Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Verschlüsselungs Tojaner Windows 7 64 bit (https://www.trojaner-board.de/115389-verschluesselungs-tojaner-windows-7-64-bit.html)

annamariawie 18.05.2012 20:48
Verschlüsselungs Tojaner Windows 7 64 bit
 
Hallo zusammen!!

Habe mir heute den berühmten Verschlüsselungs-Trojaner eingefangen und mich schon den ganzen Tag versucht zu informieren wie ich vorgehen muss um diesen zu beseitigen! Ich habe in meiner ersten Verzweiflung versucht meinen Laptop auf einen früheren Zustand wiederherzustellen und durch diese Maßnahme kann ich wieder auf meinen Rechner zugreifen! Das große Problem ist nun das all meine Datein verschlüsselt sind wie mit folgende Dateinamen zB AGjXALsgndjDaDyG So und ähnlich sehen all meine Datein aus.

Das große Problem ist das ich nun absolut nicht weiss wie ich weitergehen soll, da alle Beträge 1. was anders sagen und 2. mir das Verständniss fehlt bei den vorgeschlagenen Methoden! Und bevor ich irgendwas und komplett falsch mache ( was meist mehr Probleme schafft und zum Chaos führt) wende ich mich mit einem eigenen Beitrag an euch!

Ich habe einen Dell Inspiron laptop mit windows 7 64 bit

Vielleicht kann mir jemand weiterhelfen??

DANKE!!

cosinus 21.05.2012 11:10
Bitte erstmal routinemäßig einen Vollscan mit malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden.

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset





Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

annamariawie 29.05.2012 19:31
Hier ist scan von Malwarebytes

Code:
Malwarebytes Anti-Malware (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.05.29.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
AnnaMariaWiegele :: ANNAMARIAWIEGEL [Administrator]

Schutz: Aktiviert

29.05.2012 19:18:49
mbam-log-2012-05-29 (19-18-49).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 335445
Laufzeit: 47 Minute(n),

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)


und eset online scanner

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=1c7e43ba18e61b488ab1be22ca6c57dd
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-05-29 05:10:42
# local_time=2012-05-29 07:10:42 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 4720 89937396 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=144887
# found=1
# cleaned=0
# scan_time=3895
C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\IEBHO.dll        a variant of Win32/Toolbar.SearchSuite application (unable to clean)        00000000000000000000000000000000        I
so ....i weiss leider nichts damit anfangen und jetzt hoffe ich auf dich!! hab schon öfter den malwarebytes scanner laufen lassen und es ist nie was gefunden worden!! die letzte option die ich habe ist meinen laptop auf fabrikatszustand zurückzuversetzen. Ich habe externe festplatte und habe davor regelmäßig das wichtigste gespeicher!! das problem is das rechner langsam läuft und viele programme die mit den dateien zusammenspielen auch nicht mehr funktionieren!!

danke für deine hilfe!!

glg anna

cosinus 30.05.2012 09:42
Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

annamariawie 30.05.2012 14:08
1) Der normale Modus von Windows geht soweit uneingeschränkt. Nur all meine Dateien(ob Text-Musik-Bild oder sonstige Dateien) sind verschlüsselt. Ich habe Sie auch noch nicht probiert aufzumachen weil ich erlich gesagt Angst habe das etwas passiert! (bzw. sie können nicht aufgemacht werden da sie vom Rechner nicht gelesen werden können)
Weiters sind kleine Dinge wie Hintergrundbild und die Dell Andwender-Kartei gelöscht(welches wiederum mit den verschlüsselten Dateien zu tun hat...denke ich). Zusätzlich lief Rechner und das Internet am Anfang nicht gut (was sich mittlerweile auch so gut wie gelegt hat).Auf Itunes zB sind all meine Lieder weg ( denke es liegt wieder daran das all meine Musikdateien verschlüsselt sind)

2) Soweit ich jetzt alles durchgesehen habe fehlt nichts. Bis auf meine verschlüsselten Dateien, die nicht geöffnet werden können und die Programme die mit den Dateien in Verbindung stehen funktionieren nicht.


Und was hälst du nun davon?? Großes Dankeschön für deine Hilfe


glg Anna

cosinus 30.05.2012 14:39
Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log
CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

annamariawie 31.05.2012 06:31
so und hier ist der customscan von otl

Code:
OTL logfile created on: 30.05.2012 16:31:25 - Run 1
OTL by OldTimer - Version 3.2.44.0    Folder = C:\Users\AnnaMariaWiegele\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3,91 Gb Total Physical Memory | 2,24 Gb Available Physical Memory | 57,35% Memory free
7,82 Gb Paging File | 5,68 Gb Available in Paging File | 72,62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581,42 Gb Total Space | 529,70 Gb Free Space | 91,10% Space Free | Partition Type: NTFS
Drive F: | 24,58 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: ANNAMARIAWIEGEL | User Name: AnnaMariaWiegele | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.05.30 16:27:28 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\AnnaMariaWiegele\Downloads\OTL.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.04.04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.04.03 22:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.03.07 02:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.03.07 02:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.02.01 12:50:58 | 000,968,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
PRC - [2012.01.05 20:58:30 | 000,253,952 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Program Files (x86)\tele.ring Verbindungsmanager\DataCardMonitor.exe
PRC - [2012.01.05 20:58:28 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\tele.ring Verbindungsmanager\tele.ring Verbindungsmanager.exe
PRC - [2011.11.25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.08.18 17:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2011.08.18 17:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2011.08.12 09:46:02 | 000,520,330 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2011.08.01 19:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2010.11.17 19:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010.11.17 17:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2010.11.06 06:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.11.06 06:54:20 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.11.03 19:01:20 | 001,298,496 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2010.11.03 18:53:28 | 000,897,088 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2010.10.06 04:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.10.06 04:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.06.23 17:43:40 | 000,110,592 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\tele.ring Verbindungsmanager\ouc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.05.11 14:57:21 | 000,014,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\3b2b9f4ec1819e4b95792d92f56d26f9\IAStorCommon.ni.dll
MOD - [2012.05.11 14:57:20 | 000,475,648 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\eac8b316dbdcc6fdba0d80e76063643c\IAStorUtil.ni.dll
MOD - [2012.05.10 11:26:24 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012.05.10 11:26:03 | 012,433,408 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\90555968565afd59bce4b0974e9903bd\System.Windows.Forms.ni.dll
MOD - [2012.05.10 11:25:57 | 001,590,784 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\69f6e582cb79f107c61308b468c1a215\System.Drawing.ni.dll
MOD - [2012.05.10 11:25:47 | 003,347,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012.05.10 11:25:42 | 005,452,800 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012.05.10 11:25:39 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012.05.10 11:25:38 | 007,967,232 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.05.10 11:25:33 | 011,492,864 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012.02.01 12:50:58 | 000,968,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
MOD - [2012.02.01 12:44:34 | 008,151,040 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
MOD - [2012.02.01 12:44:34 | 002,278,400 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
MOD - [2012.01.05 20:58:28 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\tele.ring Verbindungsmanager\tele.ring Verbindungsmanager.exe
MOD - [2011.08.18 17:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2011.07.23 09:23:17 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.11.25 05:44:02 | 000,375,280 | ---- | M] () -- c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll
MOD - [2010.11.17 17:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2010.11.13 01:26:08 | 000,315,392 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.10.22 19:15:12 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\tele.ring Verbindungsmanager\SMSPlugin.dll
MOD - [2009.09.19 18:49:38 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\tele.ring Verbindungsmanager\SpeedManagerPlugin.dll
MOD - [2009.09.12 13:14:24 | 000,225,280 | ---- | M] () -- C:\Program Files (x86)\tele.ring Verbindungsmanager\DeviceMgrUIPlugin.dll
MOD - [2009.09.11 17:42:18 | 000,991,232 | ---- | M] () -- C:\Program Files (x86)\tele.ring Verbindungsmanager\NDISAPI.dll
MOD - [2009.09.11 17:39:46 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\tele.ring Verbindungsmanager\DeviceMgrPlugin.dll
MOD - [2009.09.08 13:54:44 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\tele.ring Verbindungsmanager\ConfigFilePlugin.dll
MOD - [2009.09.08 13:54:22 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\tele.ring Verbindungsmanager\DialUpPlugin.dll
MOD - [2009.09.08 13:49:12 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\tele.ring Verbindungsmanager\NetInfoPlugin.dll
MOD - [2009.03.10 21:08:16 | 000,155,648 | R--- | M] () -- C:\Program Files (x86)\tele.ring Verbindungsmanager\DetectDev.dll
MOD - [2009.03.10 21:08:16 | 000,061,440 | R--- | M] () -- C:\Program Files (x86)\tele.ring Verbindungsmanager\XCodec.dll
MOD - [2009.03.10 21:08:16 | 000,061,440 | R--- | M] () -- C:\Program Files (x86)\tele.ring Verbindungsmanager\DeviceOperate.dll
MOD - [2009.03.10 21:08:14 | 000,561,152 | R--- | M] () -- C:\Program Files (x86)\tele.ring Verbindungsmanager\atcomm.dll
MOD - [2009.01.09 12:31:54 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\tele.ring Verbindungsmanager\LocaleMgrPlugin.dll
MOD - [2009.01.09 12:30:38 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\tele.ring Verbindungsmanager\NotifyServicePlugin.dll
MOD - [2008.11.08 11:52:10 | 000,090,112 | R--- | M] () -- C:\Program Files (x86)\tele.ring Verbindungsmanager\FileManager.dll
MOD - [2008.11.08 11:52:08 | 000,014,848 | R--- | M] () -- C:\Program Files (x86)\tele.ring Verbindungsmanager\isaputrace.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.05.12 08:53:46 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\WINDOWS\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.11.21 05:24:42 | 000,084,992 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\SysNative\Mcx2Svc.dll -- (Mcx2Svc)
SRV:64bit: - [2009.12.09 14:38:38 | 000,036,168 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2009.07.14 03:41:27 | 000,097,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\SysNative\mprdim.dll -- (RemoteAccess)
SRV - [2012.05.11 12:31:51 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.05 13:47:58 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.04.03 22:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.03.07 02:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.01.21 22:13:30 | 000,607,048 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag) @C:\Program Files (x86)
SRV - [2011.11.25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) @C:\Program Files (x86)
SRV - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.08.18 17:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2011.01.25 11:57:18 | 000,296,448 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Programme\IDT\WDM\stacsv64.exe -- (STacSV)
SRV - [2010.12.17 21:41:32 | 001,515,792 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2010.12.17 21:28:46 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV - [2010.12.17 21:26:50 | 000,836,880 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2010.11.29 22:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Programme\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) Intel(R)
SRV - [2010.11.25 12:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010.11.25 12:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010.11.06 06:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010.11.03 19:01:20 | 001,298,496 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2010.11.03 18:53:28 | 000,897,088 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2010.10.06 04:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010.10.06 04:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010.09.23 01:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.09.21 21:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.08.26 03:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010.03.18 20:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.12.09 14:44:18 | 001,394,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2009.12.09 14:38:30 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2009.07.14 03:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\SysWOW64\mprdim.dll -- (RemoteAccess)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.06.10 22:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009.03.03 12:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\IDT\WDM\AESTSr64.exe -- (AESTFilters)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.03.07 02:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012.03.07 02:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012.03.07 02:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012.03.07 02:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012.03.07 02:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012.03.07 02:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.10.01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011.10.01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011.10.01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011.10.01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011.06.16 14:40:20 | 000,176,000 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2011.05.13 10:28:46 | 000,363,856 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011.05.12 12:16:38 | 009,319,424 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.05.12 08:16:54 | 000,304,128 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.04.10 21:51:06 | 012,223,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2011.03.24 13:47:02 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2011.03.24 13:47:02 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.25 11:57:18 | 000,520,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010.12.21 16:08:48 | 008,505,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel(R)
DRV:64bit: - [2010.12.10 23:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.12.10 23:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.11.29 22:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:55 | 000,328,192 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\SysNative\drivers\udfs.sys -- (udfs)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.07 01:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.11.04 12:07:06 | 000,058,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2010.11.04 10:31:44 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2010.10.30 02:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.10.26 21:08:08 | 000,406,632 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.10.20 01:12:58 | 000,274,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2010.10.15 11:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2010.09.21 16:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010.03.19 10:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009.12.07 20:53:26 | 000,117,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2009.10.12 16:23:22 | 000,114,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\ewusbdev.sys -- (hwusbdev)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,024,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\SysNative\drivers\crcdisk.sys -- (crcdisk)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2006.11.01 19:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009.10.14 08:24:44 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=102&systemid=406&sr=0&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=102&systemid=406&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3442671516-3624065718-80549224-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-3442671516-3624065718-80549224-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchqu.com/406
IE - HKU\S-1-5-21-3442671516-3624065718-80549224-1000\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3442671516-3624065718-80549224-1000\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKU\S-1-5-21-3442671516-3624065718-80549224-1000\..\SearchScopes\{22FC9FE7-1A3E-4585-BA96-9C7E683938DD}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=IMH&o=2420&src=kw&q={searchTerms}&locale=&apn_ptnrs=^A31&apn_dtid=^YYYYYY^YY^SE&apn_uid=2d395f18-281e-45b7-afbd-996f671d4017&apn_sauid=E945E712-7C49-4DCB-B36E-F237391FE19A&atb=sysid%3D2%3Aappid%3D688%3Auc76720266
IE - HKU\S-1-5-21-3442671516-3624065718-80549224-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=102&systemid=406&sr=0&q={searchTerms}
IE - HKU\S-1-5-21-3442671516-3624065718-80549224-1000\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKU\S-1-5-21-3442671516-3624065718-80549224-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3442671516-3624065718-80549224-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "DVDVideoSoftTB Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.at"
FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&appid=102&systemid=406&sr=0&q="
FF - prefs.js..network.proxy.type: 0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.03.20 14:20:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.05.11 12:31:53 | 000,000,000 | ---D | M]
 
[2012.01.21 22:02:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\mozilla\Extensions
[2012.05.21 21:34:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\mozilla\Firefox\Profiles\cs14twu0.default\extensions
[2011.09.27 13:49:34 | 000,000,931 | ---- | M] () -- C:\Users\AnnaMariaWiegele\AppData\Roaming\Mozilla\Firefox\Profiles\cs14twu0.default\searchplugins\AaxsfEDjXnDVnxg
[2012.01.03 21:13:34 | 000,002,443 | ---- | M] () -- C:\Users\AnnaMariaWiegele\AppData\Roaming\Mozilla\Firefox\Profiles\cs14twu0.default\searchplugins\jLyuJnlgsAXsfseGe
[2011.11.21 20:11:39 | 000,002,519 | ---- | M] () -- C:\Users\AnnaMariaWiegele\AppData\Roaming\Mozilla\Firefox\Profiles\cs14twu0.default\searchplugins\TlfQtUpGOXotdd
[2012.05.21 21:37:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.05.21 21:37:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}
[2012.03.20 14:20:01 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012.05.11 12:31:53 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.05.11 12:31:47 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.05.11 12:31:47 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.05.11 12:31:47 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.05.11 12:31:47 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.11.21 20:11:39 | 000,002,519 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
[2012.05.11 12:31:47 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.05.11 12:31:47 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (SearchCore for Browsers) - {B939CF93-F2CB-443d-956C-DC523D85C9DB} - C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64\BrowserConnection.dll (MusicLab, LLC)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (SearchCore for Browsers) - {B939CF93-F2CB-443d-956C-DC523D85C9DB} - C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\BrowserConnection.dll (MusicLab, LLC)
O3:64bit: - HKLM\..\Toolbar: (no name) - !{30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - !{872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files (x86)\tele.ring Verbindungsmanager\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe ()
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [RoxWatchTray] c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3442671516-3624065718-80549224-1000..\Run: [HW_OPENEYE_OUC_tele.ring Verbindungsmanager] C:\Program Files (x86)\tele.ring Verbindungsmanager\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3442671516-3624065718-80549224-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\AnnaMariaWiegele\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\AnnaMariaWiegele\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{844B7915-C0CF-44A6-B5C4-C6B66307E35C}: DhcpNameServer = 143.50.19.25 143.50.56.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FD169F3A-0F03-4B30-9E9F-2338AD587F44}: DhcpNameServer = 146.66.232.101 146.66.232.102
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\datamngr.dll) - C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64\datamngr.dll (MusicLab, LLC)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\IEBHO.dll) - C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64\IEBHO.dll (MusicLab, LLC)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.05.01 00:01:00 | 000,000,053 | -HS- | M] () - Y:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{07293087-37ce-11e1-b9c3-ac72892e7362}\Shell - "" = AutoRun
O33 - MountPoints2\{07293087-37ce-11e1-b9c3-ac72892e7362}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{139c9afa-146b-11e1-bfbf-ac72892e7362}\Shell - "" = AutoRun
O33 - MountPoints2\{139c9afa-146b-11e1-bfbf-ac72892e7362}\Shell\AutoRun\command - "" = "E:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{24c8f1ff-363c-11e1-8f69-ac72892e7362}\Shell - "" = AutoRun
O33 - MountPoints2\{24c8f1ff-363c-11e1-8f69-ac72892e7362}\Shell\AutoRun\command - "" = F:\setup.exe AUTORUN=1
O33 - MountPoints2\{2fba9141-2db5-11e1-bb2f-ac72892e7362}\Shell - "" = AutoRun
O33 - MountPoints2\{2fba9141-2db5-11e1-bb2f-ac72892e7362}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{2fba9160-2db5-11e1-bb2f-ac72892e7362}\Shell - "" = AutoRun
O33 - MountPoints2\{2fba9160-2db5-11e1-bb2f-ac72892e7362}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{9a0e9ebc-37bf-11e1-a2ae-ac72892e7362}\Shell - "" = AutoRun
O33 - MountPoints2\{9a0e9ebc-37bf-11e1-a2ae-ac72892e7362}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{9a0e9ecc-37bf-11e1-a2ae-ac72892e7362}\Shell - "" = AutoRun
O33 - MountPoints2\{9a0e9ecc-37bf-11e1-a2ae-ac72892e7362}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{b1a516af-37cc-11e1-a002-ac72892e7362}\Shell - "" = AutoRun
O33 - MountPoints2\{b1a516af-37cc-11e1-a002-ac72892e7362}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs:64bit: UxTuneUp - C:\WINDOWS\SysNative\uxtuneup.dll (TuneUp Software)
 
 
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: MCODS - Reg Error: Value error.
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MCODS - Reg Error: Value error.
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: MCODS - Reg Error: Value error.
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: MCODS - Reg Error: Value error.
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\WINDOWS\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.05.29 17:34:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.05.21 21:23:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012.05.18 22:21:35 | 000,000,000 | ---D | C] -- C:\Temp
[2012.05.18 22:01:39 | 000,000,000 | ---D | C] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\Malwarebytes
[2012.05.18 22:01:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.05.18 22:01:33 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2012.05.18 22:01:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.05.18 22:01:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.05.15 13:19:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012.05.12 09:44:32 | 000,000,000 | R--D | C] -- C:\Users\AnnaMariaWiegele\Desktop\MySyncUPFiles
[2012.05.11 12:31:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
 
========== Files - Modified Within 30 Days ==========
 
[2012.05.30 15:52:01 | 000,001,130 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.05.30 15:39:01 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012.05.30 15:02:02 | 000,000,506 | ---- | M] () -- C:\windows\tasks\SystemToolsDailyTest.job
[2012.05.30 14:48:59 | 000,020,928 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.05.30 14:48:59 | 000,020,928 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.05.30 14:47:36 | 001,614,100 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012.05.30 14:47:36 | 000,697,322 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2012.05.30 14:47:36 | 000,652,600 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012.05.30 14:47:36 | 000,148,328 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2012.05.30 14:47:36 | 000,121,274 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012.05.30 14:40:45 | 000,001,126 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.05.30 14:40:34 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012.05.30 14:40:27 | 3148,222,464 | -HS- | M] () -- C:\hiberfil.sys
[2012.05.30 07:06:35 | 000,000,564 | ---- | M] () -- C:\windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012.05.24 19:53:50 | 000,002,230 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.05.18 22:01:34 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.05.18 21:18:58 | 000,001,843 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.05.18 21:18:57 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\config.nt
[2012.05.10 11:20:33 | 000,348,824 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2012.05.18 22:01:34 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2011.09.27 20:36:50 | 000,005,632 | ---- | C] () -- C:\Users\AnnaMariaWiegele\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.09.27 20:17:41 | 000,002,560 | ---- | C] () -- C:\windows\_MSRSTRT.EXE
[2011.07.23 09:03:58 | 000,963,116 | ---- | C] () -- C:\windows\SysWow64\igkrng600.bin
[2011.07.23 09:03:57 | 013,356,032 | ---- | C] () -- C:\windows\SysWow64\ig4icd32.dll
[2011.07.23 09:03:57 | 000,218,304 | ---- | C] () -- C:\windows\SysWow64\igfcg600m.bin
[2011.07.23 09:03:57 | 000,145,804 | ---- | C] () -- C:\windows\SysWow64\igcompkrng600.bin
[2011.07.23 09:03:57 | 000,056,832 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2011.07.23 09:03:56 | 000,003,914 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2011.07.23 09:02:08 | 000,000,096 | ---- | C] () -- C:\windows\LaunApp.ini
[2011.07.23 09:02:04 | 000,000,324 | ---- | C] () -- C:\windows\Prelaunch.ini
[2011.07.23 09:02:04 | 000,000,271 | ---- | C] () -- C:\windows\WisPriority.ini
[2011.07.23 09:02:04 | 000,000,035 | ---- | C] () -- C:\windows\DELL_LANGCODE.ini
[2011.07.23 09:02:04 | 000,000,033 | ---- | C] () -- C:\windows\DELL_OSTYPE.ini
[2011.07.23 09:02:04 | 000,000,032 | ---- | C] () -- C:\windows\WisHWDest.ini
[2011.07.23 09:02:04 | 000,000,028 | ---- | C] () -- C:\windows\WisLangCode.ini
[2011.07.23 09:02:04 | 000,000,023 | ---- | C] () -- C:\windows\WisSysInfo.ini
[2011.07.23 07:10:39 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2011.07.23 07:07:07 | 000,017,776 | ---- | C] () -- C:\windows\EvtMessage.dll
[2011.07.23 07:04:13 | 000,003,914 | ---- | C] () -- C:\windows\SysWow64\atipblup.dat
[2011.07.23 06:53:13 | 001,591,994 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011.07.23 06:49:02 | 000,008,192 | ---- | C] () -- C:\windows\SysWow64\drivers\IntelMEFWVer.dll
[2011.05.12 06:57:52 | 000,059,904 | ---- | C] () -- C:\windows\SysWow64\OVDecode.dll
 
========== LOP Check ==========
 
[2011.09.30 16:53:13 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\DVDVideoSoft
[2012.05.18 12:56:04 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.03.13 08:33:20 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\Fingertapps
[2011.09.27 18:40:07 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\IDT
[2012.05.18 12:56:10 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\MusicNet
[2011.09.22 13:47:50 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\OpenOffice.org
[2012.05.19 04:15:49 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr
[2012.05.12 00:37:12 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\SoftGrid Client
[2012.05.19 04:16:31 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\tele.ring Verbindungsmanager
[2012.01.05 20:41:33 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\telering
[2011.10.28 14:44:01 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\TP
[2012.01.21 22:13:23 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\TuneUp Software
[2012.05.30 07:06:35 | 000,000,564 | ---- | M] () -- C:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2012.04.07 08:28:20 | 000,032,640 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2012.05.30 15:02:02 | 000,000,506 | ---- | M] () -- C:\windows\Tasks\SystemToolsDailyTest.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2011.10.24 22:10:49 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\Adobe
[2011.09.27 19:35:52 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\Apple Computer
[2011.09.22 19:14:51 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\ATI
[2012.05.19 04:15:47 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\Creative
[2011.09.30 19:15:54 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\Dell
[2011.09.22 19:14:55 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\Dell Touch Zone
[2011.09.30 16:53:13 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\DVDVideoSoft
[2012.05.18 12:56:04 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.03.13 08:33:20 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\Fingertapps
[2011.09.22 19:14:24 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\Identities
[2011.09.27 18:40:07 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\IDT
[2011.09.22 19:11:48 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\Intel
[2011.09.22 19:14:49 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\Intel Corporation
[2011.07.23 07:09:28 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\Macromedia
[2012.01.05 11:15:47 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\Macrovision
[2012.05.18 22:01:39 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\Malwarebytes
[2011.07.23 09:27:44 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\Media Center Programs
[2012.05.18 22:27:20 | 000,000,000 | --SD | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\Microsoft
[2011.09.27 13:23:48 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\Mozilla
[2012.05.18 12:56:10 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\MusicNet
[2011.09.22 12:45:37 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\Nero
[2011.09.22 13:47:50 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\OpenOffice.org
[2012.05.19 04:15:49 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr
[2012.03.13 17:59:24 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\Reallusion
[2011.09.22 19:14:51 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\Roxio
[2011.11.21 21:19:11 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\Roxio Burn
[2012.05.19 04:16:31 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\Skype
[2012.05.12 00:37:12 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\SoftGrid Client
[2012.05.19 04:16:31 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\tele.ring Verbindungsmanager
[2012.01.05 20:41:33 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\telering
[2011.10.28 14:44:01 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\TP
[2012.01.21 22:13:23 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\TuneUp Software
[2011.11.21 20:13:02 | 000,000,000 | ---D | M] -- C:\Users\AnnaMariaWiegele\AppData\Roaming\vlc
 
< %APPDATA%\*.exe /s >
[2011.07.23 07:09:21 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2012.02.15 18:10:07 | 055,252,360 | ---- | M] (Dell Inc) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Binaries\full_dsc_5907_23_64_01.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\02e8611b-9862-46c5-befa-67baa2e846e8\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\11858bc4-9316-4b67-a007-babe1e54912c\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\12d65974-4e7a-46b8-b5a6-7fcf11b61788\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\1602f3c7-e8f7-462c-9df5-52e13249b968\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\23c893ba-a7ac-4c4e-a5b3-50fee013e453\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\2985deab-8c8f-4fdc-bee7-4c3e78c40910\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\33057456-5eed-4c41-8ce0-5c3a705d9d7e\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\37ba8104-5264-4e9e-9eab-5f5ce02cc8d9\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\39905862-6dbb-4253-b250-fcb588868456\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\3c115646-1fc3-471d-9503-25a31cdea926\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\3ddf9c67-e799-426c-8f54-3de4c5e10587\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\44cf429c-11aa-46cd-ab33-6d896b11d7b7\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\455cf467-c914-4257-82c3-54d8a08b14c5\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\48ae14c8-f1c0-4a76-9dc6-107e63370273\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\4e3effc4-f675-49e7-ac63-a21b771a3346\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\505ff1cf-592e-4899-920f-0bf9f709d564\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\51848a89-5c6b-4d45-b1b8-9a55a8a85fe7\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\55a68ee3-9c0d-43c9-8ee1-977226d2c0ef\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\5f864812-0a51-485f-8b93-188fd083fd16\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\60527a7f-e083-4074-9d93-0e41a6349a1e\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\6a62a93b-efd6-4d6b-a122-00d013a64072\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\6a9c10f6-a3fd-42f4-b49c-5a03eaec1132\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\70c6a729-e019-404b-8d52-cade9f18f867\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\75dba271-2c63-4aa8-8d05-24ed706ba9cf\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\8a9ab7d4-a4cd-44b6-ad1d-1e7fc6cf03a3\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\95ef0b4a-e7e4-4f90-b321-417267e54cac\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\9a6f12e4-a827-4a7e-b313-715d31479557\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\9a90fe7d-faea-4513-a4f8-69c89d1e1d1f\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\9ccf1d93-2509-4490-99f6-2eb31bfd226a\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\9d18a6dc-116c-41f4-817a-7209aec80662\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\a2abebcf-6661-471f-a79c-f69078c9e0b5\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\a404d8ab-8c86-4174-a190-f50e9bfd6338\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\a4e377f9-24d2-4429-94cd-63306ad54441\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\b655c67a-534b-4ec1-ba4b-500f329901fb\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\c158cca3-9997-4ca3-8646-141623c55f72\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\c34bf5fd-c0e8-4744-9691-2ef5bdedb2b5\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\e70d20a4-a190-471f-a5f0-a927bb252f69\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\f12ade78-3a81-4f07-830b-4a363cdef44e\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\f147c75f-fc58-4c03-ab04-6f49710378e6\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\f1ded677-f7c2-4c6c-9b47-9327755146c4\au_5899_rules\AddCertificate.exe
[2011.08.10 11:30:34 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\PCDr\Update\Rules\f2d4a2d4-407e-46bc-9aff-07fc8e1cb9c3\au_5899_rules\AddCertificate.exe
[2009.07.23 17:09:40 | 000,987,136 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\tele.ring Verbindungsmanager\LiveUpdate.exe
[2009.06.23 17:43:40 | 000,110,592 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Users\AnnaMariaWiegele\AppData\Roaming\tele.ring Verbindungsmanager\ouc.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\WINDOWS\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\WINDOWS\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\WINDOWS\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\WINDOWS\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: IASTOR.SYS  >
[2010.11.07 01:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\windows\SysNative\drivers\iaStor.sys
[2010.11.07 01:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_710b330fb3531234\iaStor.sys
[2010.11.07 01:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\windows\SysNative\DriverStore\FileRepository\iastor.inf_amd64_neutral_05602dde0a28e7f4\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\WINDOWS\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\WINDOWS\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\WINDOWS\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\windows\SysNative\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\WINDOWS\SysWOW64\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\WINDOWS\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\WINDOWS\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\WINDOWS\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\WINDOWS\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\WINDOWS\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\WINDOWS\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\WINDOWS\SysWOW64\user32.dll
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\windows\SysNative\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\WINDOWS\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\WINDOWS\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\WINDOWS\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\WINDOWS\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\WINDOWS\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\WINDOWS\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
<          >

< End of report >

cosinus 31.05.2012 10:08
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
:OTL
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=102&systemid=406&sr=0&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=102&systemid=406&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKU\S-1-5-21-3442671516-3624065718-80549224-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-3442671516-3624065718-80549224-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchqu.com/406
IE - HKU\S-1-5-21-3442671516-3624065718-80549224-1000\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3442671516-3624065718-80549224-1000\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKU\S-1-5-21-3442671516-3624065718-80549224-1000\..\SearchScopes\{22FC9FE7-1A3E-4585-BA96-9C7E683938DD}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=IMH&o=2420&src=kw&q={searchTerms}&locale=&apn_ptnrs=^A31&apn_dtid=^YYYYYY^YY^SE&apn_uid=2d395f18-281e-45b7-afbd-996f671d4017&apn_sauid=E945E712-7C49-4DCB-B36E-F237391FE19A&atb=sysid%3D2%3Aappid%3D688%3Auc76720266
IE - HKU\S-1-5-21-3442671516-3624065718-80549224-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=102&systemid=406&sr=0&q={searchTerms}
IE - HKU\S-1-5-21-3442671516-3624065718-80549224-1000\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "DVDVideoSoftTB Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=102&systemid=406&sr=0&q="
[2011.09.27 13:49:34 | 000,000,931 | ---- | M] () -- C:\Users\AnnaMariaWiegele\AppData\Roaming\Mozilla\Firefox\Profiles\cs14twu0.default\searchplugins\AaxsfEDjXnDVnxg
[2012.01.03 21:13:34 | 000,002,443 | ---- | M] () -- C:\Users\AnnaMariaWiegele\AppData\Roaming\Mozilla\Firefox\Profiles\cs14twu0.default\searchplugins\jLyuJnlgsAXsfseGe
[2011.11.21 20:11:39 | 000,002,519 | ---- | M] () -- C:\Users\AnnaMariaWiegele\AppData\Roaming\Mozilla\Firefox\Profiles\cs14twu0.default\searchplugins\TlfQtUpGOXotdd
[2011.11.21 20:11:39 | 000,002,519 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
O2:64bit: - BHO: (SearchCore for Browsers) - {B939CF93-F2CB-443d-956C-DC523D85C9DB} - C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64\BrowserConnection.dll (MusicLab, LLC)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O2 - BHO: (SearchCore for Browsers) - {B939CF93-F2CB-443d-956C-DC523D85C9DB} - C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\BrowserConnection.dll (MusicLab, LLC)
O3:64bit: - HKLM\..\Toolbar: (no name) - !{30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - !{872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3442671516-3624065718-80549224-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.05.01 00:01:00 | 000,000,053 | -HS- | M] () - Y:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{07293087-37ce-11e1-b9c3-ac72892e7362}\Shell - "" = AutoRun
O33 - MountPoints2\{07293087-37ce-11e1-b9c3-ac72892e7362}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{139c9afa-146b-11e1-bfbf-ac72892e7362}\Shell - "" = AutoRun
O33 - MountPoints2\{139c9afa-146b-11e1-bfbf-ac72892e7362}\Shell\AutoRun\command - "" = "E:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{24c8f1ff-363c-11e1-8f69-ac72892e7362}\Shell - "" = AutoRun
O33 - MountPoints2\{24c8f1ff-363c-11e1-8f69-ac72892e7362}\Shell\AutoRun\command - "" = F:\setup.exe AUTORUN=1
O33 - MountPoints2\{2fba9141-2db5-11e1-bb2f-ac72892e7362}\Shell - "" = AutoRun
O33 - MountPoints2\{2fba9141-2db5-11e1-bb2f-ac72892e7362}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{2fba9160-2db5-11e1-bb2f-ac72892e7362}\Shell - "" = AutoRun
O33 - MountPoints2\{2fba9160-2db5-11e1-bb2f-ac72892e7362}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{9a0e9ebc-37bf-11e1-a2ae-ac72892e7362}\Shell - "" = AutoRun
O33 - MountPoints2\{9a0e9ebc-37bf-11e1-a2ae-ac72892e7362}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{9a0e9ecc-37bf-11e1-a2ae-ac72892e7362}\Shell - "" = AutoRun
O33 - MountPoints2\{9a0e9ecc-37bf-11e1-a2ae-ac72892e7362}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{b1a516af-37cc-11e1-a002-ac72892e7362}\Shell - "" = AutoRun
O33 - MountPoints2\{b1a516af-37cc-11e1-a002-ac72892e7362}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
:Files
C:\Program Files (x86)\SearchCore for Browsers
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

annamariawie 31.05.2012 11:34
Code:
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ deleted successfully.
C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}\ not found.
HKU\S-1-5-21-3442671516-3624065718-80549224-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-21-3442671516-3624065718-80549224-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-3442671516-3624065718-80549224-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll not found.
HKEY_USERS\S-1-5-21-3442671516-3624065718-80549224-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3442671516-3624065718-80549224-1000\Software\Microsoft\Internet Explorer\SearchScopes\{22FC9FE7-1A3E-4585-BA96-9C7E683938DD}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22FC9FE7-1A3E-4585-BA96-9C7E683938DD}\ not found.
Registry key HKEY_USERS\S-1-5-21-3442671516-3624065718-80549224-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_USERS\S-1-5-21-3442671516-3624065718-80549224-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}\ not found.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "DVDVideoSoftTB Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "hxxp://dts.search-results.com/sr?src=ffb&appid=102&systemid=406&sr=0&q=" removed from keyword.URL
C:\Users\AnnaMariaWiegele\AppData\Roaming\Mozilla\Firefox\Profiles\cs14twu0.default\searchplugins\AaxsfEDjXnDVnxg moved successfully.
C:\Users\AnnaMariaWiegele\AppData\Roaming\Mozilla\Firefox\Profiles\cs14twu0.default\searchplugins\jLyuJnlgsAXsfseGe moved successfully.
C:\Users\AnnaMariaWiegele\AppData\Roaming\Mozilla\Firefox\Profiles\cs14twu0.default\searchplugins\TlfQtUpGOXotdd moved successfully.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B939CF93-F2CB-443d-956C-DC523D85C9DB}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B939CF93-F2CB-443d-956C-DC523D85C9DB}\ deleted successfully.
C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64\BrowserConnection.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B939CF93-F2CB-443d-956C-DC523D85C9DB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B939CF93-F2CB-443d-956C-DC523D85C9DB}\ deleted successfully.
C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\BrowserConnection.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3442671516-3624065718-80549224-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableLockWorkstation deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Y:\AUTORUN.INF moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{07293087-37ce-11e1-b9c3-ac72892e7362}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07293087-37ce-11e1-b9c3-ac72892e7362}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{07293087-37ce-11e1-b9c3-ac72892e7362}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07293087-37ce-11e1-b9c3-ac72892e7362}\ not found.
File move failed. F:\AutoRun.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{139c9afa-146b-11e1-bfbf-ac72892e7362}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{139c9afa-146b-11e1-bfbf-ac72892e7362}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{139c9afa-146b-11e1-bfbf-ac72892e7362}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{139c9afa-146b-11e1-bfbf-ac72892e7362}\ not found.
File "E:\WD SmartWare.exe" autoplay=true not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{24c8f1ff-363c-11e1-8f69-ac72892e7362}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{24c8f1ff-363c-11e1-8f69-ac72892e7362}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{24c8f1ff-363c-11e1-8f69-ac72892e7362}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{24c8f1ff-363c-11e1-8f69-ac72892e7362}\ not found.
File F:\setup.exe AUTORUN=1 not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2fba9141-2db5-11e1-bb2f-ac72892e7362}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2fba9141-2db5-11e1-bb2f-ac72892e7362}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2fba9141-2db5-11e1-bb2f-ac72892e7362}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2fba9141-2db5-11e1-bb2f-ac72892e7362}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2fba9160-2db5-11e1-bb2f-ac72892e7362}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2fba9160-2db5-11e1-bb2f-ac72892e7362}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2fba9160-2db5-11e1-bb2f-ac72892e7362}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2fba9160-2db5-11e1-bb2f-ac72892e7362}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9a0e9ebc-37bf-11e1-a2ae-ac72892e7362}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9a0e9ebc-37bf-11e1-a2ae-ac72892e7362}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9a0e9ebc-37bf-11e1-a2ae-ac72892e7362}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9a0e9ebc-37bf-11e1-a2ae-ac72892e7362}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9a0e9ecc-37bf-11e1-a2ae-ac72892e7362}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9a0e9ecc-37bf-11e1-a2ae-ac72892e7362}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9a0e9ecc-37bf-11e1-a2ae-ac72892e7362}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9a0e9ecc-37bf-11e1-a2ae-ac72892e7362}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b1a516af-37cc-11e1-a002-ac72892e7362}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b1a516af-37cc-11e1-a002-ac72892e7362}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b1a516af-37cc-11e1-a002-ac72892e7362}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b1a516af-37cc-11e1-a002-ac72892e7362}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ not found.
File move failed. F:\AutoRun.exe scheduled to be moved on reboot.
========== FILES ==========
C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64 folder moved successfully.
C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\FirefoxExtension\content folder moved successfully.
C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\FirefoxExtension\components folder moved successfully.
C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\FirefoxExtension folder moved successfully.
C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers folder moved successfully.
C:\Program Files (x86)\SearchCore for Browsers folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: AnnaMariaWiegele
->Temp folder emptied: 95164604 bytes
->Temporary Internet Files folder emptied: 1282362 bytes
->Java cache emptied: 4122322 bytes
->FireFox cache emptied: 849561326 bytes
->Google Chrome cache emptied: 6503519 bytes
->Flash cache emptied: 96032 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 256770 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 85230 bytes
RecycleBin emptied: 49152 bytes
 
Total Files Cleaned = 913,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: AnnaMariaWiegele
->Flash cache emptied: 0 bytes
 
User: Default
->Flash cache emptied: 0 bytes
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: Public
 
Total Flash Files Cleaned = 0,00 mb
 
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.44.0 log created on 05312012_121258

Files\Folders moved on Reboot...
File\Folder F:\AutoRun.exe not found!
C:\Users\AnnaMariaWiegele\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...
Meine Rechner hat sich neugestartet und beim Neustart kam eine Meldung das der Herausgeber der Datei nicht verifiziert werden konnte und es kam die Frage "Trotzdem ausführen?" und ich hab auf ausführen gedrückt! Hoffe das war kein Fehler, aber konnte sonst nicht auf Rechner zugreifen!!

cosinus 31.05.2012 13:08
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

annamariawie 31.05.2012 14:20
Code:
15:16:49.0173 11396        TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
15:16:51.0177 11396        ============================================================
15:16:51.0177 11396        Current date / time: 2012/05/31 15:16:51.0177
15:16:51.0177 11396        SystemInfo:
15:16:51.0177 11396       
15:16:51.0177 11396        OS Version: 6.1.7601 ServicePack: 1.0
15:16:51.0177 11396        Product type: Workstation
15:16:51.0177 11396        ComputerName: ANNAMARIAWIEGEL
15:16:51.0178 11396        UserName: AnnaMariaWiegele
15:16:51.0178 11396        Windows directory: C:\windows
15:16:51.0178 11396        System windows directory: C:\windows
15:16:51.0178 11396        Running under WOW64
15:16:51.0178 11396        Processor architecture: Intel x64
15:16:51.0178 11396        Number of processors: 4
15:16:51.0178 11396        Page size: 0x1000
15:16:51.0178 11396        Boot type: Normal boot
15:16:51.0178 11396        ============================================================
15:16:51.0568 11396        Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:16:51.0576 11396        Drive \Device\Harddisk2\DR2 - Size: 0x7D00000 (0.12 Gb), SectorSize: 0x200, Cylinders: 0xF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:16:51.0578 11396        ============================================================
15:16:51.0578 11396        \Device\Harddisk0\DR0:
15:16:51.0578 11396        MBR partitions:
15:16:51.0578 11396        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
15:16:51.0578 11396        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x48AD92B0
15:16:51.0578 11396        \Device\Harddisk2\DR2:
15:16:51.0578 11396        MBR partitions:
15:16:51.0578 11396        \Device\Harddisk2\DR2\Partition0: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0x3E7DF
15:16:51.0578 11396        ============================================================
15:16:51.0602 11396        C: <-> \Device\Harddisk0\DR0\Partition1
15:16:51.0602 11396        ============================================================
15:16:51.0602 11396        Initialize success
15:16:51.0602 11396        ============================================================
15:17:14.0269 12148        ============================================================
15:17:14.0269 12148        Scan started
15:17:14.0269 12148        Mode: Manual; SigCheck; TDLFS;
15:17:14.0269 12148        ============================================================
15:17:14.0699 12148        1394ohci        (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
15:17:14.0828 12148        1394ohci - ok
15:17:14.0868 12148        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
15:17:14.0883 12148        ACPI - ok
15:17:14.0924 12148        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
15:17:14.0982 12148        AcpiPmi - ok
15:17:15.0110 12148        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:17:15.0136 12148        AdobeARMservice - ok
15:17:15.0273 12148        AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:17:15.0299 12148        AdobeFlashPlayerUpdateSvc - ok
15:17:15.0364 12148        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\drivers\adp94xx.sys
15:17:15.0393 12148        adp94xx - ok
15:17:15.0434 12148        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\drivers\adpahci.sys
15:17:15.0475 12148        adpahci - ok
15:17:15.0490 12148        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\drivers\adpu320.sys
15:17:15.0501 12148        adpu320 - ok
15:17:15.0527 12148        AeLookupSvc    (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
15:17:15.0664 12148        AeLookupSvc - ok
15:17:15.0732 12148        AESTFilters    (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe
15:17:15.0809 12148        AESTFilters - ok
15:17:15.0872 12148        AFD            (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
15:17:15.0956 12148        AFD - ok
15:17:16.0003 12148        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
15:17:16.0033 12148        agp440 - ok
15:17:16.0067 12148        ALG            (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
15:17:16.0109 12148        ALG - ok
15:17:16.0138 12148        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
15:17:16.0165 12148        aliide - ok
15:17:16.0193 12148        AMD External Events Utility (e6ce56be2c8bff7464554629829a1271) C:\windows\system32\atiesrxx.exe
15:17:16.0303 12148        AMD External Events Utility - ok
15:17:16.0333 12148        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
15:17:16.0343 12148        amdide - ok
15:17:16.0374 12148        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\drivers\amdk8.sys
15:17:16.0422 12148        AmdK8 - ok
15:17:16.0757 12148        amdkmdag        (e3cc08f03c55a284fbfd79071822df43) C:\windows\system32\DRIVERS\atikmdag.sys
15:17:17.0011 12148        amdkmdag - ok
15:17:17.0146 12148        amdkmdap        (f8976e22afd861cf67b6e2d3b4995cdb) C:\windows\system32\DRIVERS\atikmpag.sys
15:17:17.0216 12148        amdkmdap - ok
15:17:17.0233 12148        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\drivers\amdppm.sys
15:17:17.0261 12148        AmdPPM - ok
15:17:17.0289 12148        amdsata        (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
15:17:17.0299 12148        amdsata - ok
15:17:17.0340 12148        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\drivers\amdsbs.sys
15:17:17.0367 12148        amdsbs - ok
15:17:17.0377 12148        amdxata        (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
15:17:17.0387 12148        amdxata - ok
15:17:17.0431 12148        ApfiltrService  (24ed0eb2b2558970176ecee680f8f806) C:\windows\system32\DRIVERS\Apfiltr.sys
15:17:19.0581 12148        ApfiltrService - ok
15:17:19.0617 12148        AppID          (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
15:17:19.0688 12148        AppID - ok
15:17:19.0711 12148        AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
15:17:19.0776 12148        AppIDSvc - ok
15:17:19.0789 12148        Appinfo        (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
15:17:19.0836 12148        Appinfo - ok
15:17:19.0957 12148        Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:17:19.0977 12148        Apple Mobile Device - ok
15:17:20.0010 12148        arc            (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\drivers\arc.sys
15:17:20.0037 12148        arc - ok
15:17:20.0055 12148        arcsas          (019af6924aefe7839f61c830227fe79c) C:\windows\system32\drivers\arcsas.sys
15:17:20.0066 12148        arcsas - ok
15:17:20.0133 12148        aspnet_state    (9217d874131ae6ff8f642f124f00a555) C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:17:20.0155 12148        aspnet_state - ok
15:17:20.0193 12148        aswFsBlk        (b9da213b5271db5fce962d827e6d620d) C:\windows\system32\drivers\aswFsBlk.sys
15:17:20.0218 12148        aswFsBlk - ok
15:17:20.0243 12148        aswMonFlt      (21c9835d0e5ad2ff0f16134bcb32cc71) C:\windows\system32\drivers\aswMonFlt.sys
15:17:20.0274 12148        aswMonFlt - ok
15:17:20.0308 12148        aswRdr          (1b96a5867abd4fa6135d8298fcccf9c6) C:\windows\System32\Drivers\aswrdr2.sys
15:17:20.0336 12148        aswRdr - ok
15:17:20.0388 12148        aswSnx          (6e98bb288696777a3a8a07a52b0eaee9) C:\windows\system32\drivers\aswSnx.sys
15:17:20.0412 12148        aswSnx - ok
15:17:20.0449 12148        aswSP          (d9fb49f16e4eb02efecae8cbfe4bcb4c) C:\windows\system32\drivers\aswSP.sys
15:17:20.0486 12148        aswSP - ok
15:17:20.0519 12148        aswTdi          (7352bb9a564b94bbd7c9cbf165f55006) C:\windows\system32\drivers\aswTdi.sys
15:17:20.0531 12148        aswTdi - ok
15:17:20.0567 12148        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
15:17:20.0648 12148        AsyncMac - ok
15:17:20.0672 12148        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
15:17:20.0681 12148        atapi - ok
15:17:20.0743 12148        AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
15:17:20.0817 12148        AudioEndpointBuilder - ok
15:17:20.0823 12148        AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
15:17:20.0859 12148        AudioSrv - ok
15:17:20.0932 12148        avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:17:20.0964 12148        avast! Antivirus - ok
15:17:21.0003 12148        AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
15:17:21.0078 12148        AxInstSV - ok
15:17:21.0130 12148        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\windows\system32\drivers\bxvbda.sys
15:17:21.0170 12148        b06bdrv - ok
15:17:21.0202 12148        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
15:17:21.0269 12148        b57nd60a - ok
15:17:21.0327 12148        BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
15:17:21.0370 12148        BDESVC - ok
15:17:21.0397 12148        Beep            (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
15:17:21.0460 12148        Beep - ok
15:17:21.0535 12148        BFE            (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
15:17:21.0603 12148        BFE - ok
15:17:21.0653 12148        BITS            (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
15:17:21.0715 12148        BITS - ok
15:17:21.0771 12148        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
15:17:21.0808 12148        blbdrive - ok
15:17:21.0929 12148        Bluetooth Device Monitor (093b1b419ef25b15d3a1ca6953f41afb) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
15:17:21.0981 12148        Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - warning
15:17:21.0981 12148        Bluetooth Device Monitor - detected UnsignedFile.Multi.Generic (1)
15:17:22.0046 12148        Bluetooth Media Service (03a7341e94acd92e0831336d4f3ace92) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
15:17:22.0083 12148        Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - warning
15:17:22.0084 12148        Bluetooth Media Service - detected UnsignedFile.Multi.Generic (1)
15:17:22.0178 12148        Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
15:17:22.0201 12148        Bonjour Service - ok
15:17:22.0300 12148        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
15:17:22.0344 12148        bowser - ok
15:17:22.0368 12148        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\drivers\BrFiltLo.sys
15:17:22.0421 12148        BrFiltLo - ok
15:17:22.0441 12148        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\drivers\BrFiltUp.sys
15:17:22.0480 12148        BrFiltUp - ok
15:17:22.0524 12148        Browser        (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
15:17:22.0586 12148        Browser - ok
15:17:22.0631 12148        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
15:17:22.0677 12148        Brserid - ok
15:17:22.0696 12148        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
15:17:22.0722 12148        BrSerWdm - ok
15:17:22.0747 12148        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
15:17:22.0794 12148        BrUsbMdm - ok
15:17:22.0821 12148        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
15:17:22.0870 12148        BrUsbSer - ok
15:17:22.0903 12148        BthEnum        (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\drivers\BthEnum.sys
15:17:22.0953 12148        BthEnum - ok
15:17:22.0982 12148        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\drivers\bthmodem.sys
15:17:23.0034 12148        BTHMODEM - ok
15:17:23.0072 12148        BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys
15:17:23.0106 12148        BthPan - ok
15:17:23.0153 12148        BTHPORT        (64c198198501f7560ee41d8d1efa7952) C:\windows\System32\Drivers\BTHport.sys
15:17:23.0203 12148        BTHPORT - ok
15:17:23.0237 12148        bthserv        (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
15:17:23.0271 12148        bthserv - ok
15:17:23.0309 12148        BTHUSB          (f188b7394d81010767b6df3178519a37) C:\windows\System32\Drivers\BTHUSB.sys
15:17:23.0350 12148        BTHUSB - ok
15:17:23.0385 12148        btmaux          (16c1bac9760c9fa85a30f3fa0fbb1b7a) C:\windows\system32\DRIVERS\btmaux.sys
15:17:23.0394 12148        btmaux - ok
15:17:23.0420 12148        btmhsf          (0c468d8da95be16bfdd380bb9de88259) C:\windows\system32\DRIVERS\btmhsf.sys
15:17:23.0482 12148        btmhsf - ok
15:17:23.0505 12148        cdfs            (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
15:17:23.0584 12148        cdfs - ok
15:17:23.0636 12148        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
15:17:23.0667 12148        cdrom - ok
15:17:23.0688 12148        CertPropSvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
15:17:23.0733 12148        CertPropSvc - ok
15:17:23.0758 12148        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\drivers\circlass.sys
15:17:23.0782 12148        circlass - ok
15:17:23.0813 12148        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
15:17:23.0848 12148        CLFS - ok
15:17:23.0913 12148        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:17:23.0936 12148        clr_optimization_v2.0.50727_32 - ok
15:17:23.0984 12148        clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:17:24.0012 12148        clr_optimization_v2.0.50727_64 - ok
15:17:24.0062 12148        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:17:24.0086 12148        clr_optimization_v4.0.30319_32 - ok
15:17:24.0113 12148        clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:17:24.0124 12148        clr_optimization_v4.0.30319_64 - ok
15:17:24.0166 12148        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
15:17:24.0204 12148        CmBatt - ok
15:17:24.0222 12148        cmdide          (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
15:17:24.0231 12148        cmdide - ok
15:17:24.0265 12148        CNG            (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
15:17:24.0306 12148        CNG - ok
15:17:24.0343 12148        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\windows\system32\drivers\compbatt.sys
15:17:24.0352 12148        Compbatt - ok
15:17:24.0382 12148        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\windows\system32\DRIVERS\CompositeBus.sys
15:17:24.0419 12148        CompositeBus - ok
15:17:24.0433 12148        COMSysApp - ok
15:17:24.0447 12148        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\windows\system32\drivers\crcdisk.sys
15:17:24.0457 12148        crcdisk - ok
15:17:24.0493 12148        CryptSvc        (15597883fbe9b056f276ada3ad87d9af) C:\windows\system32\cryptsvc.dll
15:17:24.0547 12148        CryptSvc - ok
15:17:24.0602 12148        CtClsFlt        (df214bff646880d0eb31bdc86136b29b) C:\windows\system32\DRIVERS\CtClsFlt.sys
15:17:24.0632 12148        CtClsFlt - ok
15:17:24.0750 12148        cvhsvc          (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
15:17:24.0785 12148        cvhsvc - ok
15:17:24.0831 12148        DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
15:17:24.0905 12148        DcomLaunch - ok
15:17:24.0933 12148        defragsvc      (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
15:17:24.0984 12148        defragsvc - ok
15:17:25.0044 12148        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
15:17:25.0123 12148        DfsC - ok
15:17:25.0173 12148        Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
15:17:25.0232 12148        Dhcp - ok
15:17:25.0272 12148        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
15:17:25.0331 12148        discache - ok
15:17:25.0376 12148        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\drivers\disk.sys
15:17:25.0405 12148        Disk - ok
15:17:25.0430 12148        Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
15:17:25.0468 12148        Dnscache - ok
15:17:25.0494 12148        dot3svc        (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
15:17:25.0538 12148        dot3svc - ok
15:17:25.0556 12148        DPS            (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
15:17:25.0624 12148        DPS - ok
15:17:25.0653 12148        drmkaud        (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
15:17:25.0704 12148        drmkaud - ok
15:17:25.0758 12148        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
15:17:25.0783 12148        DXGKrnl - ok
15:17:25.0817 12148        EapHost        (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
15:17:25.0868 12148        EapHost - ok
15:17:26.0011 12148        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\drivers\evbda.sys
15:17:26.0062 12148        ebdrv - ok
15:17:26.0142 12148        EFS            (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
15:17:26.0178 12148        EFS - ok
15:17:26.0285 12148        ehRecvr        (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
15:17:26.0329 12148        ehRecvr - ok
15:17:26.0355 12148        ehSched        (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
15:17:26.0376 12148        ehSched - ok
15:17:26.0456 12148        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\drivers\elxstor.sys
15:17:26.0490 12148        elxstor - ok
15:17:26.0500 12148        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
15:17:26.0522 12148        ErrDev - ok
15:17:26.0585 12148        EventSystem    (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
15:17:26.0640 12148        EventSystem - ok
15:17:26.0803 12148        EvtEng          (8b6c9924b0d333dbf76086b8258a0891) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:17:26.0837 12148        EvtEng - ok
15:17:26.0957 12148        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
15:17:26.0991 12148        exfat - ok
15:17:27.0010 12148        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
15:17:27.0071 12148        fastfat - ok
15:17:27.0123 12148        Fax            (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
15:17:27.0176 12148        Fax - ok
15:17:27.0221 12148        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\drivers\fdc.sys
15:17:27.0265 12148        fdc - ok
15:17:27.0307 12148        fdPHost        (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
15:17:27.0347 12148        fdPHost - ok
15:17:27.0357 12148        FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
15:17:27.0423 12148        FDResPub - ok
15:17:27.0455 12148        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
15:17:27.0465 12148        FileInfo - ok
15:17:27.0483 12148        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
15:17:27.0571 12148        Filetrace - ok
15:17:27.0604 12148        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\drivers\flpydisk.sys
15:17:27.0629 12148        flpydisk - ok
15:17:27.0660 12148        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
15:17:27.0689 12148        FltMgr - ok
15:17:27.0745 12148        FontCache      (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
15:17:27.0802 12148        FontCache - ok
15:17:27.0856 12148        FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:17:27.0881 12148        FontCache3.0.0.0 - ok
15:17:27.0937 12148        FsDepends      (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
15:17:27.0958 12148        FsDepends - ok
15:17:27.0982 12148        Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
15:17:28.0010 12148        Fs_Rec - ok
15:17:28.0043 12148        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
15:17:28.0079 12148        fvevol - ok
15:17:28.0114 12148        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\drivers\gagp30kx.sys
15:17:28.0124 12148        gagp30kx - ok
15:17:28.0155 12148        GEARAspiWDM    (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
15:17:28.0163 12148        GEARAspiWDM - ok
15:17:28.0212 12148        gpsvc          (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
15:17:28.0255 12148        gpsvc - ok
15:17:28.0340 12148        gupdate        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:17:28.0367 12148        gupdate - ok
15:17:28.0379 12148        gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:17:28.0387 12148        gupdatem - ok
15:17:28.0416 12148        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
15:17:28.0455 12148        hcw85cir - ok
15:17:28.0502 12148        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
15:17:28.0547 12148        HdAudAddService - ok
15:17:28.0583 12148        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\DRIVERS\HDAudBus.sys
15:17:28.0644 12148        HDAudBus - ok
15:17:28.0671 12148        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\drivers\HidBatt.sys
15:17:28.0703 12148        HidBatt - ok
15:17:28.0725 12148        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\drivers\hidbth.sys
15:17:28.0765 12148        HidBth - ok
15:17:28.0793 12148        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\drivers\hidir.sys
15:17:28.0827 12148        HidIr - ok
15:17:28.0852 12148        hidserv        (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
15:17:28.0890 12148        hidserv - ok
15:17:28.0934 12148        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
15:17:28.0968 12148        HidUsb - ok
15:17:28.0993 12148        hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
15:17:29.0043 12148        hkmsvc - ok
15:17:29.0077 12148        HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
15:17:29.0119 12148        HomeGroupListener - ok
15:17:29.0161 12148        HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
15:17:29.0203 12148        HomeGroupProvider - ok
15:17:29.0248 12148        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
15:17:29.0276 12148        HpSAMD - ok
15:17:29.0334 12148        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
15:17:29.0409 12148        HTTP - ok
15:17:29.0458 12148        hwdatacard      (d969d0e26c5b1e813b17066a8318d5d4) C:\windows\system32\DRIVERS\ewusbmdm.sys
15:17:29.0487 12148        hwdatacard - ok
15:17:29.0497 12148        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
15:17:29.0506 12148        hwpolicy - ok
15:17:29.0530 12148        hwusbdev        (b45b3647ba32749b94fa689175ec8c26) C:\windows\system32\DRIVERS\ewusbdev.sys
15:17:29.0584 12148        hwusbdev - ok
15:17:29.0640 12148        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
15:17:29.0668 12148        i8042prt - ok
15:17:29.0688 12148        iaStor          (d7921d5a870b11cc1adab198a519d50a) C:\windows\system32\DRIVERS\iaStor.sys
15:17:29.0704 12148        iaStor - ok
15:17:29.0781 12148        IAStorDataMgrSvc (8fff9083252c16fe3960173722605e9e) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
15:17:29.0792 12148        IAStorDataMgrSvc - ok
15:17:29.0816 12148        iaStorV        (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
15:17:29.0834 12148        iaStorV - ok
15:17:29.0870 12148        iBtFltCoex      (fc85972037815fa7b413e790b426acb2) C:\windows\system32\DRIVERS\iBtFltCoex.sys
15:17:29.0904 12148        iBtFltCoex - ok
15:17:30.0014 12148        idsvc          (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:17:30.0041 12148        idsvc - ok
15:17:30.0076 12148        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\drivers\iirsp.sys
15:17:30.0085 12148        iirsp - ok
15:17:30.0128 12148        IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
15:17:30.0184 12148        IKEEXT - ok
15:17:30.0228 12148        intaud_WaveExtensible (caddf0927dac63edae48f5c35a61d87d) C:\windows\system32\drivers\intelaud.sys
15:17:30.0248 12148        intaud_WaveExtensible - ok
15:17:30.0311 12148        IntcDAud        (fc727061c0f47c8059e88e05d5c8e381) C:\windows\system32\DRIVERS\IntcDAud.sys
15:17:30.0346 12148        IntcDAud - ok
15:17:30.0359 12148        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
15:17:30.0368 12148        intelide - ok
15:17:30.0805 12148        intelkmd        (174bcac474de13b2650e444cf124828e) C:\windows\system32\DRIVERS\igdpmd64.sys
15:17:31.0100 12148        intelkmd - ok
15:17:31.0211 12148        intelppm        (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
15:17:31.0240 12148        intelppm - ok
15:17:31.0275 12148        IPBusEnum      (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
15:17:31.0320 12148        IPBusEnum - ok
15:17:31.0345 12148        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
15:17:31.0383 12148        IpFilterDriver - ok
15:17:31.0433 12148        iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
15:17:31.0506 12148        iphlpsvc - ok
15:17:31.0517 12148        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
15:17:31.0541 12148        IPMIDRV - ok
15:17:31.0559 12148        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
15:17:31.0628 12148        IPNAT - ok
15:17:31.0734 12148        iPod Service    (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
15:17:31.0772 12148        iPod Service - ok
15:17:31.0810 12148        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
15:17:31.0857 12148        IRENUM - ok
15:17:31.0881 12148        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
15:17:31.0892 12148        isapnp - ok
15:17:31.0917 12148        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
15:17:31.0930 12148        iScsiPrt - ok
15:17:31.0961 12148        iwdbus          (716f66336f10885d935b08174dc54242) C:\windows\system32\DRIVERS\iwdbus.sys
15:17:31.0971 12148        iwdbus - ok
15:17:31.0995 12148        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
15:17:32.0005 12148        kbdclass - ok
15:17:32.0034 12148        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
15:17:32.0086 12148        kbdhid - ok
15:17:32.0109 12148        KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
15:17:32.0120 12148        KeyIso - ok
15:17:32.0141 12148        KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
15:17:32.0151 12148        KSecDD - ok
15:17:32.0172 12148        KSecPkg        (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
15:17:32.0183 12148        KSecPkg - ok
15:17:32.0223 12148        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
15:17:32.0289 12148        ksthunk - ok
15:17:32.0343 12148        KtmRm          (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
15:17:32.0390 12148        KtmRm - ok
15:17:32.0433 12148        LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
15:17:32.0489 12148        LanmanServer - ok
15:17:32.0535 12148        LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
15:17:32.0585 12148        LanmanWorkstation - ok
15:17:32.0634 12148        lltdio          (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
15:17:32.0709 12148        lltdio - ok
15:17:32.0745 12148        lltdsvc        (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
15:17:32.0803 12148        lltdsvc - ok
15:17:32.0829 12148        lmhosts        (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
15:17:32.0890 12148        lmhosts - ok
15:17:33.0000 12148        LMS            (0803906d607a9b83184447b75b60ecc2) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:17:33.0029 12148        LMS - ok
15:17:33.0060 12148        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\drivers\lsi_fc.sys
15:17:33.0071 12148        LSI_FC - ok
15:17:33.0103 12148        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\drivers\lsi_sas.sys
15:17:33.0114 12148        LSI_SAS - ok
15:17:33.0134 12148        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\drivers\lsi_sas2.sys
15:17:33.0143 12148        LSI_SAS2 - ok
15:17:33.0165 12148        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\drivers\lsi_scsi.sys
15:17:33.0176 12148        LSI_SCSI - ok
15:17:33.0204 12148        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
15:17:33.0250 12148        luafv - ok
15:17:33.0290 12148        massfilter - ok
15:17:33.0349 12148        MBAMProtector  (dbc08862a71459e74f7538b432c114cc) C:\windows\system32\drivers\mbam.sys
15:17:33.0363 12148        MBAMProtector - ok
15:17:33.0419 12148        MBAMService    (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:17:33.0453 12148        MBAMService - ok
15:17:33.0492 12148        Mcx2Svc        (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
15:17:33.0535 12148        Mcx2Svc - ok
15:17:33.0565 12148        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\drivers\megasas.sys
15:17:33.0594 12148        megasas - ok
15:17:33.0617 12148        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\drivers\MegaSR.sys
15:17:33.0630 12148        MegaSR - ok
15:17:33.0641 12148        MEIx64          (1c6e73fc46b509eff9d0086aa37132df) C:\windows\system32\DRIVERS\HECIx64.sys
15:17:33.0651 12148        MEIx64 - ok
15:17:33.0673 12148        MMCSS          (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
15:17:33.0720 12148        MMCSS - ok
15:17:33.0739 12148        Modem          (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
15:17:33.0786 12148        Modem - ok
15:17:33.0809 12148        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
15:17:33.0833 12148        monitor - ok
15:17:33.0862 12148        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
15:17:33.0892 12148        mouclass - ok
15:17:33.0920 12148        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
15:17:33.0956 12148        mouhid - ok
15:17:33.0995 12148        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
15:17:34.0005 12148        mountmgr - ok
15:17:34.0067 12148        MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:17:34.0101 12148        MozillaMaintenance - ok
15:17:34.0116 12148        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
15:17:34.0127 12148        mpio - ok
15:17:34.0153 12148        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
15:17:34.0181 12148        mpsdrv - ok
15:17:34.0246 12148        MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
15:17:34.0288 12148        MpsSvc - ok
15:17:34.0295 12148        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
15:17:34.0324 12148        MRxDAV - ok
15:17:34.0362 12148        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
15:17:34.0416 12148        mrxsmb - ok
15:17:34.0441 12148        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
15:17:34.0455 12148        mrxsmb10 - ok
15:17:34.0472 12148        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
15:17:34.0484 12148        mrxsmb20 - ok
15:17:34.0508 12148        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
15:17:34.0518 12148        msahci - ok
15:17:34.0538 12148        msdsm          (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
15:17:34.0549 12148        msdsm - ok
15:17:34.0586 12148        MSDTC          (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
15:17:34.0625 12148        MSDTC - ok
15:17:34.0649 12148        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
15:17:34.0714 12148        Msfs - ok
15:17:34.0734 12148        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
15:17:34.0776 12148        mshidkmdf - ok
15:17:34.0802 12148        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
15:17:34.0811 12148        msisadrv - ok
15:17:34.0846 12148        MSiSCSI        (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
15:17:34.0891 12148        MSiSCSI - ok
15:17:34.0893 12148        msiserver - ok
15:17:34.0920 12148        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
15:17:34.0987 12148        MSKSSRV - ok
15:17:35.0000 12148        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
15:17:35.0047 12148        MSPCLOCK - ok
15:17:35.0075 12148        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
15:17:35.0139 12148        MSPQM - ok
15:17:35.0169 12148        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
15:17:35.0183 12148        MsRPC - ok
15:17:35.0201 12148        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
15:17:35.0211 12148        mssmbios - ok
15:17:35.0232 12148        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
15:17:35.0289 12148        MSTEE - ok
15:17:35.0321 12148        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\drivers\MTConfig.sys
15:17:35.0353 12148        MTConfig - ok
15:17:35.0386 12148        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
15:17:35.0396 12148        Mup - ok
15:17:35.0476 12148        MyWiFiDHCPDNS  (6ed8935257672f4cd04a88a0f3de093d) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
15:17:35.0493 12148        MyWiFiDHCPDNS - ok
15:17:35.0530 12148        napagent        (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
15:17:35.0614 12148        napagent - ok
15:17:35.0669 12148        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
15:17:35.0710 12148        NativeWifiP - ok
15:17:35.0816 12148        NAUpdate        (934bb0d23a25c8c136570800a5a149b6) C:\Program Files (x86)\Nero\Update\NASvc.exe
15:17:35.0850 12148        NAUpdate - ok
15:17:35.0918 12148        NDIS            (c38b8ae57f78915905064a9a24dc1586) C:\windows\system32\drivers\ndis.sys
15:17:35.0950 12148        NDIS - ok
15:17:35.0979 12148        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
15:17:36.0038 12148        NdisCap - ok
15:17:36.0066 12148        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
15:17:36.0095 12148        NdisTapi - ok
15:17:36.0126 12148        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
15:17:36.0189 12148        Ndisuio - ok
15:17:36.0205 12148        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
15:17:36.0241 12148        NdisWan - ok
15:17:36.0271 12148        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
15:17:36.0332 12148        NDProxy - ok
15:17:36.0354 12148        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
15:17:36.0396 12148        NetBIOS - ok
15:17:36.0432 12148        NetBT          (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
15:17:36.0462 12148        NetBT - ok
15:17:36.0487 12148        Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
15:17:36.0498 12148        Netlogon - ok
15:17:36.0533 12148        Netman          (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
15:17:36.0596 12148        Netman - ok
15:17:36.0670 12148        NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:17:36.0688 12148        NetMsmqActivator - ok
15:17:36.0691 12148        NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:17:36.0700 12148        NetPipeActivator - ok
15:17:36.0743 12148        netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
15:17:36.0813 12148        netprofm - ok
15:17:36.0816 12148        NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:17:36.0825 12148        NetTcpActivator - ok
15:17:36.0828 12148        NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:17:36.0837 12148        NetTcpPortSharing - ok
15:17:37.0302 12148        NETwNs64        (5d262402b0634c998f8cbcead7dd8676) C:\windows\system32\DRIVERS\NETwNs64.sys
15:17:37.0578 12148        NETwNs64 - ok
15:17:37.0694 12148        nfrd960        (77889813be4d166cdab78ddba990da92) C:\windows\system32\drivers\nfrd960.sys
15:17:37.0710 12148        nfrd960 - ok
15:17:37.0750 12148        NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
15:17:37.0811 12148        NlaSvc - ok
15:17:37.0980 12148        NOBU            (b9b72faaaa41d59b73b88fe3dd737ed1) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
15:17:38.0031 12148        NOBU - ok
15:17:38.0132 12148        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
15:17:38.0175 12148        Npfs - ok
15:17:38.0207 12148        nsi            (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
15:17:38.0285 12148        nsi - ok
15:17:38.0301 12148        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
15:17:38.0338 12148        nsiproxy - ok
15:17:38.0416 12148        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
15:17:38.0453 12148        Ntfs - ok
15:17:38.0557 12148        Null            (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
15:17:38.0623 12148        Null - ok
15:17:38.0654 12148        nusb3hub        (158ad24745bd85ba9be3c51c38f48c32) C:\windows\system32\DRIVERS\nusb3hub.sys
15:17:38.0682 12148        nusb3hub - ok
15:17:38.0700 12148        nusb3xhc        (d40a13b2c0891e218f9523b376955db6) C:\windows\system32\DRIVERS\nusb3xhc.sys
15:17:38.0723 12148        nusb3xhc - ok
15:17:38.0761 12148        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
15:17:38.0788 12148        nvraid - ok
15:17:38.0814 12148        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
15:17:38.0825 12148        nvstor - ok
15:17:38.0851 12148        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
15:17:38.0863 12148        nv_agp - ok
15:17:38.0876 12148        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
15:17:38.0901 12148        ohci1394 - ok
15:17:39.0006 12148        ose            (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:17:39.0028 12148        ose - ok
15:17:39.0271 12148        osppsvc        (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:17:39.0413 12148        osppsvc - ok
15:17:39.0509 12148        p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
15:17:39.0550 12148        p2pimsvc - ok
15:17:39.0584 12148        p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
15:17:39.0602 12148        p2psvc - ok
15:17:39.0663 12148        Parport        (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\drivers\parport.sys
15:17:39.0708 12148        Parport - ok
15:17:39.0737 12148        partmgr        (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
15:17:39.0756 12148        partmgr - ok
15:17:39.0793 12148        PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
15:17:39.0828 12148        PcaSvc - ok
15:17:39.0866 12148        pci            (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
15:17:39.0897 12148        pci - ok
15:17:39.0914 12148        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
15:17:39.0923 12148        pciide - ok
15:17:39.0940 12148        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\drivers\pcmcia.sys
15:17:39.0953 12148        pcmcia - ok
15:17:39.0969 12148        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
15:17:39.0978 12148        pcw - ok
15:17:40.0008 12148        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
15:17:40.0090 12148        PEAUTH - ok
15:17:40.0180 12148        PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
15:17:40.0233 12148        PerfHost - ok
15:17:40.0362 12148        pla            (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
15:17:40.0422 12148        pla - ok
15:17:40.0479 12148        PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
15:17:40.0516 12148        PlugPlay - ok
15:17:40.0545 12148        PNRPAutoReg    (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
15:17:40.0584 12148        PNRPAutoReg - ok
15:17:40.0605 12148        PNRPsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
15:17:40.0622 12148        PNRPsvc - ok
15:17:40.0666 12148        PolicyAgent    (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
15:17:40.0740 12148        PolicyAgent - ok
15:17:40.0773 12148        Power          (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
15:17:40.0841 12148        Power - ok
15:17:40.0911 12148        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
15:17:40.0989 12148        PptpMiniport - ok
15:17:41.0005 12148        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\drivers\processr.sys
15:17:41.0035 12148        Processor - ok
15:17:41.0088 12148        ProfSvc        (5c78838b4d166d1a27db3a8a820c799a) C:\windows\system32\profsvc.dll
15:17:41.0153 12148        ProfSvc - ok
15:17:41.0176 12148        ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
15:17:41.0198 12148        ProtectedStorage - ok
15:17:41.0241 12148        Psched          (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
15:17:41.0315 12148        Psched - ok
15:17:41.0347 12148        PxHlpa64        (87b04878a6d59d6c79251dc960c674c1) C:\windows\system32\Drivers\PxHlpa64.sys
15:17:41.0357 12148        PxHlpa64 - ok
15:17:41.0425 12148        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\drivers\ql2300.sys
15:17:41.0458 12148        ql2300 - ok
15:17:41.0572 12148        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\drivers\ql40xx.sys
15:17:41.0584 12148        ql40xx - ok
15:17:41.0619 12148        QWAVE          (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
15:17:41.0639 12148        QWAVE - ok
15:17:41.0654 12148        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
15:17:41.0683 12148        QWAVEdrv - ok
15:17:41.0699 12148        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
15:17:41.0735 12148        RasAcd - ok
15:17:41.0773 12148        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
15:17:41.0801 12148        RasAgileVpn - ok
15:17:41.0837 12148        RasAuto        (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
15:17:41.0916 12148        RasAuto - ok
15:17:41.0938 12148        Rasl2tp        (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
15:17:41.0986 12148        Rasl2tp - ok
15:17:42.0018 12148        RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
15:17:42.0071 12148        RasMan - ok
15:17:42.0107 12148        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
15:17:42.0163 12148        RasPppoe - ok
15:17:42.0193 12148        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
15:17:42.0251 12148        RasSstp - ok
15:17:42.0280 12148        rdbss          (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
15:17:42.0326 12148        rdbss - ok
15:17:42.0359 12148        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\drivers\rdpbus.sys
15:17:42.0393 12148        rdpbus - ok
15:17:42.0413 12148        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
15:17:42.0442 12148        RDPCDD - ok
15:17:42.0456 12148        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
15:17:42.0523 12148        RDPENCDD - ok
15:17:42.0541 12148        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
15:17:42.0570 12148        RDPREFMP - ok
15:17:42.0609 12148        RDPWD          (6d76e6433574b058adcb0c50df834492) C:\windows\system32\drivers\RDPWD.sys
15:17:42.0649 12148        RDPWD - ok
15:17:42.0684 12148        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
15:17:42.0717 12148        rdyboost - ok
15:17:42.0832 12148        RegSrvc        (189c5a8d2098e0aa14fd157a954b34fc) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:17:42.0872 12148        RegSrvc - ok
15:17:42.0903 12148        RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
15:17:42.0943 12148        RemoteAccess - ok
15:17:42.0987 12148        RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
15:17:43.0046 12148        RemoteRegistry - ok
15:17:43.0110 12148        RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys
15:17:43.0151 12148        RFCOMM - ok
15:17:43.0297 12148        RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
15:17:43.0331 12148        RoxMediaDB12OEM - ok
15:17:43.0353 12148        RoxWatch12      (2b73088cc2ca757a172b425c9398e5bc) c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
15:17:43.0365 12148        RoxWatch12 - ok
15:17:43.0455 12148        RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
15:17:43.0537 12148        RpcEptMapper - ok
15:17:43.0565 12148        RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
15:17:43.0588 12148        RpcLocator - ok
15:17:43.0622 12148        RpcSs          (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
15:17:43.0660 12148        RpcSs - ok
15:17:43.0703 12148        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
15:17:43.0753 12148        rspndr - ok
15:17:43.0809 12148        RSUSBSTOR      (be29b0a3ac1e8bd02ffab8cee86badfa) C:\windows\system32\Drivers\RtsUStor.sys
15:17:43.0831 12148        RSUSBSTOR - ok
15:17:43.0865 12148        RTL8167        (2777226ee8bf50b059d7a7c90177e99c) C:\windows\system32\DRIVERS\Rt64win7.sys
15:17:43.0881 12148        RTL8167 - ok
15:17:43.0899 12148        SamSs          (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
15:17:43.0911 12148        SamSs - ok
15:17:43.0927 12148        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
15:17:43.0937 12148        sbp2port - ok
15:17:43.0970 12148        SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
15:17:44.0048 12148        SCardSvr - ok
15:17:44.0077 12148        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
15:17:44.0140 12148        scfilter - ok
15:17:44.0185 12148        Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
15:17:44.0252 12148        Schedule - ok
15:17:44.0279 12148        SCPolicySvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
15:17:44.0306 12148        SCPolicySvc - ok
15:17:44.0331 12148        SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
15:17:44.0365 12148        SDRSVC - ok
15:17:44.0417 12148        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
15:17:44.0495 12148        secdrv - ok
15:17:44.0510 12148        seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
15:17:44.0540 12148        seclogon - ok
15:17:44.0573 12148        SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
15:17:44.0649 12148        SENS - ok
15:17:44.0668 12148        SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
15:17:44.0694 12148        SensrSvc - ok
15:17:44.0716 12148        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\drivers\serenum.sys
15:17:44.0754 12148        Serenum - ok
15:17:44.0776 12148        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\drivers\serial.sys
15:17:44.0800 12148        Serial - ok
15:17:44.0828 12148        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\drivers\sermouse.sys
15:17:44.0866 12148        sermouse - ok
15:17:44.0909 12148        SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
15:17:44.0964 12148        SessionEnv - ok
15:17:44.0994 12148        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
15:17:45.0027 12148        sffdisk - ok
15:17:45.0043 12148        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
15:17:45.0066 12148        sffp_mmc - ok
15:17:45.0069 12148        sffp_sd        (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
15:17:45.0088 12148        sffp_sd - ok
15:17:45.0115 12148        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\drivers\sfloppy.sys
15:17:45.0141 12148        sfloppy - ok
15:17:45.0210 12148        Sftfs          (c6cc9297bd53e5229653303e556aa539) C:\windows\system32\DRIVERS\Sftfslh.sys
15:17:45.0244 12148        Sftfs - ok
15:17:45.0309 12148        sftlist        (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
15:17:45.0333 12148        sftlist - ok
15:17:45.0357 12148        Sftplay        (390aa7bc52cee43f6790cdea1e776703) C:\windows\system32\DRIVERS\Sftplaylh.sys
15:17:45.0368 12148        Sftplay - ok
15:17:45.0390 12148        Sftredir        (617e29a0b0a2807466560d4c4e338d3e) C:\windows\system32\DRIVERS\Sftredirlh.sys
15:17:45.0398 12148        Sftredir - ok
15:17:45.0504 12148        SftService      (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
15:17:45.0538 12148        SftService - ok
15:17:45.0643 12148        Sftvol          (8f571f016fa1976f445147e9e6c8ae9b) C:\windows\system32\DRIVERS\Sftvollh.sys
15:17:45.0658 12148        Sftvol - ok
15:17:45.0714 12148        sftvsa          (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
15:17:45.0725 12148        sftvsa - ok
15:17:45.0764 12148        SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
15:17:45.0810 12148        SharedAccess - ok
15:17:45.0843 12148        ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
15:17:45.0910 12148        ShellHWDetection - ok
15:17:45.0947 12148        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\drivers\SiSRaid2.sys
15:17:45.0957 12148        SiSRaid2 - ok
15:17:45.0973 12148        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\drivers\sisraid4.sys
15:17:45.0984 12148        SiSRaid4 - ok
15:17:46.0019 12148        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
15:17:46.0093 12148        Smb - ok
15:17:46.0119 12148        SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
15:17:46.0164 12148        SNMPTRAP - ok
15:17:46.0196 12148        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
15:17:46.0225 12148        spldr - ok
15:17:46.0255 12148        Spooler        (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
15:17:46.0295 12148        Spooler - ok
15:17:46.0439 12148        sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
15:17:46.0527 12148        sppsvc - ok
15:17:46.0619 12148        sppuinotify    (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
15:17:46.0667 12148        sppuinotify - ok
15:17:46.0732 12148        srv            (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
15:17:46.0795 12148        srv - ok
15:17:46.0839 12148        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
15:17:46.0876 12148        srv2 - ok
15:17:46.0901 12148        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
15:17:46.0913 12148        srvnet - ok
15:17:46.0952 12148        SSDPSRV        (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
15:17:47.0000 12148        SSDPSRV - ok
15:17:47.0013 12148        SstpSvc        (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
15:17:47.0044 12148        SstpSvc - ok
15:17:47.0118 12148        STacSV          (b2d8b364a831427a5741f6c408fa8ae3) C:\Program Files\IDT\WDM\STacSV64.exe
15:17:47.0146 12148        STacSV - ok
15:17:47.0177 12148        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\drivers\stexstor.sys
15:17:47.0191 12148        stexstor - ok
15:17:47.0260 12148        STHDA          (ef5acde92ba3f691bbfef781cb063501) C:\windows\system32\DRIVERS\stwrt64.sys
15:17:47.0294 12148        STHDA - ok
15:17:47.0347 12148        stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
15:17:47.0399 12148        stisvc - ok
15:17:47.0478 12148        stllssvr        (7731f46ec0d687a931cba063e8f90ef0) c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
15:17:47.0504 12148        stllssvr - ok
15:17:47.0528 12148        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
15:17:47.0537 12148        swenum - ok
15:17:47.0568 12148        swprv          (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
15:17:47.0619 12148        swprv - ok
15:17:47.0689 12148        SysMain        (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
15:17:47.0747 12148        SysMain - ok
15:17:47.0843 12148        TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
15:17:47.0906 12148        TabletInputService - ok
15:17:47.0933 12148        TapiSrv        (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
15:17:47.0972 12148        TapiSrv - ok
15:17:47.0993 12148        TBS            (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
15:17:48.0063 12148        TBS - ok
15:17:48.0177 12148        Tcpip          (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
15:17:48.0217 12148        Tcpip - ok
15:17:48.0410 12148        TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
15:17:48.0444 12148        TCPIP6 - ok
15:17:48.0544 12148        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
15:17:48.0633 12148        tcpipreg - ok
15:17:48.0655 12148        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
15:17:48.0677 12148        TDPIPE - ok
15:17:48.0707 12148        TDTCP          (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
15:17:48.0738 12148        TDTCP - ok
15:17:48.0782 12148        tdx            (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
15:17:48.0834 12148        tdx - ok
15:17:48.0849 12148        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\DRIVERS\termdd.sys
15:17:48.0859 12148        TermDD - ok
15:17:48.0900 12148        TermService    (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
15:17:48.0955 12148        TermService - ok
15:17:48.0979 12148        Themes          (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
15:17:49.0017 12148        Themes - ok
15:17:49.0041 12148        THREADORDER    (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
15:17:49.0092 12148        THREADORDER - ok
15:17:49.0105 12148        TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
15:17:49.0169 12148        TrkWks - ok
15:17:49.0224 12148        TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
15:17:49.0297 12148        TrustedInstaller - ok
15:17:49.0316 12148        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
15:17:49.0377 12148        tssecsrv - ok
15:17:49.0397 12148        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
15:17:49.0418 12148        TsUsbFlt - ok
15:17:49.0446 12148        TsUsbGD        (9cc2ccae8a84820eaecb886d477cbcb8) C:\windows\system32\drivers\TsUsbGD.sys
15:17:49.0456 12148        TsUsbGD - ok
15:17:49.0532 12148        TuneUp.Defrag  (4650febe40936f13f1ea6c67ffcff7ec) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
15:17:49.0562 12148        TuneUp.Defrag - ok
15:17:49.0640 12148        TuneUp.UtilitiesSvc (99bb325af16e38f1d6a63e7185f00b4c) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
15:17:49.0665 12148        TuneUp.UtilitiesSvc - ok
15:17:49.0700 12148        TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys
15:17:49.0721 12148        TuneUpUtilitiesDrv - ok
15:17:49.0843 12148        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
15:17:49.0894 12148        tunnel - ok
15:17:49.0924 12148        TurboB          (fd24f98d2898be093fe926604be7db99) C:\windows\system32\DRIVERS\TurboB.sys
15:17:49.0935 12148        TurboB - ok
15:17:49.0970 12148        TurboBoost      (600b406a04d90f577fea8a88d7379f08) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
15:17:49.0995 12148        TurboBoost - ok
15:17:50.0027 12148        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\drivers\uagp35.sys
15:17:50.0045 12148        uagp35 - ok
15:17:50.0077 12148        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
15:17:50.0138 12148        udfs - ok
15:17:50.0171 12148        UI0Detect      (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
15:17:50.0221 12148        UI0Detect - ok
15:17:50.0260 12148        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
15:17:50.0270 12148        uliagpkx - ok
15:17:50.0291 12148        umbus          (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys
15:17:50.0334 12148        umbus - ok
15:17:50.0360 12148        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\drivers\umpass.sys
15:17:50.0405 12148        UmPass - ok
15:17:50.0579 12148        UNS            (eb79c6c91a99930015ef29ae7fa802d1) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:17:50.0621 12148        UNS - ok
15:17:50.0707 12148        upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
15:17:50.0770 12148        upnphost - ok
15:17:50.0849 12148        USBAAPL64      (fb251567f41bc61988b26731dec19e4b) C:\windows\system32\Drivers\usbaapl64.sys
15:17:50.0891 12148        USBAAPL64 - ok
15:17:50.0922 12148        usbccgp        (19ad7990c0b67e48dac5b26f99628223) C:\windows\system32\DRIVERS\usbccgp.sys
15:17:50.0960 12148        usbccgp - ok
15:17:51.0005 12148        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
15:17:51.0031 12148        usbcir - ok
15:17:51.0048 12148        usbehci        (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
15:17:51.0069 12148        usbehci - ok
15:17:51.0108 12148        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
15:17:51.0150 12148        usbhub - ok
15:17:51.0163 12148        usbohci        (58e546bbaf87664fc57e0f6081e4f609) C:\windows\system32\drivers\usbohci.sys
15:17:51.0190 12148        usbohci - ok
15:17:51.0219 12148        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\drivers\usbprint.sys
15:17:51.0266 12148        usbprint - ok
15:17:51.0297 12148        USBSTOR        (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
15:17:51.0326 12148        USBSTOR - ok
15:17:51.0339 12148        usbuhci        (81fb2216d3a60d1284455d511797db3d) C:\windows\system32\drivers\usbuhci.sys
15:17:51.0380 12148        usbuhci - ok
15:17:51.0409 12148        usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\windows\system32\Drivers\usbvideo.sys
15:17:51.0448 12148        usbvideo - ok
15:17:51.0474 12148        UxSms          (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
15:17:51.0549 12148        UxSms - ok
15:17:51.0577 12148        UxTuneUp        (a66a7b27d8e2faf6f4ea2debb8aa7440) C:\windows\System32\uxtuneup.dll
15:17:51.0587 12148        UxTuneUp - ok
15:17:51.0611 12148        VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
15:17:51.0622 12148        VaultSvc - ok
15:17:51.0660 12148        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
15:17:51.0686 12148        vdrvroot - ok
15:17:51.0730 12148        vds            (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
15:17:51.0793 12148        vds - ok
15:17:51.0811 12148        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
15:17:51.0825 12148        vga - ok
15:17:51.0840 12148        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
15:17:51.0905 12148        VgaSave - ok
15:17:51.0928 12148        vhdmp          (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
15:17:51.0941 12148        vhdmp - ok
15:17:51.0963 12148        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
15:17:51.0972 12148        viaide - ok
15:17:52.0006 12148        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
15:17:52.0021 12148        volmgr - ok
15:17:52.0051 12148        volmgrx        (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
15:17:52.0067 12148        volmgrx - ok
15:17:52.0092 12148        volsnap        (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
15:17:52.0104 12148        volsnap - ok
15:17:52.0149 12148        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\drivers\vsmraid.sys
15:17:52.0170 12148        vsmraid - ok
15:17:52.0255 12148        VSS            (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
15:17:52.0313 12148        VSS - ok
15:17:52.0420 12148        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
15:17:52.0452 12148        vwifibus - ok
15:17:52.0479 12148        vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
15:17:52.0527 12148        vwififlt - ok
15:17:52.0565 12148        vwifimp        (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
15:17:52.0614 12148        vwifimp - ok
15:17:52.0656 12148        W32Time        (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
15:17:52.0703 12148        W32Time - ok
15:17:52.0724 12148        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\drivers\wacompen.sys
15:17:52.0762 12148        WacomPen - ok
15:17:52.0814 12148        WANARP          (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
15:17:52.0863 12148        WANARP - ok
15:17:52.0866 12148        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
15:17:52.0894 12148        Wanarpv6 - ok
15:17:52.0999 12148        WatAdminSvc    (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
15:17:53.0038 12148        WatAdminSvc - ok
15:17:53.0125 12148        wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
15:17:53.0171 12148        wbengine - ok
15:17:53.0261 12148        WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
15:17:53.0309 12148        WbioSrvc - ok
15:17:53.0335 12148        wcncsvc        (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
15:17:53.0368 12148        wcncsvc - ok
15:17:53.0390 12148        WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
15:17:53.0417 12148        WcsPlugInService - ok
15:17:53.0466 12148        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\drivers\wd.sys
15:17:53.0498 12148        Wd - ok
15:17:53.0539 12148        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
15:17:53.0579 12148        Wdf01000 - ok
15:17:53.0593 12148        WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
15:17:53.0619 12148        WdiServiceHost - ok
15:17:53.0621 12148        WdiSystemHost  (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
15:17:53.0639 12148        WdiSystemHost - ok
15:17:53.0673 12148        WebClient      (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
15:17:53.0716 12148        WebClient - ok
15:17:53.0741 12148        Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
15:17:53.0824 12148        Wecsvc - ok
15:17:53.0841 12148        wercplsupport  (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
15:17:53.0872 12148        wercplsupport - ok
15:17:53.0884 12148        WerSvc          (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
15:17:53.0916 12148        WerSvc - ok
15:17:53.0961 12148        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
15:17:54.0011 12148        WfpLwf - ok
15:17:54.0044 12148        WimFltr        (b14ef15bd757fa488f9c970eee9c0d35) C:\windows\system32\DRIVERS\wimfltr.sys
15:17:54.0056 12148        WimFltr - ok
15:17:54.0067 12148        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
15:17:54.0077 12148        WIMMount - ok
15:17:54.0116 12148        WinDefend - ok
15:17:54.0133 12148        WinHttpAutoProxySvc - ok
15:17:54.0193 12148        Winmgmt        (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
15:17:54.0247 12148        Winmgmt - ok
15:17:54.0355 12148        WinRM          (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
15:17:54.0409 12148        WinRM - ok
15:17:54.0534 12148        WinUsb          (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
15:17:54.0594 12148        WinUsb - ok
15:17:54.0657 12148        Wlansvc        (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
15:17:54.0701 12148        Wlansvc - ok
15:17:54.0763 12148        wlcrasvc        (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:17:54.0790 12148        wlcrasvc - ok
15:17:54.0928 12148        wlidsvc        (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:17:54.0972 12148        wlidsvc - ok
15:17:55.0081 12148        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys
15:17:55.0110 12148        WmiAcpi - ok
15:17:55.0161 12148        wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
15:17:55.0196 12148        wmiApSrv - ok
15:17:55.0241 12148        WMPNetworkSvc - ok
15:17:55.0290 12148        WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
15:17:55.0302 12148        WPCSvc - ok
15:17:55.0319 12148        WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
15:17:55.0334 12148        WPDBusEnum - ok
15:17:55.0359 12148        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
15:17:55.0388 12148        ws2ifsl - ok
15:17:55.0398 12148        wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll
15:17:55.0434 12148        wscsvc - ok
15:17:55.0437 12148        WSearch - ok
15:17:55.0555 12148        wuauserv        (9df12edbc698b0bc353b3ef84861e430) C:\windows\system32\wuaueng.dll
15:17:55.0629 12148        wuauserv - ok
15:17:55.0728 12148        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
15:17:55.0781 12148        WudfPf - ok
15:17:55.0810 12148        WUDFRd          (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
15:17:55.0872 12148        WUDFRd - ok
15:17:55.0901 12148        wudfsvc        (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
15:17:55.0934 12148        wudfsvc - ok
15:17:55.0960 12148        WwanSvc        (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
15:17:56.0006 12148        WwanSvc - ok
15:17:56.0041 12148        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:17:56.0944 12148        \Device\Harddisk0\DR0 - ok
15:17:56.0955 12148        MBR (0x1B8)    (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk2\DR2
15:17:58.0555 12148        \Device\Harddisk2\DR2 - ok
15:17:58.0595 12148        Boot (0x1200)  (17e6064b18aa88ed8319b3238fe06a25) \Device\Harddisk0\DR0\Partition0
15:17:58.0598 12148        \Device\Harddisk0\DR0\Partition0 - ok
15:17:58.0611 12148        Boot (0x1200)  (bb466bb716b7e27640db25132c4819c9) \Device\Harddisk0\DR0\Partition1
15:17:58.0614 12148        \Device\Harddisk0\DR0\Partition1 - ok
15:17:58.0620 12148        Boot (0x1200)  (af27ae8c542f01c43a90321c7485d70b) \Device\Harddisk2\DR2\Partition0
15:17:58.0622 12148        \Device\Harddisk2\DR2\Partition0 - ok
15:17:58.0633 12148        ============================================================
15:17:58.0633 12148        Scan finished
15:17:58.0633 12148        ============================================================
15:17:58.0648 12088        Detected object count: 2
15:17:58.0648 12088        Actual detected object count: 2
15:18:14.0275 12088        Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - skipped by user
15:18:14.0275 12088        Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:18:14.0275 12088        Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:18:14.0276 12088        Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
Code:
15:16:49.0173 11396        TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
15:16:51.0177 11396        ============================================================
15:16:51.0177 11396        Current date / time: 2012/05/31 15:16:51.0177
15:16:51.0177 11396        SystemInfo:
15:16:51.0177 11396       
15:16:51.0177 11396        OS Version: 6.1.7601 ServicePack: 1.0
15:16:51.0177 11396        Product type: Workstation
15:16:51.0177 11396        ComputerName: ANNAMARIAWIEGEL
15:16:51.0178 11396        UserName: AnnaMariaWiegele
15:16:51.0178 11396        Windows directory: C:\windows
15:16:51.0178 11396        System windows directory: C:\windows
15:16:51.0178 11396        Running under WOW64
15:16:51.0178 11396        Processor architecture: Intel x64
15:16:51.0178 11396        Number of processors: 4
15:16:51.0178 11396        Page size: 0x1000
15:16:51.0178 11396        Boot type: Normal boot
15:16:51.0178 11396        ============================================================
15:16:51.0568 11396        Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:16:51.0576 11396        Drive \Device\Harddisk2\DR2 - Size: 0x7D00000 (0.12 Gb), SectorSize: 0x200, Cylinders: 0xF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:16:51.0578 11396        ============================================================
15:16:51.0578 11396        \Device\Harddisk0\DR0:
15:16:51.0578 11396        MBR partitions:
15:16:51.0578 11396        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
15:16:51.0578 11396        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x48AD92B0
15:16:51.0578 11396        \Device\Harddisk2\DR2:
15:16:51.0578 11396        MBR partitions:
15:16:51.0578 11396        \Device\Harddisk2\DR2\Partition0: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0x3E7DF
15:16:51.0578 11396        ============================================================
15:16:51.0602 11396        C: <-> \Device\Harddisk0\DR0\Partition1
15:16:51.0602 11396        ============================================================
15:16:51.0602 11396        Initialize success
15:16:51.0602 11396        ============================================================
15:17:14.0269 12148        ============================================================
15:17:14.0269 12148        Scan started
15:17:14.0269 12148        Mode: Manual; SigCheck; TDLFS;
15:17:14.0269 12148        ============================================================
15:17:14.0699 12148        1394ohci        (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
15:17:14.0828 12148        1394ohci - ok
15:17:14.0868 12148        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
15:17:14.0883 12148        ACPI - ok
15:17:14.0924 12148        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
15:17:14.0982 12148        AcpiPmi - ok
15:17:15.0110 12148        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:17:15.0136 12148        AdobeARMservice - ok
15:17:15.0273 12148        AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:17:15.0299 12148        AdobeFlashPlayerUpdateSvc - ok
15:17:15.0364 12148        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\drivers\adp94xx.sys
15:17:15.0393 12148        adp94xx - ok
15:17:15.0434 12148        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\drivers\adpahci.sys
15:17:15.0475 12148        adpahci - ok
15:17:15.0490 12148        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\drivers\adpu320.sys
15:17:15.0501 12148        adpu320 - ok
15:17:15.0527 12148        AeLookupSvc    (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
15:17:15.0664 12148        AeLookupSvc - ok
15:17:15.0732 12148        AESTFilters    (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe
15:17:15.0809 12148        AESTFilters - ok
15:17:15.0872 12148        AFD            (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
15:17:15.0956 12148        AFD - ok
15:17:16.0003 12148        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
15:17:16.0033 12148        agp440 - ok
15:17:16.0067 12148        ALG            (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
15:17:16.0109 12148        ALG - ok
15:17:16.0138 12148        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
15:17:16.0165 12148        aliide - ok
15:17:16.0193 12148        AMD External Events Utility (e6ce56be2c8bff7464554629829a1271) C:\windows\system32\atiesrxx.exe
15:17:16.0303 12148        AMD External Events Utility - ok
15:17:16.0333 12148        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
15:17:16.0343 12148        amdide - ok
15:17:16.0374 12148        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\drivers\amdk8.sys
15:17:16.0422 12148        AmdK8 - ok
15:17:16.0757 12148        amdkmdag        (e3cc08f03c55a284fbfd79071822df43) C:\windows\system32\DRIVERS\atikmdag.sys
15:17:17.0011 12148        amdkmdag - ok
15:17:17.0146 12148        amdkmdap        (f8976e22afd861cf67b6e2d3b4995cdb) C:\windows\system32\DRIVERS\atikmpag.sys
15:17:17.0216 12148        amdkmdap - ok
15:17:17.0233 12148        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\drivers\amdppm.sys
15:17:17.0261 12148        AmdPPM - ok
15:17:17.0289 12148        amdsata        (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
15:17:17.0299 12148        amdsata - ok
15:17:17.0340 12148        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\drivers\amdsbs.sys
15:17:17.0367 12148        amdsbs - ok
15:17:17.0377 12148        amdxata        (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
15:17:17.0387 12148        amdxata - ok
15:17:17.0431 12148        ApfiltrService  (24ed0eb2b2558970176ecee680f8f806) C:\windows\system32\DRIVERS\Apfiltr.sys
15:17:19.0581 12148        ApfiltrService - ok
15:17:19.0617 12148        AppID          (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
15:17:19.0688 12148        AppID - ok
15:17:19.0711 12148        AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
15:17:19.0776 12148        AppIDSvc - ok
15:17:19.0789 12148        Appinfo        (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
15:17:19.0836 12148        Appinfo - ok
15:17:19.0957 12148        Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:17:19.0977 12148        Apple Mobile Device - ok
15:17:20.0010 12148        arc            (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\drivers\arc.sys
15:17:20.0037 12148        arc - ok
15:17:20.0055 12148        arcsas          (019af6924aefe7839f61c830227fe79c) C:\windows\system32\drivers\arcsas.sys
15:17:20.0066 12148        arcsas - ok
15:17:20.0133 12148        aspnet_state    (9217d874131ae6ff8f642f124f00a555) C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:17:20.0155 12148        aspnet_state - ok
15:17:20.0193 12148        aswFsBlk        (b9da213b5271db5fce962d827e6d620d) C:\windows\system32\drivers\aswFsBlk.sys
15:17:20.0218 12148        aswFsBlk - ok
15:17:20.0243 12148        aswMonFlt      (21c9835d0e5ad2ff0f16134bcb32cc71) C:\windows\system32\drivers\aswMonFlt.sys
15:17:20.0274 12148        aswMonFlt - ok
15:17:20.0308 12148        aswRdr          (1b96a5867abd4fa6135d8298fcccf9c6) C:\windows\System32\Drivers\aswrdr2.sys
15:17:20.0336 12148        aswRdr - ok
15:17:20.0388 12148        aswSnx          (6e98bb288696777a3a8a07a52b0eaee9) C:\windows\system32\drivers\aswSnx.sys
15:17:20.0412 12148        aswSnx - ok
15:17:20.0449 12148        aswSP          (d9fb49f16e4eb02efecae8cbfe4bcb4c) C:\windows\system32\drivers\aswSP.sys
15:17:20.0486 12148        aswSP - ok
15:17:20.0519 12148        aswTdi          (7352bb9a564b94bbd7c9cbf165f55006) C:\windows\system32\drivers\aswTdi.sys
15:17:20.0531 12148        aswTdi - ok
15:17:20.0567 12148        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
15:17:20.0648 12148        AsyncMac - ok
15:17:20.0672 12148        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
15:17:20.0681 12148        atapi - ok
15:17:20.0743 12148        AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
15:17:20.0817 12148        AudioEndpointBuilder - ok
15:17:20.0823 12148        AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
15:17:20.0859 12148        AudioSrv - ok
15:17:20.0932 12148        avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:17:20.0964 12148        avast! Antivirus - ok
15:17:21.0003 12148        AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
15:17:21.0078 12148        AxInstSV - ok
15:17:21.0130 12148        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\windows\system32\drivers\bxvbda.sys
15:17:21.0170 12148        b06bdrv - ok
15:17:21.0202 12148        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
15:17:21.0269 12148        b57nd60a - ok
15:17:21.0327 12148        BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
15:17:21.0370 12148        BDESVC - ok
15:17:21.0397 12148        Beep            (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
15:17:21.0460 12148        Beep - ok
15:17:21.0535 12148        BFE            (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
15:17:21.0603 12148        BFE - ok
15:17:21.0653 12148        BITS            (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
15:17:21.0715 12148        BITS - ok
15:17:21.0771 12148        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
15:17:21.0808 12148        blbdrive - ok
15:17:21.0929 12148        Bluetooth Device Monitor (093b1b419ef25b15d3a1ca6953f41afb) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
15:17:21.0981 12148        Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - warning
15:17:21.0981 12148        Bluetooth Device Monitor - detected UnsignedFile.Multi.Generic (1)
15:17:22.0046 12148        Bluetooth Media Service (03a7341e94acd92e0831336d4f3ace92) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
15:17:22.0083 12148        Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - warning
15:17:22.0084 12148        Bluetooth Media Service - detected UnsignedFile.Multi.Generic (1)
15:17:22.0178 12148        Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
15:17:22.0201 12148        Bonjour Service - ok
15:17:22.0300 12148        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
15:17:22.0344 12148        bowser - ok
15:17:22.0368 12148        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\drivers\BrFiltLo.sys
15:17:22.0421 12148        BrFiltLo - ok
15:17:22.0441 12148        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\drivers\BrFiltUp.sys
15:17:22.0480 12148        BrFiltUp - ok
15:17:22.0524 12148        Browser        (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
15:17:22.0586 12148        Browser - ok
15:17:22.0631 12148        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
15:17:22.0677 12148        Brserid - ok
15:17:22.0696 12148        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
15:17:22.0722 12148        BrSerWdm - ok
15:17:22.0747 12148        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
15:17:22.0794 12148        BrUsbMdm - ok
15:17:22.0821 12148        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
15:17:22.0870 12148        BrUsbSer - ok
15:17:22.0903 12148        BthEnum        (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\drivers\BthEnum.sys
15:17:22.0953 12148        BthEnum - ok
15:17:22.0982 12148        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\drivers\bthmodem.sys
15:17:23.0034 12148        BTHMODEM - ok
15:17:23.0072 12148        BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys
15:17:23.0106 12148        BthPan - ok
15:17:23.0153 12148        BTHPORT        (64c198198501f7560ee41d8d1efa7952) C:\windows\System32\Drivers\BTHport.sys
15:17:23.0203 12148        BTHPORT - ok
15:17:23.0237 12148        bthserv        (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
15:17:23.0271 12148        bthserv - ok
15:17:23.0309 12148        BTHUSB          (f188b7394d81010767b6df3178519a37) C:\windows\System32\Drivers\BTHUSB.sys
15:17:23.0350 12148        BTHUSB - ok
15:17:23.0385 12148        btmaux          (16c1bac9760c9fa85a30f3fa0fbb1b7a) C:\windows\system32\DRIVERS\btmaux.sys
15:17:23.0394 12148        btmaux - ok
15:17:23.0420 12148        btmhsf          (0c468d8da95be16bfdd380bb9de88259) C:\windows\system32\DRIVERS\btmhsf.sys
15:17:23.0482 12148        btmhsf - ok
15:17:23.0505 12148        cdfs            (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
15:17:23.0584 12148        cdfs - ok
15:17:23.0636 12148        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
15:17:23.0667 12148        cdrom - ok
15:17:23.0688 12148        CertPropSvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
15:17:23.0733 12148        CertPropSvc - ok
15:17:23.0758 12148        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\drivers\circlass.sys
15:17:23.0782 12148        circlass - ok
15:17:23.0813 12148        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
15:17:23.0848 12148        CLFS - ok
15:17:23.0913 12148        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:17:23.0936 12148        clr_optimization_v2.0.50727_32 - ok
15:17:23.0984 12148        clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:17:24.0012 12148        clr_optimization_v2.0.50727_64 - ok
15:17:24.0062 12148        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:17:24.0086 12148        clr_optimization_v4.0.30319_32 - ok
15:17:24.0113 12148        clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:17:24.0124 12148        clr_optimization_v4.0.30319_64 - ok
15:17:24.0166 12148        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
15:17:24.0204 12148        CmBatt - ok
15:17:24.0222 12148        cmdide          (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
15:17:24.0231 12148        cmdide - ok
15:17:24.0265 12148        CNG            (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
15:17:24.0306 12148        CNG - ok
15:17:24.0343 12148        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\windows\system32\drivers\compbatt.sys
15:17:24.0352 12148        Compbatt - ok
15:17:24.0382 12148        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\windows\system32\DRIVERS\CompositeBus.sys
15:17:24.0419 12148        CompositeBus - ok
15:17:24.0433 12148        COMSysApp - ok
15:17:24.0447 12148        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\windows\system32\drivers\crcdisk.sys
15:17:24.0457 12148        crcdisk - ok
15:17:24.0493 12148        CryptSvc        (15597883fbe9b056f276ada3ad87d9af) C:\windows\system32\cryptsvc.dll
15:17:24.0547 12148        CryptSvc - ok
15:17:24.0602 12148        CtClsFlt        (df214bff646880d0eb31bdc86136b29b) C:\windows\system32\DRIVERS\CtClsFlt.sys
15:17:24.0632 12148        CtClsFlt - ok
15:17:24.0750 12148        cvhsvc          (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
15:17:24.0785 12148        cvhsvc - ok
15:17:24.0831 12148        DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
15:17:24.0905 12148        DcomLaunch - ok
15:17:24.0933 12148        defragsvc      (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
15:17:24.0984 12148        defragsvc - ok
15:17:25.0044 12148        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
15:17:25.0123 12148        DfsC - ok
15:17:25.0173 12148        Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
15:17:25.0232 12148        Dhcp - ok
15:17:25.0272 12148        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
15:17:25.0331 12148        discache - ok
15:17:25.0376 12148        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\drivers\disk.sys
15:17:25.0405 12148        Disk - ok
15:17:25.0430 12148        Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
15:17:25.0468 12148        Dnscache - ok
15:17:25.0494 12148        dot3svc        (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
15:17:25.0538 12148        dot3svc - ok
15:17:25.0556 12148        DPS            (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
15:17:25.0624 12148        DPS - ok
15:17:25.0653 12148        drmkaud        (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
15:17:25.0704 12148        drmkaud - ok
15:17:25.0758 12148        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
15:17:25.0783 12148        DXGKrnl - ok
15:17:25.0817 12148        EapHost        (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
15:17:25.0868 12148        EapHost - ok
15:17:26.0011 12148        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\drivers\evbda.sys
15:17:26.0062 12148        ebdrv - ok
15:17:26.0142 12148        EFS            (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
15:17:26.0178 12148        EFS - ok
15:17:26.0285 12148        ehRecvr        (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
15:17:26.0329 12148        ehRecvr - ok
15:17:26.0355 12148        ehSched        (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
15:17:26.0376 12148        ehSched - ok
15:17:26.0456 12148        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\drivers\elxstor.sys
15:17:26.0490 12148        elxstor - ok
15:17:26.0500 12148        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
15:17:26.0522 12148        ErrDev - ok
15:17:26.0585 12148        EventSystem    (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
15:17:26.0640 12148        EventSystem - ok
15:17:26.0803 12148        EvtEng          (8b6c9924b0d333dbf76086b8258a0891) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:17:26.0837 12148        EvtEng - ok
15:17:26.0957 12148        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
15:17:26.0991 12148        exfat - ok
15:17:27.0010 12148        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
15:17:27.0071 12148        fastfat - ok
15:17:27.0123 12148        Fax            (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
15:17:27.0176 12148        Fax - ok
15:17:27.0221 12148        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\drivers\fdc.sys
15:17:27.0265 12148        fdc - ok
15:17:27.0307 12148        fdPHost        (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
15:17:27.0347 12148        fdPHost - ok
15:17:27.0357 12148        FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
15:17:27.0423 12148        FDResPub - ok
15:17:27.0455 12148        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
15:17:27.0465 12148        FileInfo - ok
15:17:27.0483 12148        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
15:17:27.0571 12148        Filetrace - ok
15:17:27.0604 12148        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\drivers\flpydisk.sys
15:17:27.0629 12148        flpydisk - ok
15:17:27.0660 12148        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
15:17:27.0689 12148        FltMgr - ok
15:17:27.0745 12148        FontCache      (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
15:17:27.0802 12148        FontCache - ok
15:17:27.0856 12148        FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:17:27.0881 12148        FontCache3.0.0.0 - ok
15:17:27.0937 12148        FsDepends      (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
15:17:27.0958 12148        FsDepends - ok
15:17:27.0982 12148        Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
15:17:28.0010 12148        Fs_Rec - ok
15:17:28.0043 12148        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
15:17:28.0079 12148        fvevol - ok
15:17:28.0114 12148        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\drivers\gagp30kx.sys
15:17:28.0124 12148        gagp30kx - ok
15:17:28.0155 12148        GEARAspiWDM    (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
15:17:28.0163 12148        GEARAspiWDM - ok
15:17:28.0212 12148        gpsvc          (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
15:17:28.0255 12148        gpsvc - ok
15:17:28.0340 12148        gupdate        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:17:28.0367 12148        gupdate - ok
15:17:28.0379 12148        gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:17:28.0387 12148        gupdatem - ok
15:17:28.0416 12148        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
15:17:28.0455 12148        hcw85cir - ok
15:17:28.0502 12148        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
15:17:28.0547 12148        HdAudAddService - ok
15:17:28.0583 12148        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\DRIVERS\HDAudBus.sys
15:17:28.0644 12148        HDAudBus - ok
15:17:28.0671 12148        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\drivers\HidBatt.sys
15:17:28.0703 12148        HidBatt - ok
15:17:28.0725 12148        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\drivers\hidbth.sys
15:17:28.0765 12148        HidBth - ok
15:17:28.0793 12148        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\drivers\hidir.sys
15:17:28.0827 12148        HidIr - ok
15:17:28.0852 12148        hidserv        (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
15:17:28.0890 12148        hidserv - ok
15:17:28.0934 12148        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
15:17:28.0968 12148        HidUsb - ok
15:17:28.0993 12148        hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
15:17:29.0043 12148        hkmsvc - ok
15:17:29.0077 12148        HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
15:17:29.0119 12148        HomeGroupListener - ok
15:17:29.0161 12148        HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
15:17:29.0203 12148        HomeGroupProvider - ok
15:17:29.0248 12148        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
15:17:29.0276 12148        HpSAMD - ok
15:17:29.0334 12148        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
15:17:29.0409 12148        HTTP - ok
15:17:29.0458 12148        hwdatacard      (d969d0e26c5b1e813b17066a8318d5d4) C:\windows\system32\DRIVERS\ewusbmdm.sys
15:17:29.0487 12148        hwdatacard - ok
15:17:29.0497 12148        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
15:17:29.0506 12148        hwpolicy - ok
15:17:29.0530 12148        hwusbdev        (b45b3647ba32749b94fa689175ec8c26) C:\windows\system32\DRIVERS\ewusbdev.sys
15:17:29.0584 12148        hwusbdev - ok
15:17:29.0640 12148        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
15:17:29.0668 12148        i8042prt - ok
15:17:29.0688 12148        iaStor          (d7921d5a870b11cc1adab198a519d50a) C:\windows\system32\DRIVERS\iaStor.sys
15:17:29.0704 12148        iaStor - ok
15:17:29.0781 12148        IAStorDataMgrSvc (8fff9083252c16fe3960173722605e9e) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
15:17:29.0792 12148        IAStorDataMgrSvc - ok
15:17:29.0816 12148        iaStorV        (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
15:17:29.0834 12148        iaStorV - ok
15:17:29.0870 12148        iBtFltCoex      (fc85972037815fa7b413e790b426acb2) C:\windows\system32\DRIVERS\iBtFltCoex.sys
15:17:29.0904 12148        iBtFltCoex - ok
15:17:30.0014 12148        idsvc          (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:17:30.0041 12148        idsvc - ok
15:17:30.0076 12148        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\drivers\iirsp.sys
15:17:30.0085 12148        iirsp - ok
15:17:30.0128 12148        IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
15:17:30.0184 12148        IKEEXT - ok
15:17:30.0228 12148        intaud_WaveExtensible (caddf0927dac63edae48f5c35a61d87d) C:\windows\system32\drivers\intelaud.sys
15:17:30.0248 12148        intaud_WaveExtensible - ok
15:17:30.0311 12148        IntcDAud        (fc727061c0f47c8059e88e05d5c8e381) C:\windows\system32\DRIVERS\IntcDAud.sys
15:17:30.0346 12148        IntcDAud - ok
15:17:30.0359 12148        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
15:17:30.0368 12148        intelide - ok
15:17:30.0805 12148        intelkmd        (174bcac474de13b2650e444cf124828e) C:\windows\system32\DRIVERS\igdpmd64.sys
15:17:31.0100 12148        intelkmd - ok
15:17:31.0211 12148        intelppm        (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
15:17:31.0240 12148        intelppm - ok
15:17:31.0275 12148        IPBusEnum      (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
15:17:31.0320 12148        IPBusEnum - ok
15:17:31.0345 12148        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
15:17:31.0383 12148        IpFilterDriver - ok
15:17:31.0433 12148        iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
15:17:31.0506 12148        iphlpsvc - ok
15:17:31.0517 12148        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
15:17:31.0541 12148        IPMIDRV - ok
15:17:31.0559 12148        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
15:17:31.0628 12148        IPNAT - ok
15:17:31.0734 12148        iPod Service    (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
15:17:31.0772 12148        iPod Service - ok
15:17:31.0810 12148        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
15:17:31.0857 12148        IRENUM - ok
15:17:31.0881 12148        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
15:17:31.0892 12148        isapnp - ok
15:17:31.0917 12148        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
15:17:31.0930 12148        iScsiPrt - ok
15:17:31.0961 12148        iwdbus          (716f66336f10885d935b08174dc54242) C:\windows\system32\DRIVERS\iwdbus.sys
15:17:31.0971 12148        iwdbus - ok
15:17:31.0995 12148        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
15:17:32.0005 12148        kbdclass - ok
15:17:32.0034 12148        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
15:17:32.0086 12148        kbdhid - ok
15:17:32.0109 12148        KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
15:17:32.0120 12148        KeyIso - ok
15:17:32.0141 12148        KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
15:17:32.0151 12148        KSecDD - ok
15:17:32.0172 12148        KSecPkg        (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
15:17:32.0183 12148        KSecPkg - ok
15:17:32.0223 12148        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
15:17:32.0289 12148        ksthunk - ok
15:17:32.0343 12148        KtmRm          (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
15:17:32.0390 12148        KtmRm - ok
15:17:32.0433 12148        LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
15:17:32.0489 12148        LanmanServer - ok
15:17:32.0535 12148        LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
15:17:32.0585 12148        LanmanWorkstation - ok
15:17:32.0634 12148        lltdio          (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
15:17:32.0709 12148        lltdio - ok
15:17:32.0745 12148        lltdsvc        (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
15:17:32.0803 12148        lltdsvc - ok
15:17:32.0829 12148        lmhosts        (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
15:17:32.0890 12148        lmhosts - ok
15:17:33.0000 12148        LMS            (0803906d607a9b83184447b75b60ecc2) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:17:33.0029 12148        LMS - ok
15:17:33.0060 12148        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\drivers\lsi_fc.sys
15:17:33.0071 12148        LSI_FC - ok
15:17:33.0103 12148        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\drivers\lsi_sas.sys
15:17:33.0114 12148        LSI_SAS - ok
15:17:33.0134 12148        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\drivers\lsi_sas2.sys
15:17:33.0143 12148        LSI_SAS2 - ok
15:17:33.0165 12148        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\drivers\lsi_scsi.sys
15:17:33.0176 12148        LSI_SCSI - ok
15:17:33.0204 12148        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
15:17:33.0250 12148        luafv - ok
15:17:33.0290 12148        massfilter - ok
15:17:33.0349 12148        MBAMProtector  (dbc08862a71459e74f7538b432c114cc) C:\windows\system32\drivers\mbam.sys
15:17:33.0363 12148        MBAMProtector - ok
15:17:33.0419 12148        MBAMService    (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:17:33.0453 12148        MBAMService - ok
15:17:33.0492 12148        Mcx2Svc        (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
15:17:33.0535 12148        Mcx2Svc - ok
15:17:33.0565 12148        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\drivers\megasas.sys
15:17:33.0594 12148        megasas - ok
15:17:33.0617 12148        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\drivers\MegaSR.sys
15:17:33.0630 12148        MegaSR - ok
15:17:33.0641 12148        MEIx64          (1c6e73fc46b509eff9d0086aa37132df) C:\windows\system32\DRIVERS\HECIx64.sys
15:17:33.0651 12148        MEIx64 - ok
15:17:33.0673 12148        MMCSS          (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
15:17:33.0720 12148        MMCSS - ok
15:17:33.0739 12148        Modem          (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
15:17:33.0786 12148        Modem - ok
15:17:33.0809 12148        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
15:17:33.0833 12148        monitor - ok
15:17:33.0862 12148        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
15:17:33.0892 12148        mouclass - ok
15:17:33.0920 12148        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
15:17:33.0956 12148        mouhid - ok
15:17:33.0995 12148        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
15:17:34.0005 12148        mountmgr - ok
15:17:34.0067 12148        MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:17:34.0101 12148        MozillaMaintenance - ok
15:17:34.0116 12148        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
15:17:34.0127 12148        mpio - ok
15:17:34.0153 12148        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
15:17:34.0181 12148        mpsdrv - ok
15:17:34.0246 12148        MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
15:17:34.0288 12148        MpsSvc - ok
15:17:34.0295 12148        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
15:17:34.0324 12148        MRxDAV - ok
15:17:34.0362 12148        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
15:17:34.0416 12148        mrxsmb - ok
15:17:34.0441 12148        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
15:17:34.0455 12148        mrxsmb10 - ok
15:17:34.0472 12148        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
15:17:34.0484 12148        mrxsmb20 - ok
15:17:34.0508 12148        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
15:17:34.0518 12148        msahci - ok
15:17:34.0538 12148        msdsm          (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
15:17:34.0549 12148        msdsm - ok
15:17:34.0586 12148        MSDTC          (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
15:17:34.0625 12148        MSDTC - ok
15:17:34.0649 12148        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
15:17:34.0714 12148        Msfs - ok
15:17:34.0734 12148        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
15:17:34.0776 12148        mshidkmdf - ok
15:17:34.0802 12148        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
15:17:34.0811 12148        msisadrv - ok
15:17:34.0846 12148        MSiSCSI        (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
15:17:34.0891 12148        MSiSCSI - ok
15:17:34.0893 12148        msiserver - ok
15:17:34.0920 12148        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
15:17:34.0987 12148        MSKSSRV - ok
15:17:35.0000 12148        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
15:17:35.0047 12148        MSPCLOCK - ok
15:17:35.0075 12148        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
15:17:35.0139 12148        MSPQM - ok
15:17:35.0169 12148        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
15:17:35.0183 12148        MsRPC - ok
15:17:35.0201 12148        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
15:17:35.0211 12148        mssmbios - ok
15:17:35.0232 12148        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
15:17:35.0289 12148        MSTEE - ok
15:17:35.0321 12148        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\drivers\MTConfig.sys
15:17:35.0353 12148        MTConfig - ok
15:17:35.0386 12148        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
15:17:35.0396 12148        Mup - ok
15:17:35.0476 12148        MyWiFiDHCPDNS  (6ed8935257672f4cd04a88a0f3de093d) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
15:17:35.0493 12148        MyWiFiDHCPDNS - ok
15:17:35.0530 12148        napagent        (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
15:17:35.0614 12148        napagent - ok
15:17:35.0669 12148        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
15:17:35.0710 12148        NativeWifiP - ok
15:17:35.0816 12148        NAUpdate        (934bb0d23a25c8c136570800a5a149b6) C:\Program Files (x86)\Nero\Update\NASvc.exe
15:17:35.0850 12148        NAUpdate - ok
15:17:35.0918 12148        NDIS            (c38b8ae57f78915905064a9a24dc1586) C:\windows\system32\drivers\ndis.sys
15:17:35.0950 12148        NDIS - ok
15:17:35.0979 12148        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
15:17:36.0038 12148        NdisCap - ok
15:17:36.0066 12148        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
15:17:36.0095 12148        NdisTapi - ok
15:17:36.0126 12148        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
15:17:36.0189 12148        Ndisuio - ok
15:17:36.0205 12148        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
15:17:36.0241 12148        NdisWan - ok
15:17:36.0271 12148        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
15:17:36.0332 12148        NDProxy - ok
15:17:36.0354 12148        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
15:17:36.0396 12148        NetBIOS - ok
15:17:36.0432 12148        NetBT          (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
15:17:36.0462 12148        NetBT - ok
15:17:36.0487 12148        Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
15:17:36.0498 12148        Netlogon - ok
15:17:36.0533 12148        Netman          (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
15:17:36.0596 12148        Netman - ok
15:17:36.0670 12148        NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:17:36.0688 12148        NetMsmqActivator - ok
15:17:36.0691 12148        NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:17:36.0700 12148        NetPipeActivator - ok
15:17:36.0743 12148        netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
15:17:36.0813 12148        netprofm - ok
15:17:36.0816 12148        NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:17:36.0825 12148        NetTcpActivator - ok
15:17:36.0828 12148        NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:17:36.0837 12148        NetTcpPortSharing - ok
15:17:37.0302 12148        NETwNs64        (5d262402b0634c998f8cbcead7dd8676) C:\windows\system32\DRIVERS\NETwNs64.sys
15:17:37.0578 12148        NETwNs64 - ok
15:17:37.0694 12148        nfrd960        (77889813be4d166cdab78ddba990da92) C:\windows\system32\drivers\nfrd960.sys
15:17:37.0710 12148        nfrd960 - ok
15:17:37.0750 12148        NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
15:17:37.0811 12148        NlaSvc - ok
15:17:37.0980 12148        NOBU            (b9b72faaaa41d59b73b88fe3dd737ed1) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
15:17:38.0031 12148        NOBU - ok
15:17:38.0132 12148        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
15:17:38.0175 12148        Npfs - ok
15:17:38.0207 12148        nsi            (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
15:17:38.0285 12148        nsi - ok
15:17:38.0301 12148        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
15:17:38.0338 12148        nsiproxy - ok
15:17:38.0416 12148        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
15:17:38.0453 12148        Ntfs - ok
15:17:38.0557 12148        Null            (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
15:17:38.0623 12148        Null - ok
15:17:38.0654 12148        nusb3hub        (158ad24745bd85ba9be3c51c38f48c32) C:\windows\system32\DRIVERS\nusb3hub.sys
15:17:38.0682 12148        nusb3hub - ok
15:17:38.0700 12148        nusb3xhc        (d40a13b2c0891e218f9523b376955db6) C:\windows\system32\DRIVERS\nusb3xhc.sys
15:17:38.0723 12148        nusb3xhc - ok
15:17:38.0761 12148        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
15:17:38.0788 12148        nvraid - ok
15:17:38.0814 12148        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
15:17:38.0825 12148        nvstor - ok
15:17:38.0851 12148        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
15:17:38.0863 12148        nv_agp - ok
15:17:38.0876 12148        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
15:17:38.0901 12148        ohci1394 - ok
15:17:39.0006 12148        ose            (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:17:39.0028 12148        ose - ok
15:17:39.0271 12148        osppsvc        (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:17:39.0413 12148        osppsvc - ok
15:17:39.0509 12148        p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
15:17:39.0550 12148        p2pimsvc - ok
15:17:39.0584 12148        p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
15:17:39.0602 12148        p2psvc - ok
15:17:39.0663 12148        Parport        (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\drivers\parport.sys
15:17:39.0708 12148        Parport - ok
15:17:39.0737 12148        partmgr        (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
15:17:39.0756 12148        partmgr - ok
15:17:39.0793 12148        PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
15:17:39.0828 12148        PcaSvc - ok
15:17:39.0866 12148        pci            (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
15:17:39.0897 12148        pci - ok
15:17:39.0914 12148        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
15:17:39.0923 12148        pciide - ok
15:17:39.0940 12148        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\drivers\pcmcia.sys
15:17:39.0953 12148        pcmcia - ok
15:17:39.0969 12148        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
15:17:39.0978 12148        pcw - ok
15:17:40.0008 12148        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
15:17:40.0090 12148        PEAUTH - ok
15:17:40.0180 12148        PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
15:17:40.0233 12148        PerfHost - ok
15:17:40.0362 12148        pla            (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
15:17:40.0422 12148        pla - ok
15:17:40.0479 12148        PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
15:17:40.0516 12148        PlugPlay - ok
15:17:40.0545 12148        PNRPAutoReg    (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
15:17:40.0584 12148        PNRPAutoReg - ok
15:17:40.0605 12148        PNRPsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
15:17:40.0622 12148        PNRPsvc - ok
15:17:40.0666 12148        PolicyAgent    (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
15:17:40.0740 12148        PolicyAgent - ok
15:17:40.0773 12148        Power          (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
15:17:40.0841 12148        Power - ok
15:17:40.0911 12148        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
15:17:40.0989 12148        PptpMiniport - ok
15:17:41.0005 12148        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\drivers\processr.sys
15:17:41.0035 12148        Processor - ok
15:17:41.0088 12148        ProfSvc        (5c78838b4d166d1a27db3a8a820c799a) C:\windows\system32\profsvc.dll
15:17:41.0153 12148        ProfSvc - ok
15:17:41.0176 12148        ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
15:17:41.0198 12148        ProtectedStorage - ok
15:17:41.0241 12148        Psched          (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
15:17:41.0315 12148        Psched - ok
15:17:41.0347 12148        PxHlpa64        (87b04878a6d59d6c79251dc960c674c1) C:\windows\system32\Drivers\PxHlpa64.sys
15:17:41.0357 12148        PxHlpa64 - ok
15:17:41.0425 12148        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\drivers\ql2300.sys
15:17:41.0458 12148        ql2300 - ok
15:17:41.0572 12148        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\drivers\ql40xx.sys
15:17:41.0584 12148        ql40xx - ok
15:17:41.0619 12148        QWAVE          (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
15:17:41.0639 12148        QWAVE - ok
15:17:41.0654 12148        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
15:17:41.0683 12148        QWAVEdrv - ok
15:17:41.0699 12148        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
15:17:41.0735 12148        RasAcd - ok
15:17:41.0773 12148        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
15:17:41.0801 12148        RasAgileVpn - ok
15:17:41.0837 12148        RasAuto        (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
15:17:41.0916 12148        RasAuto - ok
15:17:41.0938 12148        Rasl2tp        (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
15:17:41.0986 12148        Rasl2tp - ok
15:17:42.0018 12148        RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
15:17:42.0071 12148        RasMan - ok
15:17:42.0107 12148        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
15:17:42.0163 12148        RasPppoe - ok
15:17:42.0193 12148        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
15:17:42.0251 12148        RasSstp - ok
15:17:42.0280 12148        rdbss          (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
15:17:42.0326 12148        rdbss - ok
15:17:42.0359 12148        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\drivers\rdpbus.sys
15:17:42.0393 12148        rdpbus - ok
15:17:42.0413 12148        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
15:17:42.0442 12148        RDPCDD - ok
15:17:42.0456 12148        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
15:17:42.0523 12148        RDPENCDD - ok
15:17:42.0541 12148        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
15:17:42.0570 12148        RDPREFMP - ok
15:17:42.0609 12148        RDPWD          (6d76e6433574b058adcb0c50df834492) C:\windows\system32\drivers\RDPWD.sys
15:17:42.0649 12148        RDPWD - ok
15:17:42.0684 12148        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
15:17:42.0717 12148        rdyboost - ok
15:17:42.0832 12148        RegSrvc        (189c5a8d2098e0aa14fd157a954b34fc) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:17:42.0872 12148        RegSrvc - ok
15:17:42.0903 12148        RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
15:17:42.0943 12148        RemoteAccess - ok
15:17:42.0987 12148        RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
15:17:43.0046 12148        RemoteRegistry - ok
15:17:43.0110 12148        RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys
15:17:43.0151 12148        RFCOMM - ok
15:17:43.0297 12148        RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
15:17:43.0331 12148        RoxMediaDB12OEM - ok
15:17:43.0353 12148        RoxWatch12      (2b73088cc2ca757a172b425c9398e5bc) c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
15:17:43.0365 12148        RoxWatch12 - ok
15:17:43.0455 12148        RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
15:17:43.0537 12148        RpcEptMapper - ok
15:17:43.0565 12148        RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
15:17:43.0588 12148        RpcLocator - ok
15:17:43.0622 12148        RpcSs          (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
15:17:43.0660 12148        RpcSs - ok
15:17:43.0703 12148        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
15:17:43.0753 12148        rspndr - ok
15:17:43.0809 12148        RSUSBSTOR      (be29b0a3ac1e8bd02ffab8cee86badfa) C:\windows\system32\Drivers\RtsUStor.sys
15:17:43.0831 12148        RSUSBSTOR - ok
15:17:43.0865 12148        RTL8167        (2777226ee8bf50b059d7a7c90177e99c) C:\windows\system32\DRIVERS\Rt64win7.sys
15:17:43.0881 12148        RTL8167 - ok
15:17:43.0899 12148        SamSs          (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
15:17:43.0911 12148        SamSs - ok
15:17:43.0927 12148        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
15:17:43.0937 12148        sbp2port - ok
15:17:43.0970 12148        SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
15:17:44.0048 12148        SCardSvr - ok
15:17:44.0077 12148        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
15:17:44.0140 12148        scfilter - ok
15:17:44.0185 12148        Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
15:17:44.0252 12148        Schedule - ok
15:17:44.0279 12148        SCPolicySvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
15:17:44.0306 12148        SCPolicySvc - ok
15:17:44.0331 12148        SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
15:17:44.0365 12148        SDRSVC - ok
15:17:44.0417 12148        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
15:17:44.0495 12148        secdrv - ok
15:17:44.0510 12148        seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
15:17:44.0540 12148        seclogon - ok
15:17:44.0573 12148        SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
15:17:44.0649 12148        SENS - ok
15:17:44.0668 12148        SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
15:17:44.0694 12148        SensrSvc - ok
15:17:44.0716 12148        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\drivers\serenum.sys
15:17:44.0754 12148        Serenum - ok
15:17:44.0776 12148        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\drivers\serial.sys
15:17:44.0800 12148        Serial - ok
15:17:44.0828 12148        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\drivers\sermouse.sys
15:17:44.0866 12148        sermouse - ok
15:17:44.0909 12148        SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
15:17:44.0964 12148        SessionEnv - ok
15:17:44.0994 12148        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
15:17:45.0027 12148        sffdisk - ok
15:17:45.0043 12148        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
15:17:45.0066 12148        sffp_mmc - ok
15:17:45.0069 12148        sffp_sd        (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
15:17:45.0088 12148        sffp_sd - ok
15:17:45.0115 12148        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\drivers\sfloppy.sys
15:17:45.0141 12148        sfloppy - ok
15:17:45.0210 12148        Sftfs          (c6cc9297bd53e5229653303e556aa539) C:\windows\system32\DRIVERS\Sftfslh.sys
15:17:45.0244 12148        Sftfs - ok
15:17:45.0309 12148        sftlist        (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
15:17:45.0333 12148        sftlist - ok
15:17:45.0357 12148        Sftplay        (390aa7bc52cee43f6790cdea1e776703) C:\windows\system32\DRIVERS\Sftplaylh.sys
15:17:45.0368 12148        Sftplay - ok
15:17:45.0390 12148        Sftredir        (617e29a0b0a2807466560d4c4e338d3e) C:\windows\system32\DRIVERS\Sftredirlh.sys
15:17:45.0398 12148        Sftredir - ok
15:17:45.0504 12148        SftService      (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
15:17:45.0538 12148        SftService - ok
15:17:45.0643 12148        Sftvol          (8f571f016fa1976f445147e9e6c8ae9b) C:\windows\system32\DRIVERS\Sftvollh.sys
15:17:45.0658 12148        Sftvol - ok
15:17:45.0714 12148        sftvsa          (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
15:17:45.0725 12148        sftvsa - ok
15:17:45.0764 12148        SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
15:17:45.0810 12148        SharedAccess - ok
15:17:45.0843 12148        ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
15:17:45.0910 12148        ShellHWDetection - ok
15:17:45.0947 12148        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\drivers\SiSRaid2.sys
15:17:45.0957 12148        SiSRaid2 - ok
15:17:45.0973 12148        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\drivers\sisraid4.sys
15:17:45.0984 12148        SiSRaid4 - ok
15:17:46.0019 12148        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
15:17:46.0093 12148        Smb - ok
15:17:46.0119 12148        SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
15:17:46.0164 12148        SNMPTRAP - ok
15:17:46.0196 12148        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
15:17:46.0225 12148        spldr - ok
15:17:46.0255 12148        Spooler        (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
15:17:46.0295 12148        Spooler - ok
15:17:46.0439 12148        sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
15:17:46.0527 12148        sppsvc - ok
15:17:46.0619 12148        sppuinotify    (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
15:17:46.0667 12148        sppuinotify - ok
15:17:46.0732 12148        srv            (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
15:17:46.0795 12148        srv - ok
15:17:46.0839 12148        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
15:17:46.0876 12148        srv2 - ok
15:17:46.0901 12148        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
15:17:46.0913 12148        srvnet - ok
15:17:46.0952 12148        SSDPSRV        (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
15:17:47.0000 12148        SSDPSRV - ok
15:17:47.0013 12148        SstpSvc        (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
15:17:47.0044 12148        SstpSvc - ok
15:17:47.0118 12148        STacSV          (b2d8b364a831427a5741f6c408fa8ae3) C:\Program Files\IDT\WDM\STacSV64.exe
15:17:47.0146 12148        STacSV - ok
15:17:47.0177 12148        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\drivers\stexstor.sys
15:17:47.0191 12148        stexstor - ok
15:17:47.0260 12148        STHDA          (ef5acde92ba3f691bbfef781cb063501) C:\windows\system32\DRIVERS\stwrt64.sys
15:17:47.0294 12148        STHDA - ok
15:17:47.0347 12148        stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
15:17:47.0399 12148        stisvc - ok
15:17:47.0478 12148        stllssvr        (7731f46ec0d687a931cba063e8f90ef0) c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
15:17:47.0504 12148        stllssvr - ok
15:17:47.0528 12148        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
15:17:47.0537 12148        swenum - ok
15:17:47.0568 12148        swprv          (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
15:17:47.0619 12148        swprv - ok
15:17:47.0689 12148        SysMain        (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
15:17:47.0747 12148        SysMain - ok
15:17:47.0843 12148        TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
15:17:47.0906 12148        TabletInputService - ok
15:17:47.0933 12148        TapiSrv        (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
15:17:47.0972 12148        TapiSrv - ok
15:17:47.0993 12148        TBS            (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
15:17:48.0063 12148        TBS - ok
15:17:48.0177 12148        Tcpip          (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
15:17:48.0217 12148        Tcpip - ok
15:17:48.0410 12148        TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
15:17:48.0444 12148        TCPIP6 - ok
15:17:48.0544 12148        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
15:17:48.0633 12148        tcpipreg - ok
15:17:48.0655 12148        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
15:17:48.0677 12148        TDPIPE - ok
15:17:48.0707 12148        TDTCP          (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
15:17:48.0738 12148        TDTCP - ok
15:17:48.0782 12148        tdx            (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
15:17:48.0834 12148        tdx - ok
15:17:48.0849 12148        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\DRIVERS\termdd.sys
15:17:48.0859 12148        TermDD - ok
15:17:48.0900 12148        TermService    (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
15:17:48.0955 12148        TermService - ok
15:17:48.0979 12148        Themes          (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
15:17:49.0017 12148        Themes - ok
15:17:49.0041 12148        THREADORDER    (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
15:17:49.0092 12148        THREADORDER - ok
15:17:49.0105 12148        TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
15:17:49.0169 12148        TrkWks - ok
15:17:49.0224 12148        TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
15:17:49.0297 12148        TrustedInstaller - ok
15:17:49.0316 12148        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
15:17:49.0377 12148        tssecsrv - ok
15:17:49.0397 12148        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
15:17:49.0418 12148        TsUsbFlt - ok
15:17:49.0446 12148        TsUsbGD        (9cc2ccae8a84820eaecb886d477cbcb8) C:\windows\system32\drivers\TsUsbGD.sys
15:17:49.0456 12148        TsUsbGD - ok
15:17:49.0532 12148        TuneUp.Defrag  (4650febe40936f13f1ea6c67ffcff7ec) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
15:17:49.0562 12148        TuneUp.Defrag - ok
15:17:49.0640 12148        TuneUp.UtilitiesSvc (99bb325af16e38f1d6a63e7185f00b4c) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
15:17:49.0665 12148        TuneUp.UtilitiesSvc - ok
15:17:49.0700 12148        TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys
15:17:49.0721 12148        TuneUpUtilitiesDrv - ok
15:17:49.0843 12148        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
15:17:49.0894 12148        tunnel - ok
15:17:49.0924 12148        TurboB          (fd24f98d2898be093fe926604be7db99) C:\windows\system32\DRIVERS\TurboB.sys
15:17:49.0935 12148        TurboB - ok
15:17:49.0970 12148        TurboBoost      (600b406a04d90f577fea8a88d7379f08) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
15:17:49.0995 12148        TurboBoost - ok
15:17:50.0027 12148        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\drivers\uagp35.sys
15:17:50.0045 12148        uagp35 - ok
15:17:50.0077 12148        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
15:17:50.0138 12148        udfs - ok
15:17:50.0171 12148        UI0Detect      (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
15:17:50.0221 12148        UI0Detect - ok
15:17:50.0260 12148        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
15:17:50.0270 12148        uliagpkx - ok
15:17:50.0291 12148        umbus          (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys
15:17:50.0334 12148        umbus - ok
15:17:50.0360 12148        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\drivers\umpass.sys
15:17:50.0405 12148        UmPass - ok
15:17:50.0579 12148        UNS            (eb79c6c91a99930015ef29ae7fa802d1) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:17:50.0621 12148        UNS - ok
15:17:50.0707 12148        upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
15:17:50.0770 12148        upnphost - ok
15:17:50.0849 12148        USBAAPL64      (fb251567f41bc61988b26731dec19e4b) C:\windows\system32\Drivers\usbaapl64.sys
15:17:50.0891 12148        USBAAPL64 - ok
15:17:50.0922 12148        usbccgp        (19ad7990c0b67e48dac5b26f99628223) C:\windows\system32\DRIVERS\usbccgp.sys
15:17:50.0960 12148        usbccgp - ok
15:17:51.0005 12148        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
15:17:51.0031 12148        usbcir - ok
15:17:51.0048 12148        usbehci        (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
15:17:51.0069 12148        usbehci - ok
15:17:51.0108 12148        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
15:17:51.0150 12148        usbhub - ok
15:17:51.0163 12148        usbohci        (58e546bbaf87664fc57e0f6081e4f609) C:\windows\system32\drivers\usbohci.sys
15:17:51.0190 12148        usbohci - ok
15:17:51.0219 12148        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\drivers\usbprint.sys
15:17:51.0266 12148        usbprint - ok
15:17:51.0297 12148        USBSTOR        (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
15:17:51.0326 12148        USBSTOR - ok
15:17:51.0339 12148        usbuhci        (81fb2216d3a60d1284455d511797db3d) C:\windows\system32\drivers\usbuhci.sys
15:17:51.0380 12148        usbuhci - ok
15:17:51.0409 12148        usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\windows\system32\Drivers\usbvideo.sys
15:17:51.0448 12148        usbvideo - ok
15:17:51.0474 12148        UxSms          (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
15:17:51.0549 12148        UxSms - ok
15:17:51.0577 12148        UxTuneUp        (a66a7b27d8e2faf6f4ea2debb8aa7440) C:\windows\System32\uxtuneup.dll
15:17:51.0587 12148        UxTuneUp - ok
15:17:51.0611 12148        VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
15:17:51.0622 12148        VaultSvc - ok
15:17:51.0660 12148        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
15:17:51.0686 12148        vdrvroot - ok
15:17:51.0730 12148        vds            (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
15:17:51.0793 12148        vds - ok
15:17:51.0811 12148        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
15:17:51.0825 12148        vga - ok
15:17:51.0840 12148        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
15:17:51.0905 12148        VgaSave - ok
15:17:51.0928 12148        vhdmp          (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
15:17:51.0941 12148        vhdmp - ok
15:17:51.0963 12148        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
15:17:51.0972 12148        viaide - ok
15:17:52.0006 12148        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
15:17:52.0021 12148        volmgr - ok
15:17:52.0051 12148        volmgrx        (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
15:17:52.0067 12148        volmgrx - ok
15:17:52.0092 12148        volsnap        (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
15:17:52.0104 12148        volsnap - ok
15:17:52.0149 12148        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\drivers\vsmraid.sys
15:17:52.0170 12148        vsmraid - ok
15:17:52.0255 12148        VSS            (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
15:17:52.0313 12148        VSS - ok
15:17:52.0420 12148        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
15:17:52.0452 12148        vwifibus - ok
15:17:52.0479 12148        vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
15:17:52.0527 12148        vwififlt - ok
15:17:52.0565 12148        vwifimp        (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
15:17:52.0614 12148        vwifimp - ok
15:17:52.0656 12148        W32Time        (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
15:17:52.0703 12148        W32Time - ok
15:17:52.0724 12148        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\drivers\wacompen.sys
15:17:52.0762 12148        WacomPen - ok
15:17:52.0814 12148        WANARP          (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
15:17:52.0863 12148        WANARP - ok
15:17:52.0866 12148        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
15:17:52.0894 12148        Wanarpv6 - ok
15:17:52.0999 12148        WatAdminSvc    (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
15:17:53.0038 12148        WatAdminSvc - ok
15:17:53.0125 12148        wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
15:17:53.0171 12148        wbengine - ok
15:17:53.0261 12148        WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
15:17:53.0309 12148        WbioSrvc - ok
15:17:53.0335 12148        wcncsvc        (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
15:17:53.0368 12148        wcncsvc - ok
15:17:53.0390 12148        WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
15:17:53.0417 12148        WcsPlugInService - ok
15:17:53.0466 12148        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\drivers\wd.sys
15:17:53.0498 12148        Wd - ok
15:17:53.0539 12148        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
15:17:53.0579 12148        Wdf01000 - ok
15:17:53.0593 12148        WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
15:17:53.0619 12148        WdiServiceHost - ok
15:17:53.0621 12148        WdiSystemHost  (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
15:17:53.0639 12148        WdiSystemHost - ok
15:17:53.0673 12148        WebClient      (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
15:17:53.0716 12148        WebClient - ok
15:17:53.0741 12148        Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
15:17:53.0824 12148        Wecsvc - ok
15:17:53.0841 12148        wercplsupport  (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
15:17:53.0872 12148        wercplsupport - ok
15:17:53.0884 12148        WerSvc          (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
15:17:53.0916 12148        WerSvc - ok
15:17:53.0961 12148        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
15:17:54.0011 12148        WfpLwf - ok
15:17:54.0044 12148        WimFltr        (b14ef15bd757fa488f9c970eee9c0d35) C:\windows\system32\DRIVERS\wimfltr.sys
15:17:54.0056 12148        WimFltr - ok
15:17:54.0067 12148        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
15:17:54.0077 12148        WIMMount - ok
15:17:54.0116 12148        WinDefend - ok
15:17:54.0133 12148        WinHttpAutoProxySvc - ok
15:17:54.0193 12148        Winmgmt        (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
15:17:54.0247 12148        Winmgmt - ok
15:17:54.0355 12148        WinRM          (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
15:17:54.0409 12148        WinRM - ok
15:17:54.0534 12148        WinUsb          (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
15:17:54.0594 12148        WinUsb - ok
15:17:54.0657 12148        Wlansvc        (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
15:17:54.0701 12148        Wlansvc - ok
15:17:54.0763 12148        wlcrasvc        (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:17:54.0790 12148        wlcrasvc - ok
15:17:54.0928 12148        wlidsvc        (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:17:54.0972 12148        wlidsvc - ok
15:17:55.0081 12148        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys
15:17:55.0110 12148        WmiAcpi - ok
15:17:55.0161 12148        wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
15:17:55.0196 12148        wmiApSrv - ok
15:17:55.0241 12148        WMPNetworkSvc - ok
15:17:55.0290 12148        WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
15:17:55.0302 12148        WPCSvc - ok
15:17:55.0319 12148        WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
15:17:55.0334 12148        WPDBusEnum - ok
15:17:55.0359 12148        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
15:17:55.0388 12148        ws2ifsl - ok
15:17:55.0398 12148        wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll
15:17:55.0434 12148        wscsvc - ok
15:17:55.0437 12148        WSearch - ok
15:17:55.0555 12148        wuauserv        (9df12edbc698b0bc353b3ef84861e430) C:\windows\system32\wuaueng.dll
15:17:55.0629 12148        wuauserv - ok
15:17:55.0728 12148        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
15:17:55.0781 12148        WudfPf - ok
15:17:55.0810 12148        WUDFRd          (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
15:17:55.0872 12148        WUDFRd - ok
15:17:55.0901 12148        wudfsvc        (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
15:17:55.0934 12148        wudfsvc - ok
15:17:55.0960 12148        WwanSvc        (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
15:17:56.0006 12148        WwanSvc - ok
15:17:56.0041 12148        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:17:56.0944 12148        \Device\Harddisk0\DR0 - ok
15:17:56.0955 12148        MBR (0x1B8)    (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk2\DR2
15:17:58.0555 12148        \Device\Harddisk2\DR2 - ok
15:17:58.0595 12148        Boot (0x1200)  (17e6064b18aa88ed8319b3238fe06a25) \Device\Harddisk0\DR0\Partition0
15:17:58.0598 12148        \Device\Harddisk0\DR0\Partition0 - ok
15:17:58.0611 12148        Boot (0x1200)  (bb466bb716b7e27640db25132c4819c9) \Device\Harddisk0\DR0\Partition1
15:17:58.0614 12148        \Device\Harddisk0\DR0\Partition1 - ok
15:17:58.0620 12148        Boot (0x1200)  (af27ae8c542f01c43a90321c7485d70b) \Device\Harddisk2\DR2\Partition0
15:17:58.0622 12148        \Device\Harddisk2\DR2\Partition0 - ok
15:17:58.0633 12148        ============================================================
15:17:58.0633 12148        Scan finished
15:17:58.0633 12148        ============================================================
15:17:58.0648 12088        Detected object count: 2
15:17:58.0648 12088        Actual detected object count: 2
15:18:14.0275 12088        Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - skipped by user
15:18:14.0275 12088        Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:18:14.0275 12088        Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:18:14.0276 12088        Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:19:13.0306 10804        Deinitialize success

cosinus 31.05.2012 14:30
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

annamariawie 31.05.2012 15:48
Code:
ComboFix 12-05-31.02 - AnnaMariaWiegele 31.05.2012  15:58:26.1.4 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.43.1031.18.4003.2196 [GMT 2:00]
ausgeführt von:: c:\users\AnnaMariaWiegele\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\windows\RPSETUP.EXE.LOG
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-04-28 bis 2012-05-31  ))))))))))))))))))))))))))))))
.
.
2012-05-31 14:10 . 2012-05-31 14:10        --------        d-----w-        c:\users\Default\AppData\Local\temp
2012-05-31 14:06 . 2012-05-31 14:06        69000        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{3899E0A6-2FAE-40F4-982C-96F05B12926E}\offreg.dll
2012-05-31 10:12 . 2012-05-31 10:12        --------        d-----w-        C:\_OTL
2012-05-29 15:34 . 2012-05-29 15:34        --------        d-----w-        c:\program files (x86)\ESET
2012-05-29 14:47 . 2012-05-08 17:02        8955792        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{3899E0A6-2FAE-40F4-982C-96F05B12926E}\mpengine.dll
2012-05-21 19:37 . 2012-05-21 19:37        476960        ----a-w-        c:\windows\SysWow64\npdeployJava1.dll
2012-05-18 20:21 . 2012-05-18 20:22        --------        d-----w-        C:\Temp
2012-05-18 20:01 . 2012-05-18 20:01        --------        d-----w-        c:\users\AnnaMariaWiegele\AppData\Roaming\Malwarebytes
2012-05-18 20:01 . 2012-05-18 20:01        --------        d-----w-        c:\programdata\Malwarebytes
2012-05-18 20:01 . 2012-04-04 13:56        24904        ----a-w-        c:\windows\system32\drivers\mbam.sys
2012-05-18 20:01 . 2012-05-18 20:01        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware
2012-05-15 11:19 . 2012-05-21 19:22        --------        d-----w-        c:\program files\Microsoft Silverlight
2012-05-11 10:31 . 2012-05-11 10:32        --------        d-----w-        c:\program files (x86)\Mozilla Maintenance Service
2012-05-11 10:31 . 2012-05-11 10:31        157352        ----a-w-        c:\program files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-05-11 10:31 . 2012-05-11 10:31        129976        ----a-w-        c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-05-05 11:47 . 2012-05-05 11:47        8744608        ----a-w-        c:\windows\SysWow64\FlashPlayerInstaller.exe
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-21 19:37 . 2011-09-22 11:45        472864        ----a-w-        c:\windows\SysWow64\deployJava1.dll
2012-05-05 11:47 . 2012-04-20 07:35        419488        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-05 11:47 . 2012-01-21 16:19        70304        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-07 00:15 . 2011-09-22 11:38        41184        ----a-w-        c:\windows\avastSS.scr
2012-03-07 00:15 . 2011-09-22 11:38        201352        ----a-w-        c:\windows\SysWow64\aswBoot.exe
2012-03-07 00:15 . 2011-09-22 11:39        258520        ----a-w-        c:\windows\system32\aswBoot.exe
2012-03-07 00:04 . 2011-09-22 11:39        819032        ----a-w-        c:\windows\system32\drivers\aswSnx.sys
2012-03-07 00:04 . 2011-09-22 11:39        337240        ----a-w-        c:\windows\system32\drivers\aswSP.sys
2012-03-07 00:02 . 2012-03-04 12:55        53080        ----a-w-        c:\windows\system32\drivers\aswRdr2.sys
2012-03-07 00:01 . 2011-09-22 11:39        59224        ----a-w-        c:\windows\system32\drivers\aswTdi.sys
2012-03-07 00:01 . 2011-09-22 11:39        69976        ----a-w-        c:\windows\system32\drivers\aswMonFlt.sys
2012-03-07 00:01 . 2011-09-22 11:39        24408        ----a-w-        c:\windows\system32\drivers\aswFsBlk.sys
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HW_OPENEYE_OUC_tele.ring Verbindungsmanager"="c:\program files (x86)\tele.ring Verbindungsmanager\UpdateDog\ouc.exe" [2009-06-23 110592]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 283160]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-05-12 336384]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]
"NeroLauncher"="c:\program files (x86)\Nero\SyncUP\NeroLauncher.exe" [2011-04-29 75064]
"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-07 4241512]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-08-12 520330]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"DataCardMonitor"="c:\program files (x86)\tele.ring Verbindungsmanager\DataCardMonitor.exe" [2012-01-05 253952]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2012-02-01 968048]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages        REG_MULTI_SZ          kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-27 136176]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2010-11-03 1298496]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-27 136176]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-11 129976]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-03 63928]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-11-03 897088]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2009-12-09 1394504]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 NETwNs64;___ Intel(R) Wireless WiFi Link der Serie 5000 Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 77512563
*Deregistered* - 77512563
.
Inhalt des "geplante Tasks" Ordners
.
2012-05-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-20 11:47]
.
2012-05-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-27 09:18]
.
2012-05-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-27 09:18]
.
2012-05-30 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-12-14 04:09]
.
2012-05-31 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-12-14 04:09]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-07 00:15        135408        ----a-w-        c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-10 167256]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-10 391512]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-10 415064]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-01-25 525312]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-04-12 609144]
"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2011-01-21 3666800]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-12-17 1933584]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2010-11-03 10228224]
"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2012-02-01 2195824]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page =
mLocal Page =
IE: Free YouTube to MP3 Converter - c:\users\AnnaMariaWiegele\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
FF - ProfilePath - c:\users\AnnaMariaWiegele\AppData\Roaming\Mozilla\Firefox\Profiles\cs14twu0.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.at
FF - prefs.js: network.proxy.type - 0
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-05-31  16:35:49
ComboFix-quarantined-files.txt  2012-05-31 14:35
.
Vor Suchlauf: 13 Verzeichnis(se), 570.289.192.960 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 570.171.072.512 Bytes frei
.
- - End Of File - - BA4C1E648C0B6B9B443D89277AD9B7AB

cosinus 31.05.2012 18:33
Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm!
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

annamariawie 01.06.2012 06:44
Wenn ich das Programm mit Administrator durchführen lassen will kommt die Meldung das es keine zulässige Win32-Anwendung ist!


Alle Zeitangaben in WEZ +1. Es ist jetzt 16:17 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131