Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Weißer Bildschirm nach dem Neustart/einmalige Meldung von Bundespolzei (https://www.trojaner-board.de/134939-weisser-bildschirm-neustart-einmalige-meldung-bundespolzei.html)

gstreinaldo 14.05.2013 18:26
Weißer Bildschirm nach dem Neustart/einmalige Meldung von Bundespolzei
 
Hallo liebes Trojanerboard,

Nach dem Starten von Windows bleibt der bildschirm einfach weiß. Kann daher auch keine OTL.exe usw. drüberlaufen lassen.
Könnt ihr mir dabei helfen?

Ich benutzt Win7, home, 64bit
Wenn es hilft, ich habe einen Laptop wo alles normal funktioniert zwecks Internet usw.

Ich hoffe ihr könnt mir weiterhelfen.

markusg 14.05.2013 18:27
hi,
kommst du an nen pc mit brenner?
download:
http://filepony.de/download-otlpe/
und brenne es mit ISOBurner auf eine CD.
http://filepony.de/download-isoburner/
isoburner anleitung:
http://www.trojaner-board.de/83208-b...ei-cd-dvd.html
• Wenn der Download fertig ist mache ein doppel Klick auf die OTLPENet.exe, was ISOBurner öffnet um es auf die CD zu brennen.
Starte dein System neu und boote von der CD die du gerade erstellt hast.
Wenn du nicht weist wie du deinen Computer dazu bringst von der CD zu booten,
http://www.trojaner-board.de/81857-c...cd-booten.html

• Dein System sollte jetzt einen REATOGO-X-PE Desktop anzeigen.
• Mache einen doppel Klick auf das OTLPE Icon.
• Wenn du gefragt wirst "Do you wish to load the remote registry", dann wähle Yes.
• Wenn du gefragt wirst "Do you wish to load remote user profile(s) for scanning", dann wähle Yes.
• entferne den haken bei "Automatically Load All Remaining Users" wenn er gesetzt ist.

• OTL sollte nun starten.
Kopiere nun den Inhalt in die http://larusso.trojaner-board.de/Images/otlfix.jpg
Textbox.
Code:
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
• Drücke Run Scan um den Scan zu starten.
• Wenn er fertig ist werden die Dateien in C:\otl.txt gesichert
• Kopiere diesen Ordner auf deinen USB-Stick wenn du keine Internetverbindung auf diesem System hast.
poste beide logs

gstreinaldo 14.05.2013 18:29
Sobald ich den PC starte kommt ein weißer Bildschirm. Kann daher das Program nicht downloaden bzw. durchlaufen lassen.
Geht das irgendwie vom usb stick aus?

Danke!
Ja kommt zu einem Brenner.
Werd das machen.
Danke

markusg 14.05.2013 18:55
brennen etc halt von nem andern PC aus :-)

gstreinaldo 14.05.2013 19:00
Hallo Markusg!
Hab den PC von der CD aus gestartet.
-Erste Meldung war Startet Reatogo-X-PE
Dann kam folgende blaue Fehlermeldung:

A problem has been detected and windows ahs been shut down to prevent damage to your computer.

If this is the first time you have been seen this stop error scree, restar your computer. If this screen appears again, follow these steps:

Check for virus on your compter. Remove any newly installed hard drives or hard drive controlles. Check your hard dirve to make sure ti is proberly configured and terminated.
Run CHKDSK / F to check for hard drive corruption and then restart your computer

Technical information:

***STOP: 0x0000007B (0xF78DA528, 0xC0000034,0x00000000,0x00000000)

markusg 14.05.2013 19:05
hi
gehe ins bios, bei pc start meist über entf
dort suche die Option ide bzw AHCY mode, konfiguriere jeweils den gegenteiligen und versuchs noch mal.
sollte dann ein Fenster, browse for folder, kommen, dann gehe auf bot, klappe den Ordner auf, und klicke auf windows bzw wind

gstreinaldo 14.05.2013 20:18
ok otl ist durch...
otl.txt dateien seh ich..
jetzt hab ich nur wieder ein problem...die maus funktioniert nicht und ich kann die dateien nicht auf usb speichern und hier einfügen.

markusg 14.05.2013 20:22
dann mal usb stick raus, neustart, stick rein und dann die Textdatei posten.

gstreinaldo 14.05.2013 20:41
Code:
OTL logfile created on: 5/15/2013 12:00:24 AM - Run
OTLPE by OldTimer - Version 3.1.48.0    Folder = X:\Programs\OTLPE
64bit-Windows 7 Home Premium  (Version = 6.1.7600) - Type = System
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = G: | %SystemRoot% = G:\Windows | %ProgramFiles% = G:\Program Files (x86)
Drive C: | 100.00 Mb Total Space | 65.38 Mb Free Space | 65.38% Space Free | Partition Type: NTFS
Drive G: | 1831.92 Gb Total Space | 1772.77 Gb Free Space | 96.77% Space Free | Partition Type: NTFS
Drive H: | 30.00 Gb Total Space | 18.10 Gb Free Space | 60.35% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010/10/25 12:42:10 | 000,164,008 | ---- | M] (Intel Corporation) [Auto] -- G:\Windows\System32\IPROSetMonitor.exe -- (Intel(R) PROSet Monitoring Service) Intel(R)
SRV:64bit: - [2010/09/22 21:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled] -- G:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand] -- G:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/04/25 07:41:34 | 004,936,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- G:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/04/23 03:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) [Auto] -- G:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013/04/17 22:34:38 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- G:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2013/04/16 08:13:18 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand] -- G:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/04/04 08:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto] -- G:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 08:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto] -- G:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/25 08:24:16 | 000,990,896 | ---- | M] () [Auto] -- G:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe -- (vToolbarUpdater15.0.0)
SRV - [2013/03/25 06:59:38 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- G:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/18 01:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto] -- G:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/01 03:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand] -- G:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 03:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto] -- G:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/11/06 03:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto] -- G:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010/03/18 17:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- G:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- G:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/07/24 05:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto] -- G:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013/04/04 08:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand] -- G:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/03/28 20:53:48 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- G:\Windows\System32\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2013/03/25 08:24:16 | 000,039,768 | ---- | M] (AVG Technologies) [Kernel | System] -- G:\Windows\System32\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/03/20 21:08:24 | 000,240,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- G:\Windows\System32\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2013/02/07 23:37:56 | 000,116,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- G:\Windows\System32\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2013/02/07 23:37:54 | 000,311,096 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot] -- G:\Windows\System32\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2013/02/07 23:37:50 | 000,071,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot] -- G:\Windows\System32\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2013/02/07 23:37:42 | 000,206,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- G:\Windows\System32\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2013/02/07 23:37:40 | 000,045,880 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- G:\Windows\System32\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/10/01 03:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- G:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 03:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- G:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 03:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- G:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 03:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- G:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010/12/17 05:57:03 | 000,315,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- G:\Windows\System32\drivers\e1c62x64.sys -- (e1cexpress) Intel(R)
DRV:64bit: - [2010/12/17 05:55:56 | 000,042,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- G:\Windows\System32\Drivers\qd262x64.sys -- (ioatdma2) Intel(R)
DRV:64bit: - [2010/12/17 05:55:55 | 000,040,144 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- G:\Windows\System32\Drivers\qd162x64.sys -- (ioatdma1)
DRV:64bit: - [2010/12/17 05:55:50 | 000,051,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- G:\Windows\system32\DRIVERS\IAMTXPE.sys -- (IAMTXPE) Driver for Intel(R)
DRV:64bit: - [2010/12/17 05:55:50 | 000,043,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- G:\Windows\system32\DRIVERS\IAMTVE.sys -- (IAMTVE) Driver for Intel(R)
DRV:64bit: - [2010/11/19 14:34:00 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand] -- G:\Windows\system32\DRIVERS\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/11/19 14:34:00 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand] -- G:\Windows\system32\DRIVERS\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/09/21 04:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- G:\Windows\system32\DRIVERS\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010/09/16 13:33:42 | 001,918,976 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- G:\Windows\System32\drivers\athurx.sys -- (athur)
DRV:64bit: - [2010/09/07 16:08:55 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- G:\Windows\System32\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010/05/31 05:46:50 | 000,333,928 | ---- | M] (Realtek                                            ) [Kernel | On_Demand] -- G:\Windows\System32\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/02/06 10:49:24 | 000,690,208 | ---- | M] (Realtek Semiconductor Corporation                          ) [Kernel | On_Demand] -- G:\Windows\System32\drivers\RTL8192su.sys -- (RTL8192su)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- G:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- G:\Windows\system32\DRIVERS\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- G:\Windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- G:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Franz_Pfeifer_ON_G\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
IE - HKU\Franz_Pfeifer_ON_G\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.telekom.at/suche
IE - HKU\Franz_Pfeifer_ON_G\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Franz_Pfeifer_ON_G\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com/
IE - HKU\Franz_Pfeifer_ON_G\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - Reg Error: Key error. File not found
IE - HKU\Franz_Pfeifer_ON_G\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "www.kappl.at"
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: G:\Windows\System32\Macromed\Flash\NPSWF64_11_6_602_180.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: G:\Windows\System32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: G:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: G:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: G:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer: G:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: G:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.0.0\\npsitesafety.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin: G:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: G:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: G:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE: G:\Windows\SysWOW64\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: G:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: G:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: G:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: G:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: G:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: G:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: G:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: G:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\15.0.0.2 [2013/03/25 08:24:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/16 08:13:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Thunderbird 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011/07/20 07:45:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Thunderbird 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/16 08:13:18 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011/05/10 05:18:58 | 000,000,000 | ---D | M] (No name found) -- G:\Users\Franz Pfeifer\AppData\Roaming\Mozilla\Extensions
[2011/05/10 05:18:58 | 000,000,000 | ---D | M] (No name found) -- G:\Users\Franz Pfeifer\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2013/03/25 05:12:24 | 000,000,000 | ---D | M] (No name found) -- G:\Users\Franz Pfeifer\AppData\Roaming\Mozilla\Firefox\Profiles\ovw3zs6e.default-1364202675281\extensions
[2013/04/16 08:13:14 | 000,000,000 | ---D | M] (No name found) -- G:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) --
[2013/03/25 08:24:23 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- G:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\15.0.0.2
() (No name found) -- G:\USERS\FRANZ PFEIFER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OVW3ZS6E.DEFAULT-1364202675281\EXTENSIONS\{99B98C2C-7274-45A3-A640-D9DF1A1C8460}.XPI
[2013/04/16 08:13:18 | 000,263,064 | ---- | M] (Mozilla Foundation) -- G:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/10/25 09:28:56 | 000,001,392 | ---- | M] () -- G:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013/03/25 08:24:23 | 000,003,714 | ---- | M] () -- G:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/10/25 09:28:56 | 000,002,465 | ---- | M] () -- G:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/10/25 09:28:56 | 000,001,153 | ---- | M] () -- G:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012/10/25 09:28:56 | 000,006,805 | ---- | M] () -- G:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/10/25 09:28:56 | 000,001,178 | ---- | M] () -- G:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/10/25 09:28:56 | 000,001,105 | ---- | M] () -- G:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - G:\Windows\System32\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - G:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - G:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - G:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - G:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - G:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - G:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - G:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - G:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKU\Franz_Pfeifer_ON_G\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - G:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\Franz_Pfeifer_ON_G\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - G:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [RtHDVCpl] G:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] G:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnUpdater] G:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [AVG_UI] G:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CLMLServer] G:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [IAStorIcon] G:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [NUSB3MON] G:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [vProt] G:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKU\LocalService_ON_G..\Run: [Sidebar] G:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_G..\Run: [Sidebar] G:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_G..\RunOnce: [mctadmin]  File not found
O4 - HKU\NetworkService_ON_G..\RunOnce: [mctadmin]  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} -  File not found
O9:64bit: - Extra 'Tools' menuitem : eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} -  File not found
O9 - Extra Button: eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} -  File not found
O9 - Extra 'Tools' menuitem : eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} -  File not found
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:64bit: - Franz_Pfeifer_ON_G\..Trusted Domains: blank ([]about in Lokales Intranet)
O15:64bit: - Franz_Pfeifer_ON_G\..Trusted Domains: fritz.repeater ([]* in Lokales Intranet)
O15:64bit: - Franz_Pfeifer_ON_G\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab (Office Genuine Advantage Validation Tool)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - G:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - G:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - G:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKU\Franz_Pfeifer_ON_G Winlogon: Shell - (explorer.exe) - G:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\Franz_Pfeifer_ON_G Winlogon: Shell - (C:\Users\Franz Pfeifer\AppData\Roaming\skype.dat) - G:\Users\Franz Pfeifer\AppData\Roaming\skype.dat (Sftware                                                    )
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/05/10 03:37:08 | 000,000,000 | ---D | C] -- G:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013/04/16 08:13:14 | 000,000,000 | ---D | C] -- G:\Program Files (x86)\Mozilla Firefox
[2012/01/12 15:59:54 | 000,130,560 | ---- | C] (Sftware                                                    ) -- G:\Users\Franz Pfeifer\AppData\Roaming\skype.dat
[1 G:\Windows\*.tmp files -> G:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/05/14 13:43:28 | 000,067,584 | --S- | M] () -- G:\Windows\bootstat.dat
[2013/05/14 13:43:25 | 3206,787,072 | -HS- | M] () -- G:\hiberfil.sys
[2013/05/14 13:32:13 | 000,015,984 | -H-- | M] () -- G:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/14 13:32:13 | 000,015,984 | -H-- | M] () -- G:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/14 13:32:12 | 000,001,110 | ---- | M] () -- G:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/14 13:31:28 | 000,000,004 | ---- | M] () -- G:\Users\Franz Pfeifer\AppData\Roaming\skype.ini
[2013/05/14 13:28:04 | 000,001,106 | ---- | M] () -- G:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/14 12:54:17 | 000,672,692 | ---- | M] () -- G:\Windows\System32\perfh007.dat
[2013/05/14 12:54:17 | 000,623,678 | ---- | M] () -- G:\Windows\System32\perfh009.dat
[2013/05/14 12:54:17 | 000,135,782 | ---- | M] () -- G:\Windows\System32\perfc007.dat
[2013/05/14 12:54:17 | 000,111,548 | ---- | M] () -- G:\Windows\System32\perfc009.dat
[2013/05/13 09:32:50 | 001,528,528 | ---- | M] () -- G:\Windows\SysWow64\PerfStringBackup.INI
[2013/05/13 03:58:13 | 000,000,884 | ---- | M] () -- G:\Windows\tasks\Adobe Flash Player Updater.job
[2013/05/10 03:37:08 | 000,000,985 | ---- | M] () -- G:\Users\Public\Desktop\AVG 2013.lnk
[2013/05/10 03:37:08 | 000,000,000 | ---D | M] -- G:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013/04/30 07:39:36 | 000,001,106 | ---- | M] () -- G:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013/04/30 07:39:36 | 000,001,094 | ---- | M] () -- G:\Users\Public\Desktop\TeamViewer 8.lnk
[2013/04/24 04:02:32 | 000,001,117 | ---- | M] () -- G:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/04/24 04:02:32 | 000,000,000 | ---D | M] -- G:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[1 G:\Windows\*.tmp files -> G:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/05/13 03:55:23 | 000,000,004 | ---- | C] () -- G:\Users\Franz Pfeifer\AppData\Roaming\skype.ini
[2011/05/10 05:03:49 | 001,528,528 | ---- | C] () -- G:\Windows\SysWow64\PerfStringBackup.INI
[2010/12/20 12:14:03 | 000,008,192 | ---- | C] () -- G:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2010/12/03 15:07:26 | 000,000,000 | ---- | C] () -- G:\Windows\ativpsrm.bin
[2010/12/03 14:59:01 | 000,002,888 | ---- | C] () -- G:\Windows\SysWow64\atipblag.dat
[2009/08/03 19:07:42 | 000,403,816 | ---- | C] () -- G:\Windows\SysWow64\OGACheckControl.DLL
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- G:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- G:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- G:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- G:\Windows\mib.bin
[2009/07/13 20:02:54 | 000,245,248 | ---- | C] () -- G:\Windows\SysWow64\DShowRdpFilter.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- G:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- G:\Windows\SysWow64\ir32_32.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- G:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- G:\Windows\SysWow64\mlang.dat
 
========== LOP Check ==========
 
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- G:\ProgramData\Application Data
[2013/03/25 08:24:23 | 000,000,000 | ---D | M] -- G:\ProgramData\AVG Secure Search
[2012/07/04 04:57:22 | 000,000,000 | ---D | M] -- G:\ProgramData\AVG2012
[2013/03/25 08:24:46 | 000,000,000 | ---D | M] -- G:\ProgramData\AVG2013
[2013/03/25 07:33:32 | 000,000,000 | ---D | M] -- G:\ProgramData\CA9BF7A91A61A2890000CA9B2D18AD49
[2012/01/02 08:40:24 | 000,000,000 | -H-D | M] -- G:\ProgramData\Common Files
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- G:\ProgramData\Desktop
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- G:\ProgramData\Documents
[2010/12/03 11:34:54 | 000,000,000 | ---D | M] -- G:\ProgramData\Downloaded Installations
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- G:\ProgramData\Favorites
[2011/05/17 08:35:59 | 000,000,000 | ---D | M] -- G:\ProgramData\m2backup
[2011/05/17 07:00:08 | 000,000,000 | ---D | M] -- G:\ProgramData\m2portal
[2013/05/14 13:09:24 | 000,000,000 | ---D | M] -- G:\ProgramData\MFAData
[2011/05/17 07:00:09 | 000,000,000 | ---D | M] -- G:\ProgramData\mquadr.at
[2011/07/04 07:32:38 | 000,000,000 | ---D | M] -- G:\ProgramData\Partner
[2011/07/19 12:05:09 | 000,000,000 | ---D | M] -- G:\ProgramData\PC Drivers HeadQuarters
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- G:\ProgramData\Start Menu
[2010/11/09 16:44:15 | 000,000,000 | ---D | M] -- G:\ProgramData\Temp
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- G:\ProgramData\Templates
[2011/05/10 04:38:55 | 000,000,000 | ---D | M] -- G:\ProgramData\TP-LINK
[2011/05/11 12:43:48 | 000,000,000 | ---D | M] -- G:\ProgramData\VirtualizedApplications
[2011/05/17 07:33:33 | 000,000,000 | -H-D | M] -- G:\ProgramData\{4E684805-4C70-4570-B57A-1332B65E995E}
[2011/05/17 07:55:31 | 000,000,000 | -H-D | M] -- G:\ProgramData\{97A66005-421F-474D-ACE1-CF35FDC12CE8}
[2011/05/17 06:59:40 | 000,000,000 | -H-D | M] -- G:\ProgramData\{DEC678D1-B2BE-43DD-B123-21503011D8C9}
[2013/04/29 15:29:24 | 000,032,632 | ---- | M] () -- G:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< netsevcs >
 
< %SYSTEMDRIVE%\*. >
[2013/03/25 08:22:15 | 000,000,000 | -H-D | M] -- G:\$AVG
[2011/05/10 04:12:36 | 000,000,000 | -HSD | M] -- G:\$RECYCLE.BIN
[2011/05/10 04:09:22 | 000,000,000 | -HSD | M] -- G:\Documents and Settings
[2011/06/17 02:13:06 | 000,000,000 | ---D | M] -- G:\f6fe5f9810f5fd44b7c63700efe8be
[2013/01/12 15:49:50 | 000,000,000 | -HSD | M] -- G:\found.000
[2010/11/09 17:09:16 | 000,000,000 | ---D | M] -- G:\Intel
[2011/06/17 02:10:07 | 000,000,000 | RH-D | M] -- G:\MSOCache
[2013/03/25 06:56:40 | 000,000,000 | R--D | M] -- G:\Program Files
[2013/05/11 01:27:48 | 000,000,000 | R--D | M] -- G:\Program Files (x86)
[2013/03/25 09:16:25 | 000,000,000 | -H-D | M] -- G:\ProgramData
[2011/05/10 04:09:22 | 000,000,000 | -HSD | M] -- G:\Recovery
[2013/05/13 04:05:41 | 000,000,000 | -HSD | M] -- G:\System Volume Information
[2011/05/10 04:12:25 | 000,000,000 | R--D | M] -- G:\Users
[2013/05/13 08:24:14 | 000,000,000 | ---D | M] -- G:\Windows
 
< %PROGRAMFILES%\*.exe >
 
Invalid Environment Variable: %LOCALAPPDATA%\*.exe
 
< %systemroot%\*. /mp /s >
 
 
< MD5 for: AGP440.SYS  >
[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- G:\Windows\System32\drivers\AGP440.sys
[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- G:\Windows\System32\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- G:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- G:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- G:\Windows\System32\drivers\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- G:\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- G:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- G:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009/07/13 21:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- G:\Windows\SysWOW64\cngaudit.dll
[2009/07/13 21:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- G:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/13 21:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- G:\Windows\System32\cngaudit.dll
[2009/07/13 21:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- G:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- G:\Windows\explorer.exe
[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- G:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- G:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- G:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 01:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- G:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- G:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- G:\Windows\SysWOW64\explorer.exe
[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- G:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- G:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 02:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- G:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- G:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 02:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- G:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- G:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 02:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- G:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 01:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- G:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 09:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- G:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 02:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- G:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 01:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- G:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 21:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- G:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 02:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- G:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 02:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- G:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 02:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- G:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
 
< MD5 for: IASTOR.SYS  >
[2010/11/06 03:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- G:\Windows\System32\drivers\iaStor.sys
[2010/11/06 03:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- G:\Windows\System32\DriverStore\FileRepository\iaahci.inf_amd64_neutral_710b330fb3531234\iaStor.sys
 
< MD5 for: NETLOGON.DLL  >
[2009/07/13 21:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- G:\Windows\System32\netlogon.dll
[2009/07/13 21:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- G:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010/11/20 09:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- G:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/20 08:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- G:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009/07/13 21:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- G:\Windows\SysWOW64\netlogon.dll
[2009/07/13 21:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- G:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2010/05/12 04:38:10 | 000,166,280 | ---- | M] (NVIDIA Corporation) MD5=0AF7B8136794E23E87BE138992880E64 -- G:\Windows\System32\drivers\nvstor.sys
[2010/05/12 04:38:10 | 000,166,280 | ---- | M] (NVIDIA Corporation) MD5=0AF7B8136794E23E87BE138992880E64 -- G:\Windows\System32\DriverStore\FileRepository\nvraid.inf_amd64_neutral_c09ee40f078b4594\nvstor.sys
[2010/05/12 04:38:10 | 000,166,280 | ---- | M] (NVIDIA Corporation) MD5=0AF7B8136794E23E87BE138992880E64 -- G:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16592_none_95c1e7d0d8ba7548\nvstor.sys
[2009/07/13 21:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- G:\Windows\System32\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/13 21:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- G:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011/03/11 02:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- G:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011/03/11 02:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- G:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2010/05/12 04:50:49 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=CE76755AF933E728CEBA6C7A970838A4 -- G:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20712_none_96a205e1f19732b1\nvstor.sys
[2011/03/11 02:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- G:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 02:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- G:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/20 09:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- G:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009/07/13 21:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- G:\Windows\SysWOW64\scecli.dll
[2009/07/13 21:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- G:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/13 21:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- G:\Windows\System32\scecli.dll
[2009/07/13 21:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- G:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 08:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- G:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 09:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- G:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010/11/20 08:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- G:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009/07/13 21:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- G:\Windows\System32\user32.dll
[2009/07/13 21:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- G:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009/07/13 21:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- G:\Windows\SysWOW64\user32.dll
[2009/07/13 21:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- G:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010/11/20 09:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- G:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- G:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- G:\Windows\SysWOW64\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- G:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- G:\Windows\System32\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- G:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- G:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- G:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 21:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- G:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 03:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- G:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2013/04/04 08:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- G:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- G:\Windows\System32\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- G:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009/07/13 20:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- G:\Windows\System32\drivers\ws2ifsl.sys
[2009/07/13 20:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- G:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys/ /lockedfiles >
Invalid Switch:
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
Invalid Environment Variable: %USERPROFILE%\*.*
 
Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.exe
 
Invalid Environment Variable: %USERPROFILE%\LocalSettings\Temp\*.dll
 
Invalid Environment Variable: %USERPROFILE%\Application Data\*.exe

< End of report >

markusg 14.05.2013 20:45
Hi,
auf deinem zweiten pc gehe auf start, programme zubehör editor, kopiere dort
rein:
Code:
:OTL
O20 - HKU\Franz_Pfeifer_ON_G Winlogon: Shell - (C:\Users\Franz Pfeifer\AppData\Roaming\skype.dat) - G:\Users\Franz Pfeifer\AppData\Roaming\skype.dat (Sftware
                                                    )
[2013/05/14 13:31:28 | 000,000,004 | ---- | M] () -- G:\Users\Franz Pfeifer\AppData\Roaming\skype.ini
:Files
C:\Users\Franz Pfeifer\AppData\Roaming\skype.dat
:Commands
[EMPTYFLASH]
[emptytemp]


dieses speicherst du auf nem usb stick als fix.txt
nutze nun wieder OTLPENet.exe (starte also von der erstellten cd) und hake alles an, wie es bereits im post zu OTLPENet.exe beschrieben ist.
• Klicke nun bitte auf den Fix Button.
es sollte nun eine meldung ähnlich dieser: "load fix from file" erscheinen, lade also die fix.txt von deinem stick.
wenn dies nicht funktioniert, bitte den fix manuell eintragen.
dann klicke erneut den fix buton. pc startet evtl. neu. wenn ja, nimm die cd aus dem laufwerk, windows sollte nun normal starten und die otl.txt öffnen,
log posten bitte.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang
in den Thread posten!



Drücke bitte die http://larusso.trojaner-board.de/Images/windows.jpg + E Taste.
  • Öffne dein Systemlaufwerk ( meistens C: )
  • Suche nun
    folgenden Ordner: _OTL und öffne diesen.
  • Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner

  • Dies wird eine Movedfiles.zip Datei in _OTL erstellen
  • Lade diese bitte in unseren Uploadchannel
    hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )
Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus :)

gstreinaldo 14.05.2013 20:57
pc wurde nicht neu gestartet...

die meldung hab ich bekommen

Code:
========== OTL ==========
Registry value HKEY_USERS\Franz_Pfeifer_ON_G\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\Franz Pfeifer\AppData\Roaming\skype.dat deleted successfully.
G:\Users\Franz Pfeifer\AppData\Roaming\skype.dat moved successfully.
G:\Users\Franz Pfeifer\AppData\Roaming\skype.ini moved successfully.
========== FILES ==========
File\Folder C:\Users\Franz Pfeifer\AppData\Roaming\skype.dat not found.
========== COMMANDS ==========
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
 
User: Default User
 
User: Franz Pfeifer
 
User: Public
 
Total Flash Files Cleaned = 0.00 mb
 
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
 
User: Default User
 
User: Franz Pfeifer
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 516755000 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67899 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 749 bytes
 
Total Files Cleaned = 493.00 mb
 
 
OTLPE by OldTimer - Version 3.1.48.0 log created on 05152013_015421

markusg 14.05.2013 21:19
dann man manuell neustarten, cd raus und wenns läuft, upload machen bitte

gstreinaldo 15.05.2013 07:18
Schönen guten Morgen!

Hab so eben den upload gemacht.
Danke für die Hilfe:applaus::applaus:

markusg 15.05.2013 12:03
danke fürs hochladen.
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

gstreinaldo 15.05.2013 12:20
Hallo Markus!

Laut Tdsskiller Programm: no threats found
logfile ist zu groß
kann ich leider nicht anhängen

markusg 15.05.2013 13:40
dann halt teilen bitte

gstreinaldo 15.05.2013 13:57
Code:
13:05:25.0476 1684  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:05:27.0477 1684  ============================================================
13:05:27.0478 1684  Current date / time: 2013/05/15 13:05:27.0477
13:05:27.0478 1684  SystemInfo:
13:05:27.0478 1684 
13:05:27.0478 1684  OS Version: 6.1.7600 ServicePack: 0.0
13:05:27.0478 1684  Product type: Workstation
13:05:27.0478 1684  ComputerName: FRANZPFEIFER-PC
13:05:27.0478 1684  UserName: Franz Pfeifer
13:05:27.0478 1684  Windows directory: C:\Windows
13:05:27.0478 1684  System windows directory: C:\Windows
13:05:27.0478 1684  Running under WOW64
13:05:27.0478 1684  Processor architecture: Intel x64
13:05:27.0478 1684  Number of processors: 4
13:05:27.0478 1684  Page size: 0x1000
13:05:27.0478 1684  Boot type: Normal boot
13:05:27.0478 1684  ============================================================
13:05:28.0059 1684  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:05:28.0071 1684  ============================================================
13:05:28.0071 1684  \Device\Harddisk0\DR0:
13:05:28.0072 1684  MBR partitions:
13:05:28.0072 1684  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:05:28.0072 1684  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE4FD5800
13:05:28.0072 1684  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xE5008000, BlocksNum 0x3C00000
13:05:28.0072 1684  ============================================================
13:05:28.0085 1684  C: <-> \Device\Harddisk0\DR0\Partition2
13:05:28.0130 1684  D: <-> \Device\Harddisk0\DR0\Partition3
13:05:28.0150 1684  ============================================================
13:05:28.0150 1684  Initialize success
13:05:28.0150 1684  ============================================================
13:06:02.0402 3844  ============================================================
13:06:02.0402 3844  Scan started
13:06:02.0402 3844  Mode: Manual; SigCheck; TDLFS;
13:06:02.0402 3844  ============================================================
13:06:03.0033 3844  ================ Scan system memory ========================
13:06:03.0033 3844  System memory - ok
13:06:03.0033 3844  ================ Scan services =============================
13:06:03.0306 3844  [ 969C91060CBB5D17CB8440B5F78B4C51 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
13:06:03.0406 3844  1394ohci - ok
13:06:03.0444 3844  [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
13:06:03.0465 3844  ACPI - ok
13:06:03.0494 3844  [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi        C:\Windows\system32\DRIVERS\acpipmi.sys
13:06:03.0551 3844  AcpiPmi - ok
13:06:03.0651 3844  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:06:03.0664 3844  AdobeARMservice - ok
13:06:03.0741 3844  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:06:03.0756 3844  AdobeFlashPlayerUpdateSvc - ok
13:06:03.0794 3844  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx        C:\Windows\system32\DRIVERS\adp94xx.sys
13:06:03.0818 3844  adp94xx - ok
13:06:03.0850 3844  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci        C:\Windows\system32\DRIVERS\adpahci.sys
13:06:03.0870 3844  adpahci - ok
13:06:03.0887 3844  [ E109549C90F62FB570B9540C4B148E54 ] adpu320        C:\Windows\system32\DRIVERS\adpu320.sys
13:06:03.0903 3844  adpu320 - ok
13:06:03.0925 3844  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
13:06:04.0085 3844  AeLookupSvc - ok
13:06:04.0137 3844  [ 6EF20DDF3172E97D69F596FB90602F29 ] AFD            C:\Windows\system32\drivers\afd.sys
13:06:04.0194 3844  AFD - ok
13:06:04.0214 3844  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
13:06:04.0228 3844  agp440 - ok
13:06:04.0260 3844  [ 3290D6946B5E30E70414990574883DDB ] ALG            C:\Windows\System32\alg.exe
13:06:04.0331 3844  ALG - ok
13:06:04.0382 3844  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
13:06:04.0397 3844  aliide - ok
13:06:04.0432 3844  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
13:06:04.0445 3844  amdide - ok
13:06:04.0469 3844  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8          C:\Windows\system32\DRIVERS\amdk8.sys
13:06:04.0512 3844  AmdK8 - ok
13:06:04.0522 3844  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
13:06:04.0572 3844  AmdPPM - ok
13:06:04.0610 3844  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
13:06:04.0627 3844  amdsbs - ok
13:06:04.0653 3844  [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID          C:\Windows\system32\drivers\appid.sys
13:06:04.0775 3844  AppID - ok
13:06:04.0783 3844  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:06:04.0825 3844  AppIDSvc - ok
13:06:04.0840 3844  [ D065BE66822847B7F127D1F90158376E ] Appinfo        C:\Windows\System32\appinfo.dll
13:06:04.0887 3844  Appinfo - ok
13:06:04.0906 3844  [ C484F8CEB1717C540242531DB7845C4E ] arc            C:\Windows\system32\DRIVERS\arc.sys
13:06:04.0920 3844  arc - ok
13:06:04.0953 3844  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
13:06:04.0968 3844  arcsas - ok
13:06:04.0993 3844  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:06:05.0061 3844  AsyncMac - ok
13:06:05.0096 3844  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi          C:\Windows\system32\DRIVERS\atapi.sys
13:06:05.0104 3844  atapi - ok
13:06:05.0187 3844  [ 417B9BAB376E8E50F6770196656FD348 ] athur          C:\Windows\system32\DRIVERS\athurx.sys
13:06:05.0278 3844  athur - ok
13:06:05.0334 3844  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:06:05.0422 3844  AudioEndpointBuilder - ok
13:06:05.0433 3844  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:06:05.0481 3844  AudioSrv - ok
13:06:05.0629 3844  [ 0186F7B5BB9CE4CCDFFAE2114BE4367F ] AVGIDSAgent    C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
13:06:05.0755 3844  AVGIDSAgent - ok
13:06:05.0778 3844  [ 139BD30C32BEE830D0CF39C5324D79DE ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
13:06:05.0809 3844  AVGIDSDriver - ok
13:06:05.0829 3844  [ 2940FACB6EF92BD1936E4A1E2502468E ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
13:06:05.0841 3844  AVGIDSHA - ok
13:06:05.0872 3844  [ 54B66C4AEEC6C4F742F3569EBA03EBB8 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
13:06:05.0888 3844  Avgldx64 - ok
13:06:05.0927 3844  [ 13667B5D6310228A9FEF2BA5FCD9081F ] Avgloga        C:\Windows\system32\DRIVERS\avgloga.sys
13:06:05.0945 3844  Avgloga - ok
13:06:05.0955 3844  [ BE82F9A1F2CCF4CE746D0C645D94079E ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
13:06:05.0968 3844  Avgmfx64 - ok
13:06:06.0014 3844  [ 5D11620DEF66F9DC9468FEE385A8429B ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
13:06:06.0026 3844  Avgrkx64 - ok
13:06:06.0058 3844  [ 69BD90E337625F96C718CACE7A9C9E29 ] Avgtdia        C:\Windows\system32\DRIVERS\avgtdia.sys
13:06:06.0074 3844  Avgtdia - ok
13:06:06.0094 3844  [ 76DCA54A83A34CCBBBDCE7ADA01E0068 ] avgtp          C:\Windows\system32\drivers\avgtpx64.sys
13:06:06.0108 3844  avgtp - ok
13:06:06.0175 3844  [ 3A0977CB68AF13E2579E47EB8984056B ] avgwd          C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
13:06:06.0195 3844  avgwd - ok
13:06:06.0240 3844  [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:06:06.0314 3844  AxInstSV - ok
13:06:06.0352 3844  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv        C:\Windows\system32\DRIVERS\bxvbda.sys
13:06:06.0406 3844  b06bdrv - ok
13:06:06.0432 3844  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
13:06:06.0467 3844  b57nd60a - ok
13:06:06.0485 3844  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:06:06.0539 3844  BDESVC - ok
13:06:06.0561 3844  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:06:06.0608 3844  Beep - ok
13:06:06.0673 3844  [ 4992C609A6315671463E30F6512BC022 ] BFE            C:\Windows\System32\bfe.dll
13:06:06.0739 3844  BFE - ok
13:06:06.0765 3844  [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS            C:\Windows\System32\qmgr.dll
13:06:06.0801 3844  BITS - ok
13:06:06.0822 3844  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:06:06.0852 3844  blbdrive - ok
13:06:06.0890 3844  [ 19D20159708E152267E53B66677A4995 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:06:06.0943 3844  bowser - ok
13:06:06.0969 3844  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:06:07.0008 3844  BrFiltLo - ok
13:06:07.0016 3844  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:06:07.0030 3844  BrFiltUp - ok
13:06:07.0058 3844  [ 94FBC06F294D58D02361918418F996E3 ] Browser        C:\Windows\System32\browser.dll
13:06:07.0136 3844  Browser - ok
13:06:07.0162 3844  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
13:06:07.0211 3844  Brserid - ok
13:06:07.0229 3844  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:06:07.0276 3844  BrSerWdm - ok
13:06:07.0298 3844  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:06:07.0327 3844  BrUsbMdm - ok
13:06:07.0342 3844  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:06:07.0381 3844  BrUsbSer - ok
13:06:07.0409 3844  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
13:06:07.0430 3844  BTHMODEM - ok
13:06:07.0451 3844  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv        C:\Windows\system32\bthserv.dll
13:06:07.0524 3844  bthserv - ok
13:06:07.0550 3844  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:06:07.0618 3844  cdfs - ok
13:06:07.0639 3844  [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
13:06:07.0673 3844  cdrom - ok
13:06:07.0710 3844  [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc    C:\Windows\System32\certprop.dll
13:06:07.0790 3844  CertPropSvc - ok
13:06:07.0800 3844  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
13:06:07.0839 3844  circlass - ok
13:06:07.0857 3844  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
13:06:07.0878 3844  CLFS - ok
13:06:07.0980 3844  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:06:07.0993 3844  clr_optimization_v2.0.50727_32 - ok
13:06:08.0065 3844  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:06:08.0078 3844  clr_optimization_v2.0.50727_64 - ok
13:06:08.0150 3844  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:06:08.0164 3844  clr_optimization_v4.0.30319_32 - ok
13:06:08.0196 3844  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:06:08.0210 3844  clr_optimization_v4.0.30319_64 - ok
13:06:08.0228 3844  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
13:06:08.0265 3844  CmBatt - ok
13:06:08.0276 3844  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
13:06:08.0294 3844  cmdide - ok
13:06:08.0325 3844  [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG            C:\Windows\system32\Drivers\cng.sys
13:06:08.0400 3844  CNG - ok
13:06:08.0416 3844  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
13:06:08.0429 3844  Compbatt - ok
13:06:08.0474 3844  [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
13:06:08.0525 3844  CompositeBus - ok
13:06:08.0535 3844  COMSysApp - ok
13:06:08.0559 3844  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk        C:\Windows\system32\DRIVERS\crcdisk.sys
13:06:08.0572 3844  crcdisk - ok
13:06:08.0616 3844  [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:06:08.0657 3844  CryptSvc - ok
13:06:08.0745 3844  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
13:06:08.0777 3844  cvhsvc - ok
13:06:08.0822 3844  [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:06:08.0896 3844  DcomLaunch - ok
13:06:08.0928 3844  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc      C:\Windows\System32\defragsvc.dll
13:06:08.0984 3844  defragsvc - ok
13:06:09.0012 3844  [ 9C253CE7311CA60FC11C774692A13208 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:06:09.0053 3844  DfsC - ok
13:06:09.0077 3844  [ CE3B9562D997F69B330D181A8875960F ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:06:09.0156 3844  Dhcp - ok
13:06:09.0171 3844  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
13:06:09.0251 3844  discache - ok
13:06:09.0298 3844  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
13:06:09.0313 3844  Disk - ok
13:06:09.0345 3844  [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:06:09.0386 3844  Dnscache - ok
13:06:09.0399 3844  [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc        C:\Windows\System32\dot3svc.dll
13:06:09.0465 3844  dot3svc - ok
13:06:09.0483 3844  [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS            C:\Windows\system32\dps.dll
13:06:09.0522 3844  DPS - ok
13:06:09.0551 3844  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
13:06:09.0595 3844  drmkaud - ok
13:06:09.0632 3844  [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
13:06:09.0667 3844  DXGKrnl - ok
13:06:09.0697 3844  [ 60633132A929C09FE78FAB16541F9E71 ] e1cexpress      C:\Windows\system32\DRIVERS\e1c62x64.sys
13:06:09.0715 3844  e1cexpress - ok
13:06:09.0734 3844  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost        C:\Windows\System32\eapsvc.dll
13:06:09.0794 3844  EapHost - ok
13:06:09.0870 3844  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv          C:\Windows\system32\DRIVERS\evbda.sys
13:06:09.0970 3844  ebdrv - ok
13:06:09.0993 3844  [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS            C:\Windows\System32\lsass.exe
13:06:10.0035 3844  EFS - ok
13:06:10.0097 3844  [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
13:06:10.0156 3844  ehRecvr - ok
13:06:10.0179 3844  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched        C:\Windows\ehome\ehsched.exe
13:06:10.0228 3844  ehSched - ok
13:06:10.0267 3844  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor        C:\Windows\system32\DRIVERS\elxstor.sys
13:06:10.0292 3844  elxstor - ok
13:06:10.0302 3844  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
13:06:10.0346 3844  ErrDev - ok
13:06:10.0372 3844  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem    C:\Windows\system32\es.dll
13:06:10.0427 3844  EventSystem - ok
13:06:10.0447 3844  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat          C:\Windows\system32\drivers\exfat.sys
13:06:10.0498 3844  exfat - ok
13:06:10.0503 3844  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat        C:\Windows\system32\drivers\fastfat.sys
13:06:10.0550 3844  fastfat - ok
13:06:10.0573 3844  [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax            C:\Windows\system32\fxssvc.exe
13:06:10.0614 3844  Fax - ok
13:06:10.0636 3844  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc            C:\Windows\system32\DRIVERS\fdc.sys
13:06:10.0671 3844  fdc - ok
13:06:10.0697 3844  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost        C:\Windows\system32\fdPHost.dll
13:06:10.0751 3844  fdPHost - ok
13:06:10.0774 3844  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:06:10.0867 3844  FDResPub - ok
13:06:10.0893 3844  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:06:10.0908 3844  FileInfo - ok
13:06:10.0924 3844  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
13:06:10.0972 3844  Filetrace - ok
13:06:11.0000 3844  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
13:06:11.0044 3844  flpydisk - ok
13:06:11.0065 3844  [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:06:11.0084 3844  FltMgr - ok
13:06:11.0114 3844  [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache      C:\Windows\system32\FntCache.dll
13:06:11.0208 3844  FontCache - ok
13:06:11.0235 3844  [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:06:11.0248 3844  FontCache3.0.0.0 - ok
13:06:11.0272 3844  [ D43703496149971890703B4B1B723EAC ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
13:06:11.0272 3844  FsDepends - ok
13:06:11.0288 3844  [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:06:11.0303 3844  Fs_Rec - ok
13:06:11.0350 3844  [ 1F44F8559E61A8306ECC67BB1E168B7C ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:06:11.0366 3844  fvevol - ok
13:06:11.0397 3844  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
13:06:11.0413 3844  gagp30kx - ok
13:06:11.0459 3844  [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc          C:\Windows\System32\gpsvc.dll
13:06:11.0506 3844  gpsvc - ok
13:06:11.0569 3844  [ F02A533F517EB38333CB12A9E8963773 ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:06:11.0584 3844  gupdate - ok
13:06:11.0600 3844  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:06:11.0615 3844  gupdatem - ok
13:06:11.0647 3844  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc          C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
13:06:11.0662 3844  gusvc - ok
13:06:11.0678 3844  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:06:11.0725 3844  hcw85cir - ok
13:06:11.0787 3844  [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:06:11.0818 3844  HdAudAddService - ok
13:06:11.0849 3844  [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:06:11.0896 3844  HDAudBus - ok
13:06:11.0912 3844  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt        C:\Windows\system32\DRIVERS\HidBatt.sys
13:06:11.0959 3844  HidBatt - ok
13:06:11.0974 3844  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
13:06:12.0021 3844  HidBth - ok
13:06:12.0037 3844  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr          C:\Windows\system32\DRIVERS\hidir.sys
13:06:12.0083 3844  HidIr - ok
13:06:12.0115 3844  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv        C:\Windows\system32\hidserv.dll
13:06:12.0177 3844  hidserv - ok
13:06:12.0208 3844  [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:06:12.0255 3844  HidUsb - ok
13:06:12.0302 3844  [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:06:12.0364 3844  hkmsvc - ok
13:06:12.0395 3844  [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:06:12.0442 3844  HomeGroupListener - ok
13:06:12.0458 3844  [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:06:12.0489 3844  HomeGroupProvider - ok
13:06:12.0505 3844  [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
13:06:12.0520 3844  HpSAMD - ok
13:06:12.0567 3844  [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:06:12.0629 3844  HTTP - ok
13:06:12.0645 3844  [ F17766A19145F111856378DF337A5D79 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:06:12.0645 3844  hwpolicy - ok
13:06:12.0692 3844  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:06:12.0707 3844  i8042prt - ok
13:06:12.0739 3844  [ 87A72502C8AC5E89B5A46FF6E874F5C5 ] IAMTVE          C:\Windows\system32\DRIVERS\IAMTVE.sys
13:06:12.0754 3844  IAMTVE - ok
13:06:12.0801 3844  [ 5516F8E518A2F6A8755498F3E73957CF ] IAMTXPE        C:\Windows\system32\DRIVERS\IAMTXPE.sys
13:06:12.0801 3844  IAMTXPE - ok
13:06:12.0848 3844  [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
13:06:12.0863 3844  iaStor - ok
13:06:12.0941 3844  [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
13:06:12.0941 3844  IAStorDataMgrSvc - ok
13:06:12.0988 3844  [ 513DC087CFED7D2BB82F005385D3531F ] iaStorV        C:\Windows\system32\DRIVERS\iaStorV.sys
13:06:13.0019 3844  iaStorV - ok
13:06:13.0097 3844  [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:06:13.0129 3844  idsvc - ok
13:06:13.0144 3844  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp          C:\Windows\system32\DRIVERS\iirsp.sys
13:06:13.0144 3844  iirsp - ok
13:06:13.0191 3844  [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT          C:\Windows\System32\ikeext.dll
13:06:13.0238 3844  IKEEXT - ok
13:06:13.0331 3844  [ 589B94A9B73A0E819FF873743A480834 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:06:13.0425 3844  IntcAzAudAddService - ok
13:06:13.0472 3844  [ A1E1304444BC82C827A09AEB393C0450 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
13:06:13.0487 3844  Intel(R) PROSet Monitoring Service - ok
13:06:13.0519 3844  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
13:06:13.0534 3844  intelide - ok
13:06:13.0565 3844  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:06:13.0597 3844  intelppm - ok
13:06:13.0612 3844  [ E45575812630B049CE0F679D87561A4D ] ioatdma1        C:\Windows\System32\Drivers\qd162x64.sys
13:06:13.0628 3844  ioatdma1 - ok
13:06:13.0659 3844  [ 2C23820DD9E81199E60F553EB50BC449 ] ioatdma2        C:\Windows\System32\Drivers\qd262x64.sys
13:06:13.0659 3844  ioatdma2 - ok
13:06:13.0690 3844  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
13:06:13.0768 3844  IPBusEnum - ok
13:06:13.0784 3844  [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:06:13.0831 3844  IpFilterDriver - ok
13:06:13.0877 3844  [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:06:13.0924 3844  iphlpsvc - ok
13:06:13.0940 3844  [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV        C:\Windows\system32\DRIVERS\IPMIDrv.sys
13:06:13.0971 3844  IPMIDRV - ok
13:06:13.0987 3844  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
13:06:14.0049 3844  IPNAT - ok
13:06:14.0065 3844  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:06:14.0111 3844  IRENUM - ok
13:06:14.0127 3844  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
13:06:14.0143 3844  isapnp - ok
13:06:14.0174 3844  [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
13:06:14.0189 3844  iScsiPrt - ok
13:06:14.0221 3844  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:06:14.0236 3844  kbdclass - ok
13:06:14.0267 3844  [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:06:14.0314 3844  kbdhid - ok
13:06:14.0330 3844  [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso          C:\Windows\system32\lsass.exe
13:06:14.0345 3844  KeyIso - ok
13:06:14.0377 3844  [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:06:14.0392 3844  KSecDD - ok
13:06:14.0423 3844  [ A8C63880EF6F4D3FEC7B616B9C060215 ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
13:06:14.0439 3844  KSecPkg - ok
13:06:14.0439 3844  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
13:06:14.0501 3844  ksthunk - ok
13:06:14.0548 3844  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm          C:\Windows\system32\msdtckrm.dll
13:06:14.0595 3844  KtmRm - ok
13:06:14.0626 3844  [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:06:14.0673 3844  LanmanServer - ok
13:06:14.0689 3844  [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:06:14.0751 3844  LanmanWorkstation - ok
13:06:14.0782 3844  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:06:14.0845 3844  lltdio - ok
13:06:14.0860 3844  [ C1185803384AB3FEED115F79F109427F ] lltdsvc        C:\Windows\System32\lltdsvc.dll
13:06:14.0923 3844  lltdsvc - ok
13:06:14.0954 3844  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts        C:\Windows\System32\lmhsvc.dll
13:06:15.0016 3844  lmhosts - ok
13:06:15.0063 3844  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
13:06:15.0079 3844  LSI_FC - ok
13:06:15.0110 3844  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS        C:\Windows\system32\DRIVERS\lsi_sas.sys
13:06:15.0125 3844  LSI_SAS - ok
13:06:15.0157 3844  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:06:15.0172 3844  LSI_SAS2 - ok
13:06:15.0188 3844  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:06:15.0203 3844  LSI_SCSI - ok
13:06:15.0219 3844  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv          C:\Windows\system32\drivers\luafv.sys
13:06:15.0281 3844  luafv - ok
13:06:15.0328 3844  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector  C:\Windows\system32\drivers\mbam.sys
13:06:15.0344 3844  MBAMProtector - ok
13:06:15.0406 3844  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
13:06:15.0422 3844  MBAMScheduler - ok
13:06:15.0453 3844  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
13:06:15.0469 3844  MBAMService - ok
13:06:15.0469 3844  [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
13:06:15.0500 3844  Mcx2Svc - ok
13:06:15.0515 3844  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas        C:\Windows\system32\DRIVERS\megasas.sys
13:06:15.0531 3844  megasas - ok
13:06:15.0562 3844  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
13:06:15.0593 3844  MegaSR - ok
13:06:15.0609 3844  [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
13:06:15.0625 3844  MEIx64 - ok
13:06:15.0687 3844  Microsoft SharePoint Workspace Audit Service - ok
13:06:15.0703 3844  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS          C:\Windows\system32\mmcss.dll
13:06:15.0796 3844  MMCSS - ok
13:06:15.0812 3844  [ 800BA92F7010378B09F9ED9270F07137 ] Modem          C:\Windows\system32\drivers\modem.sys
13:06:15.0874 3844  Modem - ok
13:06:15.0983 3844  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
13:06:16.0186 3844  monitor - ok
13:06:16.0217 3844  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:06:16.0233 3844  mouclass - ok
13:06:16.0264 3844  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:06:16.0280 3844  mouhid - ok
13:06:16.0311 3844  [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:06:16.0327 3844  mountmgr - ok
13:06:16.0389 3844  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:06:16.0405 3844  MozillaMaintenance - ok
13:06:16.0420 3844  [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
13:06:16.0436 3844  mpio - ok
13:06:16.0451 3844  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:06:16.0483 3844  mpsdrv - ok
13:06:16.0498 3844  [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:06:16.0561 3844  MpsSvc - ok
13:06:16.0576 3844  [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:06:16.0623 3844  MRxDAV - ok
13:06:16.0639 3844  [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:06:16.0670 3844  mrxsmb - ok
13:06:16.0685 3844  [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:06:16.0717 3844  mrxsmb10 - ok
13:06:16.0732 3844  [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:06:16.0748 3844  mrxsmb20 - ok
13:06:16.0763 3844  [ 5C37497276E3B3A5488B23A326A754B7 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
13:06:16.0779 3844  msahci - ok
13:06:16.0795 3844  [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm          C:\Windows\system32\DRIVERS\msdsm.sys
13:06:16.0810 3844  msdsm - ok
13:06:16.0826 3844  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC          C:\Windows\System32\msdtc.exe
13:06:16.0857 3844  MSDTC - ok
13:06:16.0873 3844  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:06:16.0935 3844  Msfs - ok
13:06:16.0935 3844  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
13:06:16.0982 3844  mshidkmdf - ok
13:06:16.0997 3844  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
13:06:17.0013 3844  msisadrv - ok
13:06:17.0044 3844  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
13:06:17.0091 3844  MSiSCSI - ok
13:06:17.0091 3844  msiserver - ok
13:06:17.0107 3844  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
13:06:17.0138 3844  MSKSSRV - ok
13:06:17.0153 3844  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:06:17.0185 3844  MSPCLOCK - ok
13:06:17.0200 3844  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
13:06:17.0247 3844  MSPQM - ok
13:06:17.0263 3844  [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
13:06:17.0278 3844  MsRPC - ok
13:06:17.0294 3844  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:06:17.0309 3844  mssmbios - ok
13:06:17.0356 3844  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
13:06:17.0434 3844  MSTEE - ok
13:06:17.0450 3844  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
13:06:17.0481 3844  MTConfig - ok
13:06:17.0497 3844  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup            C:\Windows\system32\Drivers\mup.sys
13:06:17.0497 3844  Mup - ok
13:06:17.0528 3844  [ 4987E079A4530FA737A128BE54B63B12 ] napagent        C:\Windows\system32\qagentRT.dll
13:06:17.0590 3844  napagent - ok
13:06:17.0621 3844  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
13:06:17.0668 3844  NativeWifiP - ok
13:06:17.0699 3844  [ CAD515DBD07D082BB317D9928CE8962C ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:06:17.0731 3844  NDIS - ok
13:06:17.0746 3844  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
13:06:17.0824 3844  NdisCap - ok
13:06:17.0840 3844  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:06:17.0902 3844  NdisTapi - ok
13:06:17.0918 3844  [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
13:06:17.0965 3844  Ndisuio - ok
13:06:17.0980 3844  [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
13:06:18.0027 3844  NdisWan - ok
13:06:18.0043 3844  [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
13:06:18.0089 3844  NDProxy - ok
13:06:18.0136 3844  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
13:06:18.0199 3844  NetBIOS - ok
13:06:18.0214 3844  [ 9162B273A44AB9DCE5B44362731D062A ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
13:06:18.0261 3844  NetBT - ok
13:06:18.0292 3844  [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon        C:\Windows\system32\lsass.exe
13:06:18.0308 3844  Netlogon - ok
13:06:18.0339 3844  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
13:06:18.0386 3844  Netman - ok
13:06:18.0401 3844  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
13:06:18.0433 3844  netprofm - ok
13:06:18.0464 3844  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:06:18.0479 3844  NetTcpPortSharing - ok
13:06:18.0526 3844  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960        C:\Windows\system32\DRIVERS\nfrd960.sys
13:06:18.0542 3844  nfrd960 - ok
13:06:18.0573 3844  [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:06:18.0620 3844  NlaSvc - ok
13:06:18.0620 3844  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:06:18.0651 3844  Npfs - ok
13:06:18.0667 3844  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi            C:\Windows\system32\nsisvc.dll
13:06:18.0713 3844  nsi - ok
13:06:18.0713 3844  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:06:18.0776 3844  nsiproxy - ok
13:06:18.0823 3844  [ 184C189D4FC416978550FC599BB4EDDA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:06:18.0885 3844  Ntfs - ok
13:06:18.0885 3844  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
13:06:18.0916 3844  Null - ok
13:06:18.0979 3844  [ A7127E86F9FFE2A53E271B56B2C4CEDF ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
13:06:19.0025 3844  nusb3hub - ok
13:06:19.0057 3844  [ 49BBEC6F48D5F9284B03ABF3A959B19B ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
13:06:19.0088 3844  nusb3xhc - ok
13:06:19.0119 3844  [ ED9380F201C8126425C09BED96DBE1E5 ] NVHDA          C:\Windows\system32\drivers\nvhda64v.sys
13:06:19.0135 3844  NVHDA - ok
13:06:19.0353 3844  [ C259E11C6EC43BB6B98742E399CB2304 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:06:19.0634 3844  nvlddmkm - ok
13:06:19.0681 3844  [ DEAB10231CBDB0881FC25428EBE11506 ] nvraid          C:\Windows\system32\DRIVERS\nvraid.sys
13:06:19.0696 3844  nvraid - ok
13:06:19.0727 3844  [ 0AF7B8136794E23E87BE138992880E64 ] nvstor          C:\Windows\system32\DRIVERS\nvstor.sys
13:06:19.0743 3844  nvstor - ok
13:06:19.0774 3844  [ 5B36DC51394A478BBC3757B8F0A1B94F ] NVSvc          C:\Windows\system32\nvvsvc.exe
13:06:19.0821 3844  NVSvc - ok
13:06:19.0837 3844  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
13:06:19.0852 3844  nv_agp - ok
13:06:19.0883 3844  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
13:06:19.0915 3844  ohci1394 - ok
13:06:19.0946 3844  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose            C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:06:19.0961 3844  ose - ok
13:06:20.0086 3844  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc        C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:06:20.0211 3844  osppsvc - ok
13:06:20.0242 3844  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:06:20.0273 3844  p2pimsvc - ok
13:06:20.0289 3844  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
13:06:20.0305 3844  p2psvc - ok
13:06:20.0336 3844  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport        C:\Windows\system32\DRIVERS\parport.sys
13:06:20.0383 3844  Parport - ok
13:06:20.0398 3844  [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr        C:\Windows\system32\drivers\partmgr.sys
13:06:20.0414 3844  partmgr - ok
13:06:20.0414 3844  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:06:20.0445 3844  PcaSvc - ok
13:06:20.0461 3844  [ F36F6504009F2FB0DFD1B17A116AD74B ] pci            C:\Windows\system32\DRIVERS\pci.sys
13:06:20.0476 3844  pci - ok
13:06:20.0492 3844  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
13:06:20.0507 3844  pciide - ok
13:06:20.0539 3844  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
13:06:20.0554 3844  pcmcia - ok
13:06:20.0585 3844  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw            C:\Windows\system32\drivers\pcw.sys
13:06:20.0601 3844  pcw - ok
13:06:20.0648 3844  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:06:20.0695 3844  PEAUTH - ok
13:06:20.0726 3844  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:06:20.0773 3844  PerfHost - ok
13:06:20.0897 3844  [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla            C:\Windows\system32\pla.dll
13:06:20.0975 3844  pla - ok
13:06:21.0022 3844  [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:06:21.0069 3844  PlugPlay - ok
13:06:21.0069 3844  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
13:06:21.0116 3844  PNRPAutoReg - ok
13:06:21.0131 3844  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
13:06:21.0147 3844  PNRPsvc - ok
13:06:21.0178 3844  [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
13:06:21.0225 3844  PolicyAgent - ok
13:06:21.0241 3844  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power          C:\Windows\system32\umpo.dll
13:06:21.0272 3844  Power - ok
13:06:21.0287 3844  [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:06:21.0365 3844  PptpMiniport - ok
13:06:21.0381 3844  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor      C:\Windows\system32\DRIVERS\processr.sys
13:06:21.0428 3844  Processor - ok
13:06:21.0428 3844  [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc        C:\Windows\system32\profsvc.dll
13:06:21.0490 3844  ProfSvc - ok
13:06:21.0506 3844  [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
13:06:21.0521 3844  ProtectedStorage - ok
13:06:21.0553 3844  [ EE992183BD8EAEFD9973F352E587A299 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:06:21.0615 3844  Psched - ok
13:06:21.0646 3844  [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2      c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
13:06:21.0662 3844  PSI_SVC_2 - ok
13:06:21.0724 3844  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
13:06:21.0787 3844  ql2300 - ok
13:06:21.0787 3844  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
13:06:21.0802 3844  ql40xx - ok
13:06:21.0818 3844  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE          C:\Windows\system32\qwave.dll
13:06:21.0849 3844  QWAVE - ok
13:06:21.0865 3844  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:06:21.0927 3844  QWAVEdrv - ok
13:06:21.0943 3844  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:06:21.0989 3844  RasAcd - ok
13:06:22.0021 3844  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
13:06:22.0099 3844  RasAgileVpn - ok
13:06:22.0114 3844  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto        C:\Windows\System32\rasauto.dll
13:06:22.0161 3844  RasAuto - ok
13:06:22.0177 3844  [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
13:06:22.0223 3844  Rasl2tp - ok
13:06:22.0255 3844  [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan          C:\Windows\System32\rasmans.dll
13:06:22.0317 3844  RasMan - ok
13:06:22.0317 3844  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:06:22.0395 3844  RasPppoe - ok
13:06:22.0411 3844  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
13:06:22.0457 3844  RasSstp - ok
13:06:22.0473 3844  [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
13:06:22.0520 3844  rdbss - ok
13:06:22.0535 3844  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
13:06:22.0567 3844  rdpbus - ok
13:06:22.0598 3844  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:06:22.0613 3844  RDPCDD - ok
13:06:22.0645 3844  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:06:22.0707 3844  RDPENCDD - ok
13:06:22.0723 3844  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:06:22.0754 3844  RDPREFMP - ok
13:06:22.0769 3844  [ 074AC702D8B8B660B0E1371555995386 ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
13:06:22.0816 3844  RDPWD - ok
13:06:22.0816 3844  [ 634B9A2181D98F15941236886164EC8B ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:06:22.0832 3844  rdyboost - ok
13:06:22.0863 3844  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:06:22.0894 3844  RemoteAccess - ok
13:06:22.0910 3844  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:06:22.0941 3844  RemoteRegistry - ok
13:06:22.0957 3844  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:06:22.0988 3844  RpcEptMapper - ok
13:06:23.0003 3844  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
13:06:23.0019 3844  RpcLocator - ok
13:06:23.0050 3844  [ 7266972E86890E2B30C0C322E906B027 ] RpcSs          C:\Windows\system32\rpcss.dll
13:06:23.0081 3844  RpcSs - ok
13:06:23.0097 3844  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:06:23.0144 3844  rspndr - ok
13:06:23.0175 3844  [ 20A466B9EA2BD828C0EC723F99B8CFE7 ] RTL8167        C:\Windows\system32\DRIVERS\Rt64win7.sys
13:06:23.0191 3844  RTL8167 - ok
13:06:23.0206 3844  [ 4629C5C4772D223B0ECD1EA8BA7A2A33 ] RTL8192su      C:\Windows\system32\DRIVERS\RTL8192su.sys
13:06:23.0237 3844  RTL8192su - ok
13:06:23.0253 3844  [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs          C:\Windows\system32\lsass.exe
13:06:23.0269 3844  SamSs - ok
13:06:23.0284 3844  [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
13:06:23.0300 3844  sbp2port - ok
13:06:23.0331 3844  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:06:23.0409 3844  SCardSvr - ok
13:06:23.0425 3844  [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:06:23.0487 3844  scfilter - ok
13:06:23.0534 3844  [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule        C:\Windows\system32\schedsvc.dll
13:06:23.0581 3844  Schedule - ok
13:06:23.0596 3844  [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc    C:\Windows\System32\certprop.dll
13:06:23.0643 3844  SCPolicySvc - ok
13:06:23.0643 3844  [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:06:23.0674 3844  SDRSVC - ok
13:06:23.0690 3844  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:06:23.0737 3844  secdrv - ok
13:06:23.0752 3844  [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon        C:\Windows\system32\seclogon.dll
13:06:23.0783 3844  seclogon - ok
13:06:23.0815 3844  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
13:06:23.0846 3844  SENS - ok
13:06:23.0846 3844  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:06:23.0877 3844  SensrSvc - ok
13:06:23.0908 3844  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum        C:\Windows\system32\DRIVERS\serenum.sys
13:06:23.0924 3844  Serenum - ok
13:06:23.0955 3844  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
13:06:23.0971 3844  Serial - ok
13:06:24.0017 3844  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
13:06:24.0033 3844  sermouse - ok
13:06:24.0064 3844  [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv      C:\Windows\system32\sessenv.dll
13:06:24.0111 3844  SessionEnv - ok
13:06:24.0127 3844  [ A554811BCD09279536440C964AE35BBF ] sffdisk        C:\Windows\system32\DRIVERS\sffdisk.sys
13:06:24.0173 3844  sffdisk - ok
13:06:24.0189 3844  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
13:06:24.0205 3844  sffp_mmc - ok
13:06:24.0236 3844  [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd        C:\Windows\system32\DRIVERS\sffp_sd.sys
13:06:24.0251 3844  sffp_sd - ok
13:06:24.0267 3844  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy        C:\Windows\system32\DRIVERS\sfloppy.sys
13:06:24.0283 3844  sfloppy - ok
13:06:24.0329 3844  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs          C:\Windows\system32\DRIVERS\Sftfslh.sys
13:06:24.0361 3844  Sftfs - ok
13:06:24.0407 3844  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist        C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
13:06:24.0423 3844  sftlist - ok
13:06:24.0439 3844  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay        C:\Windows\system32\DRIVERS\Sftplaylh.sys
13:06:24.0439 3844  Sftplay - ok
13:06:24.0454 3844  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
13:06:24.0470 3844  Sftredir - ok
13:06:24.0470 3844  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
13:06:24.0485 3844  Sftvol - ok
13:06:24.0501 3844  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
13:06:24.0501 3844  sftvsa - ok
13:06:24.0548 3844  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:06:24.0579 3844  SharedAccess - ok
13:06:24.0595 3844  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:06:24.0626 3844  ShellHWDetection - ok
13:06:24.0641 3844  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:06:24.0657 3844  SiSRaid2 - ok
13:06:24.0657 3844  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
13:06:24.0673 3844  SiSRaid4 - ok
13:06:24.0688 3844  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
13:06:24.0751 3844  Smb - ok
13:06:24.0782 3844  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:06:24.0797 3844  SNMPTRAP - ok
13:06:24.0813 3844  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr          C:\Windows\system32\drivers\spldr.sys
13:06:24.0829 3844  spldr - ok
13:06:24.0860 3844  [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler        C:\Windows\System32\spoolsv.exe
13:06:24.0891 3844  Spooler - ok
13:06:24.0953 3844  [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc          C:\Windows\system32\sppsvc.exe
13:06:25.0078 3844  sppsvc - ok
13:06:25.0094 3844  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
13:06:25.0125 3844  sppuinotify - ok
13:06:25.0156 3844  [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv            C:\Windows\system32\DRIVERS\srv.sys
13:06:25.0187 3844  srv - ok
13:06:25.0203 3844  [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:06:25.0250 3844  srv2 - ok
13:06:25.0265 3844  [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:06:25.0297 3844  srvnet - ok
13:06:25.0312 3844  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
13:06:25.0359 3844  SSDPSRV - ok
13:06:25.0375 3844  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc        C:\Windows\system32\sstpsvc.dll
13:06:25.0437 3844  SstpSvc - ok
13:06:25.0453 3844  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
13:06:25.0468 3844  stexstor - ok
13:06:25.0499 3844  [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc          C:\Windows\System32\wiaservc.dll
13:06:25.0531 3844  stisvc - ok
13:06:25.0577 3844  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:06:25.0577 3844  swenum - ok
13:06:25.0609 3844  [ E08E46FDD841B7184194011CA1955A0B ] swprv          C:\Windows\System32\swprv.dll
13:06:25.0671 3844  swprv - ok
13:06:25.0702 3844  [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain        C:\Windows\system32\sysmain.dll
13:06:25.0765 3844  SysMain - ok
13:06:25.0780 3844  [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:06:25.0827 3844  TabletInputService - ok
13:06:25.0843 3844  [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv        C:\Windows\System32\tapisrv.dll
13:06:25.0936 3844  TapiSrv - ok
13:06:25.0952 3844  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS            C:\Windows\System32\tbssvc.dll
13:06:25.0983 3844  TBS - ok
13:06:26.0045 3844  [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
13:06:26.0123 3844  Tcpip - ok
13:06:26.0170 3844  [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:06:26.0201 3844  TCPIP6 - ok
13:06:26.0233 3844  [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:06:26.0279 3844  tcpipreg - ok
13:06:26.0295 3844  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:06:26.0326 3844  TDPIPE - ok
13:06:26.0357 3844  [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
13:06:26.0404 3844  TDTCP - ok
13:06:26.0420 3844  [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
13:06:26.0482 3844  tdx - ok
13:06:26.0591 3844  [ 7C8DD5576695B3362202EF09B20C425E ] TeamViewer8    C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
13:06:26.0669 3844  TeamViewer8 - ok
13:06:26.0701 3844  [ C448651339196C0E869A355171875522 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:06:26.0701 3844  TermDD - ok
13:06:26.0732 3844  [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService    C:\Windows\System32\termsrv.dll
13:06:26.0794 3844  TermService - ok
13:06:26.0810 3844  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
13:06:26.0841 3844  Themes - ok
13:06:26.0857 3844  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER    C:\Windows\system32\mmcss.dll
13:06:26.0888 3844  THREADORDER - ok
13:06:26.0903 3844  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
13:06:26.0935 3844  TrkWks - ok
13:06:26.0981 3844  [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:06:27.0013 3844  TrustedInstaller - ok
13:06:27.0028 3844  [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:06:27.0075 3844  tssecsrv - ok
13:06:27.0122 3844  [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:06:27.0169 3844  tunnel - ok
13:06:27.0184 3844  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
13:06:27.0200 3844  uagp35 - ok
13:06:27.0215 3844  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:06:27.0278 3844  udfs - ok
13:06:27.0293 3844  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect      C:\Windows\system32\UI0Detect.exe
13:06:27.0309 3844  UI0Detect - ok
13:06:27.0340 3844  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
13:06:27.0340 3844  uliagpkx - ok
13:06:27.0371 3844  [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
13:06:27.0403 3844  umbus - ok
13:06:27.0418 3844  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
13:06:27.0434 3844  UmPass - ok
13:06:27.0449 3844  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
13:06:27.0512 3844  upnphost - ok
13:06:27.0527 3844  [ B26AFB54A534D634523C4FB66765B026 ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
13:06:27.0559 3844  usbccgp - ok
13:06:27.0574 3844  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
13:06:27.0605 3844  usbcir - ok
13:06:27.0621 3844  [ DF9F9AFC9AAABD8ED47975D44E38169A ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
13:06:27.0637 3844  usbehci - ok
13:06:27.0652 3844  [ 372A91BC3C6603080A793880B0873785 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:06:27.0668 3844  usbhub - ok
13:06:27.0683 3844  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci        C:\Windows\system32\DRIVERS\usbohci.sys
13:06:27.0715 3844  usbohci - ok
13:06:27.0730 3844  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:06:27.0746 3844  usbprint - ok
13:06:27.0761 3844  [ A60E7E0FA88FF067D049D525547CD5E9 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:06:27.0793 3844  USBSTOR - ok
13:06:27.0808 3844  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci        C:\Windows\system32\DRIVERS\usbuhci.sys
13:06:27.0824 3844  usbuhci - ok
13:06:27.0839 3844  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms          C:\Windows\System32\uxsms.dll
13:06:27.0886 3844  UxSms - ok
13:06:27.0902 3844  [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc        C:\Windows\system32\lsass.exe
13:06:27.0902 3844  VaultSvc - ok
13:06:27.0933 3844  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
13:06:27.0933 3844  vdrvroot - ok
13:06:27.0949 3844  [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds            C:\Windows\System32\vds.exe
13:06:27.0980 3844  vds - ok
13:06:27.0980 3844  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
13:06:27.0995 3844  vga - ok
13:06:28.0011 3844  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave        C:\Windows\System32\drivers\vga.sys
13:06:28.0042 3844  VgaSave - ok
13:06:28.0058 3844  [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp          C:\Windows\system32\DRIVERS\vhdmp.sys
13:06:28.0073 3844  vhdmp - ok
13:06:28.0089 3844  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
13:06:28.0105 3844  viaide - ok
13:06:28.0120 3844  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
13:06:28.0120 3844  volmgr - ok
13:06:28.0151 3844  [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
13:06:28.0167 3844  volmgrx - ok
13:06:28.0183 3844  [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap        C:\Windows\system32\DRIVERS\volsnap.sys
13:06:28.0198 3844  volsnap - ok
13:06:28.0229 3844  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid        C:\Windows\system32\DRIVERS\vsmraid.sys
13:06:28.0229 3844  vsmraid - ok
13:06:28.0261 3844  [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS            C:\Windows\system32\vssvc.exe
13:06:28.0323 3844  VSS - ok
13:06:28.0385 3844  [ E2CA898E105C3F2B62DB130F28C73322 ] vToolbarUpdater15.0.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe
13:06:28.0417 3844  vToolbarUpdater15.0.0 - ok
13:06:28.0432 3844  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
13:06:28.0479 3844  vwifibus - ok
13:06:28.0557 3844  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:06:28.0573 3844  vwififlt - ok
13:06:28.0604 3844  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp        C:\Windows\system32\DRIVERS\vwifimp.sys
13:06:28.0635 3844  vwifimp - ok
13:06:28.0651 3844  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time        C:\Windows\system32\w32time.dll
13:06:28.0682 3844  W32Time - ok
13:06:28.0697 3844  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
13:06:28.0713 3844  WacomPen - ok
13:06:28.0729 3844  [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:06:28.0760 3844  WANARP - ok
13:06:28.0760 3844  [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:06:28.0791 3844  Wanarpv6 - ok
13:06:28.0838 3844  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc    C:\Windows\system32\Wat\WatAdminSvc.exe
13:06:28.0900 3844  WatAdminSvc - ok
13:06:28.0947 3844  [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine        C:\Windows\system32\wbengine.exe
13:06:29.0009 3844  wbengine - ok
13:06:29.0025 3844  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:06:29.0056 3844  WbioSrvc - ok
13:06:29.0087 3844  [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc        C:\Windows\System32\wcncsvc.dll
13:06:29.0119 3844  wcncsvc - ok
13:06:29.0134 3844  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:06:29.0181 3844  WcsPlugInService - ok
13:06:29.0197 3844  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
13:06:29.0212 3844  Wd - ok
13:06:29.0243 3844  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:06:29.0275 3844  Wdf01000 - ok
13:06:29.0290 3844  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:06:29.0321 3844  WdiServiceHost - ok
13:06:29.0321 3844  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost  C:\Windows\system32\wdi.dll
13:06:29.0353 3844  WdiSystemHost - ok
13:06:29.0384 3844  [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient      C:\Windows\System32\webclnt.dll
13:06:29.0431 3844  WebClient - ok
13:06:29.0446 3844  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:06:29.0524 3844  Wecsvc - ok
13:06:29.0540 3844  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
13:06:29.0587 3844  wercplsupport - ok
13:06:29.0680 3844  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:06:29.0727 3844  WerSvc - ok
13:06:29.0743 3844  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:06:29.0758 3844  WfpLwf - ok
13:06:29.0774 3844  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:06:29.0774 3844  WIMMount - ok
13:06:29.0805 3844  WinDefend - ok
13:06:29.0805 3844  WinHttpAutoProxySvc - ok
13:06:29.0852 3844  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
13:06:29.0899 3844  Winmgmt - ok
13:06:29.0945 3844  [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM          C:\Windows\system32\WsmSvc.dll
13:06:30.0039 3844  WinRM - ok
13:06:30.0070 3844  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc        C:\Windows\System32\wlansvc.dll
13:06:30.0101 3844  Wlansvc - ok
13:06:30.0133 3844  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:06:30.0148 3844  wlcrasvc - ok
13:06:30.0211 3844  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:06:30.0289 3844  wlidsvc - ok
13:06:30.0289 3844  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi        C:\Windows\system32\DRIVERS\wmiacpi.sys
13:06:30.0304 3844  WmiAcpi - ok
13:06:30.0320 3844  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:06:30.0351 3844  wmiApSrv - ok
13:06:30.0382 3844  WMPNetworkSvc - ok
13:06:30.0398 3844  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:06:30.0445 3844  WPCSvc - ok
13:06:30.0460 3844  [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:06:30.0491 3844  WPDBusEnum - ok
13:06:30.0491 3844  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
13:06:30.0538 3844  ws2ifsl - ok
13:06:30.0569 3844  [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc          C:\Windows\System32\wscsvc.dll
13:06:30.0585 3844  wscsvc - ok
13:06:30.0585 3844  WSearch - ok
13:06:30.0647 3844  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:06:30.0725 3844  wuauserv - ok
13:06:30.0741 3844  [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:06:30.0772 3844  WudfPf - ok
13:06:30.0788 3844  [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:06:30.0850 3844  WUDFRd - ok
13:06:30.0897 3844  [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
13:06:30.0944 3844  wudfsvc - ok
13:06:30.0959 3844  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc        C:\Windows\System32\wwansvc.dll
13:06:30.0991 3844  WwanSvc - ok

gstreinaldo 15.05.2013 13:58
Code:
3:06:31.0006 3844  ================ Scan global ===============================
13:06:31.0022 3844  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:06:31.0053 3844  [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
13:06:31.0053 3844  [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
13:06:31.0069 3844  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:06:31.0084 3844  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:06:31.0100 3844  [Global] - ok
13:06:31.0100 3844  ================ Scan MBR ==================================
13:06:31.0100 3844  [ 753CA1D394F3C0855134963D7361060F ] \Device\Harddisk0\DR0
13:06:33.0034 3844  \Device\Harddisk0\DR0 - ok
13:06:33.0034 3844  ================ Scan VBR ==================================
13:06:33.0034 3844  [ A2963103963C54EF7E5D80AA75846B1C ] \Device\Harddisk0\DR0\Partition1
13:06:33.0034 3844  \Device\Harddisk0\DR0\Partition1 - ok
13:06:33.0065 3844  [ B0028B7FDF93D2C8561E659F34950BA4 ] \Device\Harddisk0\DR0\Partition2
13:06:33.0065 3844  \Device\Harddisk0\DR0\Partition2 - ok
13:06:33.0081 3844  [ 1DBDC554DF4D3282BF9FC396F63C2CA0 ] \Device\Harddisk0\DR0\Partition3
13:06:33.0097 3844  \Device\Harddisk0\DR0\Partition3 - ok
13:06:33.0097 3844  ============================================================
13:06:33.0097 3844  Scan finished
13:06:33.0097 3844  ============================================================
13:06:33.0097 5940  Detected object count: 0
13:06:33.0097 5940  Actual detected object count: 0
13:07:13.0626 2224  ============================================================
13:07:13.0626 2224  Scan started
13:07:13.0626 2224  Mode: Manual; SigCheck; TDLFS;
13:07:13.0626 2224  ============================================================
13:07:13.0938 2224  ================ Scan system memory ========================
13:07:13.0938 2224  System memory - ok
13:07:13.0938 2224  ================ Scan services =============================
13:07:14.0125 2224  [ 969C91060CBB5D17CB8440B5F78B4C51 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
13:07:14.0156 2224  1394ohci - ok
13:07:14.0203 2224  [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
13:07:14.0218 2224  ACPI - ok
13:07:14.0234 2224  [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi        C:\Windows\system32\DRIVERS\acpipmi.sys
13:07:14.0250 2224  AcpiPmi - ok
13:07:14.0343 2224  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:07:14.0359 2224  AdobeARMservice - ok
13:07:14.0468 2224  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:07:14.0484 2224  AdobeFlashPlayerUpdateSvc - ok
13:07:14.0593 2224  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx        C:\Windows\system32\DRIVERS\adp94xx.sys
13:07:14.0608 2224  adp94xx - ok
13:07:14.0640 2224  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci        C:\Windows\system32\DRIVERS\adpahci.sys
13:07:14.0655 2224  adpahci - ok
13:07:14.0671 2224  [ E109549C90F62FB570B9540C4B148E54 ] adpu320        C:\Windows\system32\DRIVERS\adpu320.sys
13:07:14.0686 2224  adpu320 - ok
13:07:14.0702 2224  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
13:07:14.0749 2224  AeLookupSvc - ok
13:07:14.0780 2224  [ 6EF20DDF3172E97D69F596FB90602F29 ] AFD            C:\Windows\system32\drivers\afd.sys
13:07:14.0796 2224  AFD - ok
13:07:14.0811 2224  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
13:07:14.0827 2224  agp440 - ok
13:07:14.0827 2224  [ 3290D6946B5E30E70414990574883DDB ] ALG            C:\Windows\System32\alg.exe
13:07:14.0842 2224  ALG - ok
13:07:14.0858 2224  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
13:07:14.0858 2224  aliide - ok
13:07:14.0874 2224  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
13:07:14.0889 2224  amdide - ok
13:07:14.0889 2224  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8          C:\Windows\system32\DRIVERS\amdk8.sys
13:07:14.0905 2224  AmdK8 - ok
13:07:14.0936 2224  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
13:07:14.0952 2224  AmdPPM - ok
13:07:14.0967 2224  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
13:07:14.0967 2224  amdsbs - ok
13:07:14.0998 2224  [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID          C:\Windows\system32\drivers\appid.sys
13:07:15.0014 2224  AppID - ok
13:07:15.0014 2224  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:07:15.0045 2224  AppIDSvc - ok
13:07:15.0061 2224  [ D065BE66822847B7F127D1F90158376E ] Appinfo        C:\Windows\System32\appinfo.dll
13:07:15.0061 2224  Appinfo - ok
13:07:15.0076 2224  [ C484F8CEB1717C540242531DB7845C4E ] arc            C:\Windows\system32\DRIVERS\arc.sys
13:07:15.0092 2224  arc - ok
13:07:15.0108 2224  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
13:07:15.0123 2224  arcsas - ok
13:07:15.0139 2224  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:07:15.0170 2224  AsyncMac - ok
13:07:15.0186 2224  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi          C:\Windows\system32\DRIVERS\atapi.sys
13:07:15.0201 2224  atapi - ok
13:07:15.0248 2224  [ 417B9BAB376E8E50F6770196656FD348 ] athur          C:\Windows\system32\DRIVERS\athurx.sys
13:07:15.0279 2224  athur - ok
13:07:15.0310 2224  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:07:15.0357 2224  AudioEndpointBuilder - ok
13:07:15.0357 2224  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:07:15.0404 2224  AudioSrv - ok
13:07:15.0544 2224  [ 0186F7B5BB9CE4CCDFFAE2114BE4367F ] AVGIDSAgent    C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
13:07:15.0622 2224  AVGIDSAgent - ok
13:07:15.0638 2224  [ 139BD30C32BEE830D0CF39C5324D79DE ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
13:07:15.0638 2224  AVGIDSDriver - ok
13:07:15.0669 2224  [ 2940FACB6EF92BD1936E4A1E2502468E ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
13:07:15.0669 2224  AVGIDSHA - ok
13:07:15.0685 2224  [ 54B66C4AEEC6C4F742F3569EBA03EBB8 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
13:07:15.0700 2224  Avgldx64 - ok
13:07:15.0716 2224  [ 13667B5D6310228A9FEF2BA5FCD9081F ] Avgloga        C:\Windows\system32\DRIVERS\avgloga.sys
13:07:15.0716 2224  Avgloga - ok
13:07:15.0732 2224  [ BE82F9A1F2CCF4CE746D0C645D94079E ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
13:07:15.0732 2224  Avgmfx64 - ok
13:07:15.0763 2224  [ 5D11620DEF66F9DC9468FEE385A8429B ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
13:07:15.0763 2224  Avgrkx64 - ok
13:07:15.0778 2224  [ 69BD90E337625F96C718CACE7A9C9E29 ] Avgtdia        C:\Windows\system32\DRIVERS\avgtdia.sys
13:07:15.0778 2224  Avgtdia - ok
13:07:15.0794 2224  [ 76DCA54A83A34CCBBBDCE7ADA01E0068 ] avgtp          C:\Windows\system32\drivers\avgtpx64.sys
13:07:15.0810 2224  avgtp - ok
13:07:15.0825 2224  [ 3A0977CB68AF13E2579E47EB8984056B ] avgwd          C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
13:07:15.0841 2224  avgwd - ok
13:07:15.0856 2224  [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:07:15.0872 2224  AxInstSV - ok
13:07:15.0903 2224  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv        C:\Windows\system32\DRIVERS\bxvbda.sys
13:07:15.0919 2224  b06bdrv - ok
13:07:15.0981 2224  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
13:07:15.0997 2224  b57nd60a - ok
13:07:16.0044 2224  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:07:16.0059 2224  BDESVC - ok
13:07:16.0075 2224  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:07:16.0106 2224  Beep - ok
13:07:16.0122 2224  [ 4992C609A6315671463E30F6512BC022 ] BFE            C:\Windows\System32\bfe.dll
13:07:16.0153 2224  BFE - ok
13:07:16.0184 2224  [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS            C:\Windows\System32\qmgr.dll
13:07:16.0246 2224  BITS - ok
13:07:16.0262 2224  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:07:16.0278 2224  blbdrive - ok
13:07:16.0293 2224  [ 19D20159708E152267E53B66677A4995 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:07:16.0309 2224  bowser - ok
13:07:16.0324 2224  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:07:16.0340 2224  BrFiltLo - ok
13:07:16.0371 2224  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:07:16.0387 2224  BrFiltUp - ok
13:07:16.0402 2224  [ 94FBC06F294D58D02361918418F996E3 ] Browser        C:\Windows\System32\browser.dll
13:07:16.0434 2224  Browser - ok
13:07:16.0465 2224  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
13:07:16.0465 2224  Brserid - ok
13:07:16.0480 2224  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:07:16.0496 2224  BrSerWdm - ok
13:07:16.0527 2224  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:07:16.0543 2224  BrUsbMdm - ok
13:07:16.0543 2224  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:07:16.0558 2224  BrUsbSer - ok
13:07:16.0590 2224  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
13:07:16.0590 2224  BTHMODEM - ok
13:07:16.0605 2224  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv        C:\Windows\system32\bthserv.dll
13:07:16.0636 2224  bthserv - ok
13:07:16.0652 2224  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:07:16.0683 2224  cdfs - ok
13:07:16.0699 2224  [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
13:07:16.0699 2224  cdrom - ok
13:07:16.0730 2224  [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc    C:\Windows\System32\certprop.dll
13:07:16.0777 2224  CertPropSvc - ok
13:07:16.0777 2224  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
13:07:16.0808 2224  circlass - ok
13:07:16.0824 2224  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
13:07:16.0839 2224  CLFS - ok
13:07:16.0886 2224  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:07:16.0902 2224  clr_optimization_v2.0.50727_32 - ok
13:07:16.0933 2224  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:07:16.0933 2224  clr_optimization_v2.0.50727_64 - ok
13:07:17.0011 2224  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:07:17.0026 2224  clr_optimization_v4.0.30319_32 - ok
13:07:17.0042 2224  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:07:17.0058 2224  clr_optimization_v4.0.30319_64 - ok
13:07:17.0073 2224  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
13:07:17.0089 2224  CmBatt - ok
13:07:17.0120 2224  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
13:07:17.0136 2224  cmdide - ok
13:07:17.0151 2224  [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG            C:\Windows\system32\Drivers\cng.sys
13:07:17.0182 2224  CNG - ok
13:07:17.0198 2224  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
13:07:17.0198 2224  Compbatt - ok
13:07:17.0229 2224  [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
13:07:17.0245 2224  CompositeBus - ok
13:07:17.0245 2224  COMSysApp - ok
13:07:17.0260 2224  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk        C:\Windows\system32\DRIVERS\crcdisk.sys
13:07:17.0260 2224  crcdisk - ok
13:07:17.0292 2224  [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:07:17.0307 2224  CryptSvc - ok
13:07:17.0370 2224  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
13:07:17.0401 2224  cvhsvc - ok
13:07:17.0432 2224  [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:07:17.0494 2224  DcomLaunch - ok
13:07:17.0510 2224  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc      C:\Windows\System32\defragsvc.dll
13:07:17.0557 2224  defragsvc - ok
13:07:17.0572 2224  [ 9C253CE7311CA60FC11C774692A13208 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:07:17.0572 2224  DfsC - ok
13:07:17.0588 2224  [ CE3B9562D997F69B330D181A8875960F ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:07:17.0604 2224  Dhcp - ok
13:07:17.0619 2224  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
13:07:17.0650 2224  discache - ok
13:07:17.0666 2224  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
13:07:17.0682 2224  Disk - ok
13:07:17.0713 2224  [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:07:17.0713 2224  Dnscache - ok
13:07:17.0728 2224  [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc        C:\Windows\System32\dot3svc.dll
13:07:17.0775 2224  dot3svc - ok
13:07:17.0791 2224  [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS            C:\Windows\system32\dps.dll
13:07:17.0806 2224  DPS - ok
13:07:17.0838 2224  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
13:07:17.0853 2224  drmkaud - ok
13:07:17.0884 2224  [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
13:07:17.0900 2224  DXGKrnl - ok
13:07:17.0931 2224  [ 60633132A929C09FE78FAB16541F9E71 ] e1cexpress      C:\Windows\system32\DRIVERS\e1c62x64.sys
13:07:17.0947 2224  e1cexpress - ok
13:07:17.0962 2224  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost        C:\Windows\System32\eapsvc.dll
13:07:18.0009 2224  EapHost - ok
13:07:18.0087 2224  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv          C:\Windows\system32\DRIVERS\evbda.sys
13:07:18.0134 2224  ebdrv - ok
13:07:18.0150 2224  [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS            C:\Windows\System32\lsass.exe
13:07:18.0165 2224  EFS - ok
13:07:18.0212 2224  [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
13:07:18.0243 2224  ehRecvr - ok
13:07:18.0274 2224  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched        C:\Windows\ehome\ehsched.exe
13:07:18.0274 2224  ehSched - ok
13:07:18.0306 2224  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor        C:\Windows\system32\DRIVERS\elxstor.sys
13:07:18.0321 2224  elxstor - ok
13:07:18.0337 2224  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
13:07:18.0352 2224  ErrDev - ok
13:07:18.0384 2224  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem    C:\Windows\system32\es.dll
13:07:18.0415 2224  EventSystem - ok
13:07:18.0430 2224  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat          C:\Windows\system32\drivers\exfat.sys
13:07:18.0462 2224  exfat - ok
13:07:18.0462 2224  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat        C:\Windows\system32\drivers\fastfat.sys
13:07:18.0493 2224  fastfat - ok
13:07:18.0508 2224  [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax            C:\Windows\system32\fxssvc.exe
13:07:18.0524 2224  Fax - ok
13:07:18.0540 2224  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc            C:\Windows\system32\DRIVERS\fdc.sys
13:07:18.0555 2224  fdc - ok
13:07:18.0555 2224  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost        C:\Windows\system32\fdPHost.dll
13:07:18.0602 2224  fdPHost - ok
13:07:18.0618 2224  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:07:18.0649 2224  FDResPub - ok
13:07:18.0664 2224  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:07:18.0680 2224  FileInfo - ok
13:07:18.0680 2224  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
13:07:18.0727 2224  Filetrace - ok
13:07:18.0742 2224  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
13:07:18.0758 2224  flpydisk - ok
13:07:18.0774 2224  [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:07:18.0789 2224  FltMgr - ok
13:07:18.0820 2224  [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache      C:\Windows\system32\FntCache.dll
13:07:18.0836 2224  FontCache - ok
13:07:18.0867 2224  [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:07:18.0867 2224  FontCache3.0.0.0 - ok
13:07:18.0883 2224  [ D43703496149971890703B4B1B723EAC ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
13:07:18.0898 2224  FsDepends - ok
13:07:18.0898 2224  [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:07:18.0898 2224  Fs_Rec - ok
13:07:18.0930 2224  [ 1F44F8559E61A8306ECC67BB1E168B7C ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:07:18.0945 2224  fvevol - ok
13:07:18.0961 2224  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
13:07:18.0976 2224  gagp30kx - ok
13:07:19.0008 2224  [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc          C:\Windows\System32\gpsvc.dll
13:07:19.0039 2224  gpsvc - ok
13:07:19.0070 2224  [ F02A533F517EB38333CB12A9E8963773 ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:07:19.0086 2224  gupdate - ok
13:07:19.0086 2224  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:07:19.0101 2224  gupdatem - ok
13:07:19.0132 2224  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc          C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
13:07:19.0148 2224  gusvc - ok
13:07:19.0164 2224  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:07:19.0179 2224  hcw85cir - ok
13:07:19.0210 2224  [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:07:19.0242 2224  HdAudAddService - ok
13:07:19.0257 2224  [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:07:19.0273 2224  HDAudBus - ok
13:07:19.0304 2224  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt        C:\Windows\system32\DRIVERS\HidBatt.sys
13:07:19.0320 2224  HidBatt - ok
13:07:19.0320 2224  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
13:07:19.0335 2224  HidBth - ok
13:07:19.0366 2224  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr          C:\Windows\system32\DRIVERS\hidir.sys
13:07:19.0382 2224  HidIr - ok
13:07:19.0398 2224  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv        C:\Windows\system32\hidserv.dll
13:07:19.0429 2224  hidserv - ok
13:07:19.0444 2224  [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:07:19.0460 2224  HidUsb - ok
13:07:19.0460 2224  [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:07:19.0491 2224  hkmsvc - ok
13:07:19.0522 2224  [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:07:19.0538 2224  HomeGroupListener - ok
13:07:19.0569 2224  [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:07:19.0569 2224  HomeGroupProvider - ok
13:07:19.0632 2224  [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
13:07:19.0632 2224  HpSAMD - ok
13:07:19.0663 2224  [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:07:19.0710 2224  HTTP - ok
13:07:19.0725 2224  [ F17766A19145F111856378DF337A5D79 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:07:19.0725 2224  hwpolicy - ok
13:07:19.0741 2224  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:07:19.0756 2224  i8042prt - ok
13:07:19.0772 2224  [ 87A72502C8AC5E89B5A46FF6E874F5C5 ] IAMTVE          C:\Windows\system32\DRIVERS\IAMTVE.sys
13:07:19.0772 2224  IAMTVE - ok
13:07:19.0788 2224  [ 5516F8E518A2F6A8755498F3E73957CF ] IAMTXPE        C:\Windows\system32\DRIVERS\IAMTXPE.sys
13:07:19.0803 2224  IAMTXPE - ok
13:07:19.0819 2224  [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
13:07:19.0819 2224  iaStor - ok
13:07:19.0850 2224  [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
13:07:19.0850 2224  IAStorDataMgrSvc - ok
13:07:19.0897 2224  [ 513DC087CFED7D2BB82F005385D3531F ] iaStorV        C:\Windows\system32\DRIVERS\iaStorV.sys
13:07:19.0912 2224  iaStorV - ok
13:07:19.0928 2224  [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:07:19.0959 2224  idsvc - ok
13:07:19.0975 2224  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp          C:\Windows\system32\DRIVERS\iirsp.sys
13:07:19.0990 2224  iirsp - ok
13:07:20.0006 2224  [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT          C:\Windows\System32\ikeext.dll
13:07:20.0053 2224  IKEEXT - ok
13:07:20.0146 2224  [ 589B94A9B73A0E819FF873743A480834 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:07:20.0193 2224  IntcAzAudAddService - ok
13:07:20.0209 2224  [ A1E1304444BC82C827A09AEB393C0450 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
13:07:20.0224 2224  Intel(R) PROSet Monitoring Service - ok
13:07:20.0240 2224  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
13:07:20.0256 2224  intelide - ok
13:07:20.0287 2224  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:07:20.0287 2224  intelppm - ok
13:07:20.0318 2224  [ E45575812630B049CE0F679D87561A4D ] ioatdma1        C:\Windows\System32\Drivers\qd162x64.sys
13:07:20.0318 2224  ioatdma1 - ok
13:07:20.0334 2224  [ 2C23820DD9E81199E60F553EB50BC449 ] ioatdma2        C:\Windows\System32\Drivers\qd262x64.sys
13:07:20.0334 2224  ioatdma2 - ok
13:07:20.0349 2224  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
13:07:20.0365 2224  IPBusEnum - ok
13:07:20.0380 2224  [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:07:20.0412 2224  IpFilterDriver - ok
13:07:20.0427 2224  [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:07:20.0458 2224  iphlpsvc - ok
13:07:20.0474 2224  [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV        C:\Windows\system32\DRIVERS\IPMIDrv.sys
13:07:20.0490 2224  IPMIDRV - ok
13:07:20.0505 2224  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
13:07:20.0536 2224  IPNAT - ok
13:07:20.0552 2224  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:07:20.0568 2224  IRENUM - ok
13:07:20.0583 2224  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
13:07:20.0583 2224  isapnp - ok
13:07:20.0614 2224  [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
13:07:20.0614 2224  iScsiPrt - ok
13:07:20.0630 2224  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:07:20.0646 2224  kbdclass - ok
13:07:20.0661 2224  [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:07:20.0677 2224  kbdhid - ok
13:07:20.0692 2224  [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso          C:\Windows\system32\lsass.exe
13:07:20.0692 2224  KeyIso - ok
13:07:20.0708 2224  [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:07:20.0724 2224  KSecDD - ok
13:07:20.0739 2224  [ A8C63880EF6F4D3FEC7B616B9C060215 ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
13:07:20.0755 2224  KSecPkg - ok
13:07:20.0770 2224  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
13:07:20.0786 2224  ksthunk - ok
13:07:20.0802 2224  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm          C:\Windows\system32\msdtckrm.dll
13:07:20.0833 2224  KtmRm - ok
13:07:20.0864 2224  [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:07:20.0895 2224  LanmanServer - ok
13:07:20.0911 2224  [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:07:20.0942 2224  LanmanWorkstation - ok
13:07:20.0958 2224  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:07:20.0989 2224  lltdio - ok
13:07:21.0004 2224  [ C1185803384AB3FEED115F79F109427F ] lltdsvc        C:\Windows\System32\lltdsvc.dll
13:07:21.0051 2224  lltdsvc - ok
13:07:21.0051 2224  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts        C:\Windows\System32\lmhsvc.dll
13:07:21.0082 2224  lmhosts - ok
13:07:21.0098 2224  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
13:07:21.0098 2224  LSI_FC - ok
13:07:21.0129 2224  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS        C:\Windows\system32\DRIVERS\lsi_sas.sys
13:07:21.0129 2224  LSI_SAS - ok
13:07:21.0160 2224  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:07:21.0160 2224  LSI_SAS2 - ok
13:07:21.0160 2224  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:07:21.0176 2224  LSI_SCSI - ok
13:07:21.0192 2224  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv          C:\Windows\system32\drivers\luafv.sys
13:07:21.0207 2224  luafv - ok
13:07:21.0223 2224  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector  C:\Windows\system32\drivers\mbam.sys
13:07:21.0238 2224  MBAMProtector - ok
13:07:21.0285 2224  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
13:07:21.0301 2224  MBAMScheduler - ok
13:07:21.0316 2224  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
13:07:21.0332 2224  MBAMService - ok
13:07:21.0348 2224  [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
13:07:21.0348 2224  Mcx2Svc - ok
13:07:21.0379 2224  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas        C:\Windows\system32\DRIVERS\megasas.sys
13:07:21.0394 2224  megasas - ok
13:07:21.0410 2224  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
13:07:21.0426 2224  MegaSR - ok
13:07:21.0457 2224  [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
13:07:21.0472 2224  MEIx64 - ok
13:07:21.0535 2224  Microsoft SharePoint Workspace Audit Service - ok
13:07:21.0550 2224  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS          C:\Windows\system32\mmcss.dll
13:07:21.0597 2224  MMCSS - ok
13:07:21.0613 2224  [ 800BA92F7010378B09F9ED9270F07137 ] Modem          C:\Windows\system32\drivers\modem.sys
13:07:21.0660 2224  Modem - ok
13:07:21.0675 2224  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
13:07:21.0691 2224  monitor - ok
13:07:21.0706 2224  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:07:21.0722 2224  mouclass - ok
13:07:21.0738 2224  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:07:21.0753 2224  mouhid - ok
13:07:21.0784 2224  [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:07:21.0800 2224  mountmgr - ok
13:07:21.0831 2224  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:07:21.0847 2224  MozillaMaintenance - ok
13:07:21.0862 2224  [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
13:07:21.0878 2224  mpio - ok
13:07:21.0894 2224  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:07:21.0925 2224  mpsdrv - ok
13:07:21.0940 2224  [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:07:21.0972 2224  MpsSvc - ok
13:07:21.0987 2224  [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:07:22.0003 2224  MRxDAV - ok
13:07:22.0018 2224  [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:07:22.0018 2224  mrxsmb - ok
13:07:22.0034 2224  [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:07:22.0050 2224  mrxsmb10 - ok
13:07:22.0050 2224  [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:07:22.0065 2224  mrxsmb20 - ok
13:07:22.0065 2224  [ 5C37497276E3B3A5488B23A326A754B7 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
13:07:22.0081 2224  msahci - ok
13:07:22.0096 2224  [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm          C:\Windows\system32\DRIVERS\msdsm.sys
13:07:22.0112 2224  msdsm - ok
13:07:22.0112 2224  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC          C:\Windows\System32\msdtc.exe
13:07:22.0128 2224  MSDTC - ok
13:07:22.0143 2224  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:07:22.0190 2224  Msfs - ok
13:07:22.0206 2224  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
13:07:22.0237 2224  mshidkmdf - ok
13:07:22.0252 2224  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
13:07:22.0268 2224  msisadrv - ok
13:07:22.0284 2224  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
13:07:22.0315 2224  MSiSCSI - ok
13:07:22.0315 2224  msiserver - ok
13:07:22.0330 2224  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
13:07:22.0362 2224  MSKSSRV - ok
13:07:22.0362 2224  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:07:22.0393 2224  MSPCLOCK - ok
13:07:22.0393 2224  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
13:07:22.0424 2224  MSPQM - ok
13:07:22.0440 2224  [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
13:07:22.0440 2224  MsRPC - ok
13:07:22.0471 2224  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:07:22.0486 2224  mssmbios - ok
13:07:22.0502 2224  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
13:07:22.0549 2224  MSTEE - ok
13:07:22.0564 2224  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
13:07:22.0580 2224  MTConfig - ok
13:07:22.0596 2224  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup            C:\Windows\system32\Drivers\mup.sys
13:07:22.0611 2224  Mup - ok
13:07:22.0611 2224  [ 4987E079A4530FA737A128BE54B63B12 ] napagent        C:\Windows\system32\qagentRT.dll
13:07:22.0642 2224  napagent - ok
13:07:22.0658 2224  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
13:07:22.0689 2224  NativeWifiP - ok
13:07:22.0705 2224  [ CAD515DBD07D082BB317D9928CE8962C ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:07:22.0720 2224  NDIS - ok
13:07:22.0736 2224  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
13:07:22.0752 2224  NdisCap - ok
13:07:22.0767 2224  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:07:22.0783 2224  NdisTapi - ok
13:07:22.0798 2224  [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
13:07:22.0830 2224  Ndisuio - ok
13:07:22.0845 2224  [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
13:07:22.0876 2224  NdisWan - ok
13:07:22.0876 2224  [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
13:07:22.0908 2224  NDProxy - ok
13:07:22.0908 2224  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
13:07:22.0939 2224  NetBIOS - ok
13:07:22.0939 2224  [ 9162B273A44AB9DCE5B44362731D062A ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
13:07:22.0970 2224  NetBT - ok
13:07:22.0970 2224  [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon        C:\Windows\system32\lsass.exe
13:07:22.0986 2224  Netlogon - ok
13:07:23.0001 2224  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
13:07:23.0017 2224  Netman - ok
13:07:23.0032 2224  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
13:07:23.0064 2224  netprofm - ok
13:07:23.0095 2224  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:07:23.0095 2224  NetTcpPortSharing - ok
13:07:23.0110 2224  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960        C:\Windows\system32\DRIVERS\nfrd960.sys
13:07:23.0110 2224  nfrd960 - ok
13:07:23.0126 2224  [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:07:23.0157 2224  NlaSvc - ok
13:07:23.0173 2224  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:07:23.0188 2224  Npfs - ok
13:07:23.0204 2224  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi            C:\Windows\system32\nsisvc.dll
13:07:23.0235 2224  nsi - ok
13:07:23.0235 2224  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:07:23.0266 2224  nsiproxy - ok
13:07:23.0313 2224  [ 184C189D4FC416978550FC599BB4EDDA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:07:23.0360 2224  Ntfs - ok
13:07:23.0360 2224  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
13:07:23.0391 2224  Null - ok
13:07:23.0407 2224  [ A7127E86F9FFE2A53E271B56B2C4CEDF ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
13:07:23.0422 2224  nusb3hub - ok
13:07:23.0438 2224  [ 49BBEC6F48D5F9284B03ABF3A959B19B ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
13:07:23.0438 2224  nusb3xhc - ok
13:07:23.0469 2224  [ ED9380F201C8126425C09BED96DBE1E5 ] NVHDA          C:\Windows\system32\drivers\nvhda64v.sys
13:07:23.0469 2224  NVHDA - ok
13:07:23.0656 2224  [ C259E11C6EC43BB6B98742E399CB2304 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:07:23.0797 2224  nvlddmkm - ok
13:07:23.0828 2224  [ DEAB10231CBDB0881FC25428EBE11506 ] nvraid          C:\Windows\system32\DRIVERS\nvraid.sys
13:07:23.0828 2224  nvraid - ok
13:07:23.0859 2224  [ 0AF7B8136794E23E87BE138992880E64 ] nvstor          C:\Windows\system32\DRIVERS\nvstor.sys
13:07:23.0859 2224  nvstor - ok
13:07:23.0875 2224  [ 5B36DC51394A478BBC3757B8F0A1B94F ] NVSvc          C:\Windows\system32\nvvsvc.exe
13:07:23.0890 2224  NVSvc - ok
13:07:23.0906 2224  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
13:07:23.0922 2224  nv_agp - ok
13:07:23.0937 2224  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
13:07:23.0937 2224  ohci1394 - ok
13:07:23.0968 2224  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose            C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:07:23.0968 2224  ose - ok
13:07:24.0109 2224  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc        C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:07:24.0156 2224  osppsvc - ok
13:07:24.0187 2224  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:07:24.0187 2224  p2pimsvc - ok
13:07:24.0218 2224  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
13:07:24.0218 2224  p2psvc - ok
13:07:24.0234 2224  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport        C:\Windows\system32\DRIVERS\parport.sys
13:07:24.0249 2224  Parport - ok
13:07:24.0265 2224  [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr        C:\Windows\system32\drivers\partmgr.sys
13:07:24.0265 2224  partmgr - ok
13:07:24.0296 2224  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:07:24.0296 2224  PcaSvc - ok
13:07:24.0327 2224  [ F36F6504009F2FB0DFD1B17A116AD74B ] pci            C:\Windows\system32\DRIVERS\pci.sys
13:07:24.0343 2224  pci - ok
13:07:24.0358 2224  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
13:07:24.0358 2224  pciide - ok
13:07:24.0421 2224  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
13:07:24.0436 2224  pcmcia - ok
13:07:24.0452 2224  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw            C:\Windows\system32\drivers\pcw.sys
13:07:24.0468 2224  pcw - ok
13:07:24.0483 2224  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:07:24.0530 2224  PEAUTH - ok
13:07:24.0577 2224  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:07:24.0592 2224  PerfHost - ok
13:07:24.0624 2224  [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla            C:\Windows\system32\pla.dll
13:07:24.0702 2224  pla - ok
13:07:24.0733 2224  [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:07:24.0748 2224  PlugPlay - ok
13:07:24.0764 2224  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
13:07:24.0780 2224  PNRPAutoReg - ok
13:07:24.0780 2224  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
13:07:24.0795 2224  PNRPsvc - ok
13:07:24.0873 2224  [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
13:07:24.0920 2224  PolicyAgent - ok
13:07:24.0936 2224  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power          C:\Windows\system32\umpo.dll
13:07:24.0982 2224  Power - ok
13:07:24.0982 2224  [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:07:25.0014 2224  PptpMiniport - ok
13:07:25.0029 2224  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor      C:\Windows\system32\DRIVERS\processr.sys
13:07:25.0029 2224  Processor - ok
13:07:25.0045 2224  [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc        C:\Windows\system32\profsvc.dll
13:07:25.0076 2224  ProfSvc - ok
13:07:25.0076 2224  [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
13:07:25.0092 2224  ProtectedStorage - ok
13:07:25.0092 2224  [ EE992183BD8EAEFD9973F352E587A299 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:07:25.0123 2224  Psched - ok
13:07:25.0154 2224  [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2      c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
13:07:25.0170 2224  PSI_SVC_2 - ok
13:07:25.0216 2224  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
13:07:25.0248 2224  ql2300 - ok
13:07:25.0263 2224  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
13:07:25.0263 2224  ql40xx - ok
13:07:25.0279 2224  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE          C:\Windows\system32\qwave.dll
13:07:25.0294 2224  QWAVE - ok
13:07:25.0310 2224  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:07:25.0326 2224  QWAVEdrv - ok
13:07:25.0326 2224  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:07:25.0372 2224  RasAcd - ok
13:07:25.0388 2224  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
13:07:25.0404 2224  RasAgileVpn - ok
13:07:25.0419 2224  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto        C:\Windows\System32\rasauto.dll
13:07:25.0450 2224  RasAuto - ok
13:07:25.0466 2224  [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
13:07:25.0497 2224  Rasl2tp - ok
13:07:25.0497 2224  [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan          C:\Windows\System32\rasmans.dll
13:07:25.0528 2224  RasMan - ok
13:07:25.0544 2224  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:07:25.0560 2224  RasPppoe - ok
13:07:25.0575 2224  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
13:07:25.0606 2224  RasSstp - ok
13:07:25.0606 2224  [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
13:07:25.0638 2224  rdbss - ok
13:07:25.0653 2224  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
13:07:25.0669 2224  rdpbus - ok
13:07:25.0669 2224  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:07:25.0700 2224  RDPCDD - ok
13:07:25.0716 2224  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:07:25.0762 2224  RDPENCDD - ok
13:07:25.0762 2224  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:07:25.0794 2224  RDPREFMP - ok
13:07:25.0809 2224  [ 074AC702D8B8B660B0E1371555995386 ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
13:07:25.0809 2224  RDPWD - ok
13:07:25.0825 2224  [ 634B9A2181D98F15941236886164EC8B ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:07:25.0840 2224  rdyboost - ok
13:07:25.0856 2224  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:07:25.0887 2224  RemoteAccess - ok
13:07:25.0903 2224  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:07:25.0934 2224  RemoteRegistry - ok
13:07:25.0950 2224  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:07:25.0996 2224  RpcEptMapper - ok
13:07:26.0043 2224  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
13:07:26.0059 2224  RpcLocator - ok
13:07:26.0074 2224  [ 7266972E86890E2B30C0C322E906B027 ] RpcSs          C:\Windows\system32\rpcss.dll
13:07:26.0121 2224  RpcSs - ok
13:07:26.0137 2224  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:07:26.0168 2224  rspndr - ok
13:07:26.0199 2224  [ 20A466B9EA2BD828C0EC723F99B8CFE7 ] RTL8167        C:\Windows\system32\DRIVERS\Rt64win7.sys
13:07:26.0215 2224  RTL8167 - ok
13:07:26.0230 2224  [ 4629C5C4772D223B0ECD1EA8BA7A2A33 ] RTL8192su      C:\Windows\system32\DRIVERS\RTL8192su.sys
13:07:26.0246 2224  RTL8192su - ok
13:07:26.0262 2224  [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs          C:\Windows\system32\lsass.exe
13:07:26.0277 2224  SamSs - ok
13:07:26.0293 2224  [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
13:07:26.0293 2224  sbp2port - ok
13:07:26.0308 2224  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:07:26.0340 2224  SCardSvr - ok
13:07:26.0340 2224  [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:07:26.0371 2224  scfilter - ok
13:07:26.0402 2224  [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule        C:\Windows\system32\schedsvc.dll
13:07:26.0418 2224  Schedule - ok
13:07:26.0449 2224  [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc    C:\Windows\System32\certprop.dll
13:07:26.0480 2224  SCPolicySvc - ok
13:07:26.0480 2224  [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:07:26.0496 2224  SDRSVC - ok
13:07:26.0511 2224  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:07:26.0527 2224  secdrv - ok
13:07:26.0542 2224  [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon        C:\Windows\system32\seclogon.dll
13:07:26.0574 2224  seclogon - ok
13:07:26.0589 2224  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
13:07:26.0605 2224  SENS - ok
13:07:26.0605 2224  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:07:26.0620 2224  SensrSvc - ok
13:07:26.0620 2224  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum        C:\Windows\system32\DRIVERS\serenum.sys
13:07:26.0636 2224  Serenum - ok
13:07:26.0652 2224  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
13:07:26.0667 2224  Serial - ok
13:07:26.0683 2224  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
13:07:26.0683 2224  sermouse - ok
13:07:26.0698 2224  [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv      C:\Windows\system32\sessenv.dll
13:07:26.0730 2224  SessionEnv - ok
13:07:26.0745 2224  [ A554811BCD09279536440C964AE35BBF ] sffdisk        C:\Windows\system32\DRIVERS\sffdisk.sys
13:07:26.0745 2224  sffdisk - ok
13:07:26.0761 2224  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
13:07:26.0776 2224  sffp_mmc - ok
13:07:26.0792 2224  [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd        C:\Windows\system32\DRIVERS\sffp_sd.sys
13:07:26.0808 2224  sffp_sd - ok
13:07:26.0808 2224  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy        C:\Windows\system32\DRIVERS\sfloppy.sys
13:07:26.0823 2224  sfloppy - ok
13:07:26.0854 2224  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs          C:\Windows\system32\DRIVERS\Sftfslh.sys
13:07:26.0854 2224  Sftfs - ok
13:07:26.0901 2224  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist        C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
13:07:26.0932 2224  sftlist - ok
13:07:26.0932 2224  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay        C:\Windows\system32\DRIVERS\Sftplaylh.sys
13:07:26.0948 2224  Sftplay - ok
13:07:26.0964 2224  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
13:07:26.0964 2224  Sftredir - ok
13:07:26.0979 2224  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
13:07:26.0979 2224  Sftvol - ok
13:07:26.0995 2224  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
13:07:27.0010 2224  sftvsa - ok
13:07:27.0026 2224  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:07:27.0057 2224  SharedAccess - ok
13:07:27.0073 2224  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:07:27.0088 2224  ShellHWDetection - ok
13:07:27.0104 2224  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:07:27.0104 2224  SiSRaid2 - ok
13:07:27.0120 2224  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
13:07:27.0120 2224  SiSRaid4 - ok
13:07:27.0151 2224  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
13:07:27.0166 2224  Smb - ok
13:07:27.0182 2224  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:07:27.0198 2224  SNMPTRAP - ok
13:07:27.0213 2224  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr          C:\Windows\system32\drivers\spldr.sys
13:07:27.0213 2224  spldr - ok
13:07:27.0229 2224  [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler        C:\Windows\System32\spoolsv.exe
13:07:27.0244 2224  Spooler - ok
13:07:27.0307 2224  [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc          C:\Windows\system32\sppsvc.exe
13:07:27.0354 2224  sppsvc - ok
13:07:27.0354 2224  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
13:07:27.0385 2224  sppuinotify - ok
13:07:27.0416 2224  [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv            C:\Windows\system32\DRIVERS\srv.sys
13:07:27.0432 2224  srv - ok
13:07:27.0432 2224  [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:07:27.0447 2224  srv2 - ok
13:07:27.0463 2224  [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:07:27.0463 2224  srvnet - ok
13:07:27.0478 2224  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
13:07:27.0525 2224  SSDPSRV - ok
13:07:27.0525 2224  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc        C:\Windows\system32\sstpsvc.dll
13:07:27.0556 2224  SstpSvc - ok
13:07:27.0572 2224  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
13:07:27.0572 2224  stexstor - ok
13:07:27.0619 2224  [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc          C:\Windows\System32\wiaservc.dll
13:07:27.0650 2224  stisvc - ok
13:07:27.0666 2224  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:07:27.0681 2224  swenum - ok
13:07:27.0697 2224  [ E08E46FDD841B7184194011CA1955A0B ] swprv          C:\Windows\System32\swprv.dll
13:07:27.0744 2224  swprv - ok
13:07:27.0775 2224  [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain        C:\Windows\system32\sysmain.dll
13:07:27.0790 2224  SysMain - ok
13:07:27.0806 2224  [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:07:27.0822 2224  TabletInputService - ok
13:07:27.0837 2224  [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv        C:\Windows\System32\tapisrv.dll
13:07:27.0868 2224  TapiSrv - ok
13:07:27.0884 2224  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS            C:\Windows\System32\tbssvc.dll
13:07:27.0915 2224  TBS - ok
13:07:27.0946 2224  [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
13:07:27.0978 2224  Tcpip - ok
13:07:28.0009 2224  [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:07:28.0056 2224  TCPIP6 - ok
13:07:28.0087 2224  [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:07:28.0102 2224  tcpipreg - ok
13:07:28.0118 2224  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:07:28.0134 2224  TDPIPE - ok
13:07:28.0149 2224  [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
13:07:28.0165 2224  TDTCP - ok
13:07:28.0180 2224  [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
13:07:28.0212 2224  tdx - ok
13:07:28.0305 2224  [ 7C8DD5576695B3362202EF09B20C425E ] TeamViewer8    C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
13:07:28.0336 2224  TeamViewer8 - ok
13:07:28.0368 2224  [ C448651339196C0E869A355171875522 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:07:28.0368 2224  TermDD - ok
13:07:28.0383 2224  [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService    C:\Windows\System32\termsrv.dll
13:07:28.0414 2224  TermService - ok
13:07:28.0446 2224  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
13:07:28.0477 2224  Themes - ok
13:07:28.0492 2224  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER    C:\Windows\system32\mmcss.dll
13:07:28.0524 2224  THREADORDER - ok
13:07:28.0524 2224  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
13:07:28.0555 2224  TrkWks - ok
13:07:28.0586 2224  [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:07:28.0602 2224  TrustedInstaller - ok
13:07:28.0602 2224  [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:07:28.0633 2224  tssecsrv - ok
13:07:28.0633 2224  [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:07:28.0664 2224  tunnel - ok
13:07:28.0680 2224  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
13:07:28.0680 2224  uagp35 - ok
13:07:28.0711 2224  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:07:28.0726 2224  udfs - ok
13:07:28.0742 2224  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect      C:\Windows\system32\UI0Detect.exe
13:07:28.0758 2224  UI0Detect - ok
13:07:28.0773 2224  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
13:07:28.0773 2224  uliagpkx - ok
13:07:28.0789 2224  [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
13:07:28.0804 2224  umbus - ok
13:07:28.0820 2224  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
13:07:28.0836 2224  UmPass - ok
13:07:28.0851 2224  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
13:07:28.0882 2224  upnphost - ok
13:07:28.0898 2224  [ B26AFB54A534D634523C4FB66765B026 ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
13:07:28.0898 2224  usbccgp - ok
13:07:28.0914 2224  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
13:07:28.0929 2224  usbcir - ok
13:07:28.0945 2224  [ DF9F9AFC9AAABD8ED47975D44E38169A ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
13:07:28.0945 2224  usbehci - ok
13:07:28.0976 2224  [ 372A91BC3C6603080A793880B0873785 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:07:28.0976 2224  usbhub - ok
13:07:29.0007 2224  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci        C:\Windows\system32\DRIVERS\usbohci.sys
13:07:29.0023 2224  usbohci - ok
13:07:29.0023 2224  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:07:29.0023 2224  usbprint - ok
13:07:29.0038 2224  [ A60E7E0FA88FF067D049D525547CD5E9 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:07:29.0054 2224  USBSTOR - ok
13:07:29.0054 2224  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci        C:\Windows\system32\DRIVERS\usbuhci.sys
13:07:29.0070 2224  usbuhci - ok
13:07:29.0070 2224  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms          C:\Windows\System32\uxsms.dll
13:07:29.0101 2224  UxSms - ok
13:07:29.0101 2224  [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc        C:\Windows\system32\lsass.exe
13:07:29.0116 2224  VaultSvc - ok
13:07:29.0116 2224  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
13:07:29.0132 2224  vdrvroot - ok
13:07:29.0148 2224  [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds            C:\Windows\System32\vds.exe
13:07:29.0148 2224  vds - ok
13:07:29.0163 2224  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
13:07:29.0179 2224  vga - ok
13:07:29.0194 2224  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave        C:\Windows\System32\drivers\vga.sys
13:07:29.0210 2224  VgaSave - ok
13:07:29.0226 2224  [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp          C:\Windows\system32\DRIVERS\vhdmp.sys
13:07:29.0226 2224  vhdmp - ok
13:07:29.0241 2224  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
13:07:29.0257 2224  viaide - ok
13:07:29.0257 2224  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
13:07:29.0272 2224  volmgr - ok
13:07:29.0288 2224  [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
13:07:29.0288 2224  volmgrx - ok
13:07:29.0319 2224  [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap        C:\Windows\system32\DRIVERS\volsnap.sys
13:07:29.0319 2224  volsnap - ok
13:07:29.0335 2224  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid        C:\Windows\system32\DRIVERS\vsmraid.sys
13:07:29.0335 2224  vsmraid - ok
13:07:29.0366 2224  [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS            C:\Windows\system32\vssvc.exe
13:07:29.0397 2224  VSS - ok
13:07:29.0428 2224  [ E2CA898E105C3F2B62DB130F28C73322 ] vToolbarUpdater15.0.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe
13:07:29.0460 2224  vToolbarUpdater15.0.0 - ok
13:07:29.0460 2224  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
13:07:29.0475 2224  vwifibus - ok
13:07:29.0491 2224  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:07:29.0506 2224  vwififlt - ok
13:07:29.0506 2224  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp        C:\Windows\system32\DRIVERS\vwifimp.sys
13:07:29.0522 2224  vwifimp - ok
13:07:29.0538 2224  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time        C:\Windows\system32\w32time.dll
13:07:29.0569 2224  W32Time - ok
13:07:29.0584 2224  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
13:07:29.0600 2224  WacomPen - ok
13:07:29.0600 2224  [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:07:29.0631 2224  WANARP - ok
13:07:29.0631 2224  [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:07:29.0647 2224  Wanarpv6 - ok
13:07:29.0725 2224  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc    C:\Windows\system32\Wat\WatAdminSvc.exe
13:07:29.0756 2224  WatAdminSvc - ok
13:07:29.0787 2224  [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine        C:\Windows\system32\wbengine.exe
13:07:29.0818 2224  wbengine - ok
13:07:29.0834 2224  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:07:29.0850 2224  WbioSrvc - ok
13:07:29.0865 2224  [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc        C:\Windows\System32\wcncsvc.dll
13:07:29.0896 2224  wcncsvc - ok
13:07:29.0896 2224  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:07:29.0928 2224  WcsPlugInService - ok
13:07:29.0959 2224  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
13:07:29.0974 2224  Wd - ok
13:07:30.0006 2224  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:07:30.0021 2224  Wdf01000 - ok
13:07:30.0037 2224  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:07:30.0052 2224  WdiServiceHost - ok
13:07:30.0052 2224  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost  C:\Windows\system32\wdi.dll
13:07:30.0068 2224  WdiSystemHost - ok
13:07:30.0099 2224  [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient      C:\Windows\System32\webclnt.dll
13:07:30.0115 2224  WebClient - ok
13:07:30.0130 2224  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:07:30.0162 2224  Wecsvc - ok
13:07:30.0177 2224  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
13:07:30.0208 2224  wercplsupport - ok
13:07:30.0224 2224  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:07:30.0255 2224  WerSvc - ok
13:07:30.0255 2224  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:07:30.0286 2224  WfpLwf - ok
13:07:30.0286 2224  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:07:30.0302 2224  WIMMount - ok
13:07:30.0318 2224  WinDefend - ok
13:07:30.0318 2224  WinHttpAutoProxySvc - ok
13:07:30.0380 2224  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
13:07:30.0427 2224  Winmgmt - ok
13:07:30.0458 2224  [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM          C:\Windows\system32\WsmSvc.dll
13:07:30.0505 2224  WinRM - ok
13:07:30.0536 2224  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc        C:\Windows\System32\wlansvc.dll
13:07:30.0552 2224  Wlansvc - ok
13:07:30.0567 2224  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:07:30.0583 2224  wlcrasvc - ok
13:07:30.0630 2224  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:07:30.0676 2224  wlidsvc - ok
13:07:30.0692 2224  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi        C:\Windows\system32\DRIVERS\wmiacpi.sys
13:07:30.0692 2224  WmiAcpi - ok
13:07:30.0723 2224  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:07:30.0739 2224  wmiApSrv - ok
13:07:30.0754 2224  WMPNetworkSvc - ok
13:07:30.0754 2224  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:07:30.0770 2224  WPCSvc - ok
13:07:30.0786 2224  [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:07:30.0786 2224  WPDBusEnum - ok
13:07:30.0801 2224  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
13:07:30.0832 2224  ws2ifsl - ok
13:07:30.0848 2224  [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc          C:\Windows\System32\wscsvc.dll
13:07:30.0864 2224  wscsvc - ok
13:07:30.0864 2224  WSearch - ok
13:07:30.0926 2224  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:07:30.0973 2224  wuauserv - ok
13:07:31.0004 2224  [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:07:31.0035 2224  WudfPf - ok
13:07:31.0051 2224  [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:07:31.0082 2224  WUDFRd - ok
13:07:31.0098 2224  [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
13:07:31.0129 2224  wudfsvc - ok
13:07:31.0129 2224  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc        C:\Windows\System32\wwansvc.dll
13:07:31.0144 2224  WwanSvc - ok
13:07:31.0160 2224  ================ Scan global ===============================
13:07:31.0176 2224  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:07:31.0207 2224  [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
13:07:31.0238 2224  [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
13:07:31.0269 2224  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:07:31.0300 2224  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:07:31.0300 2224  [Global] - ok
13:07:31.0300 2224  ================ Scan MBR ==================================
13:07:31.0300 2224  [ 753CA1D394F3C0855134963D7361060F ] \Device\Harddisk0\DR0
13:07:33.0157 2224  \Device\Harddisk0\DR0 - ok
13:07:33.0157 2224  ================ Scan VBR ==================================
13:07:33.0157 2224  [ A2963103963C54EF7E5D80AA75846B1C ] \Device\Harddisk0\DR0\Partition1
13:07:33.0157 2224  \Device\Harddisk0\DR0\Partition1 - ok
13:07:33.0188 2224  [ B0028B7FDF93D2C8561E659F34950BA4 ] \Device\Harddisk0\DR0\Partition2
13:07:33.0188 2224  \Device\Harddisk0\DR0\Partition2 - ok
13:07:33.0219 2224  [ 1DBDC554DF4D3282BF9FC396F63C2CA0 ] \Device\Harddisk0\DR0\Partition3
13:07:33.0219 2224  \Device\Harddisk0\DR0\Partition3 - ok
13:07:33.0219 2224  ============================================================
13:07:33.0219 2224  Scan finished
13:07:33.0219 2224  ============================================================
13:07:33.0235 6108  Detected object count: 0
13:07:33.0235 6108  Actual detected object count: 0
13:55:47.0241 3104  Deinitialize success

markusg 15.05.2013 14:00
thx
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

gstreinaldo 15.05.2013 14:17
Code:
ComboFix 13-05-14.01 - Franz Pfeifer 15.05.2013  15:04:22.1.4 - x64
Microsoft Windows 7 Home Premium  6.1.7600.0.1252.43.1031.18.4078.2683 [GMT 2:00]
ausgeführt von:: c:\users\Franz Pfeifer\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Franz Pfeifer\AppData\Local\Microsoft\Windows\Temporary Internet Files\197164msHTMLEdit.html
c:\users\Franz Pfeifer\AppData\Local\Microsoft\Windows\Temporary Internet Files\2425304msHTMLEdit.html
c:\users\Franz Pfeifer\AppData\Local\Microsoft\Windows\Temporary Internet Files\721548msHTMLEdit.html
c:\users\Franz Pfeifer\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk
c:\users\Franz Pfeifer\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk\rasphone.pbk
c:\users\Franz Pfeifer\AppData\Roaming\MicroST
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-04-15 bis 2013-05-15  ))))))))))))))))))))))))))))))
.
.
2013-05-15 13:09 . 2013-05-15 13:09        --------        d-----w-        c:\users\Default\AppData\Local\temp
2013-05-15 12:16 . 2013-04-04 03:35        95648        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-05-15 05:54 . 2013-05-15 10:15        --------        d-----w-        C:\_OTL
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 13:00 . 2013-03-25 10:06        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-15 13:00 . 2013-03-25 10:06        692104        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-15 10:48 . 2010-07-07 15:49        75016696        ----a-w-        c:\windows\system32\MRT.exe
2013-04-04 12:50 . 2013-03-25 09:52        25928        ----a-w-        c:\windows\system32\drivers\mbam.sys
2013-03-29 00:53 . 2013-03-29 00:53        246072        ----a-w-        c:\windows\system32\drivers\avgidsdrivera.sys
2013-03-25 12:24 . 2013-03-25 12:24        39768        ----a-w-        c:\windows\system32\drivers\avgtpx64.sys
2013-03-25 11:11 . 2013-03-25 11:11        861088        ----a-w-        c:\windows\SysWow64\npDeployJava1.dll
2013-03-25 11:11 . 2010-07-07 16:34        782240        ----a-w-        c:\windows\SysWow64\deployJava1.dll
2013-03-21 01:08 . 2013-03-21 01:08        240952        ----a-w-        c:\windows\system32\drivers\avgtdia.sys
2013-03-19 06:19 . 2013-04-10 10:55        5497688        ----a-w-        c:\windows\system32\ntoskrnl.exe
2013-03-19 05:54 . 2013-04-10 10:55        43520        ----a-w-        c:\windows\system32\csrsrv.dll
2013-03-19 05:06 . 2013-04-10 10:55        3958120        ----a-w-        c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:06 . 2013-04-10 10:55        3902312        ----a-w-        c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:53 . 2013-04-10 10:55        6656        ----a-w-        c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:19 . 2013-04-10 10:55        112640        ----a-w-        c:\windows\system32\smss.exe
2013-03-15 06:28 . 2013-03-22 16:21        9311288        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{7977521B-BE33-44A5-ACDB-9C5E8DB54548}\mpengine.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-06-20 1519824]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-06-20 11:18        1519824        ----a-w-        c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-06-20 1519824]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-05-10 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 283160]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2013-05-10 37960]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-06-20 1568976]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-04-28 4408368]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2013-03-25 1219248]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2013-04-25 4936752]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys [2010-09-16 1918976]
R3 IAMTVE;Driver for Intel(R) Active Management Technology - KCS;c:\windows\system32\DRIVERS\IAMTVE.sys [2010-12-17 43416]
R3 IAMTXPE;Driver for Intel(R) Active Management Technology - KCS;c:\windows\system32\DRIVERS\IAMTXPE.sys [2010-12-17 51096]
R3 ioatdma1;ioatdma1;c:\windows\System32\Drivers\qd162x64.sys [2010-12-17 40144]
R3 ioatdma2;Intel(R) QuickData Technology device ver.2;c:\windows\System32\Drivers\qd262x64.sys [2010-12-17 42192]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-05-31 333928]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-10 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2013-02-08 71480]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2013-02-08 311096]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2013-02-08 116536]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2013-02-08 45880]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2013-03-29 246072]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2013-02-08 206136]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2013-03-21 240952]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2013-03-25 39768]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-04-18 283136]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2010-10-25 164008]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-04-23 3574624]
S2 vToolbarUpdater15.0.0;vToolbarUpdater15.0.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe [2013-03-25 990896]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 25928]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-11-19 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-11-19 181248]
S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-02-06 690208]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-11 19:10        1642448        ----a-w-        c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-05-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-25 13:00]
.
2013-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-10 08:10]
.
2013-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-10 08:10]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-12-09 11613288]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.aldi.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/5221-29898-17534-1/4
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.0.0\ViProtocol.dll
FF - ProfilePath - c:\users\Franz Pfeifer\AppData\Roaming\Mozilla\Firefox\Profiles\ovw3zs6e.default-1364202675281\
FF - prefs.js: browser.startup.homepage - www.kappl.at
FF - ExtSQL: 2013-03-25 10:12; {99B98C2C-7274-45a3-A640-D9DF1A1C8460}; c:\users\Franz Pfeifer\AppData\Roaming\Mozilla\Firefox\Profiles\ovw3zs6e.default-1364202675281\extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}.xpi
FF - ExtSQL: 2013-03-25 13:24; avg@toolbar; c:\programdata\AVG Secure Search\FireFoxExt\15.0.0.2
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Toolbar-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
SafeBoot-BsScanner
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-05-15  15:12:31
ComboFix-quarantined-files.txt  2013-05-15 13:12
.
Vor Suchlauf: 8 Verzeichnis(se), 1.904.068.816.896 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 1.904.115.879.936 Bytes frei
.
- - End Of File - - DE5E81C53E98E1C55932A529F34C01D5

markusg 15.05.2013 14:19
Hi
malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.

gstreinaldo 15.05.2013 15:55
Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.05.15.07

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Franz Pfeifer :: FRANZPFEIFER-PC [Administrator]

15.05.2013 15:18:30
mbam-log-2013-05-15 (15-18-30).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|Q:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 376239
Laufzeit: 1 Stunde(n), 5 Minute(n), 5 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\_OTL\MovedFiles.zip (Trojan.Winlock) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\_OTL\MovedFiles\05152013_015421\G_Users\Franz Pfeifer\AppData\Roaming\skype.dat (Trojan.Winlock) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

markusg 15.05.2013 16:12
Hi,
Bitte beginne damit, Windows Updates zu instalieren.
Am besten geht dies, wenn du über Start, Suchen gehst, und dort Windows Updates eingibst.
Prüfe unter "Einstellungen ändern" dass folgendes ausgewählt ist:
- Updates automatisch Instalieren,
- Täglich
- Uhrzeit wählen
- Bitte den gesammten rest anhaken, außer:
- detailierte benachichtungen anzeigen, wenn neue Microsoft software verfügbar ist.
Klicke jetzt die Schaltfläche "OK"
Klicke jetzt "nach Updates suchen".
Bitte instaliere zunächst wichtige Updates.
Es wird nötig sein, den PC zwischendurch neu zu starten. falls dies der Fall ist, musst du erneut über Start, Suchen, Windows Update aufrufen, auf Updates suchen klicken und die nächsten instalieren.

Wenn du meinst, fertig zu sein, gehe mal bitte mit Rechtsklick auf Computer, eigenschaften, prüfe, ob das Servicepack1 (sp1) instaliert ist.
Bitte melden wenn fertig

gstreinaldo 15.05.2013 16:26
2 wichtige updates müssten installiert werden..

Fehlermeldung:
Code 80070026 Unbekannter Fehler bei Windows update

markusg 15.05.2013 16:39
hi
update mal treiber für mainboard etc und versuchs dann noch mal

gstreinaldo 15.05.2013 16:59
wie update ich mein mainboard..hab das noch nie gemacht..
danke für die hilfe

markusg 15.05.2013 17:24
ist das n fertig gerät, von hp zb, dannn müsste das direkt über deren homepage gehen dabrauchst du dann nur die Gerätebezeichnung angeben

gstreinaldo 16.05.2013 09:48
Hallo Markus!

vom mainboard ect. hab ich ein update gemacht.

windows 7 sp1 kann ich nicht installieren...kommt wieder wieder eine fehlermeldung
es stehen zur zeit 12 updates zur installation zur vefügung...alle enden mit KB......
können alle nicht installiert werden...
es kommt immer wieder die fehlermeldung code 80070026

markusg 16.05.2013 16:49
hi
start ausführen:
cmd.exe
strg+shift+enter
uac abfrage bestätigen
sfc /scannow
eintippen
enter das repariert erst mal evtl. beschädigte dateien, falls das geklappt hatt, windows update erneut starten

gstreinaldo 16.05.2013 16:57
bei der eingabe von strg+shift+enter passiert leider nix

markusg 16.05.2013 17:10
geb mal cmd.exe ein und mach auf das suchergebniss n Rechtsklick und wähle als admin starten

gstreinaldo 17.05.2013 08:25
hallo markusg!

habs so gemacht wie du gesagt hast...
hab hier ein pc von medion msn 10014550
da gibts einen softwäre download der das problem Installation Windows 7 SP1 beheben sollte...hab ich auch ausprobiert...geht aber doch nicht

kannst mir noch irgendwie weiterhelfen?

danke

markusg 17.05.2013 11:42
von wo hast du die Treiber instaliert? direkt vom hersteller oder von der medion seite, evtl. haben die hersteller der einzelnen Komponennten aktuellere Versionen.

gstreinaldo 17.05.2013 11:50
hab sie direkt von der medion seite

markusg 17.05.2013 11:53
dann schau mal auf den seiten der einzelnen komponennten Hersteller, manchmal sind die treiber auf der seite eher älter.
bzw kannst du auch mal probieren, deine antimalware und sonstige software, firewall etc auszuschalten und die updates noch mal zu laden

gstreinaldo 17.05.2013 13:01
hab jetzt die datei windows6.1-KB947821-v26-x64 installiert..ist so ein Systemvorbereitungstool...anschlließend war es kein problem das service pack 1 zu installieren

also laut:
start
computer
eigenschaften
ist das service pack 1 jetzt installiert..

markusg 17.05.2013 13:23
wenn du noch mal auf , nach updates suchen, klickst, is alles im grünen Bereich?

gstreinaldo 17.05.2013 13:25
ja...es werden derzeit noch weitere 24 updates heruntergeladen

markusg 17.05.2013 13:26
dann mal so lange suchen, bis nichts mehr nachkommt, das kann a bissel dauern, dafür hast du dann aber, wenn wir mit allem durch sind, ne bessere Chance keine Probleme mit Schadsoftware zu habenb

gstreinaldo 17.05.2013 15:02
ok
windows update findet keinen weiteren updates

markusg 17.05.2013 16:07
ok, dann
http://filepony.de/download-otl/
otl ausführen, auf scan klicken und neues log posten bitte

gstreinaldo 17.05.2013 16:31
Code:
OTL Extras logfile created on: 17.05.2013 17:14:08 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Franz Pfeifer\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3,98 Gb Total Physical Memory | 1,98 Gb Available Physical Memory | 49,63% Memory free
7,96 Gb Paging File | 5,79 Gb Available in Paging File | 72,71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1831,92 Gb Total Space | 1777,06 Gb Free Space | 97,01% Space Free | Partition Type: NTFS
Drive D: | 30,00 Gb Total Space | 27,85 Gb Free Space | 92,84% Space Free | Partition Type: NTFS
Drive I: | 465,76 Gb Total Space | 333,47 Gb Free Space | 71,60% Space Free | Partition Type: NTFS
 
Computer Name: FRANZPFEIFER-PC | User Name: Franz Pfeifer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{047D8DB2-96A5-4627-B4C7-4000918670C9}" = lport=139 | protocol=6 | dir=in | app=system |
"{08539807-0FFD-4C86-B90E-318416FF7392}" = lport=138 | protocol=17 | dir=in | app=system |
"{0945B96D-BAF5-4BAC-99E7-CFB7A32A2E97}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{0D567166-D77B-4109-A669-4493839AF8C0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{11BB0D82-C080-4373-8C8D-12C6CE41739B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{122CF182-CE95-4BE6-8B97-885584F3D699}" = rport=10243 | protocol=6 | dir=out | app=system |
"{24C86B7F-1F36-4F9C-8B1A-4E8ECBA508BB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2BEEFFA6-4B76-425C-B42D-B2E85DAC5ADB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{37A82A0F-4C4B-4DB0-B442-4E8648BB6581}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3B619D04-5C1F-4DB4-9302-0216D4945162}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{4376B882-7D42-4008-8894-78FFC98C0E25}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{448F80F1-4470-47C9-B8E7-60524B1B0CA8}" = rport=137 | protocol=17 | dir=out | app=system |
"{470DC74C-E87D-41B2-AA7B-D421AFD07CD0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{51B36386-647B-4014-9648-5153CA4090C2}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{5494E976-4F4C-4E4F-8883-63F046B15C3B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{54BDD90C-C6AB-4A4F-89E3-CA62271EAAC9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{577FA061-E3A6-4502-A5ED-17FF93B72190}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{64FDA7CF-7766-4E06-A4B6-B5A8DFE13881}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{654EF75D-4A5B-45BA-A96F-CDC2896860A9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{65D3FDDF-A585-4D5C-80FE-AB471B9F31E6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{750B2EC6-75E9-45EB-B80E-805C26D26E80}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7543B933-DF9C-49F1-AFBA-04C95D7581FB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{87EDE820-2693-4E04-8C7C-2AE4DA6599EA}" = lport=445 | protocol=6 | dir=in | app=system |
"{881A2D73-7A7E-41AC-A4CB-AF2BB667EE4C}" = rport=138 | protocol=17 | dir=out | app=system |
"{B0287442-0BED-4CFA-A968-818367ABA1E2}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{BF094669-ACCA-4A90-90EC-5F5C2F709D63}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C14DF206-8804-470B-A7BA-720538CA8AD4}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C22B68C7-01C7-41CF-B659-CEB6DBDB46F0}" = rport=139 | protocol=6 | dir=out | app=system |
"{DEAD8870-9D7C-4C81-9AA8-73C0566D5747}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{DF2B54D4-99B4-484F-8843-E0BE30C9038F}" = lport=137 | protocol=17 | dir=in | app=system |
"{E09AE9FA-F5ED-480C-AB2E-3F6F5BA8E39D}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E9FA74C4-A8B6-4665-9B4C-F8FF03753D64}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{EB0A6F7C-37AB-445A-86B5-BF3CCFA7C031}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F18B72C3-B9AD-4255-BE7A-D913B669FF2D}" = rport=445 | protocol=6 | dir=out | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{022C7BF6-F4B7-448B-8D65-9E8E990DE006}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0654D1CA-6FAB-4F07-8345-FCBCB968C247}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{06F7A659-E8E1-47C6-B462-0BB85DF2BA84}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{13149270-227A-4615-A9BC-2EBDBF0A4D43}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{131D7BE0-F778-41DD-993A-568C9207ACDD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1CA34E52-E46B-4E8E-B6A5-59BA0D383228}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{1CA6C3F0-F7C3-4C27-9BF7-A4FCAB2224E2}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{2CB6CE78-4F9C-47A0-8FF2-4F81F8C37E8D}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{3D3DF184-856E-4AAE-808F-FC865541FDAF}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{3E46778B-B68C-460A-B2FA-73E9FE96AB43}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{40A2831C-5A7C-4C61-9B6B-4937973825B1}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{43137039-3E76-41F6-B7E6-9E9817D54A65}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4543E1DD-E398-4A36-89F2-2E8C767E77AB}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{45D097E0-A4DA-4142-95DB-0B1403340475}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{4DD1D17B-6BCE-457D-B4A4-2C78AF1C1B8F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{517D5AF5-D22D-4CE9-8C53-6D3887FDF734}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{519AB1D6-E627-4FED-AE6A-977895264693}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{5230BF08-C577-4525-9237-14F55E079DD0}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5601B347-33FD-4126-94C7-58D9667326D0}" = protocol=17 | dir=in | app=c:\program files (x86)\telekom austria\modemwechsel-software\modemwechsel_software.exe |
"{56E21414-7CD4-43A8-A600-56A13286C50B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{63AF8E14-39D2-4C7E-A54C-DE989CD62A99}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{664B795D-4D1F-48A0-B404-127FFE291844}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{6C7F3D6E-0A86-4279-B82E-0651ED3A2556}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{7099ACEF-1EA1-48D0-A3E4-ABC8AABD6EE7}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{7A8509C4-680E-45E2-9090-9039FB3C7DE4}" = protocol=6 | dir=in | app=c:\program files (x86)\telekom austria\modemwechsel-software\modemwechsel_software.exe |
"{7C22EBDB-02C9-4762-BD52-F6CC2771544C}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{81767678-6FEA-444E-BBCA-4ED97C037D21}" = protocol=17 | dir=in | app=c:\program files (x86)\telekom austria\breitband-internet-installation\fixnet installer\installer.exe |
"{8748AAFB-E8E3-434B-919C-4F5070BF38FE}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{88D7D2E9-15E2-4A4D-8777-E46F0C46F7A9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8BFC0620-4141-45C3-A0CE-B309237CDF96}" = protocol=6 | dir=in | app=c:\program files (x86)\telekom austria\breitband-internet-installation\fixnet installer\installer.exe |
"{91B3E276-C645-4551-87FB-E82A13C0FD72}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{99EDD1F8-800F-4A2C-B9D1-00CC5EFA5236}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9A4BCE2E-7CE1-4B27-8A7B-5725DF1DBD81}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9B711FA9-1EC7-42AB-A7C8-0BF3B9262151}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A88F4367-DB63-4DB2-8C33-5D722F0915BF}" = protocol=6 | dir=in | app=c:\program files (x86)\telekom austria\modemwechsel-software\modemwechsel_software.exe |
"{AE1541BF-C162-4C60-94FA-DB3827B8D574}" = protocol=6 | dir=in | app=c:\program files (x86)\telekom austria\breitband-internet-installation\fixnet installer\installer.exe |
"{B62EA70B-A8A5-4560-87C2-6C40D6D11A76}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{C8FBD5C8-1A0A-408B-BB81-4B14D4DC6272}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{D3EAF76F-0F13-4D83-BFD7-316B3D0F59B4}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{DA4F42E0-2728-4717-A570-90D54E67EED2}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{DAECF003-781A-42BA-8A31-304B09813474}" = protocol=17 | dir=in | app=c:\program files (x86)\telekom austria\breitband-internet-installation\fixnet installer\installer.exe |
"{EA63862D-702F-4CD1-BD0D-5E0A9C6E9EF5}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{EDC1DCD2-F7C5-42DB-B486-33487B94B922}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F3388D66-5125-4F6F-95D1-9EFA128A498A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{F40316B9-6C1C-4EAE-BF1C-F9749C3559F5}" = protocol=17 | dir=in | app=c:\program files (x86)\telekom austria\modemwechsel-software\modemwechsel_software.exe |
"{F66F372D-4F1A-48D9-ADE9-3AF8DBBBA594}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F8B46637-5F5B-468A-943F-8F8E291B101E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F95FE315-68C6-4170-B6A9-7B36C85BAEE2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FAB7DADE-FF40-47A0-98C2-55869FB5EB67}" = protocol=6 | dir=out | app=system |
"TCP Query User{3A6EB5DF-AA19-43D1-A352-BAC3E74B5E34}C:\program files (x86)\telekom austria\controller\controller.exe" = protocol=6 | dir=in | app=c:\program files (x86)\telekom austria\controller\controller.exe |
"TCP Query User{47595A0F-A112-4D09-A700-423716D7F94A}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{6CFA11EC-9942-4ACC-BBBD-39E5284CCFC7}C:\program files (x86)\telekom austria\controller\controller.exe" = protocol=6 | dir=in | app=c:\program files (x86)\telekom austria\controller\controller.exe |
"UDP Query User{4B014F76-47B0-42A2-9E2D-ED5B88F3D8E8}C:\program files (x86)\telekom austria\controller\controller.exe" = protocol=17 | dir=in | app=c:\program files (x86)\telekom austria\controller\controller.exe |
"UDP Query User{CFB330B4-AC0F-4B47-9E20-CFD49AAD2832}C:\program files (x86)\telekom austria\controller\controller.exe" = protocol=17 | dir=in | app=c:\program files (x86)\telekom austria\controller\controller.exe |
"UDP Query User{F4B579FD-27B5-4F59-B639-37AAE32B3352}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{19DCDC0D-9D87-46DB-A4B0-08B35AA333A3}" = Corel Shell Extension - 64Bit
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{21927AF8-8738-455F-AB98-7FF8FBFC6282}" = Intel(R) Network Connections 15.8.75.0
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BE5049C-E49A-4269-B1B6-EDE038F416EF}" = AVG 2013
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{AD27BE4B-A261-4F0A-AB5A-476C83EDAED2}" = AVG 2013
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.14
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.14
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"AVG" = AVG 2013
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"PROSetDX" = Intel(R) Network Connections 15.8.75.0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4
"_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{03BB06DB-15FE-47F0-B872-E6477933C986}" = Windows Live UX Platform Language Pack
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{078DAB03-A7D4-4E88-A026-9E2600FC9B1D}" = TIBOSS - Home
"{07B62101-7EBD-434A-94B1-B38063BE5516}" = CorelDRAW Essentials 4 - PHOTO-PAINT
"{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack
"{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0BE5C4DB-8EA2-483D-BD71-D7EB09040CDE}" = Windows Live UX Platform Language Pack
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{0ED4216F-3540-4D6B-8199-1C8DDEA3924B}" = CorelDRAW Essentials 4 - Lang DE
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{13FAE3E3-283E-4BF4-8FE5-17D256EDDD77}" = Windows Live UX Platform Language Pack
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19AC095C-3520-4999-AA15-93B6D0248A50}" = CorelDRAW Essentials 4 - Content
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1E87F5D4-3502-4F8E-86A5-61DE5AAD1060}" = Windows Live UX Platform Language Pack
"{1ED31028-6D65-4CFD-AD03-8E484A052FE7}" = aonUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{241E7104-937A-4366-AD57-8FDDDB003939}" = Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{291A06BB-7145-443F-9257-8913A928BD40}" = Controller
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger
"{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34A9406E-1994-4C20-AC72-04CFA2B24545}" = CorelDRAW Essentials 4 - Lang EN
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3576C335-958D-4D60-A812-F68F9A2796AF}" = CorelDRAW Essentials 4 - Lang IT
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{543E6ACA-51B7-4283-82F2-57C0582A53C5}" = Windows Live UX Platform Language Pack
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5500BB35-1C21-4328-9F16-F894B860FADE}" = CorelDRAW Essentials 4 - Lang NL
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B0A2ECE-E4C6-4BA3-AE9D-8B827F03B992}" = Windows Live UX Platform Language Pack
"{6B318C80-7BE4-4D79-9F53-4290958EA984}" = Windows Live UX Platform Language Pack
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}" = Windows Live Messenger
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{76046298-768C-492C-8C93-2983C9E3719E}" = Windows Live UX Platform Language Pack
"{76E852ED-1B06-4BC8-9D6A-625DB95FB7E5}" = CorelDRAW Essentials 4 - IPM - No VBA
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7B5DE6AE-8A2E-4E0B-A2F3-9DF510470CDE}" = Modemwechsel-Software
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7BCB4F1F-4864-4808-95F6-44BEF497EADB}" = NVIDIA PhysX
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{7F6021AE-E688-4D03-843A-C2260482BA0D}" = Windows Live Messenger
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUS_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUS_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{9043B9A0-9505-405B-8202-E7167A38A89C}" = CorelDRAW Essentials 4
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E48FF52-082C-4CC2-BB67-6E10D09C0431}" = Windows Live UX Platform Language Pack
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB770FDE-8087-4C98-9A85-BD64262C104C}" = Medion Home Cinema
"{ABD8B955-1C69-4AF3-949B-13CD587C175F}" = CorelDRAW Essentials 4 - Lang BR
"{AC76BA86-7AD7-5464-3428-A00000000004}" = Spelling Dictionaries Support For Adobe Reader X
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.7) MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B9FA9F15-A1F3-4DB1-AD49-0B9351843FAA}" = CorelDRAW Essentials 4 - Draw
"{BA9319FE-BCEF-4C99-8039-F464648D046E}" = CorelDRAW Essentials 4 - Lang FR
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4 - ICA
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C682F3F0-00A6-4379-B083-4F3273624D7B}" = CorelDRAW Essentials 4 - Lang ES
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2131BFA-A0D6-4FDE-8614-75B07A9B15EE}" = Windows Live UX Platform Language Pack
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E7688C7D-DE09-4D43-9785-534EDE9BC18E}" = Windows Live Messenger
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{ED86C4AB-D1E5-42CF-BFA3-56BAAE617D4E}" = Windows Live UX Platform Language Pack
"{EE492B20-FB15-4A98-883C-3054354A11F8}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F16841F6-5F0F-4DBE-B318-63CEB916F21D}" = CorelDRAW Essentials 4 - Filters
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"aonUpdate" = aonUpdate
"Ashampoo Burning Studio_is1" = Ashampoo Burning Studio
"Ashampoo Photo Commander_is1" = Ashampoo Photo Commander
"Ashampoo Photo Optimizer_is1" = Ashampoo Photo Optimizer
"Ashampoo Snap_is1" = Ashampoo Snap
"Controller" = Controller
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}" = Medion Home Cinema
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Modemwechsel-Software" = Modemwechsel-Software
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"Mozilla Thunderbird (5.0)" = Mozilla Thunderbird (5.0)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"TeamViewer 8" = TeamViewer 8
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite" = Windows Live Essentials
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 16.05.2013 11:18:42 | Computer Name = FranzPfeifer-PC | Source = Windows Backup | ID = 4104
Description =
 
Error - 17.05.2013 02:43:47 | Computer Name = FranzPfeifer-PC | Source = CVHSVC | ID = 100
Description = Nur zur Information.  (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
 DownloadLatest Failed:
 
Error - 17.05.2013 03:50:06 | Computer Name = FranzPfeifer-PC | Source = Microsoft Security Client Setup | ID = 100
Description = HRESULT:0x8004FF0A Description:Microsoft Security Essentials installation
 was canceled. You canceled the Security Essentials installation on your computer.
 Error code:0x8004FF0A.
 
Error - 17.05.2013 04:58:58 | Computer Name = FranzPfeifer-PC | Source = Windows Backup | ID = 4104
Description =
 
Error - 17.05.2013 05:27:39 | Computer Name = FranzPfeifer-PC | Source = Application Hang | ID = 1002
Description = Programm wusa.exe, Version 6.1.7600.16385 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 13a8    Startzeit:
 01ce52de00cc3ca7    Endzeit: 15    Anwendungspfad: C:\Windows\system32\wusa.exe    Berichts-ID:
 
 
Error - 17.05.2013 06:41:12 | Computer Name = FranzPfeifer-PC | Source = VSS | ID = 12305
Description =
 
Error - 17.05.2013 07:54:21 | Computer Name = FranzPfeifer-PC | Source = ESENT | ID = 215
Description = WinMail (4736) WindowsMail0: Die Sicherung wurde abgebrochen, weil
 sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen
 wurde.
 
Error - 17.05.2013 07:54:31 | Computer Name = FranzPfeifer-PC | Source = ESENT | ID = 215
Description = WinMail (1956) WindowsMail0: Die Sicherung wurde abgebrochen, weil
 sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen
 wurde.
 
Error - 17.05.2013 08:08:39 | Computer Name = FranzPfeifer-PC | Source = Application Virtualization Client | ID = 3159
Description = {hap=13:app=Microsoft Excel Starter 2010 9014006604070000:tid=E30}
Die
 Anwendung kann nicht heruntergefahren werden (der Startthread ist noch aktiv).
 
Error - 17.05.2013 08:10:00 | Computer Name = FranzPfeifer-PC | Source = Application Virtualization Client | ID = 6001
Description = {tid=16C0:usr=Franz Pfeifer} Fehler bei 'CreateProcess' (Rückgabecode
 1B401F2C-000000C1).
 
[ System Events ]
Error - 17.05.2013 08:08:36 | Computer Name = FranzPfeifer-PC | Source = BROWSER | ID = 8032
Description =
 
Error - 17.05.2013 08:42:38 | Computer Name = FranzPfeifer-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
 Fehlers fehlgeschlagen:  %%5
 
Error - 17.05.2013 09:15:01 | Computer Name = FranzPfeifer-PC | Source = BROWSER | ID = 8032
Description =
 
Error - 17.05.2013 09:17:53 | Computer Name = FranzPfeifer-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
 Fehlers fehlgeschlagen:  %%5
 
Error - 17.05.2013 09:52:41 | Computer Name = FranzPfeifer-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
 Fehlers fehlgeschlagen:  %%5
 
Error - 17.05.2013 10:02:37 | Computer Name = FranzPfeifer-PC | Source = NetBT | ID = 4321
Description = Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit
 IP-Adresse 10.0.0.123  registriert werden. Der Computer mit IP-Adresse 10.0.0.125
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 17.05.2013 11:03:43 | Computer Name = FranzPfeifer-PC | Source = Service Control Manager | ID = 7043
Description = Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements
 nicht richtig heruntergefahren werden.
 
Error - 17.05.2013 11:03:44 | Computer Name = FranzPfeifer-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
 Fehlers fehlgeschlagen:  %%5
 
Error - 17.05.2013 11:04:17 | Computer Name = FranzPfeifer-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst cvhsvc erreicht.
 
Error - 17.05.2013 11:20:34 | Computer Name = FranzPfeifer-PC | Source = NetBT | ID = 4321
Description = Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit
 IP-Adresse 10.0.0.123  registriert werden. Der Computer mit IP-Adresse 10.0.0.125
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
 
< End of report >
Code:
OTL logfile created on: 17.05.2013 17:14:08 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Franz Pfeifer\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3,98 Gb Total Physical Memory | 1,98 Gb Available Physical Memory | 49,63% Memory free
7,96 Gb Paging File | 5,79 Gb Available in Paging File | 72,71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1831,92 Gb Total Space | 1777,06 Gb Free Space | 97,01% Space Free | Partition Type: NTFS
Drive D: | 30,00 Gb Total Space | 27,85 Gb Free Space | 92,84% Space Free | Partition Type: NTFS
Drive I: | 465,76 Gb Total Space | 333,47 Gb Free Space | 71,60% Space Free | Partition Type: NTFS
 
Computer Name: FRANZPFEIFER-PC | User Name: Franz Pfeifer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.05.17 17:13:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Franz Pfeifer\Downloads\OTL.exe
PRC - [2013.05.10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.04.29 00:58:42 | 004,408,368 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe
PRC - [2013.04.25 13:41:34 | 004,936,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
PRC - [2013.04.23 09:48:17 | 010,244,448 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
PRC - [2013.04.23 09:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.04.23 09:40:59 | 000,193,888 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
PRC - [2013.04.18 04:34:38 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
PRC - [2013.04.16 14:13:18 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013.03.25 14:24:16 | 001,219,248 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2013.03.25 14:24:16 | 000,990,896 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe
PRC - [2012.11.19 12:15:20 | 000,285,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2012.11.19 12:15:20 | 000,014,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012.08.28 13:04:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010.11.17 19:53:00 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010.03.18 23:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2009.11.03 00:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.05.17 15:15:07 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\b2c0f91d4817a23f3fd07cd05ebd8e89\System.Windows.Forms.ni.dll
MOD - [2013.05.17 15:15:07 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\d5eb9579d1850678612625ab995629ea\System.Core.ni.dll
MOD - [2013.05.17 15:14:49 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\11dfbb7df959cb6dd5b57816141de355\System.Configuration.ni.dll
MOD - [2013.05.17 08:52:30 | 000,027,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorDataMgrSvcInt#\9ece74a249e7d0c033acf2bcdabf1ca6\IAStorDataMgrSvcInterfaces.ni.dll
MOD - [2013.05.17 08:52:29 | 000,361,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorUtil\2d8a7dc45bb6e2fae260e84aca3324e6\IAStorUtil.ni.dll
MOD - [2013.05.17 08:52:29 | 000,026,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorCommon\dd9f242d63dc216e957dd2e6c5b239a9\IAStorCommon.ni.dll
MOD - [2013.04.16 14:13:18 | 003,133,336 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013.03.25 14:24:16 | 001,219,248 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2013.03.25 14:24:16 | 000,157,360 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.0.0\SiteSafety.dll
MOD - [2013.01.10 22:22:22 | 000,649,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\9253eb314ef2f5adada0d5fdf1d4a839\System.Transactions.ni.dll
MOD - [2013.01.10 22:22:21 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\62d047ff6c2865139d95eb19545b1cc6\SMDiagnostics.ni.dll
MOD - [2013.01.10 22:22:19 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\cbb7db665b3ba25a931258eb702527f5\System.Xaml.ni.dll
MOD - [2013.01.10 22:14:53 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b83993cc955262507c8ead67567c8060\System.Drawing.ni.dll
MOD - [2013.01.10 22:14:52 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d884c684ee3f738a60e3c50dd5d88caa\System.Xml.ni.dll
MOD - [2013.01.10 22:14:50 | 009,094,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\df418085cedae9fa2efee87e20a419a4\System.ni.dll
MOD - [2013.01.10 22:14:45 | 014,413,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\60c214b6ad5691e368a16ec65d127c27\mscorlib.ni.dll
MOD - [2011.03.17 01:11:16 | 004,297,568 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2009.11.03 00:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009.11.03 00:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2010.10.25 18:42:10 | 000,164,008 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel(R)
SRV:64bit: - [2010.09.23 03:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2013.05.15 15:00:11 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.04.25 13:41:34 | 004,936,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013.04.23 09:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.04.18 04:34:38 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2013.04.16 14:13:18 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.03.25 14:24:16 | 000,990,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe -- (vToolbarUpdater15.0.0)
SRV - [2012.11.19 12:15:20 | 000,014,904 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012.08.28 13:04:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010.03.18 23:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013.03.29 02:53:48 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2013.03.25 14:24:16 | 000,039,768 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013.03.21 03:08:24 | 000,240,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2013.02.18 09:22:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013.02.08 05:37:56 | 000,116,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2013.02.08 05:37:54 | 000,311,096 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2013.02.08 05:37:50 | 000,071,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2013.02.08 05:37:42 | 000,206,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2013.02.08 05:37:40 | 000,045,880 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2012.11.19 12:10:38 | 000,652,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012.11.19 12:10:36 | 000,028,216 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.10.01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011.10.01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011.10.01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011.10.01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011.03.11 13:08:32 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.17 11:57:03 | 000,315,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2010.12.17 11:55:56 | 000,042,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qd262x64.sys -- (ioatdma2)
DRV:64bit: - [2010.12.17 11:55:55 | 000,040,144 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qd162x64.sys -- (ioatdma1)
DRV:64bit: - [2010.12.17 11:55:50 | 000,051,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IAMTXPE.sys -- (IAMTXPE)
DRV:64bit: - [2010.12.17 11:55:50 | 000,043,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IAMTVE.sys -- (IAMTVE)
DRV:64bit: - [2010.11.25 06:59:16 | 000,694,888 | ---- | M] (Realtek Semiconductor Corporation                          ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTL8192su.sys -- (RTL8192su)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.19 20:34:00 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.11.19 20:34:00 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.11.06 09:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.09.16 19:33:42 | 001,918,976 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur)
DRV:64bit: - [2010.05.31 11:46:50 | 000,333,928 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com/
IE - HKCU\..\SearchScopes,DefaultScope = {B20DD74D-4077-4FF6-9CC1-E403753A7B10}
IE - HKCU\..\SearchScopes\{0B0942D1-2A85-4FC8-B18E-956012592DAF}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10397&src=crm&q={searchTerms}&locale=de_AT&apn_ptnrs=^ABV&apn_dtid=^YYYYYY^YY^AT&apn_uid=1f5b774f-b7dc-4e7b-b892-ac5998c409fa&apn_sauid=E3040D31-117C-4BEA-8A6C-C0453C7342C0
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={3EA82864-9C08-4936-8464-D0E68A879265}&mid=2c9455e7acf847d194fb17dd4471ea14-763ebbbc8e1697bb879dc232c82105c195203ac4&lang=de&ds=AVG&pr=fr&d=2012-07-04 10:23:08&v=11.1.0.12&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{B20DD74D-4077-4FF6-9CC1-E403753A7B10}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNC_deAT431AT431
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "www.kappl.at"
FF - prefs.js..extensions.enabledAddons: %7B99B98C2C-7274-45a3-A640-D9DF1A1C8460%7D:1.4
FF - prefs.js..extensions.enabledAddons: avg%40toolbar:15.0.0.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.0.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\15.0.0.2 [2013.03.25 14:24:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.16 14:13:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.07.20 13:45:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.16 14:13:18 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011.05.10 11:18:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Franz Pfeifer\AppData\Roaming\mozilla\Extensions
[2011.05.10 11:18:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Franz Pfeifer\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2013.03.25 11:12:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Franz Pfeifer\AppData\Roaming\mozilla\Firefox\Profiles\ovw3zs6e.default-1364202675281\extensions
[2013.03.25 11:12:24 | 000,030,926 | ---- | M] () (No name found) -- C:\Users\Franz Pfeifer\AppData\Roaming\mozilla\firefox\profiles\ovw3zs6e.default-1364202675281\extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}.xpi
[2013.04.16 14:13:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.03.25 14:24:23 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\15.0.0.2
[2013.04.16 14:13:18 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.10.25 15:28:56 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.03.25 14:24:23 | 000,003,714 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.10.25 15:28:56 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.10.25 15:28:56 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.25 15:28:56 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.25 15:28:56 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.25 15:28:56 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2013.05.15 15:10:06 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O9:64bit: - Extra Button: eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/5221-29898-17534-1/4 File not found
O9:64bit: - Extra 'Tools' menuitem : eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/5221-29898-17534-1/4 File not found
O9 - Extra 'Tools' menuitem : Sun Java-Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/5221-29898-17534-1/4 File not found
O9 - Extra 'Tools' menuitem : eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/5221-29898-17534-1/4 File not found
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: blank ([]about in Lokales Intranet)
O15 - HKCU\..Trusted Domains: fritz.repeater ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab (Office Genuine Advantage Validation Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{30E67861-9157-4799-89D3-334524880988}: DhcpNameServer = 10.0.0.138 10.0.0.138
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.0.0\ViProtocol.dll ()
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.05.17 15:51:09 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2013.05.17 15:51:09 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2013.05.17 15:51:09 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2013.05.17 15:51:07 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2013.05.17 15:51:07 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2013.05.17 15:51:05 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013.05.17 15:51:05 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013.05.17 15:51:05 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2013.05.17 15:51:05 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2013.05.17 15:51:05 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2013.05.17 15:51:05 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2013.05.17 15:51:05 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2013.05.17 15:51:05 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2013.05.17 15:51:05 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013.05.17 15:51:05 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2013.05.17 15:51:05 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013.05.17 15:51:05 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2013.05.17 15:51:05 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2013.05.17 15:51:04 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013.05.17 15:51:04 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2013.05.17 15:51:04 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2013.05.17 15:51:04 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013.05.17 15:51:04 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2013.05.17 15:51:03 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013.05.17 15:32:19 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013.05.17 15:30:50 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2013.05.17 15:30:50 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2013.05.17 15:03:54 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013.05.17 15:03:54 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013.05.17 15:03:54 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013.05.17 15:03:54 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2013.05.17 14:56:20 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2013.05.17 14:56:20 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2013.05.17 14:56:20 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2013.05.17 14:56:20 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2013.05.17 14:56:20 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2013.05.17 14:56:20 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2013.05.17 14:53:33 | 000,735,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.05.17 14:53:32 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.05.17 14:53:32 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.05.17 14:53:32 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.05.17 14:53:32 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.05.17 14:53:32 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.05.17 14:53:32 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.05.17 14:22:13 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2013.05.17 14:22:13 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2013.05.17 14:22:13 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2013.05.17 14:21:33 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013.05.17 14:21:33 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013.05.17 14:19:33 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2013.05.17 14:16:33 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2013.05.17 14:13:29 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2013.05.17 14:13:02 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013.05.17 12:58:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2013.05.17 11:03:14 | 000,000,000 | --SD | C] -- C:\Users\Franz Pfeifer\Documents\Meine Datenquellen
[2013.05.17 09:09:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013.05.17 09:07:35 | 000,000,000 | ---D | C] -- C:\temp
[2013.05.17 09:05:58 | 019,906,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013.05.17 09:05:58 | 009,139,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013.05.17 09:05:58 | 002,218,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013.05.17 09:05:58 | 001,760,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2013.05.17 09:05:57 | 026,328,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013.05.17 09:05:57 | 015,308,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2013.05.17 09:05:57 | 012,491,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013.05.17 09:05:57 | 007,693,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013.05.17 09:05:57 | 007,414,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013.05.17 09:05:57 | 006,127,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013.05.17 09:05:57 | 002,747,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013.05.17 09:05:57 | 002,574,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013.05.17 09:05:57 | 001,867,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013.05.17 09:05:57 | 001,482,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2013.05.17 09:05:56 | 018,251,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013.05.17 09:05:53 | 025,256,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013.05.17 09:05:53 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013.05.17 09:05:53 | 002,428,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2013.05.17 09:05:53 | 000,973,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2013.05.17 09:05:53 | 000,831,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2013.05.17 09:05:53 | 000,247,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2013.05.17 09:05:53 | 000,202,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2013.05.17 09:05:19 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2013.05.17 08:57:47 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2013.05.17 08:57:47 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2013.05.16 11:42:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.05.16 11:42:26 | 000,263,584 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.05.16 11:42:20 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.05.16 11:42:20 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.05.16 11:42:20 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.05.16 09:57:21 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2013.05.16 09:57:20 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2013.05.16 09:57:20 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2013.05.16 09:57:20 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2013.05.16 09:47:33 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2013.05.16 09:47:33 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2013.05.16 09:47:32 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2013.05.16 09:47:32 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2013.05.16 09:12:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue
[2013.05.16 08:41:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2013.05.16 08:33:06 | 000,652,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStorA.sys
[2013.05.16 08:33:06 | 000,028,216 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStorF.sys
[2013.05.16 08:33:02 | 000,000,000 | ---D | C] -- C:\Users\Franz Pfeifer\AppData\Roaming\InstallShield
[2013.05.16 08:19:45 | 000,000,000 | ---D | C] -- C:\Medion
[2013.05.15 17:10:10 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.05.15 15:59:00 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013.05.15 15:12:33 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.05.15 15:03:07 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.05.15 15:03:07 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.05.15 15:03:07 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.05.15 15:03:01 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.05.15 15:02:47 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.05.15 14:59:07 | 005,066,131 | R--- | C] (Swearware) -- C:\Users\Franz Pfeifer\Desktop\ComboFix.exe
[2013.05.15 07:54:21 | 000,000,000 | ---D | C] -- C:\_OTL
[2013.05.10 09:37:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
 
========== Files - Modified Within 30 Days ==========
 
[2013.05.17 17:13:51 | 000,015,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.17 17:13:51 | 000,015,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.17 17:12:34 | 001,540,404 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.05.17 17:12:34 | 000,673,746 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.05.17 17:12:34 | 000,624,732 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.05.17 17:12:34 | 000,136,334 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.05.17 17:12:34 | 000,112,100 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.05.17 17:06:24 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.17 17:05:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.17 17:05:51 | 3206,787,072 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.17 16:58:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.17 16:32:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.17 14:45:46 | 000,353,280 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.05.17 13:09:02 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msclmd.dll
[2013.05.17 13:09:01 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msclmd.dll
[2013.05.17 09:50:05 | 000,002,052 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013.05.16 11:42:11 | 000,866,720 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.05.16 11:42:11 | 000,788,896 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.05.16 11:42:11 | 000,263,584 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.05.16 11:42:11 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.05.16 11:42:11 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.05.16 11:42:11 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.05.16 08:41:21 | 001,565,144 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.05.15 15:10:06 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.05.15 15:00:11 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.05.15 15:00:11 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.05.15 15:00:00 | 005,066,131 | R--- | M] (Swearware) -- C:\Users\Franz Pfeifer\Desktop\ComboFix.exe
[2013.05.15 14:08:37 | 000,002,023 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2013.05.10 09:37:08 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013.04.30 13:39:36 | 000,001,094 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.04.24 10:02:32 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
 
========== Files Created - No Company Name ==========
 
[2013.05.17 09:50:05 | 000,002,052 | ---- | C] () -- C:\Windows\epplauncher.mif
[2013.05.17 09:08:32 | 003,485,670 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2013.05.17 08:57:49 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013.05.16 09:57:19 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013.05.15 15:03:07 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.05.15 15:03:07 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.05.15 15:03:07 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.05.15 15:03:07 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.05.15 15:03:07 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

markusg 17.05.2013 16:34
hi
internet explorer mal instaliren, auch wenn du einen anderen nutzt, ist er wichtiger system bestandteil und daher die Version 10 drauf.
Internet Explorer*10 herunterladen

gstreinaldo 17.05.2013 16:55
hi

internet explorer 10 ist installiert

markusg 17.05.2013 17:02
bHi,


otl fix

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:
:OTL
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={3EA82864-9C08-4936-8464-D0E68A879265}&mid=2c9455e7acf847d194fb17dd4471ea14-763ebbbc8e1697bb879dc232c82105c195203ac4&lang=de&ds=AVG&pr=fr&d=2012-07-04
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O9:64bit: - Extra Button: eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/5221-29898-17534-1/4 File not found
O9:64bit: - Extra 'Tools' menuitem : eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/5221-29898-17534-1/4 File not found
O9 - Extra 'Tools' menuitem : Sun Java-Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/5221-29898-17534-1/4 File not found
O9 - Extra 'Tools' menuitem : eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/5221-29898-17534-1/4 File not found
:files
:Commands
[emptytemp]
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread


bitte teste, ob es im Firefox, internet explorer, und sonstigen
evtl. instalierte Browser, irgendwelche ungewollten toolbars, umleitungen oder sonstigen Probleme gibt.
Teste wie pc und programme allgemein laufen.

gstreinaldo 17.05.2013 17:21
Code:
All processes killed
========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
========== FILES ==========
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56502 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Franz Pfeifer
->Temp folder emptied: 20745113 bytes
->Temporary Internet Files folder emptied: 93771428 bytes
->Java cache emptied: 1 bytes
->FireFox cache emptied: 32610068 bytes
->Flash cache emptied: 57396 bytes
 
User: Public
->Temp folder emptied: 0 bytes
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56502 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 38223421 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 77963 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 553064655 bytes
 
Total Files Cleaned = 704,00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 05172013_180723

Files\Folders moved on Reboot...
C:\Users\Franz Pfeifer\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
firefox kein problem
internet explorer-> wenn ich eine adresse eingebe z.b.: SPIEGEL ONLINE - Nachrichten passiert gar nix
es wird nur die startseite geöffnet

markusg 17.05.2013 17:34
kannst du den ie mal auf standardeinstellung zurück setzen und dann, nach pc neustart testen:
Zurücksetzen von Internet Explorer-Einstellungen

gstreinaldo 17.05.2013 17:42
..jetzt funktionieren beide ganz normal

markusg 17.05.2013 17:53
sehr gut.
öffne otl. bereinigen, pc startet neu, remover werden gelöscht.
Lösche übrig gebliebene Setups, Logs, von uns verwendete Programme.
PC absichern:
als antimalware programm würde ich emsisoft empfehlen.
diese haben für mich den besten schutz kostet aber etwas.
Computeractive Software Store - Emsisoft Anti-Malware 7 [1-PC] - 63% off RRP
testversion:
Meine Antivirus-Empfehlung: Emsisoft Anti-Malware
insbesondere wenn du onlinebanking, einkäufe, sonstige zahlungsabwicklungen oder ähnlich wichtiges, wie zb berufliches machst, also sensible daten zu schützen sind, solltest du in sicherheitssoftware investieren.
vor dem aktivieren der lizenz die 30 tage testzeitraum ausnutzen.

kostenlos, aber eben nicht ganz so gut währe avast zu empfehlen.
http://www.trojaner-board.de/110895-...antivirus.html

sag mir welches du nutzt, dann gebe ich konfigurationshinweise.
bitte dein bisheriges av deinstalieren
die folgende anleitung ist umfangreich, dass ist mir klar, sie sollte aber umgesetzt werden, da nur dann dein pc sicher ist. stelle so viele fragen wie nötig, ich arbeite gern alles mit dir durch!

http://www.trojaner-board.de/96344-a...-rechners.html
Starte bitte mit der Passage, Windows Vista und Windows 7
Bitte beginne damit, Windows Updates zu instalieren.
Am besten geht dies, wenn du über Start, Suchen gehst, und dort Windows Updates eingibst.
Prüfe unter "Einstellungen ändern" dass folgendes ausgewählt ist:
- Updates automatisch Instalieren,
- Täglich
- Uhrzeit wählen
- Bitte den gesammten rest anhaken, außer:
- detailierte benachichtungen anzeigen, wenn neue Microsoft software verfügbar ist.
Klicke jetzt die Schaltfläche "OK"
Klicke jetzt "nach Updates suchen".
Bitte instaliere zunächst wichtige Updates.
Es wird nötig sein, den PC zwischendurch neu zu starten. falls dies der Fall ist, musst du erneut über Start, Suchen, Windows Update aufrufen, auf Updates suchen klicken und die nächsten instalieren.
Mache das selbe bitte mit den optionalen Updates.
Bitte übernimm den rest so, wie es im Abschnitt windows 7 / Vista zu lesen ist.
aus dem Abschnitt xp, bitte den punkt "datenausführungsverhinderung, dep" übernehmen.
als browser rate ich dir zu chrome:
http://support.google.com/chrome/bin...&answer=118663
anleitung lesen bitte
falls du nen andern nutzen willst, sags mir dann muss ich teile der nun folgenden anleitung anpassen.


Sandboxie
Die devinition einer Sandbox ist hier nachzulesen:
Sandbox
Kurz gesagt, man kann Programme fast 100 %ig isuliert vom System ausführen.

Der Vorteil liegt klar auf der Hand, wenn über den Browser Schadcode eingeschläust wird, kann dieser nicht nach außen dringen.
Download Link:
Sandboxie - Download - Filepony

anleitung:
http://www.trojaner-board.de/71542-a...sandboxie.html
ausführliche anleitung als pdf, auch abarbeiten:
Sandbox Einstellungen |

bitte folgende zusatz konfiguration machen:
sandboxie control öffnen, menü sandbox anklicken, defauldbox wählen.
dort klicke auf sandbox einstellungen.
beschrenkungen, bei programm start und internet zugriff schreibe:
chrome.exe
dann gehe auf anwendungen, webbrowser, chrome.
dort aktiviere alles außer gesammten profil ordner freigeben.
Wie du evtl. schon gesehen hast, kannst du einige Funktionen nicht nutzen.
Dies ist nur in der Vollversion nötig, zu deren Kauf ich dir rate.
Du kannst zb unter "Erzwungene Programmstarts" festlegen, dass alle Browser in der Sandbox starten.
Ansonsten musst du immer auf "Sandboxed webbrowser" klicken bzw Rechtsklick, in Sandboxie starten.
Eine lebenslange Lizenz kostet 30 €, und ist auf allen deinen PC's nutzbar.

Weiter mit:
Maßnahmen für ALLE Windows-Versionen
alles komplett durcharbeiten
anmerkung zu file hippo.
in den settings zusätzlich auswählen:
hide beta updates.
Run updateChecker when Windows starts

Backup Programm:
in meiner Anleitung ist bereits ein Backup Programm verlinkt, als Alternative bietet sich auch das Windows eigene Backup Programm an:
http://www.trojaner-board.de/82962-w...en-backup.html
Dies ist aber leider nur für Windows 7 Nutzer vernünftig nutzbar.
Alle Anderen sollten sich aber auf jeden fall auch ein Backup Programm instalieren, denn dies kann unter Umständen sehr wichtig sein, zum Beispiel, wenn die Festplatte einmal kaputt ist.

Zum Schluss, die allgemeinen sicherheitstipps beachten, wenn es dich betrifft, den Tipp zum Onlinebanking beachten und alle Passwörter ändern
bitte auch lesen, wie mache ich programme für alle sichtbar:
Programme für alle Konten nutzbar machen - PCtipp.ch - Praxis & Hilfe
surfe jetzt also nur noch im standard nutzer konto und dort in der sandbox.
wenn du die kostenlose version nutzt, dann mit klick auf sandboxed web browser, wenn du die bezahlversion hast, kannst du erzwungene programm starts festlegen, dann wird sandboxie immer gestartet wenn du nen browser aufrufst.
wenn du mit der maus über den browser fährst sollte der eingerahmt sein, dann bist du im sandboxed web browser

passwort sicherheit:
jeder dienst benötigt ein eigenes, mindestens 12-stelliges passwort
bei der passwort verwaltung und erstellung hilft roboform
Passwort Manager, Formular Ausfueller, Passwort Management | RoboForm Passwort Manager
anleitung:
RoboForm-Bedienungsanleitung: Passwort-Manager, Verwalten von Passwörtern und persönlichen Daten

gstreinaldo 17.05.2013 18:06
ok
werd das ganze so abarbeiten...
darf ich mich bei fragen wieder bei dir melden(wieder hier einfach im thema oder wo anders?)
werd das kostenlose avast antivirus programm bevorzugen
ist mein pc jetzt wieder sauber jetzt...

markusg 17.05.2013 18:08
ist sauber, und melden hier, bei fragen bzw erfolgreicher Umsetzung

gstreinaldo 18.05.2013 21:26
hallo markus!

hab alles so gemacht wie in deiner antwort beschrieben...

beim programm Secunia psi hab ich das problem, dass es beim start zwar ladet aber sonst nix passiert...vielleicht einstellungsproblem meiner seits ?

danke für deine hilfe

markusg 20.05.2013 11:45
hi
kannst du es de- und reinstalieren.
Wenn Filehippo funktioniert, kannst du secunia zur Not auch weg lassen.


Alle Zeitangaben in WEZ +1. Es ist jetzt 09:21 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131