk\mskapbho.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120628125926.dll (McAfee, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] c:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Reg Error: Value error.)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: CC679CB8-DC4B-458B-B817-D447B3B6AC31 vpnweb.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{732B53D2-3BD4-4138-A307-29C79BF326C9}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF550B30-AFE2-42ED-946E-91776320BC3E}: DhcpNameServer = 131.188.0.10 131.188.0.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F51CF875-AAFC-4AE2-931B-4F6B47B37068}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.11 08:33:26 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{56045CB7-84B4-4102-87A2-D6E104B8101D}
[2013.06.11 00:44:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013.06.10 19:12:34 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\www.rene-zeidler.de
[2013.06.10 19:12:23 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Roaming\www.rene-zeidler.de
[2013.06.10 19:12:23 | 000,000,000 | ---D | C] -- C:\ProgramData\www.rene-zeidler.de
[2013.06.10 18:38:49 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{A350EC4D-2696-41E7-ADD1-9F9CB76C3739}
[2013.06.09 11:40:27 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{6CB90E29-D115-4EE9-A41C-41F6FB6C002E}
[2013.06.09 08:58:10 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{B0A3460A-2B45-4B98-B3F5-8523228F85D9}
[2013.06.08 16:58:35 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{30FA9937-99B7-462A-BBD0-36BCBF3E715D}
[2013.06.08 02:01:29 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{504AB5DD-6BFB-43B2-9F91-0C0EBEB82BC5}
[2013.06.07 08:44:11 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{A4E5E653-940D-46E8-840C-F0A5C028F420}
[2013.06.06 12:07:29 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{9A378F42-0D58-4A34-952C-385186D2B08E}
[2013.06.05 21:09:14 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{0AB6B7CC-097E-48B4-B403-2042CC4EA4C0}
[2013.06.05 09:08:38 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{4559D3B8-F810-4EAE-9A9D-BDFFC940B833}
[2013.06.04 23:03:54 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{1329FACA-BF49-43BA-BAC4-94AACAADE709}
[2013.06.04 10:10:28 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{5D797357-AC60-4AC6-91BD-43F211D7DC8A}
[2013.06.03 19:40:07 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{ECD24CF3-4C6F-459F-83C9-E06D437F5EB1}
[2013.06.02 21:07:44 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{9A3B1493-997B-4F0F-8DFB-CB9148815F0A}
[2013.06.02 09:07:08 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{21A9A8EE-C978-4D2A-8B6C-87BA247381E5}
[2013.06.01 11:12:39 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{C7BFF9CD-5BE8-4317-810D-9B524515953A}
[2013.06.01 00:49:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2013.06.01 00:49:22 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Roaming\Babylon
[2013.06.01 00:49:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2013.06.01 00:49:00 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Roaming\OpenCandy
[2013.06.01 00:49:00 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Roaming\DVDVideoSoft
[2013.06.01 00:49:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2013.06.01 00:49:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2013.05.31 22:24:36 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{B7CE5765-A895-4300-8458-BD74A50EC8A7}
[2013.05.31 10:24:11 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{64A96FA1-1B03-472A-9925-6049E8B23D14}
[2013.05.30 21:33:02 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{358E25E0-C3B9-4EFF-B6B1-DA75A7CCC90E}
[2013.05.30 09:32:34 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{BF073587-0FC6-482D-B4FB-85E7EE2AE9B4}
[2013.05.29 19:53:50 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{B98F19D9-E362-4B2D-AB42-515C30E88034}
[2013.05.28 20:24:29 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{393A88E4-71A5-4036-9451-BB3B76F8F91F}
[2013.05.28 08:23:54 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{90A83983-3F87-4F5C-9531-385EC8F6C4BB}
[2013.05.27 18:26:40 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{4662F5BF-0BAB-4035-B676-26FCC0D24FA5}
[2013.05.26 22:34:29 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{3DE0B93A-8BE2-4583-8D9B-03D9F08B4DE1}
[2013.05.26 10:13:14 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{0DF4C8E9-8C6D-4FF3-93A8-0640DC7A58EF}
[2013.05.25 21:19:13 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{6AD57218-0CBE-4C06-8F07-5C9EE4D4977C}
[2013.05.25 09:18:44 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{6A17E2A5-67D8-417E-8CAC-0C1B17E040A7}
[2013.05.24 09:05:44 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{A0C41C97-2B6A-4041-B572-E410A7B1866D}
[2013.05.23 23:46:40 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{60BE6870-6999-4415-A3F6-38E4BA638A9C}
[2013.05.23 10:27:58 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{56535AFF-1F79-4BC4-9C5C-55EE6B0B6B1F}
[2013.05.23 09:18:21 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{E9B84A01-45C9-4BA4-990C-719311C3B1B0}
[2013.05.22 19:33:41 | 000,000,000 | ---D | C] -- C:\ProgramData\PC-Doctor for Windows
[2013.05.22 19:33:23 | 000,000,000 | ---D | C] -- C:\Program Files\My Dell
[2013.05.22 19:06:48 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{573D5491-A2D1-4513-BE5E-1A9CC58FDBD7}
[2013.05.21 22:18:45 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{5663EA0C-7EF4-49F5-A19C-A4F6C9CBA7E9}
[2013.05.21 10:18:18 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{A2911C14-8C3B-489A-8494-85E8294CA011}
[2013.05.20 14:56:58 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{95E69396-7275-4F1C-B0DA-33D887A33E1F}
[2013.05.20 02:17:06 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{2BF40231-38BC-4AA5-AFB0-4480E0BB6B16}
[2013.05.19 11:53:23 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{23F65F35-97E3-433B-8A2C-2006EEAFE4C8}
[2013.05.18 23:23:32 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{519255C4-EBD9-41AD-A366-5F04851EA8CD}
[2013.05.18 10:19:23 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{671EDE16-7DBF-4C0B-A6CF-AFB7AECCC1B5}
[2013.05.17 19:50:46 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{4F22DEFD-47C5-4717-832D-8621EC82194B}
[2013.05.17 01:32:00 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{F15EFB9A-65DE-4F93-8C79-5A91BCDCDE47}
[2013.05.16 10:13:00 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{9CE2653C-858B-48F4-BE2A-A1C302BC412F}
[2013.05.15 20:15:19 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{F2C66B82-FE8B-41BC-8A02-4318E9172FA7}
[2013.05.15 12:19:56 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{DF962501-0EBE-45DF-8B79-DA5CF7EA4AB4}
[2013.05.14 10:00:42 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{7B683760-5C9A-4250-A60B-EAD7B131691B}
[2013.05.13 19:37:48 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{7B636F4F-8720-4923-92B0-07FD5227D130}
[2013.05.12 22:03:21 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{AB01F1E8-3A12-439E-B127-515ACAF083BE}
[2013.05.12 10:02:41 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{83D4028C-3BE3-489F-9B83-A9EE9A5188F9}
[2 C:\Users\computer\Desktop\*.tmp files -> C:\Users\computer\Desktop\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.11 08:30:14 | 000,007,603 | ---- | M] () -- C:\Users\computer\AppData\Local\Resmon.ResmonCfg
[2013.06.11 08:26:05 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.11 07:56:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.11 00:47:18 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.11 00:47:18 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.11 00:40:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.11 00:39:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.11 00:39:37 | 2064,252,927 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.10 19:15:59 | 000,109,847 | ---- | M] () -- C:\Users\computer\Desktop\Untitled-2.jpg
[2013.06.09 09:08:24 | 000,077,958 | ---- | M] () -- C:\Users\computer\Desktop\Untitled-1.jpg
[2013.06.08 23:26:45 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.06.08 23:26:45 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.06.06 09:39:03 | 000,812,232 | ---- | M] () -- C:\Users\computer\Desktop\MASA.pdf
[2013.06.01 00:49:23 | 000,002,304 | ---- | M] () -- C:\Users\computer\Desktop\Free Video to MP3 Converter.lnk
[2013.05.28 14:29:41 | 000,006,122 | ---- | M] () -- C:\Users\computer\Documents\cc_20130528_142937.reg
[2013.05.27 18:58:09 | 001,621,308 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.05.27 18:58:09 | 000,700,418 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.05.27 18:58:09 | 000,655,090 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.05.27 18:58:09 | 000,149,182 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.05.27 18:58:09 | 000,121,962 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.05.18 18:54:34 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.05.17 07:24:03 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2 C:\Users\computer\Desktop\*.tmp files -> C:\Users\computer\Desktop\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.06.10 19:15:53 | 000,109,847 | ---- | C] () -- C:\Users\computer\Desktop\Untitled-2.jpg
[2013.06.09 09:08:22 | 000,077,958 | ---- | C] () -- C:\Users\computer\Desktop\Untitled-1.jpg
[2013.06.01 00:49:23 | 000,002,304 | ---- | C] () -- C:\Users\computer\Desktop\Free Video to MP3 Converter.lnk
[2013.05.28 14:29:39 | 000,006,122 | ---- | C] () -- C:\Users\computer\Documents\cc_20130528_142937.reg
[2013.04.05 20:53:10 | 000,000,218 | ---- | C] () -- C:\Users\computer\.recently-used.xbel
[2012.10.26 06:32:18 | 000,000,000 | ---- | C] () -- C:\Users\computer\AppData\Roaming\sc_switch.cfg
[2012.08.04 14:48:08 | 000,165,404 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012.08.01 20:29:44 | 000,000,132 | ---- | C] () -- C:\Users\computer\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2012.05.12 01:32:48 | 000,002,528 | ---- | C] () -- C:\Windows\FCIC.INI
[2012.01.10 19:21:59 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012.01.10 19:21:59 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD7420.DAT
[2012.01.10 19:10:29 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\BrMuSNMP.dll
[2011.12.18 16:38:28 | 059,525,617 | ---- | C] () -- C:\Users\computer\wangzong.wmv
[2011.10.21 08:40:07 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.10.20 19:26:45 | 000,007,603 | ---- | C] () -- C:\Users\computer\AppData\Local\Resmon.ResmonCfg
[2011.10.12 17:46:08 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011.10.12 17:45:23 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.10.12 17:45:21 | 000,216,876 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.10.12 17:45:20 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010.11.21 05:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010.11.21 05:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Files - Unicode (All) ==========
[2013.06.09 21:04:53 | 000,001,182 | ---- | M] ()(C:\Windows\SysNative\?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????-?????????????????????????????????????????????????????????3zales - You .mp3.lnk) -- C:\Windows\SysNative\㩃啜敳獲慜獩湥䑜睯汮慯獤䅜瑮嘠摩潥屳慧湩呜敨吠浥数⁲牔灡ⴠ匠敷瑥䐠獩潰楳楴湯⠠䅒⁃楍⥸椠䅒⁃*䡃偁䕔⁒乏⁅唨⁓敖獲潩⥮洮㍰猀ȴ牰ȴ熠ȴ烐ȴ瀀ȴ漰ȴ湠ȴ毰ȴ涐ȴ泀ȴ醈ȳ鉘ȳ邸ȳ迨ȳ蹈ȳ輘ȳ赸ȳ貨ȳ诘ȳ謈ȳ訸ȳ襨ȳ袘ȳ蟈ȳ蛸ȳ蘨ȳ蕘ȳ蒈ȳ莸ȳ犎楏ŀ耀Ǝ╥〲敔灭牥㈥吰慲╰〲┭〲睓敥╴〲楄灳獯瑩潩╮〲㈥券䍁㈥䴰硩㈥┹〲湩㈥到䍁㈥ⴰ㈥䌰䅈呐剅㈥估䕎㈥┰㠲单㈥嘰牥楳湯㈥⸹灭3zales - You .mp3.lnk
[2013.06.09 21:04:53 | 000,001,182 | ---- | C] ()(C:\Windows\SysNative\?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????-?????????????????????????????????????????????????????????3zales - You .mp3.lnk) -- C:\Windows\SysNative\㩃啜敳獲慜獩湥䑜睯汮慯獤䅜瑮嘠摩潥屳慧湩呜敨吠浥数⁲牔灡ⴠ匠敷瑥䐠獩潰楳楴湯⠠䅒⁃楍⥸椠䅒⁃*䡃偁䕔⁒乏⁅唨⁓敖獲潩⥮洮㍰猀ȴ牰ȴ熠ȴ烐ȴ瀀ȴ漰ȴ湠ȴ毰ȴ涐ȴ泀ȴ醈ȳ鉘ȳ邸ȳ迨ȳ蹈ȳ輘ȳ赸ȳ貨ȳ诘ȳ謈ȳ訸ȳ襨ȳ袘ȳ蟈ȳ蛸ȳ蘨ȳ蕘ȳ蒈ȳ莸ȳ犎楏ŀ耀Ǝ╥〲敔灭牥㈥吰慲╰〲┭〲睓敥╴〲楄灳獯瑩潩╮〲㈥券䍁㈥䴰硩㈥┹〲湩㈥到䍁㈥ⴰ㈥䌰䅈呐剅㈥估䕎㈥┰㠲单㈥嘰牥楳湯㈥⸹灭3zales - You .mp3.lnk
[2013.06.08 22:22:52 | 000,001,946 | ---- | M] ()(C:\Windows\SysNative\???????????????????????????3??????????????????????????????u?t?????????????????????????????????????????????????????????????Té??p?N?????????????????????????????????????????????????????????????????w?.mp3.lnk) -- C:\Windows\SysNative\㩃啜敳獲慜獩湥䑜睯汮慯獤䅜瑮嘠摩潥屳㜰吠敨䘠物睥牯⹫灭3罰ȹ脐ȹ聀ȹ纠ȹ緐ȹ紀ȹ簰ȹ筠ȹ皀ȹ窐ȹ秀ȹ磰ȹ砠ȹ睐ȹᰪu耀ŧӲӲӲӲӲӲ�Ӳ磐ʦ礸ʦ稈ʦ禠ʦ硨ʦӲ�Ӳ�ӲӲ�ӲӲӲӲ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�ӲӲ�ӲӲTéᰪp耀ŅӲӲӲӲӲӲ�Ӳ磐ʦ礸ʦ稈ʦ禠ʦ硨ʦӲ�Ӳ�ӲӲ�ӲӲӲӲ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�ӲӲ�ӲӲӲᰪw耀.mp3.lnk
[2013.06.08 22:22:52 | 000,001,946 | ---- | M] ()(C:\Windows\SysNative\??????????????????????????????3???????????????????????????u?t?????????????????????????????????????????????????????????????Té??p?N?????????????????????????????????????????????????????????????????w?.mp3.lnk) -- C:\Windows\SysNative\㩃啜敳獲慜獩湥䑜睯汮慯獤䅜瑮嘠摩潥屳㜰ⴠ传瑵漠⁦桴⁥潗摯⹳灭3ȹ聀ȹ纠ȹ緐ȹ紀ȹ簰ȹ筠ȹ皀ȹ窐ȹ秀ȹ磰ȹ砠ȹ睐ȹᰪu耀ŧӲӲӲӲӲӲ�Ӳ磐ʦ礸ʦ稈ʦ禠ʦ硨ʦӲ�Ӳ�ӲӲ�ӲӲӲӲ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�ӲӲ�ӲӲTéᰪp耀ŅӲӲӲӲӲӲ�Ӳ磐ʦ礸ʦ稈ʦ禠ʦ硨ʦӲ�Ӳ�ӲӲ�ӲӲӲӲ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�ӲӲ�ӲӲӲᰪw耀.mp3.lnk
[2013.06.08 22:22:52 | 000,001,946 | ---- | C] ()(C:\Windows\SysNative\???????????????????????????3??????????????????????????????u?t?????????????????????????????????????????????????????????????Té??p?N?????????????????????????????????????????????????????????????????w?.mp3.lnk) -- C:\Windows\SysNative\㩃啜敳獲慜獩湥䑜睯汮慯獤䅜瑮嘠摩潥屳㜰吠敨䘠物睥牯⹫灭3罰ȹ脐ȹ聀ȹ纠ȹ緐ȹ紀ȹ簰ȹ筠ȹ皀ȹ窐ȹ秀ȹ磰ȹ砠ȹ睐ȹᰪu耀ŧӲӲӲӲӲӲ�Ӳ磐ʦ礸ʦ稈ʦ禠ʦ硨ʦӲ�Ӳ�ӲӲ�ӲӲӲӲ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�ӲӲ�ӲӲTéᰪp耀ŅӲӲӲӲӲӲ�Ӳ磐ʦ礸ʦ稈ʦ禠ʦ硨ʦӲ�Ӳ�ӲӲ�ӲӲӲӲ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�ӲӲ�ӲӲӲᰪw耀.mp3.lnk
[2013.06.08 22:22:52 | 000,001,946 | ---- | C] ()(C:\Windows\SysNative\??????????????????????????????3???????????????????????????u?t?????????????????????????????????????????????????????????????Té??p?N?????????????????????????????????????????????????????????????????w?.mp3.lnk) -- C:\Windows\SysNative\㩃啜敳獲慜獩湥䑜睯汮慯獤䅜瑮嘠摩潥屳㜰ⴠ传瑵漠⁦桴⁥潗摯⹳灭3ȹ聀ȹ纠ȹ緐ȹ紀ȹ簰ȹ筠ȹ皀ȹ窐ȹ秀ȹ磰ȹ砠ȹ睐ȹᰪu耀ŧӲӲӲӲӲӲ�Ӳ磐ʦ礸ʦ稈ʦ禠ʦ硨ʦӲ�Ӳ�ӲӲ�ӲӲӲӲ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�ӲӲ�ӲӲTéᰪp耀ŅӲӲӲӲӲӲ�Ӳ磐ʦ礸ʦ稈ʦ禠ʦ硨ʦӲ�Ӳ�ӲӲ�ӲӲӲӲ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�ӲӲ�ӲӲӲᰪw耀.mp3.lnk
[2013.06.08 21:06:07 | 000,001,798 | ---- | M] ()(C:\Windows\SysNative\????????????????????4??????????4??????3????????????????3??-???????????????????????????????????????????????????????????????????Y?t?????-????????????????????3??4?????????8?????????????????????3(??Y?.mp3.lnk) -- C:\Windows\SysNative\㩃啜敳獲慜獩湥䑜睯汮慯獤䅜瑮嘠摩潥屳桇獯⁴敂捡⁨*敔牡唠⁳灁牡⁴*潙呵扵⹥灭3湉瑳畲敭瑮污删浥硩
*潙呵扵⹥灭3郓綰-褀楦敬⼺⼯㩃唯敳獲愯獩湥䐯睯汮慯獤䄯瑮㈥嘰摩潥⽳畆汬㈥䌰慲整㈥砰㈥䴰牡㈥ⴰ㈥丰扯摯╹〲汅敳㈥┰㠲汃扵㈥䔰楤╴㤲㈥ⴰ㈥夰畯畔敢洮㍰Ȁ郄綰Y耀ƫ獯╴〲敂捡╨〲┭〲敔牡㈥唰╳〲灁牡╴〲┭〲潙呵扵⹥灭3屳湁⁴楖敤獯䙜汵牃瑡⁥⁸慍⁲*潎潢祤䔠獬⁥䌨畬⁢摅瑩
*潙呵扵⹥灭3(邵綰Y耀.mp3.lnk
[2013.06.08 21:06:07 | 000,001,798 | ---- | M] ()(C:\Windows\SysNative\????????????????????????????????????4?????????????????????-???????????????????????????????????????????????????????????????????Y?t?????-????????????????????3??4?????????8?????????????????????3(??Y?.mp3.lnk) -- C:\Windows\SysNative\㩃啜敳獲慜獩湥䑜睯汮慯獤䅜瑮嘠摩潥屳楈牯䌠牨湯歩ⴠ匠楴汬䘠杯祧⠠潃浳湯畡⁴片捥歨敖獲潩⥮ⴠ夠畯畔敢洮㍰砀ɉ睐ɉ郓綰-褀楦敬⼺⼯㩃唯敳獲愯獩湥䐯睯汮慯獤䄯瑮㈥嘰摩潥⽳畆汬㈥䌰慲整㈥砰㈥䴰牡㈥ⴰ㈥丰扯摯╹〲汅敳㈥┰㠲汃扵㈥䔰楤╴㤲㈥ⴰ㈥夰畯畔敢洮㍰Ȁ郄綰Y耀ƫ獯╴〲敂捡╨〲┭〲敔牡㈥唰╳〲灁牡╴〲┭〲潙呵扵⹥灭3屳湁⁴楖敤獯䙜汵牃瑡⁥⁸慍⁲*潎潢祤䔠獬⁥䌨畬⁢摅瑩
*潙呵扵⹥灭3(邵綰Y耀.mp3.lnk
[2013.06.08 21:06:07 | 000,001,798 | ---- | M] ()(C:\Windows\SysNative\??????????????????????????????????????????????????????????-???????????????????????????????????????????????????????????????????Y?t?????????????????????????????4?????????8?????????????????????3(??Y?.mp3.lnk) -- C:\Windows\SysNative\㩃啜敳獲慜獩湥䑜睯汮慯獤䅜瑮嘠摩潥屳畆汬䌠慲整砠䴠牡ⴠ丠扯摯⁹汅敳⠠汃扵䔠楤⥴ⴠ夠畯畔敢洮㍰稀ɉ秀ɉ磰ɉ砠ɉ睐ɉ郓綰-褀楦敬⼺⼯㩃唯敳獲愯獩湥䐯睯汮慯獤䄯瑮㈥嘰摩潥⽳畆汬㈥䌰慲整㈥砰㈥䴰牡㈥ⴰ㈥丰扯摯╹〲汅敳㈥┰㠲汃扵㈥䔰楤╴㤲㈥ⴰ㈥夰畯畔敢洮㍰Ȁ郄綰Y耀ƫ楤杮愠渠睥䴠䱒琠敲散瑮漠敮㩳䌠尺獕牥屳楡敳屮潄湷潬摡屳湁⁴楖敤獯䙜汵牃瑡⁥⁸慍⁲*潎潢祤䔠獬⁥䌨畬⁢摅瑩
*潙呵扵⹥灭3(邵綰Y耀.mp3.lnk
[2013.06.08 21:06:07 | 000,001,798 | ---- | C] ()(C:\Windows\SysNative\????????????????????4??????????4??????3????????????????3??-???????????????????????????????????????????????????????????????????Y?t?????-????????????????????3??4?????????8?????????????????????3(??Y?.mp3.lnk) -- C:\Windows\SysNative\㩃啜敳獲慜獩湥䑜睯汮慯獤䅜瑮嘠摩潥屳桇獯⁴敂捡⁨*敔牡唠⁳灁牡⁴*潙呵扵⹥灭3湉瑳畲敭瑮污删浥硩
*潙呵扵⹥灭3郓綰-褀楦敬⼺⼯㩃唯敳獲愯獩湥䐯睯汮慯獤䄯瑮㈥嘰摩潥⽳畆汬㈥䌰慲整㈥砰㈥䴰牡㈥ⴰ㈥丰扯摯╹〲汅敳㈥┰㠲汃扵㈥䔰楤╴㤲㈥ⴰ㈥夰畯畔敢洮㍰Ȁ郄綰Y耀ƫ獯╴〲敂捡╨〲┭〲敔牡㈥唰╳〲灁牡╴〲┭〲潙呵扵⹥灭3屳湁⁴楖敤獯䙜汵牃瑡⁥⁸慍⁲*潎潢祤䔠獬⁥䌨畬⁢摅瑩
*潙呵扵⹥灭3(邵綰Y耀.mp3.lnk
[2013.06.08 21:06:07 | 000,001,798 | ---- | C] ()(C:\Windows\SysNative\????????????????????????????????????4?????????????????????-???????????????????????????????????????????????????????????????????Y?t?????-????????????????????3??4?????????8?????????????????????3(??Y?.mp3.lnk) -- C:\Windows\SysNative\㩃啜敳獲慜獩湥䑜睯汮慯獤䅜瑮嘠摩潥屳楈牯䌠牨湯歩ⴠ匠楴汬䘠杯祧⠠潃浳湯畡⁴片捥歨敖獲潩⥮ⴠ夠畯畔敢洮㍰砀ɉ睐ɉ郓綰-褀楦敬⼺⼯㩃唯敳獲愯獩湥䐯睯汮慯獤䄯瑮㈥嘰摩潥⽳畆汬㈥䌰慲整㈥砰㈥䴰牡㈥ⴰ㈥丰扯摯╹〲汅敳㈥┰㠲汃扵㈥䔰楤╴㤲㈥ⴰ㈥夰畯畔敢洮㍰Ȁ郄綰Y耀ƫ獯╴〲敂捡╨〲┭〲敔牡㈥唰╳〲灁牡╴〲┭〲潙呵扵⹥灭3屳湁⁴楖敤獯䙜汵牃瑡⁥⁸慍⁲*潎潢祤䔠獬⁥䌨畬⁢摅瑩
*潙呵扵⹥灭3(邵綰Y耀.mp3.lnk
[2013.06.08 21:06:07 | 000,001,798 | ---- | C] ()(C:\Windows\SysNative\??????????????????????????????????????????????????????????-???????????????????????????????????????????????????????????????????Y?t?????????????????????????????4?????????8?????????????????????3(??Y?.mp3.lnk) -- C:\Windows\SysNative\㩃啜敳獲慜獩湥䑜睯汮慯獤䅜瑮嘠摩潥屳畆汬䌠慲整砠䴠牡ⴠ丠扯摯⁹汅敳⠠汃扵䔠楤⥴ⴠ夠畯畔敢洮㍰稀ɉ秀ɉ磰ɉ砠ɉ睐ɉ郓綰-褀楦敬⼺⼯㩃唯敳獲愯獩湥䐯睯汮慯獤䄯瑮㈥嘰摩潥⽳畆汬㈥䌰慲整㈥砰㈥䴰牡㈥ⴰ㈥丰扯摯╹〲汅敳㈥┰㠲汃扵㈥䔰楤╴㤲㈥ⴰ㈥夰畯畔敢洮㍰Ȁ郄綰Y耀ƫ楤杮愠渠睥䴠䱒琠敲散瑮漠敮㩳䌠尺獕牥屳楡敳屮潄湷潬摡屳湁⁴楖敤獯䙜汵牃瑡⁥⁸慍⁲*潎潢祤䔠獬⁥䌨畬⁢摅瑩
*潙呵扵⹥灭3(邵綰Y耀.mp3.lnk

< End of report >
         
--- --- ---


Alt 11.06.2013, 09:16   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf - Standard

Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf



Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.
Code:
ATTFilter
:Files
C:\Windows\SysNative\*.mp3.lnk
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
         
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread
__________________
--> Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf

Alt 11.06.2013, 09:33   #7
lachshappen
 
Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf - Standard

Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf



hallo,

danke nochmal für die anweisungen, hier der log:

Code:
ATTFilter
All processes killed
========== FILES ==========
C:\Windows\SysNative\㩃啜敳獲慜獩湥䑜睯汮慯獤䅜瑮嘠摩潥屳㜰ⴠ传瑵漠⁦桴⁥潗摯⹳灭3ȹ聀ȹ纠ȹ緐ȹ紀ȹ簰ȹ筠ȹ皀ȹ窐ȹ秀ȹ磰ȹ砠ȹ睐ȹᰪu耀ŧӲӲӲӲӲӲ�Ӳ磐ʦ礸ʦ稈ʦ禠ʦ硨ʦӲ�Ӳ�ӲӲ�ӲӲӲӲ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�ӲӲ�ӲӲTéᰪp耀ŅӲӲӲӲӲӲ�Ӳ磐ʦ礸ʦ稈ʦ禠ʦ硨ʦӲ�Ӳ�ӲӲ�ӲӲӲӲ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�ӲӲ�ӲӲӲᰪw耀.mp3.lnk moved successfully.
C:\Windows\SysNative\㩃啜敳獲慜獩湥䑜睯汮慯獤䅜瑮嘠摩潥屳㜰吠敨䘠物睥牯⹫灭3罰ȹ脐ȹ聀ȹ纠ȹ緐ȹ紀ȹ簰ȹ筠ȹ皀ȹ窐ȹ秀ȹ磰ȹ砠ȹ睐ȹᰪu耀ŧӲӲӲӲӲӲ�Ӳ磐ʦ礸ʦ稈ʦ禠ʦ硨ʦӲ�Ӳ�ӲӲ�ӲӲӲӲ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�ӲӲ�ӲӲTéᰪp耀ŅӲӲӲӲӲӲ�Ӳ磐ʦ礸ʦ稈ʦ禠ʦ硨ʦӲ�Ӳ�ӲӲ�ӲӲӲӲ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�ӲӲ�ӲӲӲᰪw耀.mp3.lnk moved successfully.
C:\Windows\SysNative\㩃啜敳獲慜獩湥䑜睯汮慯獤䅜瑮嘠摩潥屳慧湩呜敨吠浥数⁲牔灡ⴠ匠敷瑥䐠獩潰楳楴湯⠠䅒⁃楍⥸椠䅒⁃*䡃偁䕔⁒乏⁅唨⁓敖獲潩⥮洮㍰猀ȴ牰ȴ熠ȴ烐ȴ瀀ȴ漰ȴ湠ȴ毰ȴ涐ȴ泀ȴ醈ȳ鉘ȳ邸ȳ迨ȳ蹈ȳ輘ȳ赸ȳ貨ȳ诘ȳ謈ȳ訸ȳ襨ȳ袘ȳ蟈ȳ蛸ȳ蘨ȳ蕘ȳ蒈ȳ莸ȳ犎楏ŀ耀Ǝ╥〲敔灭牥㈥吰慲╰〲┭〲睓敥╴〲楄灳獯瑩潩╮〲㈥券䍁㈥䴰硩㈥┹〲湩㈥到䍁㈥ⴰ㈥䌰䅈呐剅㈥估䕎㈥┰㠲单㈥嘰牥楳湯㈥⸹灭3zales - You .mp3.lnk moved successfully.
C:\Windows\SysNative\㩃啜敳獲慜獩湥䑜睯汮慯獤䅜瑮嘠摩潥屳桇獯⁴敂捡⁨*敔牡唠⁳灁牡⁴*潙呵扵⹥灭3湉瑳畲敭瑮污删浥硩
*潙呵扵⹥灭3郓綰-褀楦敬⼺⼯㩃唯敳獲愯獩湥䐯睯汮慯獤䄯瑮㈥嘰摩潥⽳畆汬㈥䌰慲整㈥砰㈥䴰牡㈥ⴰ㈥丰扯摯╹〲汅敳㈥┰㠲汃扵㈥䔰楤╴㤲㈥ⴰ㈥夰畯畔敢洮㍰Ȁ郄綰Y耀ƫ獯╴〲敂捡╨〲┭〲敔牡㈥唰╳〲灁牡╴〲┭〲潙呵扵⹥灭3屳湁⁴楖敤獯䙜汵牃瑡⁥⁸慍⁲*潎潢祤䔠獬⁥䌨畬⁢摅瑩
*潙呵扵⹥灭3(邵綰Y耀.mp3.lnk moved successfully.
C:\Windows\SysNative\㩃啜敳獲慜獩湥䑜睯汮慯獤䅜瑮嘠摩潥屳楈牯䌠牨湯歩ⴠ匠楴汬䘠杯祧⠠潃浳湯畡⁴片捥歨敖獲潩⥮ⴠ夠畯畔敢洮㍰砀ɉ睐ɉ郓綰-褀楦敬⼺⼯㩃唯敳獲愯獩湥䐯睯汮慯獤䄯瑮㈥嘰摩潥⽳畆汬㈥䌰慲整㈥砰㈥䴰牡㈥ⴰ㈥丰扯摯╹〲汅敳㈥┰㠲汃扵㈥䔰楤╴㤲㈥ⴰ㈥夰畯畔敢洮㍰Ȁ郄綰Y耀ƫ獯╴〲敂捡╨〲┭〲敔牡㈥唰╳〲灁牡╴〲┭〲潙呵扵⹥灭3屳湁⁴楖敤獯䙜汵牃瑡⁥⁸慍⁲*潎潢祤䔠獬⁥䌨畬⁢摅瑩
*潙呵扵⹥灭3(邵綰Y耀.mp3.lnk moved successfully.
C:\Windows\SysNative\㩃啜敳獲慜獩湥䑜睯汮慯獤䅜瑮嘠摩潥屳畆汬䌠慲整砠䴠牡ⴠ丠扯摯⁹汅敳⠠汃扵䔠楤⥴ⴠ夠畯畔敢洮㍰稀ɉ秀ɉ磰ɉ砠ɉ睐ɉ郓綰-褀楦敬⼺⼯㩃唯敳獲愯獩湥䐯睯汮慯獤䄯瑮㈥嘰摩潥⽳畆汬㈥䌰慲整㈥砰㈥䴰牡㈥ⴰ㈥丰扯摯╹〲汅敳㈥┰㠲汃扵㈥䔰楤╴㤲㈥ⴰ㈥夰畯畔敢洮㍰Ȁ郄綰Y耀ƫ楤杮愠渠睥䴠䱒琠敲散瑮漠敮㩳䌠尺獕牥屳楡敳屮潄湷潬摡屳湁⁴楖敤獯䙜汵牃瑡⁥⁸慍⁲*潎潢祤䔠獬⁥䌨畬⁢摅瑩
*潙呵扵⹥灭3(邵綰Y耀.mp3.lnk moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\computer\Downloads\cmd.bat deleted successfully.
C:\Users\computer\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: computer
->Temp folder emptied: 353567645 bytes
->Temporary Internet Files folder emptied: 83770811 bytes
->Java cache emptied: 4340698 bytes
->FireFox cache emptied: 88657569 bytes
->Flash cache emptied: 127595 bytes
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 79284 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50495 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 506,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.69.0 log created on 06112013_102653

Files\Folders moved on Reboot...
C:\Users\computer\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
         
Kannst du mir kurz sagen, was da gemacht wurde? ^^ und ob das ganze nach trojaner/virus aussieht?
Was hat es mit windows/sysnative auf sich? Fragen über Fragen..

Alt 11.06.2013, 10:49   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf - Standard

Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf



Das ist ein Systemverzeichnis, aber ich kann dir hier jetzt nicht die Funktion jedes einzelnen Windows-Ordners erklären.


Rootkitscan mit GMER

Bitte lade dir GMER Rootkit Scanner GMER herunter: (Dateiname zufällig)
  • Schließe alle anderen Programme, deaktiviere deinen Virenscanner und trenne den Rechner vom Internet bevor du GMER startest.
  • Sollte sich nach dem Start ein Fenster mit folgender Warnung öffnen:
    WARNING !!!
    GMER has found system modification, which might have been caused by ROOTKIT activity.
    Do you want to fully scan your system ?
    Unbedingt auf "No" klicken.
  • Entferne rechts den Haken bei: IAT/EAT und Show All
  • Setze den Haken bei Quickscan und entferne ihn bei allen anderen Laufwerken.
  • Starte den Scan mit "Scan".
  • Mache nichts am Computer während der Scan läuft.
  • Wenn der Scan fertig ist klicke auf Save und speichere die Logfile unter Gmer.txt auf deinem Desktop. Mit "Ok" wird GMER beendet.
Antiviren-Programm und sonstige Scanner wieder einschalten, bevor Du ins Netz gehst!


Tauchen Probleme auf?
  • Probiere alternativ den abgesicherten Modus.
  • Erhältst du einen Bluescreen, dann entferne den Haken vor Devices.


Anschließend bitte MBAR ausführen:

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 11.06.2013, 21:49   #9
lachshappen
 
Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf - Standard

Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf



hallo, hier die Ergebnisse:
Gmer:
Code:
ATTFilter
GMER Logfile:
Code:
ATTFilter
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-06-11 22:14:34
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD75 rev.01.0 698,64GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\computer\AppData\Local\Temp\pglorpow.sys


---- User code sections - GMER 2.1 ----

.text  C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[4116] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket      0000000076275ea5 5 bytes JMP 0000000171271ce0
.text  C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[4116] C:\Windows\syswow64\ole32.dll!CoCreateInstance       00000000762a9d0b 5 bytes JMP 0000000171271c70
.text  C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[4244] C:\Windows\syswow64\KERNEL32.dll!RegSetValueExA           0000000075521411 7 bytes JMP 0000000171271e90
.text  C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[4244] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleFileNameExW  000000007553b203 5 bytes JMP 0000000171271da0
.text  C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[4244] C:\Windows\syswow64\KERNEL32.dll!K32EnumProcessModulesEx  00000000755b88dc 7 bytes JMP 0000000171271d90
.text  C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[4244] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleInformation  00000000755b8961 5 bytes JMP 0000000171271e80
.text  C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[4244] C:\Windows\syswow64\KERNEL32.dll!K32GetMappedFileNameW    00000000755b8cb7 5 bytes JMP 0000000171271e10
.text  C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[4244] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket           0000000076275ea5 5 bytes JMP 0000000171271ce0
.text  C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[4244] C:\Windows\syswow64\ole32.dll!CoCreateInstance            00000000762a9d0b 5 bytes JMP 0000000171271c70
.text  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4500] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                      000000007798efc0 5 bytes JMP 000000016fff0148
.text  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4500] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                    00000000779b99a0 7 bytes JMP 000000016fff00d8
.text  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4500] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                    00000000779c94c0 5 bytes JMP 000000016fff0180
.text  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4500] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                    00000000779c9630 5 bytes JMP 000000016fff0110
.text  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4500] C:\Windows\system32\kernel32.dll!RegSetValueExA                                             00000000779ea4f0 7 bytes JMP 000000016fff01b8
.text  C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4732] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                       000007fefe203450 1 byte JMP 000007fffe1f00d8
.text  C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4732] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW + 2                   000007fefe203452 5 bytes {JMP 0xfffffffffffecc88}
.text  C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4732] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                            000007fefe209180 5 bytes JMP 000007fffe1f0180
.text  C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4732] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                     000007fefe209320 5 bytes JMP 000007fffe1f0110
.text  C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4732] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                         000007fefe20c5e0 6 bytes JMP 000007fffe1f0148
.text  C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4732] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                      000007fefe4e89e0 8 bytes JMP 000007fffe1f01f0
.text  C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4732] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                    000007fefe4ebe40 8 bytes JMP 000007fffe1f01b8
.text  C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4732] C:\Windows\system32\ole32.dll!CoCreateInstance                            000007feff607490 11 bytes JMP 000007fffe1f0228
.text  C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4732] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                           000007feff61bf00 7 bytes JMP 000007fffe1f0260
.text  C:\Program Files\Rainmeter\Rainmeter.exe[5036] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                              000007fefe203450 1 byte JMP 000007fffe1f00d8
.text  C:\Program Files\Rainmeter\Rainmeter.exe[5036] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW + 2                                          000007fefe203452 5 bytes {JMP 0xfffffffffffecc88}
.text  C:\Program Files\Rainmeter\Rainmeter.exe[5036] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                   000007fefe209180 5 bytes JMP 000007fffe1f0180
.text  C:\Program Files\Rainmeter\Rainmeter.exe[5036] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                            000007fefe209320 5 bytes JMP 000007fffe1f0110
.text  C:\Program Files\Rainmeter\Rainmeter.exe[5036] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                000007fefe20c5e0 6 bytes JMP 000007fffe1f0148
.text  C:\Program Files\Rainmeter\Rainmeter.exe[5036] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                             000007fefe4e89e0 8 bytes JMP 000007fffe1f01f0
.text  C:\Program Files\Rainmeter\Rainmeter.exe[5036] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                           000007fefe4ebe40 8 bytes JMP 000007fffe1f01b8
.text  C:\Users\computer\Downloads\gmer_2.1.19163.exe[4984] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                               0000000075521411 7 bytes JMP 0000000171271e90
.text  C:\Users\computer\Downloads\gmer_2.1.19163.exe[4984] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                                      000000007553b203 5 bytes JMP 0000000171271da0
.text  C:\Users\computer\Downloads\gmer_2.1.19163.exe[4984] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                                      00000000755b88dc 7 bytes JMP 0000000171271d90
.text  C:\Users\computer\Downloads\gmer_2.1.19163.exe[4984] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                                      00000000755b8961 5 bytes JMP 0000000171271e80
.text  C:\Users\computer\Downloads\gmer_2.1.19163.exe[4984] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                                        00000000755b8cb7 5 bytes JMP 0000000171271e10
.text  C:\Users\computer\Downloads\gmer_2.1.19163.exe[4984] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                           00000000769a130f 5 bytes JMP 0000000171272450
.text  C:\Users\computer\Downloads\gmer_2.1.19163.exe[4984] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                         00000000769a13bd 5 bytes JMP 00000001712724b0
.text  C:\Users\computer\Downloads\gmer_2.1.19163.exe[4984] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                             00000000769a2097 5 bytes JMP 0000000171272520
.text  C:\Users\computer\Downloads\gmer_2.1.19163.exe[4984] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                                00000000769a22fd 5 bytes JMP 0000000171272670
.text  C:\Users\computer\Downloads\gmer_2.1.19163.exe[4984] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                        000000007689e9a2 5 bytes JMP 0000000171271a00
.text  C:\Users\computer\Downloads\gmer_2.1.19163.exe[4984] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                          000000007689ebdc 5 bytes JMP 0000000171271a90

---- EOF - GMER 2.1 ----
         
--- --- ---
Beim Start von mbar kam noch diese Meldung:


Ich habe dann auf nein geklickt und den Anweisungen gefolgt, hoffe das war richtig.

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.06.0.1003
www.malwarebytes.org

Database version: v2013.06.11.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
computer:: computer-PC [administrator]

11.06.2013 22:19:01
mbar-log-2013-06-11 (22-19-01).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: Deep Anti-Rootkit Scan | PUP
Objects scanned: 280654
Time elapsed: 24 minute(s), 27 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         

Alt 11.06.2013, 22:46   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf - Standard

Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf



aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).




TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 11.06.2013, 23:20   #11
lachshappen
 
Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf - Standard

Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf



hi cosinus,

aswMBR ist bei "Quickscan" Einstellung abgestürzt, habe spaßhalber den Windows-Problembericht auch kopiert, weiß nicht, ob der dir hilft:
Code:
ATTFilter
Problemsignatur:
  Problemereignisname:	APPCRASH
  Anwendungsname:	aswMBR.exe
  Anwendungsversion:	0.9.9.1771
  Anwendungszeitstempel:	5147644e
  Fehlermodulname:	ntdll.dll
  Fehlermodulversion:	6.1.7601.17514
  Fehlermodulzeitstempel:	4ce7ba58
  Ausnahmecode:	c0000005
  Ausnahmeoffset:	0002e39e
  Betriebsystemversion:	6.1.7601.2.1.0.768.3
  Gebietsschema-ID:	1031
  Zusatzinformation 1:	0a9e
  Zusatzinformation 2:	0a9e372d3b4ad19135b953a78882e789
  Zusatzinformation 3:	0a9e
  Zusatzinformation 4:	0a9e372d3b4ad19135b953a78882e789

Lesen Sie unsere Datenschutzbestimmungen online:
  hxxp://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0407

Wenn die Onlinedatenschutzbestimmungen nicht verfügbar sind, lesen Sie unsere Datenschutzbestimmungen offline:
  C:\Windows\system32\de-DE\erofflps.txt
         
hier der Log zu den scan mit "none" Einstellung:

Code:
ATTFilter
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-06-12 00:12:08
-----------------------------
00:12:08.882    OS Version: Windows x64 6.1.7601 Service Pack 1
00:12:08.882    Number of processors: 8 586 0x2A07
00:12:08.883    ComputerName: computer-PC  UserName: computer
00:12:10.961    Initialize success
00:12:21.323    AVAST engine defs: 13061101
00:12:27.940    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
00:12:27.943    Disk 0 Vendor: WDC_WD75 01.0 Size: 715404MB BusType: 3
00:12:28.073    Disk 0 MBR read successfully
00:12:28.078    Disk 0 MBR scan
00:12:28.084    Disk 0 Windows VISTA default MBR code
00:12:28.096    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0      101 MB offset 63
00:12:28.114    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        20000 MB offset 212992
00:12:28.131    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       695299 MB offset 41172992
00:12:28.313    Disk 0 scanning C:\Windows\system32\drivers
00:12:37.852    Service scanning
00:12:55.918    Modules scanning
00:12:55.937    Disk 0 trace - called modules:
00:12:55.962    ntoskrnl.exe CLASSPNP.SYS disk.sys stdcfltn.sys ACPI.sys iaStor.sys hal.dll 
00:12:56.307    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8009704060]
00:12:56.319    3 CLASSPNP.SYS[fffff88001a5143f] -> nt!IofCallDriver -> [0xfffffa8009543b00]
00:12:56.330    5 stdcfltn.sys[fffff88001d91c52] -> nt!IofCallDriver -> [0xfffffa8007b41d10]
00:12:56.342    7 ACPI.sys[fffff88000ef37a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007b4c050]
00:12:56.351    Scan finished successfully
00:13:08.348    Disk 0 MBR has been saved successfully to "C:\Users\computer\Desktop\TB\MBR.dat"
00:13:08.351    The log file has been saved successfully to "C:\Users\computer\Desktop\TB\aswMBR.txt"
         
TDSS Scan:

Code:
ATTFilter
00:14:14.0714 7148  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
00:14:16.0717 7148  ============================================================
00:14:16.0717 7148  Current date / time: 2013/06/12 00:14:16.0717
00:14:16.0717 7148  SystemInfo:
00:14:16.0717 7148  
00:14:16.0717 7148  OS Version: 6.1.7601 ServicePack: 1.0
00:14:16.0717 7148  Product type: Workstation
00:14:16.0718 7148  ComputerName: computer-PC
00:14:16.0718 7148  UserName: computer
00:14:16.0718 7148  Windows directory: C:\Windows
00:14:16.0718 7148  System windows directory: C:\Windows
00:14:16.0718 7148  Running under WOW64
00:14:16.0718 7148  Processor architecture: Intel x64
00:14:16.0718 7148  Number of processors: 8
00:14:16.0718 7148  Page size: 0x1000
00:14:16.0718 7148  Boot type: Normal boot
00:14:16.0718 7148  ============================================================
00:14:17.0158 7148  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:14:17.0172 7148  ============================================================
00:14:17.0172 7148  \Device\Harddisk0\DR0:
00:14:17.0173 7148  MBR partitions:
00:14:17.0173 7148  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x34000, BlocksNum 0x2710000
00:14:17.0173 7148  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2744000, BlocksNum 0x54E01EF0
00:14:17.0173 7148  ============================================================
00:14:17.0207 7148  C: <-> \Device\Harddisk0\DR0\Partition2
00:14:17.0208 7148  ============================================================
00:14:17.0208 7148  Initialize success
00:14:17.0208 7148  ============================================================
00:14:27.0993 7720  ============================================================
00:14:27.0993 7720  Scan started
00:14:27.0993 7720  Mode: Manual; SigCheck; TDLFS; 
00:14:27.0993 7720  ============================================================
00:14:28.0301 7720  ================ Scan system memory ========================
00:14:28.0301 7720  System memory - ok
00:14:28.0302 7720  ================ Scan services =============================
00:14:28.0424 7720  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
00:14:28.0514 7720  1394ohci - ok
00:14:28.0555 7720  [ E0065CBF1A25C015C218457D2CD522B9 ] Acceler         C:\Windows\system32\DRIVERS\Accelern.sys
00:14:28.0642 7720  Acceler - ok
00:14:28.0672 7720  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
00:14:28.0698 7720  ACPI - ok
00:14:28.0717 7720  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
00:14:28.0784 7720  AcpiPmi - ok
00:14:28.0883 7720  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
00:14:28.0912 7720  AdobeARMservice - ok
00:14:29.0016 7720  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:14:29.0045 7720  AdobeFlashPlayerUpdateSvc - ok
00:14:29.0112 7720  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
00:14:29.0146 7720  adp94xx - ok
00:14:29.0193 7720  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
00:14:29.0223 7720  adpahci - ok
00:14:29.0254 7720  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
00:14:29.0280 7720  adpu320 - ok
00:14:29.0318 7720  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
00:14:29.0481 7720  AeLookupSvc - ok
00:14:29.0531 7720  [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
00:14:29.0556 7720  AERTFilters - ok
00:14:29.0598 7720  [ D5B031C308A409A0A576BFF4CF083D30 ] AFD             C:\Windows\system32\drivers\afd.sys
00:14:29.0665 7720  AFD - ok
00:14:29.0686 7720  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
00:14:29.0694 7720  agp440 - ok
00:14:29.0705 7720  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
00:14:29.0726 7720  ALG - ok
00:14:29.0737 7720  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
00:14:29.0745 7720  aliide - ok
00:14:29.0768 7720  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
00:14:29.0792 7720  amdide - ok
00:14:29.0811 7720  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
00:14:29.0823 7720  AmdK8 - ok
00:14:29.0834 7720  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
00:14:29.0847 7720  AmdPPM - ok
00:14:29.0867 7720  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
00:14:29.0879 7720  amdsata - ok
00:14:29.0897 7720  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
00:14:29.0912 7720  amdsbs - ok
00:14:29.0927 7720  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
00:14:29.0939 7720  amdxata - ok
00:14:29.0975 7720  [ 7D9E301AB3247765702D0B65E2E47E50 ] AMPPAL          C:\Windows\system32\DRIVERS\AMPPAL.sys
00:14:30.0020 7720  AMPPAL - ok
00:14:30.0025 7720  [ 7D9E301AB3247765702D0B65E2E47E50 ] AMPPALP         C:\Windows\system32\DRIVERS\amppal.sys
00:14:30.0037 7720  AMPPALP - ok
00:14:30.0119 7720  [ 864C632B999BE1237A3DC46736E71F27 ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
00:14:30.0158 7720  AMPPALR3 - ok
00:14:30.0169 7720  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
00:14:30.0328 7720  AppID - ok
00:14:30.0353 7720  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
00:14:30.0416 7720  AppIDSvc - ok
00:14:30.0436 7720  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
00:14:30.0501 7720  Appinfo - ok
00:14:30.0542 7720  [ D8E18021F91AD79CA8491CB5A5DA22D4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:14:30.0550 7720  Apple Mobile Device - ok
00:14:30.0569 7720  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
00:14:30.0596 7720  arc - ok
00:14:30.0610 7720  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
00:14:30.0637 7720  arcsas - ok
00:14:30.0719 7720  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
00:14:30.0744 7720  aspnet_state - ok
00:14:30.0769 7720  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
00:14:30.0827 7720  AsyncMac - ok
00:14:30.0847 7720  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
00:14:30.0871 7720  atapi - ok
00:14:30.0895 7720  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:14:30.0934 7720  AudioEndpointBuilder - ok
00:14:30.0942 7720  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
00:14:30.0979 7720  AudioSrv - ok
00:14:30.0994 7720  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
00:14:31.0052 7720  AxInstSV - ok
00:14:31.0086 7720  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
00:14:31.0121 7720  b06bdrv - ok
00:14:31.0136 7720  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
00:14:31.0176 7720  b57nd60a - ok
00:14:31.0202 7720  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
00:14:31.0247 7720  BDESVC - ok
00:14:31.0260 7720  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
00:14:31.0318 7720  Beep - ok
00:14:31.0362 7720  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
00:14:31.0432 7720  BFE - ok
00:14:31.0469 7720  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
00:14:31.0554 7720  BITS - ok
00:14:31.0562 7720  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
00:14:31.0573 7720  blbdrive - ok
00:14:31.0607 7720  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:14:31.0637 7720  Bonjour Service - ok
00:14:31.0658 7720  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
00:14:31.0713 7720  bowser - ok
00:14:31.0730 7720  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
00:14:31.0745 7720  BrFiltLo - ok
00:14:31.0756 7720  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
00:14:31.0778 7720  BrFiltUp - ok
00:14:31.0791 7720  [ 8EF0D5C41EC907751B8429162B1239ED ] Browser         C:\Windows\System32\browser.dll
00:14:31.0821 7720  Browser - ok
00:14:31.0842 7720  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\system32\DRIVERS\BrSerId.sys
00:14:31.0889 7720  Brserid - ok
00:14:31.0912 7720  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
00:14:31.0926 7720  BrSerWdm - ok
00:14:31.0929 7720  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
00:14:31.0943 7720  BrUsbMdm - ok
00:14:31.0956 7720  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\system32\DRIVERS\BrUsbSer.sys
00:14:31.0968 7720  BrUsbSer - ok
00:14:31.0981 7720  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
00:14:31.0997 7720  BTHMODEM - ok
00:14:32.0027 7720  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
00:14:32.0059 7720  bthserv - ok
00:14:32.0075 7720  [ 9E2AF97302B9F4BF97E952A865EB31AE ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
00:14:32.0084 7720  BTHSSecurityMgr - ok
00:14:32.0097 7720  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
00:14:32.0136 7720  cdfs - ok
00:14:32.0165 7720  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
00:14:32.0178 7720  cdrom - ok
00:14:32.0200 7720  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
00:14:32.0258 7720  CertPropSvc - ok
00:14:32.0292 7720  [ D2B3252AD4EB499C935A56467997AA3C ] cfwids          C:\Windows\system32\drivers\cfwids.sys
00:14:32.0307 7720  cfwids - ok
00:14:32.0321 7720  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
00:14:32.0353 7720  circlass - ok
00:14:32.0374 7720  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
00:14:32.0395 7720  CLFS - ok
00:14:32.0442 7720  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:14:32.0457 7720  clr_optimization_v2.0.50727_32 - ok
00:14:32.0510 7720  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:14:32.0537 7720  clr_optimization_v2.0.50727_64 - ok
00:14:32.0589 7720  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:14:32.0602 7720  clr_optimization_v4.0.30319_32 - ok
00:14:32.0620 7720  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:14:32.0642 7720  clr_optimization_v4.0.30319_64 - ok
00:14:32.0651 7720  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
00:14:32.0679 7720  CmBatt - ok
00:14:32.0691 7720  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
00:14:32.0704 7720  cmdide - ok
00:14:32.0736 7720  [ D5FEA92400F12412B3922087C09DA6A5 ] CNG             C:\Windows\system32\Drivers\cng.sys
00:14:32.0779 7720  CNG - ok
00:14:32.0793 7720  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
00:14:32.0803 7720  Compbatt - ok
00:14:32.0820 7720  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
00:14:32.0863 7720  CompositeBus - ok
00:14:32.0870 7720  COMSysApp - ok
00:14:32.0888 7720  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
00:14:32.0898 7720  crcdisk - ok
00:14:32.0928 7720  [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc        C:\Windows\system32\cryptsvc.dll
00:14:32.0970 7720  CryptSvc - ok
00:14:33.0019 7720  [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
00:14:33.0087 7720  CtClsFlt - ok
00:14:33.0128 7720  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
00:14:33.0232 7720  DcomLaunch - ok
00:14:33.0263 7720  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
00:14:33.0327 7720  defragsvc - ok
00:14:33.0355 7720  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
00:14:33.0406 7720  DfsC - ok
00:14:33.0427 7720  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
00:14:33.0470 7720  Dhcp - ok
00:14:33.0485 7720  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
00:14:33.0531 7720  discache - ok
00:14:33.0545 7720  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
00:14:33.0554 7720  Disk - ok
00:14:33.0578 7720  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
00:14:33.0635 7720  Dnscache - ok
00:14:33.0652 7720  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
00:14:33.0705 7720  dot3svc - ok
00:14:33.0717 7720  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
00:14:33.0776 7720  DPS - ok
00:14:33.0805 7720  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
00:14:33.0822 7720  drmkaud - ok
00:14:33.0849 7720  [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
00:14:33.0864 7720  dtsoftbus01 - ok
00:14:33.0892 7720  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
00:14:33.0944 7720  DXGKrnl - ok
00:14:33.0967 7720  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
00:14:34.0012 7720  EapHost - ok
00:14:34.0067 7720  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
00:14:34.0121 7720  ebdrv - ok
00:14:34.0138 7720  [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS             C:\Windows\System32\lsass.exe
00:14:34.0151 7720  EFS - ok
00:14:34.0200 7720  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
00:14:34.0311 7720  ehRecvr - ok
00:14:34.0329 7720  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
00:14:34.0372 7720  ehSched - ok
00:14:34.0400 7720  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
00:14:34.0427 7720  elxstor - ok
00:14:34.0433 7720  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
00:14:34.0460 7720  ErrDev - ok
00:14:34.0479 7720  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
00:14:34.0529 7720  EventSystem - ok
00:14:34.0618 7720  [ E3A96D5AE6E5C7B5472011BA77353368 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
00:14:34.0665 7720  EvtEng - ok
00:14:34.0693 7720  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
00:14:34.0772 7720  exfat - ok
00:14:34.0783 7720  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
00:14:34.0830 7720  fastfat - ok
00:14:34.0860 7720  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
00:14:34.0933 7720  Fax - ok
00:14:34.0942 7720  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
00:14:34.0984 7720  fdc - ok
00:14:35.0009 7720  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
00:14:35.0054 7720  fdPHost - ok
00:14:35.0058 7720  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
00:14:35.0089 7720  FDResPub - ok
00:14:35.0100 7720  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
00:14:35.0111 7720  FileInfo - ok
00:14:35.0120 7720  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
00:14:35.0172 7720  Filetrace - ok
00:14:35.0181 7720  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
00:14:35.0193 7720  flpydisk - ok
00:14:35.0209 7720  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
00:14:35.0222 7720  FltMgr - ok
00:14:35.0254 7720  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
00:14:35.0350 7720  FontCache - ok
00:14:35.0391 7720  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:14:35.0414 7720  FontCache3.0.0.0 - ok
00:14:35.0428 7720  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
00:14:35.0449 7720  FsDepends - ok
00:14:35.0455 7720  [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
00:14:35.0474 7720  Fs_Rec - ok
00:14:35.0496 7720  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
00:14:35.0520 7720  fvevol - ok
00:14:35.0532 7720  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
00:14:35.0542 7720  gagp30kx - ok
00:14:35.0592 7720  [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:14:35.0613 7720  GEARAspiWDM - ok
00:14:35.0636 7720  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
00:14:35.0676 7720  gpsvc - ok
00:14:35.0761 7720  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:14:35.0780 7720  gupdate - ok
00:14:35.0797 7720  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:14:35.0819 7720  gupdatem - ok
00:14:35.0839 7720  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
00:14:35.0894 7720  hcw85cir - ok
00:14:35.0923 7720  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
00:14:35.0978 7720  HDAudBus - ok
00:14:35.0991 7720  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
00:14:36.0002 7720  HidBatt - ok
00:14:36.0013 7720  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
00:14:36.0038 7720  HidBth - ok
00:14:36.0051 7720  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
00:14:36.0100 7720  HidIr - ok
00:14:36.0122 7720  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
00:14:36.0173 7720  hidserv - ok
00:14:36.0194 7720  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
00:14:36.0205 7720  HidUsb - ok
00:14:36.0262 7720  [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK      C:\Windows\system32\drivers\HipShieldK.sys
00:14:36.0288 7720  HipShieldK - ok
00:14:36.0313 7720  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
00:14:36.0407 7720  hkmsvc - ok
00:14:36.0419 7720  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:14:36.0448 7720  HomeGroupListener - ok
00:14:36.0465 7720  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:14:36.0517 7720  HomeGroupProvider - ok
00:14:36.0547 7720  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
00:14:36.0573 7720  HpSAMD - ok
00:14:36.0615 7720  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
00:14:36.0739 7720  HTTP - ok
00:14:36.0755 7720  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
00:14:36.0772 7720  hwpolicy - ok
00:14:36.0793 7720  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
00:14:36.0823 7720  i8042prt - ok
00:14:36.0856 7720  [ D469B77687E12FE43E344806740B624D ] iaStor          C:\Windows\system32\drivers\iaStor.sys
00:14:36.0885 7720  iaStor - ok
00:14:36.0914 7720  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
00:14:36.0937 7720  iaStorV - ok
00:14:36.0990 7720  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:14:37.0024 7720  idsvc - ok
00:14:37.0324 7720  [ 795C99DC4F574C97C03D0BB39CF099EE ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
00:14:37.0831 7720  igfx - ok
00:14:37.0850 7720  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
00:14:37.0858 7720  iirsp - ok
00:14:37.0897 7720  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
00:14:37.0969 7720  IKEEXT - ok
00:14:38.0008 7720  [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd           C:\Windows\system32\drivers\Impcd.sys
00:14:38.0048 7720  Impcd - ok
00:14:38.0115 7720  [ 8FED6428FDE53D7F4C105095F22524BE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
00:14:38.0200 7720  IntcAzAudAddService - ok
00:14:38.0215 7720  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
00:14:38.0238 7720  IntcDAud - ok
00:14:38.0256 7720  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
00:14:38.0264 7720  intelide - ok
00:14:38.0281 7720  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
00:14:38.0312 7720  intelppm - ok
00:14:38.0339 7720  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
00:14:38.0383 7720  IPBusEnum - ok
00:14:38.0387 7720  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:14:38.0421 7720  IpFilterDriver - ok
00:14:38.0446 7720  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
00:14:38.0501 7720  iphlpsvc - ok
00:14:38.0505 7720  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
00:14:38.0519 7720  IPMIDRV - ok
00:14:38.0523 7720  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
00:14:38.0570 7720  IPNAT - ok
00:14:38.0630 7720  [ 3C0D4B3E80FC4854CA325DD123CC4DED ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
00:14:38.0683 7720  iPod Service - ok
00:14:38.0706 7720  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
00:14:38.0723 7720  IRENUM - ok
00:14:38.0738 7720  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
00:14:38.0747 7720  isapnp - ok
00:14:38.0763 7720  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
00:14:38.0777 7720  iScsiPrt - ok
00:14:38.0803 7720  [ E56417C56B6A7316B6F527C890A1860D ] JMCR            C:\Windows\system32\DRIVERS\jmcr.sys
00:14:38.0813 7720  JMCR - ok
00:14:38.0827 7720  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
00:14:38.0837 7720  kbdclass - ok
00:14:38.0847 7720  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
00:14:38.0866 7720  kbdhid - ok
00:14:38.0879 7720  [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso          C:\Windows\system32\lsass.exe
00:14:38.0891 7720  KeyIso - ok
00:14:38.0905 7720  [ CCD53B5BD33CE0C889E830D839C8B66E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
00:14:38.0915 7720  KSecDD - ok
00:14:38.0927 7720  [ 9FF918A261752C12639E8AD4208D2C2F ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
00:14:38.0937 7720  KSecPkg - ok
00:14:38.0945 7720  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
00:14:38.0981 7720  ksthunk - ok
00:14:39.0004 7720  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
00:14:39.0038 7720  KtmRm - ok
00:14:39.0070 7720  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
00:14:39.0148 7720  LanmanServer - ok
00:14:39.0167 7720  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:14:39.0206 7720  LanmanWorkstation - ok
00:14:39.0235 7720  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
00:14:39.0266 7720  lltdio - ok
00:14:39.0286 7720  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
00:14:39.0322 7720  lltdsvc - ok
00:14:39.0338 7720  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
00:14:39.0376 7720  lmhosts - ok
00:14:39.0422 7720  [ 7F32D4C47A50E7223491E8FB9359907D ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
00:14:39.0445 7720  LMS - ok
00:14:39.0475 7720  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
00:14:39.0492 7720  LSI_FC - ok
00:14:39.0510 7720  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
00:14:39.0524 7720  LSI_SAS - ok
00:14:39.0527 7720  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
00:14:39.0537 7720  LSI_SAS2 - ok
00:14:39.0541 7720  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
00:14:39.0551 7720  LSI_SCSI - ok
00:14:39.0563 7720  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
00:14:39.0623 7720  luafv - ok
00:14:39.0656 7720  mbamswissarmy - ok
00:14:39.0712 7720  [ B6BD99C3E23507A732C474CAA620C0D7 ] McAWFwk         c:\PROGRA~1\mcafee\msc\mcawfwk.exe
00:14:39.0734 7720  McAWFwk - ok
00:14:39.0795 7720  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
00:14:39.0823 7720  McMPFSvc - ok
00:14:39.0835 7720  [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
00:14:39.0845 7720  mcmscsvc - ok
00:14:39.0849 7720  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
00:14:39.0878 7720  McNaiAnn - ok
00:14:39.0895 7720  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc         C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
00:14:39.0903 7720  McNASvc - ok
00:14:39.0956 7720  [ 1814532DB0404C5FB65AA3EB051B2BE5 ] McODS           C:\Program Files\mcafee\VirusScan\mcods.exe
00:14:39.0971 7720  McODS - ok
00:14:39.0975 7720  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McOobeSv        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
00:14:39.0985 7720  McOobeSv - ok
00:14:39.0989 7720  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy         C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
00:14:39.0999 7720  McProxy - ok
00:14:40.0048 7720  [ 21F81090A00932C5E96700EDF2977582 ] McShield        C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
00:14:40.0075 7720  McShield - ok
00:14:40.0101 7720  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
00:14:40.0139 7720  Mcx2Svc - ok
00:14:40.0154 7720  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
00:14:40.0162 7720  megasas - ok
00:14:40.0175 7720  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
00:14:40.0188 7720  MegaSR - ok
00:14:40.0216 7720  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
00:14:40.0227 7720  MEIx64 - ok
00:14:40.0239 7720  [ B1720E97FABBDF7D30B36DAF19C3DEE8 ] mfeapfk         C:\Windows\system32\drivers\mfeapfk.sys
00:14:40.0252 7720  mfeapfk - ok
00:14:40.0277 7720  [ 113F1534B80D65DFDCA660F19967A3B7 ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
00:14:40.0293 7720  mfeavfk - ok
00:14:40.0298 7720  mfeavfk01 - ok
00:14:40.0351 7720  [ C4F521310E40327BBC8E8E71DA344F48 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
00:14:40.0378 7720  mfefire - ok
00:14:40.0406 7720  [ CECC9841D036EE008091825272D91331 ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
00:14:40.0431 7720  mfefirek - ok
00:14:40.0466 7720  [ EF0F85EDBDF6C0AB467E88E0CEE2B346 ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
00:14:40.0497 7720  mfehidk - ok
00:14:40.0511 7720  [ 6E3A46BF6CBB80450CC24F80FE03ED5A ] mferkdet        C:\Windows\system32\drivers\mferkdet.sys
00:14:40.0527 7720  mferkdet - ok
00:14:40.0586 7720  [ 341BFCAA3A55C08E8C9ECB1654ACA905 ] mfevtp          C:\Windows\system32\mfevtps.exe
00:14:40.0600 7720  mfevtp - ok
00:14:40.0631 7720  [ 2802D09F1B6ED502237539563F3C4992 ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
00:14:40.0650 7720  mfewfpk - ok
00:14:40.0662 7720  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
00:14:40.0699 7720  MMCSS - ok
00:14:40.0713 7720  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
00:14:40.0757 7720  Modem - ok
00:14:40.0768 7720  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
00:14:40.0794 7720  monitor - ok
00:14:40.0812 7720  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
00:14:40.0821 7720  mouclass - ok
00:14:40.0831 7720  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
00:14:40.0842 7720  mouhid - ok
00:14:40.0864 7720  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
00:14:40.0874 7720  mountmgr - ok
00:14:40.0929 7720  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:14:40.0984 7720  MozillaMaintenance - ok
00:14:40.0994 7720  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
00:14:41.0005 7720  mpio - ok
00:14:41.0008 7720  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
00:14:41.0040 7720  mpsdrv - ok
00:14:41.0067 7720  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
00:14:41.0108 7720  MpsSvc - ok
00:14:41.0122 7720  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
00:14:41.0140 7720  MRxDAV - ok
00:14:41.0157 7720  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
00:14:41.0186 7720  mrxsmb - ok
00:14:41.0205 7720  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:14:41.0303 7720  mrxsmb10 - ok
00:14:41.0319 7720  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:14:41.0332 7720  mrxsmb20 - ok
00:14:41.0348 7720  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
00:14:41.0357 7720  msahci - ok
00:14:41.0368 7720  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
00:14:41.0378 7720  msdsm - ok
00:14:41.0388 7720  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
00:14:41.0402 7720  MSDTC - ok
00:14:41.0418 7720  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
00:14:41.0482 7720  Msfs - ok
00:14:41.0504 7720  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
00:14:41.0549 7720  mshidkmdf - ok
00:14:41.0575 7720  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
00:14:41.0584 7720  msisadrv - ok
00:14:41.0612 7720  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
00:14:41.0665 7720  MSiSCSI - ok
00:14:41.0668 7720  msiserver - ok
00:14:41.0677 7720  [ F928E5E72BBA15DD0CE9A26E0413D236 ] MSK80Service    C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
00:14:41.0686 7720  MSK80Service - ok
00:14:41.0701 7720  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
00:14:41.0759 7720  MSKSSRV - ok
00:14:41.0773 7720  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
00:14:41.0815 7720  MSPCLOCK - ok
00:14:41.0826 7720  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
00:14:41.0865 7720  MSPQM - ok
00:14:41.0882 7720  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
00:14:41.0897 7720  MsRPC - ok
00:14:41.0908 7720  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
00:14:41.0917 7720  mssmbios - ok
00:14:41.0920 7720  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
00:14:41.0962 7720  MSTEE - ok
00:14:41.0973 7720  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
00:14:41.0997 7720  MTConfig - ok
00:14:42.0008 7720  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
00:14:42.0017 7720  Mup - ok
00:14:42.0060 7720  [ 8F57DB74BF5407A4CDA6C8B005DC8DD0 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
00:14:42.0075 7720  MyWiFiDHCPDNS - ok
00:14:42.0103 7720  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
00:14:42.0151 7720  napagent - ok
00:14:42.0174 7720  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
00:14:42.0207 7720  NativeWifiP - ok
00:14:42.0249 7720  [ C38B8AE57F78915905064A9A24DC1586 ] NDIS            C:\Windows\system32\drivers\ndis.sys
00:14:42.0274 7720  NDIS - ok
00:14:42.0287 7720  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
00:14:42.0317 7720  NdisCap - ok
00:14:42.0332 7720  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
00:14:42.0362 7720  NdisTapi - ok
00:14:42.0376 7720  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
00:14:42.0406 7720  Ndisuio - ok
00:14:42.0417 7720  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
00:14:42.0477 7720  NdisWan - ok
00:14:42.0495 7720  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
00:14:42.0525 7720  NDProxy - ok
00:14:42.0532 7720  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
00:14:42.0570 7720  NetBIOS - ok
00:14:42.0583 7720  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
00:14:42.0616 7720  NetBT - ok
00:14:42.0637 7720  [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon        C:\Windows\system32\lsass.exe
00:14:42.0649 7720  Netlogon - ok
00:14:42.0668 7720  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
00:14:42.0747 7720  Netman - ok
00:14:42.0771 7720  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:14:42.0780 7720  NetMsmqActivator - ok
00:14:42.0783 7720  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:14:42.0792 7720  NetPipeActivator - ok
00:14:42.0812 7720  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
00:14:42.0892 7720  netprofm - ok
00:14:42.0895 7720  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:14:42.0904 7720  NetTcpActivator - ok
00:14:42.0907 7720  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:14:42.0915 7720  NetTcpPortSharing - ok
00:14:43.0119 7720  [ 50AD7F7040C22BB7CAA59A0880875A21 ] NETwNs64        C:\Windows\system32\DRIVERS\NETwNs64.sys
00:14:43.0347 7720  NETwNs64 - ok
00:14:43.0361 7720  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
00:14:43.0370 7720  nfrd960 - ok
00:14:43.0383 7720  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
00:14:43.0429 7720  NlaSvc - ok
00:14:43.0548 7720  [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU            C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
00:14:43.0746 7720  NOBU - ok
00:14:43.0755 7720  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
00:14:43.0785 7720  Npfs - ok
00:14:43.0797 7720  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
00:14:43.0842 7720  nsi - ok
00:14:43.0855 7720  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
00:14:43.0885 7720  nsiproxy - ok
00:14:43.0937 7720  [ A2F74975097F52A00745F9637451FDD8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
00:14:43.0992 7720  Ntfs - ok
00:14:44.0003 7720  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
00:14:44.0067 7720  Null - ok
00:14:44.0099 7720  [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
00:14:44.0129 7720  nusb3hub - ok
00:14:44.0156 7720  [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
00:14:44.0184 7720  nusb3xhc - ok
00:14:44.0224 7720  [ F2662FDC20518EE8A8EED4F61BA42349 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
00:14:44.0243 7720  NVHDA - ok
00:14:44.0505 7720  [ 573B0941A37AEBEE96085D56A103F57B ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
00:14:44.0867 7720  nvlddmkm - ok
00:14:44.0878 7720  [ 43AF7EBEAC2AB623468E32CADDCB61A4 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
00:14:44.0884 7720  nvpciflt - ok
00:14:44.0909 7720  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
00:14:44.0920 7720  nvraid - ok
00:14:44.0936 7720  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
00:14:44.0947 7720  nvstor - ok
00:14:44.0963 7720  [ 9E01B716C8085F7ADB1CDC10103CEEF8 ] NvStUSB         C:\Windows\system32\drivers\nvstusb.sys
00:14:44.0971 7720  NvStUSB - ok
00:14:44.0997 7720  [ C500760572C6059918FB0C960967695B ] NVSvc           C:\Windows\system32\nvvsvc.exe
00:14:45.0016 7720  NVSvc - ok
00:14:45.0084 7720  [ F28169A7ADF7B41809CF92D369E744F0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
00:14:45.0167 7720  nvUpdatusService - ok
00:14:45.0187 7720  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
00:14:45.0198 7720  nv_agp - ok
00:14:45.0206 7720  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
00:14:45.0227 7720  ohci1394 - ok
00:14:45.0300 7720  [ EC322186D8FCE3D632F3F597D67747DD ] OpenVPNService  C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
00:14:45.0324 7720  OpenVPNService ( UnsignedFile.Multi.Generic ) - warning
00:14:45.0325 7720  OpenVPNService - detected UnsignedFile.Multi.Generic (1)
00:14:45.0384 7720  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:14:45.0470 7720  ose - ok
00:14:45.0614 7720  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
00:14:45.0766 7720  osppsvc - ok
00:14:45.0791 7720  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
00:14:45.0845 7720  p2pimsvc - ok
00:14:45.0867 7720  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
00:14:45.0884 7720  p2psvc - ok
00:14:45.0897 7720  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
00:14:45.0908 7720  Parport - ok
00:14:45.0917 7720  [ 871EADAC56B0A4C6512BBE32753CCF79 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
00:14:45.0926 7720  partmgr - ok
00:14:45.0942 7720  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
00:14:45.0960 7720  PcaSvc - ok
00:14:46.0085 7720  [ 4B5F5774FF1C577B9515FDD2B5C535C5 ] PCDSRVC{D3412D80-CF3B4A27-06020200}_0 c:\program files\my dell\pcdsrvc_x64.pkms
00:14:46.0141 7720  PCDSRVC{D3412D80-CF3B4A27-06020200}_0 - ok
00:14:46.0172 7720  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
00:14:46.0193 7720  pci - ok
00:14:46.0213 7720  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
00:14:46.0238 7720  pciide - ok
00:14:46.0252 7720  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
00:14:46.0264 7720  pcmcia - ok
00:14:46.0274 7720  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
00:14:46.0283 7720  pcw - ok
00:14:46.0301 7720  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
00:14:46.0357 7720  PEAUTH - ok
00:14:46.0433 7720  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
00:14:46.0468 7720  PerfHost - ok
00:14:46.0516 7720  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
00:14:46.0625 7720  pla - ok
00:14:46.0666 7720  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
00:14:46.0718 7720  PlugPlay - ok
00:14:46.0728 7720  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
00:14:46.0749 7720  PNRPAutoReg - ok
00:14:46.0777 7720  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
00:14:46.0793 7720  PNRPsvc - ok
00:14:46.0822 7720  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
00:14:46.0873 7720  PolicyAgent - ok
00:14:46.0891 7720  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
00:14:46.0949 7720  Power - ok
00:14:46.0979 7720  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
00:14:47.0052 7720  PptpMiniport - ok
00:14:47.0059 7720  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
00:14:47.0070 7720  Processor - ok
00:14:47.0084 7720  [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc         C:\Windows\system32\profsvc.dll
00:14:47.0150 7720  ProfSvc - ok
00:14:47.0162 7720  [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
00:14:47.0174 7720  ProtectedStorage - ok
00:14:47.0181 7720  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
00:14:47.0225 7720  Psched - ok
00:14:47.0254 7720  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
00:14:47.0270 7720  PxHlpa64 - ok
00:14:47.0292 7720  [ 0928BD20273625622722FE1DE5BBDE57 ] qicflt          C:\Windows\system32\DRIVERS\qicflt.sys
00:14:47.0305 7720  qicflt - ok
00:14:47.0346 7720  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
00:14:47.0421 7720  ql2300 - ok
00:14:47.0430 7720  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
00:14:47.0440 7720  ql40xx - ok
00:14:47.0453 7720  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
00:14:47.0480 7720  QWAVE - ok
00:14:47.0497 7720  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
00:14:47.0514 7720  QWAVEdrv - ok
00:14:47.0527 7720  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
00:14:47.0557 7720  RasAcd - ok
00:14:47.0586 7720  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
00:14:47.0640 7720  RasAgileVpn - ok
00:14:47.0651 7720  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
00:14:47.0695 7720  RasAuto - ok
00:14:47.0706 7720  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
00:14:47.0749 7720  Rasl2tp - ok
00:14:47.0766 7720  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
00:14:47.0802 7720  RasMan - ok
00:14:47.0824 7720  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
00:14:47.0881 7720  RasPppoe - ok
00:14:47.0919 7720  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
00:14:47.0970 7720  RasSstp - ok
00:14:47.0983 7720  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
00:14:48.0024 7720  rdbss - ok
00:14:48.0034 7720  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
00:14:48.0048 7720  rdpbus - ok
00:14:48.0060 7720  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
00:14:48.0090 7720  RDPCDD - ok
00:14:48.0113 7720  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
00:14:48.0175 7720  RDPENCDD - ok
00:14:48.0191 7720  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
00:14:48.0221 7720  RDPREFMP - ok
00:14:48.0239 7720  [ 15B66C206B5CB095BAB980553F38ED23 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
00:14:48.0270 7720  RDPWD - ok
00:14:48.0283 7720  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
00:14:48.0295 7720  rdyboost - ok
00:14:48.0368 7720  [ FD11C1287D38A46FB72353E14D50089C ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
00:14:48.0410 7720  RegSrvc - ok
00:14:48.0422 7720  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
00:14:48.0461 7720  RemoteAccess - ok
00:14:48.0483 7720  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
00:14:48.0525 7720  RemoteRegistry - ok
00:14:48.0625 7720  [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
00:14:48.0669 7720  RoxMediaDB12OEM - ok
00:14:48.0695 7720  [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12      C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
00:14:48.0719 7720  RoxWatch12 - ok
00:14:48.0738 7720  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
00:14:48.0787 7720  RpcEptMapper - ok
00:14:48.0799 7720  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
00:14:48.0811 7720  RpcLocator - ok
00:14:48.0827 7720  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
00:14:48.0862 7720  RpcSs - ok
00:14:48.0872 7720  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
00:14:48.0903 7720  rspndr - ok
00:14:48.0934 7720  [ ED5873F7DFB2F96D37F13322211B6BDC ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
00:14:48.0948 7720  RTL8167 - ok
00:14:48.0954 7720  [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs           C:\Windows\system32\lsass.exe
00:14:48.0966 7720  SamSs - ok
00:14:48.0978 7720  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
00:14:48.0989 7720  sbp2port - ok
00:14:49.0001 7720  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
00:14:49.0046 7720  SCardSvr - ok
00:14:49.0049 7720  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
00:14:49.0083 7720  scfilter - ok
00:14:49.0116 7720  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
00:14:49.0180 7720  Schedule - ok
00:14:49.0207 7720  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
00:14:49.0257 7720  SCPolicySvc - ok
00:14:49.0282 7720  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
00:14:49.0330 7720  sdbus - ok
00:14:49.0347 7720  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
00:14:49.0385 7720  SDRSVC - ok
00:14:49.0410 7720  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
00:14:49.0490 7720  secdrv - ok
00:14:49.0503 7720  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
00:14:49.0533 7720  seclogon - ok
00:14:49.0541 7720  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
00:14:49.0582 7720  SENS - ok
00:14:49.0610 7720  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
00:14:49.0662 7720  SensrSvc - ok
00:14:49.0684 7720  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
00:14:49.0718 7720  Serenum - ok
00:14:49.0733 7720  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
00:14:49.0745 7720  Serial - ok
00:14:49.0757 7720  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
00:14:49.0769 7720  sermouse - ok
00:14:49.0791 7720  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
00:14:49.0852 7720  SessionEnv - ok
00:14:49.0867 7720  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
00:14:49.0880 7720  sffdisk - ok
00:14:49.0888 7720  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
00:14:49.0901 7720  sffp_mmc - ok
00:14:49.0910 7720  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
00:14:49.0933 7720  sffp_sd - ok
00:14:49.0943 7720  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
00:14:49.0955 7720  sfloppy - ok
00:14:50.0052 7720  [ 1968E6EBBEECF61D5F7D8603467E2AD0 ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
00:14:50.0127 7720  SftService - ok
00:14:50.0146 7720  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
00:14:50.0213 7720  SharedAccess - ok
00:14:50.0236 7720  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:14:50.0280 7720  ShellHWDetection - ok
00:14:50.0284 7720  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
00:14:50.0295 7720  SiSRaid2 - ok
00:14:50.0299 7720  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
00:14:50.0309 7720  SiSRaid4 - ok
00:14:50.0328 7720  [ 6128E98EAAED364ED1A32708D2FD22CB ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
00:14:50.0341 7720  SkypeUpdate - ok
00:14:50.0354 7720  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
00:14:50.0386 7720  Smb - ok
00:14:50.0404 7720  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
00:14:50.0418 7720  SNMPTRAP - ok
00:14:50.0430 7720  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
00:14:50.0439 7720  spldr - ok
00:14:50.0459 7720  [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler         C:\Windows\System32\spoolsv.exe
00:14:50.0500 7720  Spooler - ok
00:14:50.0597 7720  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
00:14:50.0709 7720  sppsvc - ok
00:14:50.0722 7720  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
00:14:50.0753 7720  sppuinotify - ok
00:14:50.0779 7720  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
00:14:50.0806 7720  srv - ok
00:14:50.0821 7720  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
00:14:50.0837 7720  srv2 - ok
00:14:50.0847 7720  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
00:14:50.0864 7720  srvnet - ok
00:14:50.0883 7720  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
00:14:50.0927 7720  SSDPSRV - ok
00:14:50.0944 7720  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
00:14:50.0976 7720  SstpSvc - ok
00:14:50.0998 7720  [ 92E7F6666633D2DD91D527503DAA7BE0 ] stdcfltn        C:\Windows\system32\DRIVERS\stdcfltn.sys
00:14:51.0005 7720  stdcfltn - ok
00:14:51.0045 7720  [ 0683504BBB3FFC0A73D9D217B63DD0E0 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
00:14:51.0074 7720  Stereo Service - ok
00:14:51.0089 7720  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
00:14:51.0098 7720  stexstor - ok
00:14:51.0139 7720  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
00:14:51.0211 7720  stisvc - ok
00:14:51.0235 7720  [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr        C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
00:14:51.0244 7720  stllssvr - ok
00:14:51.0257 7720  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
00:14:51.0266 7720  swenum - ok
00:14:51.0336 7720  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
00:14:51.0391 7720  SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
00:14:51.0391 7720  SwitchBoard - detected UnsignedFile.Multi.Generic (1)
00:14:51.0426 7720  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
00:14:51.0485 7720  swprv - ok
00:14:51.0543 7720  [ B0C7D4DCF4800DF2F2145B500D0161E8 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
00:14:51.0596 7720  SynTP - ok
00:14:51.0637 7720  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
00:14:51.0731 7720  SysMain - ok
00:14:51.0748 7720  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:14:51.0766 7720  TabletInputService - ok
00:14:51.0814 7720  [ F9BE29D5E097F03F81D3CD12B794CB66 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
00:14:51.0865 7720  tap0901 - ok
00:14:51.0891 7720  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
00:14:51.0956 7720  TapiSrv - ok
00:14:51.0969 7720  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
00:14:52.0008 7720  TBS - ok
00:14:52.0073 7720  [ F0E98C00A09FDF791525829A1D14240F ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
00:14:52.0149 7720  Tcpip - ok
00:14:52.0192 7720  [ F0E98C00A09FDF791525829A1D14240F ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
00:14:52.0231 7720  TCPIP6 - ok
00:14:52.0249 7720  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
00:14:52.0315 7720  tcpipreg - ok
00:14:52.0324 7720  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
00:14:52.0364 7720  TDPIPE - ok
00:14:52.0373 7720  [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
00:14:52.0403 7720  TDTCP - ok
00:14:52.0420 7720  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
00:14:52.0450 7720  tdx - ok
00:14:52.0461 7720  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
00:14:52.0470 7720  TermDD - ok
00:14:52.0486 7720  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
00:14:52.0522 7720  TermService - ok
00:14:52.0534 7720  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
00:14:52.0551 7720  Themes - ok
00:14:52.0562 7720  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
00:14:52.0593 7720  THREADORDER - ok
00:14:52.0601 7720  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
00:14:52.0644 7720  TrkWks - ok
00:14:52.0675 7720  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:14:52.0744 7720  TrustedInstaller - ok
00:14:52.0748 7720  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
00:14:52.0787 7720  tssecsrv - ok
00:14:52.0802 7720  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
00:14:52.0825 7720  TsUsbFlt - ok
00:14:52.0835 7720  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
00:14:52.0862 7720  TsUsbGD - ok
00:14:52.0894 7720  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
00:14:52.0950 7720  tunnel - ok
00:14:52.0982 7720  [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
00:14:52.0990 7720  TurboB - ok
00:14:53.0022 7720  [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
00:14:53.0050 7720  TurboBoost - ok
00:14:53.0053 7720  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
00:14:53.0063 7720  uagp35 - ok
00:14:53.0080 7720  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
00:14:53.0124 7720  udfs - ok
00:14:53.0134 7720  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
00:14:53.0162 7720  UI0Detect - ok
00:14:53.0194 7720  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
00:14:53.0224 7720  uliagpkx - ok
00:14:53.0243 7720  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
00:14:53.0255 7720  umbus - ok
00:14:53.0277 7720  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
00:14:53.0288 7720  UmPass - ok
00:14:53.0398 7720  [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
00:14:53.0494 7720  UNS - ok
00:14:53.0512 7720  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
00:14:53.0574 7720  upnphost - ok
00:14:53.0626 7720  [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
00:14:53.0687 7720  USBAAPL64 - ok
00:14:53.0709 7720  [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
00:14:53.0762 7720  usbccgp - ok
00:14:53.0778 7720  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
00:14:53.0793 7720  usbcir - ok
00:14:53.0807 7720  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
00:14:53.0826 7720  usbehci - ok
00:14:53.0862 7720  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
00:14:53.0895 7720  usbhub - ok
00:14:53.0924 7720  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
00:14:53.0940 7720  usbohci - ok
00:14:53.0961 7720  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
00:14:54.0001 7720  usbprint - ok
00:14:54.0023 7720  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
00:14:54.0037 7720  usbscan - ok
00:14:54.0052 7720  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:14:54.0078 7720  USBSTOR - ok
00:14:54.0095 7720  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
00:14:54.0115 7720  usbuhci - ok
00:14:54.0138 7720  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
00:14:54.0191 7720  usbvideo - ok
00:14:54.0214 7720  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
00:14:54.0270 7720  UxSms - ok
00:14:54.0286 7720  [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc        C:\Windows\system32\lsass.exe
00:14:54.0299 7720  VaultSvc - ok
00:14:54.0318 7720  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
00:14:54.0326 7720  vdrvroot - ok
00:14:54.0343 7720  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
00:14:54.0393 7720  vds - ok
00:14:54.0417 7720  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
00:14:54.0450 7720  vga - ok
00:14:54.0469 7720  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
00:14:54.0531 7720  VgaSave - ok
00:14:54.0542 7720  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
00:14:54.0554 7720  vhdmp - ok
00:14:54.0568 7720  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
00:14:54.0577 7720  viaide - ok
00:14:54.0593 7720  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
00:14:54.0602 7720  volmgr - ok
00:14:54.0615 7720  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
00:14:54.0630 7720  volmgrx - ok
00:14:54.0648 7720  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
00:14:54.0662 7720  volsnap - ok
00:14:54.0722 7720  [ D6653180D162CB3144FDBC8A651CEBB1 ] vpnagent        C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
00:14:54.0768 7720  vpnagent - ok
00:14:54.0779 7720  [ 13E6D95E7AC67ABB7A1196557EF8849F ] vpnva           C:\Windows\system32\DRIVERS\vpnva64.sys
00:14:54.0786 7720  vpnva - ok
00:14:54.0799 7720  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
00:14:54.0811 7720  vsmraid - ok
00:14:54.0866 7720  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
00:14:54.0965 7720  VSS - ok
00:14:54.0969 7720  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
00:14:54.0991 7720  vwifibus - ok
00:14:55.0015 7720  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
00:14:55.0032 7720  vwififlt - ok
00:14:55.0037 7720  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
00:14:55.0064 7720  vwifimp - ok
00:14:55.0082 7720  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
00:14:55.0118 7720  W32Time - ok
00:14:55.0132 7720  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
00:14:55.0150 7720  WacomPen - ok
00:14:55.0178 7720  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
00:14:55.0220 7720  WANARP - ok
00:14:55.0237 7720  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
00:14:55.0267 7720  Wanarpv6 - ok
00:14:55.0304 7720  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
00:14:55.0372 7720  wbengine - ok
00:14:55.0389 7720  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
00:14:55.0414 7720  WbioSrvc - ok
00:14:55.0433 7720  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
00:14:55.0499 7720  wcncsvc - ok
00:14:55.0527 7720  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:14:55.0565 7720  WcsPlugInService - ok
00:14:55.0618 7720  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
00:14:55.0646 7720  Wd - ok
00:14:55.0674 7720  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
00:14:55.0694 7720  Wdf01000 - ok
00:14:55.0703 7720  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
00:14:55.0801 7720  WdiServiceHost - ok
00:14:55.0810 7720  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
00:14:55.0826 7720  WdiSystemHost - ok
00:14:55.0838 7720  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
00:14:55.0870 7720  WebClient - ok
00:14:55.0887 7720  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
00:14:55.0929 7720  Wecsvc - ok
00:14:55.0942 7720  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
00:14:56.0004 7720  wercplsupport - ok
00:14:56.0033 7720  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
00:14:56.0073 7720  WerSvc - ok
00:14:56.0096 7720  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
00:14:56.0128 7720  WfpLwf - ok
00:14:56.0164 7720  [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
00:14:56.0175 7720  WimFltr - ok
00:14:56.0187 7720  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
00:14:56.0196 7720  WIMMount - ok
00:14:56.0210 7720  WinDefend - ok
00:14:56.0218 7720  WinHttpAutoProxySvc - ok
00:14:56.0252 7720  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
00:14:56.0306 7720  Winmgmt - ok
00:14:56.0361 7720  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
00:14:56.0432 7720  WinRM - ok
00:14:56.0491 7720  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
00:14:56.0537 7720  WinUsb - ok
00:14:56.0573 7720  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
00:14:56.0602 7720  Wlansvc - ok
00:14:56.0617 7720  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
00:14:56.0626 7720  wlcrasvc - ok
00:14:56.0713 7720  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:14:56.0776 7720  wlidsvc - ok
00:14:56.0797 7720  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
00:14:56.0808 7720  WmiAcpi - ok
00:14:56.0823 7720  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
00:14:56.0837 7720  wmiApSrv - ok
00:14:56.0854 7720  WMPNetworkSvc - ok
00:14:56.0867 7720  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
00:14:56.0908 7720  WPCSvc - ok
00:14:56.0922 7720  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
00:14:56.0970 7720  WPDBusEnum - ok
00:14:56.0994 7720  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
00:14:57.0024 7720  ws2ifsl - ok
00:14:57.0037 7720  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
00:14:57.0067 7720  wscsvc - ok
00:14:57.0070 7720  WSearch - ok
00:14:57.0142 7720  [ 9DF12EDBC698B0BC353B3EF84861E430 ] wuauserv        C:\Windows\system32\wuaueng.dll
00:14:57.0250 7720  wuauserv - ok
00:14:57.0262 7720  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
00:14:57.0293 7720  WudfPf - ok
00:14:57.0311 7720  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
00:14:57.0343 7720  WUDFRd - ok
00:14:57.0355 7720  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
00:14:57.0386 7720  wudfsvc - ok
00:14:57.0398 7720  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
00:14:57.0430 7720  WwanSvc - ok
00:14:57.0477 7720  ================ Scan global ===============================
00:14:57.0493 7720  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
00:14:57.0514 7720  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
00:14:57.0521 7720  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
00:14:57.0539 7720  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
00:14:57.0558 7720  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
00:14:57.0569 7720  [Global] - ok
00:14:57.0570 7720  ================ Scan MBR ==================================
00:14:57.0581 7720  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
00:14:57.0895 7720  \Device\Harddisk0\DR0 - ok
00:14:57.0896 7720  ================ Scan VBR ==================================
00:14:57.0901 7720  [ AA770D09DD7B8F709D05C0661C35163A ] \Device\Harddisk0\DR0\Partition1
00:14:57.0904 7720  \Device\Harddisk0\DR0\Partition1 - ok
00:14:57.0939 7720  [ 8BB9E90A2B4737751E2867FE3831B9F6 ] \Device\Harddisk0\DR0\Partition2
00:14:57.0941 7720  \Device\Harddisk0\DR0\Partition2 - ok
00:14:57.0942 7720  ============================================================
00:14:57.0942 7720  Scan finished
00:14:57.0942 7720  ============================================================
00:14:57.0960 7520  Detected object count: 2
00:14:57.0961 7520  Actual detected object count: 2
         

Alt 12.06.2013, 08:32   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf - Standard

Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf



Log vom TDSS-Killer ist unvollständig, die untere Zusammenfassung fehlt
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 12.06.2013, 08:59   #13
lachshappen
 
Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf - Standard

Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf



ups, habe wohl etwas voreilig schon aus dem log kopiert, bevor ich die Funde geskipt habe. habe es nun erneut durchlaufen lassen, hier mit unterem Teil:

Code:
ATTFilter
09:56:05.0441 10916  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
09:56:05.0910 10916  ============================================================
09:56:05.0910 10916  Current date / time: 2013/06/12 09:56:05.0910
09:56:05.0910 10916  SystemInfo:
09:56:05.0910 10916  
09:56:05.0910 10916  OS Version: 6.1.7601 ServicePack: 1.0
09:56:05.0910 10916  Product type: Workstation
09:56:05.0910 10916  ComputerName: computer-PC
09:56:05.0910 10916  UserName: computer
09:56:05.0910 10916  Windows directory: C:\Windows
09:56:05.0910 10916  System windows directory: C:\Windows
09:56:05.0910 10916  Running under WOW64
09:56:05.0910 10916  Processor architecture: Intel x64
09:56:05.0910 10916  Number of processors: 8
09:56:05.0910 10916  Page size: 0x1000
09:56:05.0910 10916  Boot type: Normal boot
09:56:05.0910 10916  ============================================================
09:56:06.0532 10916  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:56:06.0539 10916  Drive \Device\Harddisk1\DR3 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:56:15.0129 10916  ============================================================
09:56:15.0129 10916  \Device\Harddisk0\DR0:
09:56:15.0130 10916  MBR partitions:
09:56:15.0130 10916  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x34000, BlocksNum 0x2710000
09:56:15.0130 10916  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2744000, BlocksNum 0x54E01EF0
09:56:15.0130 10916  \Device\Harddisk1\DR3:
09:56:15.0130 10916  MBR partitions:
09:56:15.0130 10916  \Device\Harddisk1\DR3\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
09:56:15.0130 10916  ============================================================
09:56:15.0205 10916  C: <-> \Device\Harddisk0\DR0\Partition2
09:56:15.0216 10916  E: <-> \Device\Harddisk1\DR3\Partition1
09:56:15.0216 10916  ============================================================
09:56:15.0216 10916  Initialize success
09:56:15.0217 10916  ============================================================
09:56:23.0053 9532  ============================================================
09:56:23.0053 9532  Scan started
09:56:23.0053 9532  Mode: Manual; SigCheck; TDLFS; 
09:56:23.0053 9532  ============================================================
09:56:24.0099 9532  ================ Scan system memory ========================
09:56:24.0099 9532  System memory - ok
09:56:24.0100 9532  ================ Scan services =============================
09:56:24.0281 9532  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
09:56:24.0557 9532  1394ohci - ok
09:56:24.0594 9532  [ E0065CBF1A25C015C218457D2CD522B9 ] Acceler         C:\Windows\system32\DRIVERS\Accelern.sys
09:56:24.0694 9532  Acceler - ok
09:56:24.0717 9532  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
09:56:24.0732 9532  ACPI - ok
09:56:24.0748 9532  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
09:56:24.0804 9532  AcpiPmi - ok
09:56:24.0889 9532  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:56:24.0997 9532  AdobeARMservice - ok
09:56:25.0113 9532  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:56:25.0148 9532  AdobeFlashPlayerUpdateSvc - ok
09:56:25.0193 9532  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
09:56:25.0256 9532  adp94xx - ok
09:56:25.0282 9532  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
09:56:25.0336 9532  adpahci - ok
09:56:25.0353 9532  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
09:56:25.0399 9532  adpu320 - ok
09:56:25.0433 9532  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
09:56:25.0491 9532  AeLookupSvc - ok
09:56:25.0537 9532  [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
09:56:25.0647 9532  AERTFilters - ok
09:56:25.0693 9532  [ D5B031C308A409A0A576BFF4CF083D30 ] AFD             C:\Windows\system32\drivers\afd.sys
09:56:25.0790 9532  AFD - ok
09:56:25.0808 9532  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
09:56:25.0820 9532  agp440 - ok
09:56:25.0836 9532  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
09:56:25.0854 9532  ALG - ok
09:56:25.0868 9532  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
09:56:25.0879 9532  aliide - ok
09:56:25.0899 9532  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
09:56:25.0909 9532  amdide - ok
09:56:25.0917 9532  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
09:56:25.0933 9532  AmdK8 - ok
09:56:25.0948 9532  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
09:56:25.0964 9532  AmdPPM - ok
09:56:25.0973 9532  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
09:56:26.0021 9532  amdsata - ok
09:56:26.0054 9532  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
09:56:26.0101 9532  amdsbs - ok
09:56:26.0117 9532  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
09:56:26.0144 9532  amdxata - ok
09:56:26.0206 9532  [ 7D9E301AB3247765702D0B65E2E47E50 ] AMPPAL          C:\Windows\system32\DRIVERS\AMPPAL.sys
09:56:26.0333 9532  AMPPAL - ok
09:56:26.0340 9532  [ 7D9E301AB3247765702D0B65E2E47E50 ] AMPPALP         C:\Windows\system32\DRIVERS\amppal.sys
09:56:26.0353 9532  AMPPALP - ok
09:56:26.0405 9532  [ 864C632B999BE1237A3DC46736E71F27 ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
09:56:26.0505 9532  AMPPALR3 - ok
09:56:26.0525 9532  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
09:56:26.0675 9532  AppID - ok
09:56:26.0692 9532  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
09:56:26.0725 9532  AppIDSvc - ok
09:56:26.0742 9532  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
09:56:26.0809 9532  Appinfo - ok
09:56:26.0848 9532  [ D8E18021F91AD79CA8491CB5A5DA22D4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:56:26.0968 9532  Apple Mobile Device - ok
09:56:26.0983 9532  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
09:56:26.0994 9532  arc - ok
09:56:27.0007 9532  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
09:56:27.0020 9532  arcsas - ok
09:56:27.0100 9532  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:56:27.0198 9532  aspnet_state - ok
09:56:27.0225 9532  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
09:56:27.0259 9532  AsyncMac - ok
09:56:27.0295 9532  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
09:56:27.0306 9532  atapi - ok
09:56:27.0340 9532  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:56:27.0475 9532  AudioEndpointBuilder - ok
09:56:27.0495 9532  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
09:56:27.0565 9532  AudioSrv - ok
09:56:27.0584 9532  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
09:56:27.0713 9532  AxInstSV - ok
09:56:27.0762 9532  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
09:56:27.0835 9532  b06bdrv - ok
09:56:27.0860 9532  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
09:56:27.0910 9532  b57nd60a - ok
09:56:27.0933 9532  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
09:56:27.0984 9532  BDESVC - ok
09:56:28.0000 9532  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
09:56:28.0092 9532  Beep - ok
09:56:28.0138 9532  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
09:56:28.0256 9532  BFE - ok
09:56:28.0291 9532  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
09:56:28.0383 9532  BITS - ok
09:56:28.0401 9532  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
09:56:28.0417 9532  blbdrive - ok
09:56:28.0454 9532  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:56:28.0543 9532  Bonjour Service - ok
09:56:28.0564 9532  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:56:28.0580 9532  bowser - ok
09:56:28.0595 9532  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
09:56:28.0612 9532  BrFiltLo - ok
09:56:28.0620 9532  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
09:56:28.0638 9532  BrFiltUp - ok
09:56:28.0655 9532  [ 8EF0D5C41EC907751B8429162B1239ED ] Browser         C:\Windows\System32\browser.dll
09:56:28.0712 9532  Browser - ok
09:56:28.0739 9532  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\system32\DRIVERS\BrSerId.sys
09:56:28.0763 9532  Brserid - ok
09:56:28.0776 9532  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
09:56:28.0794 9532  BrSerWdm - ok
09:56:28.0796 9532  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
09:56:28.0813 9532  BrUsbMdm - ok
09:56:28.0820 9532  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\system32\DRIVERS\BrUsbSer.sys
09:56:28.0834 9532  BrUsbSer - ok
09:56:28.0854 9532  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
09:56:28.0873 9532  BTHMODEM - ok
09:56:28.0900 9532  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
09:56:28.0991 9532  bthserv - ok
09:56:29.0006 9532  [ 9E2AF97302B9F4BF97E952A865EB31AE ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
09:56:29.0058 9532  BTHSSecurityMgr - ok
09:56:29.0070 9532  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:56:29.0104 9532  cdfs - ok
09:56:29.0129 9532  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
09:56:29.0179 9532  cdrom - ok
09:56:29.0197 9532  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
09:56:29.0254 9532  CertPropSvc - ok
09:56:29.0281 9532  [ D2B3252AD4EB499C935A56467997AA3C ] cfwids          C:\Windows\system32\drivers\cfwids.sys
09:56:29.0325 9532  cfwids - ok
09:56:29.0343 9532  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
09:56:29.0359 9532  circlass - ok
09:56:29.0380 9532  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
09:56:29.0393 9532  CLFS - ok
09:56:29.0440 9532  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:56:29.0473 9532  clr_optimization_v2.0.50727_32 - ok
09:56:29.0516 9532  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:56:29.0551 9532  clr_optimization_v2.0.50727_64 - ok
09:56:29.0621 9532  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:56:29.0734 9532  clr_optimization_v4.0.30319_32 - ok
09:56:29.0751 9532  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:56:29.0805 9532  clr_optimization_v4.0.30319_64 - ok
09:56:29.0816 9532  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
09:56:29.0831 9532  CmBatt - ok
09:56:29.0847 9532  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
09:56:29.0858 9532  cmdide - ok
09:56:29.0912 9532  [ D5FEA92400F12412B3922087C09DA6A5 ] CNG             C:\Windows\system32\Drivers\cng.sys
09:56:29.0957 9532  CNG - ok
09:56:29.0991 9532  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
09:56:29.0999 9532  Compbatt - ok
09:56:30.0068 9532  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
09:56:30.0163 9532  CompositeBus - ok
09:56:30.0166 9532  COMSysApp - ok
09:56:30.0177 9532  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
09:56:30.0188 9532  crcdisk - ok
09:56:30.0217 9532  [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:56:30.0274 9532  CryptSvc - ok
09:56:30.0307 9532  [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
09:56:30.0376 9532  CtClsFlt - ok
09:56:30.0409 9532  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:56:30.0476 9532  DcomLaunch - ok
09:56:30.0502 9532  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
09:56:30.0539 9532  defragsvc - ok
09:56:30.0561 9532  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
09:56:30.0591 9532  DfsC - ok
09:56:30.0608 9532  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
09:56:30.0707 9532  Dhcp - ok
09:56:30.0716 9532  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
09:56:30.0767 9532  discache - ok
09:56:30.0784 9532  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
09:56:30.0794 9532  Disk - ok
09:56:30.0817 9532  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:56:30.0890 9532  Dnscache - ok
09:56:30.0899 9532  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
09:56:30.0958 9532  dot3svc - ok
09:56:30.0972 9532  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
09:56:31.0004 9532  DPS - ok
09:56:31.0028 9532  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:56:31.0046 9532  drmkaud - ok
09:56:31.0072 9532  [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
09:56:31.0166 9532  dtsoftbus01 - ok
09:56:31.0188 9532  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:56:31.0303 9532  DXGKrnl - ok
09:56:31.0323 9532  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
09:56:31.0357 9532  EapHost - ok
09:56:31.0406 9532  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
09:56:31.0463 9532  ebdrv - ok
09:56:31.0477 9532  [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS             C:\Windows\System32\lsass.exe
09:56:31.0491 9532  EFS - ok
09:56:31.0533 9532  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
09:56:31.0605 9532  ehRecvr - ok
09:56:31.0610 9532  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
09:56:31.0631 9532  ehSched - ok
09:56:31.0653 9532  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
09:56:31.0678 9532  elxstor - ok
09:56:31.0689 9532  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
09:56:31.0732 9532  ErrDev - ok
09:56:31.0770 9532  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
09:56:31.0844 9532  EventSystem - ok
09:56:31.0918 9532  [ E3A96D5AE6E5C7B5472011BA77353368 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
09:56:32.0023 9532  EvtEng - ok
09:56:32.0055 9532  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
09:56:32.0111 9532  exfat - ok
09:56:32.0123 9532  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:56:32.0167 9532  fastfat - ok
09:56:32.0195 9532  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
09:56:32.0309 9532  Fax - ok
09:56:32.0323 9532  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
09:56:32.0338 9532  fdc - ok
09:56:32.0356 9532  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
09:56:32.0390 9532  fdPHost - ok
09:56:32.0393 9532  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:56:32.0425 9532  FDResPub - ok
09:56:32.0431 9532  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:56:32.0440 9532  FileInfo - ok
09:56:32.0451 9532  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:56:32.0484 9532  Filetrace - ok
09:56:32.0496 9532  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
09:56:32.0510 9532  flpydisk - ok
09:56:32.0532 9532  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:56:32.0544 9532  FltMgr - ok
09:56:32.0577 9532  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
09:56:32.0670 9532  FontCache - ok
09:56:32.0714 9532  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:56:32.0802 9532  FontCache3.0.0.0 - ok
09:56:32.0809 9532  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
09:56:32.0820 9532  FsDepends - ok
09:56:32.0829 9532  [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:56:32.0838 9532  Fs_Rec - ok
09:56:32.0868 9532  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
09:56:32.0882 9532  fvevol - ok
09:56:32.0897 9532  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
09:56:32.0939 9532  gagp30kx - ok
09:56:33.0006 9532  [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:56:33.0093 9532  GEARAspiWDM - ok
09:56:33.0125 9532  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
09:56:33.0189 9532  gpsvc - ok
09:56:33.0283 9532  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:56:33.0310 9532  gupdate - ok
09:56:33.0328 9532  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:56:33.0347 9532  gupdatem - ok
09:56:33.0361 9532  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
09:56:33.0399 9532  hcw85cir - ok
09:56:33.0429 9532  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
09:56:33.0521 9532  HDAudBus - ok
09:56:33.0530 9532  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
09:56:33.0544 9532  HidBatt - ok
09:56:33.0561 9532  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
09:56:33.0578 9532  HidBth - ok
09:56:33.0599 9532  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
09:56:33.0630 9532  HidIr - ok
09:56:33.0645 9532  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
09:56:33.0734 9532  hidserv - ok
09:56:33.0758 9532  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
09:56:33.0770 9532  HidUsb - ok
09:56:33.0826 9532  [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK      C:\Windows\system32\drivers\HipShieldK.sys
09:56:33.0931 9532  HipShieldK - ok
09:56:33.0952 9532  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:56:34.0093 9532  hkmsvc - ok
09:56:34.0125 9532  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:56:34.0169 9532  HomeGroupListener - ok
09:56:34.0185 9532  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:56:34.0224 9532  HomeGroupProvider - ok
09:56:34.0253 9532  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
09:56:34.0301 9532  HpSAMD - ok
09:56:34.0325 9532  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:56:34.0405 9532  HTTP - ok
09:56:34.0419 9532  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
09:56:34.0434 9532  hwpolicy - ok
09:56:34.0457 9532  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
09:56:34.0483 9532  i8042prt - ok
09:56:34.0533 9532  [ D469B77687E12FE43E344806740B624D ] iaStor          C:\Windows\system32\drivers\iaStor.sys
09:56:34.0550 9532  iaStor - ok
09:56:34.0586 9532  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
09:56:34.0648 9532  iaStorV - ok
09:56:34.0705 9532  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:56:34.0780 9532  idsvc - ok
09:56:35.0077 9532  [ 795C99DC4F574C97C03D0BB39CF099EE ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
09:56:35.0223 9532  igfx - ok
09:56:35.0239 9532  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
09:56:35.0251 9532  iirsp - ok
09:56:35.0288 9532  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
09:56:35.0395 9532  IKEEXT - ok
09:56:35.0438 9532  [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd           C:\Windows\system32\drivers\Impcd.sys
09:56:35.0491 9532  Impcd - ok
09:56:35.0570 9532  [ 8FED6428FDE53D7F4C105095F22524BE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:56:35.0761 9532  IntcAzAudAddService - ok
09:56:35.0780 9532  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
09:56:35.0847 9532  IntcDAud - ok
09:56:35.0879 9532  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
09:56:35.0888 9532  intelide - ok
09:56:35.0913 9532  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
09:56:35.0961 9532  intelppm - ok
09:56:35.0987 9532  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
09:56:36.0071 9532  IPBusEnum - ok
09:56:36.0091 9532  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:56:36.0157 9532  IpFilterDriver - ok
09:56:36.0216 9532  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:56:36.0370 9532  iphlpsvc - ok
09:56:36.0402 9532  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
09:56:36.0450 9532  IPMIDRV - ok
09:56:36.0455 9532  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
09:56:36.0491 9532  IPNAT - ok
09:56:36.0544 9532  [ 3C0D4B3E80FC4854CA325DD123CC4DED ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
09:56:36.0659 9532  iPod Service - ok
09:56:36.0679 9532  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:56:36.0697 9532  IRENUM - ok
09:56:36.0710 9532  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:56:36.0721 9532  isapnp - ok
09:56:36.0738 9532  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
09:56:36.0897 9532  iScsiPrt - ok
09:56:36.0934 9532  [ E56417C56B6A7316B6F527C890A1860D ] JMCR            C:\Windows\system32\DRIVERS\jmcr.sys
09:56:36.0982 9532  JMCR - ok
09:56:37.0000 9532  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
09:56:37.0012 9532  kbdclass - ok
09:56:37.0027 9532  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
09:56:37.0080 9532  kbdhid - ok
09:56:37.0101 9532  [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso          C:\Windows\system32\lsass.exe
09:56:37.0125 9532  KeyIso - ok
09:56:37.0152 9532  [ CCD53B5BD33CE0C889E830D839C8B66E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:56:37.0169 9532  KSecDD - ok
09:56:37.0183 9532  [ 9FF918A261752C12639E8AD4208D2C2F ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
09:56:37.0193 9532  KSecPkg - ok
09:56:37.0201 9532  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
09:56:37.0245 9532  ksthunk - ok
09:56:37.0268 9532  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:56:37.0324 9532  KtmRm - ok
09:56:37.0368 9532  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
09:56:37.0440 9532  LanmanServer - ok
09:56:37.0456 9532  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:56:37.0524 9532  LanmanWorkstation - ok
09:56:37.0550 9532  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:56:37.0589 9532  lltdio - ok
09:56:37.0633 9532  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:56:37.0679 9532  lltdsvc - ok
09:56:37.0702 9532  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:56:37.0745 9532  lmhosts - ok
09:56:37.0840 9532  [ 7F32D4C47A50E7223491E8FB9359907D ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
09:56:37.0944 9532  LMS - ok
09:56:37.0980 9532  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
09:56:37.0994 9532  LSI_FC - ok
09:56:38.0016 9532  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
09:56:38.0029 9532  LSI_SAS - ok
09:56:38.0034 9532  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
09:56:38.0046 9532  LSI_SAS2 - ok
09:56:38.0052 9532  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
09:56:38.0065 9532  LSI_SCSI - ok
09:56:38.0086 9532  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
09:56:38.0118 9532  luafv - ok
09:56:38.0184 9532  [ B6BD99C3E23507A732C474CAA620C0D7 ] McAWFwk         c:\PROGRA~1\mcafee\msc\mcawfwk.exe
09:56:38.0332 9532  McAWFwk - ok
09:56:38.0417 9532  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
09:56:38.0504 9532  McMPFSvc - ok
09:56:38.0510 9532  [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
09:56:38.0520 9532  mcmscsvc - ok
09:56:38.0524 9532  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
09:56:38.0534 9532  McNaiAnn - ok
09:56:38.0550 9532  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc         C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
09:56:38.0560 9532  McNASvc - ok
09:56:38.0623 9532  [ 1814532DB0404C5FB65AA3EB051B2BE5 ] McODS           C:\Program Files\mcafee\VirusScan\mcods.exe
09:56:38.0754 9532  McODS - ok
09:56:38.0772 9532  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McOobeSv        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
09:56:38.0786 9532  McOobeSv - ok
09:56:38.0809 9532  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy         C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
09:56:38.0825 9532  McProxy - ok
09:56:38.0910 9532  [ 21F81090A00932C5E96700EDF2977582 ] McShield        C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
09:56:38.0971 9532  McShield - ok
09:56:38.0998 9532  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
09:56:39.0049 9532  Mcx2Svc - ok
09:56:39.0076 9532  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
09:56:39.0089 9532  megasas - ok
09:56:39.0106 9532  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
09:56:39.0128 9532  MegaSR - ok
09:56:39.0155 9532  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
09:56:39.0201 9532  MEIx64 - ok
09:56:39.0219 9532  [ B1720E97FABBDF7D30B36DAF19C3DEE8 ] mfeapfk         C:\Windows\system32\drivers\mfeapfk.sys
09:56:39.0268 9532  mfeapfk - ok
09:56:39.0291 9532  [ 113F1534B80D65DFDCA660F19967A3B7 ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
09:56:39.0388 9532  mfeavfk - ok
09:56:39.0408 9532  mfeavfk01 - ok
09:56:39.0467 9532  [ C4F521310E40327BBC8E8E71DA344F48 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
09:56:39.0617 9532  mfefire - ok
09:56:39.0638 9532  [ CECC9841D036EE008091825272D91331 ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
09:56:39.0749 9532  mfefirek - ok
09:56:39.0792 9532  [ EF0F85EDBDF6C0AB467E88E0CEE2B346 ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
09:56:39.0850 9532  mfehidk - ok
09:56:39.0868 9532  [ 6E3A46BF6CBB80450CC24F80FE03ED5A ] mferkdet        C:\Windows\system32\drivers\mferkdet.sys
09:56:39.0931 9532  mferkdet - ok
09:56:40.0017 9532  [ 341BFCAA3A55C08E8C9ECB1654ACA905 ] mfevtp          C:\Windows\system32\mfevtps.exe
09:56:40.0067 9532  mfevtp - ok
09:56:40.0078 9532  [ 2802D09F1B6ED502237539563F3C4992 ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
09:56:40.0091 9532  mfewfpk - ok
09:56:40.0118 9532  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
09:56:40.0152 9532  MMCSS - ok
09:56:40.0169 9532  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
09:56:40.0202 9532  Modem - ok
09:56:40.0226 9532  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
09:56:40.0270 9532  monitor - ok
09:56:40.0293 9532  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
09:56:40.0331 9532  mouclass - ok
09:56:40.0345 9532  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
09:56:40.0383 9532  mouhid - ok
09:56:40.0403 9532  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
09:56:40.0435 9532  mountmgr - ok
09:56:40.0501 9532  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:56:40.0602 9532  MozillaMaintenance - ok
09:56:40.0616 9532  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
09:56:40.0668 9532  mpio - ok
09:56:40.0672 9532  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:56:40.0708 9532  mpsdrv - ok
09:56:40.0731 9532  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:56:40.0801 9532  MpsSvc - ok
09:56:40.0811 9532  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:56:40.0871 9532  MRxDAV - ok
09:56:40.0896 9532  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:56:40.0930 9532  mrxsmb - ok
09:56:40.0953 9532  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:56:40.0978 9532  mrxsmb10 - ok
09:56:40.0990 9532  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:56:41.0006 9532  mrxsmb20 - ok
09:56:41.0028 9532  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
09:56:41.0092 9532  msahci - ok
09:56:41.0107 9532  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
09:56:41.0173 9532  msdsm - ok
09:56:41.0189 9532  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
09:56:41.0211 9532  MSDTC - ok
09:56:41.0258 9532  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:56:41.0292 9532  Msfs - ok
09:56:41.0310 9532  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
09:56:41.0348 9532  mshidkmdf - ok
09:56:41.0357 9532  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:56:41.0367 9532  msisadrv - ok
09:56:41.0402 9532  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:56:41.0447 9532  MSiSCSI - ok
09:56:41.0453 9532  msiserver - ok
09:56:41.0475 9532  [ F928E5E72BBA15DD0CE9A26E0413D236 ] MSK80Service    C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
09:56:41.0488 9532  MSK80Service - ok
09:56:41.0541 9532  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:56:41.0579 9532  MSKSSRV - ok
09:56:41.0605 9532  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:56:41.0639 9532  MSPCLOCK - ok
09:56:41.0657 9532  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:56:41.0690 9532  MSPQM - ok
09:56:41.0705 9532  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:56:41.0721 9532  MsRPC - ok
09:56:41.0732 9532  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
09:56:41.0744 9532  mssmbios - ok
09:56:41.0748 9532  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:56:41.0782 9532  MSTEE - ok
09:56:41.0797 9532  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
09:56:41.0812 9532  MTConfig - ok
09:56:41.0831 9532  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
09:56:41.0840 9532  Mup - ok
09:56:41.0883 9532  [ 8F57DB74BF5407A4CDA6C8B005DC8DD0 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
09:56:42.0012 9532  MyWiFiDHCPDNS - ok
09:56:42.0051 9532  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
09:56:42.0118 9532  napagent - ok
09:56:42.0148 9532  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:56:42.0175 9532  NativeWifiP - ok
09:56:42.0214 9532  [ C38B8AE57F78915905064A9A24DC1586 ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:56:42.0239 9532  NDIS - ok
09:56:42.0252 9532  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
09:56:42.0288 9532  NdisCap - ok
09:56:42.0314 9532  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:56:42.0347 9532  NdisTapi - ok
09:56:42.0357 9532  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:56:42.0423 9532  Ndisuio - ok
09:56:42.0432 9532  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:56:42.0501 9532  NdisWan - ok
09:56:42.0526 9532  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:56:42.0634 9532  NDProxy - ok
09:56:42.0647 9532  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:56:42.0678 9532  NetBIOS - ok
09:56:42.0703 9532  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
09:56:42.0775 9532  NetBT - ok
09:56:42.0810 9532  [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon        C:\Windows\system32\lsass.exe
09:56:42.0851 9532  Netlogon - ok
09:56:42.0895 9532  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
09:56:42.0962 9532  Netman - ok
09:56:42.0985 9532  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:56:43.0040 9532  NetMsmqActivator - ok
09:56:43.0044 9532  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:56:43.0055 9532  NetPipeActivator - ok
09:56:43.0077 9532  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
09:56:43.0123 9532  netprofm - ok
09:56:43.0127 9532  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:56:43.0138 9532  NetTcpActivator - ok
09:56:43.0144 9532  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:56:43.0154 9532  NetTcpPortSharing - ok
09:56:43.0335 9532  [ 50AD7F7040C22BB7CAA59A0880875A21 ] NETwNs64        C:\Windows\system32\DRIVERS\NETwNs64.sys
09:56:43.0465 9532  NETwNs64 - ok
09:56:43.0493 9532  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
09:56:43.0504 9532  nfrd960 - ok
09:56:43.0543 9532  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:56:43.0640 9532  NlaSvc - ok
09:56:43.0746 9532  [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU            C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
09:56:43.0833 9532  NOBU - ok
09:56:43.0837 9532  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:56:43.0868 9532  Npfs - ok
09:56:43.0878 9532  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
09:56:43.0911 9532  nsi - ok
09:56:43.0920 9532  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:56:43.0953 9532  nsiproxy - ok
09:56:44.0004 9532  [ A2F74975097F52A00745F9637451FDD8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:56:44.0088 9532  Ntfs - ok
09:56:44.0101 9532  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
09:56:44.0171 9532  Null - ok
09:56:44.0197 9532  [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
09:56:44.0261 9532  nusb3hub - ok
09:56:44.0288 9532  [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
09:56:44.0405 9532  nusb3xhc - ok
09:56:44.0439 9532  [ F2662FDC20518EE8A8EED4F61BA42349 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
09:56:44.0499 9532  NVHDA - ok
09:56:44.0738 9532  [ 573B0941A37AEBEE96085D56A103F57B ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:56:44.0945 9532  nvlddmkm - ok
09:56:44.0959 9532  [ 43AF7EBEAC2AB623468E32CADDCB61A4 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
09:56:44.0967 9532  nvpciflt - ok
09:56:44.0991 9532  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:56:45.0083 9532  nvraid - ok
09:56:45.0099 9532  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:56:45.0159 9532  nvstor - ok
09:56:45.0177 9532  [ 9E01B716C8085F7ADB1CDC10103CEEF8 ] NvStUSB         C:\Windows\system32\drivers\nvstusb.sys
09:56:45.0269 9532  NvStUSB - ok
09:56:45.0314 9532  [ C500760572C6059918FB0C960967695B ] NVSvc           C:\Windows\system32\nvvsvc.exe
09:56:45.0372 9532  NVSvc - ok
09:56:45.0456 9532  [ F28169A7ADF7B41809CF92D369E744F0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
09:56:45.0648 9532  nvUpdatusService - ok
09:56:45.0677 9532  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:56:45.0711 9532  nv_agp - ok
09:56:45.0729 9532  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
09:56:45.0766 9532  ohci1394 - ok
09:56:45.0839 9532  [ EC322186D8FCE3D632F3F597D67747DD ] OpenVPNService  C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
09:56:46.0028 9532  OpenVPNService ( UnsignedFile.Multi.Generic ) - warning
09:56:46.0028 9532  OpenVPNService - detected UnsignedFile.Multi.Generic (1)
09:56:46.0088 9532  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:56:46.0227 9532  ose - ok
09:56:46.0363 9532  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:56:46.0631 9532  osppsvc - ok
09:56:46.0655 9532  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
09:56:46.0677 9532  p2pimsvc - ok
09:56:46.0689 9532  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
09:56:46.0711 9532  p2psvc - ok
09:56:46.0719 9532  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
09:56:46.0735 9532  Parport - ok
09:56:46.0747 9532  [ 871EADAC56B0A4C6512BBE32753CCF79 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:56:46.0757 9532  partmgr - ok
09:56:46.0764 9532  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:56:46.0786 9532  PcaSvc - ok
09:56:46.0916 9532  [ 4B5F5774FF1C577B9515FDD2B5C535C5 ] PCDSRVC{D3412D80-CF3B4A27-06020200}_0 c:\program files\my dell\pcdsrvc_x64.pkms
09:56:47.0576 9532  PCDSRVC{D3412D80-CF3B4A27-06020200}_0 - ok
09:56:47.0612 9532  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
09:56:47.0648 9532  pci - ok
09:56:47.0669 9532  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
09:56:47.0704 9532  pciide - ok
09:56:47.0735 9532  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
09:56:47.0773 9532  pcmcia - ok
09:56:47.0787 9532  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
09:56:47.0797 9532  pcw - ok
09:56:47.0815 9532  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:56:47.0900 9532  PEAUTH - ok
09:56:47.0963 9532  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
09:56:48.0006 9532  PerfHost - ok
09:56:48.0063 9532  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
09:56:48.0182 9532  pla - ok
09:56:48.0227 9532  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:56:48.0300 9532  PlugPlay - ok
09:56:48.0325 9532  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
09:56:48.0344 9532  PNRPAutoReg - ok
09:56:48.0371 9532  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
09:56:48.0392 9532  PNRPsvc - ok
09:56:48.0428 9532  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:56:48.0506 9532  PolicyAgent - ok
09:56:48.0530 9532  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
09:56:48.0573 9532  Power - ok
09:56:48.0585 9532  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:56:48.0667 9532  PptpMiniport - ok
09:56:48.0675 9532  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
09:56:48.0693 9532  Processor - ok
09:56:48.0715 9532  [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc         C:\Windows\system32\profsvc.dll
09:56:48.0786 9532  ProfSvc - ok
09:56:48.0818 9532  [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
09:56:48.0833 9532  ProtectedStorage - ok
09:56:48.0853 9532  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
09:56:48.0934 9532  Psched - ok
09:56:48.0968 9532  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
09:56:48.0978 9532  PxHlpa64 - ok
09:56:49.0006 9532  [ 0928BD20273625622722FE1DE5BBDE57 ] qicflt          C:\Windows\system32\DRIVERS\qicflt.sys
09:56:49.0059 9532  qicflt - ok
09:56:49.0118 9532  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
09:56:49.0193 9532  ql2300 - ok
09:56:49.0235 9532  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
09:56:49.0253 9532  ql40xx - ok
09:56:49.0276 9532  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
09:56:49.0301 9532  QWAVE - ok
09:56:49.0318 9532  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:56:49.0345 9532  QWAVEdrv - ok
09:56:49.0365 9532  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:56:49.0407 9532  RasAcd - ok
09:56:49.0441 9532  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
09:56:49.0476 9532  RasAgileVpn - ok
09:56:49.0489 9532  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
09:56:49.0525 9532  RasAuto - ok
09:56:49.0537 9532  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
09:56:49.0606 9532  Rasl2tp - ok
09:56:49.0621 9532  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
09:56:49.0685 9532  RasMan - ok
09:56:49.0696 9532  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:56:49.0732 9532  RasPppoe - ok
09:56:49.0741 9532  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
09:56:49.0775 9532  RasSstp - ok
09:56:49.0789 9532  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:56:49.0824 9532  rdbss - ok
09:56:49.0840 9532  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
09:56:49.0858 9532  rdpbus - ok
09:56:49.0882 9532  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
09:56:49.0916 9532  RDPCDD - ok
09:56:49.0927 9532  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
09:56:49.0960 9532  RDPENCDD - ok
09:56:49.0971 9532  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
09:56:50.0003 9532  RDPREFMP - ok
09:56:50.0019 9532  [ 15B66C206B5CB095BAB980553F38ED23 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
09:56:50.0089 9532  RDPWD - ok
09:56:50.0113 9532  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
09:56:50.0126 9532  rdyboost - ok
09:56:50.0192 9532  [ FD11C1287D38A46FB72353E14D50089C ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
09:56:50.0286 9532  RegSrvc - ok
09:56:50.0328 9532  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:56:50.0373 9532  RemoteAccess - ok
09:56:50.0397 9532  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:56:50.0432 9532  RemoteRegistry - ok
09:56:50.0547 9532  [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
09:56:50.0687 9532  RoxMediaDB12OEM - ok
09:56:50.0717 9532  [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12      C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
09:56:50.0780 9532  RoxWatch12 - ok
09:56:50.0793 9532  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
09:56:50.0834 9532  RpcEptMapper - ok
09:56:50.0880 9532  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
09:56:50.0900 9532  RpcLocator - ok
09:56:50.0916 9532  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
09:56:50.0964 9532  RpcSs - ok
09:56:50.0978 9532  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:56:51.0019 9532  rspndr - ok
09:56:51.0056 9532  [ ED5873F7DFB2F96D37F13322211B6BDC ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
09:56:51.0118 9532  RTL8167 - ok
09:56:51.0126 9532  [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs           C:\Windows\system32\lsass.exe
09:56:51.0139 9532  SamSs - ok
09:56:51.0159 9532  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:56:51.0209 9532  sbp2port - ok
09:56:51.0232 9532  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:56:51.0270 9532  SCardSvr - ok
09:56:51.0274 9532  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
09:56:51.0345 9532  scfilter - ok
09:56:51.0371 9532  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
09:56:51.0450 9532  Schedule - ok
09:56:51.0471 9532  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:56:51.0501 9532  SCPolicySvc - ok
09:56:51.0538 9532  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
09:56:51.0655 9532  sdbus - ok
09:56:51.0677 9532  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:56:51.0722 9532  SDRSVC - ok
09:56:51.0748 9532  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:56:51.0811 9532  secdrv - ok
09:56:51.0825 9532  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
09:56:51.0882 9532  seclogon - ok
09:56:51.0897 9532  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
09:56:51.0929 9532  SENS - ok
09:56:51.0948 9532  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
09:56:51.0966 9532  SensrSvc - ok
09:56:51.0989 9532  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
09:56:52.0003 9532  Serenum - ok
09:56:52.0007 9532  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
09:56:52.0021 9532  Serial - ok
09:56:52.0029 9532  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
09:56:52.0072 9532  sermouse - ok
09:56:52.0122 9532  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
09:56:52.0200 9532  SessionEnv - ok
09:56:52.0214 9532  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
09:56:52.0232 9532  sffdisk - ok
09:56:52.0243 9532  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
09:56:52.0260 9532  sffp_mmc - ok
09:56:52.0265 9532  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
09:56:52.0314 9532  sffp_sd - ok
09:56:52.0323 9532  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
09:56:52.0338 9532  sfloppy - ok
09:56:52.0433 9532  [ 1968E6EBBEECF61D5F7D8603467E2AD0 ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
09:56:52.0605 9532  SftService - ok
09:56:52.0626 9532  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:56:52.0682 9532  SharedAccess - ok
09:56:52.0700 9532  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:56:52.0760 9532  ShellHWDetection - ok
09:56:52.0770 9532  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
09:56:52.0782 9532  SiSRaid2 - ok
09:56:52.0786 9532  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
09:56:52.0799 9532  SiSRaid4 - ok
09:56:52.0826 9532  [ 6128E98EAAED364ED1A32708D2FD22CB ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
09:56:55.0461 9532  SkypeUpdate - ok
09:56:55.0494 9532  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
09:56:55.0580 9532  Smb - ok
09:56:55.0609 9532  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:56:55.0626 9532  SNMPTRAP - ok
09:56:55.0635 9532  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
09:56:55.0644 9532  spldr - ok
09:56:55.0664 9532  [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler         C:\Windows\System32\spoolsv.exe
09:56:55.0763 9532  Spooler - ok
09:56:55.0843 9532  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
09:56:56.0093 9532  sppsvc - ok
09:56:56.0110 9532  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
09:56:56.0145 9532  sppuinotify - ok
09:56:56.0168 9532  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:56:56.0198 9532  srv - ok
09:56:56.0218 9532  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:56:56.0240 9532  srv2 - ok
09:56:56.0262 9532  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:56:56.0293 9532  srvnet - ok
09:56:56.0313 9532  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:56:56.0349 9532  SSDPSRV - ok
09:56:56.0358 9532  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:56:56.0392 9532  SstpSvc - ok
09:56:56.0420 9532  [ 92E7F6666633D2DD91D527503DAA7BE0 ] stdcfltn        C:\Windows\system32\DRIVERS\stdcfltn.sys
09:56:56.0427 9532  stdcfltn - ok
09:56:56.0474 9532  [ 0683504BBB3FFC0A73D9D217B63DD0E0 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
09:56:56.0571 9532  Stereo Service - ok
09:56:56.0603 9532  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
09:56:56.0614 9532  stexstor - ok
09:56:56.0660 9532  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
09:56:56.0814 9532  stisvc - ok
09:56:56.0848 9532  [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr        C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
09:56:56.0900 9532  stllssvr - ok
09:56:56.0912 9532  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
09:56:56.0924 9532  swenum - ok
09:56:56.0999 9532  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
09:56:57.0106 9532  SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
09:56:57.0106 9532  SwitchBoard - detected UnsignedFile.Multi.Generic (1)
09:56:57.0143 9532  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
09:56:57.0185 9532  swprv - ok
09:56:57.0228 9532  [ B0C7D4DCF4800DF2F2145B500D0161E8 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
09:56:57.0341 9532  SynTP - ok
09:56:57.0384 9532  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
09:56:57.0418 9532  SysMain - ok
09:56:57.0428 9532  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:56:57.0472 9532  TabletInputService - ok
09:56:57.0527 9532  [ F9BE29D5E097F03F81D3CD12B794CB66 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
09:56:57.0627 9532  tap0901 - ok
09:56:57.0646 9532  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:56:57.0705 9532  TapiSrv - ok
09:56:57.0715 9532  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
09:56:57.0749 9532  TBS - ok
09:56:57.0802 9532  [ F0E98C00A09FDF791525829A1D14240F ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:56:57.0913 9532  Tcpip - ok
09:56:57.0951 9532  [ F0E98C00A09FDF791525829A1D14240F ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
09:56:57.0997 9532  TCPIP6 - ok
09:56:58.0013 9532  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:56:58.0108 9532  tcpipreg - ok
09:56:58.0129 9532  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
09:56:58.0163 9532  TDPIPE - ok
09:56:58.0177 9532  [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
09:56:58.0210 9532  TDTCP - ok
09:56:58.0225 9532  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:56:58.0292 9532  tdx - ok
09:56:58.0307 9532  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
09:56:58.0344 9532  TermDD - ok
09:56:58.0367 9532  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
09:56:58.0431 9532  TermService - ok
09:56:58.0439 9532  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
09:56:58.0459 9532  Themes - ok
09:56:58.0475 9532  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
09:56:58.0507 9532  THREADORDER - ok
09:56:58.0514 9532  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
09:56:58.0550 9532  TrkWks - ok
09:56:58.0581 9532  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:56:58.0648 9532  TrustedInstaller - ok
09:56:58.0652 9532  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
09:56:58.0719 9532  tssecsrv - ok
09:56:58.0733 9532  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
09:56:58.0785 9532  TsUsbFlt - ok
09:56:58.0799 9532  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
09:56:58.0847 9532  TsUsbGD - ok
09:56:58.0883 9532  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:56:58.0951 9532  tunnel - ok
09:56:58.0980 9532  [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
09:56:59.0024 9532  TurboB - ok
09:56:59.0060 9532  [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
09:56:59.0109 9532  TurboBoost - ok
09:56:59.0112 9532  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
09:56:59.0124 9532  uagp35 - ok
09:56:59.0136 9532  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:56:59.0207 9532  udfs - ok
09:56:59.0223 9532  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:56:59.0240 9532  UI0Detect - ok
09:56:59.0258 9532  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:56:59.0270 9532  uliagpkx - ok
09:56:59.0282 9532  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
09:56:59.0331 9532  umbus - ok
09:56:59.0350 9532  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
09:56:59.0363 9532  UmPass - ok
09:56:59.0472 9532  [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
09:56:59.0623 9532  UNS - ok
09:56:59.0643 9532  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
09:56:59.0681 9532  upnphost - ok
09:56:59.0740 9532  [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
09:56:59.0791 9532  USBAAPL64 - ok
09:56:59.0806 9532  [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
09:56:59.0865 9532  usbccgp - ok
09:56:59.0884 9532  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
09:56:59.0931 9532  usbcir - ok
09:56:59.0955 9532  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
09:57:00.0090 9532  usbehci - ok
09:57:00.0127 9532  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
09:57:00.0220 9532  usbhub - ok
09:57:00.0246 9532  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
09:57:00.0336 9532  usbohci - ok
09:57:00.0359 9532  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
09:57:00.0375 9532  usbprint - ok
09:57:00.0412 9532  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
09:57:00.0428 9532  usbscan - ok
09:57:00.0441 9532  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:57:00.0493 9532  USBSTOR - ok
09:57:00.0517 9532  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
09:57:00.0566 9532  usbuhci - ok
09:57:00.0593 9532  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
09:57:00.0645 9532  usbvideo - ok
09:57:00.0653 9532  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
09:57:00.0686 9532  UxSms - ok
09:57:00.0726 9532  [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc        C:\Windows\system32\lsass.exe
09:57:00.0739 9532  VaultSvc - ok
09:57:00.0757 9532  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
09:57:00.0766 9532  vdrvroot - ok
09:57:00.0790 9532  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
09:57:00.0825 9532  vds - ok
09:57:00.0840 9532  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
09:57:00.0856 9532  vga - ok
09:57:00.0875 9532  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
09:57:00.0908 9532  VgaSave - ok
09:57:00.0931 9532  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
09:57:00.0983 9532  vhdmp - ok
09:57:00.0999 9532  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
09:57:01.0011 9532  viaide - ok
09:57:01.0024 9532  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:57:01.0034 9532  volmgr - ok
09:57:01.0046 9532  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:57:01.0059 9532  volmgrx - ok
09:57:01.0071 9532  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:57:01.0083 9532  volsnap - ok
09:57:01.0138 9532  [ D6653180D162CB3144FDBC8A651CEBB1 ] vpnagent        C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
09:57:01.0252 9532  vpnagent - ok
09:57:01.0268 9532  [ 13E6D95E7AC67ABB7A1196557EF8849F ] vpnva           C:\Windows\system32\DRIVERS\vpnva64.sys
09:57:01.0313 9532  vpnva - ok
09:57:01.0347 9532  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
09:57:01.0363 9532  vsmraid - ok
09:57:01.0416 9532  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
09:57:01.0558 9532  VSS - ok
09:57:01.0564 9532  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
09:57:01.0581 9532  vwifibus - ok
09:57:01.0596 9532  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
09:57:01.0615 9532  vwififlt - ok
09:57:01.0627 9532  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
09:57:01.0679 9532  vwifimp - ok
09:57:01.0704 9532  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
09:57:01.0743 9532  W32Time - ok
09:57:01.0763 9532  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
09:57:01.0779 9532  WacomPen - ok
09:57:01.0808 9532  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
09:57:01.0957 9532  WANARP - ok
09:57:01.0968 9532  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:57:01.0999 9532  Wanarpv6 - ok
09:57:02.0026 9532  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
09:57:02.0091 9532  wbengine - ok
09:57:02.0111 9532  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
09:57:02.0133 9532  WbioSrvc - ok
09:57:02.0147 9532  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:57:02.0196 9532  wcncsvc - ok
09:57:02.0208 9532  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:57:02.0227 9532  WcsPlugInService - ok
09:57:02.0240 9532  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
09:57:02.0252 9532  Wd - ok
09:57:02.0280 9532  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:57:02.0297 9532  Wdf01000 - ok
09:57:02.0308 9532  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:57:02.0335 9532  WdiServiceHost - ok
09:57:02.0339 9532  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:57:02.0357 9532  WdiSystemHost - ok
09:57:02.0369 9532  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
09:57:02.0414 9532  WebClient - ok
09:57:02.0426 9532  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:57:02.0463 9532  Wecsvc - ok
09:57:02.0473 9532  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:57:02.0508 9532  wercplsupport - ok
09:57:02.0531 9532  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
09:57:02.0606 9532  WerSvc - ok
09:57:02.0619 9532  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
09:57:02.0650 9532  WfpLwf - ok
09:57:02.0687 9532  [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
09:57:02.0787 9532  WimFltr - ok
09:57:02.0801 9532  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
09:57:02.0822 9532  WIMMount - ok
09:57:02.0841 9532  WinDefend - ok
09:57:02.0846 9532  WinHttpAutoProxySvc - ok
09:57:02.0894 9532  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:57:02.0968 9532  Winmgmt - ok
09:57:03.0010 9532  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
09:57:03.0105 9532  WinRM - ok
09:57:03.0164 9532  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
09:57:03.0215 9532  WinUsb - ok
09:57:03.0268 9532  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
09:57:03.0338 9532  Wlansvc - ok
09:57:03.0365 9532  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:57:03.0430 9532  wlcrasvc - ok
09:57:03.0515 9532  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:57:03.0673 9532  wlidsvc - ok
09:57:03.0694 9532  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
09:57:03.0709 9532  WmiAcpi - ok
09:57:03.0720 9532  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:57:03.0763 9532  wmiApSrv - ok
09:57:03.0777 9532  WMPNetworkSvc - ok
09:57:03.0807 9532  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:57:03.0863 9532  WPCSvc - ok
09:57:03.0879 9532  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:57:03.0933 9532  WPDBusEnum - ok
09:57:03.0958 9532  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:57:03.0998 9532  ws2ifsl - ok
09:57:04.0009 9532  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
09:57:04.0027 9532  wscsvc - ok
09:57:04.0031 9532  WSearch - ok
09:57:04.0087 9532  [ 9DF12EDBC698B0BC353B3EF84861E430 ] wuauserv        C:\Windows\system32\wuaueng.dll
09:57:04.0400 9532  wuauserv - ok
09:57:04.0434 9532  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:57:04.0544 9532  WudfPf - ok
09:57:04.0570 9532  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
09:57:04.0640 9532  WUDFRd - ok
09:57:04.0661 9532  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:57:04.0721 9532  wudfsvc - ok
09:57:04.0745 9532  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
09:57:04.0777 9532  WwanSvc - ok
09:57:04.0842 9532  ================ Scan global ===============================
09:57:04.0857 9532  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:57:04.0888 9532  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
09:57:04.0979 9532  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
09:57:05.0003 9532  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:57:05.0039 9532  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:57:05.0049 9532  [Global] - ok
09:57:05.0050 9532  ================ Scan MBR ==================================
09:57:05.0061 9532  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
09:57:05.0517 9532  \Device\Harddisk0\DR0 - ok
09:57:05.0523 9532  [ 8FF255184F078C9C04E6A2CE66117C5C ] \Device\Harddisk1\DR3
09:57:05.0994 9532  \Device\Harddisk1\DR3 - ok
09:57:05.0997 9532  ================ Scan VBR ==================================
09:57:06.0004 9532  [ AA770D09DD7B8F709D05C0661C35163A ] \Device\Harddisk0\DR0\Partition1
09:57:06.0007 9532  \Device\Harddisk0\DR0\Partition1 - ok
09:57:06.0078 9532  [ 8BB9E90A2B4737751E2867FE3831B9F6 ] \Device\Harddisk0\DR0\Partition2
09:57:06.0081 9532  \Device\Harddisk0\DR0\Partition2 - ok
09:57:06.0087 9532  [ E37E7B7647243F48E69DB894A98489C6 ] \Device\Harddisk1\DR3\Partition1
09:57:06.0091 9532  \Device\Harddisk1\DR3\Partition1 - ok
09:57:06.0092 9532  ============================================================
09:57:06.0092 9532  Scan finished
09:57:06.0092 9532  ============================================================
09:57:06.0160 1316  Detected object count: 2
09:57:06.0160 1316  Actual detected object count: 2
09:57:13.0173 1316  OpenVPNService ( UnsignedFile.Multi.Generic ) - skipped by user
09:57:13.0173 1316  OpenVPNService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:57:13.0174 1316  SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
09:57:13.0174 1316  SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 12.06.2013, 09:29   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf - Standard

Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf



Ok, ist unauffällig

JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




Im Anschluss:

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 12.06.2013, 11:31   #15
lachshappen
 
Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf - Standard

Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf



argh, habe versehentlich erst den adw scan, dann JRT scan gemacht, hoffe das ist nicht schlimm ?!

beim upload vom JRT log im code format bekomme ich immer die Meldung, dass der Text zu lange für das Forum ist. Habe es dann versucht als Anlage anzuhängen, da sagt er mir die 256kb sind zu groß...
Habe es jetzt hier hochgeladen:
hxxp://www.file-upload.net/download-7705238/JRT.txt.html


adw:
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v2.303 - Datei am 12/06/2013 um 10:39:20 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : computer - computer-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\computer\Desktop\TB\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\computer\AppData\Roaming\Mozilla\Firefox\Profiles\17gbtzdc.default\bProtector_extensions.rdf
Datei Gelöscht : C:\Users\computer\AppData\Roaming\Mozilla\Firefox\Profiles\17gbtzdc.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\computer\AppData\Roaming\Mozilla\Firefox\Profiles\17gbtzdc.default\searchplugins\delta.xml
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Ordner Gelöscht : C:\Users\computer\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\computer\AppData\Roaming\Mozilla\Firefox\Profiles\17gbtzdc.default\extensions\{E71B541F-5E72-5555-A47C-E47863195841}
Ordner Gelöscht : C:\Users\computer\AppData\Roaming\Mozilla\Firefox\Profiles\17gbtzdc.default\jetpack
Ordner Gelöscht : C:\Users\computer\AppData\Roaming\OpenCandy

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (en-US)

Datei : C:\Users\computer\AppData\Roaming\Mozilla\Firefox\Profiles\17gbtzdc.default\prefs.js

C:\Users\computer\AppData\Roaming\Mozilla\Firefox\Profiles\17gbtzdc.default\user.js ... Gelöscht !

Gelöscht : user_pref("extensions.BabylonToolbar.bbDpng", 28);
Gelöscht : user_pref("extensions.BabylonToolbar.cntry", "DE");
Gelöscht : user_pref("extensions.BabylonToolbar.firstRun", false);
Gelöscht : user_pref("extensions.BabylonToolbar.hdrMd5", "DE637FE18E1096C38464D45BF231AD0E");
Gelöscht : user_pref("extensions.BabylonToolbar.lastActv", "28");
Gelöscht : user_pref("extensions.BabylonToolbar.lastDP", 28);
Gelöscht : user_pref("extensions.delta.admin", false);
Gelöscht : user_pref("extensions.delta.aflt", "babsst");
Gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Gelöscht : user_pref("extensions.delta.dfltLng", "en");
Gelöscht : user_pref("extensions.delta.excTlbr", false);
Gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Gelöscht : user_pref("extensions.delta.id", "c43f51d200000000000000ffaf550b30");
Gelöscht : user_pref("extensions.delta.instlDay", "15856");
Gelöscht : user_pref("extensions.delta.instlRef", "sst");
Gelöscht : user_pref("extensions.delta.newTab", false);
Gelöscht : user_pref("extensions.delta.prdct", "delta");
Gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Gelöscht : user_pref("extensions.delta.rvrt", "false");
Gelöscht : user_pref("extensions.delta.smplGrp", "none");
Gelöscht : user_pref("extensions.delta.tlbrId", "base");
Gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Gelöscht : user_pref("extensions.delta.vrsn", "1.8.21.5");
Gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.21.50:49:46");
Gelöscht : user_pref("extensions.delta.vrsni", "1.8.21.5");
Gelöscht : user_pref("extensions.delta_i.babExt", "");
Gelöscht : user_pref("extensions.delta_i.babTrack", "affID=121562&tt=gc_");
Gelöscht : user_pref("extensions.delta_i.srcExt", "ss");

Datei : C:\Users\computer\AppData\Roaming\Mozilla\Firefox\Profiles\8fprm7jq.default\prefs.js

C:\Users\computer\AppData\Roaming\Mozilla\Firefox\Profiles\8fprm7jq.default\user.js ... Gelöscht !

[OK] Die Datei ist sauber.

Datei : C:\Users\computer\AppData\Roaming\Mozilla\Firefox\Profiles\rgjaxaqa.profiltest\prefs.js

C:\Users\computer\AppData\Roaming\Mozilla\Firefox\Profiles\rgjaxaqa.profiltest\user.js ... Gelöscht !

[OK] Die Datei ist sauber.

Datei : C:\Users\computer\AppData\Roaming\Mozilla\Firefox\Profiles\trdez4g5.Standard-Benutzer\prefs.js

C:\Users\computer\AppData\Roaming\Mozilla\Firefox\Profiles\trdez4g5.Standard-Benutzer\user.js ... Gelöscht !

Gelöscht : user_pref("extensions.BabylonToolbar.bbDpng", 28);
Gelöscht : user_pref("extensions.BabylonToolbar.cntry", "DE");
Gelöscht : user_pref("extensions.BabylonToolbar.firstRun", false);
Gelöscht : user_pref("extensions.BabylonToolbar.hdrMd5", "DE637FE18E1096C38464D45BF231AD0E");
Gelöscht : user_pref("extensions.BabylonToolbar.lastActv", "28");
Gelöscht : user_pref("extensions.BabylonToolbar.lastDP", 28);
Gelöscht : user_pref("keyword.URL", "hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=b856fb3d00000000000000215c4[...]

*************************

AdwCleaner[S1].txt - [6431 octets] - [12/06/2013 10:39:20]

########## EOF - C:\AdwCleaner[S1].txt - [6491 octets] ##########
         
--- --- ---


OTL: OTL.txt
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 12.06.2013 11:34:48 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\computer\Desktop\TB
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,90 Gb Total Physical Memory | 5,81 Gb Available Physical Memory | 73,60% Memory free
15,79 Gb Paging File | 12,71 Gb Available in Paging File | 80,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 679,00 Gb Total Space | 265,82 Gb Free Space | 39,15% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 153,26 Gb Free Space | 16,45% Space Free | Partition Type: NTFS
 
Computer Name: computer-PC | User Name: computer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe (Adobe Systems, Inc.)
PRC - C:\Users\computer\Desktop\TB\OTL.exe (OldTimer Tools)
PRC - C:\ProgramData\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
PRC - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
PRC - C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.)
PRC - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe ()
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS)
PRC - C:\Program Files (x86)\BitLord 2\Bitlord files\bitlord.exe ()
PRC - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()
PRC - C:\Program Files (x86)\foobar2000\foobar2000.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
MOD - C:\ProgramData\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dd56ffc9d534de278c79420dcce058a4\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07cdef1a740151932dcf161f3306bd9c\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\70e2ca33ffa52c743285dc5b4910a229\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7c94a121334aeca7553c7f01290740f0\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libvorbis_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libxml_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libtaglib_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libtheora_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libzip_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libwaveout_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libsvcdsub_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libugly_resampler_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libqt4_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libskins2_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libschroedinger_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libspeex_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libsap_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libspudec_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libscaletempo_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libstream_filter_rar_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libsimple_channel_mixer_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\librawvideo_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libstream_filter_record_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libpng_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmp4_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmpgatofixed32_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libplaylist_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_h264_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_mpeg4audio_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_dirac_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_vc1_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_mpegvideo_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_mpeg4video_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_flac_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_mlp_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmono_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libpodcast_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmpeg_audio_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\liblibass_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\liblua_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libhotkeys_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmediadirs_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\liblpcm_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmemcpymmxext_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libglobalhotkeys_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libfaad_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libflac_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libdvdnav_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libdshow_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libdtstofloat32_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libdirectx_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libflacsys_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libes_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libfilesystem_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libdts_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libfake_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libcvdsub_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libdtstospdif_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libdolby_surround_decoder_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libfloat32_mixer_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libavi_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libasf_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libaout_directx_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libaraw_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libaudio_format_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libcdg_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libaes3_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libconverter_fixed_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libaccess_bd_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\liba52tofloat32_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\liba52tospdif_plugin.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\_ssl.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\_hashlib.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\pyexpat.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\_ctypes.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\_socket.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\select.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\bitlord.exe ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\cairo._cairo.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\gtk._gtk.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\gio._gio.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\gobject._gobject.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\glib._glib.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\atk.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\pango.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\gtk.glade.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\pangocairo.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\lib\gtk-2.0\2.10.0\engines\libwimp.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\libxml2-2.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\zlib1.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\libpng14-14.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\libpangocairo-1.0-0.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\libcairo-2.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\freetype6.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\libfontconfig-1.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\libglade-2.0-0.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\libffi-5.dll ()
MOD - c:\program files (x86)\bitlord 2\bitlord files\pyopenssl-0.12-py2.6-win32.egg\OpenSSL\crypto.pyd ()
MOD - c:\program files (x86)\bitlord 2\bitlord files\pyopenssl-0.12-py2.6-win32.egg\OpenSSL\SSL.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\pyHook._cpyHook.pyd ()
MOD - c:\program files (x86)\bitlord 2\bitlord files\pyopenssl-0.12-py2.6-win32.egg\OpenSSL\rand.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\twisted.python._initgroups.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\winxpgui.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\win32gui.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\win32api.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\win32process.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\win32event.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\win32com.shell.shell.pyd ()
MOD - c:\program files (x86)\bitlord 2\bitlord files\zope.interface-3.6.2-py2.6-win32.egg\zope\interface\_zope_interface_coptimizations.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\libtorrent.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\libcef.dll ()
MOD - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
MOD - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll ()
MOD - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll ()
MOD - C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_audioscrobbler.dll ()
MOD - C:\Program Files (x86)\foobar2000\foobar2000.exe ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_ui_std.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_dsp_std.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_albumlist.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_input_std.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_cdda.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_rgscan.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_converter.dll ()
MOD - C:\Program Files (x86)\foobar2000\shared.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\pythoncom26.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\pywintypes26.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV:64bit: - (McODS) -- C:\Program Files\mcafee\virusscan\mcods.exe (McAfee, Inc.)
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McOobeSv) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (AMPPALR3) -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation)
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV:64bit: - (BTHSSecurityMgr) -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel(R) Corporation)
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (McAWFwk) -- c:\Program Files\mcafee\msc\McAWFwk.exe (McAfee, Inc.)
SRV:64bit: - (AERTFilters) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (OpenVPNService) -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe ()
SRV - (vpnagent) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (RoxWatch12) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe (Sonic Solutions)
SRV - (RoxMediaDB12OEM) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe (Sonic Solutions)
SRV - (NOBU) -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe (Dell, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (PCDSRVC{D3412D80-CF3B4A27-06020200}_0) -- c:\Program Files\My Dell\pcdsrvc_x64.pkms (PC-Doctor, Inc.)
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (HipShieldK) -- C:\Windows\SysNative\drivers\HipShieldK.sys (McAfee, Inc.)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (AMPPALP) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (AMPPAL) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (vpnva) -- C:\Windows\SysNative\drivers\vpnva64.sys (Cisco Systems, Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation)
DRV:64bit: - (Acceler) -- C:\Windows\SysNative\drivers\Accelern.sys (ST Microelectronics)
DRV:64bit: - (NvStUSB) -- C:\Windows\SysNative\drivers\nvstusb.sys ()
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel(R) Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (stdcfltn) -- C:\Windows\SysNative\drivers\stdcfltn.sys (ST Microelectronics)
DRV:64bit: - (qicflt) -- C:\Windows\SysNative\drivers\qicflt.sys (Quanta Computer)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{09B09277-592F-4F43-A07D-97825D126EFD}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{09B09277-592F-4F43-A07D-97825D126EFD}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-1719234960-210421252-110682156-1000\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-1719234960-210421252-110682156-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
IE - HKU\S-1-5-21-1719234960-210421252-110682156-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-1719234960-210421252-110682156-1001\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-1719234960-210421252-110682156-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1719234960-210421252-110682156-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: searchdictcc%40roughael:3.4
FF - prefs.js..extensions.enabledAddons: chineseperakun%40gmail.com:9.0.0
FF - prefs.js..extensions.enabledAddons: %7B1018e4d6-728f-4b20-ad56-37578a4de76b%7D:4.2.9
FF - prefs.js..extensions.enabledAddons: anttoolbar%40ant.com:2.4.7.8
FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.8
FF - prefs.js..extensions.enabledAddons: firefox%40ghostery.com:2.9.5
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {ca8b7b3d-b6e6-438f-b935-601b3de48d66}:1.1.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..network.proxy.http: "localhost"
FF - prefs.js..network.proxy.http_port: 8118
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2013.03.08 20:29:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\ProgramData\Mozilla Firefox\components [2013.05.22 22:55:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\ProgramData\Mozilla Firefox\plugins [2013.05.17 07:24:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2012.10.23 19:26:29 | 000,000,000 | ---D | M]
 
[2011.10.19 11:51:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\Extensions
[2013.06.12 10:39:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\17gbtzdc.default\extensions
[2013.05.20 22:59:21 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\17gbtzdc.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2013.05.22 19:06:33 | 000,000,000 | ---D | M] (Ant Video Downloader) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\17gbtzdc.default\extensions\anttoolbar@ant.com
[2013.03.05 10:28:57 | 000,000,000 | ---D | M] (Perapera Chinese) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\17gbtzdc.default\extensions\chineseperakun@gmail.com
[2013.06.01 00:22:14 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\17gbtzdc.default\extensions\firefox@ghostery.com
[2013.05.25 15:22:47 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\17gbtzdc.default\extensions\ich@maltegoetz.de
[2011.10.19 12:07:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\8fprm7jq.default\extensions
[2011.10.19 12:07:53 | 000,000,000 | ---D | M] (Firefox Throttle) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\8fprm7jq.default\extensions\{ca8b7b3d-b6e6-438f-b935-601b3de48d66}
[2011.10.19 12:07:53 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\8fprm7jq.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2011.10.19 12:07:53 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\8fprm7jq.default\extensions\moveplayer@movenetworks.com
[2011.10.19 12:06:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\Profiles\8fprm7jq.default\extensions
[2011.10.19 12:06:53 | 000,000,000 | ---D | M] (Firefox Throttle) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\Profiles\8fprm7jq.default\extensions\{ca8b7b3d-b6e6-438f-b935-601b3de48d66}
[2011.10.19 12:06:55 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\Profiles\8fprm7jq.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2011.10.19 12:06:49 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\Profiles\8fprm7jq.default\extensions\moveplayer@movenetworks.com
[2011.10.19 12:06:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\Profiles\rgjaxaqa.profiltest\extensions
[2011.10.19 12:06:59 | 000,000,000 | ---D | M] (Firefox Throttle) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\Profiles\rgjaxaqa.profiltest\extensions\{ca8b7b3d-b6e6-438f-b935-601b3de48d66}
[2011.10.19 12:07:01 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\Profiles\rgjaxaqa.profiltest\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2011.10.19 12:06:57 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\Profiles\rgjaxaqa.profiltest\extensions\moveplayer@movenetworks.com
[2011.10.19 12:07:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\Profiles\trdez4g5.Standard-Benutzer\extensions
[2011.10.19 12:07:07 | 000,000,000 | ---D | M] (Firefox Throttle) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\Profiles\trdez4g5.Standard-Benutzer\extensions\{ca8b7b3d-b6e6-438f-b935-601b3de48d66}
[2011.10.19 12:07:05 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\Profiles\trdez4g5.Standard-Benutzer\extensions\moveplayer@movenetworks.com
[2011.10.19 12:07:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\rgjaxaqa.profiltest\extensions
[2011.10.19 12:07:54 | 000,000,000 | ---D | M] (Firefox Throttle) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\rgjaxaqa.profiltest\extensions\{ca8b7b3d-b6e6-438f-b935-601b3de48d66}
[2011.10.19 12:07:54 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\rgjaxaqa.profiltest\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2011.10.19 12:07:54 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\rgjaxaqa.profiltest\extensions\moveplayer@movenetworks.com
[2011.10.19 12:07:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\trdez4g5.Standard-Benutzer\extensions
[2011.10.19 12:07:54 | 000,000,000 | ---D | M] (Firefox Throttle) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\trdez4g5.Standard-Benutzer\extensions\{ca8b7b3d-b6e6-438f-b935-601b3de48d66}
[2011.10.19 12:07:54 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\trdez4g5.Standard-Benutzer\extensions\moveplayer@movenetworks.com
[2013.05.08 20:51:58 | 000,363,920 | ---- | M] () (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\firefox\profiles\17gbtzdc.default\extensions\client@anonymox.net.xpi
[2013.02.05 23:35:44 | 000,037,531 | ---- | M] () (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\firefox\profiles\17gbtzdc.default\extensions\searchdictcc@roughael.xpi
[2011.10.16 09:37:32 | 000,688,596 | ---- | M] () (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\firefox\profiles\Profiles\trdez4g5.Standard-Benutzer\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2011.10.16 09:37:32 | 000,688,596 | ---- | M] () (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\firefox\profiles\trdez4g5.Standard-Benutzer\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2013.03.05 10:23:50 | 000,002,194 | ---- | M] () -- C:\Users\computer\AppData\Roaming\mozilla\firefox\profiles\17gbtzdc.default\searchplugins\dictcn-.xml
 
O1 HOSTS File: ([2013.06.11 10:28:03 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2:64bit: - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20120628125926.dll (McAfee, Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\mcafee\msk\mskapbho.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120628125926.dll (McAfee, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] c:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1719234960-210421252-110682156-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1719234960-210421252-110682156-1001..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1719234960-210421252-110682156-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Reg Error: Value error.)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: CC679CB8-DC4B-458B-B817-D447B3B6AC31 vpnweb.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{732B53D2-3BD4-4138-A307-29C79BF326C9}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF550B30-AFE2-42ED-946E-91776320BC3E}: DhcpNameServer = 131.188.0.10 131.188.0.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F51CF875-AAFC-4AE2-931B-4F6B47B37068}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.12 10:50:19 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.06.12 10:50:16 | 000,000,000 | ---D | C] -- C:\JRT
[2013.06.12 10:47:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013.06.11 22:18:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2013.06.11 10:39:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RegCleaner
[2013.06.11 10:26:53 | 000,000,000 | ---D | C] -- C:\_OTL
[2013.06.11 10:19:37 | 000,000,000 | ---D | C] -- C:\Users\computer\Desktop\TB
[2013.06.11 08:56:14 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2013.06.11 08:56:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2013.06.11 08:56:13 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Roaming\Notepad++
[2013.06.11 08:56:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++
[2013.06.10 19:12:34 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\www.rene-zeidler.de
[2013.06.10 19:12:23 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Roaming\www.rene-zeidler.de
[2013.06.10 19:12:23 | 000,000,000 | ---D | C] -- C:\ProgramData\www.rene-zeidler.de
[2013.06.01 00:49:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2013.06.01 00:49:00 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Roaming\DVDVideoSoft
[2013.06.01 00:49:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2013.06.01 00:49:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2013.05.22 19:33:41 | 000,000,000 | ---D | C] -- C:\ProgramData\PC-Doctor for Windows
[2013.05.22 19:33:23 | 000,000,000 | ---D | C] -- C:\Program Files\My Dell
[2 C:\Users\computer\Desktop\*.tmp files -> C:\Users\computer\Desktop\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.12 11:26:02 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.12 10:56:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.12 10:50:14 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.12 10:50:14 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.12 10:42:50 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.12 10:42:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.12 10:42:35 | 2064,252,927 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.11 22:08:58 | 000,007,603 | ---- | M] () -- C:\Users\computer\AppData\Local\Resmon.ResmonCfg
[2013.06.11 22:05:14 | 000,000,218 | ---- | M] () -- C:\Users\computer\.recently-used.xbel
[2013.06.11 20:57:04 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.06.11 20:57:04 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.06.11 10:39:18 | 000,000,960 | ---- | M] () -- C:\Users\computer\Desktop\RegCleaner.lnk
[2013.06.11 10:38:22 | 000,002,890 | ---- | M] () -- C:\Users\computer\Documents\cc_20130611_103819.reg
[2013.06.11 10:28:03 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2013.06.06 09:39:03 | 000,812,232 | ---- | M] () -- C:\Users\computer\Desktop\MASA.pdf
[2013.06.01 00:49:23 | 000,002,304 | ---- | M] () -- C:\Users\computer\Desktop\Free Video to MP3 Converter.lnk
[2013.05.28 14:29:41 | 000,006,122 | ---- | M] () -- C:\Users\computer\Documents\cc_20130528_142937.reg
[2013.05.27 18:58:09 | 001,621,308 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.05.27 18:58:09 | 000,700,418 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.05.27 18:58:09 | 000,655,090 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.05.27 18:58:09 | 000,149,182 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.05.27 18:58:09 | 000,121,962 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.05.18 18:54:34 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.05.17 07:24:03 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2 C:\Users\computer\Desktop\*.tmp files -> C:\Users\computer\Desktop\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.06.11 22:05:14 | 000,000,218 | ---- | C] () -- C:\Users\computer\.recently-used.xbel
[2013.06.11 10:39:18 | 000,000,960 | ---- | C] () -- C:\Users\computer\Desktop\RegCleaner.lnk
[2013.06.11 10:38:21 | 000,002,890 | ---- | C] () -- C:\Users\computer\Documents\cc_20130611_103819.reg
[2013.06.01 00:49:23 | 000,002,304 | ---- | C] () -- C:\Users\computer\Desktop\Free Video to MP3 Converter.lnk
[2013.05.28 14:29:39 | 000,006,122 | ---- | C] () -- C:\Users\computer\Documents\cc_20130528_142937.reg
[2012.10.26 06:32:18 | 000,000,000 | ---- | C] () -- C:\Users\computer\AppData\Roaming\sc_switch.cfg
[2012.08.04 14:48:08 | 000,165,404 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012.08.01 20:29:44 | 000,000,132 | ---- | C] () -- C:\Users\computer\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2012.05.12 01:32:48 | 000,002,528 | ---- | C] () -- C:\Windows\FCIC.INI
[2012.01.10 19:21:59 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012.01.10 19:21:59 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD7420.DAT
[2012.01.10 19:10:29 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\BrMuSNMP.dll
[2011.12.18 16:38:28 | 059,525,617 | ---- | C] () -- C:\Users\computer\wangzong.wmv
[2011.10.21 08:40:07 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.10.20 19:26:45 | 000,007,603 | ---- | C] () -- C:\Users\computer\AppData\Local\Resmon.ResmonCfg
[2011.10.12 17:46:08 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011.10.12 17:45:23 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.10.12 17:45:21 | 000,216,876 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.10.12 17:45:20 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010.11.21 05:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010.11.21 05:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
         
--- --- ---

[/CODE]

OTL: Extras.txt

OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 12.06.2013 11:34:48 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\computer\Desktop\TB
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,90 Gb Total Physical Memory | 5,81 Gb Available Physical Memory | 73,60% Memory free
15,79 Gb Paging File | 12,71 Gb Available in Paging File | 80,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 679,00 Gb Total Space | 265,82 Gb Free Space | 39,15% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 153,26 Gb Free Space | 16,45% Space Free | Partition Type: NTFS
 
Computer Name: computer-PC | User Name: computer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-1719234960-210421252-110682156-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\ProgramData\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = C:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = C:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = C:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = C:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D14B239-8D66-440E-A945-0D4001F7FABD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{0F3DAEB8-E11F-42F1-AA84-C82BB34C068E}" = rport=138 | protocol=17 | dir=out | app=system | 
"{15A62134-7E13-42CF-A15B-C6787D3C5FB2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{1A31475E-1A71-4429-A6DC-DA423D8F2AAF}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{2915D83B-08FC-4D58-A1CD-433DB70250DC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{2F18575F-0600-4129-AB65-0785D17D3F08}" = lport=9700 | protocol=6 | dir=in | name=syncup_tcp_9700 | 
"{31BE54B6-26C9-4AB3-B29E-A4D8B162934A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{39938D3F-253B-43A8-A9D1-C6EDF2CCFFFA}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{409E29C9-D5C5-412D-9F46-AEEF33AB3DB4}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{4139D392-EBDA-496C-912F-2EEC32FD1086}" = lport=137 | protocol=17 | dir=in | app=system | 
"{663CBDFE-F086-477D-B03C-556D376E64C9}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | 
"{6D59457A-4475-4822-9089-B9A65898F460}" = lport=445 | protocol=6 | dir=in | app=system | 
"{7641D34F-7E9B-4241-BACD-210A4EEEA2A3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{777F8170-BAFF-4510-B115-175336AB4EB2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{83BD48FD-1D6E-4B74-8B2D-6293F5698AC9}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{84E11FF0-DB55-466C-BE88-98AA06CDDB8A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{931F57A8-ADC6-44BD-A48B-30F24CA83486}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{98234EC8-7C63-4E0F-9D31-33A99C2982F0}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{9D253799-F763-465B-8A2A-14D2FFB9E6EA}" = lport=9702 | protocol=6 | dir=in | name=syncup_tcp_9702 | 
"{A24105DB-281F-4502-8603-563CA12DC15F}" = lport=9701 | protocol=6 | dir=in | name=syncup_tcp_9701 | 
"{A53B3B19-2136-4277-B474-1A8E26A5C795}" = rport=139 | protocol=6 | dir=out | app=system | 
"{A6E89C3A-797D-4301-9A13-CCEC36634C22}" = rport=445 | protocol=6 | dir=out | app=system | 
"{C8F047AA-2C04-4CA8-8515-3F2D11F00C26}" = rport=137 | protocol=17 | dir=out | app=system | 
"{CDCCE2DE-77F5-43F0-A416-F80A71BEBDCF}" = lport=138 | protocol=17 | dir=in | app=system | 
"{D94AA84A-5955-4AEA-A366-C0A2A515DAE2}" = lport=9700 | protocol=17 | dir=in | name=syncup_udp_9700 | 
"{E06EC1CC-9BB3-4866-B19E-60D54A0A20AE}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | 
"{E79A9B39-40AB-4370-9A40-B2318CF94F39}" = lport=810 | protocol=17 | dir=in | name=firstclass client | 
"{F53740FC-8FA6-4347-BB14-4B90212D947A}" = lport=139 | protocol=6 | dir=in | app=system | 
"{F6157F38-5A30-4565-986C-2551A7D567FD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{159F80F0-841E-465A-9473-A9B7116AF903}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{223CC236-6292-43E1-875C-F74E1ED5A807}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{22427539-C60A-4C42-AE02-C32F1BBECAE6}" = dir=in | app=c:\program files (x86)\dell\videostage\videostage.exe | 
"{24E13F28-E238-4AA1-87C1-38ED09456030}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremote.exe | 
"{25D26E3A-4404-4FC5-BFAD-88155D282FD2}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{26BBE5B1-DDA4-4DDA-ACB6-7BB147E36662}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe | 
"{26CCB4D7-A1D4-495A-80D3-1643F5278E26}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{2F91AC72-5293-4FEF-9F34-0158D48F97CB}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{311AD2A8-348D-4F7F-8C45-8A211E6806C2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{374A5A44-D74E-4F2C-8B89-3A0E50880144}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{3BD9D0E4-834B-410C-B3D1-0D48B0787699}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{3DDDA76E-959C-45FC-BECA-1D6CA14C166C}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\controller.exe | 
"{446B1E25-1280-4E4F-A71A-9DD7A1D89A62}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{4A94CBEE-1C45-4F71-AA4C-B561F3E5207A}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{4C789BE5-6B77-4FC5-A2CE-F46A427474A5}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\installerhelp.exe | 
"{4D69A39E-0E3E-4B8D-A096-DD16C8A6D579}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{571A3959-691F-4B91-9FD1-1E8A63CF8B06}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{57ECB1C4-3308-4F0A-B380-7505899C6D6D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{606D6053-05E6-4BEB-B15B-2E4D867EDA52}" = protocol=6 | dir=in | app=c:\users\computer\appdata\roaming\dropbox\bin\dropbox.exe | 
"{610A9D28-2E8E-4559-AE87-6FFD7E440149}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{671AF3AC-3C3E-43E1-8218-76F30ED2C502}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{6D76A7F6-E302-4072-8D96-FE2577345DD2}" = protocol=17 | dir=in | app=c:\users\computer\appdata\roaming\dropbox\bin\dropbox.exe | 
"{71F95CD0-B43C-4140-9CC5-ED2D532422F1}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{7E2B2AF4-F228-4981-B251-E40D5D231A17}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{8246FC97-9110-4EDE-963F-0F1BC54D2B8C}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{8C891216-20F4-4EE7-A32A-F3BFBE1C2106}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{8DFAED6E-C6D7-4D1E-8A5B-69A06A39952B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{8E09EBD1-CDD0-4B12-9032-F67316F95D1C}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\installerhelp.exe | 
"{8F54302C-7376-4E19-8BC6-ED29CE67FF27}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{9280A4D5-A86B-43C2-8AAA-5D8E7B300FE8}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{938C0749-03A2-4C95-8353-A33FDC2301A9}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{94B9044E-AE54-46EE-A511-078E06DFB79E}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\dmr.exe | 
"{98AF2782-6082-4915-9997-DF7D099C5B18}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\dmr.exe | 
"{AB940A14-2247-4ED8-8ECA-B25B92D78D03}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{ABA8E356-C72B-4788-972E-E738589DA765}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{B3BFA51A-06D8-4D5D-89C8-0646826DC4D7}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe | 
"{B6A6E7D8-5841-4C20-A5BE-760E3BB48655}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{B74847EC-70CF-421F-BCDF-88AF1B6FDB07}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremote.exe | 
"{BB22F136-9FFB-4EDE-B687-1F906F618C9A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{C40D8EBA-E9D2-40B3-A373-6D25E07B1D91}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{CA851A77-A531-4360-9E18-65C8A1174637}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{D17432EB-08D0-4A5F-968D-B13A4AF4224C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{D228C48A-4995-411B-805F-1063B5916DCB}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{D8F35086-91F9-45EA-AE61-C830C4A1BF48}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{E4FBCCB5-44B4-4E38-848D-153FBAEEF3DC}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\controller.exe | 
"{E6CD20E5-C78E-4641-99FB-C9A597CA04B8}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{EABB5FEF-5949-4D37-9DD7-3C66C3D628B5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{EBD4DD37-1159-485F-AB03-E25192643E39}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{F8F2FFA4-B408-4B35-B608-FCF06861D509}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{F9617B91-BCDC-4D0E-BB8B-740432A853CD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{FE423B8C-9E05-4EA1-9E0A-533D6AED2BA9}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | 
"{FE522792-92EA-4C69-9D21-34479A4FBE8A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{25FBDA9A-E868-4B3B-B9FF-D923818511A1}" = Intel(R) PROSet/Wireless WiFi-Software
"{26A24AE4-039D-4CA4-87B4-2F86416027FF}" = Java(TM) 6 Update 27 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417021FF}" = Java 7 Update 21 (64-bit)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}" = NetSpeedMonitor 2.5.4.0 x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support
"{9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E}" = iTunes
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 268.30
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 268.30
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 268.30
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.0
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PC-Doctor for Windows" = My Dell
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{3255BC3F-32BA-41ED-93A0-B9AEB6CDD9E6}" = Dell MusicStage
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39D5010F-1F25-4C5F-9A3C-1BD4304A855D}" = FirstClass Client
"{40F06490-8C14-43AA-99D3-EEEFDBAC3CFC}" = SyncUP
"{416DFEDD-9F1B-4EFC-AF70-FCA891AE0251}" = Adobe InDesign CS
"{44257960-C5CC-45BA-8E83-524E4A0F3FD5}" = Cisco AnyConnect VPN Client
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{56A0DD94-47D9-4AC8-B5A1-8A8CA77C4B89}" = Dell Stage
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7E2E123E-A0E7-40B4-B6B2-7F6B81312B77}" = Passware Kit Enterprise 9.0
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{7FB00B6B-6843-97EC-EED6-78BD6D35370A}" = Zinio Reader 4
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 5.2.0
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86B3F2D6-AC2B-0016-8AE1-F2F77F781B0C}" = EndNote X6
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = AccelerometerP11
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A8B88634-7F90-402F-B66A-86429755F6A5}" = eBay
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.7) MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF4D3C63-009B-4A17-B02E-D395065DD3F0}" = Dell Stage Remote
"{AF8FEA18-45B9-4DE0-8CA1-A98125423A93}" = Markstrat Team
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{C2530D63-B66B-48B5-BB50-7C6281FE7AA6}" = Brother MFL-Pro Suite MFC-7420
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D92C9CCE-E5F0-4125-977A-0590F3225B74}" = SyncUP
"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage 
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Anki" = Anki
"ASIO4ALL" = ASIO4ALL
"BitLord" = BitLord 2.0
"CDex" = CDex extraction audio
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cool Edit Pro 2.1" = Cool Edit Pro 2.1
"DAEMON Tools Lite" = DAEMON Tools Lite
"Deckadance" = Deckadance
"Dell Webcam Central" = Dell Webcam Central
"FL Studio 10" = FL Studio 10
"foobar2000" = foobar2000 v1.1.8
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 5.0.24.430
"freeocr_is1" = FreeOCR v4.2
"IL Download Manager" = IL Download Manager
"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage 
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mozilla Firefox 21.0 (x86 en-US)" = Mozilla Firefox 21.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee SecurityCenter
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"OpenVPN" = OpenVPN 2.2.2
"Orbit_is1" = Orbit Downloader
"ProInst" = Intel PROSet Wireless
"Rainmeter" = Rainmeter
"ResearchSoft Direct Export Helper" = ResearchSoft Direct Export Helper
"VeryDOC Screenshot Reader OCR v2.2_is1" = VeryDOC Screenshot Reader OCR v2.2
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite" = Windows Live Essentials
"xp-AntiSpy" = xp-AntiSpy 3.97-11
"ZinioReader4" = Zinio Reader 4
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1719234960-210421252-110682156-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1719234960-210421252-110682156-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"RapidMiner 5" = RapidMiner 5
 
========== Last 20 Event Log Errors ==========
 
[ Cisco AnyConnect VPN Client Events ]
Error - 11.06.2013 04:29:12 | Computer Name = computer-PC | Source = vpnagent | ID = 67108866
Description = Function: CIPv4ChangeRouteHelper::FindBestRoute File: .\IPv4ChangeRouteHelper.cpp
Line:
 2423 Invoked Function: CIPv4RouteTable::FindMatchingRoute Return Code: -33095647 
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
Error - 11.06.2013 04:29:12 | Computer Name = computer-PC | Source = vpnagent | ID = 67108866
Description = Function: CRouteMgr::UpdatePublicAddress File: .\RouteMgr.cpp Line: 
2190 Invoked Function: CChangeRouteTable::FindBestRouteInterface Return Code: -33095647
 (0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
Error - 11.06.2013 11:02:17 | Computer Name = computer-PC | Source = vpnagent | ID = 67108866
Description = Function: fileExists File: .\Utility\sysutils.cpp Line: 500 Invoked Function:
 _tstat Return Code: 2 (0x00000002) Description: Das System kann die angegebene Datei
 nicht finden.   File: C:\ProgramData\Cisco\Cisco AnyConnect VPN Client\InitialFirewallConfig.wfw
Error:
 No such file or directory
 
Error - 12.06.2013 04:42:43 | Computer Name = computer-PC | Source = vpnagent | ID = 67108866
Description = Function: fileExists File: .\Utility\sysutils.cpp Line: 500 Invoked Function:
 _tstat Return Code: 2 (0x00000002) Description: Das System kann die angegebene Datei
 nicht finden.   File: C:\ProgramData\Cisco\Cisco AnyConnect VPN Client\InitialFirewallConfig.wfw
Error:
 No such file or directory
 
Error - 12.06.2013 04:49:11 | Computer Name = computer-PC | Source = vpnagent | ID = 67108866
Description = Function: CIPv4ChangeRouteHelper::FindBestRoute File: .\IPv4ChangeRouteHelper.cpp
Line:
 2423 Invoked Function: CIPv4RouteTable::FindMatchingRoute Return Code: -33095647 
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
Error - 12.06.2013 04:49:11 | Computer Name = computer-PC | Source = vpnagent | ID = 67108866
Description = Function: CRouteMgr::UpdatePublicAddress File: .\RouteMgr.cpp Line: 
2190 Invoked Function: CChangeRouteTable::FindBestRouteInterface Return Code: -33095647
 (0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
Error - 12.06.2013 04:49:11 | Computer Name = computer-PC | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::applyHostConfigForNoVpn File: .\MainThread.cpp
Line:
 7639 Invoked Function: CHostConfigMgr::DeterminePublicInterface Return Code: -33161196
 (0xFE060014) Description: ROUTEMGR_ERROR_PUBLIC_ADDRESS_UNAVAILABLE 
 
Error - 12.06.2013 04:49:11 | Computer Name = computer-PC | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::OnTimerExpired File: .\MainThread.cpp Line: 4287
Invoked
 Function: CMainThread::applyHostConfigForNoVpn Return Code: -33161196 (0xFE060014)
Description:
 ROUTEMGR_ERROR_PUBLIC_ADDRESS_UNAVAILABLE 
 
Error - 12.06.2013 04:49:11 | Computer Name = computer-PC | Source = vpnagent | ID = 67108866
Description = Function: CIPv4ChangeRouteHelper::FindBestRoute File: .\IPv4ChangeRouteHelper.cpp
Line:
 2423 Invoked Function: CIPv4RouteTable::FindMatchingRoute Return Code: -33095647 
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
Error - 12.06.2013 04:49:11 | Computer Name = computer-PC | Source = vpnagent | ID = 67108866
Description = Function: CRouteMgr::UpdatePublicAddress File: .\RouteMgr.cpp Line: 
2190 Invoked Function: CChangeRouteTable::FindBestRouteInterface Return Code: -33095647
 (0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
 
< End of report >
         
--- --- ---

[/CODE]

Antwort

Themen zu Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf
ander, einfach, erkenne, gefunde, gen, immer wieder, klicke, komische, komischen, miteinander, phänomen, tauchen, unterschiedlich, verknüpfungen, verwendet, von selbst, zeichen, zuletzt, zwischen



Ähnliche Themen: Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf


  1. Merkwürdige Dateien unter Zuletzt verwendet
    Plagegeister aller Art und deren Bekämpfung - 25.09.2015 (1)
  2. "Oursurfing" Virus und Chinesische Zeichen Reloaded
    Plagegeister aller Art und deren Bekämpfung - 03.08.2015 (12)
  3. "Oursurfing" Virus und Chinesische Zeichen
    Plagegeister aller Art und deren Bekämpfung - 11.05.2015 (20)
  4. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  5. Dateien mit "kryptischen" u. chinesische Zeichen verfolgen Registry MRUListEx
    Log-Analyse und Auswertung - 20.12.2013 (12)
  6. "monstermarketplace.com" Infektion und ihre Folgen; "Anti-Virus-Blocker"," unsichtbare Toolbars" + "Browser-Hijacker" von selbst installiert
    Log-Analyse und Auswertung - 16.11.2013 (21)
  7. Infektion "Internet Security Pro"/ "wmdefender.exe" unter Vista; Keine Erkennung mit MBAM
    Log-Analyse und Auswertung - 22.08.2013 (19)
  8. ein anderes symbol für das "öffnen" Zeichen im explorer
    Plagegeister aller Art und deren Bekämpfung - 01.06.2013 (38)
  9. "Redirect-Virus" unter Windows 8 / "document has moved redirecting..."
    Plagegeister aller Art und deren Bekämpfung - 23.01.2013 (11)
  10. Windows Vista - "settings.ini wird von einem anderen Prozess verwendet"
    Alles rund um Windows - 31.08.2012 (9)
  11. Windows Vista - "settings.ini wird von einem anderen Prozess verwendet"
    Plagegeister aller Art und deren Bekämpfung - 31.08.2012 (1)
  12. "öffnen" symbol im dateiexplorer wird nicht angezeigt....sondern eine Art dos-zeichen
    Plagegeister aller Art und deren Bekämpfung - 22.08.2012 (3)
  13. "jwgkvsq.vmx" tauchen immer wieder auf
    Plagegeister aller Art und deren Bekämpfung - 28.01.2010 (9)
  14. FF-Fehler: "Diese Datei wird von einem anderen Programm verwendet" (Scans vorhanden)
    Plagegeister aller Art und deren Bekämpfung - 26.09.2009 (2)
  15. Firefox.exe "wird gerade verwendet" - HiJackThis Log-File und AntiVir Log-File
    Log-Analyse und Auswertung - 23.07.2009 (2)
  16. Kryptische Zeichen auf Desktop / Programmoberflächen + "Gesicht" im Browser
    Plagegeister aller Art und deren Bekämpfung - 12.12.2008 (5)
  17. Versteckte Datei "kdzqj.exe" in System32 und Reg-Eintrag "System" unter Winlogon
    Plagegeister aller Art und deren Bekämpfung - 25.03.2008 (22)

Zum Thema Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf - Hallo miteinander, Kennt jemand dieses Phänomen? Es schleichen sich immer wieder (ca. 5-6 mal am Tag) diese komischen Zeichen/Verknüpfungen einfach von selbst in die "Zuletzt Verwendet" Ansicht. Wenn ich drauf - Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf...
Archiv
Du betrachtest: Komische Zeichen tauchen von selbst als Verknüpfungen unter "Zuletzt Verwendet" auf auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.