Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Neuer ukash virus GVL, bekomm ihn nicht weg (https://www.trojaner-board.de/120135-neuer-ukash-virus-gvl-bekomm-ihn-weg.html)

ysubmarine 22.07.2012 18:34
Neuer ukash virus GVL, bekomm ihn nicht weg
 
Hi,
ich hab heut meinen Rechner mit einer version des ukash/100€ virus infiziert.
Hab ne Menge gegoogelt und Entfernungsmöglichkeiten ausprobiert, bin aber den Virus nicht losgeworden. (Mir is ncihts in HKLM und HKCU ...\mircosoft\current version\run etc und nichts im NT shell aufgefallen, da steht die normale explorer exe drinn

Er zeigt, nicht wie die anderen dieser sorte gvU sonder gvL und meldet wie die anderen auch das ich 100 euro per peaysafecard überweisen soll blah blah.

Komm echt net weiter, wäre nett wenn mir jemand helfen könnte.

Hier mein OTL:
Zitat:
OTL logfile created on: 22.07.2012 20:14:23 - Run 2
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\ysubmarine\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

7,90 Gb Total Physical Memory | 7,08 Gb Available Physical Memory | 89,61% Memory free
15,79 Gb Paging File | 14,98 Gb Available in Paging File | 94,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 679,00 Gb Total Space | 274,82 Gb Free Space | 40,47% Space Free | Partition Type: NTFS

Computer Name: YSUBMARINE-LAP | User Name: ysubmarine | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\ysubmarine\Desktop\OTL.exe (OldTimer Tools)


========== Modules (No Company Name) ==========


========== Win32 Services (SafeList) ==========

SRV:64bit: - (McODS) -- C:\Program Files\mcafee\virusscan\mcods.exe (McAfee, Inc.)
SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV:64bit: - (AMPPALR3) -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation)
SRV:64bit: - (EvtEng) Intel(R) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (RegSrvc) Intel(R) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV:64bit: - (BTHSSecurityMgr) Intel(R) Centrino(R) Wireless Bluetooth(R) -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel(R) Corporation)
SRV:64bit: - (McAWFwk) -- c:\Program Files\mcafee\msc\McAWFwk.exe (McAfee, Inc.)
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McOobeSv) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (TurboBoost) Intel(R) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (AERTFilters) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS)
SRV - (vpnagent) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.)
SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (RoxWatch12) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe (Sonic Solutions)
SRV - (RoxMediaDB12OEM) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe (Sonic Solutions)
SRV - (NAUpdate) @C:\Program Files (x86) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (nvkflt) -- C:\Windows\SysNative\drivers\nvkflt.sys (NVIDIA Corporation)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.)
DRV:64bit: - (mfenlfk) -- C:\Windows\SysNative\drivers\mfenlfk.sys (McAfee, Inc.)
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (ManyCam) -- C:\Windows\SysNative\drivers\ManyCam_x64.sys (ManyCam LLC.)
DRV:64bit: - (AMPPALP) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (AMPPAL) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (NETwNs64) ___ Intel(R) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (vpnva) -- C:\Windows\SysNative\drivers\vpnva64.sys (Cisco Systems, Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (AF9035BDA) -- C:\Windows\SysNative\drivers\AF15BDA.sys (ITETech )
DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation)
DRV:64bit: - (Acceler) -- C:\Windows\SysNative\drivers\Accelern.sys (ST Microelectronics)
DRV:64bit: - (NvStUSB) -- C:\Windows\SysNative\drivers\nvstusb.sys ()
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel(R) Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) Intel(R) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (stdcfltn) -- C:\Windows\SysNative\drivers\stdcfltn.sys (ST Microelectronics)
DRV:64bit: - (qicflt) -- C:\Windows\SysNative\drivers\qicflt.sys (Quanta Computer)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (CVirtA) -- C:\Windows\SysNative\drivers\CVirtA64.sys (Cisco Systems, Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (DNE) -- C:\Windows\SysNative\drivers\dne64x.sys (Deterministic Networks, Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (GEARAspiWDM) -- C:\Windows\SysWOW64\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {79FABADA-75E3-4FFD-BAA8-C1C3E980D7C9}
IE:64bit: - HKLM\..\SearchScopes\{79FABADA-75E3-4FFD-BAA8-C1C3E980D7C9}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {79FABADA-75E3-4FFD-BAA8-C1C3E980D7C9}
IE - HKLM\..\SearchScopes\{79FABADA-75E3-4FFD-BAA8-C1C3E980D7C9}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.ask.com/?l=dis&o=102869&gct=hp
IE - HKCU\..\SearchScopes,DefaultScope = {79FABADA-75E3-4FFD-BAA8-C1C3E980D7C9}
IE - HKCU\..\SearchScopes\{2FBC758F-800E-472C-AC3B-27366D0AC79D}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=MYC-ST&o=102869&src=kw&q={searchTerms}&locale=&apn_ptnrs=5J&apn_dtid=YYYYYYYYDE&apn_uid=c913f1da-4fd0-429b-a4c3-13f8007a99d8&apn_sauid=2B80EED1-4A47-412A-B528-432213934868&
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "about:home"
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012.06.28 16:18:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.19 11:35:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.07.03 08:41:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mail@gutscheinrausch.de: C:\Users\ysubmarine\AppData\Roaming\Mozilla\Firefox\Profiles\6v9tugs8.default\extensions\mail@gutscheinrausch.de
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.19 11:35:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011.12.02 13:49:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ysubmarine\AppData\Roaming\mozilla\Extensions
[2011.12.02 13:49:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ysubmarine\AppData\Roaming\mozilla\Extensions\songbird@songbirdnest.com
[2012.07.04 22:10:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ysubmarine\AppData\Roaming\mozilla\Firefox\Profiles\6v9tugs8.default\extensions
[2012.03.23 14:23:09 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\ysubmarine\AppData\Roaming\mozilla\Firefox\Profiles\6v9tugs8.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.11.17 20:25:44 | 000,002,333 | ---- | M] () -- C:\Users\ysubmarine\AppData\Roaming\Mozilla\Firefox\Profiles\6v9tugs8.default\searchplugins\askcom.xml
[2012.04.25 23:21:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.06.28 16:18:32 | 000,000,000 | ---D | M] (McAfee ScriptScan for Firefox) -- C:\PROGRAM FILES (X86)\COMMON FILES\MCAFEE\SYSTEMCORE
[2012.07.04 22:10:59 | 000,743,290 | ---- | M] () (No name found) -- C:\USERS\YSUBMARINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6V9TUGS8.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012.06.19 11:35:26 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.19 11:35:24 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.19 11:35:24 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.19 11:35:24 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.19 11:35:24 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.19 11:35:24 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.19 11:35:24 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20120628151722.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120628151722.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - Startup: C:\Users\ysubmarine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\ysubmarine\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\ysubmarine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mor.exe.lnk = C:\Users\ysubmarine\AppData\Local\Temp\mor.exe ()
O4 - Startup: C:\Users\ysubmarine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\ysubmarine\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\ysubmarine\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{79E4C00E-A7B0-45B5-9A10-A67CFA318073}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EBD091C9-FE3B-4C04-8F3E-962148C40070}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{a55712cf-26fa-11e1-91dc-848f69b7ed38}\Shell - "" = AutoRun
O33 - MountPoints2\{a55712cf-26fa-11e1-91dc-848f69b7ed38}\Shell\AutoRun\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012.07.22 20:14:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012.07.22 19:49:23 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\ysubmarine\Desktop\OTL.exe
[2012.07.22 17:04:18 | 000,000,000 | ---D | C] -- C:\Users\ysubmarine\AppData\Roaming\Malwarebytes
[2012.07.22 17:04:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.22 17:04:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.22 17:04:13 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.07.22 17:04:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.07.17 14:36:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.07.17 14:36:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.07.12 14:43:47 | 000,000,000 | ---D | C] -- C:\Users\ysubmarine\Desktop\Versuch 8
[2012.07.11 22:58:40 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.07.11 22:58:40 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.07.11 22:58:40 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.07.11 22:58:40 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.07.11 22:58:39 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.07.11 22:58:39 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.07.11 22:58:39 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.07.11 22:58:39 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.07.11 22:58:38 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.07.11 22:58:38 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.07.11 22:58:38 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.07.11 22:58:38 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.07.11 22:58:38 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.07.11 21:36:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012.07.11 21:36:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012.07.11 21:36:29 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.07.11 21:36:14 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012.07.11 21:35:59 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012.07.10 22:54:19 | 000,000,000 | ---D | C] -- C:\Users\ysubmarine\AppData\Local\ElevatedDiagnostics
[2012.07.10 22:39:54 | 000,000,000 | ---D | C] -- C:\Users\ysubmarine\AppData\Roaming\UAs
[2012.07.10 16:59:31 | 000,000,000 | ---D | C] -- C:\Users\ysubmarine\AppData\Roaming\xmldm
[2012.07.10 16:59:29 | 000,000,000 | ---D | C] -- C:\Users\ysubmarine\AppData\Roaming\kock
[2012.07.08 22:17:55 | 000,000,000 | ---D | C] -- C:\ProgramData\ReaConverter
[2012.07.08 22:17:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReaConverter 6.7 Standard
[2012.07.08 22:17:44 | 000,000,000 | ---D | C] -- C:\Users\ysubmarine\AppData\Roaming\RCP 6
[2012.07.08 22:17:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ReaConverter 6.7 Standard
[2012.07.05 20:22:08 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.07.22 20:13:43 | 000,000,000 | ---- | M] () -- C:\Users\ysubmarine\defogger_reenable
[2012.07.22 20:07:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.22 20:07:26 | 2064,252,927 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.22 20:05:49 | 000,000,904 | ---- | M] () -- C:\Users\ysubmarine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mor.exe.lnk
[2012.07.22 19:49:23 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\ysubmarine\Desktop\OTL.exe
[2012.07.22 17:04:53 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.22 16:49:21 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012.07.22 10:05:45 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.22 10:05:45 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.22 09:58:15 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012.07.22 02:30:00 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2012.07.14 11:30:35 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.07.14 11:30:35 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.07.13 10:32:39 | 000,000,206 | ---- | M] () -- C:\Users\ysubmarine\Desktop\Portal.url
[2012.07.13 10:32:39 | 000,000,206 | ---- | M] () -- C:\Users\ysubmarine\Desktop\Portal 2.url
[2012.07.12 10:24:16 | 004,907,544 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.07.09 15:45:49 | 000,071,685 | ---- | M] () -- C:\Users\ysubmarine\Desktop\Fluidisation_Daten.ods
[2012.07.08 14:40:47 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.07.08 14:40:47 | 000,696,870 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.07.08 14:40:47 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.07.08 14:40:47 | 000,148,134 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.07.08 14:40:47 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.07.08 11:56:14 | 000,109,360 | ---- | M] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2012.07.08 11:56:14 | 000,015,664 | ---- | M] (GEAR Software Inc.) -- C:\Windows\SysWow64\drivers\GEARAspiWDM.sys
[2012.07.03 18:14:46 | 000,140,416 | ---- | M] () -- C:\Users\ysubmarine\Desktop\Protokoll Pyrolyse.odt
[2012.07.03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.07.22 20:13:43 | 000,000,000 | ---- | C] () -- C:\Users\ysubmarine\defogger_reenable
[2012.07.22 17:04:14 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.22 16:26:48 | 000,000,904 | ---- | C] () -- C:\Users\ysubmarine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mor.exe.lnk
[2012.07.22 02:00:18 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2012.07.13 10:32:39 | 000,000,206 | ---- | C] () -- C:\Users\ysubmarine\Desktop\Portal.url
[2012.07.13 10:32:39 | 000,000,206 | ---- | C] () -- C:\Users\ysubmarine\Desktop\Portal 2.url
[2012.07.09 15:45:47 | 000,071,685 | ---- | C] () -- C:\Users\ysubmarine\Desktop\Fluidisation_Daten.ods
[2012.07.03 17:08:51 | 000,140,416 | ---- | C] () -- C:\Users\ysubmarine\Desktop\Protokoll Pyrolyse.odt
[2012.05.17 12:03:54 | 000,003,390 | ---- | C] () -- C:\Users\ysubmarine\.recently-used.xbel
[2012.05.15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.12.02 22:51:12 | 000,044,032 | ---- | C] () -- C:\Users\ysubmarine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.02 22:17:26 | 000,338,432 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll
[2011.11.29 14:34:11 | 000,007,605 | ---- | C] () -- C:\Users\ysubmarine\AppData\Local\Resmon.ResmonCfg
[2011.11.25 05:07:52 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011.11.25 05:07:02 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.11.25 05:07:00 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.11.25 05:06:59 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011.11.25 05:06:58 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.11.25 05:06:57 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011.02.11 12:22:50 | 001,590,378 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== LOP Check ==========

[2011.12.03 00:35:27 | 000,000,000 | ---D | M] -- C:\Users\ysubmarine\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011.12.15 13:33:13 | 000,000,000 | ---D | M] -- C:\Users\ysubmarine\AppData\Roaming\DAEMON Tools Lite
[2011.12.01 16:47:18 | 000,000,000 | ---D | M] -- C:\Users\ysubmarine\AppData\Roaming\Downloaded Installations
[2012.07.22 20:06:20 | 000,000,000 | ---D | M] -- C:\Users\ysubmarine\AppData\Roaming\Dropbox
[2012.03.23 14:23:15 | 000,000,000 | ---D | M] -- C:\Users\ysubmarine\AppData\Roaming\DVDVideoSoft
[2012.03.23 14:23:09 | 000,000,000 | ---D | M] -- C:\Users\ysubmarine\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.11.28 11:48:18 | 000,000,000 | ---D | M] -- C:\Users\ysubmarine\AppData\Roaming\Fingertapps
[2012.04.28 18:32:32 | 000,000,000 | ---D | M] -- C:\Users\ysubmarine\AppData\Roaming\gtk-2.0
[2012.04.03 12:21:52 | 000,000,000 | ---D | M] -- C:\Users\ysubmarine\AppData\Roaming\Hi-Rez Studios
[2012.07.10 16:59:29 | 000,000,000 | ---D | M] -- C:\Users\ysubmarine\AppData\Roaming\kock
[2011.11.28 17:26:46 | 000,000,000 | ---D | M] -- C:\Users\ysubmarine\AppData\Roaming\LolClient
[2012.05.24 12:57:57 | 000,000,000 | ---D | M] -- C:\Users\ysubmarine\AppData\Roaming\LolClient2
[2011.12.26 01:28:55 | 000,000,000 | ---D | M] -- C:\Users\ysubmarine\AppData\Roaming\ManyCam
[2011.12.13 17:21:34 | 000,000,000 | ---D | M] -- C:\Users\ysubmarine\AppData\Roaming\OpenOffice.org
[2011.12.03 13:18:14 | 000,000,000 | ---D | M] -- C:\Users\ysubmarine\AppData\Roaming\PACE Anti-Piracy
[2011.11.30 12:45:39 | 000,000,000 | ---D | M] -- C:\Users\ysubmarine\AppData\Roaming\PCDr
[2012.07.11 21:36:04 | 000,000,000 | ---D | M] -- C:\Users\ysubmarine\AppData\Roaming\RCP 6
[2011.12.02 13:49:34 | 000,000,000 | ---D | M] -- C:\Users\ysubmarine\AppData\Roaming\Songbird2
[2011.12.03 13:19:06 | 000,000,000 | ---D | M] -- C:\Users\ysubmarine\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.03.27 03:11:08 | 000,000,000 | ---D | M] -- C:\Users\ysubmarine\AppData\Roaming\TerraTec
[2011.11.29 12:36:01 | 000,000,000 | ---D | M] -- C:\Users\ysubmarine\AppData\Roaming\Thunderbird
[2011.12.16 22:51:26 | 000,000,000 | ---D | M] -- C:\Users\ysubmarine\AppData\Roaming\ts3overlay
[2012.07.17 14:37:03 | 000,000,000 | ---D | M] -- C:\Users\ysubmarine\AppData\Roaming\UAs
[2012.04.14 21:32:16 | 000,000,000 | ---D | M] -- C:\Users\ysubmarine\AppData\Roaming\wargaming.net
[2012.07.17 14:37:03 | 000,000,000 | ---D | M] -- C:\Users\ysubmarine\AppData\Roaming\xmldm
[2011.11.29 14:31:48 | 000,000,000 | ---D | M] -- C:\Users\ysubmarine\AppData\Roaming\ZinioReader4
[2012.07.22 02:30:00 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2012.07.22 09:58:15 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2012.07.05 13:56:27 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.07.22 16:49:21 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:6152D44C

< End of report >

t'john 22.07.2012 18:51
:hallo:

Fixen mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).

  • Deaktiviere etwaige Virenscanner wie Avira, Kaspersky etc.
  • Starte die OTL.exe.
    Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
  • Kopiere folgendes Skript in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:


Code:
:OTL
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {79FABADA-75E3-4FFD-BAA8-C1C3E980D7C9}
IE:64bit: - HKLM\..\SearchScopes\{79FABADA-75E3-4FFD-BAA8-C1C3E980D7C9}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\..\SearchScopes,DefaultScope = {79FABADA-75E3-4FFD-BAA8-C1C3E980D7C9}
IE - HKLM\..\SearchScopes\{79FABADA-75E3-4FFD-BAA8-C1C3E980D7C9}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://de.ask.com/?l=dis&o=102869&gct=hp
IE - HKCU\..\SearchScopes,DefaultScope = {79FABADA-75E3-4FFD-BAA8-C1C3E980D7C9}
IE - HKCU\..\SearchScopes\{2FBC758F-800E-472C-AC3B-27366D0AC79D}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=MYC-ST&o=102869&src=kw&q={searchTerms}&locale=&apn_ptnrs=5J&apn_dtid=YYYYYYYYDE&apn_uid=c913f1da-4fd0-429b-a4c3-13f8007a99d8&apn_sauid=2B80EED1-4A47-412A-B528-432213934868&
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "about:home"
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
O4 - Startup: C:\Users\ysubmarine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mor.exe.lnk = C:\Users\ysubmarine\AppData\Local\Temp\mor.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{a55712cf-26fa-11e1-91dc-848f69b7ed38}\Shell - "" = AutoRun
O33 - MountPoints2\{a55712cf-26fa-11e1-91dc-848f69b7ed38}\Shell\AutoRun\command - "" = E:\setup.exe

[2012.07.22 20:05:49 | 000,000,904 | ---- | M] () -- C:\Users\ysubmarine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mor.exe.lnk

@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:6152D44C
 

[2012.07.17 14:37:03 | 000,000,000 | ---D | M] -- C:\Users\ysubmarine\AppData\Roaming\UAs
[2012.07.17 14:37:03 | 000,000,000 | ---D | M] -- C:\Users\ysubmarine\AppData\Roaming\xmldm
[2012.07.10 22:39:54 | 000,000,000 | ---D | C] -- C:\Users\ysubmarine\AppData\Roaming\UAs
[2012.07.10 16:59:31 | 000,000,000 | ---D | C] -- C:\Users\ysubmarine\AppData\Roaming\xmldm
[2012.07.10 16:59:29 | 000,000,000 | ---D | C] -- C:\Users\ysubmarine\AppData\Roaming\kock
[2012.07.10 16:59:29 | 000,000,000 | ---D | M] -- C:\Users\ysubmarine\AppData\Roaming\kock
[2012.07.22 20:05:49 | 000,000,904 | ---- | M] () -- C:\Users\ysubmarine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mor.exe.lnk
[2012.07.22 20:06:20 | 000,000,000 | ---D | M] -- C:\Users\ysubmarine\AppData\Roaming\Dropbox
[2012.07.22 16:49:21 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012.07.22 16:49:21 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job
[2012.07.22 09:58:15 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012.07.22 09:58:15 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2012.07.22 02:30:00 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2012.07.22 02:30:00 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2012.07.22 16:26:48 | 000,000,904 | ---- | C] () -- C:\Users\ysubmarine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mor.exe.lnk
[2012.07.22 02:00:18 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask-Delay.job
 
:Files

ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[emptyflash]
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Wenn OTL einen Neustart verlangt, bitte zulassen.
  • Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
    Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\

Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!

ysubmarine 22.07.2012 19:05
Herzlichen Dank für die superschnelle Antwort. Hat wunderbar funktioniert. Werd mein System noch von den 2 von euch empfohlenen programmen scannen. lg

t'john 22.07.2012 19:59
Sehr gut! :daumenhoc

Wie laeuft der Rechner?

1. Schritt
Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Malwarebytes Anti-Malware
- Anwendbar auf Windows 2000, XP, Vista und 7.
- Installiere das Programm in den vorgegebenen Pfad.
- Aktiviere "Komplett Scan durchführen" => Scan.
- Wähle alle verfügbaren Laufwerke (ausser CD/DVD) aus und starte den Scan.
- Funde bitte löschen lassen oder in Quarantäne.
- Wenn der Scan beendet ist, klicke auf "Zeige Resultate".
danach:

2. Schritt

Downloade Dir bitte AdwCleaner auf deinen Desktop.

  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Search.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

ysubmarine 22.07.2012 20:56
ok hier die beiden loggs:

mbam:
Code:
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.22.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
ysubmarine :: YSUBMARINE-LAP [Administrator]

22.07.2012 20:06:50
mbam-log-2012-07-22 (20-06-50).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 407463
Laufzeit: 1 Stunde(n), 36 Minute(n), 40 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
adwc:
Code:
# AdwCleaner v1.703 - Logfile created 07/22/2012 at 21:51:46
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : ysubmarine - YSUBMARINE-LAP
# Running from : C:\Users\ysubmarine\Desktop\ANTIVIR\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Users\ysubmarine\AppData\LocalLow\AskToolbar
Folder Found : C:\Program Files (x86)\Ask.com
Folder Found : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
File Found : C:\Users\ysubmarine\AppData\Roaming\Mozilla\Firefox\Profiles\6v9tugs8.default\searchplugins\Askcom.xml

***** [Registry] *****

Key Found : HKCU\Software\APN
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\APN
Key Found : HKLM\SOFTWARE\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\DT Soft
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
[x64] Key Found : HKCU\Software\APN
[x64] Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
[x64] Key Found : HKCU\Software\Ask.com
[x64] Key Found : HKCU\Software\Softonic
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
[x64] Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
[x64] Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
[x64] Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
[x64] Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
[x64] Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar
[x64] Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
[x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v13.0.1 (de)

Profile name : default
File : C:\Users\ysubmarine\AppData\Roaming\Mozilla\Firefox\Profiles\6v9tugs8.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [4419 octets] - [22/07/2012 21:51:46]

########## EOF - C:\AdwCleaner[R1].txt - [4547 octets] ##########
Herzlichen Dank nochmal!

t'john 22.07.2012 21:10
Poste mir bitte noch das Log von OTL nach dem Fix
Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\


Sehr gut! :daumenhoc


  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Delete.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.




danach:


Malware-Scan mit Emsisoft Anti-Malware

Lade die Gratisversion von => Emsisoft Anti-Malware herunter und installiere das Programm.
Lade über Jetzt Updaten die aktuellen Signaturen herunter.
Wähle den Freeware-Modus aus.

Wähle Detail Scan und starte über den Button Scan die Überprüfung des Computers.
Am Ende des Scans nichts loeschen lassen!. Mit Klick auf Bericht speichern das Logfile auf dem Desktop speichern und hier in den Thread posten.

Anleitung: http://www.trojaner-board.de/103809-...i-malware.html

ysubmarine 22.07.2012 23:51
_otl
Code:
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{79FABADA-75E3-4FFD-BAA8-C1C3E980D7C9}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{79FABADA-75E3-4FFD-BAA8-C1C3E980D7C9}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{79FABADA-75E3-4FFD-BAA8-C1C3E980D7C9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{79FABADA-75E3-4FFD-BAA8-C1C3E980D7C9}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FBC758F-800E-472C-AC3B-27366D0AC79D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2FBC758F-800E-472C-AC3B-27366D0AC79D}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: false removed from browser.search.update
Prefs.js: "about:home" removed from browser.startup.homepage
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AccuWeatherWidget deleted successfully.
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe moved successfully.
C:\Users\ysubmarine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mor.exe.lnk moved successfully.
C:\Users\ysubmarine\AppData\Local\Temp\mor.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a55712cf-26fa-11e1-91dc-848f69b7ed38}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a55712cf-26fa-11e1-91dc-848f69b7ed38}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a55712cf-26fa-11e1-91dc-848f69b7ed38}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a55712cf-26fa-11e1-91dc-848f69b7ed38}\ not found.
File E:\setup.exe not found.
File C:\Users\ysubmarine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mor.exe.lnk not found.
ADS C:\ProgramData\Temp:6152D44C deleted successfully.
C:\Users\ysubmarine\AppData\Roaming\UAs folder moved successfully.
C:\Users\ysubmarine\AppData\Roaming\xmldm folder moved successfully.
Folder C:\Users\ysubmarine\AppData\Roaming\UAs\ not found.
Folder C:\Users\ysubmarine\AppData\Roaming\xmldm\ not found.
C:\Users\ysubmarine\AppData\Roaming\kock folder moved successfully.
Folder C:\Users\ysubmarine\AppData\Roaming\kock\ not found.
File C:\Users\ysubmarine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mor.exe.lnk not found.
Folder move failed. C:\Users\ysubmarine\AppData\Roaming\Dropbox\shellext\l scheduled to be moved on reboot.
C:\Users\ysubmarine\AppData\Roaming\Dropbox\shellext\dump folder moved successfully.
Folder move failed. C:\Users\ysubmarine\AppData\Roaming\Dropbox\shellext scheduled to be moved on reboot.
C:\Users\ysubmarine\AppData\Roaming\Dropbox\l folder moved successfully.
C:\Users\ysubmarine\AppData\Roaming\Dropbox\installer\l folder moved successfully.
C:\Users\ysubmarine\AppData\Roaming\Dropbox\installer folder moved successfully.
C:\Users\ysubmarine\AppData\Roaming\Dropbox\bin folder moved successfully.
Folder move failed. C:\Users\ysubmarine\AppData\Roaming\Dropbox scheduled to be moved on reboot.
C:\Windows\Tasks\SystemToolsDailyTest.job moved successfully.
File C:\Windows\Tasks\SystemToolsDailyTest.job not found.
C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job moved successfully.
File C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job not found.
C:\Windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job moved successfully.
File C:\Windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job not found.
File C:\Users\ysubmarine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mor.exe.lnk not found.
File C:\Windows\tasks\PCDoctorBackgroundMonitorTask-Delay.job not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\ysubmarine\Desktop\cmd.bat deleted successfully.
C:\Users\ysubmarine\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56475 bytes
 
User: ysubmarine
->Temp folder emptied: 126512109 bytes
->Temporary Internet Files folder emptied: 245794687 bytes
->Java cache emptied: 994242 bytes
->FireFox cache emptied: 66965345 bytes
->Flash cache emptied: 56977 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 203207374 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 614,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
->Flash cache emptied: 0 bytes
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: Public
 
User: UpdatusUser
->Flash cache emptied: 0 bytes
 
User: ysubmarine
->Flash cache emptied: 0 bytes
 
Total Flash Files Cleaned = 0,00 mb
 
 
OTL by OldTimer - Version 3.2.54.0 log created on 07222012_205801

Files\Folders moved on Reboot...
C:\Users\ysubmarine\AppData\Roaming\Dropbox\shellext\l folder moved successfully.
C:\Users\ysubmarine\AppData\Roaming\Dropbox\shellext folder moved successfully.
C:\Users\ysubmarine\AppData\Roaming\Dropbox folder moved successfully.
C:\Users\ysubmarine\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...
File C:\Users\ysubmarine\AppData\Roaming\Dropbox\shellext\l not found!
File C:\Users\ysubmarine\AppData\Roaming\Dropbox\shellext not found!
File C:\Users\ysubmarine\AppData\Roaming\Dropbox not found!
File C:\Users\ysubmarine\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!

Registry entries deleted on Reboot...
adw:
Code:
# AdwCleaner v1.703 - Logfile created 07/22/2012 at 23:51:11
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : ysubmarine - YSUBMARINE-LAP
# Running from : C:\Users\ysubmarine\Desktop\ANTIVIR\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\ysubmarine\AppData\LocalLow\AskToolbar
File Deleted : C:\Users\ysubmarine\AppData\Roaming\Mozilla\Firefox\Profiles\6v9tugs8.default\searchplugins\Askcom.xml

***** [Registry] *****

Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\DT Soft

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v13.0.1 (de)

Profile name : default
File : C:\Users\ysubmarine\AppData\Roaming\Mozilla\Firefox\Profiles\6v9tugs8.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [4510 octets] - [22/07/2012 21:51:46]
AdwCleaner[S1].txt - [2040 octets] - [22/07/2012 23:51:11]

########## EOF - C:\AdwCleaner[S1].txt - [2168 octets] ##########
und emsosoft:
Code:
Emsisoft Anti-Malware - Version 6.6
Letztes Update: 22.07.2012 23:58:42

Scan Einstellungen:

Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\
Archiv Scan: An
ADS Scan: An

Scan Beginn:        22.07.2012 23:58:54

c:\program files (x86)\secure banking\securebanking.dll        gefunden: Virus.Win32.Malware!E2
C:\Spiele\WoW\WoW-2.1.1.6739-to-2.1.2.6803-deDE-downloader.exe        gefunden: Gen.Malware.Heur!E2
C:\Spiele\WoW\WoW-2.2.0.7272-to-2.2.2.7318-deDE-downloader.exe        gefunden: Gen.Malware.Heur!E2
C:\Spiele\WoW\WoW-2.1.2.6803-to-2.1.3.6898-deDE-downloader.exe        gefunden: Gen.Malware.Heur!E2
C:\Spiele\WoW\WoW-2.2.2.7318-to-2.2.3.7359-deDE-downloader.exe        gefunden: Gen.Malware.Heur!E2
C:\Spiele\WoW\WoW-2.1.3.6898-to-2.2.0.7272-deDE-downloader.exe        gefunden: Gen.Malware.Heur!E2

Gescannt        686274
Gefunden        6

Scan Ende:        23.07.2012 00:47:39
Scan Zeit:        0:48:45

t'john 22.07.2012 23:53
Sehr gut! :daumenhoc

Lasse die Funde loeschen, dann:

Deinstalliere:
Emsisoft Anti-Malware


Hinweis: ESET zeigt durchaus öfter ein paar Fehlalarme. Deswegen soll auch von ESET immer nur erst das Log gepostet und nichts entfernt werden.


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset





Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

ysubmarine 23.07.2012 07:57
Code:
[BESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=1c0b172a3effa34f8acd4fd5e87a4900
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-07-23 01:08:21
# local_time=2012-07-23 03:08:21 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=512 16777215 100 0 5238668 5238668 0 0
# compatibility_mode=5121 16777213 100 75 30918 8224268 0 0
# compatibility_mode=5893 16776574 100 94 52680172 94628622 0 0
# compatibility_mode=8192 67108863 100 0 185 185 0 0
# scanned=218058
# found=0
# cleaned=0
# scan_time=6929[/B]

t'john 23.07.2012 09:55
Sehr gut! :daumenhoc



TDSSKiller von Kaspersky
- Lade den TDSSKiller und entpacke das Archiv auf Deinen Desktop.
- Vergewissere Dich, dass die TDSSKiller.exe direkt auf dem Desktop liegt (nicht in einem Ordner auf dem Desktop).
- deaktiviere vorübergehend dein AntiVirus-Programm
- Starte die TDSSKiller.exe durch Doppelklick.
- Nach Beendigung der Arbeit schlägt das Tool vor, das System neu zu starten.
- Bestätige das ggfs. mit Y(es).
- Beim Hochfahren des Systems führt der Treiber alle geplanten Operationen aus löscht sich danach.
- Poste den Inhalt von C:\TDSSKiller.txt hier in den Thread.
Hier findest Du eine ausführlichere TDSSKiller Anleitung.

ysubmarine 24.07.2012 19:44
Code:
20:40:59.0899 5344        TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
20:40:59.0915 5344        ============================================================
20:40:59.0915 5344        Current date / time: 2012/07/24 20:40:59.0915
20:40:59.0915 5344        SystemInfo:
20:40:59.0915 5344       
20:40:59.0915 5344        OS Version: 6.1.7601 ServicePack: 1.0
20:40:59.0915 5344        Product type: Workstation
20:40:59.0915 5344        ComputerName: YSUBMARINE-LAP
20:40:59.0915 5344        UserName: ysubmarine
20:40:59.0915 5344        Windows directory: C:\Windows
20:40:59.0915 5344        System windows directory: C:\Windows
20:40:59.0915 5344        Running under WOW64
20:40:59.0915 5344        Processor architecture: Intel x64
20:40:59.0915 5344        Number of processors: 8
20:40:59.0915 5344        Page size: 0x1000
20:40:59.0915 5344        Boot type: Normal boot
20:40:59.0915 5344        ============================================================
20:41:01.0054 5344        Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:41:01.0054 5344        ============================================================
20:41:01.0054 5344        \Device\Harddisk0\DR0:
20:41:01.0054 5344        MBR partitions:
20:41:01.0054 5344        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x34000, BlocksNum 0x2710000
20:41:01.0054 5344        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2744000, BlocksNum 0x54E01EF0
20:41:01.0054 5344        ============================================================
20:41:01.0163 5344        C: <-> \Device\Harddisk0\DR0\Partition1
20:41:01.0163 5344        ============================================================
20:41:01.0163 5344        Initialize success
20:41:01.0163 5344        ============================================================
20:41:13.0284 3104        ============================================================
20:41:13.0284 3104        Scan started
20:41:13.0284 3104        Mode: Manual;
20:41:13.0284 3104        ============================================================
20:41:15.0359 3104        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
20:41:15.0375 3104        1394ohci - ok
20:41:15.0421 3104        Acceler        (e0065cbf1a25c015c218457d2cd522b9) C:\Windows\system32\DRIVERS\Accelern.sys
20:41:15.0421 3104        Acceler - ok
20:41:15.0453 3104        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
20:41:15.0468 3104        ACPI - ok
20:41:15.0484 3104        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
20:41:15.0484 3104        AcpiPmi - ok
20:41:15.0687 3104        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:41:15.0687 3104        AdobeARMservice - ok
20:41:15.0749 3104        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
20:41:15.0765 3104        adp94xx - ok
20:41:15.0796 3104        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
20:41:15.0796 3104        adpahci - ok
20:41:15.0827 3104        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
20:41:15.0843 3104        adpu320 - ok
20:41:15.0858 3104        AeLookupSvc    (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
20:41:15.0858 3104        AeLookupSvc - ok
20:41:15.0936 3104        AERTFilters    (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
20:41:15.0936 3104        AERTFilters - ok
20:41:16.0045 3104        AF9035BDA      (0a0889d0b7afd2577d49f6799a26e05d) C:\Windows\system32\DRIVERS\AF15BDA.sys
20:41:16.0061 3104        AF9035BDA - ok
20:41:16.0123 3104        AFD            (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
20:41:16.0139 3104        AFD - ok
20:41:16.0170 3104        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
20:41:16.0170 3104        agp440 - ok
20:41:16.0233 3104        ALG            (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
20:41:16.0233 3104        ALG - ok
20:41:16.0248 3104        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
20:41:16.0248 3104        aliide - ok
20:41:16.0264 3104        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
20:41:16.0264 3104        amdide - ok
20:41:16.0264 3104        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
20:41:16.0264 3104        AmdK8 - ok
20:41:16.0279 3104        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
20:41:16.0279 3104        AmdPPM - ok
20:41:16.0295 3104        amdsata        (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
20:41:16.0295 3104        amdsata - ok
20:41:16.0311 3104        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
20:41:16.0311 3104        amdsbs - ok
20:41:16.0326 3104        amdxata        (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
20:41:16.0326 3104        amdxata - ok
20:41:16.0373 3104        AMPPAL          (7d9e301ab3247765702d0b65e2e47e50) C:\Windows\system32\DRIVERS\AMPPAL.sys
20:41:16.0373 3104        AMPPAL - ok
20:41:16.0389 3104        AMPPALP        (7d9e301ab3247765702d0b65e2e47e50) C:\Windows\system32\DRIVERS\amppal.sys
20:41:16.0389 3104        AMPPALP - ok
20:41:16.0560 3104        AMPPALR3        (864c632b999be1237a3dc46736e71f27) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
20:41:16.0560 3104        AMPPALR3 - ok
20:41:17.0059 3104        AppID          (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
20:41:17.0075 3104        AppID - ok
20:41:17.0122 3104        AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
20:41:17.0137 3104        AppIDSvc - ok
20:41:17.0371 3104        Appinfo        (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
20:41:17.0465 3104        Appinfo - ok
20:41:17.0652 3104        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
20:41:17.0668 3104        arc - ok
20:41:17.0793 3104        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
20:41:17.0808 3104        arcsas - ok
20:41:17.0964 3104        aspnet_state    (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:41:18.0011 3104        aspnet_state - ok
20:41:18.0058 3104        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
20:41:18.0058 3104        AsyncMac - ok
20:41:18.0105 3104        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
20:41:18.0105 3104        atapi - ok
20:41:18.0167 3104        AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:41:18.0167 3104        AudioEndpointBuilder - ok
20:41:18.0167 3104        AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:41:18.0167 3104        AudioSrv - ok
20:41:18.0198 3104        AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
20:41:18.0198 3104        AxInstSV - ok
20:41:18.0292 3104        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
20:41:18.0292 3104        b06bdrv - ok
20:41:18.0323 3104        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
20:41:18.0323 3104        b57nd60a - ok
20:41:18.0354 3104        BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
20:41:18.0354 3104        BDESVC - ok
20:41:18.0370 3104        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
20:41:18.0370 3104        Beep - ok
20:41:18.0417 3104        BFE            (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
20:41:18.0432 3104        BFE - ok
20:41:18.0947 3104        BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
20:41:18.0978 3104        BITS - ok
20:41:19.0087 3104        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
20:41:19.0087 3104        blbdrive - ok
20:41:19.0212 3104        Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
20:41:19.0212 3104        Bonjour Service - ok
20:41:19.0243 3104        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
20:41:19.0243 3104        bowser - ok
20:41:19.0259 3104        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
20:41:19.0259 3104        BrFiltLo - ok
20:41:19.0275 3104        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
20:41:19.0275 3104        BrFiltUp - ok
20:41:19.0290 3104        Browser        (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
20:41:19.0306 3104        Browser - ok
20:41:19.0368 3104        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
20:41:19.0368 3104        Brserid - ok
20:41:19.0415 3104        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
20:41:19.0415 3104        BrSerWdm - ok
20:41:19.0415 3104        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:41:19.0431 3104        BrUsbMdm - ok
20:41:19.0431 3104        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
20:41:19.0431 3104        BrUsbSer - ok
20:41:19.0446 3104        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
20:41:19.0446 3104        BTHMODEM - ok
20:41:19.0571 3104        bthserv        (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
20:41:19.0571 3104        bthserv - ok
20:41:19.0914 3104        BTHSSecurityMgr (9e2af97302b9f4bf97e952a865eb31ae) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
20:41:19.0914 3104        BTHSSecurityMgr - ok
20:41:19.0930 3104        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
20:41:19.0930 3104        cdfs - ok
20:41:19.0961 3104        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
20:41:19.0961 3104        cdrom - ok
20:41:20.0008 3104        CertPropSvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:41:20.0008 3104        CertPropSvc - ok
20:41:20.0039 3104        cfwids          (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys
20:41:20.0039 3104        cfwids - ok
20:41:20.0055 3104        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
20:41:20.0070 3104        circlass - ok
20:41:20.0101 3104        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
20:41:20.0117 3104        CLFS - ok
20:41:20.0772 3104        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:41:20.0803 3104        clr_optimization_v2.0.50727_32 - ok
20:41:20.0881 3104        clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:41:20.0881 3104        clr_optimization_v2.0.50727_64 - ok
20:41:21.0474 3104        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:41:21.0521 3104        clr_optimization_v4.0.30319_32 - ok
20:41:21.0615 3104        clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:41:21.0693 3104        clr_optimization_v4.0.30319_64 - ok
20:41:21.0739 3104        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
20:41:21.0739 3104        CmBatt - ok
20:41:21.0755 3104        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
20:41:21.0786 3104        cmdide - ok
20:41:22.0005 3104        CNG            (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
20:41:22.0020 3104        CNG - ok
20:41:22.0051 3104        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
20:41:22.0051 3104        Compbatt - ok
20:41:22.0067 3104        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
20:41:22.0067 3104        CompositeBus - ok
20:41:22.0083 3104        COMSysApp - ok
20:41:22.0192 3104        cpuz130 - ok
20:41:22.0207 3104        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
20:41:22.0207 3104        crcdisk - ok
20:41:22.0270 3104        CryptSvc        (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
20:41:22.0270 3104        CryptSvc - ok
20:41:22.0317 3104        CtClsFlt        (bc3d4f90978cd7c8eabd1baf3bf7873a) C:\Windows\system32\DRIVERS\CtClsFlt.sys
20:41:22.0317 3104        CtClsFlt - ok
20:41:22.0348 3104        CVirtA          (44bddeb03c84a1c993c992ffb5700357) C:\Windows\system32\DRIVERS\CVirtA64.sys
20:41:22.0348 3104        CVirtA - ok
20:41:22.0395 3104        DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:41:22.0410 3104        DcomLaunch - ok
20:41:22.0457 3104        defragsvc      (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
20:41:22.0457 3104        defragsvc - ok
20:41:22.0488 3104        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
20:41:22.0488 3104        DfsC - ok
20:41:22.0519 3104        Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
20:41:22.0519 3104        Dhcp - ok
20:41:22.0551 3104        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
20:41:22.0551 3104        discache - ok
20:41:22.0582 3104        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
20:41:22.0582 3104        Disk - ok
20:41:22.0613 3104        DNE            (05cb5910b3ca6019fc3cca815ee06ffb) C:\Windows\system32\DRIVERS\dne64x.sys
20:41:22.0629 3104        DNE - ok
20:41:22.0675 3104        Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
20:41:22.0675 3104        Dnscache - ok
20:41:22.0707 3104        dot3svc        (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
20:41:22.0722 3104        dot3svc - ok
20:41:22.0753 3104        Dot4            (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
20:41:22.0769 3104        Dot4 - ok
20:41:22.0847 3104        Dot4Print      (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
20:41:22.0847 3104        Dot4Print - ok
20:41:22.0878 3104        dot4usb        (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
20:41:22.0878 3104        dot4usb - ok
20:41:22.0925 3104        DPS            (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
20:41:22.0925 3104        DPS - ok
20:41:22.0956 3104        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
20:41:22.0972 3104        drmkaud - ok
20:41:23.0003 3104        dtsoftbus01    (400582b09e0bb557d0ec28a945150eeb) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:41:23.0003 3104        dtsoftbus01 - ok
20:41:23.0268 3104        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
20:41:23.0284 3104        DXGKrnl - ok
20:41:23.0549 3104        EapHost        (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
20:41:23.0549 3104        EapHost - ok
20:41:23.0736 3104        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
20:41:23.0799 3104        ebdrv - ok
20:41:23.0970 3104        EFS            (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
20:41:23.0970 3104        EFS - ok
20:41:24.0095 3104        ehRecvr        (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
20:41:24.0111 3104        ehRecvr - ok
20:41:24.0126 3104        ehSched        (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
20:41:24.0126 3104        ehSched - ok
20:41:24.0204 3104        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
20:41:24.0220 3104        elxstor - ok
20:41:24.0220 3104        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
20:41:24.0220 3104        ErrDev - ok
20:41:24.0267 3104        EventSystem    (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
20:41:24.0267 3104        EventSystem - ok
20:41:25.0078 3104        EvtEng          (e3a96d5ae6e5c7b5472011ba77353368) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:41:25.0093 3104        EvtEng - ok
20:41:26.0061 3104        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
20:41:26.0061 3104        exfat - ok
20:41:26.0092 3104        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
20:41:26.0092 3104        fastfat - ok
20:41:26.0778 3104        Fax            (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
20:41:26.0825 3104        Fax - ok
20:41:26.0841 3104        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
20:41:26.0841 3104        fdc - ok
20:41:26.0872 3104        fdPHost        (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
20:41:26.0872 3104        fdPHost - ok
20:41:26.0887 3104        FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
20:41:26.0887 3104        FDResPub - ok
20:41:26.0887 3104        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
20:41:26.0903 3104        FileInfo - ok
20:41:26.0903 3104        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
20:41:26.0919 3104        Filetrace - ok
20:41:26.0919 3104        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
20:41:26.0934 3104        flpydisk - ok
20:41:26.0950 3104        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
20:41:26.0950 3104        FltMgr - ok
20:41:27.0215 3104        FontCache      (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
20:41:27.0324 3104        FontCache - ok
20:41:27.0496 3104        FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:41:27.0496 3104        FontCache3.0.0.0 - ok
20:41:27.0699 3104        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
20:41:27.0699 3104        FsDepends - ok
20:41:27.0714 3104        Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
20:41:27.0714 3104        Fs_Rec - ok
20:41:27.0761 3104        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
20:41:27.0761 3104        fvevol - ok
20:41:27.0777 3104        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
20:41:27.0777 3104        gagp30kx - ok
20:41:27.0792 3104        GEARAspiWDM - ok
20:41:27.0839 3104        gpsvc          (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
20:41:27.0870 3104        gpsvc - ok
20:41:27.0886 3104        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
20:41:27.0886 3104        hcw85cir - ok
20:41:27.0901 3104        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:41:27.0917 3104        HDAudBus - ok
20:41:27.0948 3104        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
20:41:27.0948 3104        HidBatt - ok
20:41:27.0964 3104        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
20:41:27.0964 3104        HidBth - ok
20:41:27.0979 3104        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
20:41:27.0995 3104        HidIr - ok
20:41:28.0011 3104        hidserv        (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
20:41:28.0011 3104        hidserv - ok
20:41:28.0042 3104        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
20:41:28.0042 3104        HidUsb - ok
20:41:28.0057 3104        hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
20:41:28.0073 3104        hkmsvc - ok
20:41:28.0089 3104        HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
20:41:28.0104 3104        HomeGroupListener - ok
20:41:28.0120 3104        HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
20:41:28.0135 3104        HomeGroupProvider - ok
20:41:28.0167 3104        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
20:41:28.0167 3104        HpSAMD - ok
20:41:28.0198 3104        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
20:41:28.0213 3104        HTTP - ok
20:41:28.0229 3104        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
20:41:28.0229 3104        hwpolicy - ok
20:41:28.0245 3104        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
20:41:28.0260 3104        i8042prt - ok
20:41:28.0291 3104        iaStor          (d469b77687e12fe43e344806740b624d) C:\Windows\system32\drivers\iaStor.sys
20:41:28.0291 3104        iaStor - ok
20:41:28.0338 3104        iaStorV        (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
20:41:28.0354 3104        iaStorV - ok
20:41:28.0947 3104        idsvc          (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:41:28.0978 3104        idsvc - ok
20:41:33.0486 3104        igfx            (0bd58366c86ef9ddc4f61afed0cada99) C:\Windows\system32\DRIVERS\igdkmd64.sys
20:41:33.0658 3104        igfx - ok
20:41:33.0907 3104        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
20:41:33.0907 3104        iirsp - ok
20:41:33.0970 3104        IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
20:41:33.0985 3104        IKEEXT - ok
20:41:34.0017 3104        Impcd          (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
20:41:34.0032 3104        Impcd - ok
20:41:34.0141 3104        IntcAzAudAddService (8fed6428fde53d7f4c105095f22524be) C:\Windows\system32\drivers\RTKVHD64.sys
20:41:34.0157 3104        IntcAzAudAddService - ok
20:41:34.0516 3104        IntcDAud        (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
20:41:34.0531 3104        IntcDAud - ok
20:41:34.0547 3104        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
20:41:34.0547 3104        intelide - ok
20:41:34.0578 3104        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
20:41:34.0578 3104        intelppm - ok
20:41:34.0609 3104        IPBusEnum      (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
20:41:34.0609 3104        IPBusEnum - ok
20:41:34.0625 3104        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:41:34.0625 3104        IpFilterDriver - ok
20:41:34.0687 3104        iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
20:41:34.0687 3104        iphlpsvc - ok
20:41:34.0703 3104        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
20:41:34.0703 3104        IPMIDRV - ok
20:41:34.0719 3104        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
20:41:34.0719 3104        IPNAT - ok
20:41:34.0734 3104        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
20:41:34.0750 3104        IRENUM - ok
20:41:34.0750 3104        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
20:41:34.0750 3104        isapnp - ok
20:41:34.0765 3104        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
20:41:34.0765 3104        iScsiPrt - ok
20:41:34.0843 3104        JMCR            (e56417c56b6a7316b6f527c890a1860d) C:\Windows\system32\DRIVERS\jmcr.sys
20:41:34.0843 3104        JMCR - ok
20:41:34.0875 3104        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
20:41:34.0875 3104        kbdclass - ok
20:41:34.0890 3104        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
20:41:34.0890 3104        kbdhid - ok
20:41:34.0906 3104        KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:41:34.0906 3104        KeyIso - ok
20:41:34.0953 3104        KSecDD          (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
20:41:34.0953 3104        KSecDD - ok
20:41:34.0968 3104        KSecPkg        (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
20:41:34.0968 3104        KSecPkg - ok
20:41:34.0984 3104        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
20:41:34.0984 3104        ksthunk - ok
20:41:35.0031 3104        KtmRm          (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
20:41:35.0031 3104        KtmRm - ok
20:41:35.0077 3104        LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
20:41:35.0093 3104        LanmanServer - ok
20:41:35.0124 3104        LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
20:41:35.0124 3104        LanmanWorkstation - ok
20:41:35.0155 3104        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
20:41:35.0155 3104        lltdio - ok
20:41:35.0202 3104        lltdsvc        (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
20:41:35.0202 3104        lltdsvc - ok
20:41:35.0233 3104        lmhosts        (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
20:41:35.0233 3104        lmhosts - ok
20:41:35.0311 3104        LMS            (7f32d4c47a50e7223491e8fb9359907d) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:41:35.0327 3104        LMS - ok
20:41:35.0343 3104        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
20:41:35.0358 3104        LSI_FC - ok
20:41:35.0374 3104        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
20:41:35.0374 3104        LSI_SAS - ok
20:41:35.0374 3104        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
20:41:35.0374 3104        LSI_SAS2 - ok
20:41:35.0389 3104        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
20:41:35.0389 3104        LSI_SCSI - ok
20:41:35.0421 3104        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
20:41:35.0421 3104        luafv - ok
20:41:35.0483 3104        ManyCam        (d33e2b74cf8b3a652bf0a9fbd068e87a) C:\Windows\system32\DRIVERS\ManyCam_x64.sys
20:41:35.0483 3104        ManyCam - ok
20:41:35.0655 3104        McAWFwk        (9504f1dda1b67fb8d526fd4f8cc882f3) c:\PROGRA~1\mcafee\msc\mcawfwk.exe
20:41:35.0655 3104        McAWFwk - ok
20:41:35.0686 3104        McMPFSvc        (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
20:41:35.0701 3104        McMPFSvc - ok
20:41:35.0701 3104        mcmscsvc        (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
20:41:35.0701 3104        mcmscsvc - ok
20:41:35.0717 3104        McNaiAnn        (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
20:41:35.0717 3104        McNaiAnn - ok
20:41:35.0717 3104        McNASvc        (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
20:41:35.0717 3104        McNASvc - ok
20:41:36.0045 3104        McODS          (dd2321925274f2902929d76ce2b0eb45) C:\Program Files\mcafee\VirusScan\mcods.exe
20:41:36.0060 3104        McODS - ok
20:41:36.0060 3104        McOobeSv        (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
20:41:36.0060 3104        McOobeSv - ok
20:41:36.0060 3104        McProxy        (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
20:41:36.0076 3104        McProxy - ok
20:41:36.0107 3104        McShield        (e998e3b12101288d716558466cbf6ae1) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
20:41:36.0123 3104        McShield - ok
20:41:36.0138 3104        Mcx2Svc        (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
20:41:36.0138 3104        Mcx2Svc - ok
20:41:36.0169 3104        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
20:41:36.0169 3104        megasas - ok
20:41:36.0216 3104        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
20:41:36.0232 3104        MegaSR - ok
20:41:36.0263 3104        MEIx64          (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
20:41:36.0263 3104        MEIx64 - ok
20:41:36.0294 3104        mfeapfk        (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys
20:41:36.0294 3104        mfeapfk - ok
20:41:36.0325 3104        mfeavfk        (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys
20:41:36.0325 3104        mfeavfk - ok
20:41:36.0357 3104        mfeavfk01 - ok
20:41:36.0419 3104        mfefire        (b26782c3d6045b4464017d7926877560) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
20:41:36.0419 3104        mfefire - ok
20:41:36.0559 3104        mfefirek        (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys
20:41:36.0575 3104        mfefirek - ok
20:41:36.0653 3104        mfehidk        (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys
20:41:36.0653 3104        mfehidk - ok
20:41:36.0684 3104        mfenlfk        (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys
20:41:36.0684 3104        mfenlfk - ok
20:41:36.0700 3104        mferkdet        (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys
20:41:36.0715 3104        mferkdet - ok
20:41:36.0731 3104        mfevtp          (723a5eb6cef7f408c3d0f15a82a6bff8) C:\Windows\system32\mfevtps.exe
20:41:36.0731 3104        mfevtp - ok
20:41:37.0059 3104        mfewfpk        (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys
20:41:37.0059 3104        mfewfpk - ok
20:41:37.0074 3104        MMCSS          (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:41:37.0090 3104        MMCSS - ok
20:41:37.0105 3104        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
20:41:37.0105 3104        Modem - ok
20:41:37.0121 3104        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
20:41:37.0121 3104        monitor - ok
20:41:37.0137 3104        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
20:41:37.0137 3104        mouclass - ok
20:41:37.0168 3104        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
20:41:37.0168 3104        mouhid - ok
20:41:37.0183 3104        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
20:41:37.0183 3104        mountmgr - ok
20:41:37.0308 3104        MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:41:37.0308 3104        MozillaMaintenance - ok
20:41:37.0324 3104        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
20:41:37.0324 3104        mpio - ok
20:41:37.0339 3104        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
20:41:37.0355 3104        mpsdrv - ok
20:41:37.0402 3104        MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
20:41:37.0417 3104        MpsSvc - ok
20:41:37.0433 3104        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
20:41:37.0449 3104        MRxDAV - ok
20:41:37.0464 3104        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:41:37.0480 3104        mrxsmb - ok
20:41:37.0495 3104        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:41:37.0511 3104        mrxsmb10 - ok
20:41:37.0511 3104        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:41:37.0527 3104        mrxsmb20 - ok
20:41:37.0542 3104        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
20:41:37.0542 3104        msahci - ok
20:41:37.0573 3104        msdsm          (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
20:41:37.0573 3104        msdsm - ok
20:41:37.0620 3104        MSDTC          (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
20:41:37.0620 3104        MSDTC - ok
20:41:37.0636 3104        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
20:41:37.0636 3104        Msfs - ok
20:41:37.0651 3104        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
20:41:37.0651 3104        mshidkmdf - ok
20:41:37.0667 3104        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
20:41:37.0667 3104        msisadrv - ok
20:41:37.0698 3104        MSiSCSI        (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
20:41:37.0698 3104        MSiSCSI - ok
20:41:37.0698 3104        msiserver - ok
20:41:37.0761 3104        MSK80Service    (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
20:41:37.0761 3104        MSK80Service - ok
20:41:37.0776 3104        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
20:41:37.0792 3104        MSKSSRV - ok
20:41:37.0792 3104        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
20:41:37.0807 3104        MSPCLOCK - ok
20:41:37.0807 3104        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
20:41:37.0823 3104        MSPQM - ok
20:41:37.0839 3104        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
20:41:37.0839 3104        MsRPC - ok
20:41:37.0854 3104        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
20:41:37.0854 3104        mssmbios - ok
20:41:37.0870 3104        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
20:41:37.0870 3104        MSTEE - ok
20:41:37.0885 3104        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
20:41:37.0885 3104        MTConfig - ok
20:41:37.0885 3104        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
20:41:37.0885 3104        Mup - ok
20:41:38.0057 3104        MyWiFiDHCPDNS  (8f57db74bf5407a4cda6c8b005dc8dd0) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
20:41:38.0073 3104        MyWiFiDHCPDNS - ok
20:41:38.0151 3104        napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
20:41:38.0182 3104        napagent - ok
20:41:38.0229 3104        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
20:41:38.0229 3104        NativeWifiP - ok
20:41:38.0322 3104        NAUpdate        (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files (x86)\Nero\Update\NASvc.exe
20:41:38.0322 3104        NAUpdate - ok
20:41:38.0416 3104        NDIS            (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
20:41:38.0431 3104        NDIS - ok
20:41:38.0463 3104        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
20:41:38.0463 3104        NdisCap - ok
20:41:38.0478 3104        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
20:41:38.0478 3104        NdisTapi - ok
20:41:38.0494 3104        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
20:41:38.0494 3104        Ndisuio - ok
20:41:38.0525 3104        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
20:41:38.0525 3104        NdisWan - ok
20:41:38.0541 3104        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
20:41:38.0541 3104        NDProxy - ok
20:41:38.0556 3104        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
20:41:38.0556 3104        NetBIOS - ok
20:41:38.0572 3104        NetBT          (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
20:41:38.0587 3104        NetBT - ok
20:41:38.0603 3104        Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:41:38.0603 3104        Netlogon - ok
20:41:38.0650 3104        Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
20:41:38.0665 3104        Netman - ok
20:41:38.0743 3104        NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:41:38.0743 3104        NetMsmqActivator - ok
20:41:38.0759 3104        NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:41:38.0759 3104        NetPipeActivator - ok
20:41:38.0790 3104        netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
20:41:38.0790 3104        netprofm - ok
20:41:38.0790 3104        NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:41:38.0790 3104        NetTcpActivator - ok
20:41:38.0790 3104        NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:41:38.0806 3104        NetTcpPortSharing - ok
20:41:41.0130 3104        NETwNs64        (50ad7f7040c22bb7caa59a0880875a21) C:\Windows\system32\DRIVERS\NETwNs64.sys
20:41:41.0239 3104        NETwNs64 - ok
20:41:41.0395 3104        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
20:41:41.0411 3104        nfrd960 - ok
20:41:41.0458 3104        NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
20:41:41.0458 3104        NlaSvc - ok
20:41:41.0489 3104        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
20:41:41.0489 3104        Npfs - ok
20:41:41.0505 3104        nsi            (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
20:41:41.0505 3104        nsi - ok
20:41:41.0520 3104        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
20:41:41.0520 3104        nsiproxy - ok
20:41:41.0598 3104        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
20:41:41.0645 3104        Ntfs - ok
20:41:41.0848 3104        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
20:41:41.0848 3104        Null - ok
20:41:41.0910 3104        nusb3hub        (0ebc9d13cd96c15b1b18d8678a609e4b) C:\Windows\system32\DRIVERS\nusb3hub.sys
20:41:41.0910 3104        nusb3hub - ok
20:41:41.0973 3104        nusb3xhc        (7bdec000d56d485021d9c1e63c2f81ca) C:\Windows\system32\DRIVERS\nusb3xhc.sys
20:41:41.0973 3104        nusb3xhc - ok
20:41:42.0004 3104        NVHDA          (102806b360d0e6bc6e55bf47ef655d43) C:\Windows\system32\drivers\nvhda64v.sys
20:41:42.0004 3104        NVHDA - ok
20:41:42.0253 3104        nvkflt          (f8219cd9792008144a19691b17ea2993) C:\Windows\system32\DRIVERS\nvkflt.sys
20:41:42.0253 3104        nvkflt - ok
20:41:43.0299 3104        nvlddmkm        (ba0b4889c40380a01ecdf84c227a89c9) C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:41:43.0361 3104        nvlddmkm - ok
20:41:43.0455 3104        nvpciflt        (715d45ed30003fc70cfa0d9c6dd0b538) C:\Windows\system32\DRIVERS\nvpciflt.sys
20:41:43.0455 3104        nvpciflt - ok
20:41:43.0486 3104        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
20:41:43.0501 3104        nvraid - ok
20:41:43.0517 3104        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
20:41:43.0517 3104        nvstor - ok
20:41:43.0564 3104        NvStUSB        (9e01b716c8085f7adb1cdc10103ceef8) C:\Windows\system32\drivers\nvstusb.sys
20:41:43.0564 3104        NvStUSB - ok
20:41:43.0657 3104        nvsvc          (06633cf95bea62164c3bfca24bce6b11) C:\Windows\system32\nvvsvc.exe
20:41:43.0673 3104        nvsvc - ok
20:41:44.0063 3104        nvUpdatusService (53b629ce436b110c5689c2f6439e567b) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:41:44.0063 3104        nvUpdatusService - ok
20:41:44.0281 3104        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
20:41:44.0297 3104        nv_agp - ok
20:41:44.0313 3104        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
20:41:44.0313 3104        ohci1394 - ok
20:41:44.0344 3104        p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:41:44.0344 3104        p2pimsvc - ok
20:41:44.0391 3104        p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
20:41:44.0391 3104        p2psvc - ok
20:41:44.0406 3104        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
20:41:44.0406 3104        Parport - ok
20:41:44.0453 3104        partmgr        (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
20:41:44.0453 3104        partmgr - ok
20:41:44.0469 3104        PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
20:41:44.0469 3104        PcaSvc - ok
20:41:44.0562 3104        PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms
20:41:44.0562 3104        PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
20:41:44.0593 3104        pci            (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
20:41:44.0593 3104        pci - ok
20:41:44.0609 3104        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
20:41:44.0609 3104        pciide - ok
20:41:44.0640 3104        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
20:41:44.0640 3104        pcmcia - ok
20:41:44.0656 3104        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
20:41:44.0656 3104        pcw - ok
20:41:44.0703 3104        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
20:41:44.0718 3104        PEAUTH - ok
20:41:44.0781 3104        PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
20:41:44.0781 3104        PerfHost - ok
20:41:44.0874 3104        pla            (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
20:41:44.0905 3104        pla - ok
20:41:44.0952 3104        PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
20:41:44.0968 3104        PlugPlay - ok
20:41:44.0983 3104        PNRPAutoReg    (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
20:41:44.0983 3104        PNRPAutoReg - ok
20:41:45.0015 3104        PNRPsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:41:45.0015 3104        PNRPsvc - ok
20:41:45.0061 3104        PolicyAgent    (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
20:41:45.0061 3104        PolicyAgent - ok
20:41:45.0093 3104        Power          (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
20:41:45.0093 3104        Power - ok
20:41:45.0155 3104        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
20:41:45.0155 3104        PptpMiniport - ok
20:41:45.0171 3104        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
20:41:45.0171 3104        Processor - ok
20:41:45.0217 3104        ProfSvc        (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
20:41:45.0233 3104        ProfSvc - ok
20:41:45.0233 3104        ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:41:45.0233 3104        ProtectedStorage - ok
20:41:45.0264 3104        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
20:41:45.0264 3104        Psched - ok
20:41:45.0280 3104        PxHlpa64        (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
20:41:45.0280 3104        PxHlpa64 - ok
20:41:45.0311 3104        qicflt          (0928bd20273625622722fe1de5bbde57) C:\Windows\system32\DRIVERS\qicflt.sys
20:41:45.0311 3104        qicflt - ok
20:41:45.0405 3104        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
20:41:45.0436 3104        ql2300 - ok
20:41:45.0623 3104        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
20:41:45.0639 3104        ql40xx - ok
20:41:45.0670 3104        QWAVE          (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
20:41:45.0670 3104        QWAVE - ok
20:41:45.0670 3104        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
20:41:45.0685 3104        QWAVEdrv - ok
20:41:45.0685 3104        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
20:41:45.0685 3104        RasAcd - ok
20:41:45.0717 3104        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:41:45.0717 3104        RasAgileVpn - ok
20:41:45.0732 3104        RasAuto        (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
20:41:45.0732 3104        RasAuto - ok
20:41:45.0748 3104        Rasl2tp        (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:41:45.0763 3104        Rasl2tp - ok
20:41:45.0795 3104        RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
20:41:45.0795 3104        RasMan - ok
20:41:45.0810 3104        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
20:41:45.0810 3104        RasPppoe - ok
20:41:45.0826 3104        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
20:41:45.0826 3104        RasSstp - ok
20:41:45.0857 3104        rdbss          (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
20:41:45.0873 3104        rdbss - ok
20:41:45.0888 3104        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
20:41:45.0888 3104        rdpbus - ok
20:41:45.0904 3104        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:41:45.0904 3104        RDPCDD - ok
20:41:45.0919 3104        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
20:41:45.0919 3104        RDPENCDD - ok
20:41:45.0935 3104        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
20:41:45.0935 3104        RDPREFMP - ok
20:41:45.0997 3104        RDPWD          (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
20:41:45.0997 3104        RDPWD - ok
20:41:46.0044 3104        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
20:41:46.0060 3104        rdyboost - ok
20:41:47.0401 3104        RegSrvc        (fd11c1287d38a46fb72353e14d50089c) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:41:47.0417 3104        RegSrvc - ok
20:41:47.0604 3104        RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
20:41:47.0620 3104        RemoteAccess - ok
20:41:47.0651 3104        RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
20:41:47.0651 3104        RemoteRegistry - ok
20:41:47.0807 3104        RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
20:41:47.0823 3104        RoxMediaDB12OEM - ok
20:41:47.0854 3104        RoxWatch12      (2b73088cc2ca757a172b425c9398e5bc) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
20:41:47.0854 3104        RoxWatch12 - ok
20:41:47.0932 3104        RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
20:41:47.0932 3104        RpcEptMapper - ok
20:41:47.0963 3104        RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
20:41:47.0963 3104        RpcLocator - ok
20:41:47.0994 3104        RpcSs          (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:41:47.0994 3104        RpcSs - ok
20:41:48.0041 3104        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
20:41:48.0057 3104        rspndr - ok
20:41:48.0103 3104        RTL8167        (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
20:41:48.0103 3104        RTL8167 - ok
20:41:48.0135 3104        SamSs          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:41:48.0135 3104        SamSs - ok
20:41:48.0150 3104        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
20:41:48.0150 3104        sbp2port - ok
20:41:48.0213 3104        SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
20:41:48.0213 3104        SCardSvr - ok
20:41:48.0228 3104        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
20:41:48.0228 3104        scfilter - ok
20:41:48.0275 3104        Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
20:41:48.0306 3104        Schedule - ok
20:41:48.0337 3104        SCPolicySvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:41:48.0337 3104        SCPolicySvc - ok
20:41:48.0400 3104        sdbus          (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
20:41:48.0400 3104        sdbus - ok
20:41:48.0431 3104        SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
20:41:48.0431 3104        SDRSVC - ok
20:41:48.0462 3104        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
20:41:48.0462 3104        secdrv - ok
20:41:48.0478 3104        seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
20:41:48.0478 3104        seclogon - ok
20:41:48.0493 3104        SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
20:41:48.0493 3104        SENS - ok
20:41:48.0509 3104        SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
20:41:48.0509 3104        SensrSvc - ok
20:41:48.0540 3104        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
20:41:48.0540 3104        Serenum - ok
20:41:48.0556 3104        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
20:41:48.0556 3104        Serial - ok
20:41:48.0587 3104        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
20:41:48.0587 3104        sermouse - ok
20:41:48.0618 3104        SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
20:41:48.0618 3104        SessionEnv - ok
20:41:48.0634 3104        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
20:41:48.0634 3104        sffdisk - ok
20:41:48.0649 3104        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
20:41:48.0649 3104        sffp_mmc - ok
20:41:48.0665 3104        sffp_sd        (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\DRIVERS\sffp_sd.sys
20:41:48.0665 3104        sffp_sd - ok
20:41:48.0665 3104        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
20:41:48.0665 3104        sfloppy - ok
20:41:48.0915 3104        SftService      (29ddea72c5bdf61d62f4d438dc0e497c) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
20:41:48.0946 3104        SftService - ok
20:41:49.0180 3104        SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
20:41:49.0180 3104        SharedAccess - ok
20:41:49.0227 3104        ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
20:41:49.0242 3104        ShellHWDetection - ok
20:41:49.0305 3104        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
20:41:49.0305 3104        SiSRaid2 - ok
20:41:49.0336 3104        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
20:41:49.0336 3104        SiSRaid4 - ok
20:41:49.0445 3104        SkypeUpdate    (ea396139541706b4b433641d62ea53ce) C:\Program Files (x86)\Skype\Updater\Updater.exe
20:41:49.0461 3104        SkypeUpdate - ok
20:41:49.0492 3104        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
20:41:49.0492 3104        Smb - ok
20:41:49.0523 3104        SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
20:41:49.0523 3104        SNMPTRAP - ok
20:41:49.0539 3104        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
20:41:49.0539 3104        spldr - ok
20:41:49.0570 3104        Spooler        (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
20:41:49.0570 3104        Spooler - ok
20:41:49.0695 3104        sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
20:41:49.0710 3104        sppsvc - ok
20:41:50.0194 3104        sppuinotify    (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
20:41:50.0225 3104        sppuinotify - ok
20:41:50.0287 3104        srv            (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
20:41:50.0303 3104        srv - ok
20:41:50.0319 3104        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
20:41:50.0319 3104        srv2 - ok
20:41:50.0365 3104        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
20:41:50.0365 3104        srvnet - ok
20:41:50.0397 3104        SSDPSRV        (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
20:41:50.0412 3104        SSDPSRV - ok
20:41:50.0428 3104        SstpSvc        (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
20:41:50.0428 3104        SstpSvc - ok
20:41:50.0459 3104        stdcfltn        (92e7f6666633d2dd91d527503daa7be0) C:\Windows\system32\DRIVERS\stdcfltn.sys
20:41:50.0475 3104        stdcfltn - ok
20:41:50.0537 3104        Steam Client Service - ok
20:41:50.0662 3104        Stereo Service  (c354621b6b94e10ae7f5cdbe745feb86) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:41:50.0677 3104        Stereo Service - ok
20:41:50.0709 3104        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
20:41:50.0709 3104        stexstor - ok
20:41:50.0771 3104        stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
20:41:50.0787 3104        stisvc - ok
20:41:50.0818 3104        stllssvr        (7731f46ec0d687a931cba063e8f90ef0) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
20:41:50.0818 3104        stllssvr - ok
20:41:50.0849 3104        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
20:41:50.0849 3104        swenum - ok
20:41:50.0927 3104        SwitchBoard    (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
20:41:50.0943 3104        SwitchBoard - ok
20:41:50.0989 3104        swprv          (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
20:41:51.0005 3104        swprv - ok
20:41:51.0114 3104        SynTP          (b0c7d4dcf4800df2f2145b500d0161e8) C:\Windows\system32\DRIVERS\SynTP.sys
20:41:51.0130 3104        SynTP - ok
20:41:52.0113 3104        SysMain        (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
20:41:52.0144 3104        SysMain - ok
20:41:52.0737 3104        TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
20:41:52.0752 3104        TabletInputService - ok
20:41:52.0768 3104        TapiSrv        (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
20:41:52.0783 3104        TapiSrv - ok
20:41:52.0799 3104        TBS            (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
20:41:52.0799 3104        TBS - ok
20:41:53.0517 3104        Tcpip          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
20:41:53.0563 3104        Tcpip - ok
20:41:54.0796 3104        TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
20:41:54.0796 3104        TCPIP6 - ok
20:41:55.0014 3104        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
20:41:55.0014 3104        tcpipreg - ok
20:41:55.0030 3104        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
20:41:55.0030 3104        TDPIPE - ok
20:41:55.0077 3104        TDTCP          (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
20:41:55.0077 3104        TDTCP - ok
20:41:55.0092 3104        tdx            (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
20:41:55.0092 3104        tdx - ok
20:41:55.0123 3104        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
20:41:55.0123 3104        TermDD - ok
20:41:55.0170 3104        TermService    (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
20:41:55.0186 3104        TermService - ok
20:41:55.0201 3104        Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
20:41:55.0201 3104        Themes - ok
20:41:55.0233 3104        THREADORDER    (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:41:55.0233 3104        THREADORDER - ok
20:41:55.0248 3104        TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
20:41:55.0248 3104        TrkWks - ok
20:41:55.0295 3104        TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
20:41:55.0295 3104        TrustedInstaller - ok
20:41:55.0311 3104        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:41:55.0311 3104        tssecsrv - ok
20:41:55.0342 3104        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
20:41:55.0342 3104        TsUsbFlt - ok
20:41:55.0373 3104        TsUsbGD        (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
20:41:55.0373 3104        TsUsbGD - ok
20:41:55.0404 3104        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
20:41:55.0404 3104        tunnel - ok
20:41:55.0435 3104        TurboB          (fd24f98d2898be093fe926604be7db99) C:\Windows\system32\DRIVERS\TurboB.sys
20:41:55.0435 3104        TurboB - ok
20:41:55.0513 3104        TurboBoost      (600b406a04d90f577fea8a88d7379f08) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
20:41:55.0513 3104        TurboBoost - ok
20:41:55.0529 3104        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
20:41:55.0529 3104        uagp35 - ok
20:41:55.0560 3104        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
20:41:55.0560 3104        udfs - ok
20:41:55.0591 3104        UI0Detect      (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
20:41:55.0591 3104        UI0Detect - ok
20:41:55.0623 3104        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
20:41:55.0623 3104        uliagpkx - ok
20:41:55.0638 3104        umbus          (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
20:41:55.0654 3104        umbus - ok
20:41:55.0669 3104        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
20:41:55.0669 3104        UmPass - ok
20:41:57.0058 3104        UNS            (2c16648a12999ae69a9ebf41974b0ba2) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:41:57.0073 3104        UNS - ok
20:41:57.0651 3104        upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
20:41:57.0666 3104        upnphost - ok
20:41:57.0729 3104        usbaudio        (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
20:41:57.0729 3104        usbaudio - ok
20:41:57.0760 3104        usbccgp        (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys
20:41:57.0775 3104        usbccgp - ok
20:41:57.0822 3104        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
20:41:57.0838 3104        usbcir - ok
20:41:57.0853 3104        usbehci        (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
20:41:57.0853 3104        usbehci - ok
20:41:57.0885 3104        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
20:41:57.0885 3104        usbhub - ok
20:41:57.0916 3104        usbohci        (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
20:41:57.0916 3104        usbohci - ok
20:41:57.0931 3104        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
20:41:57.0931 3104        usbprint - ok
20:41:57.0947 3104        USBSTOR        (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:41:57.0947 3104        USBSTOR - ok
20:41:57.0978 3104        usbuhci        (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
20:41:57.0978 3104        usbuhci - ok
20:41:58.0025 3104        usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
20:41:58.0025 3104        usbvideo - ok
20:41:58.0041 3104        UxSms          (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
20:41:58.0056 3104        UxSms - ok
20:41:58.0072 3104        VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:41:58.0072 3104        VaultSvc - ok
20:41:58.0103 3104        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
20:41:58.0103 3104        vdrvroot - ok
20:41:58.0150 3104        vds            (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
20:41:58.0165 3104        vds - ok
20:41:58.0197 3104        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
20:41:58.0197 3104        vga - ok
20:41:58.0212 3104        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
20:41:58.0212 3104        VgaSave - ok
20:41:58.0243 3104        vhdmp          (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
20:41:58.0243 3104        vhdmp - ok
20:41:58.0275 3104        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
20:41:58.0275 3104        viaide - ok
20:41:58.0306 3104        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
20:41:58.0306 3104        volmgr - ok
20:41:58.0321 3104        volmgrx        (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
20:41:58.0337 3104        volmgrx - ok
20:41:58.0353 3104        volsnap        (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
20:41:58.0368 3104        volsnap - ok
20:41:58.0446 3104        vpnagent        (d6653180d162cb3144fdbc8a651cebb1) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
20:41:58.0446 3104        vpnagent - ok
20:41:58.0477 3104        vpnva          (13e6d95e7ac67abb7a1196557ef8849f) C:\Windows\system32\DRIVERS\vpnva64.sys
20:41:58.0477 3104        vpnva - ok
20:41:58.0524 3104        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
20:41:58.0524 3104        vsmraid - ok
20:41:58.0602 3104        VSS            (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
20:41:58.0633 3104        VSS - ok
20:41:59.0086 3104        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
20:41:59.0086 3104        vwifibus - ok
20:41:59.0101 3104        vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
20:41:59.0101 3104        vwififlt - ok
20:41:59.0117 3104        vwifimp        (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
20:41:59.0117 3104        vwifimp - ok
20:41:59.0164 3104        W32Time        (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
20:41:59.0164 3104        W32Time - ok
20:41:59.0211 3104        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
20:41:59.0211 3104        WacomPen - ok
20:41:59.0226 3104        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:41:59.0226 3104        WANARP - ok
20:41:59.0242 3104        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:41:59.0242 3104        Wanarpv6 - ok
20:41:59.0679 3104        WatAdminSvc    (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
20:41:59.0725 3104        WatAdminSvc - ok
20:42:00.0053 3104        wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
20:42:00.0084 3104        wbengine - ok
20:42:00.0864 3104        WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
20:42:00.0895 3104        WbioSrvc - ok
20:42:00.0927 3104        wcncsvc        (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
20:42:00.0927 3104        wcncsvc - ok
20:42:00.0942 3104        WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
20:42:00.0942 3104        WcsPlugInService - ok
20:42:00.0973 3104        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
20:42:00.0973 3104        Wd - ok
20:42:01.0005 3104        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
20:42:01.0005 3104        Wdf01000 - ok
20:42:01.0020 3104        WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:42:01.0020 3104        WdiServiceHost - ok
20:42:01.0036 3104        WdiSystemHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:42:01.0036 3104        WdiSystemHost - ok
20:42:01.0051 3104        WebClient      (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
20:42:01.0051 3104        WebClient - ok
20:42:01.0207 3104        Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
20:42:01.0223 3104        Wecsvc - ok
20:42:01.0239 3104        wercplsupport  (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
20:42:01.0239 3104        wercplsupport - ok
20:42:01.0270 3104        WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
20:42:01.0270 3104        WerSvc - ok
20:42:01.0301 3104        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
20:42:01.0301 3104        WfpLwf - ok
20:42:01.0348 3104        WimFltr        (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
20:42:01.0348 3104        WimFltr - ok
20:42:01.0363 3104        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
20:42:01.0363 3104        WIMMount - ok
20:42:01.0379 3104        WinDefend - ok
20:42:01.0395 3104        WinHttpAutoProxySvc - ok
20:42:01.0660 3104        Winmgmt        (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
20:42:01.0660 3104        Winmgmt - ok
20:42:02.0112 3104        WinRM          (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
20:42:02.0159 3104        WinRM - ok
20:42:03.0079 3104        Wlansvc        (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
20:42:03.0111 3104        Wlansvc - ok
20:42:03.0220 3104        wlcrasvc        (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:42:03.0220 3104        wlcrasvc - ok
20:42:04.0093 3104        wlidsvc        (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:42:04.0093 3104        wlidsvc - ok
20:42:04.0343 3104        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
20:42:04.0343 3104        WmiAcpi - ok
20:42:04.0858 3104        wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
20:42:04.0889 3104        wmiApSrv - ok
20:42:04.0920 3104        WMPNetworkSvc - ok
20:42:04.0936 3104        WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
20:42:04.0951 3104        WPCSvc - ok
20:42:04.0967 3104        WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
20:42:04.0967 3104        WPDBusEnum - ok
20:42:04.0983 3104        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
20:42:04.0983 3104        ws2ifsl - ok
20:42:04.0998 3104        wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
20:42:04.0998 3104        wscsvc - ok
20:42:04.0998 3104        WSearch - ok
20:42:05.0669 3104        wuauserv        (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
20:42:05.0716 3104        wuauserv - ok
20:42:06.0324 3104        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
20:42:06.0355 3104        WudfPf - ok
20:42:06.0387 3104        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:42:06.0387 3104        WUDFRd - ok
20:42:06.0418 3104        wudfsvc        (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
20:42:06.0418 3104        wudfsvc - ok
20:42:06.0433 3104        WwanSvc        (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
20:42:06.0449 3104        WwanSvc - ok
20:42:06.0480 3104        MBR (0x1B8)    (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
20:42:07.0681 3104        \Device\Harddisk0\DR0 - ok
20:42:07.0697 3104        Boot (0x1200)  (d4f680bbe35bb824047e1002007b0c02) \Device\Harddisk0\DR0\Partition0
20:42:07.0697 3104        \Device\Harddisk0\DR0\Partition0 - ok
20:42:07.0728 3104        Boot (0x1200)  (4f06091d0b832dbb262dc98511c5db6e) \Device\Harddisk0\DR0\Partition1
20:42:07.0728 3104        \Device\Harddisk0\DR0\Partition1 - ok
20:42:07.0728 3104        ============================================================
20:42:07.0728 3104        Scan finished
20:42:07.0728 3104        ============================================================
20:42:07.0744 3096        Detected object count: 0
20:42:07.0744 3096        Actual detected object count: 0

t'john 24.07.2012 21:27
Sehr gut! :daumenhoc

Java aktualisieren

Dein Java ist nicht mehr aktuell. Älter Versionen enthalten Sicherheitslücken, die von Malware missbraucht werden können.
  • Downloade dir bitte die neueste Java-Version von hier
  • Speichere die jxpiinstall.exe
  • Schließe alle laufenden Programme. Speziell deinen Browser.
  • Starte die jxpiinstall.exe. Diese wird den Installer für die neueste Java Version ( Java 7 Update 5 ) herunter laden.
  • Wenn die Installation beendet wurde
    Start --> Systemsteuerung --> Programme und deinstalliere alle älteren Java Versionen.
  • Starte deinen Rechner neu sobald alle älteren Versionen deinstalliert wurden.
Nach dem Neustart
  • Öffne erneut die Systemsteuerung --> Programme und klicke auf das Java Symbol.
  • Im Reiter Allgemein, klicke unter Temporäre Internetdateien auf Einstellungen.
  • Klicke auf Dateien löschen....
  • Gehe sicher das überall ein Hacken gesetzt ist und klicke OK.
  • Klicke erneut OK.


Dann so einstellen: http://www.trojaner-board.de/105213-...tellungen.html

t'john 07.08.2012 16:24
Fehlende Rückmeldung

Gibt es Probleme beim Abarbeiten obiger Anleitung?

Um Kapazitäten für andere Hilfesuchende freizumachen, lösche ich dieses Thema aus meinen Benachrichtigungen.

Solltest Du weitermachen wollen, schreibe mir eine PN oder eröffne ein neues Thema.
http://www.trojaner-board.de/69886-a...-beachten.html


Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner sauber ist.


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:11 Uhr.

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28