MyStart Incredibar auf Rechner entdeckt, was kann ich tun?

Sorani · 05.08.2012, 08:21

Code:

ATTFilter

# AdwCleaner v1.800 - Logfile created 08/05/2012 at 09:15:54
# Updated 01/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Svenja - ELSTER
# Running from : C:\Users\Svenja\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS

***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (de)

Profile name : default 
File : C:\Users\Svenja\AppData\Roaming\Mozilla\Firefox\Profiles\a7qxkgnf.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v21.0.1180.60

File : C:\Users\Svenja\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [54924 octets] - [19/07/2012 21:54:52]
AdwCleaner[R2].txt - [54985 octets] - [20/07/2012 10:38:21]
AdwCleaner[S1].txt - [44426 octets] - [20/07/2012 10:38:35]
AdwCleaner[R3].txt - [8348 octets] - [25/07/2012 19:16:01]
AdwCleaner[R4].txt - [8488 octets] - [29/07/2012 10:02:13]
AdwCleaner[S2].txt - [7403 octets] - [29/07/2012 10:02:23]
AdwCleaner[R5].txt - [1712 octets] - [03/08/2012 17:32:31]
AdwCleaner[R6].txt - [1772 octets] - [05/08/2012 09:15:30]
AdwCleaner[S3].txt - [1478 octets] - [05/08/2012 09:15:54]

########## EOF - C:\AdwCleaner[S3].txt - [1606 octets] ##########

cosinus · 05.08.2012, 15:21

Hätte da mal drei Fragen bevor es weiter geht

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?
3.) Die incredi-Kacke ist nun weg?

Sorani · 07.08.2012, 16:20

1) Ja
2) Alles da
3) Anscheinend ja

cosinus · 08.08.2012, 18:16

Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

ATTFilter

 hier steht das Log

CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Setze oben mittig den Haken bei Scanne alle Benutzer
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet

Code:

ATTFilter

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf .
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

Sorani · 13.08.2012, 13:40

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 13.08.2012 14:16:58 - Run 4
OTL by OldTimer - Version 3.2.57.0     Folder = C:\Users\Svenja\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,86 Gb Total Physical Memory | 5,87 Gb Available Physical Memory | 74,70% Memory free
15,71 Gb Paging File | 13,57 Gb Available in Paging File | 86,35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 680,54 Gb Total Space | 518,76 Gb Free Space | 76,23% Space Free | Partition Type: NTFS
 
Computer Name: ELSTER | User Name: Svenja | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.08.13 14:13:52 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Svenja\Desktop\OTL.exe
PRC - [2012.08.08 10:40:57 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.26 06:32:24 | 004,327,744 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\Svenja\AppData\Local\Akamai\netsession_win.exe
PRC - [2012.05.24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Svenja\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.05.10 16:19:49 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.10 16:19:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.02.14 12:44:28 | 001,564,368 | ---- | M] () -- C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
PRC - [2011.10.16 13:44:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.08.26 15:14:40 | 000,177,448 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
PRC - [2011.08.24 19:03:44 | 000,120,104 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
PRC - [2011.08.24 19:03:42 | 000,169,352 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
PRC - [2011.08.17 12:04:36 | 000,247,872 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
PRC - [2011.07.01 04:51:14 | 000,418,896 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
PRC - [2011.07.01 04:51:14 | 000,343,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2011.07.01 04:51:12 | 001,103,440 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2011.07.01 04:51:12 | 000,353,360 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2011.06.06 21:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.05.30 04:54:14 | 000,036,456 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2011.05.12 17:59:00 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.04.30 09:32:54 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.04.24 03:29:20 | 000,256,832 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
PRC - [2011.04.24 03:28:38 | 000,297,280 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
PRC - [2011.04.22 18:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
PRC - [2011.02.23 22:19:22 | 000,371,200 | ---- | M] (shbox.de) -- C:\Program Files (x86)\FreePDF_XP\fpassist.exe
PRC - [2011.02.01 23:24:42 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.02.01 23:24:40 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.01.17 19:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2011.01.17 19:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010.11.17 03:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2007.06.11 11:25:42 | 006,731,312 | ---- | M] (GRISOFT s.r.o.) -- C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
PRC - [2007.05.30 14:31:10 | 000,312,880 | ---- | M] (GRISOFT s.r.o.) -- C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.02.24 00:56:40 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2012.02.14 12:44:28 | 001,564,368 | ---- | M] () -- C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
MOD - [2012.02.09 09:25:14 | 000,071,352 | ---- | M] () -- C:\Programme\TortoiseGit\bin\zlib132.dll
MOD - [2012.02.09 09:25:08 | 000,227,512 | ---- | M] () -- C:\Programme\TortoiseGit\bin\libgit232.dll
MOD - [2012.01.13 15:33:12 | 000,070,424 | ---- | M] () -- C:\Programme\TortoiseSVN\bin\libsasl32.dll
MOD - [2011.08.24 19:03:42 | 000,206,216 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
MOD - [2011.08.24 19:03:42 | 000,169,352 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
MOD - [2011.04.24 03:29:56 | 000,465,640 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.08.02 09:45:15 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.07.19 10:13:49 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.10 22:07:02 | 004,419,392 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll -- (Akamai)
SRV - [2012.06.15 12:26:32 | 000,103,472 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2012.05.10 16:19:49 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Disabled | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2012.05.10 16:19:49 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.10 16:19:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.02.14 12:44:28 | 001,564,368 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe -- (Guard.Mail.ru)
SRV - [2012.01.14 00:28:29 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011.10.16 13:44:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.08.17 12:04:36 | 000,247,872 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2011.08.02 12:59:46 | 000,872,552 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2011.07.01 04:51:12 | 000,353,360 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2011.06.21 13:55:04 | 000,173,424 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)
SRV - [2011.06.13 18:07:00 | 004,121,080 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2011.06.07 13:25:12 | 000,191,752 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.06.06 21:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.05.30 04:54:14 | 000,036,456 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2011.05.12 17:59:00 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011.05.05 22:36:05 | 000,022,528 | ---- | M] () [Auto | Running] -- C:\Programme\DAZ 3D\Content Management Service\ContentManagementServer.exe -- (DAZContentManagementService)
SRV - [2011.04.30 09:32:54 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011.04.24 03:29:20 | 000,256,832 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2011.04.22 18:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
SRV - [2011.03.29 06:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011.02.01 23:24:42 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.02.01 23:24:40 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.11.29 16:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Programme\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV - [2010.10.12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010.09.23 03:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.06.02 00:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.05.30 14:31:10 | 000,312,880 | ---- | M] (GRISOFT s.r.o.) [Auto | Running] -- C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard.exe -- (AVG Anti-Spyware Guard)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.05.10 16:19:49 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.10 16:19:49 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.04.27 15:46:28 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.14 00:27:21 | 000,062,776 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2012.01.14 00:27:21 | 000,022,648 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2012.01.14 00:27:21 | 000,020,520 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2011.12.15 16:00:00 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.10.16 13:44:00 | 000,028,992 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011.09.20 12:02:55 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2011.09.20 12:02:55 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2011.07.20 00:33:04 | 002,755,584 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011.07.14 07:35:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.07.14 07:35:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.06.10 20:16:10 | 012,230,912 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.05.16 15:57:32 | 000,051,240 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiMSa.sys -- (bScsiMSa)
DRV:64bit: - [2011.05.10 05:42:16 | 000,425,000 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2011.05.06 11:11:12 | 000,086,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiSDa.sys -- (bScsiSDa)
DRV:64bit: - [2011.04.26 20:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.04.05 13:26:26 | 000,142,632 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2011.02.10 08:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011.02.10 08:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011.01.20 19:15:30 | 000,019,496 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdmp.sys -- (b57xdmp)
DRV:64bit: - [2011.01.20 19:15:28 | 000,067,624 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdbd.sys -- (b57xdbd)
DRV:64bit: - [2010.11.29 16:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.10.20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.10.15 10:28:18 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007.05.30 14:10:42 | 000,014,072 | ---- | M] (GRISOFT, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AvgAsC64.sys -- (AvgAsC64)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007.05.30 14:10:42 | 000,012,024 | ---- | M] () [Kernel | System | Running] -- C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard64.sys -- (AVG Anti-Spyware Driver)
DRV - [2005.01.04 11:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3169206028-719296453-3258188591-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-3169206028-719296453-3258188591-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE - HKU\S-1-5-21-3169206028-719296453-3258188591-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-3169206028-719296453-3258188591-1001\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-3169206028-719296453-3258188591-1001\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-3169206028-719296453-3258188591-1001\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-3169206028-719296453-3258188591-1001\..\SearchScopes,DefaultScope = {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
IE - HKU\S-1-5-21-3169206028-719296453-3258188591-1001\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-3169206028-719296453-3258188591-1001\..\SearchScopes\{FEF16A63-8E07-4C50-A2C9-FFB93E2CFA02}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=42c9712f-2505-4c63-8ef9-68739c58fa58&apn_sauid=1327F670-EE14-4D0A-BDD5-5392C6E26786
IE - HKU\S-1-5-21-3169206028-719296453-3258188591-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3169206028-719296453-3258188591-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: calendar-timezones@mozilla.org:0.1.2008d
FF - prefs.js..extensions.enabledItems: default-palette@celtx.com:1.0
FF - prefs.js..extensions.enabledItems: emoticons-msn-smileys@m513901.de:0.1
FF - prefs.js..extensions.enabledItems: inspector@mozilla.org:2.0.0
FF - prefs.js..extensions.enabledItems: messagestyle-blackened@addons.instantbird.org:0.9
FF - prefs.js..extensions.enabledItems: messagestyle-depth@addons.instantbird.org:1.1
FF - prefs.js..extensions.enabledItems: messagestyle-minimal20@addons.instantbird.org:1.5
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.2.1: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.2.1: C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Svenja\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Svenja\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Svenja\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012.07.24 16:41:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.19 10:13:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.06.21 09:02:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.19 10:13:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.05.29 20:15:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Svenja\AppData\Roaming\mozilla\Extensions
[2012.05.29 20:15:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Svenja\AppData\Roaming\mozilla\Extensions\celtx@celtx.com
[2012.07.30 13:37:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Svenja\AppData\Roaming\mozilla\Firefox\Profiles\a7qxkgnf.default\extensions
[2012.03.18 12:11:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.05.29 20:15:29 | 000,000,000 | ---D | M] (Timezone Definitions for Mozilla Calendar) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\CALENDAR-TIMEZONES@MOZILLA.ORG
[2012.05.29 20:15:29 | 000,000,000 | ---D | M] (Default Shot Palette) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\DEFAULT-PALETTE@CELTX.COM
[2012.05.29 20:15:29 | 000,000,000 | ---D | M] (MSN-Smileys) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\EMOTICONS-MSN-SMILEYS@M513901.DE
[2012.05.29 20:15:29 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\INSPECTOR@MOZILLA.ORG
[2012.05.29 20:15:28 | 000,000,000 | ---D | M] (Blackened) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\MESSAGESTYLE-BLACKENED@ADDONS.INSTANTBIRD.ORG
[2012.05.29 20:15:28 | 000,000,000 | ---D | M] (Depth) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\MESSAGESTYLE-DEPTH@ADDONS.INSTANTBIRD.ORG
[2012.05.29 20:15:28 | 000,000,000 | ---D | M] (Minimal) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\MESSAGESTYLE-MINIMAL20@ADDONS.INSTANTBIRD.ORG
[2012.07.19 10:13:50 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.18 00:03:58 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.18 00:03:58 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.18 00:03:58 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.18 00:03:58 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.18 00:03:58 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.18 00:03:58 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - homepage: hxxp://www.google.com/
CHR - Extension: No name found = C:\Users\Svenja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\Svenja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.18_0\
CHR - Extension: No name found = C:\Users\Svenja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\Svenja\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\
CHR - Extension: No name found = C:\Users\Svenja\AppData\Local\Google\Chrome\User Data\Default\Extensions\odjhifogjcknibkahlpidmdajjpkkcfn\0.9.6_0\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (ICQ Sparberater) - {0766C1B9-B2DC-46E5-8934-4F3D6B42B1BD} - C:\Program Files (x86)\icq\Internet Explorer\icq.dll (solute gmbh)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Power Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [!AVG Anti-Spyware] C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\avgas.exe (GRISOFT s.r.o.)
O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Dolby PCEE4\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [Guard.Mail.ru.gui] C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe ()
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3169206028-719296453-3258188591-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3169206028-719296453-3258188591-1001..\Run: [AdobeBridge]  File not found
O4 - HKU\S-1-5-21-3169206028-719296453-3258188591-1001..\Run: [Akamai NetSession Interface] C:\Users\Svenja\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\S-1-5-21-3169206028-719296453-3258188591-1001..\Run: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe (PC Utilities Pro)
O4 - HKU\S-1-5-21-3169206028-719296453-3258188591-1001..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-21-3169206028-719296453-3258188591-1001..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3169206028-719296453-3258188591-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Svenja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Svenja\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Svenja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3169206028-719296453-3258188591-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 10.2.1)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 134.102.20.20 134.102.200.14
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3B7F2F84-982A-49EA-9368-45FB5BC144D9}: DhcpNameServer = 192.168.10.111
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D3B1AB0F-F664-48E7-932A-BDB6F30D0237}: DhcpNameServer = 134.102.20.20 134.102.200.14
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {57B86673-276A-48B2-BAE7-C6DBB3020EB8} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{dfb5c237-905b-11e1-bb4f-dc0ea153eec5}\Shell - "" = AutoRun
O33 - MountPoints2\{dfb5c237-905b-11e1-bb4f-dc0ea153eec5}\Shell\AutoRun\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{dfb5c237-905b-11e1-bb4f-dc0ea153eec5}\Shell\configure\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{dfb5c237-905b-11e1-bb4f-dc0ea153eec5}\Shell\install\command - "" = E:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 
 
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: MCODS - Reg Error: Value error.
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: AVG Anti-Spyware Driver - C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard64.sys ()
SafeBootMin: AVG Anti-Spyware Guard - C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard.exe (GRISOFT s.r.o.)
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MCODS - Reg Error: Value error.
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: MCODS - Reg Error: Value error.
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: AVG Anti-Spyware Driver - C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard64.sys ()
SafeBootNet: AVG Anti-Spyware Guard - C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard.exe (GRISOFT s.r.o.)
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: MCODS - Reg Error: Value error.
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.bdmpeg - bdmpega64.acm ()
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.mjpg - bdmjpeg64.dll ()
Drivers32:64bit: vidc.mpeg - bdmpegv64.dll ()
Drivers32: msacm.bdmpeg - C:\Windows\SysWow64\bdmpega.acm ()
Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.mjpg - C:\Windows\SysWow64\bdmjpeg.dll ()
Drivers32: vidc.mpeg - C:\Windows\SysWow64\bdmpegv.dll ()
Drivers32: VIDC.VP80 - C:\Windows\SysWow64\vp8vfw.dll (Optima SC Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.08.12 17:56:18 | 000,000,000 | ---D | C] -- C:\Windows\ulead.dat
[2012.08.12 17:55:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead GIF Animator Lite Edition
[2012.08.12 17:55:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ulead GIF Animator Lite Edition
[2012.08.12 17:55:52 | 000,000,000 | ---D | C] -- C:\Windows\Noslip
[2012.08.10 17:34:37 | 000,000,000 | ---D | C] -- C:\Users\Svenja\Universal Extractor
[2012.08.10 11:18:10 | 000,000,000 | R--D | C] -- C:\Users\Svenja\EternalGaya
[2012.08.10 10:21:27 | 000,000,000 | ---D | C] -- C:\Users\Svenja\EmuRoms
[2012.08.09 21:45:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Darkwings Graphics Maker
[2012.08.09 21:45:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Grapics Maker
[2012.08.09 15:34:01 | 000,000,000 | ---D | C] -- C:\Users\Svenja\Vorarbeit
[2012.08.07 20:19:13 | 000,000,000 | ---D | C] -- C:\Users\Svenja\dATuts
[2012.08.07 20:18:58 | 000,000,000 | ---D | C] -- C:\Users\Svenja\Tutorial
[2012.08.06 21:07:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic
[2012.08.06 21:07:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\High-Logic
[2012.08.06 21:07:02 | 000,000,000 | ---D | C] -- C:\Users\Svenja\AppData\Roaming\FontCreator
[2012.08.06 17:34:02 | 000,000,000 | ---D | C] -- C:\Users\Svenja\Documents\My Videos
[2012.08.02 09:49:54 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Svenja\Desktop\OTL.exe
[2012.07.20 18:00:13 | 000,000,000 | ---D | C] -- C:\Users\Svenja\workspaceSWP2
[2012.07.20 10:55:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.07.19 14:43:54 | 000,000,000 | ---D | C] -- C:\Users\Svenja\Documents\PCSX2
[2012.07.15 08:11:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.07.15 07:56:31 | 000,000,000 | ---D | C] -- C:\Users\Svenja\AppData\Roaming\Malwarebytes
[2012.07.15 07:56:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.15 07:56:10 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.07.15 07:56:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.07.15 07:56:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.14 21:24:23 | 000,000,000 | ---D | C] -- C:\Users\Svenja\AppData\Roaming\Grisoft
[2012.07.14 21:24:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Anti-Spyware 7.5
[2012.07.14 21:24:09 | 000,014,072 | ---- | C] (GRISOFT, s.r.o.) -- C:\Windows\SysNative\drivers\AvgAsC64.sys
[2012.07.14 21:24:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Grisoft
[2012.07.14 21:24:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Grisoft
[2012.04.10 00:00:36 | 011,489,501 | ---- | C] (Indigo Rose Corporation hxxp://www.indigorose.com) -- C:\Users\Svenja\RTP für 2003.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.08.13 14:16:06 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.13 14:16:06 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.13 14:13:52 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Svenja\Desktop\OTL.exe
[2012.08.13 14:08:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.13 14:08:06 | 2030,981,119 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.13 12:29:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3169206028-719296453-3258188591-1001UA.job
[2012.08.13 11:27:15 | 000,033,079 | ---- | M] () -- C:\Users\Svenja\.recently-used.xbel
[2012.08.13 10:29:00 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3169206028-719296453-3258188591-1001Core.job
[2012.08.12 17:56:18 | 000,000,089 | ---- | M] () -- C:\Windows\ULead32.ini
[2012.08.12 17:55:58 | 000,000,024 | ---- | M] () -- C:\Windows\SysWow64\Kene32.uns
[2012.08.11 11:48:06 | 001,613,224 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.11 11:48:06 | 000,697,054 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.11 11:48:06 | 000,652,332 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.11 11:48:06 | 000,148,318 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.11 11:48:06 | 000,121,264 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.07 10:35:40 | 004,998,184 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.06 23:38:48 | 000,070,037 | ---- | M] () -- C:\Users\Svenja\Documents\Daemonengeschichte.odt
[2012.08.06 21:17:03 | 000,000,146 | ---- | M] () -- C:\Windows\fcp5.cfg
[2012.08.03 17:31:52 | 000,614,903 | ---- | M] () -- C:\Users\Svenja\Desktop\adwcleaner.exe
[2012.08.01 14:08:57 | 000,123,958 | ---- | M] () -- C:\Users\Svenja\SotS Wolkenland.bmp
[2012.07.30 19:38:35 | 000,000,600 | ---- | M] () -- C:\Users\Svenja\AppData\Local\PUTTY.RND
[2012.07.24 16:35:20 | 000,002,070 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.07.15 15:55:14 | 000,000,168 | ---- | M] () -- C:\Users\Svenja\defogger_reenable
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.08.13 11:27:15 | 000,033,079 | ---- | C] () -- C:\Users\Svenja\.recently-used.xbel
[2012.08.12 17:56:18 | 000,000,089 | ---- | C] () -- C:\Windows\ULead32.ini
[2012.08.12 17:55:58 | 000,000,024 | ---- | C] () -- C:\Windows\SysWow64\Kene32.uns
[2012.08.06 21:07:07 | 000,000,146 | ---- | C] () -- C:\Windows\fcp5.cfg
[2012.08.01 14:08:57 | 000,123,958 | ---- | C] () -- C:\Users\Svenja\SotS Wolkenland.bmp
[2012.07.19 21:54:19 | 000,614,903 | ---- | C] () -- C:\Users\Svenja\Desktop\adwcleaner.exe
[2012.07.15 15:55:14 | 000,000,168 | ---- | C] () -- C:\Users\Svenja\defogger_reenable
[2012.06.13 19:12:15 | 000,042,417 | ---- | C] () -- C:\Users\Svenja\AppData\Local\recently-used.xbel
[2012.05.26 09:43:23 | 000,000,128 | ---- | C] () -- C:\Windows\wininit.ini
[2012.05.16 18:31:29 | 001,590,390 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.05.10 14:00:35 | 000,000,000 | ---- | C] () -- C:\Windows\PowerReg.dat
[2012.04.16 19:22:24 | 000,000,056 | RHS- | C] () -- C:\Windows\SysWow64\2FECC6F637.sys
[2012.04.16 19:22:21 | 000,000,952 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2012.04.10 00:00:27 | 030,548,505 | ---- | C] () -- C:\Users\Svenja\Rm2k3_RPG-2.zip
[2012.04.09 23:59:46 | 058,105,984 | ---- | C] () -- C:\Users\Svenja\Mystery Island Odyssey (MIO).rar
[2012.04.02 21:56:44 | 010,887,261 | ---- | C] () -- C:\Users\Svenja\RTP.7z
[2012.03.30 16:33:54 | 000,000,600 | ---- | C] () -- C:\Users\Svenja\AppData\Local\PUTTY.RND
[2012.03.15 14:41:25 | 048,112,306 | ---- | C] () -- C:\Users\Svenja\01-Butterfly Tea-Heart of Medieval.wav
[2012.02.14 23:34:34 | 000,473,600 | ---- | C] () -- C:\Windows\SysWow64\Harmony.dll
[2012.02.14 23:34:34 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\Unlha32.dll
[2012.02.14 23:34:34 | 000,087,040 | ---- | C] () -- C:\Windows\UnGins.exe
[2011.10.14 05:57:35 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.10.14 05:57:34 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.10.14 05:57:32 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011.10.14 05:57:31 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.10.14 05:57:30 | 013,906,944 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011.09.19 09:07:46 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2011.09.19 09:07:32 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
 
========== LOP Check ==========
 
[2012.07.16 15:38:12 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\.minecraft
[2012.08.11 16:07:00 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\Audacity
[2012.06.02 23:03:27 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\BANDISOFT
[2012.05.12 20:20:27 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\Blender Foundation
[2012.05.28 15:47:30 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012.04.27 15:48:03 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\DAEMON Tools Lite
[2012.06.22 17:08:21 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\DAZ 3D
[2012.08.13 14:09:11 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\Dropbox
[2012.04.25 16:36:23 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\e-academy Inc
[2012.08.06 21:07:03 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\FontCreator
[2012.06.22 08:33:46 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\FoozKids
[2012.05.02 12:28:02 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\FreePDF
[2012.05.29 20:15:46 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\Greyfirst
[2012.07.14 21:24:23 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\Grisoft
[2012.08.13 10:30:55 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\gtk-2.0
[2012.08.08 22:33:10 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\ICQ
[2012.02.14 12:44:51 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\ICQ Search
[2012.04.28 16:25:05 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\inkscape
[2012.03.30 17:05:17 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\JabRef 2.7.2
[2012.02.14 20:44:01 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\KDE
[2012.04.04 17:24:39 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\LuaEdit
[2012.04.23 23:01:12 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\MusE
[2012.05.30 19:59:26 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\Notepad++
[2012.02.24 15:34:35 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\OpenOffice.org
[2012.04.10 17:02:14 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\PACE Anti-Piracy
[2012.06.02 15:34:52 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\PDAppFlex
[2012.02.14 00:02:00 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\PlayFirst
[2012.03.15 15:01:57 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\PowerCinema
[2012.06.22 21:53:34 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\RenPy
[2012.02.13 19:00:45 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\Screensaver
[2012.07.04 17:43:58 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\SendSpace
[2012.05.27 22:47:42 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\Sinn
[2012.02.13 22:26:35 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\Subversion
[2012.02.13 22:06:48 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\Thunderbird
[2012.06.22 17:58:51 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\Visionaire Editor
[2012.02.17 13:59:09 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\xm1
[2012.08.13 08:51:52 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.07.16 15:38:12 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\.minecraft
[2012.06.02 15:35:23 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\Adobe
[2012.08.11 16:07:00 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\Audacity
[2012.02.14 10:54:05 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\Avira
[2012.06.02 23:03:27 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\BANDISOFT
[2012.05.12 20:20:27 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\Blender Foundation
[2012.05.28 15:47:30 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012.08.06 17:34:04 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\CyberLink
[2012.04.27 15:48:03 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\DAEMON Tools Lite
[2012.06.22 17:08:21 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\DAZ 3D
[2012.08.13 14:09:11 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\Dropbox
[2012.04.25 16:36:23 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\e-academy Inc
[2012.08.06 21:07:03 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\FontCreator
[2012.06.22 08:33:46 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\FoozKids
[2012.05.02 12:28:02 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\FreePDF
[2012.05.29 20:15:46 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\Greyfirst
[2012.07.14 21:24:23 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\Grisoft
[2012.08.13 10:30:55 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\gtk-2.0
[2012.08.08 22:33:10 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\ICQ
[2012.02.14 12:44:51 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\ICQ Search
[2012.02.13 19:00:25 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\Identities
[2012.04.28 16:25:05 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\inkscape
[2012.03.30 17:05:17 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\JabRef 2.7.2
[2012.02.14 20:44:01 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\KDE
[2012.04.04 17:24:39 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\LuaEdit
[2011.10.14 05:54:56 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\Macromedia
[2012.07.15 07:56:31 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\Malwarebytes
[2010.11.21 09:16:41 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\Media Center Programs
[2012.06.25 19:05:35 | 000,000,000 | --SD | M] -- C:\Users\Svenja\AppData\Roaming\Microsoft
[2012.03.28 18:47:50 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\MiKTeX
[2012.02.14 14:20:12 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\Mozilla
[2012.04.23 23:01:12 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\MusE
[2012.05.07 11:34:23 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\NCH Software
[2012.05.30 19:59:26 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\Notepad++
[2012.06.02 15:35:16 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\NVIDIA
[2012.02.24 15:34:35 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\OpenOffice.org
[2012.04.10 17:02:14 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\PACE Anti-Piracy
[2012.06.02 15:34:52 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\PDAppFlex
[2012.02.14 00:02:00 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\PlayFirst
[2012.03.15 15:01:57 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\PowerCinema
[2012.06.22 21:53:34 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\RenPy
[2012.02.13 19:00:45 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\Screensaver
[2012.07.04 17:43:58 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\SendSpace
[2012.05.27 22:47:42 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\Sinn
[2012.07.28 15:17:27 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\Skype
[2012.02.13 22:26:35 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\Subversion
[2012.02.13 22:06:48 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\Thunderbird
[2012.03.30 19:25:32 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\TortoiseGit
[2012.05.20 21:28:22 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\TortoiseSVN
[2012.06.22 17:58:51 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\Visionaire Editor
[2012.02.17 13:59:09 | 000,000,000 | ---D | M] -- C:\Users\Svenja\AppData\Roaming\xm1
 
< %APPDATA%\*.exe /s >
[2011.05.06 23:10:26 | 005,751,917 | ---- | M] (DAZ 3D) -- C:\Users\Svenja\AppData\Roaming\DAZ 3D\Studio4\Updater\AutoUpdate_Win.exe
[2012.05.24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Svenja\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2012.05.04 20:41:38 | 000,872,104 | ---- | M] (Dropbox, Inc.) -- C:\Users\Svenja\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2012.05.24 20:39:56 | 000,177,280 | ---- | M] (Dropbox, Inc.) -- C:\Users\Svenja\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2012.08.06 21:06:39 | 006,882,546 | ---- | M] (High-Logic Software                                         ) -- C:\Users\Svenja\AppData\Roaming\FontCreator\FontCreatorSetup.exe
[2011.11.01 21:27:06 | 000,048,969 | ---- | M] () -- C:\Users\Svenja\AppData\Roaming\JabRef 2.7.2\JabRef.exe
[2012.03.30 17:05:17 | 000,062,542 | ---- | M] (JabRef Team) -- C:\Users\Svenja\AppData\Roaming\JabRef 2.7.2\uninstall.exe
[2011.10.14 05:54:15 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Svenja\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2012.04.25 16:36:24 | 000,009,662 | R--- | M] () -- C:\Users\Svenja\AppData\Roaming\Microsoft\Installer\{9268B41D-6045-4F5F-A14E-3F8E51CD2666}\_112D608FD02CD87FDC7735.exe
[2012.04.25 16:36:24 | 000,009,662 | R--- | M] () -- C:\Users\Svenja\AppData\Roaming\Microsoft\Installer\{9268B41D-6045-4F5F-A14E-3F8E51CD2666}\_30C8F0A9D59F1A9A11FFC4.exe
[2012.04.25 16:36:24 | 000,009,662 | R--- | M] () -- C:\Users\Svenja\AppData\Roaming\Microsoft\Installer\{9268B41D-6045-4F5F-A14E-3F8E51CD2666}\_853F67D554F05449430E7E.exe
[2011.08.19 16:11:49 | 003,427,328 | ---- | M] () -- C:\Users\Svenja\AppData\Roaming\MiKTeX\2.9\miktex\bin\x64\miktex-taskbar-icon.exe
[2011.08.19 16:11:49 | 003,427,328 | ---- | M] () -- C:\Users\Svenja\AppData\Roaming\MiKTeX\2.9\miktex\bin\x64\miktex-update.exe
[2011.08.19 16:11:53 | 003,427,328 | ---- | M] () -- C:\Users\Svenja\AppData\Roaming\MiKTeX\2.9\miktex\bin\x64\miktex-update_admin.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2009.12.20 00:00:00 | 000,037,520 | ---- | M] (perl.org) MD5=2852D57385C4709EAAE2F9DB01AD3672 -- C:\xampp\perl\site\lib\auto\Win32\EventLog\EventLog.dll
 
< MD5 for: IASTOR.SYS  >
[2011.04.26 20:07:36 | 000,557,848 | ---- | M] (Intel Corporation) MD5=26CF4275034214ECEDD8EC17B0A18A99 -- C:\Windows\SysNative\drivers\iaStor.sys
[2011.04.26 20:07:36 | 000,557,848 | ---- | M] (Intel Corporation) MD5=26CF4275034214ECEDD8EC17B0A18A99 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_16d1c1de1eca8452\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.07.14 07:35:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.07.14 07:35:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.07.14 07:35:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.07.14 07:35:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.07.14 07:35:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.07.14 07:35:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.07.14 07:35:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.07.14 07:35:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2009.07.14 03:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\FirewallAPI.dll

< End of report >

--- --- ---

cosinus · 13.08.2012, 17:46

Zitat:

[2012.04.10 00:00:27 | 030,548,505 | ---- | C] () -- C:\Users\Svenja\Rm2k3_RPG-2.zip
[2012.04.09 23:59:46 | 058,105,984 | ---- | C] () -- C:\Users\Svenja\Mystery Island Odyssey (MIO).rar
[2012.04.02 21:56:44 | 010,887,261 | ---- | C] () -- C:\Users\Svenja\RTP.7z

Was genau soll das sein? Und aus welcher Quelle?

Sorani · 13.08.2012, 23:00

Das ist total harmlos.
Das eine ist ein Programm zum Spiele erstellen und Mio wurde damit erstellt.
Das RTP wird halt benötigt damit die Spiele laufen ergo auch harmlos.
Ziemlich viele Antivirenprogramme schlagen auf die Sachen an da sie sie nicht kennen.

cosinus · 14.08.2012, 15:07

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

ATTFilter

:OTL
IE - HKU\S-1-5-21-3169206028-719296453-3258188591-1001\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-3169206028-719296453-3258188591-1001\..\SearchScopes,DefaultScope = {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
IE - HKU\S-1-5-21-3169206028-719296453-3258188591-1001\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-3169206028-719296453-3258188591-1001\..\SearchScopes\{FEF16A63-8E07-4C50-A2C9-FFB93E2CFA02}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=42c9712f-2505-4c63-8ef9-68739c58fa58&apn_sauid=1327F670-EE14-4D0A-BDD5-5392C6E26786
IE - HKU\S-1-5-21-3169206028-719296453-3258188591-1001\..\URLSearchHook:  - No CLSID value found
FF - user.js - File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3169206028-719296453-3258188591-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{dfb5c237-905b-11e1-bb4f-dc0ea153eec5}\Shell - "" = AutoRun
O33 - MountPoints2\{dfb5c237-905b-11e1-bb4f-dc0ea153eec5}\Shell\AutoRun\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{dfb5c237-905b-11e1-bb4f-dc0ea153eec5}\Shell\configure\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{dfb5c237-905b-11e1-bb4f-dc0ea153eec5}\Shell\install\command - "" = E:\SETUP.EXE
[2012.08.06 21:17:03 | 000,000,146 | ---- | M] () -- C:\Windows\fcp5.cfg
[2012.08.12 17:55:58 | 000,000,024 | ---- | C] () -- C:\Windows\SysWow64\Kene32.uns
:Files
C:\Program Files (x86)\BabylonToolbar
C:\Program Files (x86)\Optimizer Pro
C:\Users\Svenja\Downloads\SoftonicDownloader_*.*
C:\Program Files (x86)\ICQ6Toolbar
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Sorani · 01.09.2012, 09:08

Entschuldige die späte Antwort aber ich kam nicht eher dazu.

Als ich den Code kopiert habe und auf Fix klickte (nach dem ich mein Antivierenprogramm deaktiviert habe) hab ich einen Bluescreen bekommen.
Das :OTL hab ich auch mitkopieret.

cosinus · 01.09.2012, 12:06

Starte Windows neu im abgesicherten Modus (mit Netzwerktreibern nach Möglichkeit), manchmal hakt das Fixen mit OTL im normalen Modus aber sehr oft funktioniert der Fix im abgesicherte Modus.

Sorani · 13.09.2012, 08:04

So endlich Zeit dazu gefunden.
Und es scheint super im abgesicherten Modus funktioniert zu haben danke ^^
Kleine Frage: Macht der abgesicherte Modus immer so einen Alarmton wenn man ihn startet?

Code:

ATTFilter

All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-3169206028-719296453-3258188591-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll moved successfully.
HKEY_USERS\S-1-5-21-3169206028-719296453-3258188591-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3169206028-719296453-3258188591-1001\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Registry key HKEY_USERS\S-1-5-21-3169206028-719296453-3258188591-1001\Software\Microsoft\Internet Explorer\SearchScopes\{FEF16A63-8E07-4C50-A2C9-FFB93E2CFA02}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FEF16A63-8E07-4C50-A2C9-FFB93E2CFA02}\ not found.
Registry value HKEY_USERS\S-1-5-21-3169206028-719296453-3258188591-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
File C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3169206028-719296453-3258188591-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dfb5c237-905b-11e1-bb4f-dc0ea153eec5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dfb5c237-905b-11e1-bb4f-dc0ea153eec5}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dfb5c237-905b-11e1-bb4f-dc0ea153eec5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dfb5c237-905b-11e1-bb4f-dc0ea153eec5}\ not found.
File E:\SETUP.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dfb5c237-905b-11e1-bb4f-dc0ea153eec5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dfb5c237-905b-11e1-bb4f-dc0ea153eec5}\ not found.
File E:\SETUP.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dfb5c237-905b-11e1-bb4f-dc0ea153eec5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dfb5c237-905b-11e1-bb4f-dc0ea153eec5}\ not found.
File E:\SETUP.EXE not found.
C:\Windows\fcp5.cfg moved successfully.
C:\Windows\SysWOW64\Kene32.uns moved successfully.
========== FILES ==========
File\Folder C:\Program Files (x86)\BabylonToolbar not found.
C:\Program Files (x86)\Optimizer Pro folder moved successfully.
File\Folder C:\Users\Svenja\Downloads\SoftonicDownloader_*.* not found.
C:\Program Files (x86)\ICQ6Toolbar folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56475 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
User: Svenja
->Temp folder emptied: 986165140 bytes
->Temporary Internet Files folder emptied: 161675914 bytes
->Java cache emptied: 1337054 bytes
->FireFox cache emptied: 1122028726 bytes
->Google Chrome cache emptied: 891110688 bytes
->Flash cache emptied: 27570631 bytes
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56468 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 333597608 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67698 bytes
RecycleBin emptied: 13652108589 bytes
 
Total Files Cleaned = 16.380,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
->Flash cache emptied: 0 bytes
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: Public
 
User: Svenja
->Flash cache emptied: 0 bytes
 
User: UpdatusUser
->Flash cache emptied: 0 bytes
 
Total Flash Files Cleaned = 0,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.57.0 log created on 09132012_085145

Files\Folders moved on Reboot...
C:\Users\Svenja\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...
File C:\Users\Svenja\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!

Registry entries deleted on Reboot...

cosinus · 13.09.2012, 16:09

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

Sorani · 16.09.2012, 10:59

Code:

ATTFilter

11:55:53.0471 3380  TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
11:55:53.0957 3380  ============================================================
11:55:53.0957 3380  Current date / time: 2012/09/16 11:55:53.0957
11:55:53.0957 3380  SystemInfo:
11:55:53.0957 3380  
11:55:53.0957 3380  OS Version: 6.1.7601 ServicePack: 1.0
11:55:53.0957 3380  Product type: Workstation
11:55:53.0957 3380  ComputerName: ELSTER
11:55:53.0957 3380  UserName: Svenja
11:55:53.0957 3380  Windows directory: C:\Windows
11:55:53.0957 3380  System windows directory: C:\Windows
11:55:53.0957 3380  Running under WOW64
11:55:53.0957 3380  Processor architecture: Intel x64
11:55:53.0957 3380  Number of processors: 8
11:55:53.0957 3380  Page size: 0x1000
11:55:53.0957 3380  Boot type: Normal boot
11:55:53.0957 3380  ============================================================
11:55:54.0378 3380  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:55:54.0382 3380  ============================================================
11:55:54.0382 3380  \Device\Harddisk0\DR0:
11:55:54.0382 3380  MBR partitions:
11:55:54.0382 3380  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2400800, BlocksNum 0x32000
11:55:54.0382 3380  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2432800, BlocksNum 0x55113000
11:55:54.0382 3380  ============================================================
11:55:54.0425 3380  C: <-> \Device\Harddisk0\DR0\Partition2
11:55:54.0425 3380  ============================================================
11:55:54.0425 3380  Initialize success
11:55:54.0425 3380  ============================================================
11:56:11.0275 5412  ============================================================
11:56:11.0275 5412  Scan started
11:56:11.0275 5412  Mode: Manual; SigCheck; TDLFS; 
11:56:11.0275 5412  ============================================================
11:56:12.0483 5412  ================ Scan system memory ========================
11:56:12.0483 5412  System memory - ok
11:56:12.0483 5412  ================ Scan services =============================
11:56:12.0790 5412  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:56:12.0882 5412  1394ohci - ok
11:56:12.0897 5412  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:56:12.0909 5412  ACPI - ok
11:56:12.0939 5412  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:56:13.0033 5412  AcpiPmi - ok
11:56:13.0317 5412  [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:56:13.0332 5412  AdobeARMservice - ok
11:56:13.0375 5412  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
11:56:13.0395 5412  adp94xx - ok
11:56:13.0435 5412  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
11:56:13.0451 5412  adpahci - ok
11:56:13.0456 5412  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
11:56:13.0468 5412  adpu320 - ok
11:56:13.0495 5412  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:56:13.0650 5412  AeLookupSvc - ok
11:56:13.0698 5412  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
11:56:13.0811 5412  AFD - ok
11:56:13.0852 5412  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
11:56:13.0872 5412  agp440 - ok
11:56:14.0084 5412  [ 0923671CF87CD511E46D4668B53F5E76 ] Akamai          c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll
11:56:14.0084 5412  Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll. md5: 0923671CF87CD511E46D4668B53F5E76
11:56:14.0088 5412  Akamai ( HiddenFile.Multi.Generic ) - warning
11:56:14.0089 5412  Akamai - detected HiddenFile.Multi.Generic (1)
11:56:14.0150 5412  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
11:56:14.0217 5412  ALG - ok
11:56:14.0251 5412  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:56:14.0261 5412  aliide - ok
11:56:14.0263 5412  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
11:56:14.0273 5412  amdide - ok
11:56:14.0276 5412  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
11:56:14.0321 5412  AmdK8 - ok
11:56:14.0354 5412  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
11:56:14.0403 5412  AmdPPM - ok
11:56:14.0424 5412  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:56:14.0435 5412  amdsata - ok
11:56:14.0449 5412  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
11:56:14.0470 5412  amdsbs - ok
11:56:14.0491 5412  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:56:14.0500 5412  amdxata - ok
11:56:14.0540 5412  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
11:56:14.0555 5412  AntiVirSchedulerService - ok
11:56:14.0583 5412  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
11:56:14.0592 5412  AntiVirService - ok
11:56:14.0606 5412  [ 676894FA57B671FEC5C3F05F8929E03B ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
11:56:14.0621 5412  AntiVirWebService - ok
11:56:14.0650 5412  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
11:56:14.0820 5412  AppID - ok
11:56:14.0857 5412  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:56:14.0892 5412  AppIDSvc - ok
11:56:14.0924 5412  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
11:56:14.0969 5412  Appinfo - ok
11:56:15.0009 5412  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
11:56:15.0018 5412  arc - ok
11:56:15.0021 5412  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
11:56:15.0030 5412  arcsas - ok
11:56:15.0138 5412  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:56:15.0145 5412  aspnet_state - ok
11:56:15.0178 5412  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:56:15.0257 5412  AsyncMac - ok
11:56:15.0301 5412  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
11:56:15.0308 5412  atapi - ok
11:56:15.0384 5412  [ 956BC6EB96AA09478BD897AF8DF55A62 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
11:56:15.0483 5412  athr - ok
11:56:15.0526 5412  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:56:15.0589 5412  AudioEndpointBuilder - ok
11:56:15.0597 5412  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:56:15.0626 5412  AudioSrv - ok
11:56:15.0700 5412  [ 9BDF898574A559BDCFE6F4562417BB1C ] AVG Anti-Spyware Driver C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard64.sys
11:56:15.0750 5412  AVG Anti-Spyware Driver - ok
11:56:15.0789 5412  [ 5DCD235C061022BCDA9AA48670B64211 ] AVG Anti-Spyware Guard C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard.exe
11:56:15.0803 5412  AVG Anti-Spyware Guard - ok
11:56:15.0851 5412  [ B1D20447EE6C1A1FF4009DA17B60CC04 ] AvgAsC64        C:\Windows\system32\DRIVERS\AvgAsC64.sys
11:56:15.0860 5412  AvgAsC64 - ok
11:56:15.0879 5412  [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
11:56:15.0890 5412  avgntflt - ok
11:56:15.0922 5412  [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
11:56:15.0934 5412  avipbb - ok
11:56:15.0947 5412  [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
11:56:15.0957 5412  avkmgr - ok
11:56:15.0995 5412  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:56:16.0041 5412  AxInstSV - ok
11:56:16.0101 5412  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
11:56:16.0173 5412  b06bdrv - ok
11:56:16.0199 5412  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:56:16.0246 5412  b57nd60a - ok
11:56:16.0295 5412  [ A424CB46A145E5AABF15621550976DF2 ] b57xdbd         C:\Windows\system32\DRIVERS\b57xdbd.sys
11:56:16.0302 5412  b57xdbd - ok
11:56:16.0323 5412  [ BE4E6FD5A898812B85D5817AD9754A9F ] b57xdmp         C:\Windows\system32\DRIVERS\b57xdmp.sys
11:56:16.0329 5412  b57xdmp - ok
11:56:16.0391 5412  [ 87F3BCF82A63E900AF896CD930BF7E05 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
11:56:16.0421 5412  BBSvc - ok
11:56:16.0459 5412  [ 78779EE07231C658B483B1F38B5088DF ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
11:56:16.0475 5412  BBUpdate - ok
11:56:16.0500 5412  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:56:16.0538 5412  BDESVC - ok
11:56:16.0562 5412  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:56:16.0606 5412  Beep - ok
11:56:16.0646 5412  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
11:56:16.0697 5412  BFE - ok
11:56:16.0747 5412  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
11:56:16.0894 5412  BITS - ok
11:56:16.0938 5412  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
11:56:16.0974 5412  blbdrive - ok
11:56:17.0005 5412  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:56:17.0069 5412  bowser - ok
11:56:17.0090 5412  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
11:56:17.0125 5412  BrFiltLo - ok
11:56:17.0146 5412  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
11:56:17.0163 5412  BrFiltUp - ok
11:56:17.0191 5412  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
11:56:17.0209 5412  Browser - ok
11:56:17.0254 5412  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:56:17.0336 5412  Brserid - ok
11:56:17.0354 5412  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:56:17.0396 5412  BrSerWdm - ok
11:56:17.0424 5412  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:56:17.0461 5412  BrUsbMdm - ok
11:56:17.0500 5412  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:56:17.0537 5412  BrUsbSer - ok
11:56:17.0573 5412  [ 0970D8B7151E9113BF8D44CE2E954DF7 ] bScsiMSa        C:\Windows\system32\DRIVERS\bScsiMSa.sys
11:56:17.0585 5412  bScsiMSa - ok
11:56:17.0616 5412  [ 0C1EEE5AF32402D306874B110DE237EC ] bScsiSDa        C:\Windows\system32\DRIVERS\bScsiSDa.sys
11:56:17.0629 5412  bScsiSDa - ok
11:56:17.0691 5412  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
11:56:17.0750 5412  BTHMODEM - ok
11:56:17.0835 5412  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
11:56:17.0887 5412  bthserv - ok
11:56:17.0917 5412  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:56:17.0984 5412  cdfs - ok
11:56:18.0012 5412  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:56:18.0051 5412  cdrom - ok
11:56:18.0099 5412  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
11:56:18.0154 5412  CertPropSvc - ok
11:56:18.0262 5412  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
11:56:18.0291 5412  circlass - ok
11:56:18.0352 5412  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
11:56:18.0374 5412  CLFS - ok
11:56:18.0416 5412  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:56:18.0429 5412  clr_optimization_v2.0.50727_32 - ok
11:56:18.0470 5412  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:56:18.0484 5412  clr_optimization_v2.0.50727_64 - ok
11:56:18.0555 5412  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:56:18.0568 5412  clr_optimization_v4.0.30319_32 - ok
11:56:18.0590 5412  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:56:18.0601 5412  clr_optimization_v4.0.30319_64 - ok
11:56:18.0620 5412  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
11:56:18.0633 5412  CmBatt - ok
11:56:18.0652 5412  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:56:18.0664 5412  cmdide - ok
11:56:18.0699 5412  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
11:56:18.0762 5412  CNG - ok
11:56:18.0815 5412  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
11:56:18.0826 5412  Compbatt - ok
11:56:18.0839 5412  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
11:56:18.0879 5412  CompositeBus - ok
11:56:18.0903 5412  COMSysApp - ok
11:56:18.0920 5412  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
11:56:18.0932 5412  crcdisk - ok
11:56:18.0965 5412  [ 4F5414602E2544A4554D95517948B705 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:56:19.0027 5412  CryptSvc - ok
11:56:19.0147 5412  [ 958EF96991ABCCFDAC0953C4A24081DC ] DAZContentManagementService C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe
11:56:19.0196 5412  DAZContentManagementService ( UnsignedFile.Multi.Generic ) - warning
11:56:19.0196 5412  DAZContentManagementService - detected UnsignedFile.Multi.Generic (1)
11:56:19.0254 5412  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:56:19.0328 5412  DcomLaunch - ok
11:56:19.0364 5412  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
11:56:19.0411 5412  defragsvc - ok
11:56:19.0446 5412  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:56:19.0514 5412  DfsC - ok
11:56:19.0562 5412  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:56:19.0613 5412  Dhcp - ok
11:56:19.0632 5412  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
11:56:19.0681 5412  discache - ok
11:56:19.0719 5412  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
11:56:19.0727 5412  Disk - ok
11:56:19.0746 5412  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:56:19.0799 5412  Dnscache - ok
11:56:19.0818 5412  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:56:19.0863 5412  dot3svc - ok
11:56:19.0867 5412  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
11:56:19.0902 5412  DPS - ok
11:56:19.0961 5412  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:56:20.0007 5412  drmkaud - ok
11:56:20.0089 5412  [ 9DD3A22F804697606C2B7FF9E912FF6B ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
11:56:20.0115 5412  DsiWMIService - ok
11:56:20.0163 5412  [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:56:20.0176 5412  dtsoftbus01 - ok
11:56:20.0243 5412  dump_wmimmc - ok
11:56:20.0289 5412  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:56:20.0333 5412  DXGKrnl - ok
11:56:20.0363 5412  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
11:56:20.0415 5412  EapHost - ok
11:56:20.0491 5412  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
11:56:20.0587 5412  ebdrv - ok
11:56:20.0616 5412  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
11:56:20.0690 5412  EFS - ok
11:56:20.0739 5412  [ 5332EC2BA1C112BD4BB1F38127848FEF ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
11:56:20.0747 5412  EgisTec Ticket Service - ok
11:56:20.0811 5412  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:56:20.0890 5412  ehRecvr - ok
11:56:20.0911 5412  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
11:56:20.0946 5412  ehSched - ok
11:56:21.0002 5412  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
11:56:21.0018 5412  elxstor - ok
11:56:21.0106 5412  [ 48425C93B6F36529707206E4FA680CF3 ] ePowerSvc       C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
11:56:21.0142 5412  ePowerSvc - ok
11:56:21.0156 5412  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:56:21.0188 5412  ErrDev - ok
11:56:21.0244 5412  [ DBAA0C650C9549DC5C599D1E81DEDAAD ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
11:56:21.0257 5412  ETD - ok
11:56:21.0284 5412  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
11:56:21.0342 5412  EventSystem - ok
11:56:21.0370 5412  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
11:56:21.0397 5412  exfat - ok
11:56:21.0415 5412  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:56:21.0461 5412  fastfat - ok
11:56:21.0520 5412  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
11:56:21.0584 5412  Fax - ok
11:56:21.0607 5412  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
11:56:21.0646 5412  fdc - ok
11:56:21.0684 5412  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
11:56:21.0711 5412  fdPHost - ok
11:56:21.0722 5412  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:56:21.0763 5412  FDResPub - ok
11:56:21.0796 5412  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:56:21.0804 5412  FileInfo - ok
11:56:21.0815 5412  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:56:21.0864 5412  Filetrace - ok
11:56:21.0905 5412  [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:56:21.0922 5412  FLEXnet Licensing Service - ok
11:56:21.0945 5412  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
11:56:21.0955 5412  flpydisk - ok
11:56:21.0978 5412  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:56:21.0988 5412  FltMgr - ok
11:56:22.0022 5412  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
11:56:22.0094 5412  FontCache - ok
11:56:22.0132 5412  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:56:22.0144 5412  FontCache3.0.0.0 - ok
11:56:22.0162 5412  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:56:22.0170 5412  FsDepends - ok
11:56:22.0214 5412  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:56:22.0236 5412  Fs_Rec - ok
11:56:22.0267 5412  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:56:22.0279 5412  fvevol - ok
11:56:22.0295 5412  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
11:56:22.0304 5412  gagp30kx - ok
11:56:22.0362 5412  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
11:56:22.0375 5412  GamesAppService - ok
11:56:22.0421 5412  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
11:56:22.0461 5412  gpsvc - ok
11:56:22.0522 5412  [ C9B2D1D3F86FD3673EF847DEF73B6F9E ] GREGService     C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
11:56:22.0539 5412  GREGService - ok
11:56:22.0605 5412  [ E859CA020ED61899F3C74A8D0032D05C ] Guard.Mail.ru   C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
11:56:22.0638 5412  Guard.Mail.ru - ok
11:56:22.0671 5412  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
11:56:22.0677 5412  hamachi - ok
11:56:22.0806 5412  [ F10C3F2E002100BF8B797DCF283FEA7D ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
11:56:22.0857 5412  Hamachi2Svc - ok
11:56:22.0890 5412  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:56:22.0939 5412  hcw85cir - ok
11:56:22.0966 5412  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:56:23.0016 5412  HdAudAddService - ok
11:56:23.0056 5412  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
11:56:23.0100 5412  HDAudBus - ok
11:56:23.0154 5412  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
11:56:23.0187 5412  HidBatt - ok
11:56:23.0214 5412  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
11:56:23.0261 5412  HidBth - ok
11:56:23.0293 5412  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
11:56:23.0313 5412  HidIr - ok
11:56:23.0331 5412  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
11:56:23.0394 5412  hidserv - ok
11:56:23.0449 5412  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:56:23.0458 5412  HidUsb - ok
11:56:23.0483 5412  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:56:23.0552 5412  hkmsvc - ok
11:56:23.0581 5412  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:56:23.0635 5412  HomeGroupListener - ok
11:56:23.0661 5412  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:56:23.0691 5412  HomeGroupProvider - ok
11:56:23.0718 5412  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:56:23.0727 5412  HpSAMD - ok
11:56:23.0756 5412  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:56:23.0810 5412  HTTP - ok
11:56:23.0846 5412  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:56:23.0854 5412  hwpolicy - ok
11:56:23.0882 5412  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
11:56:23.0892 5412  i8042prt - ok
11:56:23.0923 5412  [ 26CF4275034214ECEDD8EC17B0A18A99 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
11:56:23.0936 5412  iaStor - ok
11:56:23.0993 5412  [ E79A8E33BD136D14BAE1FA20EB2EF124 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
11:56:24.0009 5412  IAStorDataMgrSvc - ok
11:56:24.0039 5412  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:56:24.0052 5412  iaStorV - ok
11:56:24.0067 5412  ICQ Service - ok
11:56:24.0112 5412  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:56:24.0132 5412  idsvc - ok
11:56:24.0397 5412  [ 9937600A1584FF00565D5379EB4C9EDB ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
11:56:24.0753 5412  igfx - ok
11:56:24.0783 5412  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
11:56:24.0791 5412  iirsp - ok
11:56:24.0827 5412  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
11:56:24.0903 5412  IKEEXT - ok
11:56:25.0001 5412  [ CB7DADEF3D83FE2C12655A0BDCBA99F2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:56:25.0077 5412  IntcAzAudAddService - ok
11:56:25.0114 5412  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
11:56:25.0138 5412  IntcDAud - ok
11:56:25.0161 5412  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
11:56:25.0169 5412  intelide - ok
11:56:25.0201 5412  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:56:25.0228 5412  intelppm - ok
11:56:25.0262 5412  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:56:25.0339 5412  IPBusEnum - ok
11:56:25.0365 5412  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:56:25.0391 5412  IpFilterDriver - ok
11:56:25.0437 5412  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:56:25.0491 5412  iphlpsvc - ok
11:56:25.0522 5412  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:56:25.0561 5412  IPMIDRV - ok
11:56:25.0569 5412  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:56:25.0605 5412  IPNAT - ok
11:56:25.0653 5412  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:56:25.0665 5412  IRENUM - ok
11:56:25.0702 5412  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:56:25.0735 5412  isapnp - ok
11:56:25.0811 5412  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:56:25.0825 5412  iScsiPrt - ok
11:56:25.0934 5412  [ 455B75C19BF3F1F2EE3AC10E1169826C ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
11:56:25.0959 5412  k57nd60a - ok
11:56:26.0007 5412  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
11:56:26.0026 5412  kbdclass - ok
11:56:26.0049 5412  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
11:56:26.0083 5412  kbdhid - ok
11:56:26.0117 5412  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
11:56:26.0130 5412  KeyIso - ok
11:56:26.0164 5412  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:56:26.0176 5412  KSecDD - ok
11:56:26.0185 5412  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:56:26.0199 5412  KSecPkg - ok
11:56:26.0229 5412  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:56:26.0294 5412  ksthunk - ok
11:56:26.0330 5412  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:56:26.0388 5412  KtmRm - ok
11:56:26.0436 5412  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:56:26.0482 5412  LanmanServer - ok
11:56:26.0519 5412  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:56:26.0561 5412  LanmanWorkstation - ok
11:56:26.0633 5412  [ B705C7097F9A0EC941D02DCE7C7D426C ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
11:56:26.0653 5412  Live Updater Service - ok
11:56:26.0685 5412  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:56:26.0729 5412  lltdio - ok
11:56:26.0761 5412  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:56:26.0815 5412  lltdsvc - ok
11:56:26.0847 5412  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:56:26.0893 5412  lmhosts - ok
11:56:26.0939 5412  [ 50C7CE53EF461870410355F1F2E7D515 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:56:26.0948 5412  LMS - ok
11:56:26.0986 5412  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
11:56:26.0995 5412  LSI_FC - ok
11:56:27.0013 5412  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
11:56:27.0022 5412  LSI_SAS - ok
11:56:27.0024 5412  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
11:56:27.0033 5412  LSI_SAS2 - ok
11:56:27.0048 5412  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
11:56:27.0067 5412  LSI_SCSI - ok
11:56:27.0088 5412  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
11:56:27.0135 5412  luafv - ok
11:56:27.0201 5412  [ B891E3920F24FF1A3BEAD6CD2B42ED99 ] McAfee SiteAdvisor Service c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe
11:56:27.0220 5412  McAfee SiteAdvisor Service - ok
11:56:27.0232 5412  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:56:27.0257 5412  Mcx2Svc - ok
11:56:27.0273 5412  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
11:56:27.0281 5412  megasas - ok
11:56:27.0328 5412  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
11:56:27.0357 5412  MegaSR - ok
11:56:27.0392 5412  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
11:56:27.0399 5412  MEIx64 - ok
11:56:27.0420 5412  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
11:56:27.0464 5412  MMCSS - ok
11:56:27.0466 5412  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
11:56:27.0498 5412  Modem - ok
11:56:27.0539 5412  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:56:27.0580 5412  monitor - ok
11:56:27.0617 5412  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:56:27.0626 5412  mouclass - ok
11:56:27.0654 5412  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:56:27.0678 5412  mouhid - ok
11:56:27.0716 5412  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:56:27.0724 5412  mountmgr - ok
11:56:27.0790 5412  [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:56:27.0811 5412  MozillaMaintenance - ok
11:56:27.0833 5412  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:56:27.0845 5412  mpio - ok
11:56:27.0854 5412  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:56:27.0886 5412  mpsdrv - ok
11:56:27.0916 5412  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:56:27.0968 5412  MpsSvc - ok
11:56:28.0002 5412  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:56:28.0036 5412  MRxDAV - ok
11:56:28.0057 5412  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:56:28.0125 5412  mrxsmb - ok
11:56:28.0150 5412  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:56:28.0177 5412  mrxsmb10 - ok
11:56:28.0240 5412  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:56:28.0265 5412  mrxsmb20 - ok
11:56:28.0288 5412  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:56:28.0299 5412  msahci - ok
11:56:28.0325 5412  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:56:28.0338 5412  msdsm - ok
11:56:28.0371 5412  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
11:56:28.0387 5412  MSDTC - ok
11:56:28.0408 5412  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:56:28.0446 5412  Msfs - ok
11:56:28.0466 5412  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:56:28.0511 5412  mshidkmdf - ok
11:56:28.0530 5412  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:56:28.0538 5412  msisadrv - ok
11:56:28.0562 5412  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:56:28.0590 5412  MSiSCSI - ok
11:56:28.0593 5412  msiserver - ok
11:56:28.0609 5412  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:56:28.0654 5412  MSKSSRV - ok
11:56:28.0672 5412  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:56:28.0719 5412  MSPCLOCK - ok
11:56:28.0722 5412  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:56:28.0761 5412  MSPQM - ok
11:56:28.0792 5412  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:56:28.0805 5412  MsRPC - ok
11:56:28.0813 5412  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
11:56:28.0821 5412  mssmbios - ok
11:56:28.0841 5412  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:56:28.0889 5412  MSTEE - ok
11:56:28.0891 5412  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
11:56:28.0900 5412  MTConfig - ok
11:56:28.0927 5412  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
11:56:28.0944 5412  Mup - ok
11:56:28.0967 5412  [ C009123B206C56854F4E88596035231D ] mwlPSDFilter    C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
11:56:28.0977 5412  mwlPSDFilter - ok
11:56:28.0992 5412  [ BF3739EEB9F008B1DEBAC115089A53F8 ] mwlPSDNServ     C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
11:56:28.0998 5412  mwlPSDNServ - ok
11:56:29.0011 5412  [ 38DD143D95E7A01B86F219DDA9C28779 ] mwlPSDVDisk     C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
11:56:29.0018 5412  mwlPSDVDisk - ok
11:56:29.0052 5412  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
11:56:29.0107 5412  napagent - ok
11:56:29.0164 5412  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:56:29.0218 5412  NativeWifiP - ok
11:56:29.0281 5412  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:56:29.0310 5412  NDIS - ok
11:56:29.0339 5412  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:56:29.0382 5412  NdisCap - ok
11:56:29.0410 5412  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:56:29.0455 5412  NdisTapi - ok
11:56:29.0470 5412  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:56:29.0514 5412  Ndisuio - ok
11:56:29.0554 5412  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:56:29.0603 5412  NdisWan - ok
11:56:29.0627 5412  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:56:29.0653 5412  NDProxy - ok
11:56:29.0683 5412  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:56:29.0728 5412  NetBIOS - ok
11:56:29.0747 5412  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:56:29.0775 5412  NetBT - ok
11:56:29.0795 5412  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
11:56:29.0804 5412  Netlogon - ok
11:56:29.0828 5412  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
11:56:29.0879 5412  Netman - ok
11:56:29.0929 5412  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:56:29.0936 5412  NetMsmqActivator - ok
11:56:29.0939 5412  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:56:29.0946 5412  NetPipeActivator - ok
11:56:29.0979 5412  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
11:56:30.0071 5412  netprofm - ok
11:56:30.0119 5412  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:56:30.0138 5412  NetTcpActivator - ok
11:56:30.0143 5412  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:56:30.0157 5412  NetTcpPortSharing - ok
11:56:30.0183 5412  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
11:56:30.0191 5412  nfrd960 - ok
11:56:30.0216 5412  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:56:30.0265 5412  NlaSvc - ok
11:56:30.0378 5412  [ 5839A8027D6D324A7CD494051A96628C ] NOBU            C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
11:56:30.0431 5412  NOBU - ok
11:56:30.0452 5412  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:56:30.0478 5412  Npfs - ok
11:56:30.0494 5412  npggsvc - ok
11:56:30.0497 5412  NPPTNT2 - ok
11:56:30.0515 5412  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
11:56:30.0558 5412  nsi - ok
11:56:30.0585 5412  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:56:30.0627 5412  nsiproxy - ok
11:56:30.0700 5412  [ A2F74975097F52A00745F9637451FDD8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:56:30.0732 5412  Ntfs - ok
11:56:30.0793 5412  [ 1873214666F6F0A883742DF91FBC48C9 ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
11:56:30.0819 5412  NTI IScheduleSvc - ok
11:56:30.0839 5412  [ EE3BA1024594D5D09E314F206B94069E ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
11:56:30.0848 5412  NTIDrvr - ok
11:56:30.0872 5412  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
11:56:30.0907 5412  Null - ok
11:56:30.0934 5412  [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
11:56:30.0956 5412  nusb3hub - ok
11:56:30.0966 5412  [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
11:56:31.0015 5412  nusb3xhc - ok
11:56:31.0279 5412  [ E97E8C80793EF12C994607CA5645799A ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:56:31.0609 5412  nvlddmkm - ok
11:56:31.0638 5412  [ 50612BD6943B9CB20008E9E241DC8B7D ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
11:56:31.0645 5412  nvpciflt - ok
11:56:31.0667 5412  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:56:31.0677 5412  nvraid - ok
11:56:31.0681 5412  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:56:31.0692 5412  nvstor - ok
11:56:31.0750 5412  [ F355C26FDE46EDB911E3E3D749E985AE ] nvsvc           C:\Windows\system32\nvvsvc.exe
11:56:31.0782 5412  nvsvc - ok
11:56:31.0862 5412  [ 03AA7307C0D92D38D7AF90E181736B8D ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
11:56:31.0901 5412  nvUpdatusService - ok
11:56:31.0928 5412  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:56:31.0937 5412  nv_agp - ok
11:56:31.0951 5412  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:56:31.0976 5412  ohci1394 - ok
11:56:32.0054 5412  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:56:32.0062 5412  ose - ok
11:56:32.0256 5412  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:56:32.0410 5412  osppsvc - ok
11:56:32.0449 5412  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:56:32.0498 5412  p2pimsvc - ok
11:56:32.0530 5412  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
11:56:32.0543 5412  p2psvc - ok
11:56:32.0560 5412  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
11:56:32.0570 5412  Parport - ok
11:56:32.0596 5412  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:56:32.0604 5412  partmgr - ok
11:56:32.0631 5412  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:56:32.0669 5412  PcaSvc - ok
11:56:32.0708 5412  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
11:56:32.0736 5412  pci - ok
11:56:32.0755 5412  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
11:56:32.0763 5412  pciide - ok
11:56:32.0775 5412  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
11:56:32.0786 5412  pcmcia - ok
11:56:32.0801 5412  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:56:32.0808 5412  pcw - ok
11:56:32.0833 5412  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:56:32.0884 5412  PEAUTH - ok
11:56:32.0984 5412  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:56:33.0029 5412  PerfHost - ok
11:56:33.0088 5412  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
11:56:33.0134 5412  pla - ok
11:56:33.0183 5412  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:56:33.0238 5412  PlugPlay - ok
11:56:33.0257 5412  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:56:33.0300 5412  PNRPAutoReg - ok
11:56:33.0327 5412  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:56:33.0345 5412  PNRPsvc - ok
11:56:33.0369 5412  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:56:33.0436 5412  PolicyAgent - ok
11:56:33.0472 5412  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
11:56:33.0536 5412  Power - ok
11:56:33.0571 5412  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:56:33.0621 5412  PptpMiniport - ok
11:56:33.0641 5412  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
11:56:33.0686 5412  Processor - ok
11:56:33.0734 5412  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:56:33.0789 5412  ProfSvc - ok
11:56:33.0806 5412  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:56:33.0819 5412  ProtectedStorage - ok
11:56:33.0837 5412  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:56:33.0888 5412  Psched - ok
11:56:33.0945 5412  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
11:56:33.0977 5412  ql2300 - ok
11:56:33.0981 5412  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
11:56:33.0990 5412  ql40xx - ok
11:56:34.0014 5412  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
11:56:34.0029 5412  QWAVE - ok
11:56:34.0044 5412  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:56:34.0079 5412  QWAVEdrv - ok
11:56:34.0109 5412  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:56:34.0136 5412  RasAcd - ok
11:56:34.0161 5412  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:56:34.0187 5412  RasAgileVpn - ok
11:56:34.0206 5412  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
11:56:34.0249 5412  RasAuto - ok
11:56:34.0268 5412  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:56:34.0296 5412  Rasl2tp - ok
11:56:34.0313 5412  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
11:56:34.0362 5412  RasMan - ok
11:56:34.0385 5412  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:56:34.0428 5412  RasPppoe - ok
11:56:34.0460 5412  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:56:34.0524 5412  RasSstp - ok
11:56:34.0541 5412  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:56:34.0568 5412  rdbss - ok
11:56:34.0579 5412  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
11:56:34.0613 5412  rdpbus - ok
11:56:34.0668 5412  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:56:34.0743 5412  RDPCDD - ok
11:56:34.0752 5412  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:56:34.0802 5412  RDPENCDD - ok
11:56:34.0805 5412  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:56:34.0832 5412  RDPREFMP - ok
11:56:34.0868 5412  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:56:34.0897 5412  RDPWD - ok
11:56:34.0928 5412  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:56:34.0938 5412  rdyboost - ok
11:56:34.0956 5412  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:56:35.0001 5412  RemoteAccess - ok
11:56:35.0032 5412  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:56:35.0060 5412  RemoteRegistry - ok
11:56:35.0075 5412  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:56:35.0122 5412  RpcEptMapper - ok
11:56:35.0155 5412  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
11:56:35.0195 5412  RpcLocator - ok
11:56:35.0240 5412  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
11:56:35.0269 5412  RpcSs - ok
11:56:35.0293 5412  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:56:35.0338 5412  rspndr - ok
11:56:35.0361 5412  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
11:56:35.0370 5412  SamSs - ok
11:56:35.0380 5412  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:56:35.0389 5412  sbp2port - ok
11:56:35.0411 5412  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:56:35.0439 5412  SCardSvr - ok
11:56:35.0448 5412  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:56:35.0494 5412  scfilter - ok
11:56:35.0536 5412  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
11:56:35.0589 5412  Schedule - ok
11:56:35.0622 5412  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:56:35.0648 5412  SCPolicySvc - ok
11:56:35.0677 5412  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
11:56:35.0709 5412  sdbus - ok
11:56:35.0746 5412  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:56:35.0796 5412  SDRSVC - ok
11:56:35.0829 5412  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:56:35.0873 5412  secdrv - ok
11:56:35.0901 5412  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
11:56:35.0927 5412  seclogon - ok
11:56:35.0939 5412  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
11:56:35.0982 5412  SENS - ok
11:56:36.0012 5412  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:56:36.0063 5412  SensrSvc - ok
11:56:36.0088 5412  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
11:56:36.0124 5412  Serenum - ok
11:56:36.0152 5412  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
11:56:36.0178 5412  Serial - ok
11:56:36.0196 5412  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
11:56:36.0205 5412  sermouse - ok
11:56:36.0238 5412  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
11:56:36.0307 5412  SessionEnv - ok
11:56:36.0310 5412  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:56:36.0321 5412  sffdisk - ok
11:56:36.0323 5412  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:56:36.0340 5412  sffp_mmc - ok
11:56:36.0358 5412  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:56:36.0387 5412  sffp_sd - ok
11:56:36.0413 5412  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
11:56:36.0443 5412  sfloppy - ok
11:56:36.0501 5412  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:56:36.0544 5412  SharedAccess - ok
11:56:36.0566 5412  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:56:36.0610 5412  ShellHWDetection - ok
11:56:36.0648 5412  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
11:56:36.0656 5412  SiSRaid2 - ok
11:56:36.0659 5412  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
11:56:36.0667 5412  SiSRaid4 - ok
11:56:36.0723 5412  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
11:56:36.0743 5412  SkypeUpdate - ok
11:56:36.0762 5412  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:56:36.0822 5412  Smb - ok
11:56:36.0871 5412  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:56:36.0897 5412  SNMPTRAP - ok
11:56:36.0925 5412  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:56:36.0932 5412  spldr - ok
11:56:36.0970 5412  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
11:56:37.0008 5412  Spooler - ok
11:56:37.0115 5412  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
11:56:37.0231 5412  sppsvc - ok
11:56:37.0259 5412  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:56:37.0286 5412  sppuinotify - ok
11:56:37.0302 5412  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:56:37.0363 5412  srv - ok
11:56:37.0378 5412  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:56:37.0410 5412  srv2 - ok
11:56:37.0438 5412  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:56:37.0447 5412  srvnet - ok
11:56:37.0482 5412  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:56:37.0526 5412  SSDPSRV - ok
11:56:37.0545 5412  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:56:37.0573 5412  SstpSvc - ok
11:56:37.0635 5412  Steam Client Service - ok
11:56:37.0651 5412  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
11:56:37.0658 5412  stexstor - ok
11:56:37.0704 5412  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
11:56:37.0723 5412  stisvc - ok
11:56:37.0764 5412  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
11:56:37.0773 5412  swenum - ok
11:56:37.0815 5412  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
11:56:37.0869 5412  swprv - ok
11:56:37.0914 5412  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
11:56:37.0967 5412  SysMain - ok
11:56:38.0000 5412  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:56:38.0014 5412  TabletInputService - ok
11:56:38.0039 5412  [ B08740047145B9BCE15BF75CA0F9718A ] tap0901t        C:\Windows\system32\DRIVERS\tap0901t.sys
11:56:38.0094 5412  tap0901t - ok
11:56:38.0205 5412  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:56:38.0265 5412  TapiSrv - ok
11:56:38.0290 5412  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
11:56:38.0345 5412  TBS - ok
11:56:38.0440 5412  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:56:38.0476 5412  Tcpip - ok
11:56:38.0549 5412  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:56:38.0577 5412  TCPIP6 - ok
11:56:38.0605 5412  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:56:38.0651 5412  tcpipreg - ok
11:56:38.0672 5412  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:56:38.0691 5412  TDPIPE - ok
11:56:38.0723 5412  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:56:38.0732 5412  TDTCP - ok
11:56:38.0776 5412  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:56:38.0803 5412  tdx - ok
11:56:38.0816 5412  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
11:56:38.0824 5412  TermDD - ok
11:56:38.0862 5412  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
11:56:38.0917 5412  TermService - ok
11:56:38.0937 5412  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
11:56:38.0950 5412  Themes - ok
11:56:38.0965 5412  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
11:56:38.0991 5412  THREADORDER - ok
11:56:39.0016 5412  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
11:56:39.0096 5412  TrkWks - ok
11:56:39.0150 5412  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:56:39.0223 5412  TrustedInstaller - ok
11:56:39.0246 5412  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:56:39.0295 5412  tssecsrv - ok
11:56:39.0327 5412  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:56:39.0385 5412  TsUsbFlt - ok
11:56:39.0404 5412  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
11:56:39.0438 5412  TsUsbGD - ok
11:56:39.0485 5412  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:56:39.0555 5412  tunnel - ok
11:56:39.0632 5412  [ 3DB1CE045A552161EF7252988752C65F ] TunngleService  C:\Program Files (x86)\Tunngle\TnglCtrl.exe
11:56:39.0662 5412  TunngleService - ok
11:56:39.0693 5412  [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
11:56:39.0700 5412  TurboB - ok
11:56:39.0734 5412  [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
11:56:39.0757 5412  TurboBoost - ok
11:56:39.0782 5412  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
11:56:39.0792 5412  uagp35 - ok
11:56:39.0799 5412  [ A17D5E1A6DF4EAB0A480F2C490DE4C9D ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
11:56:39.0807 5412  UBHelper - ok
11:56:39.0820 5412  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:56:39.0880 5412  udfs - ok
11:56:39.0912 5412  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:56:39.0923 5412  UI0Detect - ok
11:56:39.0946 5412  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:56:39.0954 5412  uliagpkx - ok
11:56:39.0980 5412  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
11:56:40.0022 5412  umbus - ok
11:56:40.0059 5412  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
11:56:40.0087 5412  UmPass - ok
11:56:40.0197 5412  [ 374EBDA379A8F38E0CFC2211611E7167 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
11:56:40.0256 5412  UNS - ok
11:56:40.0281 5412  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
11:56:40.0336 5412  upnphost - ok
11:56:40.0368 5412  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:56:40.0383 5412  usbccgp - ok
11:56:40.0405 5412  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:56:40.0417 5412  usbcir - ok
11:56:40.0445 5412  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
11:56:40.0483 5412  usbehci - ok
11:56:40.0520 5412  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
11:56:40.0559 5412  usbhub - ok
11:56:40.0592 5412  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
11:56:40.0619 5412  usbohci - ok
11:56:40.0622 5412  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
11:56:40.0647 5412  usbprint - ok
11:56:40.0673 5412  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:56:40.0723 5412  USBSTOR - ok
11:56:40.0741 5412  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
11:56:40.0766 5412  usbuhci - ok
11:56:40.0809 5412  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
11:56:40.0822 5412  usbvideo - ok
11:56:40.0850 5412  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
11:56:40.0899 5412  UxSms - ok
11:56:40.0917 5412  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
11:56:40.0926 5412  VaultSvc - ok
11:56:40.0943 5412  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:56:40.0950 5412  vdrvroot - ok
11:56:40.0966 5412  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
11:56:41.0014 5412  vds - ok
11:56:41.0050 5412  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:56:41.0079 5412  vga - ok
11:56:41.0094 5412  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:56:41.0146 5412  VgaSave - ok
11:56:41.0170 5412  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:56:41.0181 5412  vhdmp - ok
11:56:41.0198 5412  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:56:41.0205 5412  viaide - ok
11:56:41.0227 5412  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:56:41.0235 5412  volmgr - ok
11:56:41.0254 5412  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:56:41.0266 5412  volmgrx - ok
11:56:41.0283 5412  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:56:41.0294 5412  volsnap - ok
11:56:41.0332 5412  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
11:56:41.0342 5412  vsmraid - ok
11:56:41.0399 5412  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
11:56:41.0471 5412  VSS - ok
11:56:41.0488 5412  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
11:56:41.0520 5412  vwifibus - ok
11:56:41.0546 5412  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:56:41.0577 5412  vwififlt - ok
11:56:41.0616 5412  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
11:56:41.0629 5412  vwifimp - ok
11:56:41.0650 5412  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
11:56:41.0680 5412  W32Time - ok
11:56:41.0706 5412  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
11:56:41.0737 5412  WacomPen - ok
11:56:41.0774 5412  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:56:41.0815 5412  WANARP - ok
11:56:41.0818 5412  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:56:41.0843 5412  Wanarpv6 - ok
11:56:41.0899 5412  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
11:56:41.0975 5412  wbengine - ok
11:56:42.0014 5412  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:56:42.0043 5412  WbioSrvc - ok
11:56:42.0064 5412  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:56:42.0102 5412  wcncsvc - ok
11:56:42.0135 5412  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:56:42.0192 5412  WcsPlugInService - ok
11:56:42.0219 5412  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
11:56:42.0232 5412  Wd - ok
11:56:42.0258 5412  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:56:42.0275 5412  Wdf01000 - ok
11:56:42.0287 5412  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:56:42.0373 5412  WdiServiceHost - ok
11:56:42.0376 5412  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:56:42.0389 5412  WdiSystemHost - ok
11:56:42.0410 5412  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
11:56:42.0448 5412  WebClient - ok
11:56:42.0474 5412  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:56:42.0521 5412  Wecsvc - ok
11:56:42.0558 5412  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:56:42.0632 5412  wercplsupport - ok
11:56:42.0673 5412  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:56:42.0716 5412  WerSvc - ok
11:56:42.0739 5412  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:56:42.0765 5412  WfpLwf - ok
11:56:42.0782 5412  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:56:42.0789 5412  WIMMount - ok
11:56:42.0813 5412  WinDefend - ok
11:56:42.0817 5412  WinHttpAutoProxySvc - ok
11:56:42.0865 5412  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:56:42.0892 5412  Winmgmt - ok
11:56:42.0945 5412  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
11:56:42.0997 5412  WinRM - ok
11:56:43.0027 5412  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:56:43.0068 5412  Wlansvc - ok
11:56:43.0172 5412  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:56:43.0187 5412  wlcrasvc - ok
11:56:43.0291 5412  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:56:43.0335 5412  wlidsvc - ok
11:56:43.0368 5412  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
11:56:43.0406 5412  WmiAcpi - ok
11:56:43.0443 5412  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:56:43.0483 5412  wmiApSrv - ok
11:56:43.0519 5412  WMPNetworkSvc - ok
11:56:43.0552 5412  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:56:43.0579 5412  WPCSvc - ok
11:56:43.0597 5412  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:56:43.0614 5412  WPDBusEnum - ok
11:56:43.0641 5412  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:56:43.0681 5412  ws2ifsl - ok
11:56:43.0707 5412  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
11:56:43.0743 5412  wscsvc - ok
11:56:43.0745 5412  WSearch - ok
11:56:43.0820 5412  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:56:43.0865 5412  wuauserv - ok
11:56:43.0874 5412  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:56:43.0919 5412  WudfPf - ok
11:56:43.0967 5412  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:56:44.0031 5412  WUDFRd - ok
11:56:44.0069 5412  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:56:44.0096 5412  wudfsvc - ok
11:56:44.0110 5412  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:56:44.0141 5412  WwanSvc - ok
11:56:44.0248 5412  X6va006 - ok
11:56:44.0355 5412  X6va008 - ok
11:56:44.0383 5412  ================ Scan global ===============================
11:56:44.0407 5412  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:56:44.0435 5412  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
11:56:44.0441 5412  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
11:56:44.0472 5412  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:56:44.0502 5412  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:56:44.0506 5412  [Global] - ok
11:56:44.0506 5412  ================ Scan MBR ==================================
11:56:44.0525 5412  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:56:44.0922 5412  \Device\Harddisk0\DR0 - ok
11:56:44.0923 5412  ================ Scan VBR ==================================
11:56:44.0958 5412  [ B6D95A0B9E296B0F04B783A7DA4F14C5 ] \Device\Harddisk0\DR0\Partition1
11:56:44.0960 5412  \Device\Harddisk0\DR0\Partition1 - ok
11:56:44.0970 5412  [ 3BF003964A2153FA31EFF61456894DF6 ] \Device\Harddisk0\DR0\Partition2
11:56:44.0972 5412  \Device\Harddisk0\DR0\Partition2 - ok
11:56:44.0972 5412  ============================================================
11:56:44.0972 5412  Scan finished
11:56:44.0972 5412  ============================================================
11:56:44.0983 5476  Detected object count: 2
11:56:44.0983 5476  Actual detected object count: 2
11:57:15.0931 5476  Akamai ( HiddenFile.Multi.Generic ) - skipped by user
11:57:15.0931 5476  Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 
11:57:15.0932 5476  DAZContentManagementService ( UnsignedFile.Multi.Generic ) - skipped by user
11:57:15.0932 5476  DAZContentManagementService ( UnsignedFile.Multi.Generic ) - User select action: Skip

cosinus · 16.09.2012, 18:31

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Lade dir ComboFix hier herunter auf deinen Desktop.

Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

05.08.2012, 15:21	#32
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	MyStart Incredibar auf Rechner entdeckt, was kann ich tun? Hätte da mal drei Fragen bevor es weiter geht 1.) Geht der normale Modus von Windows (wieder) uneingeschränkt? 2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden? 3.) Die incredi-Kacke ist nun weg? __________________ __________________

01.09.2012, 12:06	#40
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	MyStart Incredibar auf Rechner entdeckt, was kann ich tun? Starte Windows neu im abgesicherten Modus (mit Netzwerktreibern nach Möglichkeit), manchmal hakt das Fixen mit OTL im normalen Modus aber sehr oft funktioniert der Fix im abgesicherte Modus. __________________ Logfiles bitte immer in CODE-Tags posten

MyStart Incredibar auf Rechner entdeckt, was kann ich tun?

Plagegeister aller Art und deren Bekämpfung: MyStart Incredibar auf Rechner entdeckt, was kann ich tun?