Trojaner-Board
Seite 1 von 4 1 23 Letzte »
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Trojaner verschickt Emails über Yahoo-Account (https://www.trojaner-board.de/116974-trojaner-verschickt-emails-yahoo-account.html)

Thomaz 10.06.2012 11:17
Trojaner verschickt Emails über Yahoo-Account
 
Hallo,

auch mein Rechner hat nun über meinen Yahoo-Account Emails an
Leute aus meinem Adressbuch versendet. Antivir hatte folgendes gefunden:

In der Datei 'C:\Users\Mira Bellenbaum\AppData\Local\Temp\0.9636606201283792golda.exe' wurde ein Virus oder unerwünschtes Programm 'TR/Spy.ZBot.digx' [trojan] gefunden. Ausgeführte Aktion: Datei in Quarantäne verschieben

Anschließend habe ich dieses Forum entdeckt und bin nach der Anleitung vorgegangen. Ich habe die erzeugten Dateien angehangen.

Hoffentlich habe ich alles richtig gemacht? Was muss ich jetzt tun?

Viele Grüße, Thomas

cosinus 12.06.2012 14:37
Bitte erstmal routinemäßig einen Vollscan mit malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Die Funde mit Malwarebytes bitte alle entfernen, sodass sie in der Quarantäne von Malwarebytes aufgehoben werden! NICHTS voreilig aus der Quarantäne entfernen!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset





Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

Thomaz 19.06.2012 05:56
2012/06/19 06:40:35 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Starting protection
2012/06/19 06:40:38 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Protection started successfully
2012/06/19 06:40:41 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Starting IP protection
2012/06/19 06:40:46 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE IP Protection started successfully


012/06/18 22:49:01 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Starting database refresh
2012/06/18 22:49:01 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Stopping IP protection
2012/06/18 22:49:11 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE IP Protection stopped
2012/06/18 22:49:32 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Database refreshed successfully
2012/06/18 22:49:32 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Starting IP protection
2012/06/18 22:49:38 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE IP Protection started successfully


2012/06/14 03:39:32 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Starting protection
2012/06/14 03:39:36 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Protection started successfully
2012/06/14 03:39:39 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Starting IP protection
2012/06/14 03:39:44 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE IP Protection started successfully


2012/06/12 18:47:12 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Executing scheduled update: Daily
2012/06/12 18:47:14 +0200 MZ-BOYZ-PC Mira Bellenbaum ERROR Scheduled update failed: Host not found failed with error code 0


2012/06/10 09:00:48 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Starting protection
2012/06/10 09:00:48 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Executing scheduled update: Daily
2012/06/10 09:00:50 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Database already up-to-date
2012/06/10 09:00:51 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Protection started successfully
2012/06/10 09:00:54 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Starting IP protection
2012/06/10 09:00:59 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE IP Protection started successfully
2012/06/10 11:18:05 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Stopping IP protection
2012/06/10 11:18:12 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE IP Protection stopped
2012/06/10 11:39:08 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Starting protection
2012/06/10 11:39:16 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Protection started successfully
2012/06/10 11:39:19 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Starting IP protection
2012/06/10 11:39:26 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE IP Protection started successfully

cosinus 19.06.2012 08:33
Das ist kein Vollscan-Log!

Thomaz 19.06.2012 17:57
Malwarebytes Anti-Malware (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.06.18.07

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.19272
Mira Bellenbaum :: MZ-BOYZ-PC [Administrator]

Schutz: Aktiviert

19.06.2012 18:59:16
mbam-log-2012-06-19 (18-59-16).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 245645
Laufzeit: 15 Minute(n), 49 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

cosinus 19.06.2012 22:57
Zitat:
Art des Suchlaufs: Quick-Scan
Steht da Vollscan? Nein? Warum hast du keinen gemacht?

Thomaz 21.06.2012 00:08
Sorry!

Code:
Malwarebytes Anti-Malware (Test) 1.61.0.1400
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: v2012.06.18.07

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.19272
Mira Bellenbaum :: MZ-BOYZ-PC [Administrator]

Schutz: Aktiviert

20.06.2012 18:20:54
mbam-log-2012-06-20 (18-20-54).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 448326
Laufzeit: 2 Stunde(n), 19 Minute(n), 30 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=1ba6859371d8db448706af4ecf173948
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-06-21 01:54:12
# local_time=2012-06-21 03:54:12 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1797 16775165 100 100 153418 115752915 0 0
# compatibility_mode=5892 16776573 100 100 25492 177766780 0 0
# compatibility_mode=8192 67108863 100 0 203 203 0 0
# scanned=262014
# found=5
# cleaned=0
# scan_time=9643
C:\$RECYCLE.BIN\S-1-5-21-1464321324-2098860524-3849462411-1000\$R9P99UY.exe        a variant of Win32/SoftonicDownloader.A application (unable to clean)        00000000000000000000000000000000        I
C:\$RECYCLE.BIN\S-1-5-21-1464321324-2098860524-3849462411-1000\$REPWZL1.exe        a variant of Win32/RegistryBooster application (unable to clean)        00000000000000000000000000000000        I
C:\$RECYCLE.BIN\S-1-5-21-1464321324-2098860524-3849462411-1000\$RX6HL9P.exe        a variant of Win32/SlowPCfighter application (unable to clean)        00000000000000000000000000000000        I
C:\Users\Mira Bellenbaum\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\469c32a2-5dccc19c        Java/Agent.EA trojan (unable to clean)        00000000000000000000000000000000        I
C:\Users\Mira Bellenbaum\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\31c85909-494b9128        Java/Exploit.CVE-2011-3544.T trojan (unable to clean)        00000000000000000000000000000000        I

cosinus 21.06.2012 11:53
Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log
CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Thomaz 21.06.2012 18:37
Code:
OTL logfile created on: 21.06.2012 19:08:54 - Run 2
OTL by OldTimer - Version 3.2.50.0    Folder = C:\Users\Mira Bellenbaum\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19272)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 0,60 Gb Available Physical Memory | 30,21% Memory free
4,21 Gb Paging File | 2,52 Gb Available in Paging File | 59,72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 93,08 Gb Total Space | 18,19 Gb Free Space | 19,54% Space Free | Partition Type: NTFS
Drive E: | 91,76 Gb Total Space | 54,74 Gb Free Space | 59,65% Space Free | Partition Type: NTFS
 
Computer Name: MZ-BOYZ-PC | User Name: Mira Bellenbaum | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.06.21 19:04:54 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Mira Bellenbaum\Desktop\OTL.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.04.04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.02.23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Programme\Common Files\Apple\Internet Services\ubd.exe
PRC - [2011.10.03 10:14:06 | 001,409,384 | ---- | M] (Garmin) -- C:\Programme\Garmin\Lifetime Updater\GarminLifetime.exe
PRC - [2010.09.15 11:11:22 | 000,339,312 | ---- | M] (Haufe-Lexware GmbH & Co. KG) -- C:\Programme\Common Files\Lexware\Update Manager\LxUpdateManager.exe
PRC - [2010.08.23 17:58:06 | 001,531,904 | ---- | M] (Nokia) -- C:\Programme\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010.01.15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009.08.05 12:26:34 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2009.06.11 08:47:30 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.03.02 12:08:43 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008.08.03 09:35:52 | 001,281,536 | ---- | M] (sw4you, Siegfried Weckmann) -- C:\Programme\Hardcopy\hardcopy.exe
PRC - [2008.03.17 18:06:00 | 001,848,648 | ---- | M] (CANON INC.) -- C:\Programme\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2008.01.29 19:51:52 | 004,911,104 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.01.29 16:00:40 | 000,430,080 | ---- | M] () -- C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
PRC - [2008.01.25 13:33:50 | 000,509,816 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\SmoothView\SmoothView.exe
PRC - [2008.01.22 14:25:26 | 000,712,704 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe
PRC - [2008.01.21 16:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2008.01.21 04:35:20 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 04:35:20 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2008.01.21 04:33:00 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2008.01.21 04:32:50 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe
PRC - [2008.01.17 16:27:52 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe
PRC - [2008.01.17 16:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- c:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2008.01.09 14:02:08 | 001,056,768 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2007.12.25 13:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2007.12.25 13:06:52 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2007.12.03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- c:\Programme\TOSHIBA\SMARTLogService\TosIPCSrv.exe
PRC - [2007.11.21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2007.11.19 04:19:36 | 000,128,352 | ---- | M] (CANON INC.) -- C:\Programme\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
PRC - [2007.07.10 09:24:10 | 000,581,632 | ---- | M] (TOSHIBA) -- C:\Programme\TOSHIBA\Toshiba Online Product Information\TOPI.exe
PRC - [2006.08.23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [1999.09.30 22:31:38 | 000,869,376 | ---- | M] (Fred's Software) -- C:\Programme\PrintKey2000\Printkey2000.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.06.14 03:43:58 | 000,593,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\8ad39a1c48ba36b5210abe02ef03bc2a\System.Messaging.ni.dll
MOD - [2012.06.14 03:43:46 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\508b444db523c5cf20ff12c7f440837b\System.Web.ni.dll
MOD - [2012.06.14 03:41:22 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll
MOD - [2012.06.14 03:41:07 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll
MOD - [2012.06.14 03:15:02 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll
MOD - [2012.06.14 03:07:48 | 018,000,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\199683f6e79076b634ee6cc0a82c0654\PresentationFramework.ni.dll
MOD - [2012.06.14 03:07:28 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e7dc084827f8df2dbdc819db5c633a0d\PresentationCore.ni.dll
MOD - [2012.06.14 03:07:12 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\21f37f9f5162af7efb52169012bd111e\WindowsBase.ni.dll
MOD - [2012.06.14 03:07:09 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll
MOD - [2012.05.10 03:47:37 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll
MOD - [2012.05.10 03:45:59 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012.05.10 03:43:52 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012.05.10 03:43:41 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2012.05.10 03:17:40 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d234eceae699d070b5a5712ce776c01f\System.Xaml.ni.dll
MOD - [2012.05.10 03:17:40 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\4837a5c6204d53e7aa4f7dd94b98207c\System.Xml.Linq.ni.dll
MOD - [2012.05.10 03:14:51 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a5fa2a1cfc6e9fdc39d9a8f2baa57bc9\PresentationFramework.Aero.ni.dll
MOD - [2012.05.10 03:09:42 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll
MOD - [2012.05.10 03:09:13 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll
MOD - [2012.05.10 03:09:01 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll
MOD - [2012.05.10 03:08:52 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
MOD - [2011.11.02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.11.02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010.08.14 17:16:12 | 000,034,816 | ---- | M] () -- C:\Programme\Google\Google Desktop Search\gzlib.dll
MOD - [2009.03.30 06:42:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.03.30 06:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.08.03 09:32:49 | 000,441,344 | ---- | M] () -- C:\Programme\Hardcopy\HcDllS.dll
MOD - [2008.08.02 12:02:45 | 000,057,344 | ---- | M] () -- C:\Programme\Hardcopy\HcDLL2_23_Win32.dll
MOD - [2008.02.02 23:08:12 | 001,722,368 | ---- | M] () -- C:\Programme\TUGZip\Plugins\TzArchive10.tgp
MOD - [2008.01.29 16:00:40 | 000,430,080 | ---- | M] () -- C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
MOD - [2007.12.25 12:03:40 | 000,015,184 | ---- | M] () -- C:\Programme\TOSHIBA\PCDiag\NotifyPCD.dll
MOD - [2007.12.14 21:40:00 | 000,090,112 | ---- | M] () -- C:\Programme\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll
MOD - [2007.12.14 21:28:38 | 004,726,784 | ---- | M] () -- C:\Programme\TOSHIBA\FlashCards\BlackPng.dll
MOD - [2007.09.13 15:11:18 | 000,249,856 | ---- | M] () -- C:\Windows\System32\igfxTMM.dll
MOD - [2007.03.12 23:34:20 | 000,162,304 | ---- | M] () -- C:\Windows\System32\ztvunrar36.dll
MOD - [2006.10.10 11:44:16 | 000,009,728 | ---- | M] () -- C:\Programme\TOSHIBA\TOSHIBA Assist\NotifyX.dll
MOD - [2006.10.07 11:57:04 | 000,053,248 | ---- | M] () -- c:\Programme\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
MOD - [2006.05.14 13:03:54 | 000,655,360 | ---- | M] () -- C:\Programme\TUGZip\TzShell.dll
MOD - [2005.02.17 23:15:22 | 000,077,824 | ---- | M] () -- C:\Programme\TUGZip\Plugins\TzImage10.tgp
MOD - [2003.11.20 13:18:06 | 000,045,056 | ---- | M] () -- C:\Programme\Hardcopy\hardcopy.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.06.16 12:45:33 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.05 07:43:28 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.07.20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2010.12.08 14:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.08.05 12:26:34 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009.06.11 08:47:30 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008.01.21 16:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008.01.21 04:35:20 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 04:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.21 04:32:50 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008.01.21 04:32:50 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2008.01.17 16:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- c:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007.12.25 13:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2007.12.03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- c:\Programme\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2007.11.21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006.08.23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2005.11.17 14:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010.07.30 14:16:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.07.30 14:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.07.30 14:16:42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.07.30 14:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.12.08 19:49:19 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.06.11 08:47:31 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2009.06.11 08:47:31 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.05.13 18:20:09 | 000,099,840 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV06.sys -- (ACEDRV06)
DRV - [2009.04.11 06:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2009.02.13 11:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.03.17 12:05:30 | 000,101,632 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008.01.21 15:42:24 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32)
DRV - [2008.01.21 04:32:45 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2007.12.28 20:21:54 | 000,104,448 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007.12.26 11:20:32 | 000,290,304 | ---- | M] (Realtek Semiconductor Corporation                          ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8187B.sys -- (RTL8187B)
DRV - [2007.11.09 14:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2007.10.17 23:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007.04.23 10:50:50 | 000,025,896 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\System32\drivers\RtlProt.sys -- (RtlProt)
DRV - [2006.11.20 14:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006.10.18 11:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [1999.04.22 05:38:00 | 000,073,216 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\SENTINEL.SYS -- (Sentinel)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{A6FA2E86-5740-4C25-8C83-F8F3303CF6FE}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rls=com.microsoft:*:IE-SearchBox&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7;
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\SearchScopes,DefaultScope = {A6FA2E86-5740-4C25-8C83-F8F3303CF6FE}
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=PTV&o=15184&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=RY&apn_dtid=YYYYYYYYDE&apn_uid=C002A827-A03D-4C7C-BDC7-F7BB64193C52&apn_sauid=4EC71F60-5206-4708-A4C9-03B898AAF5E1
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\SearchScopes\{31CF9EBE-5755-4a1d-AC25-2834D952D9B4}: "URL" = hxxp://search.pdfcreator-toolbar.org/search?p=Q&ts=ne&w={searchTerms}&csrc=search-field
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7GGLD_de&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = hxxp://127.0.0.1:4664/search&s=ykK0_xUh6saWFErEbG2RIAq1upk?q={searchTerms}
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\SearchScopes\{A6FA2E86-5740-4C25-8C83-F8F3303CF6FE}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7TSEA
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Mira Bellenbaum\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.16 12:45:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.20 00:24:16 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.16 12:45:34 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.20 00:24:16 | 000,000,000 | ---D | M]
 
[2008.07.07 21:51:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Extensions
[2012.06.02 12:29:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions
[2011.08.27 07:40:08 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2010.05.11 22:17:29 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.05.18 15:47:49 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012.06.02 12:29:52 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2011.01.01 15:17:48 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.05.21 18:49:55 | 000,000,000 | ---D | M] (ST-de3 Community Toolbar) -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
[2011.03.28 14:39:49 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\engine@conduit.com
[2011.03.27 04:06:01 | 000,000,000 | ---D | M] (PandoraTV Toolbar) -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\toolbar@ask.com
[2012.01.16 08:25:31 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.09.27 21:33:10 | 000,000,000 | ---D | M] (VMLoad) -- C:\Programme\Mozilla Firefox\extensions\{464F169E-ACE1-4C5F-A778-A433A3DABBAE}
[2009.02.19 09:56:33 | 000,000,000 | ---D | M] (Long Titles) -- C:\PROGRAM FILES\HAUFE\IDESK\IDESKBROWSER\EXTENSIONS\{C24AECC7-7C95-507F-D71F-155CB86656DF}
[2012.06.16 12:45:34 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.07.19 05:05:25 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.14 00:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2006.07.31 17:07:16 | 000,098,304 | ---- | M] (Zylom) -- C:\Program Files\mozilla firefox\plugins\npzylomgamesplayer.dll
[2011.10.01 07:26:57 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.10.01 07:26:57 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.10.01 07:26:57 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.01 07:26:57 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.01 07:26:57 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.10.01 07:26:57 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (VMLoadHBO Class) - {C17C7688-31D1-46D7-8C9B-5D253E4F5D5E} - C:\Users\Mira Bellenbaum\AppData\Roaming\VMLoad\addin\VMLoad.dll (TODO: <Company name>)
O2 - BHO: (PDFCreator Toolbar Helper) - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O2 - BHO: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Programme\kikin\ie_kikin.dll (kikin)
O3 - HKLM\..\Toolbar: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\Toolbar\WebBrowser: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O3 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\Toolbar\WebBrowser: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [Garmin Lifetime Updater] C:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exe (Garmin)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Programme\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaRegistration.exe (Toshiba)
O4 - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [Picasa Media Detector] C:\Programme\Picasa2\PicasaMediaDetector.exe (Google Inc.)
O4 - HKU\S-1-5-18..\Run: [Picasa Media Detector] C:\Programme\Picasa2\PicasaMediaDetector.exe (Google Inc.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000..\Run: [Garmin Lifetime Updater] C:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exe (Garmin)
O4 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000..\Run: [MobileDocuments] C:\Programme\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000..\Run: [RegistryBooster] "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000  File not found
O4 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000..\Run: [TOSCDSPD] C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe ()
O4 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Programme\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Programme\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Mira Bellenbaum\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK = C:\Programme\Hardcopy\hardcopy.exe (sw4you, Siegfried Weckmann)
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Mira Bellenbaum\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Mira Bellenbaum\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Programme\kikin\ie_kikin.dll (kikin)
O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} - hxxp://rover.ebay.com/rover/1/707-44556-9400-3/4 File not found
O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} - hxxp://www.amazon.de/exec/obidos/redirect-home?tag=Toshibadebholink-21&site=home File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} hxxp://picasaweb.google.com/s/v/70.22/uploader2.cab (UploadListView Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B7ECD9FB-FEC1-4A64-944D-B6FEC246F950}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\haufereader - No CLSID value found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2007.11.14 13:31:04 | 000,101,888 | ---- | M] (Destinator Technologies, Inc.) - C:\autorunce.exe -- [ NTFS ]
O32 - AutoRun File - [2007.12.03 14:10:36 | 000,005,360 | ---- | M] () - C:\Autorunce.ini -- [ NTFS ]
O33 - MountPoints2\{d53b72a0-e0f3-11dd-9312-001e33427d65}\Shell - "" = AutoRun
O33 - MountPoints2\{d53b72a0-e0f3-11dd-9312-001e33427d65}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{d53b72c8-e0f3-11dd-9312-001e33427d65}\Shell - "" = AutoRun
O33 - MountPoints2\{d53b72c8-e0f3-11dd-9312-001e33427d65}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.dvacm - C:\Programme\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: SENTINEL - C:\Windows\System32\SNTI386.DLL ()
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.06.21 19:05:34 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Mira Bellenbaum\Desktop\OTL.exe
[2012.06.21 01:10:05 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.06.19 06:57:50 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Mira Bellenbaum\Desktop\esetsmartinstaller_enu.exe
[2012.06.10 08:59:43 | 000,000,000 | ---D | C] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Malwarebytes
[2012.06.10 08:59:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.06.10 08:59:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.06.10 08:59:27 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.06.10 08:59:27 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.06.10 08:42:16 | 000,000,000 | ---D | C] -- C:\Users\Mira Bellenbaum\Desktop\Geile BMW
[2012.06.09 10:28:50 | 000,000,000 | ---D | C] -- C:\Users\Mira Bellenbaum\Desktop\Fotos 06-2012
[2012.06.03 10:03:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.06.03 10:01:34 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.06.03 10:01:30 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.06.21 19:04:54 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Mira Bellenbaum\Desktop\OTL.exe
[2012.06.21 19:00:58 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.06.21 18:58:51 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.06.21 18:58:47 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\WinMaximizer-Mira Bellenbaum-Startup.job
[2012.06.21 18:58:39 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.21 18:58:38 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.21 18:58:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.21 18:58:24 | 2136,961,024 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.21 06:48:50 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.06.19 06:57:55 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Mira Bellenbaum\Desktop\esetsmartinstaller_enu.exe
[2012.06.16 18:11:39 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.06.16 18:11:39 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.06.16 18:11:39 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.06.16 18:11:39 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.06.14 03:35:57 | 000,352,384 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.06.10 11:19:27 | 000,302,592 | ---- | M] () -- C:\Users\Mira Bellenbaum\Desktop\ewf2e5g9.exe
[2012.06.10 10:43:52 | 000,000,000 | ---- | M] () -- C:\Users\Mira Bellenbaum\defogger_reenable
[2012.06.10 08:59:29 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.03 10:19:56 | 000,039,436 | ---- | M] () -- C:\Users\Mira Bellenbaum\Desktop\Gummikuh00.jpg
[2012.06.03 10:03:26 | 000,001,669 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.06.10 11:19:23 | 000,302,592 | ---- | C] () -- C:\Users\Mira Bellenbaum\Desktop\ewf2e5g9.exe
[2012.06.10 10:43:52 | 000,000,000 | ---- | C] () -- C:\Users\Mira Bellenbaum\defogger_reenable
[2012.06.10 08:59:29 | 000,000,911 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.03 11:23:16 | 000,039,436 | ---- | C] () -- C:\Users\Mira Bellenbaum\Desktop\Gummikuh00.jpg
[2012.06.03 10:03:26 | 000,001,669 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.12.28 06:02:54 | 000,000,000 | ---- | C] () -- C:\Users\Mira Bellenbaum\AppData\Local\{5488039B-A1FF-4A15-88B1-757693C6EACE}
[2010.10.23 16:22:22 | 000,073,216 | ---- | C] () -- C:\Windows\System32\drivers\SENTINEL.SYS
[2010.10.23 16:22:22 | 000,047,616 | ---- | C] () -- C:\Windows\System32\SNTI386.DLL
[2010.10.23 16:22:22 | 000,017,920 | ---- | C] () -- C:\Windows\System32\RNBOVDD.DLL
 
========== LOP Check ==========
 
[2012.02.14 20:15:14 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Ahussib
[2010.02.22 18:48:04 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Buhl Data Service
[2009.01.22 11:49:19 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Canon
[2008.09.24 15:02:17 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\DesktopSMS
[2008.09.24 15:02:17 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Destinator
[2011.01.01 15:17:04 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\DVDVideoSoft
[2011.01.01 15:17:45 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.08.27 23:20:47 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\GARMIN
[2009.03.24 18:21:14 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Haufe
[2010.09.27 20:55:23 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Iggels
[2010.09.27 22:19:44 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\IN-MEDIAKG
[2010.12.30 18:35:07 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\kikin
[2009.03.12 04:12:19 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Lexware
[2010.09.27 22:20:03 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\mresreg
[2008.09.24 15:08:33 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\myphotobook
[2011.07.14 18:24:51 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Nokia
[2009.06.06 22:22:14 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\PasswordSafe
[2011.07.24 09:37:54 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\PC Suite
[2010.10.23 10:29:49 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\RibbonSoft
[2010.05.10 22:41:36 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\streamripper
[2011.09.20 20:32:06 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Teleca
[2008.11.04 21:12:29 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Template
[2008.09.24 15:02:14 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Toshiba
[2010.08.21 15:02:30 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Uniblue
[2010.10.15 03:04:28 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\VMLoad
[2012.02.08 20:29:39 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Yxmeh
[2012.06.21 07:05:45 | 000,032,548 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.06.21 18:58:47 | 000,000,328 | ---- | M] () -- C:\Windows\Tasks\WinMaximizer-Mira Bellenbaum-Startup.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2008.10.07 23:24:25 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Adobe
[2012.02.14 20:15:14 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Ahussib
[2012.04.26 21:04:18 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Apple Computer
[2010.02.22 18:48:04 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Buhl Data Service
[2009.01.22 11:49:19 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Canon
[2008.09.24 15:02:17 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\DesktopSMS
[2008.09.24 15:02:17 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Destinator
[2011.01.01 15:17:04 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\DVDVideoSoft
[2011.01.01 15:17:45 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.08.27 23:20:47 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\GARMIN
[2010.01.22 19:20:55 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Google
[2009.03.24 18:21:14 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Haufe
[2008.09.24 15:02:17 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Identities
[2010.09.27 20:55:23 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Iggels
[2010.09.27 22:19:44 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\IN-MEDIAKG
[2008.09.24 15:02:17 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\InstallShield
[2010.12.30 18:35:07 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\kikin
[2009.03.12 04:12:19 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Lexware
[2008.09.24 15:02:17 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Macromedia
[2012.06.10 08:59:43 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Malwarebytes
[2012.01.09 22:52:56 | 000,000,000 | --SD | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Microsoft
[2008.09.24 15:02:17 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Mozilla
[2010.09.27 22:20:03 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\mresreg
[2008.09.24 15:08:33 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\myphotobook
[2011.07.14 18:24:51 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Nokia
[2012.04.15 22:40:26 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\OpenOffice.org2
[2009.06.06 22:22:14 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\PasswordSafe
[2011.07.24 09:37:54 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\PC Suite
[2010.10.23 10:29:49 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\RibbonSoft
[2011.06.11 12:39:10 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Sony Ericsson
[2010.05.10 22:41:36 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\streamripper
[2011.09.20 20:32:06 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Teleca
[2008.11.04 21:12:29 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Template
[2008.09.24 15:02:14 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Toshiba
[2010.08.21 15:02:30 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Uniblue
[2012.01.13 23:22:49 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\vlc
[2010.10.15 03:04:28 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\VMLoad
[2012.02.08 20:29:39 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Yxmeh
 
< %APPDATA%\*.exe /s >
[2010.12.03 22:55:02 | 000,752,688 | ---- | M] () -- C:\Users\Mira Bellenbaum\AppData\Roaming\kikin\kikin_updater_2.4.15.exe
[2010.12.30 18:35:14 | 001,166,568 | ---- | M] () -- C:\Users\Mira Bellenbaum\AppData\Roaming\kikin\kikin_updater_2.9.1.exe
[2009.02.19 09:56:37 | 000,086,016 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Mira Bellenbaum\AppData\Roaming\Microsoft\Installer\{F48AAE0F-52F4-11DD-B1F7-0050560400B1}\ARPPRODUCTICON.exe
[2011.03.21 21:07:33 | 003,325,832 | ---- | M] (Ask) -- C:\Users\Mira Bellenbaum\AppData\Roaming\Mozilla\Firefox\Profiles\nptgehl2.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe
[2007.01.01 18:01:25 | 000,009,728 | ---- | M] () -- C:\Users\Mira Bellenbaum\AppData\Roaming\myphotobook\xtras\localVista.exe
[2007.01.08 10:34:46 | 000,006,656 | ---- | M] () -- C:\Users\Mira Bellenbaum\AppData\Roaming\myphotobook\xtras\localXP.exe
[2006.12.21 13:16:20 | 000,021,504 | ---- | M] (Optimum X) -- C:\Users\Mira Bellenbaum\AppData\Roaming\myphotobook\xtras\shellExecute.exe
[2006.12.21 13:16:15 | 000,009,216 | ---- | M] () -- C:\Users\Mira Bellenbaum\AppData\Roaming\myphotobook\xtras\sleep.exe
 
< %SYSTEMDRIVE%\*.exe >
[2007.11.14 13:31:04 | 000,101,888 | ---- | M] (Destinator Technologies, Inc.) -- C:\autorunce.exe
 
< MD5 for: AGP440.SYS  >
[2008.01.21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: IASTOR.SYS  >
[2007.09.29 23:03:32 | 000,384,024 | ---- | M] (Intel Corporation) MD5=16A4671255CFB842225F0FDB6DBDB414 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2007.09.29 23:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2007.09.29 23:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\drivers\iaStor.sys
[2007.09.29 23:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_7baf6192\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:33:41 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 04:34:39 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.01.21 04:34:02 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2008.01.21 04:33:13 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 04:33:13 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 04:34:35 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:34:35 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:31:11 | 015,716,352 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:31:01 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:31:12 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
<          >

< End of report >

cosinus 21.06.2012 19:42
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
:OTL
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2269050
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\SearchScopes,DefaultScope = {A6FA2E86-5740-4C25-8C83-F8F3303CF6FE}
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=PTV&o=15184&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=RY&apn_dtid=YYYYYYYYDE&apn_uid=C002A827-A03D-4C7C-BDC7-F7BB64193C52&apn_sauid=4EC71F60-5206-4708-A4C9-03B898AAF5E1
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\SearchScopes\{31CF9EBE-5755-4a1d-AC25-2834D952D9B4}: "URL" = http://search.pdfcreator-toolbar.org/search?p=Q&ts=ne&w={searchTerms}&csrc=search-field
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=ykK0_xUh6saWFErEbG2RIAq1upk?q={searchTerms}
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\SearchScopes\{A6FA2E86-5740-4C25-8C83-F8F3303CF6FE}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7TSEA
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
[2010.05.11 22:17:29 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.05.18 15:47:49 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012.06.02 12:29:52 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2011.01.01 15:17:48 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.05.21 18:49:55 | 000,000,000 | ---D | M] (ST-de3 Community Toolbar) -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
[2011.03.28 14:39:49 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\engine@conduit.com
[2011.03.27 04:06:01 | 000,000,000 | ---D | M] (PandoraTV Toolbar) -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\toolbar@ask.com
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (VMLoadHBO Class) - {C17C7688-31D1-46D7-8C9B-5D253E4F5D5E} - C:\Users\Mira Bellenbaum\AppData\Roaming\VMLoad\addin\VMLoad.dll (TODO: <Company name>)
O2 - BHO: (PDFCreator Toolbar Helper) - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O2 - BHO: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Programme\kikin\ie_kikin.dll (kikin)
O3 - HKLM\..\Toolbar: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\Toolbar\WebBrowser: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O3 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\Toolbar\WebBrowser: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000..\Run: [RegistryBooster] "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2007.11.14 13:31:04 | 000,101,888 | ---- | M] (Destinator Technologies, Inc.) - C:\autorunce.exe -- [ NTFS ]
O32 - AutoRun File - [2007.12.03 14:10:36 | 000,005,360 | ---- | M] () - C:\Autorunce.ini -- [ NTFS ]
O33 - MountPoints2\{d53b72a0-e0f3-11dd-9312-001e33427d65}\Shell - "" = AutoRun
O33 - MountPoints2\{d53b72a0-e0f3-11dd-9312-001e33427d65}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{d53b72c8-e0f3-11dd-9312-001e33427d65}\Shell - "" = AutoRun
O33 - MountPoints2\{d53b72c8-e0f3-11dd-9312-001e33427d65}\Shell\AutoRun\command - "" = D:\AutoRun.exe
:Files
C:\Users\Mira Bellenbaum\AppData\Roaming\Ahussib
C:\Users\Mira Bellenbaum\AppData\Roaming\kikin
C:\Users\Mira Bellenbaum\AppData\Roaming\Yxmeh
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Thomaz 21.06.2012 20:48
Während dem Fixen ist OTL abgeschmiert ("OTL funktioniert nicht mehr"). Danach wurde der Rechner neu gestartet und ist zunächst nicht mehr hochgefahren. Nach ewigem Warten hat es dann doch noch funktioniert. Dann war folgendes in einem neuen Fenster zu lesen:

Code:
Files\Folders moved on Reboot...
C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} folder moved successfully.
C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} folder moved successfully.
C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\toolbar@ask.com folder moved successfully.

Registry entries deleted on Reboot...

cosinus 21.06.2012 21:09
Starte Windows neu im abgesicherten Modus (mit Netzwerktreibern nach Möglichkeit), manchmal hakt das Fixen mit OTL im normalen Modus aber sehr oft funktioniert der Fix im abgesicherte Modus. Wiederhol den Fix da dann bitte

Thomaz 21.06.2012 21:37
Code:
All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\ not found.
File C:\Programme\Winamp Toolbar\winamptb.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Programme\DVDVideoSoftTB\tbDVDV.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ not found.
File C:\Programme\softonic-de3\tbsoft.dll not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ not found.
HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\StartPageCache| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\ not found.
File C:\Programme\Winamp Toolbar\winamptb.dll not found.
Registry value HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Programme\DVDVideoSoftTB\tbDVDV.dll not found.
Registry value HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ not found.
File C:\Programme\softonic-de3\tbsoft.dll not found.
HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found.
Registry key HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Internet Explorer\SearchScopes\{31CF9EBE-5755-4a1d-AC25-2834D952D9B4}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31CF9EBE-5755-4a1d-AC25-2834D952D9B4}\ not found.
Registry key HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found.
Registry key HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A6FA2E86-5740-4C25-8C83-F8F3303CF6FE}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A6FA2E86-5740-4C25-8C83-F8F3303CF6FE}\ not found.
Registry key HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ not found.
Folder C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\ not found.
Folder C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\ not found.
Folder C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
Folder C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\ not found.
Folder C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ not found.
Folder C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\engine@conduit.com\ not found.
Folder C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\toolbar@ask.com\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}\ not found.
File C:\Programme\Winamp Toolbar\winamptb.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Programme\DVDVideoSoftTB\tbDVDV.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C17C7688-31D1-46D7-8C9B-5D253E4F5D5E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C17C7688-31D1-46D7-8C9B-5D253E4F5D5E}\ not found.
File C:\Users\Mira Bellenbaum\AppData\Roaming\VMLoad\addin\VMLoad.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}\ not found.
File C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ not found.
File C:\Programme\softonic-de3\tbsoft.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E601996F-E400-41CA-804B-CD6373A7EEE2}\ not found.
File C:\Programme\kikin\ie_kikin.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}\ not found.
File C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Programme\DVDVideoSoftTB\tbDVDV.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ not found.
File de3\tbsoft.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2}\ not found.
File C:\Programme\Winamp Toolbar\winamptb.dll not found.
Registry value HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}\ not found.
File C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}\ not found.
File C:\Programme\DVDVideoSoftTB\tbDVDV.dll not found.
Registry value HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}\ not found.
File de3\tbsoft.dll not found.
Registry value HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}\ not found.
File C:\Programme\Winamp Toolbar\winamptb.dll not found.
Registry value HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Windows\CurrentVersion\Run\\RegistryBooster not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File C:\autoexec.bat not found.
File C:\autorunce.exe not found.
File C:\Autorunce.ini not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d53b72a0-e0f3-11dd-9312-001e33427d65}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d53b72a0-e0f3-11dd-9312-001e33427d65}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d53b72a0-e0f3-11dd-9312-001e33427d65}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d53b72a0-e0f3-11dd-9312-001e33427d65}\ not found.
File D:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d53b72c8-e0f3-11dd-9312-001e33427d65}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d53b72c8-e0f3-11dd-9312-001e33427d65}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d53b72c8-e0f3-11dd-9312-001e33427d65}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d53b72c8-e0f3-11dd-9312-001e33427d65}\ not found.
File D:\AutoRun.exe not found.
========== FILES ==========
File\Folder C:\Users\Mira Bellenbaum\AppData\Roaming\Ahussib not found.
File\Folder C:\Users\Mira Bellenbaum\AppData\Roaming\kikin not found.
File\Folder C:\Users\Mira Bellenbaum\AppData\Roaming\Yxmeh not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Mira Bellenbaum
->Temp folder emptied: 77868 bytes
->Temporary Internet Files folder emptied: 483700394 bytes
->Java cache emptied: 11525729 bytes
->FireFox cache emptied: 259165194 bytes
->Flash cache emptied: 133655 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 893100589 bytes
RecycleBin emptied: 3620427724 bytes
 
Total Files Cleaned = 5.024,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
->Flash cache emptied: 0 bytes
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: Mira Bellenbaum
->Flash cache emptied: 0 bytes
 
User: Public
 
Total Flash Files Cleaned = 0,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.50.0 log created on 06212012_222717

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

cosinus 22.06.2012 08:59
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

Thomaz 22.06.2012 09:19
Code:
10:14:06.0052 6132        TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32
10:14:06.0215 6132        ============================================================
10:14:06.0215 6132        Current date / time: 2012/06/22 10:14:06.0215
10:14:06.0215 6132        SystemInfo:
10:14:06.0215 6132       
10:14:06.0215 6132        OS Version: 6.0.6002 ServicePack: 2.0
10:14:06.0215 6132        Product type: Workstation
10:14:06.0215 6132        ComputerName: MZ-BOYZ-PC
10:14:06.0216 6132        UserName: Mira Bellenbaum
10:14:06.0216 6132        Windows directory: C:\Windows
10:14:06.0216 6132        System windows directory: C:\Windows
10:14:06.0216 6132        Processor architecture: Intel x86
10:14:06.0216 6132        Number of processors: 2
10:14:06.0216 6132        Page size: 0x1000
10:14:06.0216 6132        Boot type: Normal boot
10:14:06.0216 6132        ============================================================
10:14:06.0692 6132        Drive \Device\Harddisk0\DR0 - Size: 0x2E93E36000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:14:06.0694 6132        ============================================================
10:14:06.0694 6132        \Device\Harddisk0\DR0:
10:14:06.0695 6132        MBR partitions:
10:14:06.0695 6132        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0xBA29000
10:14:06.0695 6132        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xBD17800, BlocksNum 0xB7871B0
10:14:06.0695 6132        ============================================================
10:14:06.0744 6132        C: <-> \Device\Harddisk0\DR0\Partition0
10:14:06.0800 6132        E: <-> \Device\Harddisk0\DR0\Partition1
10:14:06.0801 6132        ============================================================
10:14:06.0801 6132        Initialize success
10:14:06.0801 6132        ============================================================
10:14:46.0227 4484        ============================================================
10:14:46.0227 4484        Scan started
10:14:46.0227 4484        Mode: Manual;
10:14:46.0228 4484        ============================================================
10:14:48.0291 4484        ACEDRV06        (44010948bde6ade50dd1386657c73e83) C:\Windows\system32\drivers\ACEDRV06.sys
10:14:48.0294 4484        ACEDRV06 - ok
10:14:48.0372 4484        ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
10:14:48.0375 4484        ACPI - ok
10:14:48.0493 4484        AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:14:48.0496 4484        AdobeFlashPlayerUpdateSvc - ok
10:14:48.0589 4484        adp94xx        (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
10:14:48.0602 4484        adp94xx - ok
10:14:48.0649 4484        adpahci        (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
10:14:48.0658 4484        adpahci - ok
10:14:48.0692 4484        adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
10:14:48.0695 4484        adpu160m - ok
10:14:48.0738 4484        adpu320        (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
10:14:48.0743 4484        adpu320 - ok
10:14:48.0825 4484        AeLookupSvc    (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
10:14:48.0827 4484        AeLookupSvc - ok
10:14:48.0923 4484        AFD            (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
10:14:48.0930 4484        AFD - ok
10:14:49.0003 4484        agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
10:14:49.0005 4484        agp440 - ok
10:14:49.0041 4484        aic78xx        (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
10:14:49.0044 4484        aic78xx - ok
10:14:49.0076 4484        ALG            (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
10:14:49.0078 4484        ALG - ok
10:14:49.0110 4484        aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
10:14:49.0112 4484        aliide - ok
10:14:49.0134 4484        amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
10:14:49.0136 4484        amdagp - ok
10:14:49.0162 4484        amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
10:14:49.0163 4484        amdide - ok
10:14:49.0217 4484        AmdK7          (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
10:14:49.0219 4484        AmdK7 - ok
10:14:49.0260 4484        AmdK8          (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
10:14:49.0262 4484        AmdK8 - ok
10:14:49.0390 4484        AntiVirSchedulerService (9015bc03f62940527ec92d45ee89e46f) C:\Program Files\Avira\AntiVir Desktop\sched.exe
10:14:49.0391 4484        AntiVirSchedulerService - ok
10:14:49.0460 4484        AntiVirService  (b8720a787c1223492e6f319465e996ce) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
10:14:49.0461 4484        AntiVirService - ok
10:14:49.0529 4484        Appinfo        (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
10:14:49.0530 4484        Appinfo - ok
10:14:49.0706 4484        Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:14:49.0708 4484        Apple Mobile Device - ok
10:14:49.0742 4484        arc            (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
10:14:49.0745 4484        arc - ok
10:14:49.0798 4484        arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
10:14:49.0801 4484        arcsas - ok
10:14:49.0831 4484        AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
10:14:49.0833 4484        AsyncMac - ok
10:14:49.0934 4484        atapi          (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
10:14:49.0935 4484        atapi - ok
10:14:50.0029 4484        AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
10:14:50.0033 4484        AudioEndpointBuilder - ok
10:14:50.0040 4484        Audiosrv        (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
10:14:50.0043 4484        Audiosrv - ok
10:14:50.0067 4484        avgio          (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
10:14:50.0067 4484        avgio - ok
10:14:50.0125 4484        avgntflt        (14fe36d8f2c6a2435275338d061a0b66) C:\Windows\system32\DRIVERS\avgntflt.sys
10:14:50.0125 4484        avgntflt - ok
10:14:50.0178 4484        avipbb          (6d52060b59e7d79cd2a044b6add1f1ef) C:\Windows\system32\DRIVERS\avipbb.sys
10:14:50.0179 4484        avipbb - ok
10:14:50.0244 4484        Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
10:14:50.0245 4484        Beep - ok
10:14:50.0339 4484        BFE            (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
10:14:50.0344 4484        BFE - ok
10:14:50.0482 4484        BITS            (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
10:14:50.0501 4484        BITS - ok
10:14:50.0549 4484        blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
10:14:50.0551 4484        blbdrive - ok
10:14:50.0710 4484        Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
10:14:50.0720 4484        Bonjour Service - ok
10:14:50.0780 4484        bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
10:14:50.0783 4484        bowser - ok
10:14:50.0845 4484        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
10:14:50.0847 4484        BrFiltLo - ok
10:14:50.0871 4484        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
10:14:50.0872 4484        BrFiltUp - ok
10:14:50.0919 4484        Browser        (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
10:14:50.0922 4484        Browser - ok
10:14:50.0950 4484        Brserid        (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
10:14:50.0953 4484        Brserid - ok
10:14:50.0986 4484        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
10:14:50.0988 4484        BrSerWdm - ok
10:14:51.0013 4484        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
10:14:51.0014 4484        BrUsbMdm - ok
10:14:51.0037 4484        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
10:14:51.0038 4484        BrUsbSer - ok
10:14:51.0070 4484        BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
10:14:51.0072 4484        BTHMODEM - ok
10:14:51.0131 4484        cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
10:14:51.0134 4484        cdfs - ok
10:14:51.0192 4484        cdrom          (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
10:14:51.0193 4484        cdrom - ok
10:14:51.0253 4484        CertPropSvc    (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
10:14:51.0254 4484        CertPropSvc - ok
10:14:51.0278 4484        circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
10:14:51.0279 4484        circlass - ok
10:14:51.0395 4484        CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
10:14:51.0402 4484        CLFS - ok
10:14:51.0488 4484        clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:14:51.0491 4484        clr_optimization_v2.0.50727_32 - ok
10:14:51.0635 4484        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:14:51.0639 4484        clr_optimization_v4.0.30319_32 - ok
10:14:51.0707 4484        CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
10:14:51.0708 4484        CmBatt - ok
10:14:51.0731 4484        cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
10:14:51.0732 4484        cmdide - ok
10:14:51.0759 4484        Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
10:14:51.0760 4484        Compbatt - ok
10:14:51.0767 4484        COMSysApp - ok
10:14:51.0877 4484        ConfigFree Service (596e452b5152ec9afe8153d296459d2b) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
10:14:51.0879 4484        ConfigFree Service - ok
10:14:51.0891 4484        crcdisk        (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
10:14:51.0892 4484        crcdisk - ok
10:14:51.0927 4484        Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
10:14:51.0929 4484        Crusoe - ok
10:14:51.0985 4484        CryptSvc        (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
10:14:51.0986 4484        CryptSvc - ok
10:14:52.0111 4484        DcomLaunch      (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
10:14:52.0124 4484        DcomLaunch - ok
10:14:52.0168 4484        DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
10:14:52.0171 4484        DfsC - ok
10:14:52.0448 4484        DFSR            (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
10:14:52.0504 4484        DFSR - ok
10:14:52.0716 4484        Dhcp            (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
10:14:52.0720 4484        Dhcp - ok
10:14:52.0799 4484        disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
10:14:52.0801 4484        disk - ok
10:14:52.0888 4484        Dnscache        (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
10:14:52.0890 4484        Dnscache - ok
10:14:52.0954 4484        dot3svc        (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
10:14:52.0959 4484        dot3svc - ok
10:14:53.0012 4484        DPS            (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
10:14:53.0014 4484        DPS - ok
10:14:53.0081 4484        drmkaud        (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
10:14:53.0083 4484        drmkaud - ok
10:14:53.0194 4484        DXGKrnl        (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
10:14:53.0209 4484        DXGKrnl - ok
10:14:53.0247 4484        E1G60          (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
10:14:53.0251 4484        E1G60 - ok
10:14:53.0286 4484        EapHost        (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
10:14:53.0288 4484        EapHost - ok
10:14:53.0369 4484        Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
10:14:53.0374 4484        Ecache - ok
10:14:53.0463 4484        elxstor        (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
10:14:53.0472 4484        elxstor - ok
10:14:53.0580 4484        EMDMgmt        (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
10:14:53.0592 4484        EMDMgmt - ok
10:14:53.0626 4484        ErrDev          (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
10:14:53.0627 4484        ErrDev - ok
10:14:53.0705 4484        EventSystem    (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
10:14:53.0711 4484        EventSystem - ok
10:14:53.0772 4484        exfat          (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
10:14:53.0776 4484        exfat - ok
10:14:53.0837 4484        fastfat        (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
10:14:53.0842 4484        fastfat - ok
10:14:53.0913 4484        fdc            (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
10:14:53.0914 4484        fdc - ok
10:14:53.0957 4484        fdPHost        (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
10:14:53.0959 4484        fdPHost - ok
10:14:53.0972 4484        FDResPub        (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
10:14:53.0973 4484        FDResPub - ok
10:14:53.0998 4484        FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
10:14:54.0001 4484        FileInfo - ok
10:14:54.0021 4484        Filetrace      (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
10:14:54.0023 4484        Filetrace - ok
10:14:54.0349 4484        FirebirdServerMAGIXInstance (167d24a045499ebef438f231976158df) C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
10:14:54.0391 4484        FirebirdServerMAGIXInstance - ok
10:14:54.0570 4484        flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
10:14:54.0572 4484        flpydisk - ok
10:14:54.0632 4484        FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
10:14:54.0636 4484        FltMgr - ok
10:14:54.0790 4484        FontCache      (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
10:14:54.0798 4484        FontCache - ok
10:14:54.0936 4484        FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:14:54.0938 4484        FontCache3.0.0.0 - ok
10:14:54.0986 4484        Fs_Rec          (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
10:14:54.0988 4484        Fs_Rec - ok
10:14:55.0028 4484        FwLnk          (cbc22823628544735625b280665e434e) C:\Windows\system32\DRIVERS\FwLnk.sys
10:14:55.0029 4484        FwLnk - ok
10:14:55.0059 4484        gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
10:14:55.0061 4484        gagp30kx - ok
10:14:55.0112 4484        GEARAspiWDM    (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:14:55.0114 4484        GEARAspiWDM - ok
10:14:55.0293 4484        GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
10:14:55.0294 4484        GoogleDesktopManager-051210-111108 - ok
10:14:55.0419 4484        gpsvc          (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
10:14:55.0433 4484        gpsvc - ok
10:14:55.0482 4484        gupdate        (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
10:14:55.0486 4484        gupdate - ok
10:14:55.0527 4484        gupdatem        (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
10:14:55.0529 4484        gupdatem - ok
10:14:55.0601 4484        gusvc          (751c1d2ca2abf4a9f5a6b8d7d45b907c) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
10:14:55.0605 4484        gusvc - ok
10:14:55.0683 4484        HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
10:14:55.0690 4484        HdAudAddService - ok
10:14:55.0791 4484        HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
10:14:55.0802 4484        HDAudBus - ok
10:14:55.0820 4484        HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
10:14:55.0823 4484        HidBth - ok
10:14:55.0846 4484        HidIr          (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
10:14:55.0848 4484        HidIr - ok
10:14:55.0886 4484        hidserv        (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
10:14:55.0888 4484        hidserv - ok
10:14:55.0940 4484        HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
10:14:55.0941 4484        HidUsb - ok
10:14:55.0975 4484        hkmsvc          (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
10:14:55.0977 4484        hkmsvc - ok
10:14:56.0011 4484        HpCISSs        (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
10:14:56.0013 4484        HpCISSs - ok
10:14:56.0082 4484        HSFHWAZL        (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
10:14:56.0088 4484        HSFHWAZL - ok
10:14:56.0256 4484        HSF_DPV        (cc267848cb3508e72762be65734e764d) C:\Windows\system32\DRIVERS\HSX_DPV.sys
10:14:56.0282 4484        HSF_DPV - ok
10:14:56.0379 4484        HSXHWAZL        (a2882945cc4b6e3e4e9e825590438888) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
10:14:56.0385 4484        HSXHWAZL - ok
10:14:56.0461 4484        HTTP            (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
10:14:56.0473 4484        HTTP - ok
10:14:56.0532 4484        hwdatacard      (19e6885a061011d8dabe8f64498423fa) C:\Windows\system32\DRIVERS\ewusbmdm.sys
10:14:56.0533 4484        hwdatacard - ok
10:14:56.0579 4484        i2omp          (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
10:14:56.0581 4484        i2omp - ok
10:14:56.0639 4484        i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
10:14:56.0642 4484        i8042prt - ok
10:14:56.0721 4484        iaStor          (e5a0034847537eaee3c00349d5c34c5f) C:\Windows\system32\DRIVERS\iaStor.sys
10:14:56.0724 4484        iaStor - ok
10:14:56.0779 4484        iaStorV        (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
10:14:56.0786 4484        iaStorV - ok
10:14:56.0965 4484        IDriverT        (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
10:14:56.0969 4484        IDriverT - ok
10:14:57.0154 4484        idsvc          (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:14:57.0180 4484        idsvc - ok
10:14:57.0458 4484        igfx            (038815297078d236d8cc064c295a74c6) C:\Windows\system32\DRIVERS\igdkmd32.sys
10:14:57.0501 4484        igfx - ok
10:14:57.0756 4484        iirsp          (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
10:14:57.0758 4484        iirsp - ok
10:14:57.0847 4484        IKEEXT          (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
10:14:57.0857 4484        IKEEXT - ok
10:14:58.0144 4484        IntcAzAudAddService (8a4341616976e47712b60f18c7049dcc) C:\Windows\system32\drivers\RTKVHDA.sys
10:14:58.0193 4484        IntcAzAudAddService - ok
10:14:58.0381 4484        intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
10:14:58.0383 4484        intelide - ok
10:14:58.0448 4484        intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
10:14:58.0450 4484        intelppm - ok
10:14:58.0493 4484        IPBusEnum      (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
10:14:58.0498 4484        IPBusEnum - ok
10:14:58.0531 4484        IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:14:58.0533 4484        IpFilterDriver - ok
10:14:58.0596 4484        iphlpsvc        (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
10:14:58.0600 4484        iphlpsvc - ok
10:14:58.0607 4484        IpInIp - ok
10:14:58.0650 4484        IPMIDRV        (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
10:14:58.0653 4484        IPMIDRV - ok
10:14:58.0691 4484        IPNAT          (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
10:14:58.0695 4484        IPNAT - ok
10:14:58.0872 4484        iPod Service    (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
10:14:58.0896 4484        iPod Service - ok
10:14:59.0062 4484        IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
10:14:59.0064 4484        IRENUM - ok
10:14:59.0109 4484        isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
10:14:59.0111 4484        isapnp - ok
10:14:59.0179 4484        iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
10:14:59.0185 4484        iScsiPrt - ok
10:14:59.0208 4484        iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
10:14:59.0209 4484        iteatapi - ok
10:14:59.0233 4484        iteraid        (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
10:14:59.0235 4484        iteraid - ok
10:14:59.0256 4484        kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
10:14:59.0259 4484        kbdclass - ok
10:14:59.0325 4484        kbdhid          (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
10:14:59.0326 4484        kbdhid - ok
10:14:59.0365 4484        KeyIso          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
10:14:59.0366 4484        KeyIso - ok
10:14:59.0463 4484        KSecDD          (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
10:14:59.0475 4484        KSecDD - ok
10:14:59.0597 4484        KtmRm          (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
10:14:59.0608 4484        KtmRm - ok
10:14:59.0722 4484        LanmanServer    (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
10:14:59.0726 4484        LanmanServer - ok
10:14:59.0940 4484        LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
10:14:59.0945 4484        LanmanWorkstation - ok
10:15:00.0070 4484        lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
10:15:00.0072 4484        lltdio - ok
10:15:00.0195 4484        lltdsvc        (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
10:15:00.0201 4484        lltdsvc - ok
10:15:00.0232 4484        lmhosts        (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
10:15:00.0235 4484        lmhosts - ok
10:15:00.0304 4484        LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
10:15:00.0308 4484        LSI_FC - ok
10:15:00.0356 4484        LSI_SAS        (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
10:15:00.0361 4484        LSI_SAS - ok
10:15:00.0425 4484        LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
10:15:00.0429 4484        LSI_SCSI - ok
10:15:00.0475 4484        luafv          (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
10:15:00.0478 4484        luafv - ok
10:15:00.0541 4484        MBAMProtector  (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
10:15:00.0543 4484        MBAMProtector - ok
10:15:00.0667 4484        MBAMService    (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
10:15:00.0672 4484        MBAMService - ok
10:15:00.0795 4484        McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
10:15:00.0802 4484        McComponentHostService - ok
10:15:00.0834 4484        mdmxsdk        (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
10:15:00.0836 4484        mdmxsdk - ok
10:15:00.0910 4484        megasas        (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
10:15:00.0912 4484        megasas - ok
10:15:01.0027 4484        MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
10:15:01.0037 4484        MegaSR - ok
10:15:01.0080 4484        MMCSS          (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
10:15:01.0082 4484        MMCSS - ok
10:15:01.0106 4484        Modem          (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
10:15:01.0108 4484        Modem - ok
10:15:01.0136 4484        monitor        (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
10:15:01.0137 4484        monitor - ok
10:15:01.0152 4484        mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
10:15:01.0153 4484        mouclass - ok
10:15:01.0169 4484        mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
10:15:01.0170 4484        mouhid - ok
10:15:01.0190 4484        MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
10:15:01.0192 4484        MountMgr - ok
10:15:01.0279 4484        MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:15:01.0283 4484        MozillaMaintenance - ok
10:15:01.0346 4484        mpio            (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
10:15:01.0350 4484        mpio - ok
10:15:01.0383 4484        mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
10:15:01.0385 4484        mpsdrv - ok
10:15:01.0492 4484        MpsSvc          (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
10:15:01.0500 4484        MpsSvc - ok
10:15:01.0545 4484        Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
10:15:01.0547 4484        Mraid35x - ok
10:15:01.0598 4484        MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
10:15:01.0602 4484        MRxDAV - ok
10:15:01.0650 4484        mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:15:01.0654 4484        mrxsmb - ok
10:15:01.0727 4484        mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:15:01.0734 4484        mrxsmb10 - ok
10:15:01.0755 4484        mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:15:01.0759 4484        mrxsmb20 - ok
10:15:01.0824 4484        msahci          (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
10:15:01.0827 4484        msahci - ok
10:15:01.0867 4484        msdsm          (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
10:15:01.0872 4484        msdsm - ok
10:15:01.0950 4484        MSDTC          (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
10:15:01.0956 4484        MSDTC - ok
10:15:01.0999 4484        Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
10:15:02.0001 4484        Msfs - ok
10:15:02.0048 4484        msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
10:15:02.0049 4484        msisadrv - ok
10:15:02.0077 4484        MSiSCSI        (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
10:15:02.0082 4484        MSiSCSI - ok
10:15:02.0089 4484        msiserver - ok
10:15:02.0128 4484        MSKSSRV        (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
10:15:02.0129 4484        MSKSSRV - ok
10:15:02.0168 4484        MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
10:15:02.0169 4484        MSPCLOCK - ok
10:15:02.0198 4484        MSPQM          (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
10:15:02.0200 4484        MSPQM - ok
10:15:02.0247 4484        MsRPC          (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
10:15:02.0251 4484        MsRPC - ok
10:15:02.0276 4484        mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
10:15:02.0277 4484        mssmbios - ok
10:15:02.0293 4484        MSTEE          (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
10:15:02.0294 4484        MSTEE - ok
10:15:02.0335 4484        Mup            (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
10:15:02.0337 4484        Mup - ok
10:15:02.0404 4484        napagent        (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
10:15:02.0410 4484        napagent - ok
10:15:02.0474 4484        NativeWifiP    (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
10:15:02.0478 4484        NativeWifiP - ok
10:15:02.0591 4484        NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
10:15:02.0605 4484        NDIS - ok
10:15:02.0644 4484        NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
10:15:02.0645 4484        NdisTapi - ok
10:15:02.0669 4484        Ndisuio        (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
10:15:02.0671 4484        Ndisuio - ok
10:15:02.0709 4484        NdisWan        (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
10:15:02.0712 4484        NdisWan - ok
10:15:02.0746 4484        NDProxy        (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
10:15:02.0748 4484        NDProxy - ok
10:15:02.0773 4484        NetBIOS        (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
10:15:02.0775 4484        NetBIOS - ok
10:15:02.0840 4484        netbt          (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
10:15:02.0846 4484        netbt - ok
10:15:02.0936 4484        Netlogon        (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
10:15:02.0939 4484        Netlogon - ok
10:15:03.0014 4484        Netman          (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
10:15:03.0037 4484        Netman - ok
10:15:03.0135 4484        netprofm        (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
10:15:03.0149 4484        netprofm - ok
10:15:03.0250 4484        NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:15:03.0253 4484        NetTcpPortSharing - ok
10:15:03.0637 4484        NETw3v32        (35d5458d9a1b26b2005abffbf4c1c5e7) C:\Windows\system32\DRIVERS\NETw3v32.sys
10:15:03.0692 4484        NETw3v32 - ok
10:15:03.0947 4484        nfrd960        (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
10:15:03.0950 4484        nfrd960 - ok
10:15:04.0015 4484        NlaSvc          (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
10:15:04.0019 4484        NlaSvc - ok
10:15:04.0066 4484        nmwcd          (48fb907b069524f2dc7ba62a0762850c) C:\Windows\system32\drivers\ccdcmb.sys
10:15:04.0068 4484        nmwcd - ok
10:15:04.0125 4484        nmwcdc          (2914ceb789964141ac6e22c6bc980c42) C:\Windows\system32\drivers\ccdcmbo.sys
10:15:04.0127 4484        nmwcdc - ok
10:15:04.0171 4484        Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
10:15:04.0173 4484        Npfs - ok
10:15:04.0192 4484        nsi            (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
10:15:04.0195 4484        nsi - ok
10:15:04.0217 4484        nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
10:15:04.0220 4484        nsiproxy - ok
10:15:04.0425 4484        Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
10:15:04.0467 4484        Ntfs - ok
10:15:04.0505 4484        ntrigdigi      (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
10:15:04.0516 4484        ntrigdigi - ok
10:15:04.0564 4484        Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
10:15:04.0566 4484        Null - ok
10:15:04.0631 4484        nvraid          (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
10:15:04.0636 4484        nvraid - ok
10:15:04.0684 4484        nvstor          (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
10:15:04.0686 4484        nvstor - ok
10:15:04.0722 4484        nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
10:15:04.0726 4484        nv_agp - ok
10:15:04.0733 4484        NwlnkFlt - ok
10:15:04.0742 4484        NwlnkFwd - ok
10:15:04.0943 4484        odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:15:04.0955 4484        odserv - ok
10:15:05.0056 4484        ohci1394        (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
10:15:05.0058 4484        ohci1394 - ok
10:15:05.0122 4484        ose            (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:15:05.0126 4484        ose - ok
10:15:05.0248 4484        p2pimsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:15:05.0271 4484        p2pimsvc - ok
10:15:05.0286 4484        p2psvc          (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:15:05.0309 4484        p2psvc - ok
10:15:05.0406 4484        Parport        (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
10:15:05.0409 4484        Parport - ok
10:15:05.0462 4484        partmgr        (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
10:15:05.0464 4484        partmgr - ok
10:15:05.0484 4484        Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
10:15:05.0485 4484        Parvdm - ok
10:15:05.0530 4484        PcaSvc          (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
10:15:05.0534 4484        PcaSvc - ok
10:15:05.0598 4484        pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
10:15:05.0600 4484        pccsmcfd - ok
10:15:05.0660 4484        pci            (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
10:15:05.0662 4484        pci - ok
10:15:05.0714 4484        pciide          (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
10:15:05.0715 4484        pciide - ok
10:15:05.0758 4484        pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
10:15:05.0763 4484        pcmcia - ok
10:15:05.0930 4484        PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
10:15:05.0971 4484        PEAUTH - ok
10:15:06.0193 4484        pla            (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
10:15:06.0230 4484        pla - ok
10:15:06.0460 4484        PlugPlay        (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
10:15:06.0467 4484        PlugPlay - ok
10:15:06.0577 4484        PNRPAutoReg    (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:15:06.0596 4484        PNRPAutoReg - ok
10:15:06.0608 4484        PNRPsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:15:06.0616 4484        PNRPsvc - ok
10:15:06.0707 4484        PolicyAgent    (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
10:15:06.0715 4484        PolicyAgent - ok
10:15:06.0787 4484        PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
10:15:06.0789 4484        PptpMiniport - ok
10:15:06.0825 4484        Processor      (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
10:15:06.0827 4484        Processor - ok
10:15:07.0076 4484        ProfSvc        (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
10:15:07.0083 4484        ProfSvc - ok
10:15:07.0124 4484        ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
10:15:07.0127 4484        ProtectedStorage - ok
10:15:07.0199 4484        PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
10:15:07.0207 4484        PSched - ok
10:15:07.0241 4484        PxHelp20        (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
10:15:07.0244 4484        PxHelp20 - ok
10:15:07.0550 4484        ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
10:15:07.0593 4484        ql2300 - ok
10:15:07.0624 4484        ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
10:15:07.0627 4484        ql40xx - ok
10:15:07.0675 4484        QWAVE          (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
10:15:07.0685 4484        QWAVE - ok
10:15:07.0733 4484        QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
10:15:07.0735 4484        QWAVEdrv - ok
10:15:07.0830 4484        RapiMgr        (70dbdab246c18b78e2200d6401d038be) C:\Windows\WindowsMobile\rapimgr.dll
10:15:07.0836 4484        RapiMgr - ok
10:15:07.0849 4484        RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
10:15:07.0851 4484        RasAcd - ok
10:15:07.0898 4484        RasAuto        (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
10:15:07.0905 4484        RasAuto - ok
10:15:07.0951 4484        Rasl2tp        (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:15:07.0955 4484        Rasl2tp - ok
10:15:08.0022 4484        RasMan          (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
10:15:08.0029 4484        RasMan - ok
10:15:08.0074 4484        RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
10:15:08.0077 4484        RasPppoe - ok
10:15:08.0101 4484        RasSstp        (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
10:15:08.0103 4484        RasSstp - ok
10:15:08.0169 4484        rdbss          (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
10:15:08.0176 4484        rdbss - ok
10:15:08.0215 4484        RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:15:08.0217 4484        RDPCDD - ok
10:15:08.0275 4484        rdpdr          (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
10:15:08.0282 4484        rdpdr - ok
10:15:08.0303 4484        RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
10:15:08.0305 4484        RDPENCDD - ok
10:15:08.0385 4484        RDPWD          (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
10:15:08.0391 4484        RDPWD - ok
10:15:08.0450 4484        RemoteAccess    (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
10:15:08.0455 4484        RemoteAccess - ok
10:15:08.0510 4484        RemoteRegistry  (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
10:15:08.0516 4484        RemoteRegistry - ok
10:15:08.0551 4484        RpcLocator      (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
10:15:08.0555 4484        RpcLocator - ok
10:15:08.0664 4484        RpcSs          (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
10:15:08.0673 4484        RpcSs - ok
10:15:08.0744 4484        rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
10:15:08.0746 4484        rspndr - ok
10:15:08.0804 4484        RTL8169        (8cca591019216e9523e3cb385ce643e6) C:\Windows\system32\DRIVERS\Rtlh86.sys
10:15:08.0806 4484        RTL8169 - ok
10:15:08.0892 4484        RTL8187B        (b71d269b9ab5417963e986126c12b9fc) C:\Windows\system32\DRIVERS\RTL8187B.sys
10:15:08.0895 4484        RTL8187B - ok
10:15:08.0951 4484        RtlProt        (0d60b8c10a2c5e8dd620b3fdeb1cda64) C:\Windows\system32\DRIVERS\rtlprot.sys
10:15:08.0953 4484        RtlProt - ok
10:15:08.0975 4484        SamSs          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
10:15:08.0978 4484        SamSs - ok
10:15:09.0032 4484        sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
10:15:09.0035 4484        sbp2port - ok
10:15:09.0121 4484        SCardSvr        (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
10:15:09.0127 4484        SCardSvr - ok
10:15:09.0248 4484        Schedule        (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
10:15:09.0267 4484        Schedule - ok
10:15:09.0310 4484        SCPolicySvc    (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
10:15:09.0311 4484        SCPolicySvc - ok
10:15:09.0379 4484        SDRSVC          (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
10:15:09.0386 4484        SDRSVC - ok
10:15:09.0410 4484        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
10:15:09.0411 4484        secdrv - ok
10:15:09.0436 4484        seclogon        (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
10:15:09.0440 4484        seclogon - ok
10:15:09.0462 4484        SENS            (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
10:15:09.0466 4484        SENS - ok
10:15:09.0514 4484        Sentinel        (3e7ff2405bcc1384d946dc45edc7ed61) C:\Windows\System32\Drivers\SENTINEL.SYS
10:15:09.0517 4484        Sentinel - ok
10:15:09.0578 4484        Serenum        (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
10:15:09.0580 4484        Serenum - ok
10:15:09.0621 4484        Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
10:15:09.0626 4484        Serial - ok
10:15:09.0659 4484        sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
10:15:09.0661 4484        sermouse - ok
10:15:09.0910 4484        ServiceLayer    (7d3903af48e6c1dc2704eafcb608d031) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
10:15:09.0927 4484        ServiceLayer - ok
10:15:10.0010 4484        SessionEnv      (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
10:15:10.0015 4484        SessionEnv - ok
10:15:10.0068 4484        sffdisk        (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
10:15:10.0070 4484        sffdisk - ok
10:15:10.0096 4484        sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
10:15:10.0098 4484        sffp_mmc - ok
10:15:10.0121 4484        sffp_sd        (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
10:15:10.0122 4484        sffp_sd - ok
10:15:10.0143 4484        sfloppy        (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
10:15:10.0145 4484        sfloppy - ok
10:15:10.0209 4484        SharedAccess    (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
10:15:10.0218 4484        SharedAccess - ok
10:15:10.0290 4484        ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
10:15:10.0299 4484        ShellHWDetection - ok
10:15:10.0399 4484        sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
10:15:10.0401 4484        sisagp - ok
10:15:10.0421 4484        SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
10:15:10.0423 4484        SiSRaid2 - ok
10:15:10.0455 4484        SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
10:15:10.0458 4484        SiSRaid4 - ok
10:15:10.0887 4484        slsvc          (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
10:15:11.0024 4484        slsvc - ok
10:15:11.0213 4484        SLUINotify      (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
10:15:11.0218 4484        SLUINotify - ok
10:15:11.0302 4484        Smb            (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
10:15:11.0304 4484        Smb - ok
10:15:11.0346 4484        SNMPTRAP        (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
10:15:11.0349 4484        SNMPTRAP - ok
10:15:11.0410 4484        spldr          (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
10:15:11.0412 4484        spldr - ok
10:15:11.0478 4484        Spooler        (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
10:15:11.0484 4484        Spooler - ok
10:15:11.0564 4484        srv            (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
10:15:11.0573 4484        srv - ok
10:15:11.0639 4484        srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
10:15:11.0644 4484        srv2 - ok
10:15:11.0675 4484        srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
10:15:11.0678 4484        srvnet - ok
10:15:11.0719 4484        SSDPSRV        (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
10:15:11.0723 4484        SSDPSRV - ok
10:15:11.0775 4484        ssmdrv          (5ec550b8952882ee856b862cf648522d) C:\Windows\system32\DRIVERS\ssmdrv.sys
10:15:11.0775 4484        ssmdrv - ok
10:15:11.0833 4484        SstpSvc        (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
10:15:11.0837 4484        SstpSvc - ok
10:15:11.0900 4484        StillCam        (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
10:15:11.0902 4484        StillCam - ok
10:15:11.0982 4484        stisvc          (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
10:15:11.0994 4484        stisvc - ok
10:15:12.0023 4484        swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
10:15:12.0025 4484        swenum - ok
10:15:12.0096 4484        swprv          (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
10:15:12.0107 4484        swprv - ok
10:15:12.0132 4484        Symc8xx        (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
10:15:12.0134 4484        Symc8xx - ok
10:15:12.0163 4484        Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
10:15:12.0166 4484        Sym_hi - ok
10:15:12.0192 4484        Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
10:15:12.0194 4484        Sym_u3 - ok
10:15:12.0254 4484        SynTP          (55f6e55cc2430ca8713387106fa79817) C:\Windows\system32\DRIVERS\SynTP.sys
10:15:12.0260 4484        SynTP - ok
10:15:12.0372 4484        SysMain        (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
10:15:12.0382 4484        SysMain - ok
10:15:12.0415 4484        TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
10:15:12.0419 4484        TabletInputService - ok
10:15:12.0487 4484        TapiSrv        (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
10:15:12.0493 4484        TapiSrv - ok
10:15:12.0538 4484        TBS            (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
10:15:12.0542 4484        TBS - ok
10:15:12.0671 4484        Tcpip          (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
10:15:12.0696 4484        Tcpip - ok
10:15:12.0723 4484        Tcpip6          (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
10:15:12.0732 4484        Tcpip6 - ok
10:15:12.0774 4484        tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
10:15:12.0776 4484        tcpipreg - ok
10:15:12.0822 4484        tdcmdpst        (1825bceb47bf41c5a9f0e44de82fc27a) C:\Windows\system32\DRIVERS\tdcmdpst.sys
10:15:12.0824 4484        tdcmdpst - ok
10:15:12.0866 4484        TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
10:15:12.0868 4484        TDPIPE - ok
10:15:12.0910 4484        TDTCP          (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
10:15:12.0912 4484        TDTCP - ok
10:15:12.0968 4484        tdx            (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
10:15:12.0972 4484        tdx - ok
10:15:13.0044 4484        TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
10:15:13.0047 4484        TermDD - ok
10:15:13.0144 4484        TermService    (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
10:15:13.0156 4484        TermService - ok
10:15:13.0234 4484        Themes          (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
10:15:13.0244 4484        Themes - ok
10:15:13.0293 4484        THREADORDER    (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
10:15:13.0297 4484        THREADORDER - ok
10:15:13.0451 4484        TNaviSrv        (e47f35a87ff0da38def37a0eb0c2d2df) C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
10:15:13.0453 4484        TNaviSrv - ok
10:15:13.0527 4484        TODDSrv        (c5ac715b65b01788abc22d10749dddd8) C:\Windows\system32\TODDSrv.exe
10:15:13.0531 4484        TODDSrv - ok
10:15:13.0651 4484        TosCoSrv        (da6903958cbdc091ffcbbca70ccff34c) c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
10:15:13.0662 4484        TosCoSrv - ok
10:15:13.0699 4484        TOSHIBA SMART Log Service (22690dffc7f2a18279a7a0489aa02bac) c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
10:15:13.0700 4484        TOSHIBA SMART Log Service - ok
10:15:13.0827 4484        tos_sps32      (1ea5f27c29405bf49799feca77186da9) C:\Windows\system32\DRIVERS\tos_sps32.sys
10:15:13.0836 4484        tos_sps32 - ok
10:15:13.0935 4484        TrkWks          (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
10:15:13.0939 4484        TrkWks - ok
10:15:13.0997 4484        TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
10:15:13.0999 4484        TrustedInstaller - ok
10:15:14.0048 4484        tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:15:14.0050 4484        tssecsrv - ok
10:15:14.0105 4484        tunmp          (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
10:15:14.0107 4484        tunmp - ok
10:15:14.0138 4484        tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
10:15:14.0140 4484        tunnel - ok
10:15:14.0183 4484        TVALZ          (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
10:15:14.0185 4484        TVALZ - ok
10:15:14.0227 4484        uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
10:15:14.0230 4484        uagp35 - ok
10:15:14.0295 4484        udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
10:15:14.0301 4484        udfs - ok
10:15:14.0371 4484        UI0Detect      (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
10:15:14.0376 4484        UI0Detect - ok
10:15:14.0490 4484        UleadBurningHelper (332d341d92b933600d41953b08360dfb) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
10:15:14.0493 4484        UleadBurningHelper - ok
10:15:14.0559 4484        uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
10:15:14.0562 4484        uliagpkx - ok
10:15:14.0640 4484        uliahci        (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
10:15:14.0655 4484        uliahci - ok
10:15:14.0688 4484        UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
10:15:14.0692 4484        UlSata - ok
10:15:14.0726 4484        ulsata2        (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
10:15:14.0731 4484        ulsata2 - ok
10:15:14.0748 4484        umbus          (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
10:15:14.0750 4484        umbus - ok
10:15:14.0809 4484        upnphost        (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
10:15:14.0820 4484        upnphost - ok
10:15:14.0941 4484        upperdev        (e526a166e6acafd0a9b3841d3941669e) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
10:15:14.0943 4484        upperdev - ok
10:15:14.0983 4484        USBAAPL        (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
10:15:14.0986 4484        USBAAPL - ok
10:15:15.0041 4484        usbccgp        (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
10:15:15.0044 4484        usbccgp - ok
10:15:15.0195 4484        usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
10:15:15.0198 4484        usbcir - ok
10:15:15.0233 4484        usbehci        (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
10:15:15.0234 4484        usbehci - ok
10:15:15.0318 4484        usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
10:15:15.0320 4484        usbhub - ok
10:15:15.0394 4484        usbohci        (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
10:15:15.0396 4484        usbohci - ok
10:15:15.0445 4484        usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
10:15:15.0447 4484        usbprint - ok
10:15:15.0494 4484        usbser          (d575246188f63de0accf6eac5fb59e6a) C:\Windows\system32\drivers\usbser.sys
10:15:15.0496 4484        usbser - ok
10:15:15.0547 4484        UsbserFilt      (6f3e3c6811b930d2414552a2e4a40f36) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
10:15:15.0549 4484        UsbserFilt - ok
10:15:15.0600 4484        USBSTOR        (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:15:15.0602 4484        USBSTOR - ok
10:15:15.0626 4484        usbuhci        (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
10:15:15.0627 4484        usbuhci - ok
10:15:15.0674 4484        usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
10:15:15.0679 4484        usbvideo - ok
10:15:15.0723 4484        UxSms          (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
10:15:15.0727 4484        UxSms - ok
10:15:15.0958 4484        vds            (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
10:15:15.0988 4484        vds - ok
10:15:16.0058 4484        vga            (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
10:15:16.0060 4484        vga - ok
10:15:16.0093 4484        VgaSave        (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
10:15:16.0095 4484        VgaSave - ok
10:15:16.0128 4484        viaagp          (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
10:15:16.0131 4484        viaagp - ok
10:15:16.0164 4484        ViaC7          (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
10:15:16.0166 4484        ViaC7 - ok
10:15:16.0206 4484        viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
10:15:16.0208 4484        viaide - ok
10:15:16.0246 4484        volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
10:15:16.0249 4484        volmgr - ok
10:15:16.0333 4484        volmgrx        (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
10:15:16.0343 4484        volmgrx - ok
10:15:16.0544 4484        volsnap        (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
10:15:16.0551 4484        volsnap - ok
10:15:16.0631 4484        vsmraid        (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
10:15:16.0636 4484        vsmraid - ok
10:15:16.0833 4484        VSS            (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
10:15:16.0878 4484        VSS - ok
10:15:16.0958 4484        W32Time        (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
10:15:16.0965 4484        W32Time - ok
10:15:17.0060 4484        WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
10:15:17.0062 4484        WacomPen - ok
10:15:17.0099 4484        Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:15:17.0102 4484        Wanarp - ok
10:15:17.0109 4484        Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:15:17.0110 4484        Wanarpv6 - ok
10:15:17.0292 4484        WcesComm        (779f9c90d3fe9c70b6ffd8ef035f3e83) C:\Windows\WindowsMobile\wcescomm.dll
10:15:17.0295 4484        WcesComm - ok
10:15:17.0455 4484        wcncsvc        (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
10:15:17.0463 4484        wcncsvc - ok
10:15:17.0505 4484        WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
10:15:17.0510 4484        WcsPlugInService - ok
10:15:17.0561 4484        Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
10:15:17.0563 4484        Wd - ok
10:15:17.0653 4484        Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
10:15:17.0717 4484        Wdf01000 - ok
10:15:17.0753 4484        WdiServiceHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
10:15:17.0758 4484        WdiServiceHost - ok
10:15:17.0764 4484        WdiSystemHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
10:15:17.0769 4484        WdiSystemHost - ok
10:15:17.0838 4484        WebClient      (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
10:15:17.0844 4484        WebClient - ok
10:15:17.0936 4484        Wecsvc          (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
10:15:17.0942 4484        Wecsvc - ok
10:15:17.0973 4484        wercplsupport  (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
10:15:17.0977 4484        wercplsupport - ok
10:15:18.0040 4484        WerSvc          (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
10:15:18.0046 4484        WerSvc - ok
10:15:18.0173 4484        winachsf        (0acd399f5db3df1b58903cf4949ab5a8) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
10:15:18.0194 4484        winachsf - ok
10:15:18.0331 4484        WinDefend      (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
10:15:18.0340 4484        WinDefend - ok
10:15:18.0351 4484        WinHttpAutoProxySvc - ok
10:15:18.0475 4484        Winmgmt        (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
10:15:18.0480 4484        Winmgmt - ok
10:15:18.0663 4484        WinRM          (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
10:15:18.0750 4484        WinRM - ok
10:15:18.0836 4484        winusb          (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\winusb.sys
10:15:18.0838 4484        winusb - ok
10:15:18.0972 4484        Wlansvc        (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
10:15:18.0986 4484        Wlansvc - ok
10:15:19.0020 4484        WmiAcpi        (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
10:15:19.0021 4484        WmiAcpi - ok
10:15:19.0123 4484        wmiApSrv        (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
10:15:19.0127 4484        wmiApSrv - ok
10:15:19.0305 4484        WMPNetworkSvc  (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
10:15:19.0330 4484        WMPNetworkSvc - ok
10:15:19.0375 4484        WPCSvc          (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
10:15:19.0383 4484        WPCSvc - ok
10:15:19.0429 4484        WPDBusEnum      (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
10:15:19.0434 4484        WPDBusEnum - ok
10:15:19.0523 4484        WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
10:15:19.0525 4484        WpdUsb - ok
10:15:19.0772 4484        WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:15:19.0786 4484        WPFFontCache_v0400 - ok
10:15:19.0832 4484        ws2ifsl        (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
10:15:19.0834 4484        ws2ifsl - ok
10:15:19.0886 4484        wscsvc          (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
10:15:19.0890 4484        wscsvc - ok
10:15:19.0896 4484        WSearch - ok
10:15:20.0189 4484        wuauserv        (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
10:15:20.0239 4484        wuauserv - ok
10:15:20.0469 4484        WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:15:20.0473 4484        WUDFRd - ok
10:15:20.0514 4484        wudfsvc        (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
10:15:20.0520 4484        wudfsvc - ok
10:15:20.0565 4484        XAudio          (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
10:15:20.0567 4484        XAudio - ok
10:15:20.0626 4484        XAudioService  (cd5f291a1161f15896d1a4d63daff5df) C:\Windows\system32\DRIVERS\xaudio.exe
10:15:20.0636 4484        XAudioService - ok
10:15:20.0662 4484        MBR (0x1B8)    (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
10:15:21.0273 4484        \Device\Harddisk0\DR0 - ok
10:15:21.0301 4484        Boot (0x1200)  (5b866a4e6efaa7e6d1850002eab3cd36) \Device\Harddisk0\DR0\Partition0
10:15:21.0303 4484        \Device\Harddisk0\DR0\Partition0 - ok
10:15:21.0345 4484        Boot (0x1200)  (818809706242e615ac0accde8c6aab08) \Device\Harddisk0\DR0\Partition1
10:15:21.0347 4484        \Device\Harddisk0\DR0\Partition1 - ok
10:15:21.0348 4484        ============================================================
10:15:21.0348 4484        Scan finished
10:15:21.0348 4484        ============================================================
10:15:21.0370 4880        Detected object count: 0
10:15:21.0370 4880        Actual detected object count: 0
10:20:45.0878 5872        ============================================================
10:20:45.0878 5872        Scan started
10:20:45.0878 5872        Mode: Manual; SigCheck; TDLFS;
10:20:45.0878 5872        ============================================================
10:20:46.0107 5872        ACEDRV06        (44010948bde6ade50dd1386657c73e83) C:\Windows\system32\drivers\ACEDRV06.sys
10:20:46.0267 5872        ACEDRV06 ( UnsignedFile.Multi.Generic ) - warning
10:20:46.0268 5872        ACEDRV06 - detected UnsignedFile.Multi.Generic (1)
10:20:46.0330 5872        ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
10:20:46.0402 5872        ACPI - ok
10:20:46.0507 5872        AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:20:46.0523 5872        AdobeFlashPlayerUpdateSvc - ok
10:20:46.0604 5872        adp94xx        (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
10:20:46.0632 5872        adp94xx - ok
10:20:46.0693 5872        adpahci        (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
10:20:46.0712 5872        adpahci - ok
10:20:46.0751 5872        adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
10:20:46.0768 5872        adpu160m - ok
10:20:46.0812 5872        adpu320        (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
10:20:46.0829 5872        adpu320 - ok
10:20:46.0884 5872        AeLookupSvc    (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
10:20:47.0069 5872        AeLookupSvc - ok
10:20:47.0155 5872        AFD            (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
10:20:47.0248 5872        AFD - ok
10:20:47.0291 5872        agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
10:20:47.0310 5872        agp440 - ok
10:20:47.0343 5872        aic78xx        (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
10:20:47.0364 5872        aic78xx - ok
10:20:47.0424 5872        ALG            (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
10:20:47.0671 5872        ALG - ok
10:20:47.0698 5872        aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
10:20:47.0722 5872        aliide - ok
10:20:47.0779 5872        amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
10:20:47.0793 5872        amdagp - ok
10:20:47.0822 5872        amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
10:20:47.0838 5872        amdide - ok
10:20:47.0862 5872        AmdK7          (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
10:20:47.0911 5872        AmdK7 - ok
10:20:47.0934 5872        AmdK8          (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
10:20:47.0983 5872        AmdK8 - ok
10:20:48.0142 5872        AntiVirSchedulerService (9015bc03f62940527ec92d45ee89e46f) C:\Program Files\Avira\AntiVir Desktop\sched.exe
10:20:48.0169 5872        AntiVirSchedulerService ( UnsignedFile.Multi.Generic ) - warning
10:20:48.0169 5872        AntiVirSchedulerService - detected UnsignedFile.Multi.Generic (1)
10:20:48.0219 5872        AntiVirService  (b8720a787c1223492e6f319465e996ce) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
10:20:48.0242 5872        AntiVirService ( UnsignedFile.Multi.Generic ) - warning
10:20:48.0243 5872        AntiVirService - detected UnsignedFile.Multi.Generic (1)
10:20:48.0288 5872        Appinfo        (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
10:20:48.0354 5872        Appinfo - ok
10:20:48.0523 5872        Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:20:48.0539 5872        Apple Mobile Device - ok
10:20:48.0573 5872        arc            (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
10:20:48.0593 5872        arc - ok
10:20:48.0629 5872        arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
10:20:48.0646 5872        arcsas - ok
10:20:48.0661 5872        AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
10:20:48.0712 5872        AsyncMac - ok
10:20:48.0750 5872        atapi          (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
10:20:48.0766 5872        atapi - ok
10:20:48.0844 5872        AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
10:20:48.0889 5872        AudioEndpointBuilder - ok
10:20:48.0898 5872        Audiosrv        (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
10:20:48.0925 5872        Audiosrv - ok
10:20:48.0954 5872        avgio          (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
10:20:48.0973 5872        avgio - ok
10:20:49.0027 5872        avgntflt        (14fe36d8f2c6a2435275338d061a0b66) C:\Windows\system32\DRIVERS\avgntflt.sys
10:20:49.0061 5872        avgntflt - ok
10:20:49.0095 5872        avipbb          (6d52060b59e7d79cd2a044b6add1f1ef) C:\Windows\system32\DRIVERS\avipbb.sys
10:20:49.0106 5872        avipbb - ok
10:20:49.0132 5872        Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
10:20:49.0213 5872        Beep - ok
10:20:49.0284 5872        BFE            (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
10:20:49.0354 5872        BFE - ok
10:20:49.0470 5872        BITS            (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
10:20:49.0567 5872        BITS - ok
10:20:49.0608 5872        blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
10:20:49.0655 5872        blbdrive - ok
10:20:49.0800 5872        Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
10:20:49.0833 5872        Bonjour Service - ok
10:20:49.0897 5872        bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
10:20:49.0986 5872        bowser - ok
10:20:50.0033 5872        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
10:20:50.0087 5872        BrFiltLo - ok
10:20:50.0102 5872        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
10:20:50.0150 5872        BrFiltUp - ok
10:20:50.0219 5872        Browser        (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
10:20:50.0269 5872        Browser - ok
10:20:50.0295 5872        Brserid        (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
10:20:50.0557 5872        Brserid - ok
10:20:50.0616 5872        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
10:20:50.0683 5872        BrSerWdm - ok
10:20:50.0714 5872        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
10:20:50.0786 5872        BrUsbMdm - ok
10:20:50.0868 5872        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
10:20:50.0977 5872        BrUsbSer - ok
10:20:51.0015 5872        BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
10:20:51.0094 5872        BTHMODEM - ok
10:20:51.0136 5872        cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
10:20:51.0182 5872        cdfs - ok
10:20:51.0223 5872        cdrom          (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
10:20:51.0246 5872        cdrom - ok
10:20:51.0298 5872        CertPropSvc    (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
10:20:51.0386 5872        CertPropSvc - ok
10:20:51.0408 5872        circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
10:20:51.0458 5872        circlass - ok
10:20:51.0525 5872        CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
10:20:51.0548 5872        CLFS - ok
10:20:51.0633 5872        clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:20:51.0649 5872        clr_optimization_v2.0.50727_32 - ok
10:20:51.0771 5872        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:20:51.0794 5872        clr_optimization_v4.0.30319_32 - ok
10:20:51.0911 5872        CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
10:20:52.0005 5872        CmBatt - ok
10:20:52.0090 5872        cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
10:20:52.0118 5872        cmdide - ok
10:20:52.0147 5872        Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
10:20:52.0162 5872        Compbatt - ok
10:20:52.0172 5872        COMSysApp - ok
10:20:52.0364 5872        ConfigFree Service (596e452b5152ec9afe8153d296459d2b) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
10:20:52.0405 5872        ConfigFree Service ( UnsignedFile.Multi.Generic ) - warning
10:20:52.0405 5872        ConfigFree Service - detected UnsignedFile.Multi.Generic (1)
10:20:52.0440 5872        crcdisk        (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
10:20:52.0454 5872        crcdisk - ok
10:20:52.0514 5872        Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
10:20:52.0573 5872        Crusoe - ok
10:20:52.0643 5872        CryptSvc        (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
10:20:52.0725 5872        CryptSvc - ok
10:20:52.0850 5872        DcomLaunch      (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
10:20:52.0921 5872        DcomLaunch - ok
10:20:52.0971 5872        DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
10:20:53.0031 5872        DfsC - ok
10:20:53.0298 5872        DFSR            (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
10:20:53.0443 5872        DFSR - ok
10:20:53.0617 5872        Dhcp            (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
10:20:53.0661 5872        Dhcp - ok
10:20:53.0729 5872        disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
10:20:53.0751 5872        disk - ok
10:20:53.0818 5872        Dnscache        (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
10:20:53.0867 5872        Dnscache - ok
10:20:53.0929 5872        dot3svc        (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
10:20:54.0017 5872        dot3svc - ok
10:20:54.0086 5872        DPS            (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
10:20:54.0116 5872        DPS - ok
10:20:54.0154 5872        drmkaud        (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
10:20:54.0176 5872        drmkaud - ok
10:20:54.0282 5872        DXGKrnl        (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
10:20:54.0315 5872        DXGKrnl - ok
10:20:54.0349 5872        E1G60          (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
10:20:54.0427 5872        E1G60 - ok
10:20:54.0459 5872        EapHost        (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
10:20:54.0511 5872        EapHost - ok
10:20:54.0557 5872        Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
10:20:54.0576 5872        Ecache - ok
10:20:54.0651 5872        elxstor        (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
10:20:54.0678 5872        elxstor - ok
10:20:54.0781 5872        EMDMgmt        (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
10:20:54.0861 5872        EMDMgmt - ok
10:20:54.0885 5872        ErrDev          (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
10:20:54.0923 5872        ErrDev - ok
10:20:55.0015 5872        EventSystem    (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
10:20:55.0063 5872        EventSystem - ok
10:20:55.0115 5872        exfat          (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
10:20:55.0202 5872        exfat - ok
10:20:55.0254 5872        fastfat        (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
10:20:55.0296 5872        fastfat - ok
10:20:55.0331 5872        fdc            (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
10:20:55.0404 5872        fdc - ok
10:20:55.0515 5872        fdPHost        (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
10:20:55.0550 5872        fdPHost - ok
10:20:55.0573 5872        FDResPub        (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
10:20:55.0639 5872        FDResPub - ok
10:20:55.0686 5872        FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
10:20:55.0706 5872        FileInfo - ok
10:20:55.0738 5872        Filetrace      (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
10:20:55.0818 5872        Filetrace - ok
10:20:56.0172 5872        FirebirdServerMAGIXInstance (167d24a045499ebef438f231976158df) C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
10:20:56.0365 5872        FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
10:20:56.0366 5872        FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
10:20:56.0687 5872        flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
10:20:56.0753 5872        flpydisk - ok
10:20:56.0819 5872        FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
10:20:56.0842 5872        FltMgr - ok
10:20:56.0992 5872        FontCache      (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
10:20:57.0125 5872        FontCache - ok
10:20:57.0252 5872        FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:20:57.0266 5872        FontCache3.0.0.0 - ok
10:20:57.0317 5872        Fs_Rec          (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
10:20:57.0367 5872        Fs_Rec - ok
10:20:57.0401 5872        FwLnk          (cbc22823628544735625b280665e434e) C:\Windows\system32\DRIVERS\FwLnk.sys
10:20:57.0483 5872        FwLnk - ok
10:20:57.0518 5872        gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
10:20:57.0538 5872        gagp30kx - ok
10:20:57.0586 5872        GEARAspiWDM    (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:20:57.0601 5872        GEARAspiWDM - ok
10:20:57.0751 5872        GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
10:20:57.0762 5872        GoogleDesktopManager-051210-111108 - ok
10:20:57.0879 5872        gpsvc          (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
10:20:57.0951 5872        gpsvc - ok
10:20:58.0012 5872        gupdate        (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
10:20:58.0047 5872        gupdate - ok
10:20:58.0059 5872        gupdatem        (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
10:20:58.0075 5872        gupdatem - ok
10:20:58.0146 5872        gusvc          (751c1d2ca2abf4a9f5a6b8d7d45b907c) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
10:20:58.0162 5872        gusvc - ok
10:20:58.0227 5872        HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
10:20:58.0299 5872        HdAudAddService - ok
10:20:58.0405 5872        HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
10:20:58.0489 5872        HDAudBus - ok
10:20:58.0535 5872        HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
10:20:58.0618 5872        HidBth - ok
10:20:58.0662 5872        HidIr          (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
10:20:58.0715 5872        HidIr - ok
10:20:58.0804 5872        hidserv        (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
10:20:58.0858 5872        hidserv - ok
10:20:58.0913 5872        HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
10:20:58.0947 5872        HidUsb - ok
10:20:59.0034 5872        hkmsvc          (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
10:20:59.0103 5872        hkmsvc - ok
10:20:59.0156 5872        HpCISSs        (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
10:20:59.0171 5872        HpCISSs - ok
10:20:59.0400 5872        HSFHWAZL        (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
10:20:59.0465 5872        HSFHWAZL - ok
10:20:59.0642 5872        HSF_DPV        (cc267848cb3508e72762be65734e764d) C:\Windows\system32\DRIVERS\HSX_DPV.sys
10:20:59.0832 5872        HSF_DPV - ok
10:20:59.0938 5872        HSXHWAZL        (a2882945cc4b6e3e4e9e825590438888) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
10:20:59.0973 5872        HSXHWAZL - ok
10:21:00.0180 5872        HTTP            (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
10:21:00.0312 5872        HTTP - ok
10:21:00.0376 5872        hwdatacard      (19e6885a061011d8dabe8f64498423fa) C:\Windows\system32\DRIVERS\ewusbmdm.sys
10:21:00.0437 5872        hwdatacard - ok
10:21:00.0469 5872        i2omp          (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
10:21:00.0488 5872        i2omp - ok
10:21:00.0513 5872        i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
10:21:00.0556 5872        i8042prt - ok
10:21:00.0622 5872        iaStor          (e5a0034847537eaee3c00349d5c34c5f) C:\Windows\system32\DRIVERS\iaStor.sys
10:21:00.0640 5872        iaStor - ok
10:21:00.0709 5872        iaStorV        (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
10:21:00.0727 5872        iaStorV - ok
10:21:00.0910 5872        IDriverT        (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
10:21:00.0960 5872        IDriverT ( UnsignedFile.Multi.Generic ) - warning
10:21:00.0960 5872        IDriverT - detected UnsignedFile.Multi.Generic (1)
10:21:01.0317 5872        idsvc          (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:21:01.0364 5872        idsvc - ok
10:21:01.0663 5872        igfx            (038815297078d236d8cc064c295a74c6) C:\Windows\system32\DRIVERS\igdkmd32.sys
10:21:02.0116 5872        igfx - ok
10:21:02.0461 5872        iirsp          (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
10:21:02.0477 5872        iirsp - ok
10:21:02.0575 5872        IKEEXT          (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
10:21:02.0751 5872        IKEEXT - ok
10:21:03.0137 5872        IntcAzAudAddService (8a4341616976e47712b60f18c7049dcc) C:\Windows\system32\drivers\RTKVHDA.sys
10:21:03.0239 5872        IntcAzAudAddService - ok
10:21:03.0811 5872        intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
10:21:03.0828 5872        intelide - ok
10:21:03.0867 5872        intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
10:21:03.0952 5872        intelppm - ok
10:21:04.0024 5872        IPBusEnum      (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
10:21:04.0064 5872        IPBusEnum - ok
10:21:04.0175 5872        IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:21:04.0258 5872        IpFilterDriver - ok
10:21:04.0325 5872        iphlpsvc        (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
10:21:04.0389 5872        iphlpsvc - ok
10:21:04.0396 5872        IpInIp - ok
10:21:04.0451 5872        IPMIDRV        (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
10:21:04.0503 5872        IPMIDRV - ok
10:21:04.0545 5872        IPNAT          (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
10:21:04.0582 5872        IPNAT - ok
10:21:04.0803 5872        iPod Service    (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
10:21:04.0898 5872        iPod Service - ok
10:21:04.0978 5872        IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
10:21:05.0040 5872        IRENUM - ok
10:21:05.0068 5872        isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
10:21:05.0089 5872        isapnp - ok
10:21:05.0291 5872        iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
10:21:05.0309 5872        iScsiPrt - ok
10:21:05.0381 5872        iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
10:21:05.0396 5872        iteatapi - ok
10:21:05.0465 5872        iteraid        (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
10:21:05.0479 5872        iteraid - ok
10:21:05.0529 5872        kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
10:21:05.0545 5872        kbdclass - ok
10:21:05.0584 5872        kbdhid          (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
10:21:05.0621 5872        kbdhid - ok
10:21:05.0666 5872        KeyIso          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
10:21:05.0752 5872        KeyIso - ok
10:21:05.0851 5872        KSecDD          (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
10:21:05.0892 5872        KSecDD - ok
10:21:05.0969 5872        KtmRm          (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
10:21:06.0088 5872        KtmRm - ok
10:21:06.0152 5872        LanmanServer    (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
10:21:06.0248 5872        LanmanServer - ok
10:21:06.0296 5872        LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
10:21:06.0369 5872        LanmanWorkstation - ok
10:21:06.0400 5872        lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
10:21:06.0453 5872        lltdio - ok
10:21:06.0511 5872        lltdsvc        (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
10:21:06.0568 5872        lltdsvc - ok
10:21:06.0589 5872        lmhosts        (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
10:21:06.0667 5872        lmhosts - ok
10:21:06.0700 5872        LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
10:21:06.0718 5872        LSI_FC - ok
10:21:06.0800 5872        LSI_SAS        (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
10:21:06.0818 5872        LSI_SAS - ok
10:21:06.0856 5872        LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
10:21:06.0873 5872        LSI_SCSI - ok
10:21:06.0906 5872        luafv          (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
10:21:06.0950 5872        luafv - ok
10:21:06.0986 5872        MBAMProtector  (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
10:21:07.0008 5872        MBAMProtector - ok
10:21:07.0176 5872        MBAMService    (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
10:21:07.0222 5872        MBAMService - ok
10:21:07.0354 5872        McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
10:21:07.0376 5872        McComponentHostService - ok
10:21:07.0422 5872        mdmxsdk        (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
10:21:07.0458 5872        mdmxsdk - ok
10:21:07.0497 5872        megasas        (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
10:21:07.0519 5872        megasas - ok
10:21:07.0589 5872        MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
10:21:07.0627 5872        MegaSR - ok
10:21:07.0684 5872        MMCSS          (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
10:21:07.0743 5872        MMCSS - ok
10:21:07.0767 5872        Modem          (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
10:21:07.0827 5872        Modem - ok
10:21:07.0852 5872        monitor        (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
10:21:07.0896 5872        monitor - ok
10:21:07.0939 5872        mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
10:21:07.0954 5872        mouclass - ok
10:21:07.0970 5872        mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
10:21:08.0009 5872        mouhid - ok
10:21:08.0035 5872        MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
10:21:08.0051 5872        MountMgr - ok
10:21:08.0110 5872        MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:21:08.0127 5872        MozillaMaintenance - ok
10:21:08.0163 5872        mpio            (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
10:21:08.0180 5872        mpio - ok
10:21:08.0213 5872        mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
10:21:08.0238 5872        mpsdrv - ok
10:21:08.0323 5872        MpsSvc          (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
10:21:08.0383 5872        MpsSvc - ok
10:21:08.0447 5872        Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
10:21:08.0464 5872        Mraid35x - ok
10:21:08.0530 5872        MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
10:21:08.0582 5872        MRxDAV - ok
10:21:08.0638 5872        mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:21:08.0697 5872        mrxsmb - ok
10:21:08.0755 5872        mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:21:08.0793 5872        mrxsmb10 - ok
10:21:08.0815 5872        mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:21:08.0836 5872        mrxsmb20 - ok
10:21:08.0869 5872        msahci          (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
10:21:08.0887 5872        msahci - ok
10:21:08.0926 5872        msdsm          (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
10:21:08.0946 5872        msdsm - ok
10:21:09.0025 5872        MSDTC          (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
10:21:09.0087 5872        MSDTC - ok
10:21:09.0130 5872        Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
10:21:09.0183 5872        Msfs - ok
10:21:09.0206 5872        msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
10:21:09.0227 5872        msisadrv - ok
10:21:09.0263 5872        MSiSCSI        (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
10:21:09.0324 5872        MSiSCSI - ok
10:21:09.0331 5872        msiserver - ok
10:21:09.0373 5872        MSKSSRV        (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
10:21:09.0429 5872        MSKSSRV - ok
10:21:09.0455 5872        MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
10:21:09.0509 5872        MSPCLOCK - ok
10:21:09.0529 5872        MSPQM          (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
10:21:09.0591 5872        MSPQM - ok
10:21:09.0650 5872        MsRPC          (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
10:21:09.0678 5872        MsRPC - ok
10:21:09.0707 5872        mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
10:21:09.0730 5872        mssmbios - ok
10:21:09.0752 5872        MSTEE          (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
10:21:09.0815 5872        MSTEE - ok
10:21:09.0839 5872        Mup            (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
10:21:09.0861 5872        Mup - ok
10:21:09.0935 5872        napagent        (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
10:21:09.0963 5872        napagent - ok
10:21:10.0038 5872        NativeWifiP    (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
10:21:10.0103 5872        NativeWifiP - ok
10:21:10.0206 5872        NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
10:21:10.0277 5872        NDIS - ok
10:21:10.0360 5872        NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
10:21:10.0403 5872        NdisTapi - ok
10:21:10.0428 5872        Ndisuio        (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
10:21:10.0477 5872        Ndisuio - ok
10:21:10.0539 5872        NdisWan        (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
10:21:10.0566 5872        NdisWan - ok
10:21:10.0590 5872        NDProxy        (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
10:21:10.0634 5872        NDProxy - ok
10:21:10.0660 5872        NetBIOS        (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
10:21:10.0690 5872        NetBIOS - ok
10:21:10.0757 5872        netbt          (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
10:21:10.0802 5872        netbt - ok
10:21:10.0852 5872        Netlogon        (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
10:21:10.0867 5872        Netlogon - ok
10:21:10.0925 5872        Netman          (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
10:21:10.0968 5872        Netman - ok
10:21:11.0034 5872        netprofm        (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
10:21:11.0073 5872        netprofm - ok
10:21:11.0168 5872        NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:21:11.0187 5872        NetTcpPortSharing - ok
10:21:11.0495 5872        NETw3v32        (35d5458d9a1b26b2005abffbf4c1c5e7) C:\Windows\system32\DRIVERS\NETw3v32.sys
10:21:11.0768 5872        NETw3v32 - ok
10:21:11.0947 5872        nfrd960        (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
10:21:11.0970 5872        nfrd960 - ok
10:21:12.0035 5872        NlaSvc          (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
10:21:12.0091 5872        NlaSvc - ok
10:21:12.0126 5872        nmwcd          (48fb907b069524f2dc7ba62a0762850c) C:\Windows\system32\drivers\ccdcmb.sys
10:21:12.0195 5872        nmwcd - ok
10:21:12.0241 5872        nmwcdc          (2914ceb789964141ac6e22c6bc980c42) C:\Windows\system32\drivers\ccdcmbo.sys
10:21:12.0294 5872        nmwcdc - ok
10:21:12.0344 5872        Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
10:21:12.0367 5872        Npfs - ok
10:21:12.0394 5872        nsi            (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
10:21:12.0440 5872        nsi - ok
10:21:12.0464 5872        nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
10:21:12.0507 5872        nsiproxy - ok
10:21:12.0677 5872        Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
10:21:12.0821 5872        Ntfs - ok
10:21:12.0878 5872        ntrigdigi      (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
10:21:12.0956 5872        ntrigdigi - ok
10:21:12.0973 5872        Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
10:21:13.0043 5872        Null - ok
10:21:13.0094 5872        nvraid          (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
10:21:13.0112 5872        nvraid - ok
10:21:13.0143 5872        nvstor          (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
10:21:13.0159 5872        nvstor - ok
10:21:13.0195 5872        nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
10:21:13.0214 5872        nv_agp - ok
10:21:13.0225 5872        NwlnkFlt - ok
10:21:13.0234 5872        NwlnkFwd - ok
10:21:13.0407 5872        odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:21:13.0439 5872        odserv - ok
10:21:13.0486 5872        ohci1394        (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
10:21:13.0553 5872        ohci1394 - ok
10:21:13.0623 5872        ose            (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:21:13.0640 5872        ose - ok
10:21:13.0763 5872        p2pimsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:21:13.0988 5872        p2pimsvc - ok
10:21:14.0002 5872        p2psvc          (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:21:14.0062 5872        p2psvc - ok
10:21:14.0122 5872        Parport        (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
10:21:14.0204 5872        Parport - ok
10:21:14.0252 5872        partmgr        (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
10:21:14.0271 5872        partmgr - ok
10:21:14.0301 5872        Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
10:21:14.0377 5872        Parvdm - ok
10:21:14.0418 5872        PcaSvc          (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
10:21:14.0485 5872        PcaSvc - ok
10:21:14.0528 5872        pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
10:21:14.0586 5872        pccsmcfd - ok
10:21:14.0634 5872        pci            (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
10:21:14.0660 5872        pci - ok
10:21:14.0715 5872        pciide          (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
10:21:14.0735 5872        pciide - ok
10:21:14.0773 5872        pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
10:21:14.0793 5872        pcmcia - ok
10:21:14.0920 5872        PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
10:21:15.0097 5872        PEAUTH - ok
10:21:15.0354 5872        pla            (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
10:21:15.0443 5872        pla - ok
10:21:15.0634 5872        PlugPlay        (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
10:21:15.0682 5872        PlugPlay - ok
10:21:15.0791 5872        PNRPAutoReg    (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:21:15.0863 5872        PNRPAutoReg - ok
10:21:15.0876 5872        PNRPsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:21:15.0920 5872        PNRPsvc - ok
10:21:15.0995 5872        PolicyAgent    (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
10:21:16.0090 5872        PolicyAgent - ok
10:21:16.0160 5872        PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
10:21:16.0204 5872        PptpMiniport - ok
10:21:16.0241 5872        Processor      (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
10:21:16.0272 5872        Processor - ok
10:21:16.0333 5872        ProfSvc        (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
10:21:16.0377 5872        ProfSvc - ok
10:21:16.0406 5872        ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
10:21:16.0424 5872        ProtectedStorage - ok
10:21:16.0472 5872        PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
10:21:16.0504 5872        PSched - ok
10:21:16.0527 5872        PxHelp20        (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
10:21:16.0540 5872        PxHelp20 - ok
10:21:16.0699 5872        ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
10:21:16.0862 5872        ql2300 - ok
10:21:16.0969 5872        ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
10:21:16.0991 5872        ql40xx - ok
10:21:17.0053 5872        QWAVE          (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
10:21:17.0106 5872        QWAVE - ok
10:21:17.0135 5872        QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
10:21:17.0151 5872        QWAVEdrv - ok
10:21:17.0232 5872        RapiMgr        (70dbdab246c18b78e2200d6401d038be) C:\Windows\WindowsMobile\rapimgr.dll
10:21:17.0266 5872        RapiMgr - ok
10:21:17.0279 5872        RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
10:21:17.0331 5872        RasAcd - ok
10:21:17.0370 5872        RasAuto        (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
10:21:17.0417 5872        RasAuto - ok
10:21:17.0453 5872        Rasl2tp        (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:21:17.0500 5872        Rasl2tp - ok
10:21:17.0566 5872        RasMan          (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
10:21:17.0599 5872        RasMan - ok
10:21:17.0647 5872        RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
10:21:17.0691 5872        RasPppoe - ok
10:21:17.0717 5872        RasSstp        (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
10:21:17.0737 5872        RasSstp - ok
10:21:17.0799 5872        rdbss          (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
10:21:17.0849 5872        rdbss - ok
10:21:17.0888 5872        RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:21:17.0920 5872        RDPCDD - ok
10:21:17.0975 5872        rdpdr          (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
10:21:18.0017 5872        rdpdr - ok
10:21:18.0026 5872        RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
10:21:18.0075 5872        RDPENCDD - ok
10:21:18.0143 5872        RDPWD          (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
10:21:18.0213 5872        RDPWD - ok
10:21:18.0266 5872        RemoteAccess    (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
10:21:18.0321 5872        RemoteAccess - ok
10:21:18.0369 5872        RemoteRegistry  (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
10:21:18.0425 5872        RemoteRegistry - ok
10:21:18.0467 5872        RpcLocator      (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
10:21:18.0547 5872        RpcLocator - ok
10:21:18.0657 5872        RpcSs          (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
10:21:18.0703 5872        RpcSs - ok
10:21:18.0746 5872        rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
10:21:18.0810 5872        rspndr - ok
10:21:18.0863 5872        RTL8169        (8cca591019216e9523e3cb385ce643e6) C:\Windows\system32\DRIVERS\Rtlh86.sys
10:21:18.0927 5872        RTL8169 - ok
10:21:19.0032 5872        RTL8187B        (b71d269b9ab5417963e986126c12b9fc) C:\Windows\system32\DRIVERS\RTL8187B.sys
10:21:19.0103 5872        RTL8187B - ok
10:21:19.0153 5872        RtlProt        (0d60b8c10a2c5e8dd620b3fdeb1cda64) C:\Windows\system32\DRIVERS\rtlprot.sys
10:21:19.0172 5872        RtlProt - ok
10:21:19.0206 5872        SamSs          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
10:21:19.0228 5872        SamSs - ok
10:21:19.0291 5872        sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
10:21:19.0313 5872        sbp2port - ok
10:21:19.0365 5872        SCardSvr        (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
10:21:19.0401 5872        SCardSvr - ok
10:21:19.0548 5872        Schedule        (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
10:21:19.0741 5872        Schedule - ok
10:21:19.0783 5872        SCPolicySvc    (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
10:21:19.0809 5872        SCPolicySvc - ok
10:21:19.0866 5872        SDRSVC          (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
10:21:19.0895 5872        SDRSVC - ok
10:21:19.0911 5872        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
10:21:19.0968 5872        secdrv - ok
10:21:20.0009 5872        seclogon        (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
10:21:20.0062 5872        seclogon - ok
10:21:20.0106 5872        SENS            (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
10:21:20.0144 5872        SENS - ok
10:21:20.0187 5872        Sentinel        (3e7ff2405bcc1384d946dc45edc7ed61) C:\Windows\System32\Drivers\SENTINEL.SYS
10:21:20.0212 5872        Sentinel ( UnsignedFile.Multi.Generic ) - warning
10:21:20.0212 5872        Sentinel - detected UnsignedFile.Multi.Generic (1)
10:21:20.0251 5872        Serenum        (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
10:21:20.0302 5872        Serenum - ok
10:21:20.0340 5872        Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
10:21:20.0409 5872        Serial - ok
10:21:20.0446 5872        sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
10:21:20.0475 5872        sermouse - ok
10:21:20.0651 5872        ServiceLayer    (7d3903af48e6c1dc2704eafcb608d031) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
10:21:20.0771 5872        ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
10:21:20.0771 5872        ServiceLayer - detected UnsignedFile.Multi.Generic (1)
10:21:20.0825 5872        SessionEnv      (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
10:21:20.0863 5872        SessionEnv - ok
10:21:20.0927 5872        sffdisk        (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
10:21:20.0959 5872        sffdisk - ok
10:21:20.0983 5872        sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
10:21:21.0048 5872        sffp_mmc - ok
10:21:21.0065 5872        sffp_sd        (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
10:21:21.0113 5872        sffp_sd - ok
10:21:21.0130 5872        sfloppy        (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
10:21:21.0181 5872        sfloppy - ok
10:21:21.0254 5872        SharedAccess    (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
10:21:21.0312 5872        SharedAccess - ok
10:21:21.0377 5872        ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
10:21:21.0446 5872        ShellHWDetection - ok
10:21:21.0486 5872        sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
10:21:21.0504 5872        sisagp - ok
10:21:21.0537 5872        SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
10:21:21.0556 5872        SiSRaid2 - ok
10:21:21.0590 5872        SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
10:21:21.0609 5872        SiSRaid4 - ok
10:21:22.0039 5872        slsvc          (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
10:21:22.0256 5872        slsvc - ok
10:21:22.0474 5872        SLUINotify      (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
10:21:22.0527 5872        SLUINotify - ok
10:21:22.0597 5872        Smb            (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
10:21:22.0647 5872        Smb - ok
10:21:22.0689 5872        SNMPTRAP        (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
10:21:22.0710 5872        SNMPTRAP - ok
10:21:22.0754 5872        spldr          (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
10:21:22.0774 5872        spldr - ok
10:21:22.0840 5872        Spooler        (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
10:21:22.0894 5872        Spooler - ok
10:21:22.0980 5872        srv            (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
10:21:23.0057 5872        srv - ok
10:21:23.0128 5872        srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
10:21:23.0191 5872        srv2 - ok
10:21:23.0233 5872        srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
10:21:23.0266 5872        srvnet - ok
10:21:23.0308 5872        SSDPSRV        (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
10:21:23.0353 5872        SSDPSRV - ok
10:21:23.0391 5872        ssmdrv          (5ec550b8952882ee856b862cf648522d) C:\Windows\system32\DRIVERS\ssmdrv.sys
10:21:23.0402 5872        ssmdrv - ok
10:21:23.0449 5872        SstpSvc        (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
10:21:23.0485 5872        SstpSvc - ok
10:21:23.0516 5872        StillCam        (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
10:21:23.0541 5872        StillCam - ok
10:21:23.0618 5872        stisvc          (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
10:21:23.0669 5872        stisvc - ok
10:21:23.0710 5872        swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
10:21:23.0727 5872        swenum - ok
10:21:23.0796 5872        swprv          (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
10:21:23.0851 5872        swprv - ok
10:21:23.0877 5872        Symc8xx        (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
10:21:23.0892 5872        Symc8xx - ok
10:21:23.0922 5872        Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
10:21:23.0936 5872        Sym_hi - ok
10:21:23.0966 5872        Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
10:21:23.0980 5872        Sym_u3 - ok
10:21:24.0042 5872        SynTP          (55f6e55cc2430ca8713387106fa79817) C:\Windows\system32\DRIVERS\SynTP.sys
10:21:24.0061 5872        SynTP - ok
10:21:24.0161 5872        SysMain        (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
10:21:24.0305 5872        SysMain - ok
10:21:24.0347 5872        TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
10:21:24.0372 5872        TabletInputService - ok
10:21:24.0449 5872        TapiSrv        (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
10:21:24.0496 5872        TapiSrv - ok
10:21:24.0526 5872        TBS            (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
10:21:24.0558 5872        TBS - ok
10:21:24.0693 5872        Tcpip          (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
10:21:24.0842 5872        Tcpip - ok
10:21:24.0861 5872        Tcpip6          (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
10:21:25.0045 5872        Tcpip6 - ok
10:21:25.0119 5872        tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
10:21:25.0223 5872        tcpipreg - ok
10:21:25.0266 5872        tdcmdpst        (1825bceb47bf41c5a9f0e44de82fc27a) C:\Windows\system32\DRIVERS\tdcmdpst.sys
10:21:25.0301 5872        tdcmdpst - ok
10:21:25.0339 5872        TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
10:21:25.0402 5872        TDPIPE - ok
10:21:25.0440 5872        TDTCP          (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
10:21:25.0496 5872        TDTCP - ok
10:21:25.0541 5872        tdx            (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
10:21:25.0566 5872        tdx - ok
10:21:25.0603 5872        TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
10:21:25.0620 5872        TermDD - ok
10:21:25.0702 5872        TermService    (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
10:21:25.0856 5872        TermService - ok
10:21:25.0920 5872        Themes          (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
10:21:25.0941 5872        Themes - ok
10:21:25.0982 5872        THREADORDER    (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
10:21:26.0016 5872        THREADORDER - ok
10:21:26.0139 5872        TNaviSrv        (e47f35a87ff0da38def37a0eb0c2d2df) C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
10:21:26.0155 5872        TNaviSrv - ok
10:21:26.0186 5872        TODDSrv        (c5ac715b65b01788abc22d10749dddd8) C:\Windows\system32\TODDSrv.exe
10:21:26.0205 5872        TODDSrv - ok
10:21:26.0294 5872        TosCoSrv        (da6903958cbdc091ffcbbca70ccff34c) c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
10:21:26.0347 5872        TosCoSrv - ok
10:21:26.0387 5872        TOSHIBA SMART Log Service (22690dffc7f2a18279a7a0489aa02bac) c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
10:21:26.0397 5872        TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - warning
10:21:26.0397 5872        TOSHIBA SMART Log Service - detected UnsignedFile.Multi.Generic (1)
10:21:26.0543 5872        tos_sps32      (1ea5f27c29405bf49799feca77186da9) C:\Windows\system32\DRIVERS\tos_sps32.sys
10:21:26.0594 5872        tos_sps32 - ok
10:21:26.0651 5872        TrkWks          (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
10:21:26.0713 5872        TrkWks - ok
10:21:26.0785 5872        TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
10:21:26.0817 5872        TrustedInstaller - ok
10:21:26.0850 5872        tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:21:26.0903 5872        tssecsrv - ok
10:21:26.0935 5872        tunmp          (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
10:21:26.0987 5872        tunmp - ok
10:21:27.0026 5872        tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
10:21:27.0057 5872        tunnel - ok
10:21:27.0085 5872        TVALZ          (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
10:21:27.0097 5872        TVALZ - ok
10:21:27.0128 5872        uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
10:21:27.0145 5872        uagp35 - ok
10:21:27.0210 5872        udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
10:21:27.0241 5872        udfs - ok
10:21:27.0301 5872        UI0Detect      (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
10:21:27.0378 5872        UI0Detect - ok
10:21:27.0463 5872        UleadBurningHelper (332d341d92b933600d41953b08360dfb) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
10:21:27.0488 5872        UleadBurningHelper ( UnsignedFile.Multi.Generic ) - warning
10:21:27.0488 5872        UleadBurningHelper - detected UnsignedFile.Multi.Generic (1)
10:21:27.0547 5872        uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
10:21:27.0568 5872        uliagpkx - ok
10:21:27.0650 5872        uliahci        (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
10:21:27.0686 5872        uliahci - ok
10:21:27.0718 5872        UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
10:21:27.0739 5872        UlSata - ok
10:21:27.0785 5872        ulsata2        (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
10:21:27.0807 5872        ulsata2 - ok
10:21:27.0835 5872        umbus          (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
10:21:27.0892 5872        umbus - ok
10:21:27.0954 5872        upnphost        (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
10:21:28.0003 5872        upnphost - ok
10:21:28.0028 5872        upperdev        (e526a166e6acafd0a9b3841d3941669e) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
10:21:28.0108 5872        upperdev - ok
10:21:28.0154 5872        USBAAPL        (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
10:21:28.0226 5872        USBAAPL - ok
10:21:28.0279 5872        usbccgp        (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
10:21:28.0313 5872        usbccgp - ok
10:21:28.0340 5872        usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
10:21:28.0408 5872        usbcir - ok
10:21:28.0435 5872        usbehci        (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
10:21:28.0459 5872        usbehci - ok
10:21:28.0519 5872        usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
10:21:28.0564 5872        usbhub - ok
10:21:28.0595 5872        usbohci        (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
10:21:28.0646 5872        usbohci - ok
10:21:28.0689 5872        usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
10:21:28.0745 5872        usbprint - ok
10:21:28.0781 5872        usbser          (d575246188f63de0accf6eac5fb59e6a) C:\Windows\system32\drivers\usbser.sys
10:21:28.0839 5872        usbser - ok
10:21:28.0891 5872        UsbserFilt      (6f3e3c6811b930d2414552a2e4a40f36) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
10:21:28.0921 5872        UsbserFilt - ok
10:21:28.0957 5872        USBSTOR        (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:21:28.0983 5872        USBSTOR - ok
10:21:29.0028 5872        usbuhci        (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
10:21:29.0068 5872        usbuhci - ok
10:21:29.0119 5872        usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
10:21:29.0170 5872        usbvideo - ok
10:21:29.0211 5872        UxSms          (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
10:21:29.0238 5872        UxSms - ok
10:21:29.0316 5872        vds            (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
10:21:29.0399 5872        vds - ok
10:21:29.0445 5872        vga            (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
10:21:29.0474 5872        vga - ok
10:21:29.0508 5872        VgaSave        (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
10:21:29.0538 5872        VgaSave - ok
10:21:29.0572 5872        viaagp          (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
10:21:29.0592 5872        viaagp - ok
10:21:29.0637 5872        ViaC7          (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
10:21:29.0728 5872        ViaC7 - ok
10:21:29.0796 5872        viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
10:21:29.0813 5872        viaide - ok
10:21:29.0850 5872        volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
10:21:29.0871 5872        volmgr - ok
10:21:30.0073 5872        volmgrx        (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
10:21:30.0106 5872        volmgrx - ok
10:21:30.0234 5872        volsnap        (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
10:21:30.0264 5872        volsnap - ok
10:21:30.0347 5872        vsmraid        (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
10:21:30.0371 5872        vsmraid - ok
10:21:30.0575 5872        VSS            (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
10:21:30.0660 5872        VSS - ok
10:21:30.0733 5872        W32Time        (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
10:21:30.0772 5872        W32Time - ok
10:21:30.0861 5872        WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
10:21:30.0935 5872        WacomPen - ok
10:21:30.0957 5872        Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:21:30.0997 5872        Wanarp - ok
10:21:31.0004 5872        Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:21:31.0028 5872        Wanarpv6 - ok
10:21:31.0138 5872        WcesComm        (779f9c90d3fe9c70b6ffd8ef035f3e83) C:\Windows\WindowsMobile\wcescomm.dll
10:21:31.0272 5872        WcesComm - ok
10:21:31.0362 5872        wcncsvc        (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
10:21:31.0403 5872        wcncsvc - ok
10:21:31.0450 5872        WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
10:21:31.0529 5872        WcsPlugInService - ok
10:21:31.0577 5872        Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
10:21:31.0597 5872        Wd - ok
10:21:31.0700 5872        Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
10:21:31.0760 5872        Wdf01000 - ok
10:21:31.0813 5872        WdiServiceHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
10:21:31.0866 5872        WdiServiceHost - ok
10:21:31.0874 5872        WdiSystemHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
10:21:31.0919 5872        WdiSystemHost - ok
10:21:31.0970 5872        WebClient      (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
10:21:31.0994 5872        WebClient - ok
10:21:32.0053 5872        Wecsvc          (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
10:21:32.0104 5872        Wecsvc - ok
10:21:32.0131 5872        wercplsupport  (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
10:21:32.0168 5872        wercplsupport - ok
10:21:32.0226 5872        WerSvc          (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
10:21:32.0266 5872        WerSvc - ok
10:21:32.0373 5872        winachsf        (0acd399f5db3df1b58903cf4949ab5a8) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
10:21:32.0544 5872        winachsf - ok
10:21:32.0678 5872        WinDefend      (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
10:21:32.0708 5872        WinDefend - ok
10:21:32.0722 5872        WinHttpAutoProxySvc - ok
10:21:32.0833 5872        Winmgmt        (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
10:21:32.0860 5872        Winmgmt - ok
10:21:33.0040 5872        WinRM          (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
10:21:33.0261 5872        WinRM - ok
10:21:33.0380 5872        winusb          (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\winusb.sys
10:21:33.0420 5872        winusb - ok
10:21:33.0533 5872        Wlansvc        (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
10:21:33.0615 5872        Wlansvc - ok
10:21:33.0650 5872        WmiAcpi        (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
10:21:33.0693 5872        WmiAcpi - ok
10:21:33.0816 5872        wmiApSrv        (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
10:21:33.0845 5872        wmiApSrv - ok
10:21:34.0026 5872        WMPNetworkSvc  (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
10:21:34.0121 5872        WMPNetworkSvc - ok
10:21:34.0179 5872        WPCSvc          (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
10:21:34.0223 5872        WPCSvc - ok
10:21:34.0259 5872        WPDBusEnum      (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
10:21:34.0288 5872        WPDBusEnum - ok
10:21:34.0367 5872        WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
10:21:34.0414 5872        WpdUsb - ok
10:21:34.0635 5872        WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:21:34.0687 5872        WPFFontCache_v0400 - ok
10:21:34.0719 5872        ws2ifsl        (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
10:21:34.0764 5872        ws2ifsl - ok
10:21:34.0802 5872        wscsvc          (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
10:21:34.0834 5872        wscsvc - ok
10:21:34.0841 5872        WSearch - ok
10:21:35.0110 5872        wuauserv        (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
10:21:35.0448 5872        wuauserv - ok
10:21:35.0714 5872        WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:21:35.0744 5872        WUDFRd - ok
10:21:35.0787 5872        wudfsvc        (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
10:21:35.0820 5872        wudfsvc - ok
10:21:35.0852 5872        XAudio          (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
10:21:35.0882 5872        XAudio - ok
10:21:35.0956 5872        XAudioService  (cd5f291a1161f15896d1a4d63daff5df) C:\Windows\system32\DRIVERS\xaudio.exe
10:21:35.0986 5872        XAudioService - ok
10:21:36.0020 5872        MBR (0x1B8)    (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
10:21:37.0773 5872        \Device\Harddisk0\DR0 - ok
10:21:37.0803 5872        Boot (0x1200)  (5b866a4e6efaa7e6d1850002eab3cd36) \Device\Harddisk0\DR0\Partition0
10:21:37.0805 5872        \Device\Harddisk0\DR0\Partition0 - ok
10:21:37.0832 5872        Boot (0x1200)  (818809706242e615ac0accde8c6aab08) \Device\Harddisk0\DR0\Partition1
10:21:37.0835 5872        \Device\Harddisk0\DR0\Partition1 - ok
10:21:37.0836 5872        ============================================================
10:21:37.0836 5872        Scan finished
10:21:37.0836 5872        ============================================================
10:21:37.0862 4028        Detected object count: 10
10:21:37.0862 4028        Actual detected object count: 10
10:22:02.0404 4028        ACEDRV06 ( UnsignedFile.Multi.Generic ) - skipped by user
10:22:02.0404 4028        ACEDRV06 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:22:02.0411 4028        AntiVirSchedulerService ( UnsignedFile.Multi.Generic ) - skipped by user
10:22:02.0411 4028        AntiVirSchedulerService ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:22:02.0422 4028        AntiVirService ( UnsignedFile.Multi.Generic ) - skipped by user
10:22:02.0422 4028        AntiVirService ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:22:02.0424 4028        ConfigFree Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:22:02.0424 4028        ConfigFree Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:22:02.0428 4028        FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
10:22:02.0429 4028        FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:22:02.0433 4028        IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
10:22:02.0433 4028        IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:22:02.0434 4028        Sentinel ( UnsignedFile.Multi.Generic ) - skipped by user
10:22:02.0434 4028        Sentinel ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:22:02.0439 4028        ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
10:22:02.0439 4028        ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:22:02.0442 4028        TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:22:02.0442 4028        TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:22:02.0445 4028        UleadBurningHelper ( UnsignedFile.Multi.Generic ) - skipped by user
10:22:02.0445 4028        UleadBurningHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip


Alle Zeitangaben in WEZ +1. Es ist jetzt 06:00 Uhr.
Seite 1 von 4 1 23 Letzte »
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55