Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Malware Problem

Malware Problem


Log-Analyse und Auswertung: Malware Problem

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Seite 1 von 3 1 23
Alt 28.11.2012, 18:14   #1
Belatucradus
 
Malware Problem - Standard

Malware Problem


Einen wunderschönen guten Tag, Trojaner-Board

Ich kenne euer Forum schon lange, und wenn ich eines weiß dann ist es eines, euer Forum ist das beste
Genug der Schmeichelheiten.
---------------------------------

Zuerst mal zum Problem, Meine Freundin hat mal " Malwarebytes Anti-Malware "
Durch laufen lassen.. und da haben sich interessante Sachen gefunden.


a)
Meine Freundin ist "sehr, sehr" schüchtern, sie traut sich nicht mal hier einen Forum-Thread aufzumachen (ik. lächerlich), zur Liebe habe ich für sie ein Thema eröffnet
Ich hoffe, ihr könnt helfen =)

Mfg,
Belatucradus.

[WICHTIG: Könnt ihr mir Informationen über diese "viren" oder was das eigentlich ist geben ?
Finde im Internet nur crap..


Malwarebytes Anti-Malware (Test) 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.11.27.10

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
User :: MANUU-PC [Administrator]

Schutz: Aktiviert

28.11.2012 15:16:57
mbam-log-2012-11-28 (16-07-39).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 301315
Laufzeit: 12 Minute(n), 8 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 9
HKCR\CLSID\{11111111-1111-1111-1111-110011501160} (PUP.CrossRider.SSK) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{44444444-4444-4444-4444-440044504460} (PUP.CrossRider.SSK) -> Keine Aktion durchgeführt.
HKCR\Interface\{55555555-5555-5555-5555-550055505560} (PUP.CrossRider.SSK) -> Keine Aktion durchgeführt.
HKCR\CrossriderApp0005060.BHO.1 (PUP.CrossRider.SSK) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011501160} (PUP.CrossRider.SSK) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160} (PUP.CrossRider.SSK) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160} (PUP.CrossRider.SSK) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Savings Sidekick (PUP.CrossRider.SSK) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\215 APPS (PUP.CrossFire.SA) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 1
HKCU\Software\InstalledBrowserExtensions\215 Apps|5060 (PUP.CrossFire.SA) -> Daten: Savings Sidekick -> Keine Aktion durchgeführt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 2
C:\ProgramData\IBUpdaterService (PUP.InstallBrain) -> Keine Aktion durchgeführt.
C:\Program Files\Savings Sidekick (PUP.CrossRider.SSK) -> Keine Aktion durchgeführt.

Infizierte Dateien: 12
C:\Program Files\Savings Sidekick\Savings Sidekick.dll (PUP.CrossRider.SSK) -> Keine Aktion durchgeführt.
C:\Users\User\AppData\Local\Temp\softonic_ssk_conduit.exe (PUP.BundleInstaller.IB) -> Keine Aktion durchgeführt.
C:\Users\User\Downloads\SoftonicDownloader_fuer_die-sims-2-wilde-campus-jahre.exe (PUP.OfferBundler.ST) -> Keine Aktion durchgeführt.
C:\Users\User\Downloads\SoftonicDownloader_fuer_photoscape.exe (PUP.OfferBundler.ST) -> Keine Aktion durchgeführt.
C:\ProgramData\IBUpdaterService\repository.xml (PUP.InstallBrain) -> Keine Aktion durchgeführt.
C:\Program Files\Savings Sidekick\Savings SidekickInstaller.log (PUP.CrossRider.SSK) -> Keine Aktion durchgeführt.
C:\Program Files\Savings Sidekick\Savings Sidekick-bg.exe (PUP.CrossRider.SSK) -> Keine Aktion durchgeführt.
C:\Program Files\Savings Sidekick\Savings Sidekick.exe (PUP.CrossRider.SSK) -> Keine Aktion durchgeführt.
C:\Program Files\Savings Sidekick\Savings Sidekick.ico (PUP.CrossRider.SSK) -> Keine Aktion durchgeführt.
C:\Program Files\Savings Sidekick\Savings Sidekick.ini (PUP.CrossRider.SSK) -> Keine Aktion durchgeführt.
C:\Program Files\Savings Sidekick\Uninstall.exe (PUP.CrossRider.SSK) -> Keine Aktion durchgeführt.
C:\Users\User\AppData\Local\Savings Sidekick\Chrome\Savings Sidekick.crx (PUP.CrossRider.SSK) -> Keine Aktion durchgeführt.

(Ende)

Alt 30.11.2012, 12:29   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Malware Problem - Standard

Malware Problem


Hallo und

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.


Mach bitte einen CustomScan mit OTL . Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet

Code:
ATTFilter
msconfig
netsvcs
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMROOT%\system32\drivers\*.sys /lockedfiles
%SYSTEMROOT%\System32\config\*.sav
%SYSTEMROOT%\*. /mp /s
%SYSTEMROOT%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread
__________________

__________________
Alt 30.11.2012, 21:11   #3
Belatucradus
 
Malware Problem - Standard

Malware Problem


Hallo & danke,

Hier die Ergebnisse, die du wolltest
---

OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 30.11.2012 17:04:31 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\User\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 0,26 Gb Available Physical Memory | 12,84% Memory free
4,00 Gb Paging File | 0,83 Gb Available in Paging File | 20,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 240,67 Gb Total Space | 23,96 Gb Free Space | 9,96% Space Free | Partition Type: NTFS
Drive D: | 225,00 Gb Total Space | 39,26 Gb Free Space | 17,45% Space Free | Partition Type: NTFS
Drive E: | 4,93 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 465,76 Gb Total Space | 198,65 Gb Free Space | 42,65% Space Free | Partition Type: NTFS
 
Computer Name: MANUU-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3593604086-429341408-3109665741-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Mit Corel PaintShop Photo Pro X3 durchsuchen] -- "c:\Program Files\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\Corel Paint Shop Pro Photo.exe" "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02350A75-070B-4EFB-A07B-EABC6F42CC3B}" = lport=137 | protocol=17 | dir=in | app=system | 
"{04FE09EA-910C-463B-B0FF-4748094B67EC}" = lport=139 | protocol=6 | dir=in | app=system | 
"{0FE7B969-B5F9-48EC-9820-8E023BB50F34}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{11397179-D745-425F-AFAC-24392CE21BAF}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{145D420A-6BA4-429E-BDD1-0076535C3BC1}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{1F35AB04-9D4E-46D1-852B-6DA325D82D7C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{2CC6EA18-8BF8-406A-96C1-93AB4F4AFCDF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{33AE105F-294D-4224-95B1-A74116600371}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{3FE3EEB0-0B51-4B9F-BF95-7AC9F45BA2EC}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{4297E87E-EEC8-4038-9B25-EE37ECB192DE}" = lport=54005 | protocol=6 | dir=in | name=akamai netsession interface | 
"{42B3C211-C17F-4425-B589-57DF8EA36EBE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{447E6C30-AAAC-49A7-8ED6-D4BF67A3FCC2}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{4E5D9453-E13C-469D-98AD-BFC51252FB91}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{577F3C01-D4D4-4B27-858F-FDA5CCA403EB}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | 
"{61A1CEBD-E33C-41D7-8249-583AB5407661}" = rport=139 | protocol=6 | dir=out | app=system | 
"{7165D842-5D97-4012-BC6F-452283598233}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{74AA94BE-AB17-4EE4-954E-47EBED24F3D7}" = lport=138 | protocol=17 | dir=in | app=system | 
"{808939EA-B172-497D-9F0C-C1A480F4CC52}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{8E37CFE0-47D6-4F6D-9161-FDD7C72A3099}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{976337A9-58FE-4CF5-B71E-9847C314A0E9}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{9BE052C6-0F65-4418-9AB3-C9FC5C6B1843}" = lport=445 | protocol=6 | dir=in | app=system | 
"{A6C8B5C1-4877-4C8E-909C-67ADF1DEF486}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{AF988FE6-C0FB-4565-9108-975BB7D3B8B0}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{BD970FC8-097D-44D8-AA04-C8AA39BFC4E7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{BE46AF4A-245E-4091-840C-4B11ED26C082}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{C00660EB-A99B-431B-8316-CAB756955F54}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{C20E53B7-ECA8-4C90-910D-FD7D2B128BE0}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{C417F3FA-F294-4A2D-B4AF-96B0127220B5}" = rport=138 | protocol=17 | dir=out | app=system | 
"{CF50C6A8-74C9-40B8-AA62-2F4D230C9C0B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{D467F531-F6D2-4E51-86C3-7DF49E9FCA63}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{DEF27483-22CF-4DAD-AF3F-6EA19BDC0DB9}" = rport=137 | protocol=17 | dir=out | app=system | 
"{EBE649E8-2603-4D53-9B1F-5DAD8B959A6E}" = rport=445 | protocol=6 | dir=out | app=system | 
"{EDBA0EE7-30AD-482B-8172-8C89E78D4C15}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{EFBADF04-FE52-4C26-9B9A-7AA323BA6F1C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{F0D0BECD-B81D-4498-81FB-D3CED8AA9A6C}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{F7EFA886-270C-4253-9594-D1DC2251B0A8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{FFA7C060-5343-48DB-8B22-7B71C009BDD0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03FE2B25-7205-47CE-AFBA-3965D4DEDBF3}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{068F5F1D-A6F7-4449-BD30-B10AEF9BE7B0}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{07C36032-5D43-4358-B9A0-9AD28212AC7D}" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.exe | 
"{0A625213-F957-4589-83EB-9D1E87F11E69}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.exe | 
"{0C060538-554B-4489-AA3B-D39868301863}" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe | 
"{0E9D4784-25EA-4511-B020-BB72D41CAB7D}" = protocol=6 | dir=in | app=c:\program files\logitech\vid hd\vid.exe | 
"{0F5CABDE-3544-4393-A7EE-59A876DEF441}" = protocol=17 | dir=in | app=f:\world of warcraft 1\launcher.exe | 
"{1058327F-2192-4B3E-B70B-67B5F32F3C8F}" = protocol=17 | dir=in | app=d:\world of warcraft\world of warcraft\launcher.patch.exe | 
"{113B41E0-7325-40FE-ABA3-579E22985ABE}" = protocol=6 | dir=in | app=d:\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe | 
"{145EED5D-ADE4-45F4-8F9B-4021C040360F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{1565B434-9365-4EE6-8570-33F3957EE5B5}" = protocol=17 | dir=in | app=f:\world of warcraft 1\temp\wow-4.2.1.2756-enus-tools-downloader.exe | 
"{16CF084C-BDDC-41EE-9180-806F432DCC86}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe | 
"{17FF0A15-2B13-46C6-8FF2-7BDD02ACE434}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{1840D0C5-0E65-45FD-B2C0-3CE9509FED38}" = protocol=6 | dir=in | app=c:\users\user\desktop\wow - kopie - kopie\launcher.exe | 
"{19609836-6C8D-450A-A8D4-5F15635637D8}" = protocol=6 | dir=in | app=c:\users\user\desktop\wow - kopie - kopie\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe | 
"{1C5F6238-34EA-4F40-BFA8-46D6F979706D}" = protocol=58 | dir=in | app=system | 
"{1DD64930-C18A-43AB-A88E-C3297CF50560}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | 
"{225D3BF8-E7E6-413A-980B-52B1BF9384E9}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{2473CF2C-5EA0-4235-B2E8-ABAFA4CCE0BF}" = protocol=17 | dir=in | app=d:\world of warcraft\world of warcraft\launcher.exe | 
"{268E1E68-6EFC-44DB-9A4B-645DC83C0AAE}" = protocol=17 | dir=in | app=c:\program files\prettymaybasic\prettymay.exe | 
"{2D9D18E9-BC3D-4445-9124-278864979636}" = protocol=17 | dir=in | app=c:\users\user\desktop\wow - kopie - kopie\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe | 
"{2FA411E8-A0D1-4EEE-8775-FBD82E8FC001}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{3453B1EB-02F8-4426-9622-2A88379C495A}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe | 
"{34AC7C86-D929-4057-B788-07D300AD3156}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{36A6A2EF-1BE5-47FF-AA6B-FCBF4A75D7FA}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{37AA4715-1C2C-4695-BE44-CC671E3F0B59}" = protocol=6 | dir=in | app=f:\world of warcraft 1\launcher.exe | 
"{3C0DC04E-AB1F-45EB-AFB2-1DFCB416832C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{3C8C8279-73F6-4F90-B53E-3C738F86E1BA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{3E94AA2C-58A9-47A7-98A0-1C3CA99A47A1}" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.exe | 
"{413FCCED-2050-44D3-AC5E-FF46275504F2}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe | 
"{467858CE-3373-488D-9040-22EEBA88438D}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | 
"{49965159-D2BD-4AD2-9536-B9DC9EA19F18}" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.patch.exe | 
"{49E9CD1A-7B26-4891-8D94-7E786B02B100}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe | 
"{4C514851-E87D-4B0F-B02F-CE437BA30476}" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe | 
"{4CA4838B-DB80-4A9E-8946-D4936DD80CDF}" = protocol=6 | dir=in | app=c:\users\user\appdata\local\akamai\netsession_win.exe | 
"{55E31247-D83F-4AEB-99CB-16D89DDC74CC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{578C5543-06A4-4CB5-AD13-5F3DAF4F908F}" = protocol=17 | dir=in | app=d:\world of warcraft\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe | 
"{59210A10-7EFD-4A46-95DB-D44CE4A88224}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{5A4F0906-61D2-4014-8191-D6FC796C7D33}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe | 
"{5BB2EFBC-88C9-4AB5-B2C6-9FCB366073BF}" = protocol=17 | dir=in | app=d:\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe | 
"{5F4BFCBF-E7DA-49DF-8EB7-40DB2CAC6C86}" = protocol=6 | dir=in | app=d:\world of warcraft\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe | 
"{63AFC118-4712-4F22-B701-A7A56FBCE3F8}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{64A3F4CF-EBE2-4EAA-83D3-51A3DBEBB7BE}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{6722DE90-BF4F-41D4-977F-747F42960D7D}" = protocol=6 | dir=in | app=c:\program files\prettymaybasic\prettymay.exe | 
"{68CDE297-95DA-4DAB-BD1E-EBA5DB4CDB2D}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | 
"{6BD7C4AA-2711-4AFA-ABE7-8EDA8F8658C4}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{7247D27A-E634-4345-BA65-E018D0736EF3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{73FD590E-DB46-44C5-AA15-50621DEFDA3D}" = protocol=6 | dir=in | app=c:\program files\dvdvideosofttoolbar\dtuser.exe | 
"{7A36779E-40E6-4660-8019-86ED4AF93C5D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe | 
"{7A756402-B65F-479C-B9F5-4F4DB19A3079}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | 
"{7B087EF4-5680-48CF-8700-E36860DA4819}" = protocol=17 | dir=in | app=c:\program files\dvdvideosofttoolbar\dtuser.exe | 
"{7BCB57B4-4C01-471E-9BAC-7FEAAF9C9916}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{7FC7A608-AC76-4079-878C-429630C2D7BC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{8581969A-19FA-479B-81A2-A3642B65D349}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{85A04D3F-43D5-485D-BF06-CBD890800AE5}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer_service.exe | 
"{86A57A34-C77A-4BD6-B4F2-6FB0A850849C}" = protocol=6 | dir=in | app=d:\world of warcraft\world of warcraft\launcher.patch.exe | 
"{8836F2E4-FBFF-4C2C-9A53-08DC81F9C5FC}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe | 
"{8CCBC600-E9FE-40A7-B417-B83B5746AA48}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe | 
"{9004B553-7A14-44A9-BE1E-636CB81A9BEF}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.exe | 
"{9D94A85A-20ED-480C-9678-8B5859A80D7E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{9FFB9C2C-731A-4A79-BB8B-7A6DBD59BD97}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{A30B2B40-31B9-462B-A2EA-A13DEB29684E}" = protocol=6 | dir=in | app=c:\users\user\downloads\audioconverter_setup(2).exe | 
"{A4A42F0E-FAD8-423D-8D28-2E0ED1ACABF5}" = protocol=17 | dir=in | app=c:\users\user\desktop\wow - kopie - kopie\launcher.exe | 
"{A6A919D6-D73F-4465-9E7B-38900B02669B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{AB6B562A-55EA-4E22-B6FD-1199E77B928A}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer_service.exe | 
"{AD847F00-BEA5-44EC-9843-4D5A8BA9C513}" = protocol=6 | dir=out | app=system | 
"{B044FFC8-25BD-45FB-8906-B4C664E5AA61}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{B3B185B4-DA03-4A89-873A-B72FE99D1BFC}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe | 
"{B4110C65-CD34-4633-8C87-988B787E85D3}" = dir=in | app=c:\users\user\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"{B83BBC01-2B09-49E2-802C-DD63ECC9D9F6}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{BC7A6D33-61C3-4F2A-9680-43EEDE7BC356}" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\spotify\spotify.exe | 
"{BD3927EA-32C9-4B4C-A4D3-AEAD30CF635A}" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\spotify\spotify.exe | 
"{BE2662D0-85E0-46C6-96B5-728A411E3B00}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.2.0-dede-downloader.exe | 
"{BEBCB015-3699-407B-AF8E-FCAD53785C11}" = protocol=17 | dir=in | app=c:\program files\logitech\vid hd\vid.exe | 
"{C2FCA2CC-9A40-4E76-8D5A-28CC68CCB091}" = protocol=17 | dir=in | app=c:\users\user\downloads\sweetimsetup.exe | 
"{C32F2B04-16B4-4A6C-B97D-397887C0418E}" = protocol=17 | dir=in | app=c:\users\user\appdata\local\akamai\netsession_win.exe | 
"{C3ACCE8A-5E1F-4B80-B716-07C253648868}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{C6A90593-67DA-4399-8A74-1524D6A3AF29}" = protocol=6 | dir=in | app=d:\world of warcraft\world of warcraft\launcher.exe | 
"{CAE017DE-96C7-4325-95D6-4D28D0CB4E69}" = protocol=6 | dir=in | app=c:\users\user\desktop\wow - kopie - kopie\launcher.patch.exe | 
"{CEF517E1-D6B8-4A44-B9B8-8B90A2109C83}" = protocol=17 | dir=in | app=c:\users\user\desktop\wow - kopie - kopie\launcher.patch.exe | 
"{D0FF7BB2-00E8-48A1-9051-1C8C2FEE22EC}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{D311B642-C173-41AD-9D63-B3302D1A57DE}" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.patch.exe | 
"{DCE78D9F-4463-49B2-9DAE-C5C201A97EFA}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.2.0-dede-downloader.exe | 
"{E01BA4C8-0BEC-46B8-871D-C2869801F47B}" = protocol=17 | dir=in | app=c:\users\user\downloads\audioconverter_setup(2).exe | 
"{E1FD4910-56E5-444E-8F48-456520D18770}" = protocol=6 | dir=in | app=c:\users\user\downloads\sweetimsetup.exe | 
"{E2023BEB-485E-45F6-B22F-D4A6A61DD359}" = protocol=17 | dir=in | app=f:\world of warcraft 1\temp\wow-4.3-5.0.15890-enus-downloader.exe | 
"{E37FF0EA-1CFE-4A4C-9D48-6FACEAF02D3A}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.patch.exe | 
"{E5A4ED21-C344-4E16-91AA-C064037B62B9}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.patch.exe | 
"{E5A7AF7B-D8FF-4991-9061-18C967BE826E}" = protocol=6 | dir=in | app=f:\world of warcraft 1\temp\wow-4.3-5.0.15890-enus-downloader.exe | 
"{EC2B26DF-740F-4926-B3AA-D15E7D92E4A6}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{F0B39AE5-E229-4C8A-86B5-CBCDE77B61B1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{F526C96C-5560-4D4A-B946-893991EB1535}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{F58DE72A-5F92-49A9-88F8-2B4C5A4E31A9}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe | 
"{FC7828A4-386E-4492-961F-793C752293FB}" = protocol=6 | dir=in | app=f:\world of warcraft 1\temp\wow-4.2.1.2756-enus-tools-downloader.exe | 
"TCP Query User{052403D3-1D44-42E8-ACC9-C922C85DFB80}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | 
"TCP Query User{08270A47-11AD-4BE7-81F7-54E508373D6E}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"TCP Query User{11AD4EB7-23B4-48A4-AAFB-DDDD2C6F294B}C:\users\user\desktop\wow - kopie - kopie\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\wow - kopie - kopie\backgrounddownloader.exe | 
"TCP Query User{1D70191E-99FA-4AE0-8E72-CE559CFDF48E}C:\users\public\games\world of warcraft\blizzard downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\blizzard downloader.exe | 
"TCP Query User{1F455C08-F01B-4593-A221-E68C7024AB9B}C:\program files\prettymaybasic\prettymay.exe" = protocol=6 | dir=in | app=c:\program files\prettymaybasic\prettymay.exe | 
"TCP Query User{211F76A6-21C0-4314-BA95-375E4F21574C}F:\world of warcraft 1\launcher.patch.exe" = protocol=6 | dir=in | app=f:\world of warcraft 1\launcher.patch.exe | 
"TCP Query User{349A0034-86B2-4C86-A8B8-9CCAB3FBC528}D:\world of warcraft\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe | 
"TCP Query User{383840F8-18A3-48F8-A856-B1134679EBF8}C:\users\public\games\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe | 
"TCP Query User{414EBF0A-8198-4A19-BB93-6A495603BD79}C:\users\public\games\world of warcraft\temp\wow-4.2.0.2552-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.2.0.2552-enus-tools-downloader.exe | 
"TCP Query User{45DF059F-FBF4-47FC-89B6-29150F72740E}C:\users\public\games\world of warcraft\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe | 
"TCP Query User{496F905C-8AFF-46B5-B79C-AA0D6918002E}C:\users\public\games\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe | 
"TCP Query User{4C0BBF61-971F-4168-9312-1A7F1823D6CE}C:\users\user\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\user\appdata\local\akamai\netsession_win.exe | 
"TCP Query User{5D7A01FC-9C8C-4199-825E-609404EEAAB6}D:\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe | 
"TCP Query User{6B1225D6-898A-47D0-8A9E-90C5C92C8D3D}F:\world of warcraft 1\temp\wow-4.3-5.0.15890-enus-downloader.exe" = protocol=6 | dir=in | app=f:\world of warcraft 1\temp\wow-4.3-5.0.15890-enus-downloader.exe | 
"TCP Query User{6D937413-E0E8-4148-8562-1C41A6AABDED}C:\users\public\games\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-dede-downloader.exe | 
"TCP Query User{7041B0CA-AFBA-484D-B549-4B4B8FC68C79}C:\users\public\games\world of warcraft\wow-3.3.2.11403-to-3.3.3.11685-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.2.11403-to-3.3.3.11685-dede-downloader.exe | 
"TCP Query User{729F2CAA-7C36-4290-8E05-215B253DAD2B}C:\users\user\desktop\wow - kopie\wow-3.2.0.10192-to-3.3.0.10958-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\wow - kopie\wow-3.2.0.10192-to-3.3.0.10958-dede-downloader.exe | 
"TCP Query User{7869C16E-7158-45C1-BDEC-055197FF34A1}C:\users\public\games\world of warcraft\temp\wow-4.0.0.2104-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.0.0.2104-enus-tools-downloader.exe | 
"TCP Query User{7FDCE5B6-3673-49E2-978F-B8D86BBBCE6F}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe | 
"TCP Query User{88E6D92A-4C14-4D78-AB9D-3B3B56C146E0}C:\users\public\games\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe | 
"TCP Query User{A3F23D8C-82C7-4642-9069-103A6A937E21}C:\program files\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe | 
"TCP Query User{A75A6418-A616-4B4A-B25A-5D599537CD25}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"TCP Query User{AA7B47E1-05E5-45CA-9044-1E14B9E6C4B5}C:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.2103-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.2103-enus-tools-downloader.exe | 
"TCP Query User{AC628CC7-4378-44AE-AEF1-E2E7F78DF1EE}C:\program files\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe | 
"TCP Query User{AEB12D6E-A0DB-47A6-894E-402515321EE2}F:\world of warcraft 1\temp\wow-4.2.1.2756-enus-tools-downloader.exe" = protocol=6 | dir=in | app=f:\world of warcraft 1\temp\wow-4.2.1.2756-enus-tools-downloader.exe | 
"TCP Query User{B0F89C1E-BF52-425B-85CA-6A0FF5BB7721}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"TCP Query User{B1D5F5EE-8F8F-4736-B9BF-815B985D52C8}C:\users\public\games\world of warcraft\temp\wow-4.0.1.2120-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.0.1.2120-enus-tools-downloader.exe | 
"TCP Query User{B48D924C-F7DB-4292-8AF1-C30DDAC20A31}C:\users\public\games\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe | 
"TCP Query User{B4D27E42-C945-4D74-A957-D347E9049B7D}C:\users\user\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\spotify\spotify.exe | 
"TCP Query User{B5F069E8-EEF6-46C6-A65F-CE45334A0013}C:\program files\logitech\logitech vid\vid.exe" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe | 
"TCP Query User{CF780C53-5EF7-4D04-9F70-AB1FD64264C0}C:\users\public\games\world of warcraft\wow-3.3.0.10958-to-3.3.0.11159-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.0.10958-to-3.3.0.11159-dede-downloader.exe | 
"TCP Query User{E2BEF478-0365-412E-9623-89C034642F90}C:\users\user\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\user\program files\dna\btdna.exe | 
"TCP Query User{E45AFBDA-6D22-42B1-94AB-BAF96F573B5B}C:\users\public\games\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-dede-downloader.exe | 
"TCP Query User{E6A08B8E-5EDC-47FC-817B-415A3AE2C68B}D:\world of warcraft\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\world of warcraft\backgrounddownloader.exe | 
"TCP Query User{EBD33C73-CAA0-4F3D-93B1-1537583F3E11}F:\world of warcraft 1\launcher.exe" = protocol=6 | dir=in | app=f:\world of warcraft 1\launcher.exe | 
"TCP Query User{EC077C06-6357-4765-84C8-AB570DE96989}C:\users\user\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\user\program files\dna\btdna.exe | 
"TCP Query User{F1E0D0F4-F3A3-4C73-916E-C9E5A2A567D5}C:\users\public\games\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe | 
"TCP Query User{F4ED224C-96DF-4790-894A-EB0157AC0260}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | 
"TCP Query User{F52B1F52-3BCB-4FA6-B298-44187FF9B85D}C:\users\public\games\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe | 
"TCP Query User{F74F569A-A073-492D-8F15-84E36272638C}C:\users\public\games\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe | 
"UDP Query User{048489F3-D172-4A5E-98A8-B08040972D16}D:\world of warcraft\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe | 
"UDP Query User{07841906-C7D6-4E0A-91C0-A8652DDB43D0}C:\program files\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe | 
"UDP Query User{08A4E1E5-50CA-47F6-8C8D-284BC26F7EC3}C:\users\user\desktop\wow - kopie - kopie\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\wow - kopie - kopie\backgrounddownloader.exe | 
"UDP Query User{0C088D93-5C59-4C0D-958F-F58633ECCA43}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"UDP Query User{0E104FA0-363B-48B9-8211-02FE1548526C}C:\users\public\games\world of warcraft\blizzard downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\blizzard downloader.exe | 
"UDP Query User{20B4A484-2F8E-4761-8F62-AB2BC00B82F0}F:\world of warcraft 1\launcher.patch.exe" = protocol=17 | dir=in | app=f:\world of warcraft 1\launcher.patch.exe | 
"UDP Query User{2423E96F-4132-42D2-AAE4-5180C5212215}C:\users\public\games\world of warcraft\wow-3.3.2.11403-to-3.3.3.11685-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.2.11403-to-3.3.3.11685-dede-downloader.exe | 
"UDP Query User{2C73BA71-2310-4466-A0C6-E2F78B1C14C5}C:\program files\logitech\logitech vid\vid.exe" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe | 
"UDP Query User{3C16588A-F034-4DC7-9EE6-07E3C8827FEB}C:\users\public\games\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-dede-downloader.exe | 
"UDP Query User{3CF28737-B0FA-4ED2-86AA-7A47A6F4EF64}C:\program files\prettymaybasic\prettymay.exe" = protocol=17 | dir=in | app=c:\program files\prettymaybasic\prettymay.exe | 
"UDP Query User{498899E1-4DCD-4857-A529-C71B8B27D7DC}C:\users\public\games\world of warcraft\temp\wow-4.0.0.2104-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.0.0.2104-enus-tools-downloader.exe | 
"UDP Query User{4AE22E10-D105-4C2F-8528-65E9B9BD34C2}C:\users\user\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\user\program files\dna\btdna.exe | 
"UDP Query User{5032EFDB-3036-4158-87DA-B9723538AC65}C:\users\public\games\world of warcraft\temp\wow-4.2.0.2552-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.2.0.2552-enus-tools-downloader.exe | 
"UDP Query User{5A046992-E3CB-4CBA-B185-F7C942A02127}C:\users\user\desktop\wow - kopie\wow-3.2.0.10192-to-3.3.0.10958-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\wow - kopie\wow-3.2.0.10192-to-3.3.0.10958-dede-downloader.exe | 
"UDP Query User{5C443027-4137-49EC-83D8-73D66D2F710E}C:\users\public\games\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe | 
"UDP Query User{607040B3-D81F-4D72-AE4B-7621822F43A7}C:\users\public\games\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe | 
"UDP Query User{65A82FCA-A52A-4269-8F6F-E482A1AE1BF9}C:\users\user\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\user\appdata\local\akamai\netsession_win.exe | 
"UDP Query User{680CC033-786E-4C6A-ADEF-0D4A656BE69F}C:\program files\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe | 
"UDP Query User{6BED1D77-3037-4E75-A69F-CED42B2C2EE2}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"UDP Query User{6E41EE68-B134-47DF-80AA-353EB1453B02}C:\users\public\games\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe | 
"UDP Query User{863B56EB-68AD-4C56-AFAA-80B21F326087}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"UDP Query User{8B05FA58-7AD0-4072-8098-9F2A8CAE6865}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | 
"UDP Query User{8BB9A4AE-0D30-47B0-A313-B13EC11A5146}C:\users\public\games\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe | 
"UDP Query User{8F8340BA-9652-4820-8F66-9721F17A2470}C:\users\public\games\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe | 
"UDP Query User{9543A2DE-1A08-4191-8158-0A0648318331}C:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.2103-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.2103-enus-tools-downloader.exe | 
"UDP Query User{A706D8D8-C137-4667-AFCB-4FDF6FD03BD6}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | 
"UDP Query User{BC20D295-DA41-4C63-B010-8F369D3F24CB}C:\users\user\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{BD2BCAF3-AA83-4E16-8D2F-2E3FC95EC900}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe | 
"UDP Query User{C1A04F2D-356B-4ED8-AC3B-EBBE0BA49324}C:\users\public\games\world of warcraft\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe | 
"UDP Query User{C2F07296-DFDB-4E0A-AB6E-31D18CA3D39F}C:\users\public\games\world of warcraft\temp\wow-4.0.1.2120-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.0.1.2120-enus-tools-downloader.exe | 
"UDP Query User{C478B475-C361-43A5-9B38-DAF9F1526A1A}C:\users\public\games\world of warcraft\wow-3.3.0.10958-to-3.3.0.11159-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.0.10958-to-3.3.0.11159-dede-downloader.exe | 
"UDP Query User{CD308447-38E7-4E40-B4F7-81F5DEECB53C}C:\users\public\games\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe | 
"UDP Query User{D77B2917-AEA1-49D0-B8AE-8743EADF1A77}F:\world of warcraft 1\temp\wow-4.3-5.0.15890-enus-downloader.exe" = protocol=17 | dir=in | app=f:\world of warcraft 1\temp\wow-4.3-5.0.15890-enus-downloader.exe | 
"UDP Query User{D7C8D59B-6961-43D7-8FE9-6DBB5DA704D6}C:\users\public\games\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe | 
"UDP Query User{DA9C1411-5C75-46E9-8A10-E4210888115C}D:\world of warcraft\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\world of warcraft\backgrounddownloader.exe | 
"UDP Query User{DD436CC3-88ED-42D0-A105-AF68C1AA94EF}C:\users\public\games\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-dede-downloader.exe | 
"UDP Query User{DD5F5B14-7032-499C-A78B-EF69898BF184}C:\users\user\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\user\program files\dna\btdna.exe | 
"UDP Query User{E0CDCB2C-329E-4D2F-BE09-383A52A23C53}D:\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe | 
"UDP Query User{ED91E705-A9C5-429F-9F96-71C5308194AD}F:\world of warcraft 1\temp\wow-4.2.1.2756-enus-tools-downloader.exe" = protocol=17 | dir=in | app=f:\world of warcraft 1\temp\wow-4.2.1.2756-enus-tools-downloader.exe | 
"UDP Query User{F6370810-1E80-4FA9-99D1-B71740ECA6CA}F:\world of warcraft 1\launcher.exe" = protocol=17 | dir=in | app=f:\world of warcraft 1\launcher.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0a942b37-2a6f-4b9f-9470-0d1d3d2de196}" = Nero 9 Essentials
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = PC Performer Manager
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}" = Die Sims™ 3 Diesel Accessoires
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{2217B0B4-35CB-48C6-B640-864DF2F30F99}" = OpenOffice.org 3.2
"{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x32
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3BBFD444-5FAB-49F6-98B1-A1954E831399}" = Die Sims™ 3 Showtime
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = Die Sims™ 3 Late Night
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7FB413C8-3CAD-49F7-A67C-6EFEB4B04050}" = LogMeIn Hamachi
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11807553}" = Hotel Dash Suite Success
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9862E0CB-4727-4FFC-963A-E22A9E9EC10C}" = Creative ZEN V Series (R2)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}" = Die Sims™ 3 Supernatural
"{B4CB2C34-E745-4063-9CD6-F54D46F7F4FE}" = Nitro PDF Reader 2
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = Die Sims™ 3 Einfach tierisch
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{DE4BF4BE-3CDC-43B5-BBDA-DDDA73103111}" = Corel PaintShop Photo Pro X3
"{DE612A3D-0DCC-4055-BB6A-0036F31158A0}" = Setup
"{DE8B9311-ADE7-4EDE-B121-326CAA3D225D}" = PSPPContent
"{DE99075E-7D25-4B96-B32E-BFE6FBFAA644}" = IPM_PSP_CL
"{DEAEB5DB-04FA-489D-94EF-8600898B93EE}" = ICA
"{DEF1928A-FC01-48E7-A7E6-4651D42EF6A1}" = PSPPRO_DCRAW
"{DEF8C145-CC4F-4DAA-AD5C-E707C07AEE50}" = IPM_PSP_COM
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB1AC1F1-8F47-4DCE-A1ED-0DFBA0F455B4}" = Driver Mender
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FFF74EC9-1FF4-4456-99E3-4F05129F4FAB}" = Antares Auto-Tune Evo VST
"5513-1208-7298-9440" = JDownloader 0.9
"Acoustica Effects Pack" = Acoustica Effects Pack
"Acoustica Mixcraft 5" = Acoustica Mixcraft 5
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Akamai" = Akamai NetSession Interface Service
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"Creative Removable Disk Manager" = Creative-Manager für Wechseldatenträger
"Defraggler" = Defraggler
"Deponia 2" = Chaos auf Deponia
"DivX Setup" = DivX-Setup
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"dvdvideosofttoolbar" = DVD Video Soft Toolbar
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.35.1031
"Google Chrome" = Google Chrome
"GPL Ghostscript 8.70" = GPL Ghostscript 8.70
"Hardcopy(C__Program Files_Hardcopy)" = Hardcopy (C:\Program Files\Hardcopy)
"houseworx_is1" = houseworx
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.2.0 (Full)
"Logitech Vid" = Logitech Vid HD
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 17.0 (x86 de)" = Mozilla Firefox 17.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"Picasa 3" = Picasa 3
"PriceGong" = PriceGong 2.6.4
"Sony Ericsson Themes Creator" = Sony Ericsson Themes Creator 4.16.2.6
"SpecialSavings" = SpecialSavings
"SysInfo" = Creative-Systeminformationen
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"ThumbsPlus 3.21" = ThumbsPlus Version 3.21-R
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.5
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
"WinZip Registry Optimizer_is1" = WinZip Registry Optimizer
"World of Warcraft" = World of Warcraft
"ZENcast Organizer" = ZENcast Organizer
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3593604086-429341408-3109665741-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"BitTorrent DNA" = DNA
"Facebook Plug-In" = Facebook Plug-In
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 24.11.2012 15:15:39 | Computer Name = manuu-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 10312
 
Error - 25.11.2012 18:00:33 | Computer Name = manuu-PC | Source = Windows Backup | ID = 4104
Description = 
 
Error - 27.11.2012 18:48:27 | Computer Name = manuu-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 27.11.2012 18:48:27 | Computer Name = manuu-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15584
 
Error - 27.11.2012 18:48:27 | Computer Name = manuu-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15584
 
Error - 28.11.2012 21:14:30 | Computer Name = manuu-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 28.11.2012 21:14:30 | Computer Name = manuu-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15741
 
Error - 28.11.2012 21:14:30 | Computer Name = manuu-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15741
 
Error - 29.11.2012 07:54:35 | Computer Name = manuu-PC | Source = Application Hang | ID = 1002
Description = Programm mbam.exe, Version 1.62.0.140 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: e78    Startzeit: 
01cdcd712cb96a6f    Endzeit: 2181    Anwendungspfad: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

Berichts-ID:
 76c66100-3a1b-11e2-8cb6-0019996ff643  
 
Error - 30.11.2012 11:57:54 | Computer Name = manuu-PC | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.69.0 kann nicht mehr unter Windows ausgeführt
 werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1ee4    Startzeit:
 01cdcf12e9051463    Endzeit: 30    Anwendungspfad: C:\Users\User\Downloads\OTL.exe    Berichts-ID:
   
 
[ Media Center Events ]
Error - 28.09.2010 08:21:23 | Computer Name = manuu-PC | Source = MCUpdate | ID = 0
Description = 14:21:23 - Fehler beim Herstellen der Internetverbindung.  14:21:23 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 28.09.2010 08:21:55 | Computer Name = manuu-PC | Source = MCUpdate | ID = 0
Description = 14:21:52 - Fehler beim Herstellen der Internetverbindung.  14:21:52 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 28.09.2010 09:22:27 | Computer Name = manuu-PC | Source = MCUpdate | ID = 0
Description = 15:22:27 - Fehler beim Herstellen der Internetverbindung.  15:22:27 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 28.09.2010 09:22:57 | Computer Name = manuu-PC | Source = MCUpdate | ID = 0
Description = 15:22:56 - Fehler beim Herstellen der Internetverbindung.  15:22:56 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 09.10.2010 04:37:39 | Computer Name = manuu-PC | Source = MCUpdate | ID = 0
Description = 10:37:35 - Fehler beim Herstellen der Internetverbindung.  10:37:35 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 19.10.2010 07:18:23 | Computer Name = manuu-PC | Source = MCUpdate | ID = 0
Description = 13:18:19 - Fehler beim Herstellen der Internetverbindung.  13:18:19 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 03.11.2010 08:08:03 | Computer Name = manuu-PC | Source = MCUpdate | ID = 0
Description = 13:08:00 - Fehler beim Herstellen der Internetverbindung.  13:08:02 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 03.11.2010 08:08:55 | Computer Name = manuu-PC | Source = MCUpdate | ID = 0
Description = 13:08:38 - Fehler beim Herstellen der Internetverbindung.  13:08:38 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ System Events ]
Error - 28.11.2012 07:27:37 | Computer Name = manuu-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst Wlansvc erreicht.
 
Error - 28.11.2012 19:53:20 | Computer Name = manuu-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 28.11.2012 20:57:39 | Computer Name = manuu-PC | Source = DCOM | ID = 10000
Description = 
 
Error - 29.11.2012 07:59:27 | Computer Name = manuu-PC | Source = DCOM | ID = 10000
Description = 
 
Error - 29.11.2012 09:57:56 | Computer Name = manuu-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 29.11.2012 19:43:56 | Computer Name = manuu-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 29.11.2012 21:42:26 | Computer Name = manuu-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 30.11.2012 08:29:30 | Computer Name = manuu-PC | Source = DCOM | ID = 10000
Description = 
 
Error - 30.11.2012 08:29:25 | Computer Name = manuu-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst ShellHWDetection erreicht.
 
Error - 30.11.2012 08:40:36 | Computer Name = manuu-PC | Source = DCOM | ID = 10000
Description = 
 
 
< End of report >
--- --- ---
__________________
Alt 30.11.2012, 21:12   #4
Belatucradus
 
Malware Problem - Standard

Malware Problem


OTL file:

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 30.11.2012 17:04:31 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\User\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 0,26 Gb Available Physical Memory | 12,84% Memory free
4,00 Gb Paging File | 0,83 Gb Available in Paging File | 20,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 240,67 Gb Total Space | 23,96 Gb Free Space | 9,96% Space Free | Partition Type: NTFS
Drive D: | 225,00 Gb Total Space | 39,26 Gb Free Space | 17,45% Space Free | Partition Type: NTFS
Drive E: | 4,93 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 465,76 Gb Total Space | 198,65 Gb Free Space | 42,65% Space Free | Partition Type: NTFS
 
Computer Name: MANUU-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.11.30 16:51:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
PRC - [2012.11.20 07:16:04 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2012.11.16 14:05:31 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe
PRC - [2012.11.15 00:12:55 | 000,529,744 | ---- | M] (Valve Corporation) -- C:\Programme\Common Files\Steam\SteamService.exe
PRC - [2012.11.15 00:12:17 | 001,353,080 | ---- | M] (Valve Corporation) -- C:\Programme\Steam\Steam.exe
PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.10.10 21:15:04 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.10.09 09:53:36 | 004,441,920 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\User\AppData\Local\Akamai\netsession_win.exe
PRC - [2012.10.02 20:29:14 | 000,864,616 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012.10.02 20:28:55 | 001,820,520 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012.10.02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.09.29 19:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.08.17 15:36:13 | 001,695,776 | ---- | M] () -- C:\ProgramData\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe
PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.03 08:04:58 | 000,507,312 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Common Files\Java\Java Update\jucheck.exe
PRC - [2011.07.29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2011.06.21 18:12:28 | 000,196,912 | ---- | M] (Nitro PDF Software) -- C:\Programme\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
PRC - [2011.03.28 19:31:16 | 000,193,920 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2011.03.28 19:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2011.03.22 22:56:40 | 000,687,448 | ---- | M] () -- C:\Programme\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2011.03.01 22:14:08 | 000,190,808 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011.03.01 22:13:44 | 000,203,096 | ---- | M] () -- C:\Programme\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 13:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.11.20 13:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2010.08.28 22:36:40 | 001,938,880 | ---- | M] (Discordia Limited) -- C:\Programme\Bandoo\Bandoo.exe
PRC - [2010.08.11 13:30:42 | 000,323,392 | ---- | M] (BitTorrent, Inc.) -- C:\Users\User\Program Files\DNA\btdna.exe
PRC - [2010.03.11 13:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) -- c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009.09.06 11:38:06 | 000,071,096 | ---- | M] () -- C:\Programme\CDBurnerXP\NMSAccessU.exe
PRC - [2006.08.07 09:06:38 | 000,700,416 | ---- | M] () -- C:\Programme\Creative\Sync Manager Unicode\CTSyncU.exe
PRC - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.11.20 07:16:18 | 002,400,224 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2012.11.16 14:05:29 | 014,586,808 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_5_502_110.dll
MOD - [2012.11.15 00:12:54 | 020,317,008 | ---- | M] () -- C:\Programme\Steam\bin\libcef.dll
MOD - [2012.11.15 00:12:52 | 001,099,616 | ---- | M] () -- C:\Programme\Steam\bin\avcodec-53.dll
MOD - [2012.11.15 00:12:52 | 000,902,480 | ---- | M] () -- C:\Programme\Steam\bin\chromehtml.dll
MOD - [2012.11.15 00:12:52 | 000,190,816 | ---- | M] () -- C:\Programme\Steam\bin\avformat-53.dll
MOD - [2012.11.15 00:12:52 | 000,123,232 | ---- | M] () -- C:\Programme\Steam\bin\avutil-51.dll
MOD - [2012.08.17 15:36:13 | 002,046,496 | ---- | M] () -- c:\ProgramData\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.dll
MOD - [2012.08.17 15:36:13 | 001,695,776 | ---- | M] () -- C:\ProgramData\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe
MOD - [2011.07.29 00:09:42 | 000,096,112 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
MOD - [2011.06.24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.06.24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.05.28 21:04:56 | 000,140,288 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2011.03.30 17:25:42 | 000,331,608 | ---- | M] () -- C:\Programme\Common Files\LogiShrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
MOD - [2011.03.22 22:56:40 | 000,687,448 | ---- | M] () -- C:\Programme\Common Files\LogiShrd\LQCVFX\COCIManager.exe
MOD - [2011.03.01 22:13:44 | 000,203,096 | ---- | M] () -- C:\Programme\Logitech\LWS\Webcam Software\CameraHelperShell.exe
MOD - [2010.05.07 17:37:40 | 000,126,808 | ---- | M] () -- C:\Programme\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2010.05.07 17:37:40 | 000,027,480 | ---- | M] () -- C:\Programme\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2010.05.07 17:36:54 | 000,340,824 | ---- | M] () -- C:\Programme\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2010.05.07 17:35:56 | 007,954,776 | ---- | M] () -- C:\Programme\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2010.05.07 17:35:44 | 002,143,576 | ---- | M] () -- C:\Programme\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2006.08.07 09:06:38 | 000,700,416 | ---- | M] () -- C:\Programme\Creative\Sync Manager Unicode\CTSyncU.exe
MOD - [2006.05.26 09:11:18 | 000,192,512 | ---- | M] () -- C:\Programme\Creative\Sync Manager Unicode\CTSyncRs.crl
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Disabled | Unknown] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2012.11.20 07:16:13 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.11.16 14:05:32 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.11.15 00:12:55 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.11.12 20:56:37 | 004,539,712 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_ce5ba24.dll -- (Akamai)
SRV - [2012.11.09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.10.10 21:15:04 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.10.02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.08.17 15:36:13 | 001,695,776 | ---- | M] () [Auto | Running] -- C:\ProgramData\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe -- (PC Performer Manager)
SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.06.27 11:29:22 | 001,385,896 | ---- | M] (LogMeIn Inc.) [Disabled | Stopped] -- C:\Programme\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011.06.21 18:12:28 | 000,196,912 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Programme\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe -- (NitroReaderDriverReadSpool2)
SRV - [2011.04.01 06:11:52 | 000,428,640 | ---- | M] (Logitech Inc.) [Disabled | Stopped] -- C:\Programme\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011.03.28 19:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.11.20 13:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.08.28 22:36:40 | 001,938,880 | ---- | M] (Discordia Limited) [Auto | Running] -- C:\Programme\Bandoo\Bandoo.exe -- (Bandoo Coordinator)
SRV - [2010.06.13 21:30:06 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.03.11 13:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009.10.13 07:39:04 | 000,935,208 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.09.06 11:38:06 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\VS7DEBUG\MDM.EXE -- (MDM)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\User\AppData\Local\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - [2012.10.30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.10.30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.10.30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.10.30 23:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.10.30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.10.30 23:51:56 | 000,020,624 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2012.10.15 17:59:28 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012.10.10 21:14:28 | 010,837,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012.09.29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.05.10 07:06:14 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
DRV - [2011.04.01 06:11:10 | 004,333,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUVC.sys -- (LVUVC)
DRV - [2011.04.01 06:09:48 | 000,291,424 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2011.04.01 06:07:52 | 000,020,448 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvbusflt.sys -- (CompFilter)
DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.05.07 17:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009.12.23 10:32:26 | 000,086,016 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TPkd.sys -- (TPkd)
DRV - [2009.09.28 19:57:28 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009.08.13 07:23:02 | 000,022,528 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BthAvrcp.sys -- (BthAvrcp)
DRV - [2009.07.14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x)
DRV - [2009.03.18 15:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2007.10.12 01:00:44 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007.10.12 00:56:22 | 000,490,776 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV561AV.SYS -- (PID_0928)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}: "URL" = hxxp://www.searchqu.com/web?src=ieb&q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-3593604086-429341408-3109665741-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3227980
IE - HKU\S-1-5-21-3593604086-429341408-3109665741-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://eu.ask.com/web?l=dis&o=APN10020&gct=hp&apn_dtid=^YYYYYY^YY^AT&apn_ptnrs=^A4G &apn_uid=1012507313224423&p2=^A4G ^YYYYYY^YY^AT
IE - HKU\S-1-5-21-3593604086-429341408-3109665741-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3593604086-429341408-3109665741-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
IE - HKU\S-1-5-21-3593604086-429341408-3109665741-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CD 2A 9E 8C EC 00 CB 01  [binary data]
IE - HKU\S-1-5-21-3593604086-429341408-3109665741-1000\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-3593604086-429341408-3109665741-1000\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3593604086-429341408-3109665741-1000\..\URLSearchHook: {cd8812d4-e5b8-41c6-94d4-59872a484bf1} - C:\Programme\dvdvideosofttoolbar\dvdvideosofttoolbarX.dll ()
IE - HKU\S-1-5-21-3593604086-429341408-3109665741-1000\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}\InprocServer32 File not found
IE - HKU\S-1-5-21-3593604086-429341408-3109665741-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3593604086-429341408-3109665741-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3593604086-429341408-3109665741-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=15627
IE - HKU\S-1-5-21-3593604086-429341408-3109665741-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-3593604086-429341408-3109665741-1000\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}: "URL" = hxxp://www.searchqu.com/web?src=ieb&q={searchTerms}
IE - HKU\S-1-5-21-3593604086-429341408-3109665741-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKU\S-1-5-21-3593604086-429341408-3109665741-1000\..\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}: "URL" = hxxp://eu.ask.com/web?l=dis&o=APN10020&gct=sb&qsrc=2869&apn_dtid=^YYYYYY^YY^AT&apn_ptnrs=^A4G &apn_uid=1012507313224423&p2=^A4G ^YYYYYY^YY^AT&q={searchTerms}
IE - HKU\S-1-5-21-3593604086-429341408-3109665741-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3593604086-429341408-3109665741-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>;*.local
 
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "appbario8 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.3&q="
FF - prefs.js..browser.search.order.1: "appbario8 Customized Web Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.3
FF - prefs.js..extensions.enabledAddons: %7B8A9386B4-E958-4c4c-ADF4-8F26DB3E4829%7D:2.6.8
FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.2.1.7
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3227980&SearchSource=2&q="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\NitroPDF: C:\Program Files\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF - HKCU\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Users\User\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\User\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.11.14 17:54:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.11.22 15:22:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.08 11:47:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}: C:\Users\User\Program Files\DNA [2012.11.30 13:41:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\firefox@bandoo.com: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles/ijldys6d.default\extensions\firefox@bandoo.com
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\specialsavings@superfish.com: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles/ijldys6d.default\extensions\specialsavings@superfish.com [2012.09.12 14:23:14 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012.08.17 15:36:18 | 000,000,000 | ---D | M]
 
[2010.05.31 18:19:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions
[2012.11.23 13:43:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ijldys6d.default\extensions
[2011.06.02 18:06:07 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ijldys6d.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2012.11.17 18:59:19 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ijldys6d.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2012.11.07 21:11:06 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ijldys6d.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2012.10.30 13:02:46 | 000,000,000 | ---D | M] (PriceGong) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ijldys6d.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}
[2012.11.22 15:22:20 | 000,000,000 | ---D | M] ("DVDVideoSoft YouTube MP3 and Video Download") -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ijldys6d.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.11.23 13:43:33 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ijldys6d.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2012.11.19 17:23:19 | 000,000,000 | ---D | M] ("Savings Sidekick") -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ijldys6d.default\extensions\crossriderapp5060@crossrider.com
[2012.10.07 17:07:17 | 000,000,000 | ---D | M] (FDislike) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ijldys6d.default\extensions\fbdislike@doweb.fr
[2012.09.15 19:13:39 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ijldys6d.default\extensions\ich@maltegoetz.de
[2012.09.12 14:23:14 | 000,000,000 | ---D | M] (SpecialSavings) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ijldys6d.default\extensions\specialsavings@superfish.com
[2012.11.19 17:23:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ijldys6d.default\extensions\crossriderapp5060@crossrider.com\chrome\content\extensionCode
[2012.10.07 17:07:16 | 000,215,605 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\ijldys6d.default\extensions\fbdislike@doweb.fr.xpi
[2012.11.22 13:43:02 | 000,035,614 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\ijldys6d.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2012.11.23 13:43:03 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\ijldys6d.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2010.05.31 20:09:46 | 000,001,819 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\ijldys6d.default\searchplugins\bing.xml
[2010.08.08 18:44:12 | 000,000,873 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\ijldys6d.default\searchplugins\bProtect.xml
[2010.08.08 18:44:12 | 000,000,873 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\ijldys6d.default\searchplugins\conduit.xml
[2012.11.24 00:27:38 | 000,000,950 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\ijldys6d.default\searchplugins\icqplugin-1.xml
[2012.02.07 13:56:09 | 000,000,950 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\ijldys6d.default\searchplugins\icqplugin-2.xml
[2011.03.30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\ijldys6d.default\searchplugins\icqplugin.xml
[2010.08.05 16:09:41 | 000,002,057 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\ijldys6d.default\searchplugins\youtube-videosuche.xml
[2010.05.31 18:21:26 | 000,004,140 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\ijldys6d.default\searchplugins\youtube.xml
[2012.11.22 15:22:10 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.11.20 07:17:00 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.11.20 08:13:26 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.04.18 16:51:51 | 000,002,276 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\ask.xml
[2010.11.09 17:51:28 | 000,002,226 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012.11.20 08:13:26 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.11.20 08:13:26 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.11.20 08:13:26 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.04.12 13:01:50 | 000,005,495 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchquWebSearch.xml
[2012.11.20 08:13:26 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.11.20 08:13:26 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
 
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Shopping Assistant Plugin) - {1631550F-191D-4826-B069-D9439253D926} - C:\Programme\PriceGong\2.6.4\PriceGongIE.dll (PriceGong)
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.15.10\bh\BabylonToolbar.dll File not found
O2 - BHO: (SpecialSavings) - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Programme\SpecialSavings\SpecialSavingsSinged.dll (SpecialSavings)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Babylon IE plugin) - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll File not found
O2 - BHO: (DVD Video Soft Toolbar) - {cd8812d4-e5b8-41c6-94d4-59872a484bf1} - C:\Programme\dvdvideosofttoolbar\dvdvideosofttoolbarX.dll ()
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (BandooIEPlugin Class) - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - Reg Error: Value error. File not found
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll File not found
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.15.10\BabylonToolbarTlbr.dll File not found
O3 - HKLM\..\Toolbar: (DVD Video Soft Toolbar) - {cd8812d4-e5b8-41c6-94d4-59872a484bf1} - C:\Programme\dvdvideosofttoolbar\dvdvideosofttoolbarX.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll File not found
O3 - HKU\S-1-5-21-3593604086-429341408-3109665741-1000\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart File not found
O4 - HKLM..\Run: [BabylonToolbar] "C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.15.10\BabylonToolbarsrv.exe" /md I File not found
O4 - HKLM..\Run: [Corel File Shell Monitor] c:\Program Files\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe File not found
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKU\S-1-5-21-3593604086-429341408-3109665741-1000..\Run: [4shared Desktop] "C:\Program Files\4shared Desktop\desktop.exe" "startup" File not found
O4 - HKU\S-1-5-21-3593604086-429341408-3109665741-1000..\Run: [Akamai NetSession Interface] C:\Users\User\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-3593604086-429341408-3109665741-1000..\Run: [BitTorrent DNA] C:\Users\User\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-3593604086-429341408-3109665741-1000..\Run: [CTSyncU.exe] C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe ()
O4 - HKU\S-1-5-21-3593604086-429341408-3109665741-1000..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent                                                                                                                                                                                                                  File not found
O4 - HKU\S-1-5-21-3593604086-429341408-3109665741-1000..\Run: [Facebook Update] C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-3593604086-429341408-3109665741-1000..\Run: [GoogleChromeAutoLaunch_BCEA24321E5E4F1401136BBEDFB545FE] C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\S-1-5-21-3593604086-429341408-3109665741-1000..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background File not found
O4 - HKU\S-1-5-21-3593604086-429341408-3109665741-1000..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3593604086-429341408-3109665741-1006..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\User\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm File not found
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: SpecialSavings - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - C:\Programme\SpecialSavings\SpecialSavingsSinged.dll (SpecialSavings)
O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/mjss/MJSS.cab109791.cab ()
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{322C8882-CB42-4C6F-8D80-95B407A70B65}: DhcpNameServer = 194.183.128.35 194.183.128.36
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{80308457-6C55-456A-B170-30378499DEDA}: DhcpNameServer = 194.48.139.254 194.48.124.200
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll File not found
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~2\pcperf~1\22558~1.177\{16cdf~1\%prote~1.dll) - c:\ProgramData\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.dll ()
O20 - AppInit_DLLs: (c:\progra~1\bandoo\bndhook.dll) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012.07.31 02:20:10 | 000,055,176 | R--- | M] (Electronic Arts) - E:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2012.05.22 22:23:10 | 000,000,049 | R--- | M] () - E:\Autorun.inf -- [ UDF ]
O32 - AutoRun File - [2009.09.07 16:45:27 | 000,000,067 | ---- | M] () - F:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{a9316448-3efb-11df-a434-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a9316448-3efb-11df-a434-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe -- [2012.07.31 02:20:10 | 000,055,176 | R--- | M] (Electronic Arts)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - C:\Programme\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (hxxp://www.mp3dev.org/)
Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.I420 - C:\Windows\System32\LVCodec2.dll (Logitech Inc.)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.11.30 16:51:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2012.11.27 19:33:47 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Malwarebytes
[2012.11.27 19:30:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.11.27 19:29:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.11.27 19:29:46 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.11.27 19:29:46 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.11.22 17:49:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.11.22 17:49:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012.11.22 15:22:12 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.11.20 23:40:11 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\NVIDIA
[2012.11.19 14:01:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012.11.19 13:48:00 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012.11.15 00:11:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2012.11.15 00:11:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2012.11.15 00:11:46 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2012.11.14 22:17:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012.11.14 17:22:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.11.14 17:19:55 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.11.14 17:19:46 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.11.14 17:19:46 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2012.11.14 17:17:43 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012.11.04 22:23:52 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2012.11.04 22:23:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.30 16:51:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2012.11.30 16:41:02 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.30 15:01:01 | 000,000,282 | ---- | M] () -- C:\Windows\tasks\Registry Optimizer_DEFAULT.job
[2012.11.30 13:48:48 | 000,014,240 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.30 13:48:48 | 000,014,240 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.30 13:40:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.30 13:40:22 | 1609,371,648 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.28 16:45:03 | 000,000,290 | ---- | M] () -- C:\Windows\tasks\Registry Optimizer_UPDATES.job
[2012.11.22 15:22:15 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.11.16 13:50:11 | 000,432,872 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.11.16 13:46:52 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.11.16 13:46:52 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.11.16 13:46:52 | 000,129,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.11.16 13:46:52 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.11.15 00:11:58 | 000,000,881 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2012.11.14 22:18:39 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.11.07 16:05:40 | 000,263,186 | ---- | M] () -- C:\Users\User\Desktop\Minecraft_1-4-2.exe
 
========== Files Created - No Company Name ==========
 
[2012.11.22 15:22:15 | 000,001,123 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.11.22 15:22:15 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.11.16 13:35:01 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.11.16 13:32:51 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.11.15 00:11:58 | 000,000,881 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2012.11.07 16:05:39 | 000,263,186 | ---- | C] () -- C:\Users\User\Desktop\Minecraft_1-4-2.exe
[2012.06.30 14:04:27 | 000,017,408 | ---- | C] () -- C:\Users\User\AppData\Local\WebpageIcons.db
[2011.09.15 17:13:14 | 004,762,808 | ---- | C] () -- C:\Users\User\Casper- Michael X.mp3
[2011.09.15 17:13:14 | 004,494,472 | ---- | C] () -- C:\Users\User\Casper - So perfekt.mp3
[2011.07.02 02:13:10 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011.04.01 06:07:02 | 010,877,272 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2011.04.01 06:07:02 | 000,102,744 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2011.04.01 06:06:56 | 000,331,608 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2011.04.01 05:56:00 | 000,027,872 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2011.03.22 22:58:22 | 000,014,168 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2010.10.01 20:25:50 | 000,000,088 | RHS- | C] () -- C:\ProgramData\0505144FF1.sys
[2010.10.01 20:25:49 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.09.11 18:15:25 | 000,000,099 | ---- | C] () -- C:\Users\User\jagex_runescape_preferences2.dat
[2010.09.11 18:14:15 | 000,000,046 | ---- | C] () -- C:\Users\User\jagex_runescape_preferences.dat
[2010.06.16 22:33:13 | 000,000,157 | ---- | C] () -- C:\Users\User\AppData\Roaming\default.rss
[2010.06.01 20:02:18 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2011.01.05 23:16:53 | 000,000,000 | ---D | M] -- C:\Users\Bettina\AppData\Roaming\Babylon
[2010.11.11 22:32:28 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\Babylon
[2010.09.16 11:28:02 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\Bandoo
[2010.07.28 16:01:06 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\IrfanView
[2010.07.27 12:35:35 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\TeamViewer
[2010.11.11 23:10:13 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\Babylon
[2011.12.30 10:50:49 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\TS3Client
[2012.09.10 22:00:31 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\.minecraft
[2012.06.22 17:42:44 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\4shared Desktop
[2011.07.11 14:01:15 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Acoustica
[2011.07.11 13:12:45 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Antares
[2012.04.18 16:51:50 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Ask.com
[2012.08.17 12:39:47 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\AVG2012
[2010.11.21 01:54:55 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Babylon
[2010.09.15 18:37:53 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Bandoo
[2010.04.06 07:18:40 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Canneverbe_Limited
[2012.11.30 17:11:37 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DNA
[2012.11.04 22:24:29 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DVDVideoSoft
[2012.09.17 13:05:49 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.06.26 22:11:09 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Facebook
[2012.08.17 14:57:55 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\go
[2010.04.06 07:19:15 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\IrfanView
[2012.08.17 14:41:11 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\KIDDINX
[2010.09.22 17:10:51 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Leadertech
[2012.10.29 13:52:50 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\LolClient
[2011.09.06 15:45:42 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Nico Mak Computing
[2012.10.22 21:28:55 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Nitro PDF
[2011.09.06 15:45:30 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\OpenCandy
[2010.04.06 07:29:37 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\OpenOffice.org
[2012.09.12 11:26:02 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Origin
[2011.07.27 19:33:19 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PhotoScape
[2010.07.05 14:39:15 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PlayFirst
[2011.11.18 22:56:23 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PrettyMay
[2011.07.11 14:01:26 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\SynthMaker
[2011.10.06 10:48:52 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TeamViewer
[2012.06.26 12:24:53 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TS3Client
[2011.08.14 11:46:01 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ts3overlay
[2012.08.17 14:11:24 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TuneUp Software
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012.09.24 23:11:13 | 000,000,000 | -H-D | M] -- C:\$AVG
[2012.08.28 12:11:27 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2010.09.11 18:14:15 | 000,000,000 | ---D | M] -- C:\.jagex_cache_32
[2009.07.14 05:53:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2010.04.03 10:22:39 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2011.08.31 22:03:13 | 000,000,000 | -HSD | M] -- C:\found.000
[2009.07.14 03:37:05 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.11.28 17:28:59 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.11.28 17:28:59 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2010.04.03 10:22:39 | 000,000,000 | -HSD | M] -- C:\Programme
[2010.04.03 10:22:39 | 000,000,000 | -HSD | M] -- C:\Recovery
[2010.06.01 19:51:36 | 000,000,000 | -HSD | M] -- C:\RECYCLER
[2012.10.26 11:49:12 | 000,000,000 | ---D | M] -- C:\Riot Games
[2012.11.30 17:08:35 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.03.07 17:12:05 | 000,000,000 | ---D | M] -- C:\ts3overlay
[2012.11.19 13:52:36 | 000,000,000 | R--D | M] -- C:\Users
[2012.11.19 14:00:26 | 000,000,000 | ---D | M] -- C:\Windows
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.09.10 22:00:31 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\.minecraft
[2012.06.22 17:42:44 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\4shared Desktop
[2011.07.11 14:01:15 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Acoustica
[2012.10.21 18:58:51 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Adobe
[2011.07.11 13:12:45 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Antares
[2012.04.22 18:21:28 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Apple Computer
[2012.04.18 16:51:50 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Ask.com
[2012.08.17 12:39:47 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\AVG2012
[2010.11.21 01:54:55 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Babylon
[2010.09.15 18:37:53 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Bandoo
[2010.04.06 07:18:40 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Canneverbe_Limited
[2010.10.01 20:25:50 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Corel
[2012.04.03 12:37:04 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Creative
[2010.09.09 18:22:49 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DivX
[2012.11.30 17:11:37 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DNA
[2012.11.04 22:24:29 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DVDVideoSoft
[2012.09.17 13:05:49 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.06.26 22:11:09 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Facebook
[2012.08.17 14:57:55 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\go
[2010.04.03 10:23:06 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Identities
[2010.04.06 07:19:15 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\IrfanView
[2012.08.17 14:41:11 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\KIDDINX
[2010.09.22 17:10:51 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Leadertech
[2012.10.29 13:52:50 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\LolClient
[2010.04.03 11:43:36 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Macromedia
[2012.11.27 19:33:47 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Malwarebytes
[2009.07.14 08:48:18 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Media Center Programs
[2010.12.07 22:44:22 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Media Player Classic
[2012.06.12 16:12:33 | 000,000,000 | --SD | M] -- C:\Users\User\AppData\Roaming\Microsoft
[2010.09.15 18:37:50 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Mozilla
[2011.11.07 23:47:43 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Nero
[2011.09.06 15:45:42 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Nico Mak Computing
[2012.10.22 21:28:55 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Nitro PDF
[2012.11.20 23:40:11 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\NVIDIA
[2011.09.06 15:45:30 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\OpenCandy
[2010.04.06 07:29:37 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\OpenOffice.org
[2012.09.12 11:26:02 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Origin
[2011.07.27 19:33:19 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PhotoScape
[2010.07.05 14:39:15 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PlayFirst
[2011.11.18 22:56:23 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PrettyMay
[2012.11.30 17:04:25 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Skype
[2011.05.28 18:00:29 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\skypePM
[2011.07.11 14:01:26 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\SynthMaker
[2011.10.06 10:48:52 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TeamViewer
[2012.06.26 12:24:53 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TS3Client
[2011.08.14 11:46:01 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ts3overlay
[2012.08.17 14:11:24 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TuneUp Software
[2012.11.30 02:25:21 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\vlc
[2011.10.17 12:09:46 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2010.06.26 22:11:09 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Users\User\AppData\Roaming\Facebook\uninstall.exe
[2010.09.30 16:55:58 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\User\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2012.03.21 09:01:17 | 000,010,134 | R--- | M] () -- C:\Users\User\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2011.09.06 15:45:33 | 000,416,160 | ---- | M] () -- C:\Users\User\AppData\Roaming\OpenCandy\OpenCandy_CC917CFB63C9442080DD84E0914D2E9E\LatestDLMgr.exe
[2011.09.06 15:46:42 | 030,854,744 | ---- | M] () -- C:\Users\User\AppData\Roaming\OpenCandy\OpenCandy_CC917CFB63C9442080DD84E0914D2E9E\NitroPDFGe32_p2v1Installer.exe
 
< %SYSTEMROOT%\system32\drivers\*.sys /lockedfiles >
 
< %SYSTEMROOT%\System32\config\*.sav >
 
< %SYSTEMROOT%\*. /mp /s >
 
< %SYSTEMROOT%\system32\*.dll /lockedfiles >
[2009.07.14 02:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\LocationApi.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:3AE22B1A
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:30376ACC
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >
--- --- ---
Alt 30.11.2012, 21:54   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Malware Problem - Standard

Malware Problem


Bitte nun Logs mit GMER (<<< klick für Anleitung) und aswMBR (Anleitung etwas weiter unten) erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim zweiten Mal nicht will, lass es einfach weg und führ nur aswMBR aus.

aswMBR-Download => aswMBR.exe - speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe Vista und Win7 User mit Rechtsklick "als Admininstartor starten"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 02.12.2012, 20:24   #6
Belatucradus
 
Malware Problem - Standard

Malware Problem


Moin, cosinus & Danke für deine Hilfe.
Hier die files.
--------------------

Code:
ATTFilter
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-02 13:52:04
-----------------------------
13:52:04.556    OS Version: Windows 6.1.7601 Service Pack 1
13:52:04.556    Number of processors: 2 586 0x170A
13:52:04.556    ComputerName: MANUU-PC  UserName: User
13:52:13.885    Initialize success
13:52:14.837    AVAST engine defs: 12120101
13:52:20.437    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
13:52:20.437    Disk 0 Vendor: WDC_WD5000AAKS-00V1A0 05.01D05 Size: 476940MB BusType: 3
13:52:20.437    Disk 0 MBR read successfully
13:52:20.453    Disk 0 MBR scan
13:52:20.453    Disk 0 Windows 7 default MBR code
13:52:20.453    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
13:52:20.468    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       246441 MB offset 206848
13:52:20.484    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       230396 MB offset 504918016
13:52:20.500    Disk 0 scanning sectors +976769024
13:52:20.562    Disk 0 scanning C:\Windows\system32\drivers
13:52:31.872    Service scanning
13:52:51.717    Modules scanning
13:52:59.957    Disk 0 trace - called modules:
13:52:59.973    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys 
13:52:59.973    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86224a58]
13:52:59.973    3 CLASSPNP.SYS[8917959e] -> nt!IofCallDriver -> [0x85497298]
13:52:59.973    5 ACPI.sys[83cc83d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x854ca610]
13:53:01.002    AVAST engine scan C:\Windows
13:53:02.999    AVAST engine scan C:\Windows\system32
13:54:54.620    AVAST engine scan C:\Windows\system32\drivers
13:55:03.419    AVAST engine scan C:\Users\User
14:13:51.745    AVAST engine scan C:\ProgramData
14:17:39.601    Scan finished successfully
14:18:40.909    Disk 0 MBR has been saved successfully to "C:\Users\User\Desktop\MBR.dat"
14:18:40.925    The log file has been saved successfully to "C:\Users\User\Desktop\aswMBR.txt"
Hier, die Gmer
Als Anhängsdatei ! =)
Da ich zu dumm für das Hochladen etc. war
Hier bitte:
Rapidshare.

https://rapidshare.com/#download|466|3943585408|GMER.zip|41


Thankee... yoU!
Geändert von Belatucradus (02.12.2012 um 20:24 Uhr) Grund: Code vergessen.

Alt 03.12.2012, 13:16   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Malware Problem - Standard

Malware Problem


Bitte nicht rapidshare! Ich hab da immer Probleme beim Download!
Und das GMER-Log muss nur als Anhang wenn es zu groß ist.

Bitte beachten! => http://www.trojaner-board.de/69886-a...tml#post566999
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 05.12.2012, 17:44   #8
Belatucradus
 
Malware Problem - Standard

Malware Problem


Hier bitte ! =)

Alt 06.12.2012, 08:37   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Malware Problem - Standard

Malware Problem


Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehlalarm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 06.12.2012, 18:16   #10
Belatucradus
 
Malware Problem - Standard

Malware Problem


Hallo & danke, cosinus



Code:
ATTFilter
 14:25:10.0591 2152  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:25:11.0047 2152  ============================================================
14:25:11.0047 2152  Current date / time: 2012/12/06 14:25:11.0047
14:25:11.0047 2152  SystemInfo:
14:25:11.0047 2152  
14:25:11.0047 2152  OS Version: 6.1.7601 ServicePack: 1.0
14:25:11.0047 2152  Product type: Workstation
14:25:11.0047 2152  ComputerName: MANUU-PC
14:25:11.0047 2152  UserName: User
14:25:11.0047 2152  Windows directory: C:\Windows
14:25:11.0048 2152  System windows directory: C:\Windows
14:25:11.0048 2152  Processor architecture: Intel x86
14:25:11.0048 2152  Number of processors: 2
14:25:11.0048 2152  Page size: 0x1000
14:25:11.0048 2152  Boot type: Normal boot
14:25:11.0048 2152  ============================================================
14:25:12.0578 2152  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:25:12.0767 2152  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:25:16.0680 2152  ============================================================
14:25:16.0680 2152  \Device\Harddisk0\DR0:
14:25:16.0719 2152  MBR partitions:
14:25:16.0719 2152  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:25:16.0719 2152  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1E154800
14:25:16.0719 2152  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1E187000, BlocksNum 0x1C1FE000
14:25:16.0719 2152  \Device\Harddisk1\DR1:
14:25:16.0720 2152  MBR partitions:
14:25:16.0720 2152  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
14:25:16.0720 2152  ============================================================
14:25:16.0827 2152  C: <-> \Device\Harddisk0\DR0\Partition2
14:25:16.0916 2152  D: <-> \Device\Harddisk0\DR0\Partition3
14:25:16.0922 2152  F: <-> \Device\Harddisk1\DR1\Partition1
14:25:17.0077 2152  ============================================================
14:25:17.0078 2152  Initialize success
14:25:17.0078 2152  ============================================================
14:25:39.0882 0696  ============================================================
14:25:39.0882 0696  Scan started
14:25:39.0882 0696  Mode: Manual; SigCheck; TDLFS; 
14:25:39.0882 0696  ============================================================
14:25:41.0565 0696  ================ Scan system memory ========================
14:25:41.0566 0696  System memory - ok
14:25:41.0566 0696  ================ Scan services =============================
14:25:41.0674 0696  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:25:42.0003 0696  1394ohci - ok
14:25:42.0019 0696  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:25:42.0038 0696  ACPI - ok
14:25:42.0048 0696  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:25:42.0123 0696  AcpiPmi - ok
14:25:42.0261 0696  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
14:25:42.0307 0696  AdobeARMservice - ok
14:25:42.0348 0696  [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:25:42.0380 0696  AdobeFlashPlayerUpdateSvc - ok
14:25:42.0419 0696  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
14:25:42.0441 0696  adp94xx - ok
14:25:42.0456 0696  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
14:25:42.0476 0696  adpahci - ok
14:25:42.0489 0696  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
14:25:42.0505 0696  adpu320 - ok
14:25:42.0526 0696  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:25:42.0635 0696  AeLookupSvc - ok
14:25:42.0661 0696  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
14:25:42.0710 0696  AFD - ok
14:25:42.0743 0696  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
14:25:42.0758 0696  agp440 - ok
14:25:42.0774 0696  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
14:25:42.0790 0696  aic78xx - ok
14:25:42.0929 0696  [ B9B98E08EC127900025F42462D3D0A66 ] Akamai          c:\program files\common files\akamai/netsession_win_ce5ba24.dll
14:25:42.0929 0696  Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_ce5ba24.dll. md5: B9B98E08EC127900025F42462D3D0A66
14:25:42.0940 0696  Akamai ( HiddenFile.Multi.Generic ) - warning
14:25:42.0940 0696  Akamai - detected HiddenFile.Multi.Generic (1)
14:25:42.0972 0696  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
14:25:43.0042 0696  ALG - ok
14:25:43.0055 0696  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:25:43.0070 0696  aliide - ok
14:25:43.0085 0696  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
14:25:43.0100 0696  amdagp - ok
14:25:43.0114 0696  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
14:25:43.0128 0696  amdide - ok
14:25:43.0141 0696  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
14:25:43.0186 0696  AmdK8 - ok
14:25:43.0199 0696  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
14:25:43.0259 0696  AmdPPM - ok
14:25:43.0306 0696  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:25:43.0338 0696  amdsata - ok
14:25:43.0376 0696  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
14:25:43.0411 0696  amdsbs - ok
14:25:43.0424 0696  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:25:43.0439 0696  amdxata - ok
14:25:43.0473 0696  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
14:25:43.0573 0696  AppID - ok
14:25:43.0591 0696  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:25:43.0685 0696  AppIDSvc - ok
14:25:43.0728 0696  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo         C:\Windows\System32\appinfo.dll
14:25:43.0831 0696  Appinfo - ok
14:25:43.0998 0696  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:25:44.0025 0696  Apple Mobile Device - ok
14:25:44.0067 0696  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
14:25:44.0099 0696  arc - ok
14:25:44.0110 0696  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
14:25:44.0126 0696  arcsas - ok
14:25:44.0182 0696  [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
14:25:44.0201 0696  aswFsBlk - ok
14:25:44.0246 0696  [ E2FEE0486D68BF85355D3EDA1A24FF68 ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
14:25:44.0259 0696  aswKbd - ok
14:25:44.0293 0696  [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
14:25:44.0307 0696  aswMonFlt - ok
14:25:44.0334 0696  [ 81F638A2DD94ABBF0B43880AB38D8DBD ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
14:25:44.0347 0696  aswRdr - ok
14:25:44.0394 0696  [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
14:25:44.0419 0696  aswSnx - ok
14:25:44.0479 0696  [ 67B558895695545FB0568B7541F3BCA7 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
14:25:44.0498 0696  aswSP - ok
14:25:44.0522 0696  [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
14:25:44.0535 0696  aswTdi - ok
14:25:44.0546 0696  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:25:44.0674 0696  AsyncMac - ok
14:25:44.0724 0696  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
14:25:44.0738 0696  atapi - ok
14:25:44.0872 0696  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:25:44.0957 0696  AudioEndpointBuilder - ok
14:25:44.0966 0696  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
14:25:44.0996 0696  Audiosrv - ok
14:25:45.0111 0696  [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
14:25:45.0137 0696  avast! Antivirus - ok
14:25:45.0168 0696  avast! Firewall - ok
14:25:45.0212 0696  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:25:45.0341 0696  AxInstSV - ok
14:25:45.0369 0696  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
14:25:45.0453 0696  b06bdrv - ok
14:25:45.0472 0696  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
14:25:45.0501 0696  b57nd60x - ok
14:25:45.0582 0696  [ BB8199199A0DFA0BF1B8275344580E49 ] Bandoo Coordinator C:\PROGRA~1\Bandoo\Bandoo.exe
14:25:45.0650 0696  Bandoo Coordinator - ok
14:25:45.0703 0696  [ EB7C2DADF52F50F69F198C14C3556DC1 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl6.sys
14:25:45.0791 0696  BCM43XX - ok
14:25:45.0835 0696  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:25:45.0935 0696  BDESVC - ok
14:25:45.0947 0696  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:25:46.0046 0696  Beep - ok
14:25:46.0095 0696  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
14:25:46.0198 0696  BFE - ok
14:25:46.0240 0696  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\System32\qmgr.dll
14:25:46.0328 0696  BITS - ok
14:25:46.0350 0696  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
14:25:46.0366 0696  blbdrive - ok
14:25:46.0466 0696  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:25:46.0501 0696  Bonjour Service - ok
14:25:46.0526 0696  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:25:46.0566 0696  bowser - ok
14:25:46.0582 0696  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:25:46.0608 0696  BrFiltLo - ok
14:25:46.0623 0696  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:25:46.0653 0696  BrFiltUp - ok
14:25:46.0689 0696  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
14:25:46.0733 0696  Browser - ok
14:25:46.0750 0696  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:25:46.0839 0696  Brserid - ok
14:25:46.0854 0696  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:25:46.0925 0696  BrSerWdm - ok
14:25:46.0937 0696  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:25:46.0960 0696  BrUsbMdm - ok
14:25:46.0971 0696  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:25:46.0995 0696  BrUsbSer - ok
14:25:47.0021 0696  [ DB99076533FFB38CBEC8AC88E4535850 ] BthAvrcp        C:\Windows\system32\DRIVERS\BthAvrcp.sys
14:25:47.0060 0696  BthAvrcp - ok
14:25:47.0096 0696  [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
14:25:47.0283 0696  BthEnum - ok
14:25:47.0312 0696  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
14:25:47.0359 0696  BTHMODEM - ok
14:25:47.0379 0696  [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
14:25:47.0405 0696  BthPan - ok
14:25:47.0426 0696  [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
14:25:47.0516 0696  BTHPORT - ok
14:25:47.0541 0696  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
14:25:47.0578 0696  bthserv - ok
14:25:47.0592 0696  [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
14:25:47.0613 0696  BTHUSB - ok
14:25:47.0634 0696  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:25:47.0673 0696  cdfs - ok
14:25:47.0717 0696  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
14:25:47.0756 0696  cdrom - ok
14:25:47.0797 0696  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
14:25:47.0862 0696  CertPropSvc - ok
14:25:47.0896 0696  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
14:25:47.0920 0696  circlass - ok
14:25:47.0943 0696  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
14:25:47.0976 0696  CLFS - ok
14:25:48.0032 0696  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:25:48.0062 0696  clr_optimization_v2.0.50727_32 - ok
14:25:48.0117 0696  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:25:48.0163 0696  clr_optimization_v4.0.30319_32 - ok
14:25:48.0183 0696  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
14:25:48.0227 0696  CmBatt - ok
14:25:48.0263 0696  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:25:48.0277 0696  cmdide - ok
14:25:48.0318 0696  [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG             C:\Windows\system32\Drivers\cng.sys
14:25:48.0343 0696  CNG - ok
14:25:48.0354 0696  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
14:25:48.0369 0696  Compbatt - ok
14:25:48.0390 0696  [ F77390678B3C2FA7ED82EA034D582355 ] CompFilter      C:\Windows\system32\DRIVERS\lvbusflt.sys
14:25:48.0402 0696  CompFilter - ok
14:25:48.0440 0696  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
14:25:48.0483 0696  CompositeBus - ok
14:25:48.0492 0696  COMSysApp - ok
14:25:48.0593 0696  cpuz132 - ok
14:25:48.0605 0696  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
14:25:48.0620 0696  crcdisk - ok
14:25:48.0666 0696  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:25:48.0735 0696  CryptSvc - ok
14:25:48.0772 0696  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:25:48.0812 0696  DcomLaunch - ok
14:25:48.0841 0696  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
14:25:48.0879 0696  defragsvc - ok
14:25:48.0913 0696  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:25:48.0943 0696  DfsC - ok
14:25:48.0986 0696  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:25:49.0089 0696  Dhcp - ok
14:25:49.0099 0696  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
14:25:49.0132 0696  discache - ok
14:25:49.0162 0696  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
14:25:49.0177 0696  Disk - ok
14:25:49.0196 0696  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:25:49.0241 0696  Dnscache - ok
14:25:49.0279 0696  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:25:49.0318 0696  dot3svc - ok
14:25:49.0369 0696  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
14:25:49.0421 0696  DPS - ok
14:25:49.0444 0696  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:25:49.0471 0696  drmkaud - ok
14:25:49.0493 0696  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:25:49.0521 0696  DXGKrnl - ok
14:25:49.0543 0696  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
14:25:49.0581 0696  EapHost - ok
14:25:49.0650 0696  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
14:25:49.0740 0696  ebdrv - ok
14:25:49.0756 0696  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
14:25:49.0844 0696  EFS - ok
14:25:49.0908 0696  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:25:50.0012 0696  ehRecvr - ok
14:25:50.0031 0696  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
14:25:50.0074 0696  ehSched - ok
14:25:50.0102 0696  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
14:25:50.0125 0696  elxstor - ok
14:25:50.0156 0696  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:25:50.0182 0696  ErrDev - ok
14:25:50.0217 0696  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
14:25:50.0259 0696  EventSystem - ok
14:25:50.0273 0696  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
14:25:50.0302 0696  exfat - ok
14:25:50.0319 0696  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:25:50.0359 0696  fastfat - ok
14:25:50.0396 0696  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
14:25:50.0463 0696  Fax - ok
14:25:50.0475 0696  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
14:25:50.0496 0696  fdc - ok
14:25:50.0510 0696  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
14:25:50.0539 0696  fdPHost - ok
14:25:50.0546 0696  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
14:25:50.0580 0696  FDResPub - ok
14:25:50.0587 0696  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:25:50.0602 0696  FileInfo - ok
14:25:50.0607 0696  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:25:50.0644 0696  Filetrace - ok
14:25:50.0648 0696  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
14:25:50.0668 0696  flpydisk - ok
14:25:50.0684 0696  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:25:50.0701 0696  FltMgr - ok
14:25:50.0737 0696  [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache       C:\Windows\system32\FntCache.dll
14:25:50.0786 0696  FontCache - ok
14:25:50.0847 0696  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:25:50.0874 0696  FontCache3.0.0.0 - ok
14:25:50.0886 0696  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:25:50.0902 0696  FsDepends - ok
14:25:50.0924 0696  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:25:50.0939 0696  Fs_Rec - ok
14:25:50.0990 0696  [ 8A73E79089B282100B9393B644CB853B ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:25:51.0009 0696  fvevol - ok
14:25:51.0033 0696  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
14:25:51.0048 0696  gagp30kx - ok
14:25:51.0102 0696  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:25:51.0126 0696  GEARAspiWDM - ok
14:25:51.0163 0696  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
14:25:51.0241 0696  gpsvc - ok
14:25:51.0325 0696  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
14:25:51.0353 0696  gupdate - ok
14:25:51.0366 0696  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
14:25:51.0382 0696  gupdatem - ok
14:25:51.0408 0696  [ C1B577B2169900F4CF7190C39F085794 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
14:25:51.0424 0696  gusvc - ok
14:25:51.0435 0696  [ 833051C6C6C42117191935F734CFBD97 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
14:25:51.0448 0696  hamachi - ok
14:25:51.0498 0696  [ F31D7F8A7699575DBB3B3A3AB4AA6216 ] Hamachi2Svc     C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
14:25:51.0541 0696  Hamachi2Svc - ok
14:25:51.0571 0696  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:25:51.0674 0696  hcw85cir - ok
14:25:51.0737 0696  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:25:51.0768 0696  HdAudAddService - ok
14:25:51.0811 0696  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
14:25:51.0851 0696  HDAudBus - ok
14:25:51.0857 0696  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
14:25:51.0886 0696  HidBatt - ok
14:25:51.0898 0696  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
14:25:51.0923 0696  HidBth - ok
14:25:51.0936 0696  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
14:25:51.0958 0696  HidIr - ok
14:25:51.0975 0696  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\system32\hidserv.dll
14:25:52.0004 0696  hidserv - ok
14:25:52.0036 0696  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:25:52.0061 0696  HidUsb - ok
14:25:52.0100 0696  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:25:52.0129 0696  hkmsvc - ok
14:25:52.0169 0696  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:25:52.0243 0696  HomeGroupListener - ok
14:25:52.0277 0696  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:25:52.0323 0696  HomeGroupProvider - ok
14:25:52.0368 0696  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:25:52.0392 0696  HpSAMD - ok
14:25:52.0438 0696  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:25:52.0471 0696  HTTP - ok
14:25:52.0506 0696  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:25:52.0521 0696  hwpolicy - ok
14:25:52.0528 0696  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
14:25:52.0549 0696  i8042prt - ok
14:25:52.0566 0696  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:25:52.0586 0696  iaStorV - ok
14:25:52.0647 0696  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:25:52.0695 0696  idsvc - ok
14:25:52.0723 0696  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
14:25:52.0738 0696  iirsp - ok
14:25:52.0781 0696  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
14:25:52.0833 0696  IKEEXT - ok
14:25:52.0845 0696  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
14:25:52.0859 0696  intelide - ok
14:25:52.0905 0696  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:25:52.0923 0696  intelppm - ok
14:25:52.0952 0696  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:25:52.0994 0696  IPBusEnum - ok
14:25:53.0011 0696  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:25:53.0047 0696  IpFilterDriver - ok
14:25:53.0094 0696  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:25:53.0189 0696  iphlpsvc - ok
14:25:53.0220 0696  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:25:53.0238 0696  IPMIDRV - ok
14:25:53.0255 0696  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:25:53.0298 0696  IPNAT - ok
14:25:53.0352 0696  [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
14:25:53.0388 0696  iPod Service - ok
14:25:53.0416 0696  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:25:53.0449 0696  IRENUM - ok
14:25:53.0485 0696  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:25:53.0500 0696  isapnp - ok
14:25:53.0536 0696  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:25:53.0554 0696  iScsiPrt - ok
14:25:53.0583 0696  [ C4C95805B85BCE1EB9D20F4A02FC5F9B ] k57nd60x        C:\Windows\system32\DRIVERS\k57nd60x.sys
14:25:53.0607 0696  k57nd60x - ok
14:25:53.0627 0696  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
14:25:53.0642 0696  kbdclass - ok
14:25:53.0670 0696  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
14:25:53.0686 0696  kbdhid - ok
14:25:53.0707 0696  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
14:25:53.0724 0696  KeyIso - ok
14:25:53.0760 0696  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:25:53.0776 0696  KSecDD - ok
14:25:53.0817 0696  [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:25:53.0850 0696  KSecPkg - ok
14:25:53.0883 0696  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:25:53.0926 0696  KtmRm - ok
14:25:53.0975 0696  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:25:54.0020 0696  LanmanServer - ok
14:25:54.0052 0696  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:25:54.0086 0696  LanmanWorkstation - ok
14:25:54.0111 0696  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:25:54.0147 0696  lltdio - ok
14:25:54.0170 0696  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:25:54.0208 0696  lltdsvc - ok
14:25:54.0215 0696  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:25:54.0243 0696  lmhosts - ok
14:25:54.0271 0696  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
14:25:54.0287 0696  LSI_FC - ok
14:25:54.0302 0696  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
14:25:54.0317 0696  LSI_SAS - ok
14:25:54.0331 0696  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:25:54.0347 0696  LSI_SAS2 - ok
14:25:54.0358 0696  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:25:54.0374 0696  LSI_SCSI - ok
14:25:54.0385 0696  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
14:25:54.0423 0696  luafv - ok
14:25:54.0465 0696  [ 8BE71D7EDB8C7494913722059F760DD0 ] LVPr2Mon        C:\Windows\system32\Drivers\LVPr2Mon.sys
14:25:54.0478 0696  LVPr2Mon - ok
14:25:54.0510 0696  [ B6E1CCD6572984ADCAE68439AFD07011 ] LVRS            C:\Windows\system32\DRIVERS\lvrs.sys
14:25:54.0527 0696  LVRS - ok
14:25:54.0547 0696  [ BE5E104BE263921D6842C555DB6A5C23 ] LVUSBSta        C:\Windows\system32\drivers\LVUSBSta.sys
14:25:54.0560 0696  LVUSBSta - ok
14:25:54.0639 0696  [ 6C42815DD57E397F0CD988304B5EB4B3 ] LVUVC           C:\Windows\system32\DRIVERS\lvuvc.sys
14:25:54.0744 0696  LVUVC - ok
14:25:54.0780 0696  [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
14:25:54.0830 0696  MBAMProtector - ok
14:25:55.0149 0696  [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:25:55.0200 0696  MBAMScheduler - ok
14:25:55.0246 0696  [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
14:25:55.0287 0696  MBAMService - ok
14:25:55.0336 0696  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:25:55.0357 0696  Mcx2Svc - ok
14:25:55.0410 0696  [ 11F714F85530A2BD134074DC30E99FCA ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
14:25:55.0472 0696  MDM - ok
14:25:55.0506 0696  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
14:25:55.0530 0696  megasas - ok
14:25:55.0551 0696  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
14:25:55.0570 0696  MegaSR - ok
14:25:55.0591 0696  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
14:25:55.0629 0696  MMCSS - ok
14:25:55.0637 0696  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
14:25:55.0673 0696  Modem - ok
14:25:55.0687 0696  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:25:55.0704 0696  monitor - ok
14:25:55.0750 0696  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:25:55.0782 0696  mouclass - ok
14:25:55.0789 0696  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:25:55.0816 0696  mouhid - ok
14:25:55.0846 0696  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:25:55.0862 0696  mountmgr - ok
14:25:55.0902 0696  [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:25:55.0917 0696  MozillaMaintenance - ok
14:25:55.0949 0696  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:25:55.0982 0696  mpio - ok
14:25:55.0993 0696  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:25:56.0020 0696  mpsdrv - ok
14:25:56.0065 0696  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:25:56.0107 0696  MpsSvc - ok
14:25:56.0143 0696  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:25:56.0163 0696  MRxDAV - ok
14:25:56.0180 0696  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:25:56.0224 0696  mrxsmb - ok
14:25:56.0245 0696  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:25:56.0272 0696  mrxsmb10 - ok
14:25:56.0281 0696  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:25:56.0306 0696  mrxsmb20 - ok
14:25:56.0334 0696  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
14:25:56.0348 0696  msahci - ok
14:25:56.0365 0696  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:25:56.0381 0696  msdsm - ok
14:25:56.0405 0696  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
14:25:56.0432 0696  MSDTC - ok
14:25:56.0457 0696  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:25:56.0499 0696  Msfs - ok
14:25:56.0506 0696  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:25:56.0543 0696  mshidkmdf - ok
14:25:56.0575 0696  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:25:56.0590 0696  msisadrv - ok
14:25:56.0615 0696  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:25:56.0652 0696  MSiSCSI - ok
14:25:56.0656 0696  msiserver - ok
14:25:56.0673 0696  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:25:56.0710 0696  MSKSSRV - ok
14:25:56.0723 0696  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:25:56.0759 0696  MSPCLOCK - ok
14:25:56.0767 0696  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:25:56.0806 0696  MSPQM - ok
14:25:56.0815 0696  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:25:56.0832 0696  MsRPC - ok
14:25:56.0849 0696  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
14:25:56.0864 0696  mssmbios - ok
14:25:56.0869 0696  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:25:56.0896 0696  MSTEE - ok
14:25:56.0901 0696  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
14:25:56.0920 0696  MTConfig - ok
14:25:56.0932 0696  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
14:25:56.0947 0696  Mup - ok
14:25:56.0980 0696  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
14:25:57.0016 0696  napagent - ok
14:25:57.0044 0696  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:25:57.0073 0696  NativeWifiP - ok
14:25:57.0111 0696  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:25:57.0138 0696  NDIS - ok
14:25:57.0160 0696  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:25:57.0193 0696  NdisCap - ok
14:25:57.0207 0696  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:25:57.0244 0696  NdisTapi - ok
14:25:57.0278 0696  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:25:57.0313 0696  Ndisuio - ok
14:25:57.0351 0696  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:25:57.0385 0696  NdisWan - ok
14:25:57.0423 0696  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:25:57.0465 0696  NDProxy - ok
14:25:57.0527 0696  [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
14:25:57.0581 0696  Nero BackItUp Scheduler 4.0 - ok
14:25:57.0626 0696  [ 1352E1648213551923A0A822E441553C ] Netaapl         C:\Windows\system32\DRIVERS\netaapl.sys
14:25:57.0697 0696  Netaapl - ok
14:25:57.0719 0696  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:25:57.0750 0696  NetBIOS - ok
14:25:57.0783 0696  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:25:57.0824 0696  NetBT - ok
14:25:57.0832 0696  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
14:25:57.0849 0696  Netlogon - ok
14:25:57.0873 0696  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
14:25:57.0912 0696  Netman - ok
14:25:57.0920 0696  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
14:25:57.0954 0696  netprofm - ok
14:25:57.0988 0696  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:25:58.0003 0696  NetTcpPortSharing - ok
14:25:58.0023 0696  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
14:25:58.0039 0696  nfrd960 - ok
14:25:58.0106 0696  [ 4A676BDD67E0765C36C542F447C27B58 ] NitroReaderDriverReadSpool2 C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
14:25:58.0135 0696  NitroReaderDriverReadSpool2 - ok
14:25:58.0170 0696  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:25:58.0231 0696  NlaSvc - ok
14:25:58.0270 0696  [ FD306FBCCE7ADB1077B709742E7148E9 ] NMSAccessU      C:\Program Files\CDBurnerXP\NMSAccessU.exe
14:25:58.0294 0696  NMSAccessU - ok
14:25:58.0302 0696  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:25:58.0348 0696  Npfs - ok
14:25:58.0363 0696  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
14:25:58.0403 0696  nsi - ok
14:25:58.0411 0696  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:25:58.0443 0696  nsiproxy - ok
14:25:58.0479 0696  [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:25:58.0515 0696  Ntfs - ok
14:25:58.0533 0696  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
14:25:58.0561 0696  Null - ok
14:25:58.0761 0696  [ 0A1B502CBC8230DA74BEFBAADDB58916 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:25:59.0057 0696  nvlddmkm - ok
14:25:59.0107 0696  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:25:59.0141 0696  nvraid - ok
14:25:59.0156 0696  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:25:59.0175 0696  nvstor - ok
14:25:59.0215 0696  [ EB5A13F9139F20AD71ADF4BF79C3AA29 ] nvsvc           C:\Windows\system32\nvvsvc.exe
14:25:59.0261 0696  nvsvc - ok
14:25:59.0338 0696  [ 0629259E3AF6BB0534FCECA208973404 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:25:59.0394 0696  nvUpdatusService - ok
14:25:59.0413 0696  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:25:59.0429 0696  nv_agp - ok
14:25:59.0450 0696  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:25:59.0468 0696  ohci1394 - ok
14:25:59.0497 0696  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:25:59.0511 0696  ose - ok
14:25:59.0540 0696  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:25:59.0608 0696  p2pimsvc - ok
14:25:59.0643 0696  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
14:25:59.0667 0696  p2psvc - ok
14:25:59.0689 0696  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
14:25:59.0713 0696  Parport - ok
14:25:59.0746 0696  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:25:59.0763 0696  partmgr - ok
14:25:59.0782 0696  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
14:25:59.0808 0696  Parvdm - ok
14:26:00.0126 0696  [ FEA04E9D808A9417530B0DDC81DA4597 ] PC Performer Manager C:\ProgramData\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe
14:26:00.0201 0696  PC Performer Manager - ok
14:26:00.0229 0696  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:26:00.0260 0696  PcaSvc - ok
14:26:00.0296 0696  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
14:26:00.0329 0696  pci - ok
14:26:00.0341 0696  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
14:26:00.0357 0696  pciide - ok
14:26:00.0373 0696  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
14:26:00.0391 0696  pcmcia - ok
14:26:00.0402 0696  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
14:26:00.0417 0696  pcw - ok
14:26:00.0439 0696  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:26:00.0491 0696  PEAUTH - ok
14:26:00.0528 0696  [ 3551190E9CF1EB4C0971BDEF4269CA25 ] PID_0928        C:\Windows\system32\DRIVERS\LV561AV.SYS
14:26:00.0549 0696  PID_0928 - ok
14:26:00.0640 0696  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
14:26:00.0717 0696  pla - ok
14:26:00.0753 0696  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:26:00.0797 0696  PlugPlay - ok
14:26:00.0810 0696  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:26:00.0828 0696  PNRPAutoReg - ok
14:26:00.0839 0696  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:26:00.0859 0696  PNRPsvc - ok
14:26:00.0878 0696  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:26:00.0918 0696  PolicyAgent - ok
14:26:00.0986 0696  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
14:26:01.0034 0696  Power - ok
14:26:01.0056 0696  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:26:01.0095 0696  PptpMiniport - ok
14:26:01.0108 0696  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
14:26:01.0133 0696  Processor - ok
14:26:01.0180 0696  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
14:26:01.0259 0696  ProfSvc - ok
14:26:01.0273 0696  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:26:01.0290 0696  ProtectedStorage - ok
14:26:01.0308 0696  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:26:01.0344 0696  Psched - ok
14:26:01.0367 0696  [ F036CFB275D0C55F4E45FBBF5F98B3C8 ] PSI_SVC_2       c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
14:26:01.0382 0696  PSI_SVC_2 - ok
14:26:01.0421 0696  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
14:26:01.0486 0696  ql2300 - ok
14:26:01.0509 0696  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
14:26:01.0526 0696  ql40xx - ok
14:26:01.0551 0696  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
14:26:01.0578 0696  QWAVE - ok
14:26:01.0588 0696  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:26:01.0606 0696  QWAVEdrv - ok
14:26:01.0615 0696  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:26:01.0643 0696  RasAcd - ok
14:26:01.0668 0696  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:26:01.0699 0696  RasAgileVpn - ok
14:26:01.0709 0696  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
14:26:01.0749 0696  RasAuto - ok
14:26:01.0757 0696  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:26:01.0787 0696  Rasl2tp - ok
14:26:01.0836 0696  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
14:26:01.0899 0696  RasMan - ok
14:26:01.0905 0696  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:26:01.0934 0696  RasPppoe - ok
14:26:01.0946 0696  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:26:01.0978 0696  RasSstp - ok
14:26:02.0012 0696  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:26:02.0053 0696  rdbss - ok
14:26:02.0062 0696  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
14:26:02.0081 0696  rdpbus - ok
14:26:02.0119 0696  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:26:02.0169 0696  RDPCDD - ok
14:26:02.0185 0696  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:26:02.0213 0696  RDPENCDD - ok
14:26:02.0223 0696  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:26:02.0253 0696  RDPREFMP - ok
14:26:02.0283 0696  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:26:02.0353 0696  RDPWD - ok
14:26:02.0416 0696  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:26:02.0452 0696  rdyboost - ok
14:26:02.0477 0696  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:26:02.0536 0696  RemoteAccess - ok
14:26:02.0554 0696  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:26:02.0585 0696  RemoteRegistry - ok
14:26:02.0620 0696  [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
14:26:02.0638 0696  RFCOMM - ok
14:26:02.0657 0696  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:26:02.0692 0696  RpcEptMapper - ok
14:26:02.0708 0696  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
14:26:02.0732 0696  RpcLocator - ok
14:26:02.0747 0696  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\system32\rpcss.dll
14:26:02.0779 0696  RpcSs - ok
14:26:02.0807 0696  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:26:02.0843 0696  rspndr - ok
14:26:02.0856 0696  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
14:26:02.0873 0696  SamSs - ok
14:26:02.0919 0696  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:26:02.0946 0696  sbp2port - ok
14:26:02.0956 0696  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:26:02.0988 0696  SCardSvr - ok
14:26:03.0019 0696  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:26:03.0052 0696  scfilter - ok
14:26:03.0096 0696  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
14:26:03.0142 0696  Schedule - ok
14:26:03.0179 0696  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:26:03.0223 0696  SCPolicySvc - ok
14:26:03.0258 0696  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:26:03.0342 0696  SDRSVC - ok
14:26:03.0375 0696  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:26:03.0416 0696  secdrv - ok
14:26:03.0429 0696  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
14:26:03.0461 0696  seclogon - ok
14:26:03.0484 0696  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\System32\sens.dll
14:26:03.0520 0696  SENS - ok
14:26:03.0537 0696  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:26:03.0617 0696  SensrSvc - ok
14:26:03.0636 0696  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
14:26:03.0659 0696  Serenum - ok
14:26:03.0669 0696  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
14:26:03.0691 0696  Serial - ok
14:26:03.0706 0696  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
14:26:03.0723 0696  sermouse - ok
14:26:03.0761 0696  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
14:26:03.0804 0696  SessionEnv - ok
14:26:03.0845 0696  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:26:03.0877 0696  sffdisk - ok
14:26:03.0883 0696  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:26:03.0906 0696  sffp_mmc - ok
14:26:03.0910 0696  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:26:03.0934 0696  sffp_sd - ok
14:26:03.0944 0696  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
14:26:03.0968 0696  sfloppy - ok
14:26:03.0993 0696  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:26:04.0034 0696  SharedAccess - ok
14:26:04.0049 0696  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:26:04.0084 0696  ShellHWDetection - ok
14:26:04.0092 0696  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
14:26:04.0108 0696  sisagp - ok
14:26:04.0133 0696  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:26:04.0148 0696  SiSRaid2 - ok
14:26:04.0157 0696  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
14:26:04.0173 0696  SiSRaid4 - ok
14:26:04.0239 0696  [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
14:26:04.0254 0696  SkypeUpdate - ok
14:26:04.0284 0696  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:26:04.0323 0696  Smb - ok
14:26:04.0359 0696  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:26:04.0381 0696  SNMPTRAP - ok
14:26:04.0392 0696  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:26:04.0407 0696  spldr - ok
14:26:04.0429 0696  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\Windows\System32\spoolsv.exe
14:26:04.0508 0696  Spooler - ok
14:26:04.0591 0696  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
14:26:04.0720 0696  sppsvc - ok
14:26:04.0774 0696  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:26:04.0848 0696  sppuinotify - ok
14:26:04.0875 0696  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:26:04.0921 0696  srv - ok
14:26:04.0937 0696  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:26:04.0968 0696  srv2 - ok
14:26:04.0983 0696  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:26:05.0005 0696  srvnet - ok
14:26:05.0026 0696  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:26:05.0062 0696  SSDPSRV - ok
14:26:05.0072 0696  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:26:05.0113 0696  SstpSvc - ok
14:26:05.0170 0696  [ F92254B0BCFCD10CAAC7BCCC7CB7F467 ] StarOpen        C:\Windows\system32\drivers\StarOpen.sys
14:26:05.0182 0696  StarOpen ( UnsignedFile.Multi.Generic ) - warning
14:26:05.0183 0696  StarOpen - detected UnsignedFile.Multi.Generic (1)
14:26:05.0215 0696  Steam Client Service - ok
14:26:05.0263 0696  [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service  C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:26:05.0282 0696  Stereo Service - ok
14:26:05.0330 0696  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
14:26:05.0345 0696  stexstor - ok
14:26:05.0398 0696  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
14:26:05.0426 0696  StiSvc - ok
14:26:05.0457 0696  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\drivers\swenum.sys
14:26:05.0472 0696  swenum - ok
14:26:05.0486 0696  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
14:26:05.0520 0696  swprv - ok
14:26:05.0571 0696  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
14:26:05.0628 0696  SysMain - ok
14:26:05.0670 0696  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:26:05.0729 0696  TabletInputService - ok
14:26:05.0769 0696  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:26:05.0832 0696  TapiSrv - ok
14:26:05.0847 0696  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
14:26:05.0878 0696  TBS - ok
14:26:05.0921 0696  [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:26:05.0957 0696  Tcpip - ok
14:26:06.0013 0696  [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:26:06.0044 0696  TCPIP6 - ok
14:26:06.0079 0696  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:26:06.0095 0696  tcpipreg - ok
14:26:06.0127 0696  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:26:06.0190 0696  TDPIPE - ok
14:26:06.0216 0696  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:26:06.0245 0696  TDTCP - ok
14:26:06.0280 0696  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:26:06.0318 0696  tdx - ok
14:26:06.0326 0696  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\drivers\termdd.sys
14:26:06.0341 0696  TermDD - ok
14:26:06.0385 0696  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
14:26:06.0433 0696  TermService - ok
14:26:06.0451 0696  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
14:26:06.0474 0696  Themes - ok
14:26:06.0482 0696  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
14:26:06.0511 0696  THREADORDER - ok
14:26:06.0546 0696  [ 409A577FD5781C717E55A28717514C58 ] TPkd            C:\Windows\system32\drivers\TPkd.sys
14:26:06.0553 0696  TPkd ( UnsignedFile.Multi.Generic ) - warning
14:26:06.0553 0696  TPkd - detected UnsignedFile.Multi.Generic (1)
14:26:06.0574 0696  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
14:26:06.0606 0696  TrkWks - ok
14:26:06.0654 0696  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:26:06.0683 0696  TrustedInstaller - ok
14:26:06.0718 0696  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:26:06.0782 0696  tssecsrv - ok
14:26:06.0819 0696  [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:26:06.0877 0696  TsUsbFlt - ok
14:26:06.0931 0696  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:26:06.0976 0696  tunnel - ok
14:26:07.0004 0696  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
14:26:07.0020 0696  uagp35 - ok
14:26:07.0033 0696  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:26:07.0068 0696  udfs - ok
14:26:07.0095 0696  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:26:07.0127 0696  UI0Detect - ok
14:26:07.0163 0696  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:26:07.0179 0696  uliagpkx - ok
14:26:07.0226 0696  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\drivers\umbus.sys
14:26:07.0243 0696  umbus - ok
14:26:07.0256 0696  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
14:26:07.0279 0696  UmPass - ok
14:26:07.0341 0696  [ 8B802B483CBDE06F62DBC04DC7AFAF8E ] UMVPFSrv        C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
14:26:07.0379 0696  UMVPFSrv - ok
14:26:07.0396 0696  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
14:26:07.0437 0696  upnphost - ok
14:26:07.0483 0696  [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
14:26:07.0499 0696  USBAAPL ( UnsignedFile.Multi.Generic ) - warning
14:26:07.0499 0696  USBAAPL - detected UnsignedFile.Multi.Generic (1)
14:26:07.0510 0696  [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
14:26:07.0544 0696  usbaudio - ok
14:26:07.0574 0696  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:26:07.0622 0696  usbccgp - ok
14:26:07.0657 0696  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:26:07.0682 0696  usbcir - ok
14:26:07.0694 0696  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
14:26:07.0724 0696  usbehci - ok
14:26:07.0757 0696  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:26:07.0777 0696  usbhub - ok
14:26:07.0789 0696  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:26:07.0805 0696  usbohci - ok
14:26:07.0839 0696  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
14:26:07.0866 0696  usbprint - ok
14:26:07.0889 0696  [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
14:26:07.0907 0696  usbscan - ok
14:26:07.0918 0696  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:26:07.0996 0696  USBSTOR - ok
14:26:08.0017 0696  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
14:26:08.0042 0696  usbuhci - ok
14:26:08.0063 0696  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
14:26:08.0098 0696  UxSms - ok
14:26:08.0106 0696  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
14:26:08.0122 0696  VaultSvc - ok
14:26:08.0144 0696  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:26:08.0159 0696  vdrvroot - ok
14:26:08.0202 0696  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
14:26:08.0242 0696  vds - ok
14:26:08.0255 0696  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:26:08.0282 0696  vga - ok
14:26:08.0288 0696  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:26:08.0317 0696  VgaSave - ok
14:26:08.0350 0696  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:26:08.0367 0696  vhdmp - ok
14:26:08.0380 0696  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
14:26:08.0396 0696  viaagp - ok
14:26:08.0407 0696  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
14:26:08.0432 0696  ViaC7 - ok
14:26:08.0467 0696  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
14:26:08.0481 0696  viaide - ok
14:26:08.0486 0696  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:26:08.0502 0696  volmgr - ok
14:26:08.0519 0696  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:26:08.0539 0696  volmgrx - ok
14:26:08.0554 0696  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:26:08.0572 0696  volsnap - ok
14:26:08.0594 0696  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
14:26:08.0611 0696  vsmraid - ok
14:26:08.0661 0696  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
14:26:08.0724 0696  VSS - ok
14:26:08.0735 0696  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
14:26:08.0752 0696  vwifibus - ok
14:26:08.0772 0696  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
14:26:08.0794 0696  vwififlt - ok
14:26:08.0815 0696  [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
14:26:08.0843 0696  vwifimp - ok
14:26:08.0867 0696  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
14:26:08.0910 0696  W32Time - ok
14:26:08.0924 0696  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
14:26:08.0950 0696  WacomPen - ok
14:26:08.0971 0696  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:26:09.0015 0696  WANARP - ok
14:26:09.0020 0696  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:26:09.0048 0696  Wanarpv6 - ok
14:26:09.0094 0696  [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
14:26:09.0145 0696  WatAdminSvc - ok
14:26:09.0203 0696  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
14:26:09.0299 0696  wbengine - ok
14:26:09.0315 0696  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:26:09.0368 0696  WbioSrvc - ok
14:26:09.0402 0696  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:26:09.0438 0696  wcncsvc - ok
14:26:09.0445 0696  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:26:09.0487 0696  WcsPlugInService - ok
14:26:09.0500 0696  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
14:26:09.0515 0696  Wd - ok
14:26:09.0550 0696  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:26:09.0575 0696  Wdf01000 - ok
14:26:09.0596 0696  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:26:09.0663 0696  WdiServiceHost - ok
14:26:09.0666 0696  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:26:09.0688 0696  WdiSystemHost - ok
14:26:09.0721 0696  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
14:26:09.0763 0696  WebClient - ok
14:26:09.0776 0696  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:26:09.0816 0696  Wecsvc - ok
14:26:09.0823 0696  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:26:09.0882 0696  wercplsupport - ok
14:26:09.0928 0696  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:26:09.0995 0696  WerSvc - ok
14:26:10.0027 0696  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:26:10.0064 0696  WfpLwf - ok
14:26:10.0081 0696  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:26:10.0095 0696  WIMMount - ok
14:26:10.0152 0696  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
14:26:10.0233 0696  WinDefend - ok
14:26:10.0239 0696  WinHttpAutoProxySvc - ok
14:26:10.0385 0696  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:26:10.0449 0696  Winmgmt - ok
14:26:10.0507 0696  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
14:26:10.0601 0696  WinRM - ok
14:26:10.0653 0696  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
14:26:10.0682 0696  WinUsb - ok
14:26:10.0711 0696  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:26:10.0750 0696  Wlansvc - ok
14:26:10.0826 0696  [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:26:10.0881 0696  wlidsvc - ok
14:26:10.0920 0696  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
14:26:10.0962 0696  WmiAcpi - ok
14:26:10.0991 0696  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:26:11.0018 0696  wmiApSrv - ok
14:26:11.0089 0696  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
14:26:11.0209 0696  WMPNetworkSvc - ok
14:26:11.0235 0696  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:26:11.0378 0696  WPCSvc - ok
14:26:11.0425 0696  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:26:11.0480 0696  WPDBusEnum - ok
14:26:11.0503 0696  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:26:11.0530 0696  ws2ifsl - ok
14:26:11.0537 0696  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\System32\wscsvc.dll
14:26:11.0567 0696  wscsvc - ok
14:26:11.0572 0696  WSearch - ok
14:26:11.0641 0696  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
14:26:11.0716 0696  wuauserv - ok
14:26:11.0752 0696  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:26:11.0829 0696  WudfPf - ok
14:26:11.0854 0696  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:26:11.0897 0696  WUDFRd - ok
14:26:11.0941 0696  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:26:11.0982 0696  wudfsvc - ok
14:26:11.0995 0696  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:26:12.0025 0696  WwanSvc - ok
14:26:12.0077 0696  ================ Scan global ===============================
14:26:12.0118 0696  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
14:26:12.0150 0696  [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
14:26:12.0167 0696  [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
14:26:12.0197 0696  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
14:26:12.0223 0696  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
14:26:12.0229 0696  [Global] - ok
14:26:12.0230 0696  ================ Scan MBR ==================================
14:26:12.0235 0696  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:26:12.0475 0696  \Device\Harddisk0\DR0 - ok
14:26:12.0481 0696  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
14:26:12.0583 0696  \Device\Harddisk1\DR1 - ok
14:26:12.0584 0696  ================ Scan VBR ==================================
14:26:12.0588 0696  [ 68C9E32CA562AB299CB9B69843E37040 ] \Device\Harddisk0\DR0\Partition1
14:26:12.0590 0696  \Device\Harddisk0\DR0\Partition1 - ok
14:26:12.0598 0696  [ 02FAEADA8954B3E333400F80B25CB7EE ] \Device\Harddisk0\DR0\Partition2
14:26:12.0600 0696  \Device\Harddisk0\DR0\Partition2 - ok
14:26:12.0621 0696  [ 2DB6756E2576918F058076A144C63994 ] \Device\Harddisk0\DR0\Partition3
14:26:12.0623 0696  \Device\Harddisk0\DR0\Partition3 - ok
14:26:12.0628 0696  [ AAF22525AD02E52B1BE6C8B98D89BFB5 ] \Device\Harddisk1\DR1\Partition1
14:26:12.0633 0696  \Device\Harddisk1\DR1\Partition1 - ok
14:26:12.0633 0696  ============================================================
14:26:12.0633 0696  Scan finished
14:26:12.0633 0696  ============================================================
14:26:12.0649 3724  Detected object count: 4
14:26:12.0649 3724  Actual detected object count: 4
14:26:31.0137 3724  Akamai ( HiddenFile.Multi.Generic ) - skipped by user
14:26:31.0137 3724  Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 
14:26:31.0141 3724  StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
14:26:31.0141 3724  StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:26:31.0142 3724  TPkd ( UnsignedFile.Multi.Generic ) - skipped by user
14:26:31.0142 3724  TPkd ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:26:31.0144 3724  USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
14:26:31.0144 3724  USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:29:10.0677 3628  Deinitialize success

Alt 06.12.2012, 18:16   #11
Belatucradus
 
Malware Problem - Standard

Malware Problem


das andere
Code:
ATTFilter
14:25:10.0591 2152  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:25:11.0047 2152  ============================================================
14:25:11.0047 2152  Current date / time: 2012/12/06 14:25:11.0047
14:25:11.0047 2152  SystemInfo:
14:25:11.0047 2152  
14:25:11.0047 2152  OS Version: 6.1.7601 ServicePack: 1.0
14:25:11.0047 2152  Product type: Workstation
14:25:11.0047 2152  ComputerName: MANUU-PC
14:25:11.0047 2152  UserName: User
14:25:11.0047 2152  Windows directory: C:\Windows
14:25:11.0048 2152  System windows directory: C:\Windows
14:25:11.0048 2152  Processor architecture: Intel x86
14:25:11.0048 2152  Number of processors: 2
14:25:11.0048 2152  Page size: 0x1000
14:25:11.0048 2152  Boot type: Normal boot
14:25:11.0048 2152  ============================================================
14:25:12.0578 2152  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:25:12.0767 2152  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:25:16.0680 2152  ============================================================
14:25:16.0680 2152  \Device\Harddisk0\DR0:
14:25:16.0719 2152  MBR partitions:
14:25:16.0719 2152  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:25:16.0719 2152  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1E154800
14:25:16.0719 2152  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1E187000, BlocksNum 0x1C1FE000
14:25:16.0719 2152  \Device\Harddisk1\DR1:
14:25:16.0720 2152  MBR partitions:
14:25:16.0720 2152  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
14:25:16.0720 2152  ============================================================
14:25:16.0827 2152  C: <-> \Device\Harddisk0\DR0\Partition2
14:25:16.0916 2152  D: <-> \Device\Harddisk0\DR0\Partition3
14:25:16.0922 2152  F: <-> \Device\Harddisk1\DR1\Partition1
14:25:17.0077 2152  ============================================================
14:25:17.0078 2152  Initialize success
14:25:17.0078 2152  ============================================================
14:25:39.0882 0696  ============================================================
14:25:39.0882 0696  Scan started
14:25:39.0882 0696  Mode: Manual; SigCheck; TDLFS; 
14:25:39.0882 0696  ============================================================
14:25:41.0565 0696  ================ Scan system memory ========================
14:25:41.0566 0696  System memory - ok
14:25:41.0566 0696  ================ Scan services =============================
14:25:41.0674 0696  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:25:42.0003 0696  1394ohci - ok
14:25:42.0019 0696  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:25:42.0038 0696  ACPI - ok
14:25:42.0048 0696  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:25:42.0123 0696  AcpiPmi - ok
14:25:42.0261 0696  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
14:25:42.0307 0696  AdobeARMservice - ok
14:25:42.0348 0696  [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:25:42.0380 0696  AdobeFlashPlayerUpdateSvc - ok
14:25:42.0419 0696  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
14:25:42.0441 0696  adp94xx - ok
14:25:42.0456 0696  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
14:25:42.0476 0696  adpahci - ok
14:25:42.0489 0696  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
14:25:42.0505 0696  adpu320 - ok
14:25:42.0526 0696  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:25:42.0635 0696  AeLookupSvc - ok
14:25:42.0661 0696  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
14:25:42.0710 0696  AFD - ok
14:25:42.0743 0696  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
14:25:42.0758 0696  agp440 - ok
14:25:42.0774 0696  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
14:25:42.0790 0696  aic78xx - ok
14:25:42.0929 0696  [ B9B98E08EC127900025F42462D3D0A66 ] Akamai          c:\program files\common files\akamai/netsession_win_ce5ba24.dll
14:25:42.0929 0696  Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_ce5ba24.dll. md5: B9B98E08EC127900025F42462D3D0A66
14:25:42.0940 0696  Akamai ( HiddenFile.Multi.Generic ) - warning
14:25:42.0940 0696  Akamai - detected HiddenFile.Multi.Generic (1)
14:25:42.0972 0696  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
14:25:43.0042 0696  ALG - ok
14:25:43.0055 0696  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:25:43.0070 0696  aliide - ok
14:25:43.0085 0696  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
14:25:43.0100 0696  amdagp - ok
14:25:43.0114 0696  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
14:25:43.0128 0696  amdide - ok
14:25:43.0141 0696  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
14:25:43.0186 0696  AmdK8 - ok
14:25:43.0199 0696  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
14:25:43.0259 0696  AmdPPM - ok
14:25:43.0306 0696  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:25:43.0338 0696  amdsata - ok
14:25:43.0376 0696  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
14:25:43.0411 0696  amdsbs - ok
14:25:43.0424 0696  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:25:43.0439 0696  amdxata - ok
14:25:43.0473 0696  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
14:25:43.0573 0696  AppID - ok
14:25:43.0591 0696  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:25:43.0685 0696  AppIDSvc - ok
14:25:43.0728 0696  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo         C:\Windows\System32\appinfo.dll
14:25:43.0831 0696  Appinfo - ok
14:25:43.0998 0696  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:25:44.0025 0696  Apple Mobile Device - ok
14:25:44.0067 0696  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
14:25:44.0099 0696  arc - ok
14:25:44.0110 0696  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
14:25:44.0126 0696  arcsas - ok
14:25:44.0182 0696  [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
14:25:44.0201 0696  aswFsBlk - ok
14:25:44.0246 0696  [ E2FEE0486D68BF85355D3EDA1A24FF68 ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
14:25:44.0259 0696  aswKbd - ok
14:25:44.0293 0696  [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
14:25:44.0307 0696  aswMonFlt - ok
14:25:44.0334 0696  [ 81F638A2DD94ABBF0B43880AB38D8DBD ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
14:25:44.0347 0696  aswRdr - ok
14:25:44.0394 0696  [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
14:25:44.0419 0696  aswSnx - ok
14:25:44.0479 0696  [ 67B558895695545FB0568B7541F3BCA7 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
14:25:44.0498 0696  aswSP - ok
14:25:44.0522 0696  [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
14:25:44.0535 0696  aswTdi - ok
14:25:44.0546 0696  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:25:44.0674 0696  AsyncMac - ok
14:25:44.0724 0696  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
14:25:44.0738 0696  atapi - ok
14:25:44.0872 0696  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:25:44.0957 0696  AudioEndpointBuilder - ok
14:25:44.0966 0696  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
14:25:44.0996 0696  Audiosrv - ok
14:25:45.0111 0696  [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
14:25:45.0137 0696  avast! Antivirus - ok
14:25:45.0168 0696  avast! Firewall - ok
14:25:45.0212 0696  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:25:45.0341 0696  AxInstSV - ok
14:25:45.0369 0696  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
14:25:45.0453 0696  b06bdrv - ok
14:25:45.0472 0696  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
14:25:45.0501 0696  b57nd60x - ok
14:25:45.0582 0696  [ BB8199199A0DFA0BF1B8275344580E49 ] Bandoo Coordinator C:\PROGRA~1\Bandoo\Bandoo.exe
14:25:45.0650 0696  Bandoo Coordinator - ok
14:25:45.0703 0696  [ EB7C2DADF52F50F69F198C14C3556DC1 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl6.sys
14:25:45.0791 0696  BCM43XX - ok
14:25:45.0835 0696  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:25:45.0935 0696  BDESVC - ok
14:25:45.0947 0696  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:25:46.0046 0696  Beep - ok
14:25:46.0095 0696  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
14:25:46.0198 0696  BFE - ok
14:25:46.0240 0696  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\System32\qmgr.dll
14:25:46.0328 0696  BITS - ok
14:25:46.0350 0696  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
14:25:46.0366 0696  blbdrive - ok
14:25:46.0466 0696  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:25:46.0501 0696  Bonjour Service - ok
14:25:46.0526 0696  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:25:46.0566 0696  bowser - ok
14:25:46.0582 0696  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:25:46.0608 0696  BrFiltLo - ok
14:25:46.0623 0696  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:25:46.0653 0696  BrFiltUp - ok
14:25:46.0689 0696  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
14:25:46.0733 0696  Browser - ok
14:25:46.0750 0696  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:25:46.0839 0696  Brserid - ok
14:25:46.0854 0696  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:25:46.0925 0696  BrSerWdm - ok
14:25:46.0937 0696  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:25:46.0960 0696  BrUsbMdm - ok
14:25:46.0971 0696  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:25:46.0995 0696  BrUsbSer - ok
14:25:47.0021 0696  [ DB99076533FFB38CBEC8AC88E4535850 ] BthAvrcp        C:\Windows\system32\DRIVERS\BthAvrcp.sys
14:25:47.0060 0696  BthAvrcp - ok
14:25:47.0096 0696  [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
14:25:47.0283 0696  BthEnum - ok
14:25:47.0312 0696  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
14:25:47.0359 0696  BTHMODEM - ok
14:25:47.0379 0696  [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
14:25:47.0405 0696  BthPan - ok
14:25:47.0426 0696  [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
14:25:47.0516 0696  BTHPORT - ok
14:25:47.0541 0696  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
14:25:47.0578 0696  bthserv - ok
14:25:47.0592 0696  [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
14:25:47.0613 0696  BTHUSB - ok
14:25:47.0634 0696  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:25:47.0673 0696  cdfs - ok
14:25:47.0717 0696  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
14:25:47.0756 0696  cdrom - ok
14:25:47.0797 0696  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
14:25:47.0862 0696  CertPropSvc - ok
14:25:47.0896 0696  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
14:25:47.0920 0696  circlass - ok
14:25:47.0943 0696  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
14:25:47.0976 0696  CLFS - ok
14:25:48.0032 0696  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:25:48.0062 0696  clr_optimization_v2.0.50727_32 - ok
14:25:48.0117 0696  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:25:48.0163 0696  clr_optimization_v4.0.30319_32 - ok
14:25:48.0183 0696  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
14:25:48.0227 0696  CmBatt - ok
14:25:48.0263 0696  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:25:48.0277 0696  cmdide - ok
14:25:48.0318 0696  [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG             C:\Windows\system32\Drivers\cng.sys
14:25:48.0343 0696  CNG - ok
14:25:48.0354 0696  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
14:25:48.0369 0696  Compbatt - ok
14:25:48.0390 0696  [ F77390678B3C2FA7ED82EA034D582355 ] CompFilter      C:\Windows\system32\DRIVERS\lvbusflt.sys
14:25:48.0402 0696  CompFilter - ok
14:25:48.0440 0696  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
14:25:48.0483 0696  CompositeBus - ok
14:25:48.0492 0696  COMSysApp - ok
14:25:48.0593 0696  cpuz132 - ok
14:25:48.0605 0696  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
14:25:48.0620 0696  crcdisk - ok
14:25:48.0666 0696  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:25:48.0735 0696  CryptSvc - ok
14:25:48.0772 0696  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:25:48.0812 0696  DcomLaunch - ok
14:25:48.0841 0696  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
14:25:48.0879 0696  defragsvc - ok
14:25:48.0913 0696  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:25:48.0943 0696  DfsC - ok
14:25:48.0986 0696  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:25:49.0089 0696  Dhcp - ok
14:25:49.0099 0696  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
14:25:49.0132 0696  discache - ok
14:25:49.0162 0696  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
14:25:49.0177 0696  Disk - ok
14:25:49.0196 0696  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:25:49.0241 0696  Dnscache - ok
14:25:49.0279 0696  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:25:49.0318 0696  dot3svc - ok
14:25:49.0369 0696  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
14:25:49.0421 0696  DPS - ok
14:25:49.0444 0696  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:25:49.0471 0696  drmkaud - ok
14:25:49.0493 0696  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:25:49.0521 0696  DXGKrnl - ok
14:25:49.0543 0696  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
14:25:49.0581 0696  EapHost - ok
14:25:49.0650 0696  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
14:25:49.0740 0696  ebdrv - ok
14:25:49.0756 0696  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
14:25:49.0844 0696  EFS - ok
14:25:49.0908 0696  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:25:50.0012 0696  ehRecvr - ok
14:25:50.0031 0696  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
14:25:50.0074 0696  ehSched - ok
14:25:50.0102 0696  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
14:25:50.0125 0696  elxstor - ok
14:25:50.0156 0696  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:25:50.0182 0696  ErrDev - ok
14:25:50.0217 0696  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
14:25:50.0259 0696  EventSystem - ok
14:25:50.0273 0696  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
14:25:50.0302 0696  exfat - ok
14:25:50.0319 0696  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:25:50.0359 0696  fastfat - ok
14:25:50.0396 0696  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
14:25:50.0463 0696  Fax - ok
14:25:50.0475 0696  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
14:25:50.0496 0696  fdc - ok
14:25:50.0510 0696  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
14:25:50.0539 0696  fdPHost - ok
14:25:50.0546 0696  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
14:25:50.0580 0696  FDResPub - ok
14:25:50.0587 0696  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:25:50.0602 0696  FileInfo - ok
14:25:50.0607 0696  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:25:50.0644 0696  Filetrace - ok
14:25:50.0648 0696  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
14:25:50.0668 0696  flpydisk - ok
14:25:50.0684 0696  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:25:50.0701 0696  FltMgr - ok
14:25:50.0737 0696  [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache       C:\Windows\system32\FntCache.dll
14:25:50.0786 0696  FontCache - ok
14:25:50.0847 0696  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:25:50.0874 0696  FontCache3.0.0.0 - ok
14:25:50.0886 0696  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:25:50.0902 0696  FsDepends - ok
14:25:50.0924 0696  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:25:50.0939 0696  Fs_Rec - ok
14:25:50.0990 0696  [ 8A73E79089B282100B9393B644CB853B ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:25:51.0009 0696  fvevol - ok
14:25:51.0033 0696  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
14:25:51.0048 0696  gagp30kx - ok
14:25:51.0102 0696  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:25:51.0126 0696  GEARAspiWDM - ok
14:25:51.0163 0696  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
14:25:51.0241 0696  gpsvc - ok
14:25:51.0325 0696  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
14:25:51.0353 0696  gupdate - ok
14:25:51.0366 0696  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
14:25:51.0382 0696  gupdatem - ok
14:25:51.0408 0696  [ C1B577B2169900F4CF7190C39F085794 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
14:25:51.0424 0696  gusvc - ok
14:25:51.0435 0696  [ 833051C6C6C42117191935F734CFBD97 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
14:25:51.0448 0696  hamachi - ok
14:25:51.0498 0696  [ F31D7F8A7699575DBB3B3A3AB4AA6216 ] Hamachi2Svc     C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
14:25:51.0541 0696  Hamachi2Svc - ok
14:25:51.0571 0696  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:25:51.0674 0696  hcw85cir - ok
14:25:51.0737 0696  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:25:51.0768 0696  HdAudAddService - ok
14:25:51.0811 0696  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
14:25:51.0851 0696  HDAudBus - ok
14:25:51.0857 0696  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
14:25:51.0886 0696  HidBatt - ok
14:25:51.0898 0696  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
14:25:51.0923 0696  HidBth - ok
14:25:51.0936 0696  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
14:25:51.0958 0696  HidIr - ok
14:25:51.0975 0696  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\system32\hidserv.dll
14:25:52.0004 0696  hidserv - ok
14:25:52.0036 0696  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:25:52.0061 0696  HidUsb - ok
14:25:52.0100 0696  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:25:52.0129 0696  hkmsvc - ok
14:25:52.0169 0696  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:25:52.0243 0696  HomeGroupListener - ok
14:25:52.0277 0696  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:25:52.0323 0696  HomeGroupProvider - ok
14:25:52.0368 0696  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:25:52.0392 0696  HpSAMD - ok
14:25:52.0438 0696  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:25:52.0471 0696  HTTP - ok
14:25:52.0506 0696  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:25:52.0521 0696  hwpolicy - ok
14:25:52.0528 0696  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
14:25:52.0549 0696  i8042prt - ok
14:25:52.0566 0696  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:25:52.0586 0696  iaStorV - ok
14:25:52.0647 0696  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:25:52.0695 0696  idsvc - ok
14:25:52.0723 0696  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
14:25:52.0738 0696  iirsp - ok
14:25:52.0781 0696  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
14:25:52.0833 0696  IKEEXT - ok
14:25:52.0845 0696  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
14:25:52.0859 0696  intelide - ok
14:25:52.0905 0696  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:25:52.0923 0696  intelppm - ok
14:25:52.0952 0696  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:25:52.0994 0696  IPBusEnum - ok
14:25:53.0011 0696  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:25:53.0047 0696  IpFilterDriver - ok
14:25:53.0094 0696  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:25:53.0189 0696  iphlpsvc - ok
14:25:53.0220 0696  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:25:53.0238 0696  IPMIDRV - ok
14:25:53.0255 0696  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:25:53.0298 0696  IPNAT - ok
14:25:53.0352 0696  [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
14:25:53.0388 0696  iPod Service - ok
14:25:53.0416 0696  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:25:53.0449 0696  IRENUM - ok
14:25:53.0485 0696  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:25:53.0500 0696  isapnp - ok
14:25:53.0536 0696  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:25:53.0554 0696  iScsiPrt - ok
14:25:53.0583 0696  [ C4C95805B85BCE1EB9D20F4A02FC5F9B ] k57nd60x        C:\Windows\system32\DRIVERS\k57nd60x.sys
14:25:53.0607 0696  k57nd60x - ok
14:25:53.0627 0696  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
14:25:53.0642 0696  kbdclass - ok
14:25:53.0670 0696  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
14:25:53.0686 0696  kbdhid - ok
14:25:53.0707 0696  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
14:25:53.0724 0696  KeyIso - ok
14:25:53.0760 0696  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:25:53.0776 0696  KSecDD - ok
14:25:53.0817 0696  [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:25:53.0850 0696  KSecPkg - ok
14:25:53.0883 0696  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:25:53.0926 0696  KtmRm - ok
14:25:53.0975 0696  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:25:54.0020 0696  LanmanServer - ok
14:25:54.0052 0696  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:25:54.0086 0696  LanmanWorkstation - ok
14:25:54.0111 0696  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:25:54.0147 0696  lltdio - ok
14:25:54.0170 0696  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:25:54.0208 0696  lltdsvc - ok
14:25:54.0215 0696  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:25:54.0243 0696  lmhosts - ok
14:25:54.0271 0696  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
14:25:54.0287 0696  LSI_FC - ok
14:25:54.0302 0696  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
14:25:54.0317 0696  LSI_SAS - ok
14:25:54.0331 0696  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:25:54.0347 0696  LSI_SAS2 - ok
14:25:54.0358 0696  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:25:54.0374 0696  LSI_SCSI - ok
14:25:54.0385 0696  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
14:25:54.0423 0696  luafv - ok
14:25:54.0465 0696  [ 8BE71D7EDB8C7494913722059F760DD0 ] LVPr2Mon        C:\Windows\system32\Drivers\LVPr2Mon.sys
14:25:54.0478 0696  LVPr2Mon - ok
14:25:54.0510 0696  [ B6E1CCD6572984ADCAE68439AFD07011 ] LVRS            C:\Windows\system32\DRIVERS\lvrs.sys
14:25:54.0527 0696  LVRS - ok
14:25:54.0547 0696  [ BE5E104BE263921D6842C555DB6A5C23 ] LVUSBSta        C:\Windows\system32\drivers\LVUSBSta.sys
14:25:54.0560 0696  LVUSBSta - ok
14:25:54.0639 0696  [ 6C42815DD57E397F0CD988304B5EB4B3 ] LVUVC           C:\Windows\system32\DRIVERS\lvuvc.sys
14:25:54.0744 0696  LVUVC - ok
14:25:54.0780 0696  [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
14:25:54.0830 0696  MBAMProtector - ok
14:25:55.0149 0696  [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:25:55.0200 0696  MBAMScheduler - ok
14:25:55.0246 0696  [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
14:25:55.0287 0696  MBAMService - ok
14:25:55.0336 0696  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:25:55.0357 0696  Mcx2Svc - ok
14:25:55.0410 0696  [ 11F714F85530A2BD134074DC30E99FCA ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
14:25:55.0472 0696  MDM - ok
14:25:55.0506 0696  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
14:25:55.0530 0696  megasas - ok
14:25:55.0551 0696  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
14:25:55.0570 0696  MegaSR - ok
14:25:55.0591 0696  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
14:25:55.0629 0696  MMCSS - ok
14:25:55.0637 0696  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
14:25:55.0673 0696  Modem - ok
14:25:55.0687 0696  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:25:55.0704 0696  monitor - ok
14:25:55.0750 0696  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:25:55.0782 0696  mouclass - ok
14:25:55.0789 0696  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:25:55.0816 0696  mouhid - ok
14:25:55.0846 0696  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:25:55.0862 0696  mountmgr - ok
14:25:55.0902 0696  [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:25:55.0917 0696  MozillaMaintenance - ok
14:25:55.0949 0696  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:25:55.0982 0696  mpio - ok
14:25:55.0993 0696  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:25:56.0020 0696  mpsdrv - ok
14:25:56.0065 0696  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:25:56.0107 0696  MpsSvc - ok
14:25:56.0143 0696  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:25:56.0163 0696  MRxDAV - ok
14:25:56.0180 0696  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:25:56.0224 0696  mrxsmb - ok
14:25:56.0245 0696  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:25:56.0272 0696  mrxsmb10 - ok
14:25:56.0281 0696  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:25:56.0306 0696  mrxsmb20 - ok
14:25:56.0334 0696  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
14:25:56.0348 0696  msahci - ok
14:25:56.0365 0696  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:25:56.0381 0696  msdsm - ok
14:25:56.0405 0696  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
14:25:56.0432 0696  MSDTC - ok
14:25:56.0457 0696  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:25:56.0499 0696  Msfs - ok
14:25:56.0506 0696  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:25:56.0543 0696  mshidkmdf - ok
14:25:56.0575 0696  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:25:56.0590 0696  msisadrv - ok
14:25:56.0615 0696  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:25:56.0652 0696  MSiSCSI - ok
14:25:56.0656 0696  msiserver - ok
14:25:56.0673 0696  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:25:56.0710 0696  MSKSSRV - ok
14:25:56.0723 0696  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:25:56.0759 0696  MSPCLOCK - ok
14:25:56.0767 0696  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:25:56.0806 0696  MSPQM - ok
14:25:56.0815 0696  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:25:56.0832 0696  MsRPC - ok
14:25:56.0849 0696  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
14:25:56.0864 0696  mssmbios - ok
14:25:56.0869 0696  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:25:56.0896 0696  MSTEE - ok
14:25:56.0901 0696  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
14:25:56.0920 0696  MTConfig - ok
14:25:56.0932 0696  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
14:25:56.0947 0696  Mup - ok
14:25:56.0980 0696  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
14:25:57.0016 0696  napagent - ok
14:25:57.0044 0696  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:25:57.0073 0696  NativeWifiP - ok
14:25:57.0111 0696  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:25:57.0138 0696  NDIS - ok
14:25:57.0160 0696  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:25:57.0193 0696  NdisCap - ok
14:25:57.0207 0696  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:25:57.0244 0696  NdisTapi - ok
14:25:57.0278 0696  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:25:57.0313 0696  Ndisuio - ok
14:25:57.0351 0696  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:25:57.0385 0696  NdisWan - ok
14:25:57.0423 0696  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:25:57.0465 0696  NDProxy - ok
14:25:57.0527 0696  [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
14:25:57.0581 0696  Nero BackItUp Scheduler 4.0 - ok
14:25:57.0626 0696  [ 1352E1648213551923A0A822E441553C ] Netaapl         C:\Windows\system32\DRIVERS\netaapl.sys
14:25:57.0697 0696  Netaapl - ok
14:25:57.0719 0696  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:25:57.0750 0696  NetBIOS - ok
14:25:57.0783 0696  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:25:57.0824 0696  NetBT - ok
14:25:57.0832 0696  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
14:25:57.0849 0696  Netlogon - ok
14:25:57.0873 0696  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
14:25:57.0912 0696  Netman - ok
14:25:57.0920 0696  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
14:25:57.0954 0696  netprofm - ok
14:25:57.0988 0696  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:25:58.0003 0696  NetTcpPortSharing - ok
14:25:58.0023 0696  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
14:25:58.0039 0696  nfrd960 - ok
14:25:58.0106 0696  [ 4A676BDD67E0765C36C542F447C27B58 ] NitroReaderDriverReadSpool2 C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
14:25:58.0135 0696  NitroReaderDriverReadSpool2 - ok
14:25:58.0170 0696  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:25:58.0231 0696  NlaSvc - ok
14:25:58.0270 0696  [ FD306FBCCE7ADB1077B709742E7148E9 ] NMSAccessU      C:\Program Files\CDBurnerXP\NMSAccessU.exe
14:25:58.0294 0696  NMSAccessU - ok
14:25:58.0302 0696  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:25:58.0348 0696  Npfs - ok
14:25:58.0363 0696  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
14:25:58.0403 0696  nsi - ok
14:25:58.0411 0696  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:25:58.0443 0696  nsiproxy - ok
14:25:58.0479 0696  [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:25:58.0515 0696  Ntfs - ok
14:25:58.0533 0696  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
14:25:58.0561 0696  Null - ok
14:25:58.0761 0696  [ 0A1B502CBC8230DA74BEFBAADDB58916 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:25:59.0057 0696  nvlddmkm - ok
14:25:59.0107 0696  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:25:59.0141 0696  nvraid - ok
14:25:59.0156 0696  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:25:59.0175 0696  nvstor - ok
14:25:59.0215 0696  [ EB5A13F9139F20AD71ADF4BF79C3AA29 ] nvsvc           C:\Windows\system32\nvvsvc.exe
14:25:59.0261 0696  nvsvc - ok
14:25:59.0338 0696  [ 0629259E3AF6BB0534FCECA208973404 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:25:59.0394 0696  nvUpdatusService - ok
14:25:59.0413 0696  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:25:59.0429 0696  nv_agp - ok
14:25:59.0450 0696  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:25:59.0468 0696  ohci1394 - ok
14:25:59.0497 0696  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:25:59.0511 0696  ose - ok
14:25:59.0540 0696  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:25:59.0608 0696  p2pimsvc - ok
14:25:59.0643 0696  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
14:25:59.0667 0696  p2psvc - ok
14:25:59.0689 0696  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
14:25:59.0713 0696  Parport - ok
14:25:59.0746 0696  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:25:59.0763 0696  partmgr - ok
14:25:59.0782 0696  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
14:25:59.0808 0696  Parvdm - ok
14:26:00.0126 0696  [ FEA04E9D808A9417530B0DDC81DA4597 ] PC Performer Manager C:\ProgramData\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe
14:26:00.0201 0696  PC Performer Manager - ok
14:26:00.0229 0696  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:26:00.0260 0696  PcaSvc - ok
14:26:00.0296 0696  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
14:26:00.0329 0696  pci - ok
14:26:00.0341 0696  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
14:26:00.0357 0696  pciide - ok
14:26:00.0373 0696  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
14:26:00.0391 0696  pcmcia - ok
14:26:00.0402 0696  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
14:26:00.0417 0696  pcw - ok
14:26:00.0439 0696  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:26:00.0491 0696  PEAUTH - ok
14:26:00.0528 0696  [ 3551190E9CF1EB4C0971BDEF4269CA25 ] PID_0928        C:\Windows\system32\DRIVERS\LV561AV.SYS
14:26:00.0549 0696  PID_0928 - ok
14:26:00.0640 0696  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
14:26:00.0717 0696  pla - ok
14:26:00.0753 0696  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:26:00.0797 0696  PlugPlay - ok
14:26:00.0810 0696  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:26:00.0828 0696  PNRPAutoReg - ok
14:26:00.0839 0696  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:26:00.0859 0696  PNRPsvc - ok
14:26:00.0878 0696  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:26:00.0918 0696  PolicyAgent - ok
14:26:00.0986 0696  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
14:26:01.0034 0696  Power - ok
14:26:01.0056 0696  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:26:01.0095 0696  PptpMiniport - ok
14:26:01.0108 0696  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
14:26:01.0133 0696  Processor - ok
14:26:01.0180 0696  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
14:26:01.0259 0696  ProfSvc - ok
14:26:01.0273 0696  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:26:01.0290 0696  ProtectedStorage - ok
14:26:01.0308 0696  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:26:01.0344 0696  Psched - ok
14:26:01.0367 0696  [ F036CFB275D0C55F4E45FBBF5F98B3C8 ] PSI_SVC_2       c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
14:26:01.0382 0696  PSI_SVC_2 - ok
14:26:01.0421 0696  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
14:26:01.0486 0696  ql2300 - ok
14:26:01.0509 0696  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
14:26:01.0526 0696  ql40xx - ok
14:26:01.0551 0696  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
14:26:01.0578 0696  QWAVE - ok
14:26:01.0588 0696  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:26:01.0606 0696  QWAVEdrv - ok
14:26:01.0615 0696  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:26:01.0643 0696  RasAcd - ok
14:26:01.0668 0696  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:26:01.0699 0696  RasAgileVpn - ok
14:26:01.0709 0696  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
14:26:01.0749 0696  RasAuto - ok
14:26:01.0757 0696  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:26:01.0787 0696  Rasl2tp - ok
14:26:01.0836 0696  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
14:26:01.0899 0696  RasMan - ok
14:26:01.0905 0696  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:26:01.0934 0696  RasPppoe - ok
14:26:01.0946 0696  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:26:01.0978 0696  RasSstp - ok
14:26:02.0012 0696  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:26:02.0053 0696  rdbss - ok
14:26:02.0062 0696  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
14:26:02.0081 0696  rdpbus - ok
14:26:02.0119 0696  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:26:02.0169 0696  RDPCDD - ok
14:26:02.0185 0696  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:26:02.0213 0696  RDPENCDD - ok
14:26:02.0223 0696  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:26:02.0253 0696  RDPREFMP - ok
14:26:02.0283 0696  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:26:02.0353 0696  RDPWD - ok
14:26:02.0416 0696  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:26:02.0452 0696  rdyboost - ok
14:26:02.0477 0696  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:26:02.0536 0696  RemoteAccess - ok
14:26:02.0554 0696  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:26:02.0585 0696  RemoteRegistry - ok
14:26:02.0620 0696  [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
14:26:02.0638 0696  RFCOMM - ok
14:26:02.0657 0696  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:26:02.0692 0696  RpcEptMapper - ok
14:26:02.0708 0696  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
14:26:02.0732 0696  RpcLocator - ok
14:26:02.0747 0696  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\system32\rpcss.dll
14:26:02.0779 0696  RpcSs - ok
14:26:02.0807 0696  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:26:02.0843 0696  rspndr - ok
14:26:02.0856 0696  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
14:26:02.0873 0696  SamSs - ok
14:26:02.0919 0696  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:26:02.0946 0696  sbp2port - ok
14:26:02.0956 0696  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:26:02.0988 0696  SCardSvr - ok
14:26:03.0019 0696  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:26:03.0052 0696  scfilter - ok
14:26:03.0096 0696  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
14:26:03.0142 0696  Schedule - ok
14:26:03.0179 0696  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:26:03.0223 0696  SCPolicySvc - ok
14:26:03.0258 0696  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:26:03.0342 0696  SDRSVC - ok
14:26:03.0375 0696  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:26:03.0416 0696  secdrv - ok
14:26:03.0429 0696  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
14:26:03.0461 0696  seclogon - ok
14:26:03.0484 0696  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\System32\sens.dll
14:26:03.0520 0696  SENS - ok
14:26:03.0537 0696  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:26:03.0617 0696  SensrSvc - ok
14:26:03.0636 0696  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
14:26:03.0659 0696  Serenum - ok
14:26:03.0669 0696  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
14:26:03.0691 0696  Serial - ok
14:26:03.0706 0696  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
14:26:03.0723 0696  sermouse - ok
14:26:03.0761 0696  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
14:26:03.0804 0696  SessionEnv - ok
14:26:03.0845 0696  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:26:03.0877 0696  sffdisk - ok
14:26:03.0883 0696  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:26:03.0906 0696  sffp_mmc - ok
14:26:03.0910 0696  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:26:03.0934 0696  sffp_sd - ok
14:26:03.0944 0696  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
14:26:03.0968 0696  sfloppy - ok
14:26:03.0993 0696  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:26:04.0034 0696  SharedAccess - ok
14:26:04.0049 0696  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:26:04.0084 0696  ShellHWDetection - ok
14:26:04.0092 0696  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
14:26:04.0108 0696  sisagp - ok
14:26:04.0133 0696  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:26:04.0148 0696  SiSRaid2 - ok
14:26:04.0157 0696  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
14:26:04.0173 0696  SiSRaid4 - ok
14:26:04.0239 0696  [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
14:26:04.0254 0696  SkypeUpdate - ok
14:26:04.0284 0696  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:26:04.0323 0696  Smb - ok
14:26:04.0359 0696  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:26:04.0381 0696  SNMPTRAP - ok
14:26:04.0392 0696  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:26:04.0407 0696  spldr - ok
14:26:04.0429 0696  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\Windows\System32\spoolsv.exe
14:26:04.0508 0696  Spooler - ok
14:26:04.0591 0696  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
14:26:04.0720 0696  sppsvc - ok
14:26:04.0774 0696  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:26:04.0848 0696  sppuinotify - ok
14:26:04.0875 0696  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:26:04.0921 0696  srv - ok
14:26:04.0937 0696  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:26:04.0968 0696  srv2 - ok
14:26:04.0983 0696  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:26:05.0005 0696  srvnet - ok
14:26:05.0026 0696  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:26:05.0062 0696  SSDPSRV - ok
14:26:05.0072 0696  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:26:05.0113 0696  SstpSvc - ok
14:26:05.0170 0696  [ F92254B0BCFCD10CAAC7BCCC7CB7F467 ] StarOpen        C:\Windows\system32\drivers\StarOpen.sys
14:26:05.0182 0696  StarOpen ( UnsignedFile.Multi.Generic ) - warning
14:26:05.0183 0696  StarOpen - detected UnsignedFile.Multi.Generic (1)
14:26:05.0215 0696  Steam Client Service - ok
14:26:05.0263 0696  [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service  C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:26:05.0282 0696  Stereo Service - ok
14:26:05.0330 0696  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
14:26:05.0345 0696  stexstor - ok
14:26:05.0398 0696  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
14:26:05.0426 0696  StiSvc - ok
14:26:05.0457 0696  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\drivers\swenum.sys
14:26:05.0472 0696  swenum - ok
14:26:05.0486 0696  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
14:26:05.0520 0696  swprv - ok
14:26:05.0571 0696  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
14:26:05.0628 0696  SysMain - ok
14:26:05.0670 0696  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:26:05.0729 0696  TabletInputService - ok
14:26:05.0769 0696  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:26:05.0832 0696  TapiSrv - ok
14:26:05.0847 0696  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
14:26:05.0878 0696  TBS - ok
14:26:05.0921 0696  [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:26:05.0957 0696  Tcpip - ok
14:26:06.0013 0696  [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:26:06.0044 0696  TCPIP6 - ok
14:26:06.0079 0696  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:26:06.0095 0696  tcpipreg - ok
14:26:06.0127 0696  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:26:06.0190 0696  TDPIPE - ok
14:26:06.0216 0696  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:26:06.0245 0696  TDTCP - ok
14:26:06.0280 0696  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:26:06.0318 0696  tdx - ok
14:26:06.0326 0696  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\drivers\termdd.sys
14:26:06.0341 0696  TermDD - ok
14:26:06.0385 0696  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
14:26:06.0433 0696  TermService - ok
14:26:06.0451 0696  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
14:26:06.0474 0696  Themes - ok
14:26:06.0482 0696  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
14:26:06.0511 0696  THREADORDER - ok
14:26:06.0546 0696  [ 409A577FD5781C717E55A28717514C58 ] TPkd            C:\Windows\system32\drivers\TPkd.sys
14:26:06.0553 0696  TPkd ( UnsignedFile.Multi.Generic ) - warning
14:26:06.0553 0696  TPkd - detected UnsignedFile.Multi.Generic (1)
14:26:06.0574 0696  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
14:26:06.0606 0696  TrkWks - ok
14:26:06.0654 0696  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:26:06.0683 0696  TrustedInstaller - ok
14:26:06.0718 0696  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:26:06.0782 0696  tssecsrv - ok
14:26:06.0819 0696  [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:26:06.0877 0696  TsUsbFlt - ok
14:26:06.0931 0696  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:26:06.0976 0696  tunnel - ok
14:26:07.0004 0696  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
14:26:07.0020 0696  uagp35 - ok
14:26:07.0033 0696  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:26:07.0068 0696  udfs - ok
14:26:07.0095 0696  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:26:07.0127 0696  UI0Detect - ok
14:26:07.0163 0696  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:26:07.0179 0696  uliagpkx - ok
14:26:07.0226 0696  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\drivers\umbus.sys
14:26:07.0243 0696  umbus - ok
14:26:07.0256 0696  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
14:26:07.0279 0696  UmPass - ok
14:26:07.0341 0696  [ 8B802B483CBDE06F62DBC04DC7AFAF8E ] UMVPFSrv        C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
14:26:07.0379 0696  UMVPFSrv - ok
14:26:07.0396 0696  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
14:26:07.0437 0696  upnphost - ok
14:26:07.0483 0696  [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
14:26:07.0499 0696  USBAAPL ( UnsignedFile.Multi.Generic ) - warning
14:26:07.0499 0696  USBAAPL - detected UnsignedFile.Multi.Generic (1)
14:26:07.0510 0696  [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
14:26:07.0544 0696  usbaudio - ok
14:26:07.0574 0696  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:26:07.0622 0696  usbccgp - ok
14:26:07.0657 0696  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:26:07.0682 0696  usbcir - ok
14:26:07.0694 0696  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
14:26:07.0724 0696  usbehci - ok
14:26:07.0757 0696  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:26:07.0777 0696  usbhub - ok
14:26:07.0789 0696  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:26:07.0805 0696  usbohci - ok
14:26:07.0839 0696  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
14:26:07.0866 0696  usbprint - ok
14:26:07.0889 0696  [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
14:26:07.0907 0696  usbscan - ok
14:26:07.0918 0696  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:26:07.0996 0696  USBSTOR - ok
14:26:08.0017 0696  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
14:26:08.0042 0696  usbuhci - ok
14:26:08.0063 0696  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
14:26:08.0098 0696  UxSms - ok
14:26:08.0106 0696  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
14:26:08.0122 0696  VaultSvc - ok
14:26:08.0144 0696  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:26:08.0159 0696  vdrvroot - ok
14:26:08.0202 0696  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
14:26:08.0242 0696  vds - ok
14:26:08.0255 0696  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:26:08.0282 0696  vga - ok
14:26:08.0288 0696  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:26:08.0317 0696  VgaSave - ok
14:26:08.0350 0696  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:26:08.0367 0696  vhdmp - ok
14:26:08.0380 0696  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
14:26:08.0396 0696  viaagp - ok
14:26:08.0407 0696  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
14:26:08.0432 0696  ViaC7 - ok
14:26:08.0467 0696  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
14:26:08.0481 0696  viaide - ok
14:26:08.0486 0696  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:26:08.0502 0696  volmgr - ok
14:26:08.0519 0696  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:26:08.0539 0696  volmgrx - ok
14:26:08.0554 0696  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:26:08.0572 0696  volsnap - ok
14:26:08.0594 0696  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
14:26:08.0611 0696  vsmraid - ok
14:26:08.0661 0696  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
14:26:08.0724 0696  VSS - ok
14:26:08.0735 0696  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
14:26:08.0752 0696  vwifibus - ok
14:26:08.0772 0696  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
14:26:08.0794 0696  vwififlt - ok
14:26:08.0815 0696  [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
14:26:08.0843 0696  vwifimp - ok
14:26:08.0867 0696  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
14:26:08.0910 0696  W32Time - ok
14:26:08.0924 0696  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
14:26:08.0950 0696  WacomPen - ok
14:26:08.0971 0696  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:26:09.0015 0696  WANARP - ok
14:26:09.0020 0696  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:26:09.0048 0696  Wanarpv6 - ok
14:26:09.0094 0696  [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
14:26:09.0145 0696  WatAdminSvc - ok
14:26:09.0203 0696  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
14:26:09.0299 0696  wbengine - ok
14:26:09.0315 0696  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:26:09.0368 0696  WbioSrvc - ok
14:26:09.0402 0696  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:26:09.0438 0696  wcncsvc - ok
14:26:09.0445 0696  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:26:09.0487 0696  WcsPlugInService - ok
14:26:09.0500 0696  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
14:26:09.0515 0696  Wd - ok
14:26:09.0550 0696  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:26:09.0575 0696  Wdf01000 - ok
14:26:09.0596 0696  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:26:09.0663 0696  WdiServiceHost - ok
14:26:09.0666 0696  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:26:09.0688 0696  WdiSystemHost - ok
14:26:09.0721 0696  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
14:26:09.0763 0696  WebClient - ok
14:26:09.0776 0696  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:26:09.0816 0696  Wecsvc - ok
14:26:09.0823 0696  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:26:09.0882 0696  wercplsupport - ok
14:26:09.0928 0696  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:26:09.0995 0696  WerSvc - ok
14:26:10.0027 0696  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:26:10.0064 0696  WfpLwf - ok
14:26:10.0081 0696  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:26:10.0095 0696  WIMMount - ok
14:26:10.0152 0696  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
14:26:10.0233 0696  WinDefend - ok
14:26:10.0239 0696  WinHttpAutoProxySvc - ok
14:26:10.0385 0696  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:26:10.0449 0696  Winmgmt - ok
14:26:10.0507 0696  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
14:26:10.0601 0696  WinRM - ok
14:26:10.0653 0696  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
14:26:10.0682 0696  WinUsb - ok
14:26:10.0711 0696  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:26:10.0750 0696  Wlansvc - ok
14:26:10.0826 0696  [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:26:10.0881 0696  wlidsvc - ok
14:26:10.0920 0696  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
14:26:10.0962 0696  WmiAcpi - ok
14:26:10.0991 0696  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:26:11.0018 0696  wmiApSrv - ok
14:26:11.0089 0696  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
14:26:11.0209 0696  WMPNetworkSvc - ok
14:26:11.0235 0696  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:26:11.0378 0696  WPCSvc - ok
14:26:11.0425 0696  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:26:11.0480 0696  WPDBusEnum - ok
14:26:11.0503 0696  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:26:11.0530 0696  ws2ifsl - ok
14:26:11.0537 0696  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\System32\wscsvc.dll
14:26:11.0567 0696  wscsvc - ok
14:26:11.0572 0696  WSearch - ok
14:26:11.0641 0696  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
14:26:11.0716 0696  wuauserv - ok
14:26:11.0752 0696  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:26:11.0829 0696  WudfPf - ok
14:26:11.0854 0696  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:26:11.0897 0696  WUDFRd - ok
14:26:11.0941 0696  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:26:11.0982 0696  wudfsvc - ok
14:26:11.0995 0696  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:26:12.0025 0696  WwanSvc - ok
14:26:12.0077 0696  ================ Scan global ===============================
14:26:12.0118 0696  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
14:26:12.0150 0696  [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
14:26:12.0167 0696  [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
14:26:12.0197 0696  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
14:26:12.0223 0696  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
14:26:12.0229 0696  [Global] - ok
14:26:12.0230 0696  ================ Scan MBR ==================================
14:26:12.0235 0696  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:26:12.0475 0696  \Device\Harddisk0\DR0 - ok
14:26:12.0481 0696  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
14:26:12.0583 0696  \Device\Harddisk1\DR1 - ok
14:26:12.0584 0696  ================ Scan VBR ==================================
14:26:12.0588 0696  [ 68C9E32CA562AB299CB9B69843E37040 ] \Device\Harddisk0\DR0\Partition1
14:26:12.0590 0696  \Device\Harddisk0\DR0\Partition1 - ok
14:26:12.0598 0696  [ 02FAEADA8954B3E333400F80B25CB7EE ] \Device\Harddisk0\DR0\Partition2
14:26:12.0600 0696  \Device\Harddisk0\DR0\Partition2 - ok
14:26:12.0621 0696  [ 2DB6756E2576918F058076A144C63994 ] \Device\Harddisk0\DR0\Partition3
14:26:12.0623 0696  \Device\Harddisk0\DR0\Partition3 - ok
14:26:12.0628 0696  [ AAF22525AD02E52B1BE6C8B98D89BFB5 ] \Device\Harddisk1\DR1\Partition1
14:26:12.0633 0696  \Device\Harddisk1\DR1\Partition1 - ok
14:26:12.0633 0696  ============================================================
14:26:12.0633 0696  Scan finished
14:26:12.0633 0696  ============================================================
14:26:12.0649 3724  Detected object count: 4
14:26:12.0649 3724  Actual detected object count: 4
14:26:31.0137 3724  Akamai ( HiddenFile.Multi.Generic ) - skipped by user
14:26:31.0137 3724  Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 
14:26:31.0141 3724  StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
14:26:31.0141 3724  StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:26:31.0142 3724  TPkd ( UnsignedFile.Multi.Generic ) - skipped by user
14:26:31.0142 3724  TPkd ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:26:31.0144 3724  USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
14:26:31.0144 3724  USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip

Alt 07.12.2012, 09:22   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Malware Problem - Standard

Malware Problem


Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 07.12.2012, 16:42   #13
Belatucradus
 
Malware Problem - Standard

Malware Problem


Hallo & Danke, cosinus ! =)


Hier der Code:
Combofix Logfile:
Code:
ATTFilter
ComboFix 12-12-04.01 - User 07.12.2012  13:38:15.1.2 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.43.1031.18.2046.1159 [GMT 1:00]
ausgeführt von:: c:\users\User\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\0505144FF1.sys
c:\users\User\AppData\Local\Savings Sidekick
c:\windows\IsUn0407.exe
F:\Autorun.inf
F:\Setup.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-11-07 bis 2012-12-07  ))))))))))))))))))))))))))))))
.
.
2012-12-07 12:52 . 2012-12-07 12:52	--------	d-----w-	c:\users\Herbert\AppData\Local\temp
2012-12-07 12:52 . 2012-12-07 12:52	--------	d-----w-	c:\users\Gast\AppData\Local\temp
2012-12-07 12:27 . 2012-11-08 18:00	6812136	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{FAFF2107-DA24-45B9-9094-EA4C44311D21}\mpengine.dll
2012-12-02 10:13 . 2012-12-02 10:13	--------	d-----w-	c:\users\Herbert\AppData\Local\Macromedia
2012-12-02 08:55 . 2012-12-02 08:55	--------	d-----w-	c:\users\Herbert\AppData\Roaming\NVIDIA
2012-12-02 08:55 . 2012-12-02 08:55	--------	d-----w-	c:\users\Herbert\AppData\Local\Daedalic Entertainment
2012-12-02 08:51 . 2012-12-02 08:51	--------	d-----w-	c:\users\Herbert\AppData\Roaming\Origin
2012-12-02 08:51 . 2012-12-02 08:59	--------	d-----w-	c:\users\Herbert\AppData\Roaming\Skype
2012-12-02 08:51 . 2012-12-02 08:51	--------	d-----w-	c:\users\Herbert\AppData\Local\Origin
2012-11-27 18:33 . 2012-11-27 18:33	--------	d-----w-	c:\users\User\AppData\Roaming\Malwarebytes
2012-11-27 18:29 . 2012-11-27 18:29	--------	d-----w-	c:\programdata\Malwarebytes
2012-11-27 18:29 . 2012-11-27 19:07	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2012-11-27 18:29 . 2012-09-29 18:54	22856	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-11-22 16:49 . 2012-11-22 16:49	--------	d-----w-	c:\program files\Common Files\Skype
2012-11-22 14:16 . 2012-11-22 14:16	--------	d-----w-	c:\users\Gast\AppData\Local\Mozilla Firefox
2012-11-22 14:13 . 2012-11-22 14:13	--------	d-----w-	c:\users\Gast\AppData\Local\Google
2012-11-22 14:12 . 2012-11-22 14:12	--------	d-----w-	c:\users\Gast\AppData\Roaming\Apple Computer
2012-11-20 22:40 . 2012-11-20 22:40	--------	d-----w-	c:\users\User\AppData\Roaming\NVIDIA
2012-11-19 12:52 . 2012-12-05 01:59	--------	d-----w-	c:\users\UpdatusUser
2012-11-19 12:49 . 2012-10-02 19:29	2557288	----a-w-	c:\windows\system32\nvsvcr.dll
2012-11-19 12:48 . 2012-11-19 12:48	--------	d-----w-	c:\programdata\NVIDIA Corporation
2012-11-16 12:34 . 2012-07-26 03:39	526952	----a-w-	c:\windows\system32\drivers\Wdf01000.sys
2012-11-16 12:34 . 2012-07-26 03:39	47720	----a-w-	c:\windows\system32\drivers\WdfLdr.sys
2012-11-16 12:34 . 2012-07-26 02:46	9728	----a-w-	c:\windows\system32\Wdfres.dll
2012-11-16 12:33 . 2012-07-26 02:33	66560	----a-w-	c:\windows\system32\drivers\WUDFPf.sys
2012-11-16 12:33 . 2012-07-26 02:32	155136	----a-w-	c:\windows\system32\drivers\WUDFRd.sys
2012-11-16 12:33 . 2012-07-26 03:20	73216	----a-w-	c:\windows\system32\WUDFSvc.dll
2012-11-16 12:33 . 2012-07-26 03:20	172032	----a-w-	c:\windows\system32\WUDFPlatform.dll
2012-11-16 12:32 . 2012-07-26 03:20	38912	----a-w-	c:\windows\system32\WUDFCoinstaller.dll
2012-11-16 12:32 . 2012-07-26 03:21	196608	----a-w-	c:\windows\system32\WUDFHost.exe
2012-11-16 12:32 . 2012-07-26 03:20	613888	----a-w-	c:\windows\system32\WUDFx.dll
2012-11-15 20:30 . 2012-10-03 16:58	1293680	----a-w-	c:\windows\system32\drivers\tcpip.sys
2012-11-15 20:30 . 2012-10-03 16:42	156672	----a-w-	c:\windows\system32\ncsi.dll
2012-11-15 20:30 . 2012-10-03 16:40	499712	----a-w-	c:\windows\system32\iphlpsvc.dll
2012-11-15 20:30 . 2012-10-03 16:42	242176	----a-w-	c:\windows\system32\nlasvc.dll
2012-11-15 20:30 . 2012-10-03 16:42	175104	----a-w-	c:\windows\system32\netcorehc.dll
2012-11-15 20:30 . 2012-10-03 16:42	52224	----a-w-	c:\windows\system32\nlaapi.dll
2012-11-15 20:30 . 2012-10-03 16:42	18944	----a-w-	c:\windows\system32\netevent.dll
2012-11-15 20:30 . 2012-10-03 15:21	35328	----a-w-	c:\windows\system32\drivers\tcpipreg.sys
2012-11-15 20:30 . 2012-09-25 22:47	78336	----a-w-	c:\windows\system32\synceng.dll
2012-11-15 20:30 . 2012-10-18 17:59	2345984	----a-w-	c:\windows\system32\win32k.sys
2012-11-15 20:25 . 2012-10-09 17:40	193536	----a-w-	c:\windows\system32\dhcpcore6.dll
2012-11-15 20:25 . 2012-10-09 17:40	44032	----a-w-	c:\windows\system32\dhcpcsvc6.dll
2012-11-14 23:11 . 2012-12-06 12:07	--------	d-----w-	c:\program files\Common Files\Steam
2012-11-14 23:11 . 2012-12-06 12:07	--------	d-----w-	c:\program files\Steam
2012-11-14 16:21 . 2012-08-21 12:01	26840	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
2012-11-14 16:19 . 2012-11-14 16:19	--------	d-----w-	c:\program files\iPod
2012-11-14 16:19 . 2012-11-14 16:21	--------	d-----w-	c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-11-14 16:19 . 2012-11-14 16:21	--------	d-----w-	c:\program files\iTunes
2012-11-14 16:17 . 2012-11-14 16:17	--------	d-----w-	c:\program files\Bonjour
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-16 13:05 . 2012-06-12 15:07	697272	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-11-16 13:05 . 2011-05-20 12:21	73656	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-30 22:51 . 2012-09-24 22:24	361032	----a-w-	c:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2012-09-24 22:24	54232	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2012-09-24 22:24	738504	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51 . 2012-09-24 22:24	58680	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 22:51 . 2012-10-08 10:43	20624	----a-w-	c:\windows\system32\drivers\aswKbd.sys
2012-10-30 22:51 . 2012-09-24 22:24	21256	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2012-09-24 22:23	41224	----a-w-	c:\windows\avastSS.scr
2012-10-30 22:50 . 2012-09-24 22:23	227648	----a-w-	c:\windows\system32\aswBoot.exe
2012-10-16 07:39 . 2012-11-28 11:35	561664	----a-w-	c:\windows\apppatch\AcLayers.dll
2012-10-15 16:59 . 2012-09-24 22:24	44784	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2012-10-10 20:15 . 2012-10-10 20:15	1867112	----a-w-	c:\windows\system32\nvcuvenc.dll
2012-10-10 20:15 . 2012-10-10 20:15	2574696	----a-w-	c:\windows\system32\nvcuvid.dll
2012-10-10 20:14 . 2012-10-10 20:14	888168	----a-w-	c:\windows\system32\nvdispgenco32.dll
2012-10-10 20:14 . 2010-01-12 10:03	12501352	----a-w-	c:\windows\system32\nvwgf2um.dll
2012-10-10 20:14 . 2012-10-10 20:14	17559912	----a-w-	c:\windows\system32\nvcompiler.dll
2012-10-10 20:14 . 2010-01-12 10:03	2428776	----a-w-	c:\windows\system32\nvapi.dll
2012-10-10 20:14 . 2012-10-10 20:14	7697768	----a-w-	c:\windows\system32\nvcuda.dll
2012-10-10 20:14 . 2012-10-10 20:14	10837352	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2012-10-10 20:14 . 2012-10-10 20:14	19906920	----a-w-	c:\windows\system32\nvoglv32.dll
2012-10-10 20:14 . 2012-10-10 20:14	1009512	----a-w-	c:\windows\system32\nvdispco32.dll
2012-10-10 20:14 . 2012-10-10 20:14	6127464	----a-w-	c:\windows\system32\nvopencl.dll
2012-10-10 20:14 . 2010-01-12 10:03	15309160	----a-w-	c:\windows\system32\nvd3dum.dll
2012-10-02 19:29 . 2010-01-11 20:18	645992	----a-w-	c:\windows\system32\nvvsvc.exe
2012-10-02 19:29 . 2010-01-11 20:18	62312	----a-w-	c:\windows\system32\nvshext.dll
2012-10-02 19:29 . 2010-01-11 20:18	108392	----a-w-	c:\windows\system32\nvmctray.dll
2012-10-02 19:29 . 2010-01-11 20:18	2853224	----a-w-	c:\windows\system32\nvsvc.dll
2012-10-02 19:28 . 2010-01-11 20:18	3965288	----a-w-	c:\windows\system32\nvcpl.dll
2012-10-02 12:15 . 2012-10-02 12:15	430952	----a-w-	c:\windows\system32\nvStreaming.exe
2012-09-14 18:28 . 2012-10-10 10:11	2048	----a-w-	c:\windows\system32\tzres.dll
2012-09-09 11:33 . 2012-09-09 11:33	93672	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2012-09-09 11:33 . 2012-07-07 12:01	821736	----a-w-	c:\windows\system32\npDeployJava1.dll
2012-09-09 11:33 . 2010-06-01 16:43	746984	----a-w-	c:\windows\system32\deployJava1.dll
2012-12-02 12:27 . 2012-11-22 14:22	262112	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\tbDVDV.dll" [2010-04-27 2393184]
"{cd8812d4-e5b8-41c6-94d4-59872a484bf1}"= "c:\program files\dvdvideosofttoolbar\dvdvideosofttoolbarX.dll" [2011-10-19 81920]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CLASSES_ROOT\clsid\{cd8812d4-e5b8-41c6-94d4-59872a484bf1}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
2010-04-27 08:08	2393184	----a-w-	c:\program files\DVDVideoSoftTB\tbDVDV.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{cd8812d4-e5b8-41c6-94d4-59872a484bf1}]
2011-10-19 05:24	81920	----a-w-	c:\program files\dvdvideosofttoolbar\dvdvideosofttoolbarX.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\tbDVDV.dll" [2010-04-27 2393184]
"{cd8812d4-e5b8-41c6-94d4-59872a484bf1}"= "c:\program files\dvdvideosofttoolbar\dvdvideosofttoolbarX.dll" [2011-10-19 81920]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CLASSES_ROOT\clsid\{cd8812d4-e5b8-41c6-94d4-59872a484bf1}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50	121528	----a-w-	c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent DNA"="c:\users\User\Program Files\DNA\btdna.exe" [2010-08-11 323392]
"Facebook Update"="c:\users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-12 138096]
"Akamai NetSession Interface"="c:\users\User\AppData\Local\Akamai\netsession_win.exe" [2012-10-09 4441920]
"CTSyncU.exe"="c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe" [2006-08-07 700416]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Steam"="c:\program files\Steam\Steam.exe" [2012-12-05 1354736]
"GoogleChromeAutoLaunch_BCEA24321E5E4F1401136BBEDFB545FE"="c:\program files\Google\Chrome\Application\chrome.exe" [2012-08-14 1229848]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-11-09 17877168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-03-01 190808]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-06-27 1996200]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-09-09 421776]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-7-28 110592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\PCPERF~1\22558~1.177\{16CDF~1\%Protector Process Name%.dll
.
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 BthAvrcp;Bluetooth-AVRCP-Profil;c:\windows\system32\DRIVERS\BthAvrcp.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R4 UMVPFSrv;UMVPFSrv;c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe [x]
S2 PC Performer Manager;PC Performer Manager;c:\programdata\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 CompFilter;UVCCompositeFilter;c:\windows\system32\DRIVERS\lvbusflt.sys [x]
S3 k57nd60x;Broadcom NetLink (TM)-Gigabit-Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 00122998
*Deregistered* - 00122998
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai	REG_MULTI_SZ   	Akamai
.
Inhalt des "geplante Tasks" Ordners
.
2012-12-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-12 13:05]
.
2012-08-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3593604086-429341408-3109665741-1000Core.job
- c:\users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-07-08 11:20]
.
2012-08-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3593604086-429341408-3109665741-1000UA.job
- c:\users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-07-08 11:20]
.
2012-08-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-16 17:13]
.
2012-08-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-16 17:13]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://eu.ask.com/web?l=dis&o=APN10020&gct=hp&apn_dtid=^YYYYYY^YY^AT&apn_ptnrs=^A4G &apn_uid=1012507313224423&p2=^A4G ^YYYYYY^YY^AT
uInternet Settings,ProxyOverride = 127.0.0.1:9421;<local>;*.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube to MP3 Converter - c:\users\User\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Translate this web page with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
IE: {{A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - c:\program files\SpecialSavings\SpecialSavingsSinged.dll
FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ijldys6d.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.3&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3227980&SearchSource=2&q=
pref('extensions.shownSelectionUI',true);
pref('extensions.autoDisableScopes',0);
FF - user.js: general.useragent.extra.zencast - Creative ZENcast v1.02.10
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{EEE6C35D-6118-11DC-9C72-001320C79847} - c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\Ask.com\GenericAskToolbar.dll
BHO-{EEE6C35C-6118-11DC-9C72-001320C79847} - c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
Toolbar-{EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\Ask.com\GenericAskToolbar.dll
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
HKCU-Run-4shared Desktop - c:\program files\4shared Desktop\desktop.exe
HKCU-Run-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
HKLM-Run-Corel File Shell Monitor - c:\program files\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe
HKLM-Run-BabylonToolbar - c:\program files\BabylonToolbar\BabylonToolbar\1.4.15.10\BabylonToolbarsrv.exe
HKLM-Run-Babylon Client - c:\program files\Babylon\Babylon-Pro\Babylon.exe
AddRemove-5513-1208-7298-9440 - c:\users\User\Desktop\Jisos\JDownloader\JDUninstall.exe
AddRemove-Adobe Photoshop 7.0 - c:\windows\ISUN0407.EXE
AddRemove-Uninstall_is1 - c:\program files\Common Files\DVDVideoSoft\unins000.exe
AddRemove-WinLiveSuite - c:\program files\Windows Live\Installer\wlarp.exe
AddRemove-WinZip Registry Optimizer_is1 - c:\program files\WinZip Registry Optimizer\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files\common files\akamai/netsession_win_ce5ba24.dll"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-12-07  13:56:00
ComboFix-quarantined-files.txt  2012-12-07 12:55
.
Vor Suchlauf: 8 Verzeichnis(se), 25.432.748.032 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 50.983.587.840 Bytes frei
.
- - End Of File - - 7792C5A2B765D8C2D0E2CD667CBA8169
--- --- ---
Alt 07.12.2012, 20:05   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Malware Problem - Standard

Malware Problem


adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 07.12.2012, 21:20   #15
Belatucradus
 
Malware Problem - Standard

Malware Problem


Hallo & Danke
Hier der Post:
Code:
ATTFilter
# AdwCleaner v2.011 - Datei am 07/12/2012 um 21:18:28 erstellt
# Aktualisiert am 02/12/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : User - MANUU-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\User\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****

Gefunden : Bandoo Coordinator
Gefunden : PC Performer Manager

***** [Dateien / Ordner] *****

Datei Gefunden : C:\Program Files\Mozilla Firefox\searchplugins\ask.xml
Datei Gefunden : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
Datei Gefunden : C:\Program Files\Mozilla Firefox\searchplugins\SearchquWebSearch.xml
Ordner Gefunden : C:\Program Files\Bandoo
Ordner Gefunden : C:\Program Files\Conduit
Ordner Gefunden : C:\Program Files\DVDVideoSoftTB
Ordner Gefunden : C:\Program Files\PriceGong
Ordner Gefunden : C:\Program Files\SpecialSavings
Ordner Gefunden : C:\ProgramData\Bandoo
Ordner Gefunden : C:\ProgramData\ICQ\ICQToolbar
Ordner Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Babylon
Ordner Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong
Ordner Gefunden : C:\ProgramData\pc performer manager

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\APN DTX
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Savings Sidekick
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\searchqutb
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\SpecialSavings
Schlüssel Gefunden : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gefunden : HKCU\Software\Babylon
Schlüssel Gefunden : HKCU\Software\BabylonToolbar
Schlüssel Gefunden : HKCU\Software\bProtector
Schlüssel Gefunden : HKCU\Software\DataMngr_Toolbar
Schlüssel Gefunden : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate this web page with Babylon
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate with Babylon
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43B7-BEA3-87217BDA74C8}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Schlüssel Gefunden : HKCU\Software\SearchquMediabarTb
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKLM\Software\Babylon
Schlüssel Gefunden : HKLM\Software\BabylonToolbar
Schlüssel Gefunden : HKLM\Software\Bandoo
Schlüssel Gefunden : HKLM\Software\bProtector
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{3AD7A5B6-610D-4A82-979E-0AED20920690}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{A01A3335-0C30-4312-A430-92356CC37A92}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\BabylonIEPI.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\BandooCoordinator.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\IEPlugin.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\PriceGongIE.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BabyDict
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BabyGloss
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BabyOptFile
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BandooCoordinator.BandooCoordinator
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BandooCoordinator.BandooCoordinator.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BandooCoordinator.CoordinatorUI
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BandooCoordinator.CoordinatorUI.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BandooCoordinator.hxxpAsyncResult
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BandooCoordinator.hxxpAsyncResult.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BandooCoordinator.PlugInNotifier
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BandooCoordinator.PlugInNotifier.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BFlashAnimator.BFlashAnimatorCtrl
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BFlashAnimator.BFlashAnimatorCtrl.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BGIFAnimator.BGIFAnimatorCtrl
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BGIFAnimator.BGIFAnimatorCtrl.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{074E4EFE-81BB-4EA4-866E-082CB0E01070}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{0CE5B352-9D9C-41E1-9551-FCCD92820217}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{167B2B5F-2757-434A-BBDA-2FDB2003F14F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{2E9A60EA-5554-49C3-BC9D-D0404DBACC62}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3E63C9BC-DD51-4E83-ABA6-B350EAD28531}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{44CFFEF4-E7E1-44BD-B1F5-29F828ADA1B8}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{6AC0BB10-C922-45e2-857D-2A368FE749E5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{A69A551A-1AAE-4B67-8C2E-52F8B8A19504}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{CE1CB632-6817-47B3-8587-D05AF75D6D5A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{EF2B6317-C367-401B-83B8-80302D6588A7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{F5379B4B-24D8-432A-9A96-BE75EE5117DB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{F7FB2BC4-6C27-4EAC-B5E2-037B71FDE101}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{F91D52D6-83F5-41A3-99E2-F3828F294A8D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{FD53FE35-4368-4B71-89D6-F29F3DB29DF1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{01222E21-6BD0-4EB3-94F1-967EB09CCED5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{3AD7A5B6-610D-4A82-979E-0AED20920690}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4410C118-B23C-406C-9F52-9CDABD90A5EA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{A1489C85-4F6F-48C4-AC9E-18B63AF4703E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{F310F027-15CB-4A7F-B10D-3A4AFB5013A5}
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\Software\DVDVideoSoftTB
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A69A551A-1AAE-4B67-8C2E-52F8B8A19504}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011501160}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43B7-BEA3-87217BDA74C8}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CE1CB632-6817-47B3-8587-D05AF75D6D5A}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F91D52D6-83F5-41A3-99E2-F3828F294A8D}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpecialSavings
Schlüssel Gefunden : HKU\S-1-5-21-3593604086-429341408-3109665741-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKU\S-1-5-21-3593604086-429341408-3109665741-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gefunden : HKU\S-1-5-21-3593604086-429341408-3109665741-1000\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43B7-BEA3-87217BDA74C8}
Schlüssel Gefunden : HKU\S-1-5-21-3593604086-429341408-3109665741-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : HKU\S-1-5-21-3593604086-429341408-3109665741-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gefunden : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}]
Wert Gefunden : HKCU\Software\Mozilla\Firefox\Extensions [firefox@bandoo.com]
Wert Gefunden : HKCU\Software\Mozilla\Firefox\Extensions [specialsavings@superfish.com]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]

***** [Internet Browser] *****

-\\ Internet Explorer v8.0.7601.17514

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://eu.ask.com/web?l=dis&o=APN10020&gct=hp&apn_dtid=^YYYYYY^YY^AT&apn_ptnrs=^A4G &apn_uid=1012507313224423&p2=^A4G ^YYYYYY^YY^AT
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
[HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT3227980

-\\ Mozilla Firefox v17.0.1 (de)

-\\ Google Chrome v21.0.1180.79

*************************

AdwCleaner[R1].txt - [20591 octets] - [07/12/2012 21:18:28]

########## EOF - C:\AdwCleaner[R1].txt - [20652 octets] ##########

Antwort
Seite 1 von 3 1 23

Themen zu Malware Problem
administrator, anti-malware, appdata, autostart, brain, browser, cross, dateien, explorer, files, forum, freundin, guten, helper, ibupdaterservice, install, install.exe, malware, malwarebytes, microsoft, problem, savings, service, sidekick, software, speicher, temp, test, thema, trojaner, uninstall.exe, version, viren


« GVU-Trojaner 2.04 (mit Webcam) | "Ungewöhnlicher Datenverkehr" (google) & wiederholtes Laden von Websites nötig »


Ähnliche Themen: Malware Problem


  1. Malware / Browser Problem
    Plagegeister aller Art und deren Bekämpfung - 30.04.2015 (24)
  2. Virus/Malware Problem
    Plagegeister aller Art und deren Bekämpfung - 15.02.2015 (9)
  3. Problem mit Malware
    Plagegeister aller Art und deren Bekämpfung - 28.05.2014 (9)
  4. Windows7 Malware-Problem
    Plagegeister aller Art und deren Bekämpfung - 15.04.2012 (1)
  5. Malware Problem/TR SpyBanker.Gen2
    Log-Analyse und Auswertung - 02.12.2011 (2)
  6. goingonearth malware Problem
    Plagegeister aller Art und deren Bekämpfung - 19.04.2011 (20)
  7. Problem mit Malware.Trace
    Plagegeister aller Art und deren Bekämpfung - 11.02.2011 (4)
  8. Malware Problem
    Log-Analyse und Auswertung - 25.12.2010 (3)
  9. Problem mit CTV****.exe Malware/Wurm
    Log-Analyse und Auswertung - 31.07.2010 (8)
  10. Anti Malware Doctor Problem
    Plagegeister aller Art und deren Bekämpfung - 30.07.2010 (36)
  11. Malware Problem HEUR/HTML.Malware
    Log-Analyse und Auswertung - 29.03.2010 (1)
  12. Anti-Malware 1.34 problem
    Antiviren-, Firewall- und andere Schutzprogramme - 11.03.2009 (6)
  13. Malware Problem
    Log-Analyse und Auswertung - 11.02.2009 (2)
  14. Trojaner/Malware Problem
    Log-Analyse und Auswertung - 01.02.2009 (0)
  15. HEUR/HTML.Malware Problem
    Plagegeister aller Art und deren Bekämpfung - 09.01.2009 (0)
  16. Malware Problem
    Plagegeister aller Art und deren Bekämpfung - 29.05.2008 (4)
  17. Malware/Spyware problem
    Log-Analyse und Auswertung - 04.12.2007 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Malware Problem - Einen wunderschönen guten Tag, Trojaner-Board Ich kenne euer Forum schon lange, und wenn ich eines weiß dann ist es eines, euer Forum ist das beste Genug der Schmeichelheiten. --------------------------------- Zuerst - Malware Problem...
Archiv
Du betrachtest: Malware Problem auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130