Saving sidekicks entfernen

sushi79 · 03.12.2012, 21:33

Ich habe seid gestern das Plugin "Saving sidekicks" woher auch immer.
Nun habe ich es in Firefox deaktiviert, dann entfernt und dann noch in der Systemsteuerung unter "Programme" deinstalliert.
Ich bin mir aber nicht sicher, ob nun alles weg ist, bzw ob keine Gefahr mehr besteht.
Ansonsten habe ich nichts unternommen.

Malwarebytes:

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.12.03.07

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Tieben :: TIEBEN-PC [Administrator]

03.12.2012 17:40:17
mbam-log-2012-12-03 (17-40-17).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 363795
Laufzeit: 1 Stunde(n), 49 Minute(n), 43 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

OTL:

OTL logfile created on: 03.12.2012 19:45:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tieben\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,87 Gb Total Physical Memory | 1,22 Gb Available Physical Memory | 42,56% Memory free
5,94 Gb Paging File | 3,98 Gb Available in Paging File | 67,10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111,44 Gb Total Space | 59,03 Gb Free Space | 52,97% Space Free | Partition Type: NTFS
Drive D: | 111,44 Gb Total Space | 46,20 Gb Free Space | 41,45% Space Free | Partition Type: NTFS

Computer Name: TIEBEN-PC | User Name: Tieben | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.12.03 17:50:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tieben\Desktop\OTL.exe
PRC - [2012.11.27 07:27:38 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.11.27 07:27:26 | 000,639,264 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avscan.exe
PRC - [2012.11.27 07:27:25 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.11.27 07:27:24 | 000,384,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.10.03 15:51:04 | 000,725,400 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012.10.03 15:50:54 | 000,174,488 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2012.10.03 15:50:46 | 000,148,888 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2012.09.19 19:20:40 | 000,079,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.09.18 20:35:26 | 000,296,096 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Real\RealPlayer\Update\realsched.exe
PRC - [2012.09.18 10:21:50 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Tieben\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2012.08.26 09:56:00 | 000,066,864 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
PRC - [2012.08.13 11:08:08 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.exe
PRC - [2012.08.13 11:08:08 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.bin
PRC - [2012.06.06 17:54:46 | 002,774,384 | ---- | M] (O&O Software GmbH) -- C:\Programme\OO Software\Defrag\oodtray.exe
PRC - [2012.06.06 17:54:32 | 002,505,072 | ---- | M] (O&O Software GmbH) -- C:\Programme\OO Software\Defrag\oodag.exe
PRC - [2012.05.24 19:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Tieben\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.03.23 13:25:24 | 000,087,040 | ---- | M] () -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2012.01.23 05:43:08 | 000,092,592 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2011.02.23 21:19:22 | 000,371,200 | ---- | M] (shbox.de) -- C:\Programme\FreePDF_XP\fpassist.exe
PRC - [2010.05.27 08:46:57 | 000,165,888 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Windows\System32\spool\drivers\w32x86\3\NetFaxServer.exe
PRC - [2010.01.15 00:08:16 | 000,378,128 | ---- | M] (PC Tools) -- C:\Programme\ThreatFire\TFTray.exe
PRC - [2010.01.15 00:08:13 | 000,070,928 | ---- | M] (PC Tools) -- C:\Programme\ThreatFire\TFService.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.09.01 02:17:00 | 000,858,632 | ---- | M] (Dritek System Inc.) -- C:\Programme\Launch Manager\QtZgAcer.EXE
PRC - [2008.07.20 16:45:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008.07.20 16:45:06 | 000,182,808 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008.04.28 08:35:36 | 006,111,232 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.04.23 15:58:54 | 000,397,312 | ---- | M] (Acer Inc.) -- C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2008.03.21 13:22:52 | 000,024,576 | ---- | M] () -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe
PRC - [2008.03.21 13:22:32 | 000,376,832 | ---- | M] (acer) -- C:\Programme\Acer\Empowering Technology\NotificationCenter\Framework.NotificationCenter.exe
PRC - [2008.02.12 12:19:52 | 000,723,496 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008.01.21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2008.01.16 09:51:44 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007.12.06 16:15:28 | 000,110,592 | ---- | M] () -- C:\ACER\Mobility Center\MobilityService.exe
PRC - [2007.10.23 09:56:18 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2007.07.24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Programme\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007.01.04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe

========== Modules (No Company Name) ==========

MOD - [2012.11.14 21:24:37 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6525d5b1a3b2cbea3301959a47b353c2\System.ServiceProcess.ni.dll
MOD - [2012.11.14 21:24:33 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ac05afefb5b28893d44ec451da0e6d4e\System.Web.ni.dll
MOD - [2012.11.14 21:24:25 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2633dbf77be293b3a8693b6b062fd787\System.Runtime.Remoting.ni.dll
MOD - [2012.11.14 10:13:28 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\741164a3e36f879b9f9e3ff176465127\System.Xml.ni.dll
MOD - [2012.11.14 10:13:12 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\22e554f2c4da53c07e4815a24e2d50e2\System.Windows.Forms.ni.dll
MOD - [2012.11.14 10:13:02 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2c6cd37f29fc76d6c2ed6bbed202d82c\System.Drawing.ni.dll
MOD - [2012.11.14 10:11:38 | 007,976,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll
MOD - [2012.11.14 10:11:04 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll
MOD - [2012.08.26 09:55:59 | 000,061,496 | ---- | M] () -- C:\Programme\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\clntutil.dll
MOD - [2012.08.10 16:51:32 | 000,985,088 | ---- | M] () -- C:\Programme\OpenOffice.org 3\program\libxml2.dll
MOD - [2012.08.10 16:50:56 | 000,170,496 | ---- | M] () -- C:\Programme\OpenOffice.org 3\program\libxslt.dll
MOD - [2012.05.04 14:36:05 | 000,034,816 | ---- | M] () -- C:\Programme\Google\Google Desktop Search\gzlib.dll
MOD - [2012.02.17 19:55:35 | 000,166,912 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2009.08.03 02:53:56 | 000,475,136 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\sso2mdu.dll
MOD - [2009.03.30 05:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.04.23 15:58:20 | 000,204,800 | ---- | M] () -- C:\Windows\System32\SysHook.dll
MOD - [2008.04.04 03:00:58 | 000,003,072 | ---- | M] () -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll
MOD - [2008.02.12 12:12:50 | 000,126,976 | ---- | M] () -- C:\Programme\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2007.12.13 20:38:14 | 000,569,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.UIComponent\3.0.3006.0__739b31b1908c49e5\Framework.UIComponent.dll
MOD - [2007.12.13 20:38:14 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3006.0__4df5dcab8860d239\Framework.Utility.dll
MOD - [2007.12.13 20:38:14 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3006.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll
MOD - [2007.12.13 20:38:13 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3006.0__3036420f80dd6947\Framework.Library.dll
MOD - [2007.10.23 09:56:18 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe

========== Services (SafeList) ==========

SRV - [2012.11.27 07:27:38 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.11.27 07:27:25 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.11.13 18:19:06 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.10.03 15:51:04 | 000,725,400 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.06.06 17:54:32 | 002,505,072 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\Programme\OO Software\Defrag\oodag.exe -- (OODefragAgent)
SRV - [2012.05.04 15:14:12 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012.04.21 02:16:42 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.03.23 13:25:24 | 000,087,040 | ---- | M] () [Auto | Running] -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2012.01.23 05:43:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2010.05.27 08:46:57 | 000,165,888 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto | Running] -- C:\Windows\System32\spool\drivers\w32x86\3\NetFaxServer.exe -- (Samsung Network Fax Server)
SRV - [2010.01.15 00:08:13 | 000,070,928 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\ThreatFire\TFService.exe -- (ThreatFire)
SRV - [2008.07.20 16:45:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2008.03.21 13:22:52 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008.01.21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.16 09:51:44 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007.12.06 16:15:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\ACER\Mobility Center\MobilityService.exe -- (MobilityService)
SRV - [2007.08.24 03:19:12 | 000,443,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2007.07.24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Programme\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007.01.04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006.04.14 10:07:20 | 028,933,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSMLBIZ)
SRV - [2006.04.14 10:05:58 | 000,240,416 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2006.04.14 10:04:54 | 000,087,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2005.10.14 03:50:20 | 000,045,272 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012.11.13 17:11:46 | 000,133,824 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.11.13 17:11:46 | 000,083,432 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.11.13 17:11:46 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.08.27 15:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2012.06.27 15:18:52 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012.06.11 14:17:44 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2012.06.11 14:17:44 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012.06.11 14:17:44 | 000,018,560 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012.06.11 14:17:44 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2012.06.11 14:17:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012.06.11 14:17:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.10.31 11:16:04 | 000,058,632 | ---- | M] (ELTIMA Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\evserial7.sys -- (evserial7)
DRV - [2011.10.31 11:15:36 | 000,033,032 | ---- | M] (ELTIMA Software) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\evsbc7.sys -- (VSBC7)
DRV - [2011.03.18 12:46:26 | 000,061,704 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2011.03.18 12:46:10 | 000,073,096 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2011.02.17 01:52:46 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2010.06.23 09:23:46 | 000,023,040 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2010.01.15 00:08:30 | 000,059,664 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TfSysMon.sys -- (TfSysMon)
DRV - [2010.01.15 00:08:29 | 000,033,552 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - [2010.01.15 00:08:28 | 000,051,984 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TfFsMon.sys -- (TfFsMon)
DRV - [2009.06.10 14:49:32 | 000,024,576 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009.02.11 02:48:20 | 000,038,400 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\DgivEcp.sys -- (DgiVecp)
DRV - [2009.02.06 08:04:55 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2008.06.29 22:52:26 | 000,112,128 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2008.05.09 09:20:00 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2008.04.27 23:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32)
DRV - [2008.04.25 03:31:26 | 000,146,688 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV)
DRV - [2008.04.21 04:07:00 | 000,081,296 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008.03.21 10:48:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2007.04.17 19:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.intl.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.intl.acer.yahoo.com
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0512&m=travelmate_7730
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0512&m=travelmate_7730
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE482
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "hxxp://www.google.com/"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Tieben\AppData\Local\Google\Update\1.3.21.129\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Tieben\AppData\Local\Google\Update\1.3.21.129\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.05.04 17:54:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012.05.04 17:50:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tieben\AppData\Roaming\mozilla\Extensions
[2012.05.04 17:50:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tieben\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2012.12.03 17:12:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tieben\AppData\Roaming\mozilla\Firefox\Profiles\mvbxti2e.default\extensions
[2012.08.02 10:49:01 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.04.21 02:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.04.21 02:54:08 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.04.21 02:54:08 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.04.21 02:54:08 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.04.21 02:54:08 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.04.21 02:54:08 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.04.21 02:54:08 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - homepage: hxxp://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google

riginalQueryForSuggestion}{google:assistedQueryStats}{google:se archFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Tieben\AppData\Local\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\Tieben\AppData\Local\Google\Chrome\Application\23.0.1271.95\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Tieben\AppData\Local\Google\Chrome\Application\23.0.1271.95\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Tieben\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google-Suche = C:\Users\Tieben\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Google Mail = C:\Users\Tieben\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {11111111-1111-1111-1111-110011501160} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - InprocServer32 - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ePower_DMC] C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [OODefragTray] C:\Programme\OO Software\Defrag\oodtray.exe (O&O Software GmbH)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe ()
O4 - HKLM..\Run: [ThreatFire] C:\Programme\ThreatFire\TFTray.exe (PC Tools)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Tieben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Tieben\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Tieben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0E16CC9F-25FB-4A09-B5DD-F3CC16CF6C6D}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{972C1730-0B5A-46FF-AAB0-79D939E16F2A}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012.12.03 17:50:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Tieben\Desktop\OTL.exe
[2012.12.03 17:38:12 | 000,000,000 | ---D | C] -- C:\Users\Tieben\AppData\Roaming\Malwarebytes
[2012.12.03 17:37:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.12.03 17:37:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.12.03 17:37:45 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.12.03 17:37:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.11.28 10:47:09 | 000,000,000 | ---D | C] -- C:\Users\Tieben\AppData\Roaming\Nokia Suite
[2012.11.28 10:47:08 | 000,000,000 | ---D | C] -- C:\Users\Tieben\AppData\Roaming\Nokia
[2012.11.28 10:30:03 | 000,000,000 | ---D | C] -- C:\Users\Tieben\Documents\Nokia Suite
[2012.11.28 10:09:46 | 000,000,000 | ---D | C] -- C:\Users\Tieben\AppData\Local\NokiaAccount
[2012.11.28 09:53:34 | 000,000,000 | ---D | C] -- C:\Users\Tieben\AppData\Local\Nokia
[2012.11.28 09:53:31 | 000,000,000 | ---D | C] -- C:\Users\Tieben\AppData\Roaming\PC Suite
[2012.11.28 09:53:30 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2012.11.28 09:52:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2012.11.28 09:51:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia
[2012.11.28 09:51:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia
[2012.11.28 09:50:53 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2012.11.28 09:50:52 | 000,019,072 | ---- | C] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys
[2012.11.28 09:50:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2012.11.28 09:49:40 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2012.11.28 09:48:39 | 000,075,264 | ---- | C] (Nokia) -- C:\Windows\System32\nmwcdcls.dll
[2012.11.28 09:47:14 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaInstallerCache
[2012.11.28 09:47:14 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia
[2012.11.26 12:02:05 | 000,000,000 | ---D | C] -- C:\Users\Tieben\Desktop\Brilon 2012 Videos
[2012.11.26 09:16:22 | 000,000,000 | ---D | C] -- C:\Users\Tieben\Desktop\Nokia
[2012.11.22 21:29:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ThreatFire
[2012.11.22 21:29:55 | 000,000,000 | ---D | C] -- C:\Program Files\ThreatFire
[2012.11.22 21:29:55 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2012.11.15 10:04:13 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\sun
[2012.11.10 18:05:49 | 000,000,000 | ---D | C] -- C:\Users\Tieben\Desktop\Schlaflieder
[2012.11.07 04:15:18 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
[2012.11.04 09:02:53 | 000,000,000 | ---D | C] -- C:\Users\Tieben\AppData\Roaming\Avira
[2012.11.04 08:57:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.11.04 08:57:19 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012.11.04 08:57:18 | 000,133,824 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012.11.04 08:57:18 | 000,083,432 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.11.04 08:57:18 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.11.04 08:57:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.11.04 08:57:15 | 000,000,000 | ---D | C] -- C:\Program Files\Avira

========== Files - Modified Within 30 Days ==========

[2012.12.03 19:55:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.03 19:18:02 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1088409211-188358699-2762259819-1003UA.job
[2012.12.03 19:09:07 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.12.03 18:34:23 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.03 18:34:23 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.03 18:08:16 | 000,302,592 | ---- | M] () -- C:\Users\Tieben\Desktop\gd8eii9b.exe
[2012.12.03 17:50:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tieben\Desktop\OTL.exe
[2012.12.03 17:49:31 | 000,000,000 | ---- | M] () -- C:\Users\Tieben\defogger_reenable
[2012.12.03 17:39:15 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.12.03 16:34:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.03 04:21:24 | 000,018,015 | ---- | M] () -- C:\Users\Tieben\Documents\Fixkosten.ods
[2012.12.03 04:13:28 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1088409211-188358699-2762259819-1003Core.job
[2012.12.03 04:01:53 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.01 21:41:03 | 000,054,851 | ---- | M] () -- C:\Users\Tieben\Documents\Stromio Zählerstand 2012.pdf
[2012.11.28 10:10:20 | 000,685,712 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.11.28 10:10:20 | 000,642,704 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.11.28 10:10:20 | 000,149,980 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.11.28 10:10:20 | 000,121,592 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.11.28 10:06:27 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2012.11.28 10:04:44 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2012.11.28 10:03:22 | 3077,464,064 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.28 10:03:20 | 000,037,004 | ---- | M] () -- C:\Windows\System32\oodbs.lor
[2012.11.28 10:01:13 | 000,003,204 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.11.28 09:58:44 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2012.11.28 09:58:41 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012.11.28 09:52:10 | 000,001,889 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
[2012.11.26 12:29:37 | 000,034,816 | ---- | M] () -- C:\Users\Tieben\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.11.26 09:19:49 | 000,001,950 | ---- | M] () -- C:\Windows\cdplayer.ini
[2012.11.22 21:29:57 | 000,000,747 | ---- | M] () -- C:\Users\Public\Desktop\ThreatFire.lnk
[2012.11.19 03:43:32 | 001,142,475 | ---- | M] () -- C:\Users\Tieben\Documents\Klassenliste Dana.jpg
[2012.11.17 12:22:59 | 000,011,307 | ---- | M] () -- C:\Users\Tieben\AppData\Roaming\SmarThruOptions.xml
[2012.11.15 10:03:44 | 000,001,032 | ---- | M] () -- C:\Users\Tieben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
[2012.11.14 10:09:33 | 001,755,944 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.11.13 17:11:46 | 000,133,824 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012.11.13 17:11:46 | 000,083,432 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.11.13 17:11:46 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.11.04 09:04:39 | 000,065,826 | ---- | M] () -- C:\Users\Tieben\Documents\cc_20121104_090422.reg
[2012.11.04 09:03:30 | 000,000,808 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

========== Files Created - No Company Name ==========

[2012.12.03 18:08:12 | 000,302,592 | ---- | C] () -- C:\Users\Tieben\Desktop\gd8eii9b.exe
[2012.12.03 17:49:31 | 000,000,000 | ---- | C] () -- C:\Users\Tieben\defogger_reenable
[2012.12.03 17:37:47 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.12.01 22:13:36 | 000,001,124 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1088409211-188358699-2762259819-1003UA.job
[2012.12.01 22:13:35 | 000,001,072 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1088409211-188358699-2762259819-1003Core.job
[2012.12.01 21:41:01 | 000,054,851 | ---- | C] () -- C:\Users\Tieben\Documents\Stromio Zählerstand 2012.pdf
[2012.11.28 10:06:27 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2012.11.28 09:58:44 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2012.11.28 09:58:41 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012.11.28 09:58:16 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2012.11.28 09:52:10 | 000,001,889 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
[2012.11.22 21:29:57 | 000,000,747 | ---- | C] () -- C:\Users\Public\Desktop\ThreatFire.lnk
[2012.11.19 03:42:55 | 001,142,475 | ---- | C] () -- C:\Users\Tieben\Documents\Klassenliste Dana.jpg
[2012.11.15 10:03:43 | 000,001,032 | ---- | C] () -- C:\Users\Tieben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
[2012.11.04 09:04:29 | 000,065,826 | ---- | C] () -- C:\Users\Tieben\Documents\cc_20121104_090422.reg
[2012.11.04 09:03:30 | 000,000,808 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.08.12 17:37:07 | 000,032,256 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2012.08.12 17:34:43 | 000,107,520 | RHS- | C] () -- C:\Windows\System32\TAKDSDecoder.dll
[2012.07.07 19:14:42 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2012.06.06 14:36:04 | 000,001,950 | ---- | C] () -- C:\Windows\cdplayer.ini
[2012.06.03 10:43:27 | 000,034,816 | ---- | C] () -- C:\Users\Tieben\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.05.17 20:25:50 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2012.05.17 20:25:50 | 000,045,056 | ---- | C] () -- C:\Windows\System32\unredmon.exe
[2012.05.17 19:59:26 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012.05.17 19:59:26 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012.05.13 12:37:53 | 000,000,246 | ---- | C] () -- C:\Windows\wininit.ini
[2012.05.07 03:43:54 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2012.05.04 18:46:51 | 000,011,307 | ---- | C] () -- C:\Users\Tieben\AppData\Roaming\SmarThruOptions.xml
[2012.05.04 18:46:40 | 000,036,864 | ---- | C] () -- C:\Windows\System32\SvcMan.exe
[2012.05.04 18:46:30 | 000,000,124 | ---- | C] () -- C:\Windows\Readiris.ini
[2012.05.04 18:46:26 | 000,023,040 | ---- | C] () -- C:\Windows\System32\irisco32.dll
[2012.05.04 18:45:03 | 000,484,656 | ---- | C] () -- C:\Windows\ssndii.exe
[2012.05.04 14:34:02 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2012.05.04 14:34:02 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2012.05.04 14:34:01 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2012.05.04 14:11:41 | 000,003,204 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2011.04.07 07:30:08 | 000,090,112 | ---- | C] () -- C:\Windows\System32\SaSegFlt.dll
[2011.04.07 07:30:06 | 000,274,432 | ---- | C] () -- C:\Windows\System32\SaMinDrv.dll
[2011.04.07 07:30:06 | 000,106,496 | ---- | C] () -- C:\Windows\System32\SaImgFlt.dll
[2011.04.07 07:30:00 | 000,061,440 | ---- | C] () -- C:\Windows\System32\SaErHdlr.dll

========== ZeroAccess Check ==========

[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012.09.06 09:17:21 | 000,000,000 | ---D | M] -- C:\Users\Tieben\AppData\Roaming\Ashampoo
[2012.12.03 19:39:10 | 000,000,000 | ---D | M] -- C:\Users\Tieben\AppData\Roaming\Dropbox
[2012.10.08 18:25:51 | 000,000,000 | ---D | M] -- C:\Users\Tieben\AppData\Roaming\DVDVideoSoft
[2012.05.17 20:25:49 | 000,000,000 | ---D | M] -- C:\Users\Tieben\AppData\Roaming\FreePDF
[2012.07.10 10:39:11 | 000,000,000 | ---D | M] -- C:\Users\Tieben\AppData\Roaming\FRITZ!
[2012.07.07 21:45:36 | 000,000,000 | ---D | M] -- C:\Users\Tieben\AppData\Roaming\FRITZ!fax für FRITZ!Box
[2012.10.09 16:32:49 | 000,000,000 | ---D | M] -- C:\Users\Tieben\AppData\Roaming\HTC
[2012.10.09 16:30:50 | 000,000,000 | ---D | M] -- C:\Users\Tieben\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2012.09.19 11:13:55 | 000,000,000 | ---D | M] -- C:\Users\Tieben\AppData\Roaming\IrfanView
[2012.08.21 09:33:55 | 000,000,000 | ---D | M] -- C:\Users\Tieben\AppData\Roaming\LEAPS
[2012.11.28 10:47:08 | 000,000,000 | ---D | M] -- C:\Users\Tieben\AppData\Roaming\Nokia
[2012.11.28 10:47:09 | 000,000,000 | ---D | M] -- C:\Users\Tieben\AppData\Roaming\Nokia Suite
[2012.05.07 03:44:20 | 000,000,000 | ---D | M] -- C:\Users\Tieben\AppData\Roaming\OpenOffice.org
[2012.10.09 16:32:49 | 000,000,000 | ---D | M] -- C:\Users\Tieben\AppData\Roaming\Outlook
[2012.11.28 10:09:50 | 000,000,000 | ---D | M] -- C:\Users\Tieben\AppData\Roaming\PC Suite
[2012.05.17 20:12:36 | 000,000,000 | ---D | M] -- C:\Users\Tieben\AppData\Roaming\pdfforge
[2012.08.21 09:27:03 | 000,000,000 | ---D | M] -- C:\Users\Tieben\AppData\Roaming\Pegasys Inc
[2012.10.11 18:44:50 | 000,000,000 | ---D | M] -- C:\Users\Tieben\AppData\Roaming\RavensburgerTipToi
[2012.05.04 17:50:07 | 000,000,000 | ---D | M] -- C:\Users\Tieben\AppData\Roaming\TomTom
[2012.08.12 17:35:22 | 000,000,000 | ---D | M] -- C:\Users\Tieben\AppData\Roaming\TuneUp Software

========== Purity Check ==========

< End of report >

EXTRAS:

OTL Extras logfile created on: 03.12.2012 19:45:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tieben\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,87 Gb Total Physical Memory | 1,22 Gb Available Physical Memory | 42,56% Memory free
5,94 Gb Paging File | 3,98 Gb Available in Paging File | 67,10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111,44 Gb Total Space | 59,03 Gb Free Space | 52,97% Space Free | Partition Type: NTFS
Drive D: | 111,44 Gb Total Space | 46,20 Gb Free Space | 41,45% Space Free | Partition Type: NTFS

Computer Name: TIEBEN-PC | User Name: Tieben | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{CB86F5E3-1E67-4787-A9FD-4CFF342D193C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{022AC4D6-6C0A-4E96-85E8-4719D9C94B1E}" = protocol=17 | dir=in | app=c:\users\tieben\appdata\roaming\dropbox\bin\dropbox.exe |
"{0B76EB2B-0BE4-4DD1-BCB4-AD076F2EBA7F}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{1C2DE02C-8E4E-42DA-B8E0-9D9EB4D4D4F4}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{25DED4DE-7C73-4C4B-9129-568D277C0821}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{2CCCA4BA-1052-4D24-8CD6-6F26F5B82D7D}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{2F12A522-ABDF-4681-B32B-96E5E6A0117C}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{40333021-3CE0-49BD-8946-3073C2E74B20}" = protocol=6 | dir=in | app=c:\users\tieben\appdata\roaming\dropbox\bin\dropbox.exe |
"{5829AA16-F676-4957-8BB0-3AE2DA122744}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{721442E6-8804-47A1-A0C9-08EA0C7336EC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{74C9A058-0036-4E14-9656-C04ACF4613EE}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{8C18FEB8-D0D8-4C1F-BFFF-052B4C50A67C}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{8CB12EB5-2C89-4F51-9ABF-A3F26D56486A}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{9C0F09F5-39F8-491E-B5FF-EEFFA1E5EF6A}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{BA6548BF-503E-4584-95B2-05D6A29F37C9}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{E8D2F1EA-8B89-43DF-9147-76296692D291}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"TCP Query User{6B6D5232-FD29-4717-B8AF-999791F54DCF}C:\program files\fritz!\frifax32.exe" = protocol=6 | dir=in | app=c:\program files\fritz!\frifax32.exe |
"TCP Query User{9ED26107-3452-4C0F-8047-924B0E50DAD0}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{303782DF-3E68-4070-9C9F-CCD31A5E1ECD}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{CD07F781-08DC-4990-9702-381081759FAE}C:\program files\fritz!\frifax32.exe" = protocol=17 | dir=in | app=c:\program files\fritz!\frifax32.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.6300
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0906982B-A432-4C06-8F01-C01BE1143779}" = Nokia Connectivity Cable Driver
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}" = Readiris Pro 10
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{24CD85A3-6562-4C24-8257-27826C7CF7FE}" = O&O Defrag Professional
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{2DFB5485-A3EF-4298-9280-4AF80C9F4BE9}" = Microsoft SQL Server VSS Writer
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{33EBF075-8593-4698-BDAF-CF8DED80BB5B}" = Nokia Suite
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP1
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{547DCEC7-DD2A-47E9-82C7-5CF1EAB526DA}" = Microsoft SQL Server Native Client
"{548F12A2-BD2E-4B5A-9B62-BBC0AA8EB3DD}" = Everio MediaBrowser HD Edition
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7
"{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{80078570-6C67-486C-8CF0-B0D778FC69B5}" = Samsung Network PC Fax
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{8763793B-4D7D-49C8-A859-5C582EC02640}" = Nexus Radio
"{885F5AC6-4413-4D30-99A9-F4494BFA4923}" = Logitech Harmony Remote Software 7
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8E8ECFE5-A675-4110-B785-3B044FF48CDB}" = TMPGEnc 4.0 XPress
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{8F311E2E-C275-4CF0-8154-B63991832668}_is1" = SUPER © v2012.build.52 (July 7, 2012) Version v2012.build.52
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{58FC5E37-DD28-4D4A-A549-125744C6763C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{888B9AC7-8F5C-456B-A27A-157A6C310E52}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{90F1943D-EA4A-4460-B59F-30023F3BA69A}" = SmarThru 4
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A64A5576-D862-44F8-89DC-2B17FCC9B86E}" = Broadcom Gigabit Integrated Controller
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 2.0.8
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AB77DFDE-9949-4AEF-B180-BE322C3E65D0}" = HTC Sync
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BA77F9D2-CD35-41EB-9BC9-769879DFF8A6}" = PC Connectivity Solution
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CF9CD37C-E29A-11D5-AE3D-005004B8E30C}" = Digital Photo Navigator 1.5
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0)
"3554AA4B-9B0B-451a-A269-2B5F53982209_is1" = ThreatFire
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"Ashampoo Burning Studio 2012_is1" = Ashampoo Burning Studio 2012 v.10.0.15
"Audiograbber" = Audiograbber 1.83 SE
"Audiograbber-Lame" = Audiograbber MP3-Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Business Contact Manager" = Business Contact Manager für Outlook 2007 SP1
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"DVD Shrink DE_is1" = DVD Shrink 3.2 deutsch (DeCSS-frei)
"Free Audio Converter_is1" = Free Audio Converter version 5.0.18.1005
"FreePDF_XP" = FreePDF (Remove only)
"FRITZ! 2.0" = AVM FRITZ!fax für FRITZ!Box
"Google Desktop" = Google Desktop
"GPL Ghostscript 9.04" = GPL Ghostscript
"GridVista" = Acer GridVista
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"InstallShield_{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow
"IrfanView" = IrfanView (remove only)
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nokia Suite" = Nokia Suite
"PROHYBRIDR" = 2007 Microsoft Office system
"Ravensburger tiptoi" = Ravensburger tiptoi
"RealPlayer 15.0" = RealPlayer
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Samsung SCX-4623 Series" = Wartung Samsung SCX-4623 Series
"SopCast" = SopCast 3.5.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TomTom HOME" = TomTom HOME 2.8.3.2499
"VAG-COM" = VAG-COM
"Virtual Serial Port Driver_is1" = Virtual Serial Port Driver 7.1 (Build 7.1.289)
"VLC media player" = VLC media player 2.0.2
"WinRAR archiver" = WinRAR 4.11 (32-Bit)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 09.10.2012 11:31:10 | Computer Name = Tieben-PC | Source = VSS | ID = 12289
Description =

Error - 09.10.2012 11:31:11 | Computer Name = Tieben-PC | Source = VSS | ID = 13
Description =

Error - 09.10.2012 11:31:11 | Computer Name = Tieben-PC | Source = VSS | ID = 12289
Description =

Error - 09.10.2012 11:53:48 | Computer Name = Tieben-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\HTC\HTC
Sync 3.0\FDAgentForOutlook64.exe". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".

Error - 12.10.2012 03:55:09 | Computer Name = Tieben-PC | Source = System Restore | ID = 8193
Description =

Error - 14.10.2012 07:40:38 | Computer Name = Tieben-PC | Source = WinMgmt | ID = 10
Description =

Error - 15.10.2012 05:26:41 | Computer Name = Tieben-PC | Source = WinMgmt | ID = 10
Description =

Error - 16.10.2012 03:51:11 | Computer Name = Tieben-PC | Source = WinMgmt | ID = 10
Description =

Error - 04.11.2012 03:54:50 | Computer Name = Tieben-PC | Source = WinMgmt | ID = 10
Description =

Error - 04.11.2012 04:03:09 | Computer Name = Tieben-PC | Source = Windows Search Service | ID = 3013
Description =

[ System Events ]
Error - 10.05.2012 10:39:04 | Computer Name = Tieben-PC | Source = HTTP | ID = 15016
Description =

Error - 10.05.2012 10:39:37 | Computer Name = Tieben-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 11.05.2012 12:22:19 | Computer Name = Tieben-PC | Source = HTTP | ID = 15016
Description =

Error - 11.05.2012 12:22:55 | Computer Name = Tieben-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 12.05.2012 05:51:22 | Computer Name = Tieben-PC | Source = DCOM | ID = 10010
Description =

Error - 12.05.2012 09:39:10 | Computer Name = Tieben-PC | Source = HTTP | ID = 15016
Description =

Error - 12.05.2012 09:39:29 | Computer Name = Tieben-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 23.05.2012 04:09:27 | Computer Name = Tieben-PC | Source = DCOM | ID = 10010
Description =

Error - 23.05.2012 04:10:23 | Computer Name = Tieben-PC | Source = DCOM | ID = 10010
Description =

Error - 23.05.2012 04:17:38 | Computer Name = Tieben-PC | Source = Service Control Manager | ID = 7000
Description =

< End of report >

Den GMER LOG kann ich hier leider nicht posten, da ich dann immer wieder von vorne anfangen muss. Den kann ich dann gesondert posten oder per Mail schicken?

cosinus · 04.12.2012, 16:12

Hallo und

Hast du noch weitere Logs von Malwarebytes oder anderen Virenscannern? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

ATTFilter

 hier steht das Log

sushi79 · 05.12.2012, 04:25

Guten Morgen.
Nein, ich habe leider keine weiteren Logs.
Ich hoffe das was ich gepostet habe reicht dir aus.

MfG,
Sushi

cosinus · 05.12.2012, 12:18

Bevor wir uns an die weitere Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.

Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.
Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.
Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!
Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!
Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.

Bitte nun Logs mit GMER (<<< klick für Anleitung) und aswMBR (Anleitung etwas weiter unten) erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim zweiten Mal nicht will, lass es einfach weg und führ nur aswMBR aus.

aswMBR-Download => aswMBR.exe - speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe Vista und Win7 User mit Rechtsklick "als Admininstartor starten"
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

sushi79 · 05.12.2012, 19:38

Den Log von GMER kann ich immeroch nicht posten (habe ich schon erwähnt).

Code:

ATTFilter

 version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-05 18:48:27
-----------------------------
18:48:27.505    OS Version: Windows 6.0.6002 Service Pack 2
18:48:27.505    Number of processors: 2 586 0x170A
18:48:27.506    ComputerName: TIEBEN-PC  UserName: Tieben
18:48:36.907    Initialize success
18:50:25.045    AVAST engine defs: 12120500
19:09:15.054    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:09:15.057    Disk 0 Vendor: Hitachi_ FBEO Size: 238475MB BusType: 3
19:09:15.455    Disk 0 MBR read successfully
19:09:15.513    Disk 0 MBR scan
19:09:15.548    Disk 0 unknown MBR code
19:09:15.616    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        10240 MB offset 2048
19:09:15.708    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       114116 MB offset 20973568
19:09:15.786    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       114117 MB offset 254683136
19:09:15.912    Disk 0 scanning sectors +488394752
19:09:16.532    Disk 0 scanning C:\Windows\system32\drivers
19:10:33.225    Service scanning
19:11:08.683    Modules scanning
19:12:11.393    Disk 0 trace - called modules:
19:12:11.466    ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys 
19:12:11.471    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x867f7ac8]
19:12:11.475    3 CLASSPNP.SYS[8a5a48b3] -> nt!IofCallDriver -> [0x85857868]
19:12:11.482    5 acpi.sys[806876bc] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8580a028]
19:12:12.433    AVAST engine scan C:\Windows
19:13:21.744    AVAST engine scan C:\Windows\system32
19:26:20.135    AVAST engine scan C:\Windows\system32\drivers
19:26:40.501    AVAST engine scan C:\Users\Tieben
19:33:30.747    AVAST engine scan C:\ProgramData
19:34:45.401    Scan finished successfully
19:35:42.002    Disk 0 MBR has been saved successfully to "C:\Users\Tieben\Desktop\MBR.dat"
19:35:42.008    The log file has been saved successfully to "C:\Users\Tieben\Desktop\aswMBR.txt"

cosinus · 06.12.2012, 09:37

Zitat:

Den GMER LOG kann ich hier leider nicht posten, da ich dann immer wieder von vorne anfangen muss. Den kann ich dann gesondert posten oder per Mail schicken?

Zippen und hier anhängen! Das aber wirklich nur bei Logs machen die zu groß sind!

sushi79 · 07.12.2012, 04:02

Hier der Log

cosinus · 07.12.2012, 10:30

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehlalarm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

sushi79 · 09.12.2012, 10:57

Code:

ATTFilter

 10:44:45.0645 4288  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
10:44:46.0020 4288  ============================================================
10:44:46.0020 4288  Current date / time: 2012/12/09 10:44:46.0020
10:44:46.0020 4288  SystemInfo:
10:44:46.0020 4288  
10:44:46.0020 4288  OS Version: 6.0.6002 ServicePack: 2.0
10:44:46.0020 4288  Product type: Workstation
10:44:46.0020 4288  ComputerName: TIEBEN-PC
10:44:46.0020 4288  UserName: Tieben
10:44:46.0020 4288  Windows directory: C:\Windows
10:44:46.0020 4288  System windows directory: C:\Windows
10:44:46.0020 4288  Processor architecture: Intel x86
10:44:46.0020 4288  Number of processors: 2
10:44:46.0020 4288  Page size: 0x1000
10:44:46.0020 4288  Boot type: Normal boot
10:44:46.0020 4288  ============================================================
10:44:46.0428 4288  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:44:46.0430 4288  ============================================================
10:44:46.0430 4288  \Device\Harddisk0\DR0:
10:44:46.0446 4288  MBR partitions:
10:44:46.0446 4288  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0xDEE2000
10:44:46.0446 4288  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xF2E2800, BlocksNum 0xDEE2800
10:44:46.0446 4288  ============================================================
10:44:46.0486 4288  C: <-> \Device\Harddisk0\DR0\Partition1
10:44:46.0509 4288  D: <-> \Device\Harddisk0\DR0\Partition2
10:44:46.0509 4288  ============================================================
10:44:46.0510 4288  Initialize success
10:44:46.0510 4288  ============================================================
10:46:02.0270 5676  ============================================================
10:46:02.0270 5676  Scan started
10:46:02.0270 5676  Mode: Manual; SigCheck; TDLFS; 
10:46:02.0270 5676  ============================================================
10:46:02.0535 5676  ================ Scan system memory ========================
10:46:02.0535 5676  System memory - ok
10:46:02.0535 5676  ================ Scan services =============================
10:46:03.0050 5676  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
10:46:03.0221 5676  ACPI - ok
10:46:03.0315 5676  [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:46:03.0330 5676  AdobeFlashPlayerUpdateSvc - ok
10:46:03.0393 5676  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
10:46:03.0424 5676  adp94xx - ok
10:46:03.0440 5676  [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci         C:\Windows\system32\drivers\adpahci.sys
10:46:03.0471 5676  adpahci - ok
10:46:03.0486 5676  [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
10:46:03.0502 5676  adpu160m - ok
10:46:03.0518 5676  [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
10:46:03.0533 5676  adpu320 - ok
10:46:03.0580 5676  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:46:03.0611 5676  AeLookupSvc - ok
10:46:03.0658 5676  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
10:46:03.0705 5676  AFD - ok
10:46:03.0736 5676  [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440          C:\Windows\system32\drivers\agp440.sys
10:46:03.0752 5676  agp440 - ok
10:46:03.0783 5676  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
10:46:03.0798 5676  aic78xx - ok
10:46:03.0830 5676  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
10:46:03.0861 5676  ALG - ok
10:46:03.0892 5676  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:46:03.0908 5676  aliide - ok
10:46:03.0923 5676  [ C47344BC706E5F0B9DCE369516661578 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
10:46:03.0954 5676  amdagp - ok
10:46:03.0986 5676  [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide          C:\Windows\system32\drivers\amdide.sys
10:46:04.0001 5676  amdide - ok
10:46:04.0032 5676  [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
10:46:04.0079 5676  AmdK7 - ok
10:46:04.0095 5676  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
10:46:04.0142 5676  AmdK8 - ok
10:46:04.0282 5676  [ 07194A09DC27C99A2474251DE27F6E17 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
10:46:04.0298 5676  AntiVirSchedulerService - ok
10:46:04.0344 5676  [ F0964ECD283591E7686AF912298B9F39 ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
10:46:04.0360 5676  AntiVirService - ok
10:46:04.0407 5676  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
10:46:04.0438 5676  Appinfo - ok
10:46:04.0454 5676  [ 5D2888182FB46632511ACEE92FDAD522 ] arc             C:\Windows\system32\drivers\arc.sys
10:46:04.0469 5676  arc - ok
10:46:04.0500 5676  [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
10:46:04.0532 5676  arcsas - ok
10:46:04.0547 5676  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:46:04.0594 5676  AsyncMac - ok
10:46:04.0625 5676  [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi           C:\Windows\system32\drivers\atapi.sys
10:46:04.0641 5676  atapi - ok
10:46:04.0672 5676  [ 5E19F7B730C6A32E83174E2D6FEE4389 ] ATSWPDRV        C:\Windows\system32\DRIVERS\ATSwpDrv.sys
10:46:04.0703 5676  ATSWPDRV - ok
10:46:04.0750 5676  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:46:04.0781 5676  AudioEndpointBuilder - ok
10:46:04.0781 5676  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
10:46:04.0812 5676  Audiosrv - ok
10:46:04.0844 5676  [ 680B3A1BE559B5D5AAC04C7949469DD6 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
10:46:04.0859 5676  avgntflt - ok
10:46:04.0906 5676  [ 6B289080B9752DAD39C1C2B98B479DCE ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
10:46:04.0922 5676  avipbb - ok
10:46:04.0937 5676  [ FFB78D74E1EA5F811341A6E7AC547A46 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
10:46:04.0953 5676  avkmgr - ok
10:46:05.0000 5676  [ 7D0F2BFA273831124FA08526AF48AF18 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
10:46:05.0031 5676  b57nd60x - ok
10:46:05.0093 5676  [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
10:46:05.0109 5676  BcmSqlStartupSvc - ok
10:46:05.0140 5676  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:46:05.0187 5676  Beep - ok
10:46:05.0234 5676  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
10:46:05.0265 5676  BFE - ok
10:46:05.0327 5676  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
10:46:05.0421 5676  BITS - ok
10:46:05.0483 5676  [ D4DF28447741FD3D953526E33A617397 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
10:46:05.0530 5676  blbdrive - ok
10:46:05.0592 5676  [ 73686FE0B2E0469F89FD2075BE724704 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:46:05.0608 5676  Bonjour Service ( UnsignedFile.Multi.Generic ) - warning
10:46:05.0608 5676  Bonjour Service - detected UnsignedFile.Multi.Generic (1)
10:46:05.0639 5676  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:46:05.0655 5676  bowser - ok
10:46:05.0702 5676  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
10:46:05.0733 5676  BrFiltLo - ok
10:46:05.0748 5676  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
10:46:05.0795 5676  BrFiltUp - ok
10:46:05.0826 5676  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
10:46:05.0858 5676  Browser - ok
10:46:05.0889 5676  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
10:46:05.0951 5676  Brserid - ok
10:46:05.0967 5676  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
10:46:06.0045 5676  BrSerWdm - ok
10:46:06.0076 5676  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
10:46:06.0138 5676  BrUsbMdm - ok
10:46:06.0201 5676  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
10:46:06.0248 5676  BrUsbSer - ok
10:46:06.0294 5676  [ 6D39C954799B63BA866910234CF7D726 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
10:46:06.0326 5676  BthEnum - ok
10:46:06.0372 5676  [ 9A966A8E86D1771911AE34A20D11BFF3 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
10:46:06.0404 5676  BTHMODEM - ok
10:46:06.0435 5676  [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
10:46:06.0482 5676  BthPan - ok
10:46:06.0544 5676  [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
10:46:06.0591 5676  BTHPORT - ok
10:46:06.0606 5676  [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ         C:\Windows\System32\bthserv.dll
10:46:06.0638 5676  BthServ - ok
10:46:06.0669 5676  [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
10:46:06.0684 5676  BTHUSB - ok
10:46:06.0747 5676  [ 3EA1A20DC0CA1AD23E7AA8C37A91BCD1 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
10:46:06.0762 5676  btwaudio - ok
10:46:06.0794 5676  [ 195872E48A7FB01F8BC9B800F70F4054 ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
10:46:06.0809 5676  btwavdt - ok
10:46:06.0825 5676  [ 0724E7D6C9B6A289EDDDA33FA8176E80 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
10:46:06.0840 5676  btwrchid - ok
10:46:06.0887 5676  [ 09E6AFFAE6C0E9158BF05C7D08D0107A ] BUNAgentSvc     C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
10:46:06.0887 5676  BUNAgentSvc ( UnsignedFile.Multi.Generic ) - warning
10:46:06.0887 5676  BUNAgentSvc - detected UnsignedFile.Multi.Generic (1)
10:46:06.0918 5676  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:46:06.0950 5676  cdfs - ok
10:46:06.0981 5676  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
10:46:06.0996 5676  cdrom - ok
10:46:07.0043 5676  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
10:46:07.0090 5676  CertPropSvc - ok
10:46:07.0106 5676  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\drivers\circlass.sys
10:46:07.0137 5676  circlass - ok
10:46:07.0168 5676  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
10:46:07.0184 5676  CLFS - ok
10:46:07.0386 5676  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:46:07.0402 5676  clr_optimization_v2.0.50727_32 - ok
10:46:07.0605 5676  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:46:07.0620 5676  clr_optimization_v4.0.30319_32 - ok
10:46:07.0652 5676  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
10:46:07.0698 5676  CmBatt - ok
10:46:07.0698 5676  [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:46:07.0714 5676  cmdide - ok
10:46:07.0745 5676  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
10:46:07.0761 5676  Compbatt - ok
10:46:07.0761 5676  COMSysApp - ok
10:46:07.0776 5676  [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
10:46:07.0792 5676  crcdisk - ok
10:46:07.0823 5676  [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
10:46:07.0870 5676  Crusoe - ok
10:46:07.0917 5676  [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:46:07.0948 5676  CryptSvc - ok
10:46:07.0995 5676  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:46:08.0026 5676  DcomLaunch - ok
10:46:08.0104 5676  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:46:08.0198 5676  DfsC - ok
10:46:08.0385 5676  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
10:46:08.0712 5676  DFSR - ok
10:46:08.0744 5676  [ 7F19DBA1A467B838CCB23124A2C55568 ] DgiVecp         C:\Windows\system32\Drivers\DgiVecp.sys
10:46:08.0759 5676  DgiVecp ( UnsignedFile.Multi.Generic ) - warning
10:46:08.0759 5676  DgiVecp - detected UnsignedFile.Multi.Generic (1)
10:46:08.0806 5676  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
10:46:08.0837 5676  Dhcp - ok
10:46:08.0884 5676  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
10:46:08.0900 5676  disk - ok
10:46:08.0931 5676  [ 73BAF270D24FE726B9CD7F80BB17A23D ] DKbFltr         C:\Windows\system32\DRIVERS\DKbFltr.sys
10:46:08.0946 5676  DKbFltr - ok
10:46:08.0978 5676  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:46:09.0009 5676  Dnscache - ok
10:46:09.0071 5676  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:46:09.0102 5676  dot3svc - ok
10:46:09.0149 5676  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
10:46:09.0180 5676  DPS - ok
10:46:09.0212 5676  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:46:09.0258 5676  drmkaud - ok
10:46:09.0368 5676  [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:46:09.0461 5676  DXGKrnl - ok
10:46:09.0524 5676  [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
10:46:09.0602 5676  E1G60 - ok
10:46:09.0680 5676  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
10:46:09.0726 5676  EapHost - ok
10:46:09.0773 5676  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
10:46:09.0789 5676  Ecache - ok
10:46:09.0867 5676  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:46:09.0914 5676  ehRecvr - ok
10:46:09.0929 5676  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
10:46:09.0960 5676  ehSched - ok
10:46:09.0976 5676  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
10:46:10.0007 5676  ehstart - ok
10:46:10.0038 5676  [ 23B62471681A124889978F6295B3F4C6 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
10:46:10.0070 5676  elxstor - ok
10:46:10.0163 5676  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
10:46:10.0241 5676  EMDMgmt - ok
10:46:10.0288 5676  [ 3DB974F3935483555D7148663F726C61 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:46:10.0335 5676  ErrDev - ok
10:46:10.0397 5676  [ A51FD9DF23720485991F56741BBEFCFB ] ETService       C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
10:46:10.0397 5676  ETService ( UnsignedFile.Multi.Generic ) - warning
10:46:10.0397 5676  ETService - detected UnsignedFile.Multi.Generic (1)
10:46:10.0444 5676  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
10:46:10.0491 5676  EventSystem - ok
10:46:10.0522 5676  [ 6C0446DEF5C850E9FF67F0BB01B94167 ] evserial7       C:\Windows\system32\DRIVERS\evserial7.sys
10:46:10.0538 5676  evserial7 - ok
10:46:10.0584 5676  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
10:46:10.0616 5676  exfat - ok
10:46:10.0647 5676  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:46:10.0694 5676  fastfat - ok
10:46:10.0725 5676  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
10:46:10.0772 5676  fdc - ok
10:46:10.0803 5676  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
10:46:10.0818 5676  fdPHost - ok
10:46:10.0850 5676  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:46:10.0896 5676  FDResPub - ok
10:46:10.0928 5676  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:46:10.0943 5676  FileInfo - ok
10:46:10.0959 5676  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:46:11.0006 5676  Filetrace - ok
10:46:11.0099 5676  [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:46:11.0162 5676  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
10:46:11.0162 5676  FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
10:46:11.0177 5676  [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
10:46:11.0208 5676  flpydisk - ok
10:46:11.0240 5676  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:46:11.0271 5676  FltMgr - ok
10:46:11.0349 5676  [ 8CE364388C8ECA59B14B539179276D44 ] FontCache       C:\Windows\system32\FntCache.dll
10:46:11.0427 5676  FontCache - ok
10:46:11.0520 5676  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:46:11.0567 5676  FontCache3.0.0.0 - ok
10:46:11.0598 5676  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:46:11.0630 5676  Fs_Rec - ok
10:46:11.0676 5676  [ AAE37F0F2F613218DCE17B42A18C38DB ] FTDIBUS         C:\Windows\system32\drivers\ftdibus.sys
10:46:11.0692 5676  FTDIBUS - ok
10:46:11.0708 5676  [ 48BFD1BA45C9C9E7AB339E25ABFBA1D2 ] FTSER2K         C:\Windows\system32\drivers\ftser2k.sys
10:46:11.0723 5676  FTSER2K - ok
10:46:11.0754 5676  [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
10:46:11.0770 5676  gagp30kx - ok
10:46:11.0864 5676  [ 6FD7F370817F16B5E1F08B91BADAA2EE ] GoogleDesktopManager-080708-050100 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
10:46:11.0879 5676  GoogleDesktopManager-080708-050100 ( UnsignedFile.Multi.Generic ) - warning
10:46:11.0879 5676  GoogleDesktopManager-080708-050100 - detected UnsignedFile.Multi.Generic (1)
10:46:11.0957 5676  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
10:46:12.0020 5676  gpsvc - ok
10:46:12.0098 5676  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
10:46:12.0113 5676  gupdate - ok
10:46:12.0129 5676  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
10:46:12.0144 5676  gupdatem - ok
10:46:12.0222 5676  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:46:12.0285 5676  HdAudAddService - ok
10:46:12.0410 5676  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
10:46:12.0503 5676  HDAudBus - ok
10:46:12.0519 5676  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
10:46:12.0581 5676  HidBth - ok
10:46:12.0612 5676  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
10:46:12.0675 5676  HidIr - ok
10:46:12.0722 5676  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
10:46:12.0753 5676  hidserv - ok
10:46:12.0784 5676  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:46:12.0831 5676  HidUsb - ok
10:46:12.0846 5676  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:46:12.0878 5676  hkmsvc - ok
10:46:12.0909 5676  [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
10:46:12.0940 5676  HpCISSs - ok
10:46:12.0971 5676  [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL        C:\Windows\system32\DRIVERS\VSTAZL3.SYS
10:46:13.0002 5676  HSFHWAZL - ok
10:46:13.0174 5676  [ CC267848CB3508E72762BE65734E764D ] HSF_DPV         C:\Windows\system32\DRIVERS\HSX_DPV.sys
10:46:13.0252 5676  HSF_DPV - ok
10:46:13.0268 5676  [ A2882945CC4B6E3E4E9E825590438888 ] HSXHWAZL        C:\Windows\system32\DRIVERS\HSXHWAZL.sys
10:46:13.0299 5676  HSXHWAZL - ok
10:46:13.0346 5676  [ CBD09ED9CF6822177EE85AEA4D8816A2 ] HTCAND32        C:\Windows\system32\Drivers\ANDROIDUSB.sys
10:46:13.0392 5676  HTCAND32 - ok
10:46:13.0439 5676  [ 52395A94C127C0266D1C0F3CCE8A4345 ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys
10:46:13.0455 5676  htcnprot - ok
10:46:13.0548 5676  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:46:13.0626 5676  HTTP - ok
10:46:13.0673 5676  [ C6B032D69650985468160FC9937CF5B4 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
10:46:13.0689 5676  i2omp - ok
10:46:13.0720 5676  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
10:46:13.0767 5676  i8042prt - ok
10:46:13.0814 5676  [ 3E42C4691AAD4B1E8D0466F9CBF05CBE ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
10:46:13.0845 5676  IAANTMON - ok
10:46:13.0892 5676  [ 707C1692214B1C290271067197F075F6 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
10:46:13.0907 5676  iaStor - ok
10:46:13.0938 5676  [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
10:46:13.0954 5676  iaStorV - ok
10:46:14.0063 5676  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:46:14.0110 5676  idsvc - ok
10:46:14.0297 5676  [ 0627FC0C422CD6E0F23E1B0D1D9F0899 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
10:46:14.0547 5676  igfx - ok
10:46:14.0578 5676  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
10:46:14.0609 5676  iirsp - ok
10:46:14.0640 5676  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
10:46:14.0703 5676  IKEEXT - ok
10:46:14.0718 5676  [ C6E5276C00EBDEB096BB5EF4B797D1B6 ] int15           C:\Windows\system32\drivers\int15.sys
10:46:14.0734 5676  int15 - ok
10:46:14.0890 5676  [ 3CFA12FEFEA751DAE7B8133A6EF3C0D9 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
10:46:15.0030 5676  IntcAzAudAddService - ok
10:46:15.0093 5676  [ C7E7E43CBD34D3B0A0156B51B917DFCC ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
10:46:15.0108 5676  IntcHdmiAddService - ok
10:46:15.0155 5676  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:46:15.0186 5676  intelide - ok
10:46:15.0218 5676  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:46:15.0249 5676  intelppm - ok
10:46:15.0280 5676  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:46:15.0311 5676  IPBusEnum - ok
10:46:15.0342 5676  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:46:15.0374 5676  IpFilterDriver - ok
10:46:15.0389 5676  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:46:15.0420 5676  iphlpsvc - ok
10:46:15.0436 5676  IpInIp - ok
10:46:15.0436 5676  [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
10:46:15.0483 5676  IPMIDRV - ok
10:46:15.0498 5676  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
10:46:15.0530 5676  IPNAT - ok
10:46:15.0561 5676  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:46:15.0608 5676  IRENUM - ok
10:46:15.0623 5676  [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:46:15.0639 5676  isapnp - ok
10:46:15.0670 5676  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
10:46:15.0701 5676  iScsiPrt - ok
10:46:15.0717 5676  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
10:46:15.0732 5676  iteatapi - ok
10:46:15.0732 5676  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
10:46:15.0748 5676  iteraid - ok
10:46:15.0779 5676  [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr       C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
10:46:15.0795 5676  IviRegMgr - ok
10:46:15.0826 5676  [ 858C550EBBD243826A2193262C1B54A3 ] JMCR            C:\Windows\system32\DRIVERS\jmcr.sys
10:46:15.0857 5676  JMCR - ok
10:46:15.0888 5676  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
10:46:15.0904 5676  kbdclass - ok
10:46:15.0966 5676  [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
10:46:15.0998 5676  kbdhid - ok
10:46:16.0044 5676  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
10:46:16.0091 5676  KeyIso - ok
10:46:16.0122 5676  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:46:16.0154 5676  KSecDD - ok
10:46:16.0185 5676  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:46:16.0247 5676  KtmRm - ok
10:46:16.0294 5676  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:46:16.0356 5676  LanmanServer - ok
10:46:16.0403 5676  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:46:16.0434 5676  LanmanWorkstation - ok
10:46:16.0481 5676  [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
10:46:16.0481 5676  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
10:46:16.0481 5676  LightScribeService - detected UnsignedFile.Multi.Generic (1)
10:46:16.0497 5676  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:46:16.0544 5676  lltdio - ok
10:46:16.0575 5676  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:46:16.0622 5676  lltdsvc - ok
10:46:16.0637 5676  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:46:16.0684 5676  lmhosts - ok
10:46:16.0715 5676  [ C7E15E82879BF3235B559563D4185365 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
10:46:16.0731 5676  LSI_FC - ok
10:46:16.0746 5676  [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
10:46:16.0762 5676  LSI_SAS - ok
10:46:16.0778 5676  [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
10:46:16.0793 5676  LSI_SCSI - ok
10:46:16.0824 5676  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
10:46:16.0871 5676  luafv - ok
10:46:16.0902 5676  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:46:16.0934 5676  Mcx2Svc - ok
10:46:16.0980 5676  [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
10:46:16.0996 5676  mdmxsdk - ok
10:46:17.0027 5676  [ 0001CE609D66632FA17B84705F658879 ] megasas         C:\Windows\system32\drivers\megasas.sys
10:46:17.0043 5676  megasas - ok
10:46:17.0074 5676  [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
10:46:17.0090 5676  MegaSR - ok
10:46:17.0121 5676  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
10:46:17.0152 5676  MMCSS - ok
10:46:17.0183 5676  MobilityService - ok
10:46:17.0230 5676  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
10:46:17.0277 5676  Modem - ok
10:46:17.0324 5676  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:46:17.0355 5676  monitor - ok
10:46:17.0370 5676  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:46:17.0386 5676  mouclass - ok
10:46:17.0402 5676  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:46:17.0495 5676  mouhid - ok
10:46:17.0511 5676  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
10:46:17.0526 5676  MountMgr - ok
10:46:17.0542 5676  [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:46:17.0573 5676  MozillaMaintenance - ok
10:46:17.0636 5676  [ 511D011289755DD9F9A7579FB0B064E6 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:46:17.0651 5676  mpio - ok
10:46:17.0667 5676  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:46:17.0698 5676  mpsdrv - ok
10:46:17.0714 5676  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:46:17.0776 5676  MpsSvc - ok
10:46:17.0807 5676  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
10:46:17.0823 5676  Mraid35x - ok
10:46:17.0838 5676  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:46:17.0870 5676  MRxDAV - ok
10:46:17.0901 5676  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:46:17.0916 5676  mrxsmb - ok
10:46:17.0948 5676  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:46:17.0994 5676  mrxsmb10 - ok
10:46:17.0994 5676  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:46:18.0026 5676  mrxsmb20 - ok
10:46:18.0057 5676  [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci          C:\Windows\system32\drivers\msahci.sys
10:46:18.0072 5676  msahci - ok
10:46:18.0088 5676  [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:46:18.0104 5676  msdsm - ok
10:46:18.0119 5676  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
10:46:18.0150 5676  MSDTC - ok
10:46:18.0182 5676  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:46:18.0228 5676  Msfs - ok
10:46:18.0260 5676  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:46:18.0275 5676  msisadrv - ok
10:46:18.0322 5676  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:46:18.0369 5676  MSiSCSI - ok
10:46:18.0369 5676  msiserver - ok
10:46:18.0400 5676  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:46:18.0431 5676  MSKSSRV - ok
10:46:18.0447 5676  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:46:18.0478 5676  MSPCLOCK - ok
10:46:18.0494 5676  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:46:18.0525 5676  MSPQM - ok
10:46:18.0572 5676  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:46:18.0587 5676  MsRPC - ok
10:46:18.0603 5676  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
10:46:18.0618 5676  mssmbios - ok
10:46:18.0696 5676  MSSQL$MSSMLBIZ - ok
10:46:18.0728 5676  [ ADAF062116B4E6D96E44D26486A87AF6 ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
10:46:18.0743 5676  MSSQLServerADHelper - ok
10:46:18.0774 5676  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:46:18.0821 5676  MSTEE - ok
10:46:18.0852 5676  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
10:46:18.0868 5676  Mup - ok
10:46:18.0899 5676  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
10:46:18.0962 5676  napagent - ok
10:46:19.0008 5676  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:46:19.0055 5676  NativeWifiP - ok
10:46:19.0118 5676  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:46:19.0149 5676  NDIS - ok
10:46:19.0180 5676  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:46:19.0211 5676  NdisTapi - ok
10:46:19.0227 5676  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:46:19.0258 5676  Ndisuio - ok
10:46:19.0274 5676  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:46:19.0305 5676  NdisWan - ok
10:46:19.0320 5676  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:46:19.0336 5676  NDProxy - ok
10:46:19.0352 5676  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:46:19.0383 5676  NetBIOS - ok
10:46:19.0414 5676  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
10:46:19.0445 5676  netbt - ok
10:46:19.0461 5676  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
10:46:19.0476 5676  Netlogon - ok
10:46:19.0508 5676  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
10:46:19.0554 5676  Netman - ok
10:46:19.0570 5676  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
10:46:19.0601 5676  netprofm - ok
10:46:19.0632 5676  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:46:19.0648 5676  NetTcpPortSharing - ok
10:46:19.0788 5676  [ E559EA9138C77B5D1FDA8C558764A25F ] NETw5v32        C:\Windows\system32\DRIVERS\NETw5v32.sys
10:46:20.0288 5676  NETw5v32 - ok
10:46:20.0303 5676  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
10:46:20.0334 5676  nfrd960 - ok
10:46:20.0381 5676  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:46:20.0412 5676  NlaSvc - ok
10:46:20.0475 5676  [ 33A4B24A4C4DCF3C168E2C1151A62FC5 ] nmwcd           C:\Windows\system32\drivers\ccdcmb.sys
10:46:20.0537 5676  nmwcd - ok
10:46:20.0600 5676  [ A77265EF7BF998B8BB22A1A23E72B45D ] nmwcdc          C:\Windows\system32\drivers\ccdcmbo.sys
10:46:20.0646 5676  nmwcdc - ok
10:46:20.0693 5676  [ 62A8B306AACFC53D6FB08D8D36EAF61F ] nmwcdnsu        C:\Windows\system32\drivers\nmwcdnsu.sys
10:46:20.0724 5676  nmwcdnsu - ok
10:46:20.0756 5676  [ C0AD13045C82CC9569595223C7568B7F ] nmwcdnsuc       C:\Windows\system32\drivers\nmwcdnsuc.sys
10:46:20.0802 5676  nmwcdnsuc - ok
10:46:20.0818 5676  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:46:20.0849 5676  Npfs - ok
10:46:20.0896 5676  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
10:46:20.0927 5676  nsi - ok
10:46:20.0958 5676  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:46:21.0021 5676  nsiproxy - ok
10:46:21.0255 5676  [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:46:21.0333 5676  Ntfs - ok
10:46:21.0364 5676  [ CB76F68BA0D57C5D25B538981B1C611C ] NTIBackupSvc    C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
10:46:21.0395 5676  NTIBackupSvc - ok
10:46:21.0411 5676  [ 2757D2BA59AEE155209E24942AB127C9 ] NTIDrvr         C:\Windows\system32\DRIVERS\NTIDrvr.sys
10:46:21.0426 5676  NTIDrvr - ok
10:46:21.0442 5676  [ DF1C10A75DF7E50195FC417F88A33227 ] NTISchedulerSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
10:46:21.0458 5676  NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - warning
10:46:21.0458 5676  NTISchedulerSvc - detected UnsignedFile.Multi.Generic (1)
10:46:21.0473 5676  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
10:46:21.0536 5676  ntrigdigi - ok
10:46:21.0567 5676  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
10:46:21.0629 5676  Null - ok
10:46:21.0645 5676  [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:46:21.0660 5676  nvraid - ok
10:46:21.0676 5676  [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:46:21.0692 5676  nvstor - ok
10:46:21.0723 5676  [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:46:21.0738 5676  nv_agp - ok
10:46:21.0754 5676  NwlnkFlt - ok
10:46:21.0754 5676  NwlnkFwd - ok
10:46:21.0894 5676  [ E54AA592A65F317390EEE386A8821692 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:46:21.0926 5676  odserv - ok
10:46:21.0972 5676  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:46:22.0019 5676  ohci1394 - ok
10:46:22.0518 5676  [ 960C748F287AD59C41CA48F543A10BE8 ] OODefragAgent   C:\Program Files\OO Software\Defrag\oodag.exe
10:46:22.0706 5676  OODefragAgent - ok
10:46:22.0768 5676  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:46:22.0784 5676  ose - ok
10:46:22.0846 5676  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
10:46:22.0924 5676  p2pimsvc - ok
10:46:22.0940 5676  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
10:46:22.0971 5676  p2psvc - ok
10:46:22.0986 5676  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
10:46:23.0033 5676  Parport - ok
10:46:23.0080 5676  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:46:23.0096 5676  partmgr - ok
10:46:23.0127 5676  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
10:46:23.0189 5676  Parvdm - ok
10:46:23.0252 5676  [ AFADA8B97BE3C9398DC6C770409C3544 ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
10:46:23.0267 5676  PassThru Service ( UnsignedFile.Multi.Generic ) - warning
10:46:23.0267 5676  PassThru Service - detected UnsignedFile.Multi.Generic (1)
10:46:23.0283 5676  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:46:23.0330 5676  PcaSvc - ok
10:46:23.0361 5676  [ F451DCACBAA67F3307305EBD4A39EA07 ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfd.sys
10:46:23.0408 5676  pccsmcfd - ok
10:46:23.0454 5676  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
10:46:23.0470 5676  pci - ok
10:46:23.0501 5676  [ FC175F5DDAB666D7F4D17449A547626F ] pciide          C:\Windows\system32\drivers\pciide.sys
10:46:23.0548 5676  pciide - ok
10:46:23.0579 5676  [ 3BB2244F343B610C29C98035504C9B75 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
10:46:23.0595 5676  pcmcia - ok
10:46:23.0657 5676  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:46:23.0735 5676  PEAUTH - ok
10:46:23.0813 5676  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
10:46:23.0907 5676  pla - ok
10:46:24.0063 5676  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:46:24.0110 5676  PlugPlay - ok
10:46:24.0141 5676  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
10:46:24.0172 5676  PNRPAutoReg - ok
10:46:24.0188 5676  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
10:46:24.0219 5676  PNRPsvc - ok
10:46:24.0250 5676  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:46:24.0281 5676  PolicyAgent - ok
10:46:24.0359 5676  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:46:24.0406 5676  PptpMiniport - ok
10:46:24.0437 5676  [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor       C:\Windows\system32\drivers\processr.sys
10:46:24.0468 5676  Processor - ok
10:46:24.0515 5676  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:46:24.0531 5676  ProfSvc - ok
10:46:24.0562 5676  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
10:46:24.0578 5676  ProtectedStorage - ok
10:46:24.0671 5676  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
10:46:24.0718 5676  PSched - ok
10:46:24.0765 5676  [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2       C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
10:46:24.0765 5676  PSI_SVC_2 - ok
10:46:24.0936 5676  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
10:46:25.0014 5676  ql2300 - ok
10:46:25.0046 5676  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
10:46:25.0077 5676  ql40xx - ok
10:46:25.0139 5676  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
10:46:25.0186 5676  QWAVE - ok
10:46:25.0186 5676  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:46:25.0202 5676  QWAVEdrv - ok
10:46:25.0217 5676  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:46:25.0264 5676  RasAcd - ok
10:46:25.0280 5676  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
10:46:25.0311 5676  RasAuto - ok
10:46:25.0326 5676  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:46:25.0373 5676  Rasl2tp - ok
10:46:25.0436 5676  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
10:46:25.0482 5676  RasMan - ok
10:46:25.0498 5676  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:46:25.0529 5676  RasPppoe - ok
10:46:25.0545 5676  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:46:25.0560 5676  RasSstp - ok
10:46:25.0592 5676  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:46:25.0623 5676  rdbss - ok
10:46:25.0654 5676  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:46:25.0685 5676  RDPCDD - ok
10:46:25.0701 5676  [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
10:46:25.0732 5676  rdpdr - ok
10:46:25.0748 5676  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:46:25.0779 5676  RDPENCDD - ok
10:46:25.0841 5676  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:46:25.0888 5676  RDPWD - ok
10:46:25.0935 5676  [ 001B4278407F4303EFC902A2B16F2453 ] regi            C:\Windows\system32\drivers\regi.sys
10:46:25.0950 5676  regi - ok
10:46:25.0997 5676  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:46:26.0013 5676  RemoteAccess - ok
10:46:26.0091 5676  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:46:26.0106 5676  RemoteRegistry - ok
10:46:26.0169 5676  [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
10:46:26.0184 5676  RFCOMM - ok
10:46:26.0200 5676  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
10:46:26.0231 5676  RpcLocator - ok
10:46:26.0247 5676  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
10:46:26.0278 5676  RpcSs - ok
10:46:26.0309 5676  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:46:26.0356 5676  rspndr - ok
10:46:26.0372 5676  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
10:46:26.0387 5676  SamSs - ok
10:46:26.0855 5676  [ 23D90C85CBDD2F7C311C133041A00741 ] Samsung Network Fax Server C:\Windows\system32\spool\drivers\w32x86\3\NetFaxServer.exe
10:46:26.0855 5676  Samsung Network Fax Server ( UnsignedFile.Multi.Generic ) - warning
10:46:26.0855 5676  Samsung Network Fax Server - detected UnsignedFile.Multi.Generic (1)
10:46:26.0902 5676  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:46:26.0933 5676  sbp2port - ok
10:46:26.0949 5676  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:46:26.0980 5676  SCardSvr - ok
10:46:27.0120 5676  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
10:46:27.0167 5676  Schedule - ok
10:46:27.0198 5676  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:46:27.0214 5676  SCPolicySvc - ok
10:46:27.0245 5676  [ 126EA89BCC413EE45E3004FB0764888F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
10:46:27.0292 5676  sdbus - ok
10:46:27.0323 5676  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:46:27.0354 5676  SDRSVC - ok
10:46:27.0386 5676  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:46:27.0448 5676  secdrv - ok
10:46:27.0464 5676  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
10:46:27.0495 5676  seclogon - ok
10:46:27.0510 5676  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
10:46:27.0557 5676  SENS - ok
10:46:27.0573 5676  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
10:46:27.0620 5676  Serenum - ok
10:46:27.0635 5676  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
10:46:27.0682 5676  Serial - ok
10:46:27.0713 5676  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
10:46:27.0760 5676  sermouse - ok
10:46:27.0869 5676  [ 9BDE8F1F5D060E912FCF9FB58B71CBC1 ] ServiceLayer    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
10:46:27.0963 5676  ServiceLayer - ok
10:46:28.0010 5676  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
10:46:28.0041 5676  SessionEnv - ok
10:46:28.0103 5676  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:46:28.0150 5676  sffdisk - ok
10:46:28.0181 5676  [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:46:28.0212 5676  sffp_mmc - ok
10:46:28.0244 5676  [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:46:28.0275 5676  sffp_sd - ok
10:46:28.0290 5676  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
10:46:28.0353 5676  sfloppy - ok
10:46:28.0400 5676  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:46:28.0446 5676  SharedAccess - ok
10:46:28.0462 5676  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:46:28.0493 5676  ShellHWDetection - ok
10:46:28.0524 5676  [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
10:46:28.0540 5676  sisagp - ok
10:46:28.0556 5676  [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
10:46:28.0571 5676  SiSRaid2 - ok
10:46:28.0571 5676  [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
10:46:28.0587 5676  SiSRaid4 - ok
10:46:28.0634 5676  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
10:46:28.0649 5676  SkypeUpdate - ok
10:46:28.0961 5676  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
10:46:29.0351 5676  slsvc - ok
10:46:29.0445 5676  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
10:46:29.0507 5676  SLUINotify - ok
10:46:29.0538 5676  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:46:29.0570 5676  Smb - ok
10:46:29.0616 5676  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:46:29.0632 5676  SNMPTRAP - ok
10:46:29.0679 5676  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
10:46:29.0694 5676  spldr - ok
10:46:29.0804 5676  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
10:46:29.0850 5676  Spooler - ok
10:46:29.0897 5676  [ 5673E79BBB62A4C35B10D821FF1B4ACA ] SQLBrowser      C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
10:46:29.0928 5676  SQLBrowser - ok
10:46:29.0928 5676  [ 9263C8898732E2B890F7E954E7729AB7 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
10:46:29.0944 5676  SQLWriter - ok
10:46:30.0022 5676  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:46:30.0053 5676  srv - ok
10:46:30.0069 5676  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:46:30.0084 5676  srv2 - ok
10:46:30.0084 5676  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:46:30.0116 5676  srvnet - ok
10:46:30.0131 5676  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:46:30.0162 5676  SSDPSRV - ok
10:46:30.0209 5676  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
10:46:30.0225 5676  ssmdrv - ok
10:46:30.0272 5676  [ EF3458337D7341A05169CEFC73709264 ] SSPORT          C:\Windows\system32\Drivers\SSPORT.sys
10:46:30.0303 5676  SSPORT ( UnsignedFile.Multi.Generic ) - warning
10:46:30.0303 5676  SSPORT - detected UnsignedFile.Multi.Generic (1)
10:46:30.0365 5676  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:46:30.0381 5676  SstpSvc - ok
10:46:30.0428 5676  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
10:46:30.0474 5676  stisvc - ok
10:46:30.0506 5676  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
10:46:30.0521 5676  swenum - ok
10:46:30.0615 5676  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
10:46:30.0662 5676  swprv - ok
10:46:30.0677 5676  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
10:46:30.0693 5676  Symc8xx - ok
10:46:30.0693 5676  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
10:46:30.0708 5676  Sym_hi - ok
10:46:30.0724 5676  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
10:46:30.0740 5676  Sym_u3 - ok
10:46:30.0802 5676  [ BF7AA84D5AF0FAA0978C840E63B17DBF ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
10:46:30.0818 5676  SynTP - ok
10:46:30.0864 5676  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
10:46:30.0896 5676  SysMain - ok
10:46:30.0927 5676  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:46:30.0974 5676  TabletInputService - ok
10:46:31.0052 5676  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:46:31.0130 5676  TapiSrv - ok
10:46:31.0176 5676  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
10:46:31.0223 5676  TBS - ok
10:46:31.0317 5676  [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:46:31.0364 5676  Tcpip - ok
10:46:31.0379 5676  [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
10:46:31.0504 5676  Tcpip6 - ok
10:46:31.0582 5676  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:46:31.0598 5676  tcpipreg - ok
10:46:31.0676 5676  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:46:31.0754 5676  TDPIPE - ok
10:46:31.0754 5676  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:46:31.0785 5676  TDTCP - ok
10:46:31.0816 5676  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:46:31.0863 5676  tdx - ok
10:46:31.0878 5676  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
10:46:31.0894 5676  TermDD - ok
10:46:31.0941 5676  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
10:46:31.0972 5676  TermService - ok
10:46:32.0034 5676  [ 95746E5B1473432F3D9458940DBA6E3A ] TfFsMon         C:\Windows\system32\drivers\TfFsMon.sys
10:46:32.0050 5676  TfFsMon - ok
10:46:32.0159 5676  [ 02FFDD873E31C5C2D57CA87D11EC36AF ] TfNetMon        C:\Windows\system32\drivers\TfNetMon.sys
10:46:32.0159 5676  TfNetMon - ok
10:46:32.0237 5676  [ F8BD92251AB439383C051CE907D78CCE ] TfSysMon        C:\Windows\system32\drivers\TfSysMon.sys
10:46:32.0253 5676  TfSysMon - ok
10:46:32.0284 5676  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
10:46:32.0315 5676  Themes - ok
10:46:32.0346 5676  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
10:46:32.0378 5676  THREADORDER - ok
10:46:32.0518 5676  ThreatFire - ok
10:46:32.0658 5676  [ 3199A477F0F06EEDE41BD55179F8EB05 ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
10:46:32.0674 5676  TomTomHOMEService - ok
10:46:32.0721 5676  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
10:46:32.0768 5676  TrkWks - ok
10:46:32.0830 5676  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:46:32.0846 5676  TrustedInstaller - ok
10:46:32.0877 5676  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:46:32.0955 5676  tssecsrv - ok
10:46:32.0986 5676  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
10:46:33.0002 5676  tunmp - ok
10:46:33.0017 5676  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:46:33.0033 5676  tunnel - ok
10:46:33.0048 5676  [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35          C:\Windows\system32\drivers\uagp35.sys
10:46:33.0064 5676  uagp35 - ok
10:46:33.0080 5676  [ F763E070843EE2803DE1395002B42938 ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
10:46:33.0095 5676  UBHelper - ok
10:46:33.0189 5676  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:46:33.0204 5676  udfs - ok
10:46:33.0251 5676  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:46:33.0314 5676  UI0Detect - ok
10:46:33.0345 5676  [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:46:33.0360 5676  uliagpkx - ok
10:46:33.0392 5676  [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci         C:\Windows\system32\drivers\uliahci.sys
10:46:33.0407 5676  uliahci - ok
10:46:33.0423 5676  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
10:46:33.0438 5676  UlSata - ok
10:46:33.0454 5676  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
10:46:33.0470 5676  ulsata2 - ok
10:46:33.0485 5676  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
10:46:33.0532 5676  umbus - ok
10:46:33.0579 5676  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
10:46:33.0626 5676  upnphost - ok
10:46:33.0657 5676  [ B671514497DF7417F83919A6A5BD6BB9 ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
10:46:33.0704 5676  upperdev - ok
10:46:33.0750 5676  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:46:33.0797 5676  usbccgp - ok
10:46:33.0828 5676  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:46:33.0860 5676  usbcir - ok
10:46:33.0906 5676  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
10:46:33.0938 5676  usbehci - ok
10:46:33.0984 5676  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:46:34.0062 5676  usbhub - ok
10:46:34.0078 5676  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
10:46:34.0125 5676  usbohci - ok
10:46:34.0187 5676  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
10:46:34.0250 5676  usbprint - ok
10:46:34.0281 5676  [ A508C9BD8724980512136B039BBA65E9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
10:46:34.0328 5676  usbscan - ok
10:46:34.0359 5676  [ D575246188F63DE0ACCF6EAC5FB59E6A ] usbser          C:\Windows\system32\DRIVERS\usbser.sys
10:46:34.0374 5676  usbser - ok
10:46:34.0406 5676  [ FF358FD3176B2E5605C4ACCD5026A5AC ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
10:46:34.0437 5676  UsbserFilt - ok
10:46:34.0452 5676  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:46:34.0499 5676  USBSTOR - ok
10:46:34.0499 5676  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
10:46:34.0546 5676  usbuhci - ok
10:46:34.0593 5676  [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
10:46:34.0640 5676  usbvideo - ok
10:46:34.0655 5676  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
10:46:34.0702 5676  UxSms - ok
10:46:34.0733 5676  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
10:46:34.0764 5676  vds - ok
10:46:34.0780 5676  [ 87B06E1F30B749A114F74622D013F8D4 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:46:34.0827 5676  vga - ok
10:46:34.0827 5676  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:46:34.0874 5676  VgaSave - ok
10:46:34.0905 5676  [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp          C:\Windows\system32\drivers\viaagp.sys
10:46:34.0936 5676  viaagp - ok
10:46:34.0952 5676  [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7           C:\Windows\system32\drivers\viac7.sys
10:46:34.0983 5676  ViaC7 - ok
10:46:34.0983 5676  [ AADF5587A4063F52C2C3FED7887426FC ] viaide          C:\Windows\system32\drivers\viaide.sys
10:46:34.0998 5676  viaide - ok
10:46:35.0014 5676  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:46:35.0030 5676  volmgr - ok
10:46:35.0061 5676  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:46:35.0076 5676  volmgrx - ok
10:46:35.0123 5676  [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:46:35.0186 5676  volsnap - ok
10:46:35.0248 5676  [ 7E6FA079B8D8ABE9FCE25BA7A2A7CDAF ] VSBC7           C:\Windows\system32\DRIVERS\evsbc7.sys
10:46:35.0264 5676  VSBC7 - ok
10:46:35.0279 5676  [ 587253E09325E6BF226B299774B728A9 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
10:46:35.0310 5676  vsmraid - ok
10:46:35.0388 5676  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
10:46:35.0466 5676  VSS - ok
10:46:35.0529 5676  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
10:46:35.0544 5676  W32Time - ok
10:46:35.0591 5676  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
10:46:35.0654 5676  WacomPen - ok
10:46:35.0685 5676  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
10:46:35.0716 5676  Wanarp - ok
10:46:35.0732 5676  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:46:35.0763 5676  Wanarpv6 - ok
10:46:35.0981 5676  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:46:36.0012 5676  wcncsvc - ok
10:46:36.0028 5676  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:46:36.0075 5676  WcsPlugInService - ok
10:46:36.0090 5676  [ 78FE9542363F297B18C027B2D7E7C07F ] Wd              C:\Windows\system32\drivers\wd.sys
10:46:36.0106 5676  Wd - ok
10:46:36.0122 5676  [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam.sys
10:46:36.0153 5676  WDC_SAM - ok
10:46:36.0200 5676  [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:46:36.0231 5676  Wdf01000 - ok
10:46:36.0262 5676  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:46:36.0293 5676  WdiServiceHost - ok
10:46:36.0293 5676  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:46:36.0324 5676  WdiSystemHost - ok
10:46:36.0418 5676  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
10:46:36.0480 5676  WebClient - ok
10:46:36.0512 5676  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:46:36.0527 5676  Wecsvc - ok
10:46:36.0558 5676  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:46:36.0590 5676  wercplsupport - ok
10:46:36.0605 5676  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:46:36.0636 5676  WerSvc - ok
10:46:36.0761 5676  [ 0ACD399F5DB3DF1B58903CF4949AB5A8 ] winachsf        C:\Windows\system32\DRIVERS\HSX_CNXT.sys
10:46:36.0792 5676  winachsf - ok
10:46:36.0870 5676  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
10:46:36.0902 5676  WinDefend - ok
10:46:36.0902 5676  WinHttpAutoProxySvc - ok
10:46:36.0964 5676  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:46:36.0980 5676  Winmgmt - ok
10:46:37.0245 5676  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
10:46:37.0338 5676  WinRM - ok
10:46:37.0416 5676  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:46:37.0479 5676  Wlansvc - ok
10:46:37.0510 5676  [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
10:46:37.0541 5676  WmiAcpi - ok
10:46:37.0572 5676  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:46:37.0650 5676  wmiApSrv - ok
10:46:37.0697 5676  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
10:46:37.0775 5676  WMPNetworkSvc - ok
10:46:37.0791 5676  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:46:37.0838 5676  WPCSvc - ok
10:46:37.0853 5676  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:46:37.0916 5676  WPDBusEnum - ok
10:46:37.0947 5676  [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
10:46:37.0962 5676  WpdUsb - ok
10:46:38.0150 5676  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:46:38.0228 5676  WPFFontCache_v0400 - ok
10:46:38.0243 5676  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:46:38.0274 5676  ws2ifsl - ok
10:46:38.0306 5676  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\System32\wscsvc.dll
10:46:38.0368 5676  wscsvc - ok
10:46:38.0368 5676  WSearch - ok
10:46:38.0540 5676  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
10:46:38.0664 5676  wuauserv - ok
10:46:38.0742 5676  [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:46:38.0774 5676  WUDFRd - ok
10:46:38.0789 5676  [ 575A4190D989F64732119E4114045A4F ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:46:38.0820 5676  wudfsvc - ok
10:46:38.0852 5676  [ DAB33CFA9DD24251AAA389FF36B64D4B ] XAudio          C:\Windows\system32\DRIVERS\xaudio.sys
10:46:38.0883 5676  XAudio - ok
10:46:38.0883 5676  [ CD5F291A1161F15896D1A4D63DAFF5DF ] XAudioService   C:\Windows\system32\DRIVERS\xaudio.exe
10:46:38.0930 5676  XAudioService - ok
10:46:38.0945 5676  ================ Scan global ===============================
10:46:38.0961 5676  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
10:46:38.0992 5676  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
10:46:38.0992 5676  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
10:46:39.0054 5676  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
10:46:39.0070 5676  [Global] - ok
10:46:39.0070 5676  ================ Scan MBR ==================================
10:46:39.0070 5676  [ 32A32ADBC7112BD07D2546D035932152 ] \Device\Harddisk0\DR0
10:46:41.0488 5676  \Device\Harddisk0\DR0 - ok
10:46:41.0488 5676  ================ Scan VBR ==================================
10:46:41.0519 5676  [ 020B271CF3C90B009D8A295B32589579 ] \Device\Harddisk0\DR0\Partition1
10:46:41.0519 5676  \Device\Harddisk0\DR0\Partition1 - ok
10:46:41.0535 5676  [ C41FA788438E645B98E008CD619D3FD5 ] \Device\Harddisk0\DR0\Partition2
10:46:41.0535 5676  \Device\Harddisk0\DR0\Partition2 - ok
10:46:41.0535 5676  ============================================================
10:46:41.0535 5676  Scan finished
10:46:41.0535 5676  ============================================================
10:46:41.0550 1140  Detected object count: 11
10:46:41.0550 1140  Actual detected object count: 11
10:47:48.0724 1140  C:\Program Files\Bonjour\mDNSResponder.exe - copied to quarantine
10:47:48.0740 1140  HKLM\SYSTEM\ControlSet001\services\Bonjour Service - will be deleted on reboot
10:47:48.0802 1140  HKLM\SYSTEM\ControlSet002\services\Bonjour Service - will be deleted on reboot
10:47:48.0833 1140  C:\Program Files\Bonjour\mDNSResponder.exe - will be deleted on reboot
10:47:48.0833 1140  Bonjour Service ( UnsignedFile.Multi.Generic ) - User select action: Delete 
10:47:48.0849 1140  C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe - copied to quarantine
10:47:48.0849 1140  HKLM\SYSTEM\ControlSet001\services\BUNAgentSvc - will be deleted on reboot
10:47:48.0864 1140  HKLM\SYSTEM\ControlSet002\services\BUNAgentSvc - will be deleted on reboot
10:47:48.0864 1140  C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe - will be deleted on reboot
10:47:48.0864 1140  BUNAgentSvc ( UnsignedFile.Multi.Generic ) - User select action: Delete 
10:47:48.0896 1140  C:\Windows\system32\Drivers\DgiVecp.sys - copied to quarantine
10:47:48.0896 1140  HKLM\SYSTEM\ControlSet001\services\DgiVecp - will be deleted on reboot
10:47:48.0896 1140  HKLM\SYSTEM\ControlSet002\services\DgiVecp - will be deleted on reboot
10:47:48.0896 1140  C:\Windows\system32\Drivers\DgiVecp.sys - will be deleted on reboot
10:47:48.0896 1140  DgiVecp ( UnsignedFile.Multi.Generic ) - User select action: Delete 
10:47:48.0942 1140  C:\Program Files\Acer\Empowering Technology\Service\ETService.exe - copied to quarantine
10:47:48.0942 1140  HKLM\SYSTEM\ControlSet001\services\ETService - will be deleted on reboot
10:47:48.0942 1140  HKLM\SYSTEM\ControlSet002\services\ETService - will be deleted on reboot
10:47:48.0942 1140  C:\Program Files\Acer\Empowering Technology\Service\ETService.exe - will be deleted on reboot
10:47:48.0942 1140  ETService ( UnsignedFile.Multi.Generic ) - User select action: Delete 
10:47:49.0005 1140  C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe - copied to quarantine
10:47:49.0005 1140  HKLM\SYSTEM\ControlSet001\services\FLEXnet Licensing Service - will be deleted on reboot
10:47:49.0005 1140  HKLM\SYSTEM\ControlSet002\services\FLEXnet Licensing Service - will be deleted on reboot
10:47:49.0005 1140  C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe - will be deleted on reboot
10:47:49.0005 1140  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Delete 
10:47:49.0067 1140  C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe - copied to quarantine
10:47:49.0067 1140  HKLM\SYSTEM\ControlSet001\services\GoogleDesktopManager-080708-050100 - will be deleted on reboot
10:47:49.0067 1140  HKLM\SYSTEM\ControlSet002\services\GoogleDesktopManager-080708-050100 - will be deleted on reboot
10:47:49.0083 1140  C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe - will be deleted on reboot
10:47:49.0083 1140  GoogleDesktopManager-080708-050100 ( UnsignedFile.Multi.Generic ) - User select action: Delete 
10:47:49.0114 1140  C:\Program Files\Common Files\LightScribe\LSSrvc.exe - copied to quarantine
10:47:49.0114 1140  HKLM\SYSTEM\ControlSet001\services\LightScribeService - will be deleted on reboot
10:47:49.0114 1140  HKLM\SYSTEM\ControlSet002\services\LightScribeService - will be deleted on reboot
10:47:49.0114 1140  C:\Program Files\Common Files\LightScribe\LSSrvc.exe - will be deleted on reboot
10:47:49.0114 1140  LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Delete 
10:47:49.0161 1140  C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe - copied to quarantine
10:47:49.0161 1140  HKLM\SYSTEM\ControlSet001\services\NTISchedulerSvc - will be deleted on reboot
10:47:49.0161 1140  HKLM\SYSTEM\ControlSet002\services\NTISchedulerSvc - will be deleted on reboot
10:47:49.0161 1140  C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe - will be deleted on reboot
10:47:49.0161 1140  NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - User select action: Delete 
10:47:49.0192 1140  C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe - copied to quarantine
10:47:49.0192 1140  HKLM\SYSTEM\ControlSet001\services\PassThru Service - will be deleted on reboot
10:47:49.0192 1140  HKLM\SYSTEM\ControlSet002\services\PassThru Service - will be deleted on reboot
10:47:49.0192 1140  C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe - will be deleted on reboot
10:47:49.0192 1140  PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Delete 
10:47:49.0223 1140  C:\Windows\system32\spool\drivers\w32x86\3\NetFaxServer.exe - copied to quarantine
10:47:49.0223 1140  HKLM\SYSTEM\ControlSet001\services\Samsung Network Fax Server - will be deleted on reboot
10:47:49.0239 1140  HKLM\SYSTEM\ControlSet002\services\Samsung Network Fax Server - will be deleted on reboot
10:47:49.0254 1140  C:\Windows\system32\spool\drivers\w32x86\3\NetFaxServer.exe - will be deleted on reboot
10:47:49.0254 1140  Samsung Network Fax Server ( UnsignedFile.Multi.Generic ) - User select action: Delete 
10:47:49.0254 1140  C:\Windows\system32\Drivers\SSPORT.sys - copied to quarantine
10:47:49.0254 1140  HKLM\SYSTEM\ControlSet001\services\SSPORT - will be deleted on reboot
10:47:49.0270 1140  HKLM\SYSTEM\ControlSet002\services\SSPORT - will be deleted on reboot
10:47:49.0270 1140  C:\Windows\system32\Drivers\SSPORT.sys - will be deleted on reboot
10:47:49.0270 1140  SSPORT ( UnsignedFile.Multi.Generic ) - User select action: Delete 
10:48:59.0018 1064  Deinitialize success

Ich habe jedoch alle Funde gelöscht, da es in der Beschreibung so stand.

cosinus · 09.12.2012, 17:56

Zitat:

Ich habe jedoch alle Funde gelöscht, da es in der Beschreibung so stand.

Wo bitte stand das?

Was steht denn in meinem Posting?!
Naja, du hast dir jetzt zig Dienste und Programme offensichtlich zerkloppt...

sushi79 · 09.12.2012, 20:52

Hier stand das!

cosinus · 10.12.2012, 11:58

Und warum liest du nicht meine Anleitungen komplettt durch?

Ich hab dich in #4 deutlich darauf hingewiesen alles vernünftig durchzulesen und sich an die Hinweise zu halten!

Zitat:

Zitat von cosinus

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

sushi79 · 11.12.2012, 07:01

Und wie geht es nun weiter???

cosinus · 11.12.2012, 10:24

Läuft dein Rechner überhaupt noch vernünftig?! Du hast dir da viele Teile vom System zerkloppt weil du meinen Hinweis nicht zur Kenntnis genommen hast!

sushi79 · 13.12.2012, 08:55

Ja, der läuft ganz normal. Wie vorher auch.

11.12.2012, 10:24	#14
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Saving sidekicks entfernen Läuft dein Rechner überhaupt noch vernünftig?! Du hast dir da viele Teile vom System zerkloppt weil du meinen Hinweis nicht zur Kenntnis genommen hast! __________________ Logfiles bitte immer in CODE-Tags posten

Saving sidekicks entfernen

Plagegeister aller Art und deren Bekämpfung: Saving sidekicks entfernen