Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Mehrere Funde durch Malwarebytes

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 12.06.2013, 10:41   #1
tam
 
Mehrere Funde durch Malwarebytes - Standard

Mehrere Funde durch Malwarebytes



Hallo, ich habe auf unserem 2. Laptop durch Malwarebytes folgendes log erhalten:

Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Version de la base de données: v2013.06.12.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
[administrateur]

12.06.2013 09:06:10
mbam-log-2013-06-12 (09-06-10).txt

Type d'examen: Examen complet (C:\|D:\|E:\|F:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 648184
Temps écoulé: 2 heure(s), 29 minute(s), 27 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 3
HKCU\SOFTWARE\Funmoods (PUP.FunMoods) -> Aucune action effectuée.
HKCU\SOFTWARE\InstallCore\funmoods (PUP.FunMoods) -> Aucune action effectuée.
HKLM\SOFTWARE\InstallCore\funmoods (PUP.FunMoods) -> Aucune action effectuée.

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 1
C:\ProgramData\IBUpdaterService (PUP.InstallBrain) -> Aucune action effectuée.

Fichier(s) détecté(s): 3
C:\Users\Tankeu Tokoto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage (PUP.Funmoods) -> Aucune action effectuée.
C:\ProgramData\IBUpdaterService\repository.xml (PUP.InstallBrain) -> Aucune action effectuée.
C:\Users\Tankeu Tokoto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage (PUP.FunMoods) -> Aucune action effectuée.

(fin)
         
wie gehe ich weiter vor?

Alt 12.06.2013, 10:45   #2
markusg
/// Malware-holic
 
Mehrere Funde durch Malwarebytes - Standard

Mehrere Funde durch Malwarebytes



hi,

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 12.06.2013, 11:52   #3
tam
 
Mehrere Funde durch Malwarebytes - Standard

Mehrere Funde durch Malwarebytes



So, hier OTL

Code:
ATTFilter
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Tankeu Tokoto\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,99 Gb Available Physical Memory | 49,78% Memory free
7,99 Gb Paging File | 6,15 Gb Available in Paging File | 76,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 237,94 Gb Total Space | 83,01 Gb Free Space | 34,89% Space Free | Partition Type: NTFS
Drive E: | 19,77 Gb Total Space | 5,69 Gb Free Space | 28,76% Space Free | Partition Type: NTFS
Drive F: | 193,36 Gb Total Space | 190,72 Gb Free Space | 98,64% Space Free | Partition Type: NTFS
Drive I: | 7,59 Gb Total Space | 4,52 Gb Free Space | 59,55% Space Free | Partition Type: FAT32
 
Computer Name: TANKEUTOKOTO-PC | User Name: Tankeu Tokoto | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - File not found -- 
PRC - [2013.06.12 11:48:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tankeu Tokoto\Desktop\OTL.exe
PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.05.09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.02.13 04:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2013.01.09 18:36:06 | 000,795,208 | ---- | M] (pdfforge GbR) -- C:\Program Files (x86)\PDF Architect\ConversionService.exe
PRC - [2013.01.09 18:34:26 | 001,324,104 | ---- | M] (pdfforge GbR) -- C:\Program Files (x86)\PDF Architect\HelperService.exe
PRC - [2012.02.23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
PRC - [2011.09.06 19:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011.08.18 17:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
PRC - [2011.08.18 17:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2011.08.01 19:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2009.06.25 04:19:50 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009.06.19 05:46:24 | 000,494,064 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2009.06.09 18:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Programme\Dell\DellDock\DockLogin.exe
PRC - [2009.06.05 03:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009.06.05 03:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009.05.21 16:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.05.16 08:49:00 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\3c2ed368e1f3889997dfb42a5ca77284\System.Core.ni.dll
MOD - [2013.05.16 08:09:58 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\af525b4bec3b9941b7be8ffbf813da80\PresentationFramework.ni.dll
MOD - [2013.05.16 08:09:33 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll
MOD - [2013.05.16 08:09:22 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7eac0dbe9aa20b55e37235f8ee030e6b\PresentationCore.ni.dll
MOD - [2013.05.16 08:09:06 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll
MOD - [2013.05.16 08:08:57 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll
MOD - [2013.02.13 04:38:06 | 000,100,688 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2013.02.13 04:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2013.01.09 14:37:08 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
MOD - [2013.01.09 14:36:02 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.01.09 14:35:38 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.01.09 14:35:32 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.01.09 14:35:25 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2011.09.27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.08.18 17:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
MOD - [2009.06.19 05:46:24 | 000,494,064 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2009.07.17 03:06:22 | 000,033,280 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2009.06.29 06:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009.06.25 12:48:28 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2007.02.12 10:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Windows\SysNative\drivers\o2flash.exe -- (O2FLASH)
SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013.01.09 18:36:06 | 000,795,208 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\ConversionService.exe -- (PDF Architect Service)
SRV - [2013.01.09 18:34:26 | 001,324,104 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\HelperService.exe -- (PDF Architect Helper Service)
SRV - [2011.10.27 11:34:30 | 000,718,384 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.08.18 17:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2011.03.28 22:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.10.12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010.06.06 18:32:00 | 003,819,912 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.29 06:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe -- (STacSV)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.06.09 18:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Programme\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2009.06.05 03:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2009.05.21 16:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter)
SRV - [2008.04.10 22:52:38 | 001,642,760 | ---- | M] (Acresso Software Inc.) [Auto | Running] -- C:\SIMULIA\License\lmgrd.exe -- (Flexlm Service 1)
SRV - [2007.05.31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.05.09 10:59:07 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013.05.09 10:59:07 | 000,378,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013.05.09 10:59:07 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.05.09 10:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.05.09 10:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.05.09 10:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013.05.09 10:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013.05.09 10:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013.03.07 01:33:20 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.08.02 18:38:44 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2011.06.15 10:10:14 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.06.10 07:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.15 18:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010.12.24 18:37:16 | 000,115,328 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2010.12.17 00:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.11.20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.09.17 10:37:07 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\seehcri.sys -- (seehcri)
DRV:64bit: - [2010.09.02 09:18:46 | 000,021,504 | ---- | M] (Shrew Soft Inc) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\vfilter.sys -- (vflt)
DRV:64bit: - [2010.09.02 09:18:46 | 000,017,408 | ---- | M] (Shrew Soft Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\virtualnet.sys -- (vnet)
DRV:64bit: - [2010.08.12 06:07:46 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009.10.08 10:54:42 | 000,151,016 | ---- | M] (NCP Engineering GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ncplelhp.sys -- (ncplelhp)
DRV:64bit: - [2009.07.17 03:06:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2009.07.17 03:06:16 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.07.07 07:18:28 | 000,023,912 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Acceler.sys -- (Acceler)
DRV:64bit: - [2009.06.29 06:44:38 | 000,487,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009.06.26 06:23:30 | 000,272,432 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.06.25 13:24:30 | 006,036,480 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.06.15 21:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.22 11:18:20 | 000,069,152 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2mdgx64.sys -- (O2MDGRDR)
DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008.08.28 13:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008.05.16 11:33:06 | 000,158,760 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mdm.sys -- (s0016mdm)
DRV:64bit: - [2008.05.16 11:33:06 | 000,151,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016unic.sys -- (s0016unic)
DRV:64bit: - [2008.05.16 11:33:06 | 000,137,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mgmt.sys -- (s0016mgmt)
DRV:64bit: - [2008.05.16 11:33:06 | 000,136,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016obex.sys -- (s0016obex)
DRV:64bit: - [2008.05.16 11:33:06 | 000,034,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016nd5.sys -- (s0016nd5)
DRV:64bit: - [2008.05.16 11:33:04 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV:64bit: - [2008.05.16 11:32:56 | 000,115,240 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016bus.sys -- (s0016bus)
DRV:64bit: - [2006.11.01 20:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005.01.04 02:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {F2794E0A-6303-4BF5-8BB3-5E7FF67C3DCB}
IE:64bit: - HKLM\..\SearchScopes\{F2794E0A-6303-4BF5-8BB3-5E7FF67C3DCB}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{2C868C15-8DF1-4DAD-AC10-9FB26E51E1BC}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10011&barid={D6ABC9B4-5FE2-11E2-88CB-0024E8F820D8}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.holasearch.com/?affID=1 [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.holasearch.com/?affID=121962&tt=gc_&babsrc=HP_ss&mntrId=B2C60CEEE6946449
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.holasearch.com/?q={searchTerms}&affID=121962&tt=gc_&babsrc=SP_ss&mntrId=B2C60CEEE6946449
IE - HKCU\..\SearchScopes\{5AC56FC1-B90F-4E77-A445-10EF4D30EDF8}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={sear
IE - HKCU\..\SearchScopes\{83A49F5A-C843-4933-83EB-7E4156A08562}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = hxxp://www.daemon-search.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{BEBE0494-D071-4478-B8B3-A8CB1ED19567}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=PF&o=15180&src=kw&q={searchTerms}&locale=&apn_ptnrs=RX&apn_dtid=YYYYYYYYDE&apn_uid=64cafec3-af50-4641-ac33-c748605bceb7&apn_sauid=D9465218-E505-406F-8458-F62F8A17FA61
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10011&barid={D6ABC9B4-5FE2-11E2-88CB-0024E8F820D8}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentBar_DE Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: gutegutscheine%40gutegutscheine.com:3.1.5
FF - prefs.js..extensions.enabledAddons: %7Bc840e246-6b95-475e-9bd7-caa1c7eca9f2%7D:3.18.0.7
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1489
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=2&CUI=SB_CUI&q="
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_45: C:\Windows\system32\npdeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0:  File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@www.flatcast.com/FlatViewer 5.2: C:\Users\TANKEU~1\AppData\Roaming\Flatcast\NpFv522.dll (1 mal 1 Software GmbH)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011.05.24 21:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.05.29 11:14:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013.02.19 18:22:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013.03.17 00:22:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.21 11:12:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.21 11:12:40 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.21 11:12:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.21 11:12:40 | 000,000,000 | ---D | M]
 
[2010.01.02 20:16:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tankeu Tokoto\AppData\Roaming\mozilla\Extensions
[2013.05.22 09:59:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tankeu Tokoto\AppData\Roaming\mozilla\Firefox\Profiles\euqplq9m.default\extensions
[2013.02.13 10:07:34 | 000,000,000 | ---D | M] (uTorrentBar_DE Community Toolbar) -- C:\Users\Tankeu Tokoto\AppData\Roaming\mozilla\Firefox\Profiles\euqplq9m.default\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}
[2011.05.14 20:59:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tankeu Tokoto\AppData\Roaming\mozilla\Firefox\Profiles\euqplq9m.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}-trash
[2013.01.16 15:44:57 | 000,000,000 | ---D | M] (SweetPacks Toolbar for Firefox) -- C:\Users\Tankeu Tokoto\AppData\Roaming\mozilla\Firefox\Profiles\euqplq9m.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2013.04.30 20:48:21 | 000,000,000 | ---D | M] (HDvid Codec) -- C:\Users\Tankeu Tokoto\AppData\Roaming\mozilla\Firefox\Profiles\euqplq9m.default\extensions\hdvc@hdvc.com
[2013.01.16 15:41:05 | 000,000,000 | ---D | M] (Torntv) -- C:\Users\Tankeu Tokoto\AppData\Roaming\mozilla\Firefox\Profiles\euqplq9m.default\extensions\torntv@torntv.com
[2012.09.28 22:19:42 | 000,020,579 | ---- | M] () (No name found) -- C:\Users\Tankeu Tokoto\AppData\Roaming\mozilla\firefox\profiles\euqplq9m.default\extensions\gutegutscheine@gutegutscheine.com.xpi
[2013.04.17 15:50:46 | 000,201,930 | ---- | M] () (No name found) -- C:\Users\Tankeu Tokoto\AppData\Roaming\mozilla\firefox\profiles\euqplq9m.default\extensions\hdvc@hdvc.com.xpi
[2013.01.16 15:41:04 | 000,213,444 | ---- | M] () (No name found) -- C:\Users\Tankeu Tokoto\AppData\Roaming\mozilla\firefox\profiles\euqplq9m.default\extensions\torntv@torntv.com.xpi
[2013.05.22 09:59:46 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Tankeu Tokoto\AppData\Roaming\mozilla\firefox\profiles\euqplq9m.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.01.16 15:44:56 | 000,190,000 | ---- | M] () (No name found) -- C:\Users\Tankeu Tokoto\AppData\Roaming\mozilla\firefox\profiles\euqplq9m.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
[2012.05.07 22:58:53 | 000,002,399 | ---- | M] () -- C:\Users\Tankeu Tokoto\AppData\Roaming\mozilla\firefox\profiles\euqplq9m.default\searchplugins\askcom.xml
[2013.05.17 13:38:14 | 000,006,498 | ---- | M] () -- C:\Users\Tankeu Tokoto\AppData\Roaming\mozilla\firefox\profiles\euqplq9m.default\searchplugins\babylon.xml
[2012.11.22 12:51:52 | 000,002,444 | ---- | M] () -- C:\Users\Tankeu Tokoto\AppData\Roaming\mozilla\firefox\profiles\euqplq9m.default\searchplugins\babylon1.xml
[2012.11.22 12:51:30 | 000,002,361 | ---- | M] () -- C:\Users\Tankeu Tokoto\AppData\Roaming\mozilla\firefox\profiles\euqplq9m.default\searchplugins\BrowserProtect.xml
[2013.02.10 16:20:34 | 000,000,931 | ---- | M] () -- C:\Users\Tankeu Tokoto\AppData\Roaming\mozilla\firefox\profiles\euqplq9m.default\searchplugins\conduit.xml
[2010.07.12 08:49:24 | 000,002,055 | ---- | M] () -- C:\Users\Tankeu Tokoto\AppData\Roaming\mozilla\firefox\profiles\euqplq9m.default\searchplugins\daemon-search.xml
[2013.05.17 13:38:34 | 000,001,304 | ---- | M] () -- C:\Users\Tankeu Tokoto\AppData\Roaming\mozilla\firefox\profiles\euqplq9m.default\searchplugins\holasearch.xml
[2012.11.22 12:51:52 | 000,002,444 | ---- | M] () -- C:\Users\Tankeu Tokoto\AppData\Roaming\mozilla\firefox\profiles\euqplq9m.default\searchplugins\mngr.xml
[2013.01.16 15:46:26 | 000,003,998 | ---- | M] () -- C:\Users\Tankeu Tokoto\AppData\Roaming\mozilla\firefox\profiles\euqplq9m.default\searchplugins\sweetim.xml
[2013.05.21 11:12:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.05.21 11:12:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013.05.21 11:12:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.05.21 11:12:51 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.05.29 11:14:08 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2009.09.21 12:00:44 | 001,447,328 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files (x86)\mozilla firefox\plugins\NpFv522.dll
[2012.11.22 12:51:30 | 000,002,361 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2011.03.25 17:30:51 | 000,002,027 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
 
========== Chrome  ==========
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - homepage: hxxp://www.holasearch.com/?affID=121962&tt=gc_&babsrc=HP_ss&mntrId=B2C60CEEE6946449
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: Flatcast Viewer Plugin 5.2.2.454 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NpFv522.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll
CHR - Extension: SiteAdvisor = C:\Users\Tankeu Tokoto\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.137.7_0\
CHR - Extension: Torntv = C:\Users\Tankeu Tokoto\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbpkiefagocgkmemidfngdkamloieekf\1.1_0\
CHR - Extension: uTorrentBar_DE = C:\Users\Tankeu Tokoto\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.7.1_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Tankeu Tokoto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (PDF Architect Toolbar) - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - No CLSID value found.
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [WrtMon.exe] C:\Windows\SysNative\spool\drivers\x64\3\WrtMon.exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab (Java Plug-in 1.6.0_45)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab (Java Plug-in 1.6.0_45)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab (Java Plug-in 1.6.0_45)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: 55963676-2F5E-4BAF-AC28-CF26AA587566 vpnweb.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 193.189.244.202 193.189.244.194
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3CE7FF70-436E-4533-934E-2774F8443864}: DhcpNameServer = 193.189.244.206 193.189.244.225
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF864E03-C797-48D1-AD55-83116CBA6467}: DhcpNameServer = 192.168.1.1 193.189.244.202 193.189.244.194
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{bd998601-0f7b-11e0-a2fb-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{bd998601-0f7b-11e0-a2fb-806e6f6e6963}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{d728eacf-4bdd-11e1-9e2b-0024e8f820d8}\Shell - "" = AutoRun
O33 - MountPoints2\{d728eacf-4bdd-11e1-9e2b-0024e8f820d8}\Shell\AutoRun\command - "" = G:\Installer.exe
O33 - MountPoints2\{e116498f-e589-11de-a7fb-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e116498f-e589-11de-a7fb-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\Autorun.exe .\common\startupGUI\AbaqusStartup.hta
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\Windows\system32\ieudinit.exe
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
 
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.12 11:48:21 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Tankeu Tokoto\Desktop\OTL.exe
[2013.06.12 09:05:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.06.12 09:05:15 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.06.08 22:27:04 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.05.29 11:14:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013.05.21 11:12:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.05.20 17:30:54 | 000,000,000 | ---D | C] -- C:\Users\Tankeu Tokoto\Desktop\AC
[2013.05.18 12:46:45 | 000,000,000 | ---D | C] -- C:\Intel
[2013.05.17 12:47:33 | 000,000,000 | ---D | C] -- C:\Users\Tankeu Tokoto\AppData\Roaming\PerformerSoft
[2013.05.17 12:47:33 | 000,000,000 | ---D | C] -- C:\ProgramData\IBUpdaterService
[2013.05.17 12:47:31 | 000,019,632 | ---- | C] (PerformerSoft LLC) -- C:\Windows\SysNative\roboot64.exe
[2010.01.10 10:48:03 | 008,656,832 | ---- | C] (Dell, Inc.                                                   ) -- C:\Users\Tankeu Tokoto\AppData\Roaming\DataSafeDotNet.exe
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.12 11:48:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tankeu Tokoto\Desktop\OTL.exe
[2013.06.12 11:29:05 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.12 09:05:18 | 000,001,078 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.06.12 01:29:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.11 21:30:47 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.06.11 21:30:47 | 000,696,870 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.06.11 21:30:47 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.06.11 21:30:47 | 000,148,134 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.06.11 21:30:47 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.06.11 19:23:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.07 07:51:04 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.07 07:51:04 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.29 11:14:16 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.05.20 21:09:36 | 000,000,292 | ---- | M] () -- C:\Users\Tankeu Tokoto\AppData\Local\HamsterBookConverter.cfg
[2013.05.16 08:06:21 | 000,429,800 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2013.06.12 09:05:18 | 000,001,078 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.05.20 21:09:35 | 000,000,292 | ---- | C] () -- C:\Users\Tankeu Tokoto\AppData\Local\HamsterBookConverter.cfg
[2013.05.17 14:28:57 | 000,001,426 | ---- | C] () -- C:\Users\Tankeu Tokoto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012.03.14 12:37:19 | 000,000,862 | ---- | C] () -- C:\Users\Tankeu Tokoto\.recently-used.xbel
[2012.01.31 12:07:23 | 001,590,378 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.11 20:41:42 | 000,695,578 | ---- | C] () -- C:\Windows\unins000.exe
[2011.12.11 20:41:42 | 000,000,884 | ---- | C] () -- C:\Windows\unins000.dat
[2011.10.02 10:49:44 | 000,000,000 | ---- | C] () -- C:\Users\Tankeu Tokoto\AppData\Local\{29DBE6BB-8B47-4922-98D6-F03D04894966}
[2011.10.01 10:08:50 | 000,005,457 | ---- | C] () -- C:\Users\Tankeu Tokoto\abaqus_v6.10.gpr
[2011.07.23 21:58:35 | 000,000,000 | ---- | C] () -- C:\Users\Tankeu Tokoto\AppData\Local\{2517D35B-3C97-4C3C-9D51-206AE1B8B333}
[2011.05.12 15:58:03 | 000,000,000 | ---- | C] () -- C:\Users\Tankeu Tokoto\AppData\Local\{D0DCD2F1-50FB-4596-ACA4-C1233391EEC8}
[2011.05.12 15:56:06 | 000,000,000 | ---- | C] () -- C:\Users\Tankeu Tokoto\AppData\Local\{4A09CC80-AF91-497F-A4AE-810B237E1145}
[2011.05.12 13:53:04 | 000,000,000 | ---- | C] () -- C:\Users\Tankeu Tokoto\AppData\Local\{C4B65E9C-3E7B-4BAF-B0F9-26C783BD9C50}
[2011.05.12 13:51:13 | 000,000,000 | ---- | C] () -- C:\Users\Tankeu Tokoto\AppData\Local\{41E24E6D-CD42-4B31-9BC2-7DCAAAC265CC}
[2010.01.02 19:59:22 | 000,000,252 | ---- | C] () -- C:\Users\Tankeu Tokoto\AppData\Roaming\wklnhst.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.11.22 12:51:16 | 000,000,000 | ---D | M] -- C:\Users\Tankeu Tokoto\AppData\Roaming\Babylon
[2012.01.03 21:24:58 | 000,000,000 | ---D | M] -- C:\Users\Tankeu Tokoto\AppData\Roaming\becker
[2012.12.30 17:25:25 | 000,000,000 | ---D | M] -- C:\Users\Tankeu Tokoto\AppData\Roaming\BSD Concept
[2010.03.06 21:20:48 | 000,000,000 | ---D | M] -- C:\Users\Tankeu Tokoto\AppData\Roaming\Canon
[2010.07.11 12:13:02 | 000,000,000 | ---D | M] -- C:\Users\Tankeu Tokoto\AppData\Roaming\DAEMON Tools Pro
[2010.07.12 09:32:40 | 000,000,000 | ---D | M] -- C:\Users\Tankeu Tokoto\AppData\Roaming\DassaultSystemes
[2011.12.11 20:41:42 | 000,000,000 | ---D | M] -- C:\Users\Tankeu Tokoto\AppData\Roaming\Flatcast
[2013.04.30 20:48:58 | 000,000,000 | ---D | M] -- C:\Users\Tankeu Tokoto\AppData\Roaming\Funmoods
[2012.03.14 12:37:19 | 000,000,000 | ---D | M] -- C:\Users\Tankeu Tokoto\AppData\Roaming\gtk-2.0
[2011.03.18 11:40:42 | 000,000,000 | ---D | M] -- C:\Users\Tankeu Tokoto\AppData\Roaming\LaunchPad
[2010.02.07 15:04:57 | 000,000,000 | ---D | M] -- C:\Users\Tankeu Tokoto\AppData\Roaming\MobMapUpdater
[2010.01.10 19:52:24 | 000,000,000 | ---D | M] -- C:\Users\Tankeu Tokoto\AppData\Roaming\NewSoft
[2012.06.20 21:11:43 | 000,000,000 | ---D | M] -- C:\Users\Tankeu Tokoto\AppData\Roaming\Nokia
[2012.06.20 21:11:44 | 000,000,000 | ---D | M] -- C:\Users\Tankeu Tokoto\AppData\Roaming\Nokia Suite
[2012.02.27 14:09:13 | 000,000,000 | ---D | M] -- C:\Users\Tankeu Tokoto\AppData\Roaming\Nonoh
[2013.02.19 18:21:38 | 000,000,000 | ---D | M] -- C:\Users\Tankeu Tokoto\AppData\Roaming\OpenCandy
[2011.11.05 16:39:16 | 000,000,000 | ---D | M] -- C:\Users\Tankeu Tokoto\AppData\Roaming\PC Suite
[2010.11.20 17:12:03 | 000,000,000 | ---D | M] -- C:\Users\Tankeu Tokoto\AppData\Roaming\PCDr
[2013.02.19 18:25:46 | 000,000,000 | ---D | M] -- C:\Users\Tankeu Tokoto\AppData\Roaming\PDF Architect
[2013.05.01 10:25:01 | 000,000,000 | ---D | M] -- C:\Users\Tankeu Tokoto\AppData\Roaming\pdfforge
[2013.05.17 13:40:31 | 000,000,000 | ---D | M] -- C:\Users\Tankeu Tokoto\AppData\Roaming\PerformerSoft
[2010.10.31 09:50:10 | 000,000,000 | ---D | M] -- C:\Users\Tankeu Tokoto\AppData\Roaming\SAP
[2010.01.10 19:38:16 | 000,000,000 | ---D | M] -- C:\Users\Tankeu Tokoto\AppData\Roaming\ScanSoft
[2011.11.20 18:01:28 | 000,000,000 | ---D | M] -- C:\Users\Tankeu Tokoto\AppData\Roaming\Telefónica
[2010.01.19 14:59:35 | 000,000,000 | ---D | M] -- C:\Users\Tankeu Tokoto\AppData\Roaming\Template
[2011.11.20 18:01:28 | 000,000,000 | ---D | M] -- C:\Users\Tankeu Tokoto\AppData\Roaming\TGCMLog
[2013.02.19 18:23:13 | 000,000,000 | ---D | M] -- C:\Users\Tankeu Tokoto\AppData\Roaming\TuneUp Software
[2013.05.20 21:10:53 | 000,000,000 | ---D | M] -- C:\Users\Tankeu Tokoto\AppData\Roaming\uTorrent
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2011.07.09 18:04:42 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2009.12.10 21:58:40 | 000,000,000 | ---D | M] -- C:\1033
[2013.01.14 22:16:57 | 000,000,000 | ---D | M] -- C:\Abaqus_WD
[2010.12.12 06:03:52 | 000,000,000 | ---D | M] -- C:\BigFishGamesCache
[2009.12.26 10:43:00 | 000,000,000 | ---D | M] -- C:\dell
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2009.12.24 18:33:15 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2009.12.10 23:31:26 | 000,000,000 | ---D | M] -- C:\Drivers
[2013.05.18 12:46:45 | 000,000,000 | ---D | M] -- C:\Intel
[2010.01.19 15:15:30 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2013.06.08 22:27:04 | 000,000,000 | R--D | M] -- C:\Program Files
[2013.05.28 14:58:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)
[2013.05.28 09:36:18 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2009.12.24 18:33:15 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.10.01 09:24:11 | 000,000,000 | ---D | M] -- C:\SIMULIA
[2009.12.24 18:36:43 | 000,000,000 | -HSD | M] -- C:\System Recovery
[2013.06.12 12:07:39 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.10.17 16:23:41 | 000,000,000 | ---D | M] -- C:\Temp
[2012.05.10 14:10:19 | 000,000,000 | R--D | M] -- C:\Users
[2013.05.29 11:14:01 | 000,000,000 | ---D | M] -- C:\Windows
[2012.12.18 12:11:01 | 000,000,000 | ---D | M] -- C:\ZZZZZZZZZZZZZZZZZ
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009.07.14 03:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2010.11.20 14:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,640 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.04.24 21:13:21 | 000,001,120 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.04.24 21:13:21 | 000,001,124 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2007.11.21 13:19:50 | 000,020,992 | ---- | M] () MD5=19E3F3E13819FC3960340AE97550D7B2 -- C:\Program Files\ANSYS Inc\v121\aisol\CFXMeshApplet\tools\perl-5.9.5\site\lib\MSWin32-x64-perlio\auto\Win32\EventLog\EventLog.dll
[2007.11.21 13:19:49 | 000,020,992 | ---- | M] () MD5=19E3F3E13819FC3960340AE97550D7B2 -- C:\Program Files\ANSYS Inc\v121\CFX\tools\perl-5.9.5\site\lib\MSWin32-x64-perlio\auto\Win32\EventLog\EventLog.dll
[2007.11.21 13:19:49 | 000,020,992 | ---- | M] () MD5=19E3F3E13819FC3960340AE97550D7B2 -- C:\Program Files\ANSYS Inc\v121\TurboGrid\tools\perl-5.9.5\site\lib\MSWin32-x64-perlio\auto\Win32\EventLog\EventLog.dll
[2007.11.21 17:52:32 | 000,029,696 | ---- | M] () MD5=F9DE699B6639B4CB50F0BE4E62176771 -- C:\Program Files\ANSYS Inc\v121\aisol\CFXMeshApplet\tools\perl-5.9.5\site\lib\MSWin32-x86-perlio\auto\Win32\EventLog\EventLog.dll
[2007.11.21 17:52:31 | 000,029,696 | ---- | M] () MD5=F9DE699B6639B4CB50F0BE4E62176771 -- C:\Program Files\ANSYS Inc\v121\CFX\tools\perl-5.9.5\site\lib\MSWin32-x86-perlio\auto\Win32\EventLog\EventLog.dll
[2007.11.21 17:52:31 | 000,029,696 | ---- | M] () MD5=F9DE699B6639B4CB50F0BE4E62176771 -- C:\Program Files\ANSYS Inc\v121\TurboGrid\tools\perl-5.9.5\site\lib\MSWin32-x86-perlio\auto\Win32\EventLog\EventLog.dll
 
< MD5 for: EXPLORER.EXE  >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
 
< MD5 for: IASTOR.SYS  >
[2009.06.04 12:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Drivers\storage\R228385\IaStor.sys
[2009.06.05 02:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2009.06.05 02:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_7fb62b08f6b7117a\iaStor.sys
[2009.06.04 12:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Windows\SysNative\DriverStore\FileRepository\iastor.inf_amd64_neutral_c065a1006c648409\iaStor.sys
[2011.06.15 10:10:14 | 000,557,848 | ---- | M] (Intel Corporation) MD5=4F6FB2CDBDEEFC47E7D2066E78254580 -- C:\Windows\SysNative\drivers\iaStor.sys
[2011.06.15 10:10:14 | 000,557,848 | ---- | M] (Intel Corporation) MD5=4F6FB2CDBDEEFC47E7D2066E78254580 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_e752014ccfa80474\iaStor.sys
[2009.06.05 02:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %USERPROFILE%\*.* >
[2012.03.14 12:37:19 | 000,000,862 | ---- | M] () -- C:\Users\Tankeu Tokoto\.recently-used.xbel
[2012.12.19 10:23:18 | 000,005,457 | ---- | M] () -- C:\Users\Tankeu Tokoto\abaqus_v6.10.gpr
[2013.06.12 12:30:05 | 004,456,448 | -HS- | M] () -- C:\Users\Tankeu Tokoto\NTUSER.DAT
[2013.06.12 12:30:05 | 000,262,144 | -HS- | M] () -- C:\Users\Tankeu Tokoto\ntuser.dat.LOG1
[2009.12.24 18:33:38 | 000,000,000 | -HS- | M] () -- C:\Users\Tankeu Tokoto\ntuser.dat.LOG2
[2009.12.24 19:37:33 | 000,065,536 | -HS- | M] () -- C:\Users\Tankeu Tokoto\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2009.12.24 19:37:33 | 000,524,288 | -HS- | M] () -- C:\Users\Tankeu Tokoto\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2009.12.24 19:37:33 | 000,524,288 | -HS- | M] () -- C:\Users\Tankeu Tokoto\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2009.12.24 18:33:38 | 000,000,020 | -HS- | M] () -- C:\Users\Tankeu Tokoto\ntuser.ini
[2010.01.10 20:02:37 | 000,000,000 | ---- | M] () -- C:\Users\Tankeu Tokoto\Sti_Trace.log
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

< End of report >
         
__________________

Alt 12.06.2013, 11:53   #4
tam
 
Mehrere Funde durch Malwarebytes - Standard

Mehrere Funde durch Malwarebytes



und Extra.txt
Code:
ATTFilter
OTL Extras logfile created on: 12.06.2013 12:04:56 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Tankeu Tokoto\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,99 Gb Available Physical Memory | 49,78% Memory free
7,99 Gb Paging File | 6,15 Gb Available in Paging File | 76,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 237,94 Gb Total Space | 83,01 Gb Free Space | 34,89% Space Free | Partition Type: NTFS
Drive E: | 19,77 Gb Total Space | 5,69 Gb Free Space | 28,76% Space Free | Partition Type: NTFS
Drive F: | 193,36 Gb Total Space | 190,72 Gb Free Space | 98,64% Space Free | Partition Type: NTFS
Drive I: | 7,59 Gb Total Space | 4,52 Gb Free Space | 59,55% Space Free | Partition Type: FAT32
 
Computer Name: TANKEUTOKOTO-PC | User Name: Tankeu Tokoto | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{15306DD2-863E-456E-8CFE-D9CDCCD09B93}" = lport=137 | protocol=17 | dir=in | app=system | 
"{232DAD4D-B59B-4A7E-84E1-8A9B8ED30404}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | 
"{37663DC9-D6D0-4E8A-9B8C-DF5AC01BBF94}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{3E9AD083-6EDC-40D3-BF70-443EB3780393}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{40AB9337-68F8-4E55-A97F-EB0FBEEFDB1F}" = rport=139 | protocol=6 | dir=out | app=system | 
"{41F49716-8C77-4BE6-83E2-065EBF195F88}" = rport=137 | protocol=17 | dir=out | app=system | 
"{4636FF69-84AA-405F-AFCF-2DA71F6F371D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{4714D330-0E97-4F25-800D-5CEC7B4846D2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{490EAC57-D5F2-401A-898D-AE006772CA03}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{5F7C9AAB-EEEE-418A-B538-44DD0760A5E2}" = lport=139 | protocol=6 | dir=in | app=system | 
"{6D41FCBE-1EB1-485E-A61D-D1228FA93ADB}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{72DDE9FE-F964-4BCF-BDC0-321B70E7B20E}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 | 
"{73FF0C55-7D83-49B4-881E-FF2D24D8B02C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{748BF127-3FC4-4375-A619-B50C59D1DFDB}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{7AB2CAB8-7B6A-4A2C-9D46-7A5AB31BFC0C}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{82F81968-B8FF-4758-A69C-418838174605}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | 
"{851AB228-91A1-45D5-8AB3-8DE6A76BDF86}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{852EDB9D-C739-4D6F-A420-6C8A61B032BD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{8672AC2E-E51C-4CC8-83F8-63458D0A8A19}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{867F6461-1350-492A-86E5-86C150868B84}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{891F6520-08C5-4D9C-A7DB-11599AB815A1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{8DB70788-97EE-44ED-90DC-48A72870716D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{9BC8C3BF-C15D-456A-9847-B20C027FD613}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{9D03C988-2E64-406D-ADD3-8EB0D8721871}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{9D54A71E-B5E3-4B70-8A68-446EC3EB650C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{A0F0141B-E863-47C5-B4BF-173F4DA50703}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{A703E135-27A1-48EA-BBDA-34F3AE8BB5ED}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{A7879D4C-E6F4-40E9-9C78-1E60DF8DF8B9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{B9B64E36-15FE-4523-B39E-2E69543F32FD}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{BA530DD0-2023-4427-A269-A1447EF4467D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{C20975FE-D85E-43BE-ACE4-8CB798058ECA}" = rport=138 | protocol=17 | dir=out | app=system | 
"{D54304AF-7C27-4C59-9A0E-0CD32CEDCD2F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{D8EB8BD9-1ED8-40E9-8CEE-E13FCAEB74BF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{E050EF11-4218-402E-81AA-CEDABFBDF5AB}" = rport=445 | protocol=6 | dir=out | app=system | 
"{ED521986-7D22-4D0C-B087-E35AC12B57A8}" = lport=445 | protocol=6 | dir=in | app=system | 
"{FFCD7941-D489-4A62-8806-E2AF8EBFA1FB}" = lport=138 | protocol=17 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01BE3177-A063-4552-BB62-D160FBF44766}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{025505D4-6077-411A-9478-BB8769F51F4A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{05AC40D9-BFFF-4EC1-BA77-0C683A4887FE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
"{08BD850C-8D43-4324-BBAC-816C116DC8CC}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{09CAD963-0B39-423F-A621-AC4150A739A6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{0B32239B-1F0D-4FA2-A80F-A05DB37F7A09}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{1054EDAE-AA62-48D3-99FA-983141785897}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{20CFE884-28C7-47E9-9B2E-492D5C4CFABA}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe | 
"{25D133BF-299A-4B02-8AF9-8D96B30244C1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{2731C922-EA0A-4564-97F8-D6733E36EAEF}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{2DD05FED-D33C-4175-B0A2-570B35707ACE}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{390A24FC-4790-429A-A959-A6012D2C022E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{3A699A7B-5819-4FDE-BA94-6912FDC0FA0B}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0-dede-downloader.exe | 
"{3C559552-E485-4D03-AEF9-0F310A535437}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{3CF0EAE0-9970-4C4B-8E98-D3FA298D10C4}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{3FDE0320-A106-4400-B3E4-76E824113E0A}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe | 
"{48CDBCB4-F852-46F7-B7CD-25C6FECD7D90}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe | 
"{53170D1E-6A68-49EA-888B-F0F3FFF8695E}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{535A559A-BB41-49D0-A4A6-98D41D7B9C81}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{5B9F90E4-026A-4404-B9E4-AD8D69A32B71}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{66AF0E70-DE9A-45A7-9CA1-54D34A8C3857}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{6B2DDB93-2868-4AFF-91A5-1607B9552A2B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{7B8E1AF0-9C77-4B4A-ABC4-4F4882359845}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe | 
"{8726942A-C972-43B6-ACD7-0732E231A0C4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{872D91D0-44E0-4DA3-B8A9-3AB4740072B4}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{899BAE5D-2193-4346-9FB6-E7B9E851E37C}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{8BED1863-CFB5-40DC-AF02-520CAE5DB75E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{8E1F4C90-D21A-44F7-A038-B2F2EC22091A}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe | 
"{8EE74EBE-2917-4D24-BB23-E90BE09526CF}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 
"{98E785B4-C3A2-4AE7-8EDF-43790DB6A7D5}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{9AF0EEFA-51DB-4524-A65C-2E726A5C5FDC}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{A2AB05B6-C6D4-4CCB-AE50-5FB65A1081A8}" = protocol=6 | dir=out | app=system | 
"{A30A80FF-53A2-4F92-BA3A-CB3BFF05170A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{A6055329-5E01-4F6D-A3A8-39F386BF4788}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{A6AFA928-F903-4F63-9B74-53047CFEC4EF}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0-dede-downloader.exe | 
"{A8093A72-305A-44E3-A65C-9629E45C2960}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{ACE14D80-D99E-465A-96EC-7A15E41A4F73}" = protocol=17 | dir=in | app=c:\program files (x86)\nonoh.net\nonoh\nonoh.exe | 
"{ADF0DAE0-46F9-466E-9563-10C690B28A14}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\powerdvd.exe | 
"{BB974A0A-F596-48F0-87D9-207C18B5FF4D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
"{CB70062C-8074-4810-A24E-0EF995D4EB4B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{D2D9919B-26EC-40A2-9477-CE090B2498B6}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe | 
"{D34185B4-EAC1-4004-8C1C-7B5CCD4E1EC7}" = protocol=6 | dir=in | app=c:\program files (x86)\nonoh.net\nonoh\nonoh.exe | 
"{D4159C93-F4BC-49DA-B258-9B6D8F9EB0F5}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe | 
"{D52E1F65-6FD3-4A77-9D41-7DE44B6CD5FD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{D5626877-4B66-4492-8B30-25B5385C884A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{E33D0182-7CC3-452E-B56F-05025CE3E2B1}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{F0343B7A-9F35-4D5F-A17C-E99055328B57}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{F34C68E2-C242-4476-A704-D266F553BEFE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{FAC6B312-05CF-4E62-997C-F2EE80376EF0}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe | 
"{FBA372C9-863C-4144-9A0C-FE00B0A96EAE}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe | 
"TCP Query User{0C32EBDC-BC05-41CA-A927-55621FC960FE}C:\simulia\abaqus\6.10-1\exec\abqcaek.exe" = protocol=6 | dir=in | app=c:\simulia\abaqus\6.10-1\exec\abqcaek.exe | 
"TCP Query User{0EB8EBE3-C268-44B1-AB74-CF8F6BE1FA02}C:\users\tankeu tokoto\downloads\wow-languagepack-3.x.x-esmx-downloader.exe" = protocol=6 | dir=in | app=c:\users\tankeu tokoto\downloads\wow-languagepack-3.x.x-esmx-downloader.exe | 
"TCP Query User{1F91980B-7504-4C7C-B553-894CDC0D506C}C:\users\tankeu tokoto\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\tankeu tokoto\appdata\roaming\utorrent\utorrent.exe | 
"TCP Query User{56F5E2C5-9B10-4A6D-941B-55D8DE1ED8E1}C:\program files (x86)\nonoh.net\nonoh\nonoh.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nonoh.net\nonoh\nonoh.exe | 
"TCP Query User{6B520F8A-3F99-4FA3-81D9-6A654AF22EF2}C:\simulia\abaqus\6.10-1\exec\abqcaek.exe" = protocol=6 | dir=in | app=c:\simulia\abaqus\6.10-1\exec\abqcaek.exe | 
"TCP Query User{9815A37B-12C7-4369-B7F9-1D56AE2DA2C9}C:\users\tankeu tokoto\downloads\wow-dede-installer-downloader.exe" = protocol=6 | dir=in | app=c:\users\tankeu tokoto\downloads\wow-dede-installer-downloader.exe | 
"TCP Query User{B062C3A8-6657-4B36-BCF1-0214D7B9A6E7}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe | 
"UDP Query User{08020E70-A5B8-4DC7-9711-96B9BF0608F5}C:\simulia\abaqus\6.10-1\exec\abqcaek.exe" = protocol=17 | dir=in | app=c:\simulia\abaqus\6.10-1\exec\abqcaek.exe | 
"UDP Query User{0AD3C332-18D8-4F79-9F8E-2B37EC316DE0}C:\users\tankeu tokoto\downloads\wow-languagepack-3.x.x-esmx-downloader.exe" = protocol=17 | dir=in | app=c:\users\tankeu tokoto\downloads\wow-languagepack-3.x.x-esmx-downloader.exe | 
"UDP Query User{49CFC99F-F014-4848-AC28-E1477F2E729C}C:\program files (x86)\nonoh.net\nonoh\nonoh.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nonoh.net\nonoh\nonoh.exe | 
"UDP Query User{5BA0A795-69C5-40BE-A689-E591D7798383}C:\simulia\abaqus\6.10-1\exec\abqcaek.exe" = protocol=17 | dir=in | app=c:\simulia\abaqus\6.10-1\exec\abqcaek.exe | 
"UDP Query User{60874C3A-2447-4650-BF71-6E8858330B99}C:\users\tankeu tokoto\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\tankeu tokoto\appdata\roaming\utorrent\utorrent.exe | 
"UDP Query User{C8074478-AC4E-419A-BB2B-D5F98C769878}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe | 
"UDP Query User{FDBB82CF-932A-40CE-B185-79E9AD3C3415}C:\users\tankeu tokoto\downloads\wow-dede-installer-downloader.exe" = protocol=17 | dir=in | app=c:\users\tankeu tokoto\downloads\wow-dede-installer-downloader.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX700_series" = Canon MX700 series
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416045FF}" = Java(TM) 6 Update 45 (64-bit)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B485965-8EFE-464A-842F-CF8F18C3DFD7}" = iCloud
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D3299935-57F7-403A-9D7B-0B8F9F56F44B}" = Microsoft HPC MPI Redistributable Pack
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{E461C0B2-523B-2940-C5DF-D174284CE609}" = ccc-utility64
"{E60B7350-EA5F-41E0-9D6F-E508781E36D2}" = Dell Dock
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CANONIJINBOXADDON100" = Canon Inkjet Printer Driver Add-On Module
"CanonMyPrinter" = Canon My Printer
"Dell Wireless WLAN Card Utility" = Dell Wireless WLAN Card Utility
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03CFDC67-5B03-EE5C-4176-F545B0D2F485}" = CCC Help Korean
"{04F3038E-4120-44CC-B330-E05F737246A5}" = Roxio Update Manager
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0A2AC888-61DC-CD55-5969-8602A7E9716D}" = CCC Help Italian
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CF884B6-C6D8-EB7B-D2BF-2877C6F49EBC}" = CCC Help Swedish
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{185CC275-907C-0D83-B0C2-7B065C5108D8}" = CCC Help Chinese Traditional
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{29042B1C-0713-4575-B7CA-5C8E7B0899D4}" = MySQL Connector/ODBC 5.1
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{2ED967AD-FBB0-5355-F5F2-E7A03AAD4F71}" = Catalyst Control Center Localization All
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{30FA0F5C-B1A9-39EB-8148-3D574C0C8332}" = Catalyst Control Center Graphics Previews Common
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{35852FDE-7263-23EA-435F-44E4B61996D0}" = CCC Help Japanese
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3A07247E-0645-8BCF-8419-FD857790108D}" = Skins
"{445F6C1F-C48F-0CC9-A030-040D3EA42C93}" = Catalyst Control Center Graphics Full New
"{46E08E5F-02B4-E854-CD4F-ED3E4FEBE122}" = CCC Help French
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{55EB7967-5BB1-4EA2-8AFF-B2F9E487E553}" = PC Connectivity Solution
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5A841BCF-1C5B-E3DA-9475-892CA6576425}" = CCC Help Finnish
"{5B8741B6-4BEA-47D3-DB77-959C7FF35B39}" = Catalyst Control Center Graphics Full Existing
"{5FA16D15-FA5B-7F0F-7CBB-369E1E2937C9}" = CCC Help Spanish
"{61F27C5E-5274-0DB8-67CC-5253C6CF2B93}" = CCC Help Dutch
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6625CE8F-6E89-561F-D828-1B8535DEEBB6}" = Catalyst Control Center Core Implementation
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69533745-1E2D-4C98-8B4A-B7643EF9E1A2}" = Catalyst Control Center - Branding
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D2CCC4B-007D-EEE7-3E69-578B178A7B91}" = Catalyst Control Center Graphics Previews Vista
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-dell" = WildTangent Games App (Dell Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E3D92F-2C51-B4E9-F2B6-EAF89C33E580}" = CCC Help Portuguese
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F218D6-EAF4-402C-36B1-C3F0EC62598D}" = ccc-core-static
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{80A07844-CA64-4DE4-AB61-D37DDBE8074F}" = PDF Architect
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86C527CC-4AF2-903C-7BFF-5975272CC645}" = Catalyst Control Center InstallProxy
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DDFDDE9-C206-F32E-66AD-D17558D7677E}" = CCC Help German
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{96E2E493-C484-43E3-9B95-D62EE7D40D3A}" = Toolbar 4.7 by SweetPacks
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A2A4AC67-DC60-A92B-DD50-65BEE8FA8D71}" = CCC Help Russian
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{B9C5005C-56CA-38E4-A093-79F22ECA0427}" = CCC Help Norwegian
"{BF33E75D-5C02-47F2-9F4E-65D17978A806}" = FileCards
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}" = Presto! PageManager 7.15.16
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DC93F14E-D2C9-D6D1-31B6-D31AC2AD3BB0}" = Catalyst Control Center Graphics Light
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E6E0F53B-B7B8-E052-5C32-76C885536A3E}" = CCC Help Danish
"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F7FE3C6E-ECB8-0853-584F-BE19BA05B1B8}" = CCC Help Chinese Standard
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FCC49808-C684-FEFA-3C02-46A04A7C9EBD}" = CCC Help English
"Abaqus 6.10-1" = Abaqus 6.10-1
"Abaqus FLEXnet License Server" = Abaqus FLEXnet License Server
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Dell Webcam Central" = Dell Webcam Central
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX-Setup
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Flatcast_is1" = Flatcast Viewer Plugin 5.2.2.454
"Google Chrome" = Google Chrome
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"Nonoh_is1" = Nonoh
"Picasa 3" = Picasa 3
"Power Tab Editor 1.7" = Power Tab Editor 1.7
"SweetIM Bundle by SweetPacks" = SweetIM Bundle by SweetPacks
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 2.0.2
"WildTangent dell Master Uninstall" = WildTangent-Spiele
"WinGimp-2.0_is1" = GIMP 2.6.12
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 05.02.2012 15:27:06 | Computer Name = TankeuTokoto-PC | Source = DataSafe.exe | ID = 0
Description = Recovery Environment incorrect, file 'F:\dell\Image\Factory.wim' missing
 
Error - 08.02.2012 04:18:40 | Computer Name = TankeuTokoto-PC | Source = Bonjour Service | ID = 100
Description = 
 
Error - 08.02.2012 04:18:40 | Computer Name = TankeuTokoto-PC | Source = Bonjour Service | ID = 100
Description = 
 
Error - 08.02.2012 04:18:40 | Computer Name = TankeuTokoto-PC | Source = Bonjour Service | ID = 100
Description = 
 
Error - 09.02.2012 14:14:28 | Computer Name = TankeuTokoto-PC | Source = Bonjour Service | ID = 100
Description = 
 
Error - 09.02.2012 14:14:28 | Computer Name = TankeuTokoto-PC | Source = Bonjour Service | ID = 100
Description = 
 
Error - 09.02.2012 14:14:28 | Computer Name = TankeuTokoto-PC | Source = Bonjour Service | ID = 100
Description = 
 
Error - 11.02.2012 07:33:04 | Computer Name = TankeuTokoto-PC | Source = Bonjour Service | ID = 100
Description = 
 
Error - 11.02.2012 07:33:04 | Computer Name = TankeuTokoto-PC | Source = Bonjour Service | ID = 100
Description = 
 
Error - 11.02.2012 07:33:04 | Computer Name = TankeuTokoto-PC | Source = Bonjour Service | ID = 100
Description = 
 
[ Cisco AnyConnect VPN Client Events ]
Error - 15.07.2011 04:17:48 | Computer Name = TankeuTokoto-PC | Source = vpnagent | ID = 67108866
Description = Function: CExceptionHandlerEx::GenerateMiniDump File: .\Utility\Win\Minidump.cpp
Line:
 427 Invoked Function: UNHANDLED EXCEPTION Return Code: -1073741819 (0xC0000005) Description:
 WINDOWS_ERROR_CODE ACCESS_VIOLATION.  A mindump file is located at: C:\Windows\TEMP\vpnagent.exe_2.4.0202_20110715101748.mdmp
 
Error - 15.07.2011 04:18:10 | Computer Name = TankeuTokoto-PC | Source = vpnagent | ID = 67108866
Description = Function: CExceptionHandlerEx::GenerateMiniDump File: .\Utility\Win\Minidump.cpp
Line:
 427 Invoked Function: UNHANDLED EXCEPTION Return Code: -1073741819 (0xC0000005) Description:
 WINDOWS_ERROR_CODE ACCESS_VIOLATION.  A mindump file is located at: C:\Windows\TEMP\vpnagent.exe_2.4.0202_20110715101808.mdmp
 
[ Dell Events ]
Error - 24.04.2011 12:24:16 | Computer Name = TankeuTokoto-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 25.07.2011 17:08:24 | Computer Name = TankeuTokoto-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 25.07.2011 17:08:24 | Computer Name = TankeuTokoto-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 25.07.2011 17:08:40 | Computer Name = TankeuTokoto-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 25.07.2011 17:08:40 | Computer Name = TankeuTokoto-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 03.08.2011 03:54:54 | Computer Name = TankeuTokoto-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 03.08.2011 03:54:54 | Computer Name = TankeuTokoto-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 03.08.2011 04:05:43 | Computer Name = TankeuTokoto-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 03.08.2011 04:05:43 | Computer Name = TankeuTokoto-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 03.08.2011 04:06:15 | Computer Name = TankeuTokoto-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
[ Media Center Events ]
Error - 14.06.2012 06:30:07 | Computer Name = TankeuTokoto-PC | Source = MCUpdate | ID = 0
Description = 12:30:07 - Fehler beim Herstellen der Internetverbindung.  12:30:07 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 14.06.2012 06:30:14 | Computer Name = TankeuTokoto-PC | Source = MCUpdate | ID = 0
Description = 12:30:12 - Fehler beim Herstellen der Internetverbindung.  12:30:12 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 15.06.2012 02:28:27 | Computer Name = TankeuTokoto-PC | Source = MCUpdate | ID = 0
Description = 08:28:27 - Fehler beim Herstellen der Internetverbindung.  08:28:27 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 15.06.2012 02:28:36 | Computer Name = TankeuTokoto-PC | Source = MCUpdate | ID = 0
Description = 08:28:32 - Fehler beim Herstellen der Internetverbindung.  08:28:32 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 15.06.2012 03:28:41 | Computer Name = TankeuTokoto-PC | Source = MCUpdate | ID = 0
Description = 09:28:41 - Fehler beim Herstellen der Internetverbindung.  09:28:41 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 15.06.2012 03:28:47 | Computer Name = TankeuTokoto-PC | Source = MCUpdate | ID = 0
Description = 09:28:46 - Fehler beim Herstellen der Internetverbindung.  09:28:46 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 15.06.2012 04:28:52 | Computer Name = TankeuTokoto-PC | Source = MCUpdate | ID = 0
Description = 10:28:52 - Fehler beim Herstellen der Internetverbindung.  10:28:52 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 15.06.2012 04:28:58 | Computer Name = TankeuTokoto-PC | Source = MCUpdate | ID = 0
Description = 10:28:57 - Fehler beim Herstellen der Internetverbindung.  10:28:57 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 15.06.2012 05:30:06 | Computer Name = TankeuTokoto-PC | Source = MCUpdate | ID = 0
Description = 11:30:06 - Fehler beim Herstellen der Internetverbindung.  11:30:06 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 15.06.2012 05:30:13 | Computer Name = TankeuTokoto-PC | Source = MCUpdate | ID = 0
Description = 11:30:11 - Fehler beim Herstellen der Internetverbindung.  11:30:11 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ OSession Events ]
Error - 30.07.2012 15:34:36 | Computer Name = TankeuTokoto-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 112
 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error - 12.02.2013 05:42:20 | Computer Name = TankeuTokoto-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 754
 seconds with 660 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 28.05.2013 03:37:27 | Computer Name = TankeuTokoto-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst SftService erreicht.
 
Error - 28.05.2013 03:37:57 | Computer Name = TankeuTokoto-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst SftService erreicht.
 
Error - 28.05.2013 08:12:55 | Computer Name = TankeuTokoto-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 28.05.2013 08:12:55 | Computer Name = TankeuTokoto-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 28.05.2013 09:02:23 | Computer Name = TankeuTokoto-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   vflt
 
Error - 29.05.2013 05:16:43 | Computer Name = TankeuTokoto-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Audio Service" wurde unerwartet beendet. Dies ist bereits 
1 Mal passiert.
 
Error - 29.05.2013 05:16:43 | Computer Name = TankeuTokoto-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   vflt
 
Error - 06.06.2013 12:31:49 | Computer Name = TankeuTokoto-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?06.?06.?2013 um 15:45:54 unerwartet heruntergefahren.
 
Error - 06.06.2013 12:32:29 | Computer Name = TankeuTokoto-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   vflt
 
Error - 07.06.2013 01:43:41 | Computer Name = TankeuTokoto-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   vflt
 
 
< End of report >
         

Alt 12.06.2013, 17:25   #5
markusg
/// Malware-holic
 
Mehrere Funde durch Malwarebytes - Standard

Mehrere Funde durch Malwarebytes



hi,
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 12.06.2013, 18:02   #6
tam
 
Mehrere Funde durch Malwarebytes - Standard

Mehrere Funde durch Malwarebytes



Hi, hier das file:
Code:
ATTFilter
18:58:21.0728 6804  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:58:23.0755 6804  ============================================================
18:58:23.0755 6804  Current date / time: 2013/06/12 18:58:23.0755
18:58:23.0755 6804  SystemInfo:
18:58:23.0755 6804  
18:58:23.0755 6804  OS Version: 6.1.7601 ServicePack: 1.0
18:58:23.0755 6804  Product type: Workstation
18:58:23.0755 6804  ComputerName: TANKEUTOKOTO-PC
18:58:23.0755 6804  UserName: Tankeu Tokoto
18:58:23.0755 6804  Windows directory: C:\Windows
18:58:23.0755 6804  System windows directory: C:\Windows
18:58:23.0755 6804  Running under WOW64
18:58:23.0755 6804  Processor architecture: Intel x64
18:58:23.0755 6804  Number of processors: 2
18:58:23.0755 6804  Page size: 0x1000
18:58:23.0755 6804  Boot type: Normal boot
18:58:23.0755 6804  ============================================================
18:58:24.0577 6804  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:58:24.0597 6804  Drive \Device\Harddisk1\DR6 - Size: 0x1E6C60000 (7.61 Gb), SectorSize: 0x200, Cylinders: 0x3E0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:58:24.0597 6804  ============================================================
18:58:24.0597 6804  \Device\Harddisk0\DR0:
18:58:24.0597 6804  MBR partitions:
18:58:24.0597 6804  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
18:58:24.0597 6804  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x1DBE0830
18:58:24.0637 6804  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1F941800, BlocksNum 0x278C800
18:58:24.0647 6804  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x220CE800, BlocksNum 0x182B7000
18:58:24.0647 6804  \Device\Harddisk1\DR6:
18:58:24.0647 6804  MBR partitions:
18:58:24.0647 6804  \Device\Harddisk1\DR6\Partition1: MBR, Type 0xC, StartLBA 0x29B8, BlocksNum 0xF33948
18:58:24.0647 6804  ============================================================
18:58:24.0697 6804  C: <-> \Device\Harddisk0\DR0\Partition2
18:58:24.0778 6804  E: <-> \Device\Harddisk0\DR0\Partition3
18:58:24.0799 6804  F: <-> \Device\Harddisk0\DR0\Partition4
18:58:24.0799 6804  ============================================================
18:58:24.0799 6804  Initialize success
18:58:24.0799 6804  ============================================================
18:59:14.0402 5556  ============================================================
18:59:14.0402 5556  Scan started
18:59:14.0402 5556  Mode: Manual; SigCheck; TDLFS; 
18:59:14.0402 5556  ============================================================
18:59:14.0692 5556  ================ Scan system memory ========================
18:59:14.0692 5556  System memory - ok
18:59:14.0692 5556  ================ Scan services =============================
18:59:14.0872 5556  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:59:15.0102 5556  1394ohci - ok
18:59:15.0122 5556  [ C49C56B35BFC6CDA8D1FDCAD2885568F ] Acceler         C:\Windows\system32\DRIVERS\Acceler.sys
18:59:15.0132 5556  Acceler - ok
18:59:15.0172 5556  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:59:15.0192 5556  ACPI - ok
18:59:15.0212 5556  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:59:15.0272 5556  AcpiPmi - ok
18:59:15.0362 5556  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:59:15.0382 5556  AdobeARMservice - ok
18:59:15.0442 5556  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
18:59:15.0492 5556  adp94xx - ok
18:59:15.0512 5556  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
18:59:15.0542 5556  adpahci - ok
18:59:15.0552 5556  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
18:59:15.0572 5556  adpu320 - ok
18:59:15.0602 5556  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:59:15.0682 5556  AeLookupSvc - ok
18:59:15.0722 5556  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
18:59:15.0802 5556  AFD - ok
18:59:15.0832 5556  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
18:59:15.0852 5556  agp440 - ok
18:59:15.0872 5556  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
18:59:15.0922 5556  ALG - ok
18:59:15.0942 5556  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:59:15.0972 5556  aliide - ok
18:59:16.0002 5556  [ 9A5495EDEBE7D6B3F7E9A86EBE5EA248 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:59:16.0042 5556  AMD External Events Utility - ok
18:59:16.0062 5556  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
18:59:16.0082 5556  amdide - ok
18:59:16.0102 5556  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
18:59:16.0142 5556  AmdK8 - ok
18:59:16.0162 5556  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
18:59:16.0202 5556  AmdPPM - ok
18:59:16.0232 5556  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:59:16.0262 5556  amdsata - ok
18:59:16.0282 5556  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
18:59:16.0322 5556  amdsbs - ok
18:59:16.0342 5556  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:59:16.0362 5556  amdxata - ok
18:59:16.0422 5556  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
18:59:16.0502 5556  AppID - ok
18:59:16.0542 5556  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:59:16.0642 5556  AppIDSvc - ok
18:59:16.0672 5556  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
18:59:16.0702 5556  Appinfo - ok
18:59:16.0802 5556  [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:59:16.0822 5556  Apple Mobile Device - ok
18:59:16.0863 5556  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
18:59:16.0893 5556  arc - ok
18:59:16.0913 5556  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
18:59:16.0943 5556  arcsas - ok
18:59:17.0053 5556  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:59:17.0083 5556  aspnet_state - ok
18:59:17.0113 5556  [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
18:59:17.0173 5556  aswFsBlk - ok
18:59:17.0213 5556  [ 36949EB7E71C5779C5163AF6AFB2A161 ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
18:59:17.0233 5556  aswKbd - ok
18:59:17.0263 5556  [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
18:59:17.0293 5556  aswMonFlt - ok
18:59:17.0363 5556  [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
18:59:17.0393 5556  aswRdr - ok
18:59:17.0423 5556  [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
18:59:17.0443 5556  aswRvrt - ok
18:59:17.0483 5556  [ 10ED1CAB84AA65983C41A11F60294C9B ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
18:59:17.0553 5556  aswSnx - ok
18:59:17.0563 5556  [ 00E5253353717D3CA12A0F5A6F9991EC ] aswSP           C:\Windows\system32\drivers\aswSP.sys
18:59:17.0593 5556  aswSP - ok
18:59:17.0603 5556  [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
18:59:17.0623 5556  aswTdi - ok
18:59:17.0653 5556  [ 6359B99C955DB9F40B653159A0EED261 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
18:59:17.0673 5556  aswVmm - ok
18:59:17.0693 5556  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:59:17.0773 5556  AsyncMac - ok
18:59:17.0793 5556  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
18:59:17.0823 5556  atapi - ok
18:59:17.0973 5556  [ A08339AE90972E268B9622C668F450E8 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
18:59:18.0145 5556  atikmdag - ok
18:59:18.0195 5556  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:59:18.0315 5556  AudioEndpointBuilder - ok
18:59:18.0345 5556  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:59:18.0411 5556  AudioSrv - ok
18:59:18.0477 5556  [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:59:18.0497 5556  avast! Antivirus - ok
18:59:18.0567 5556  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:59:18.0627 5556  AxInstSV - ok
18:59:18.0677 5556  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
18:59:18.0737 5556  b06bdrv - ok
18:59:18.0767 5556  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:59:18.0827 5556  b57nd60a - ok
18:59:18.0877 5556  [ E001DD475A7C27EBE5A0DB45C11BAD71 ] BCM42RLY        C:\Windows\system32\drivers\BCM42RLY.sys
18:59:18.0897 5556  BCM42RLY - ok
18:59:18.0979 5556  [ F4CD5F52850BF2C978DE178F256BA372 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
18:59:19.0099 5556  BCM43XX - ok
18:59:19.0149 5556  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:59:19.0199 5556  BDESVC - ok
18:59:19.0229 5556  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:59:19.0319 5556  Beep - ok
18:59:19.0379 5556  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
18:59:19.0479 5556  BFE - ok
18:59:19.0529 5556  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
18:59:19.0661 5556  BITS - ok
18:59:19.0683 5556  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:59:19.0711 5556  blbdrive - ok
18:59:19.0751 5556  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:59:19.0771 5556  bowser - ok
18:59:19.0791 5556  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:59:19.0821 5556  BrFiltLo - ok
18:59:19.0841 5556  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:59:19.0861 5556  BrFiltUp - ok
18:59:19.0901 5556  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
18:59:19.0921 5556  Browser - ok
18:59:19.0941 5556  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:59:19.0981 5556  Brserid - ok
18:59:20.0011 5556  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:59:20.0061 5556  BrSerWdm - ok
18:59:20.0081 5556  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:59:20.0131 5556  BrUsbMdm - ok
18:59:20.0151 5556  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:59:20.0181 5556  BrUsbSer - ok
18:59:20.0201 5556  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
18:59:20.0251 5556  BTHMODEM - ok
18:59:20.0291 5556  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
18:59:20.0381 5556  bthserv - ok
18:59:20.0401 5556  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:59:20.0461 5556  cdfs - ok
18:59:20.0501 5556  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:59:20.0531 5556  cdrom - ok
18:59:20.0581 5556  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
18:59:20.0651 5556  CertPropSvc - ok
18:59:20.0691 5556  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:59:20.0721 5556  circlass - ok
18:59:20.0751 5556  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
18:59:20.0781 5556  CLFS - ok
18:59:20.0831 5556  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:59:20.0851 5556  clr_optimization_v2.0.50727_32 - ok
18:59:20.0881 5556  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:59:20.0911 5556  clr_optimization_v2.0.50727_64 - ok
18:59:20.0981 5556  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:59:21.0011 5556  clr_optimization_v4.0.30319_32 - ok
18:59:21.0031 5556  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:59:21.0061 5556  clr_optimization_v4.0.30319_64 - ok
18:59:21.0071 5556  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:59:21.0101 5556  CmBatt - ok
18:59:21.0141 5556  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:59:21.0151 5556  cmdide - ok
18:59:21.0201 5556  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
18:59:21.0261 5556  CNG - ok
18:59:21.0301 5556  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:59:21.0331 5556  Compbatt - ok
18:59:21.0341 5556  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
18:59:21.0391 5556  CompositeBus - ok
18:59:21.0401 5556  COMSysApp - ok
18:59:21.0431 5556  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
18:59:21.0461 5556  crcdisk - ok
18:59:21.0491 5556  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:59:21.0541 5556  CryptSvc - ok
18:59:21.0581 5556  [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
18:59:21.0621 5556  CtClsFlt - ok
18:59:21.0671 5556  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:59:21.0771 5556  DcomLaunch - ok
18:59:21.0853 5556  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
18:59:22.0853 5556  defragsvc - ok
18:59:22.0904 5556  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:59:22.0964 5556  DfsC - ok
18:59:23.0004 5556  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:59:23.0104 5556  Dhcp - ok
18:59:23.0134 5556  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
18:59:23.0204 5556  discache - ok
18:59:23.0234 5556  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
18:59:23.0254 5556  Disk - ok
18:59:23.0284 5556  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:59:23.0324 5556  Dnscache - ok
18:59:23.0404 5556  [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
18:59:23.0424 5556  DockLoginService ( UnsignedFile.Multi.Generic ) - warning
18:59:23.0424 5556  DockLoginService - detected UnsignedFile.Multi.Generic (1)
18:59:23.0454 5556  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:59:23.0544 5556  dot3svc - ok
18:59:23.0574 5556  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
18:59:23.0634 5556  DPS - ok
18:59:23.0664 5556  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:59:23.0684 5556  drmkaud - ok
18:59:23.0744 5556  dump_wmimmc - ok
18:59:23.0794 5556  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:59:23.0864 5556  DXGKrnl - ok
18:59:23.0894 5556  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
18:59:23.0984 5556  EapHost - ok
18:59:24.0084 5556  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
18:59:24.0224 5556  ebdrv - ok
18:59:24.0254 5556  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
18:59:24.0294 5556  EFS - ok
18:59:24.0364 5556  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:59:24.0444 5556  ehRecvr - ok
18:59:24.0474 5556  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
18:59:24.0524 5556  ehSched - ok
18:59:24.0594 5556  [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
18:59:24.0624 5556  ElbyCDIO - ok
18:59:24.0704 5556  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
18:59:24.0764 5556  elxstor - ok
18:59:24.0794 5556  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:59:24.0844 5556  ErrDev - ok
18:59:24.0894 5556  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
18:59:25.0004 5556  EventSystem - ok
18:59:25.0034 5556  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
18:59:25.0114 5556  exfat - ok
18:59:25.0144 5556  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:59:25.0224 5556  fastfat - ok
18:59:25.0274 5556  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
18:59:25.0354 5556  Fax - ok
18:59:25.0384 5556  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:59:25.0434 5556  fdc - ok
18:59:25.0474 5556  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
18:59:25.0564 5556  fdPHost - ok
18:59:25.0584 5556  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:59:25.0684 5556  FDResPub - ok
18:59:25.0704 5556  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:59:25.0734 5556  FileInfo - ok
18:59:25.0744 5556  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:59:25.0834 5556  Filetrace - ok
18:59:25.0945 5556  [ 9E084AA2E8061F7618495B67BD22FAFE ] Flexlm Service 1 C:\SIMULIA\License\lmgrd.exe
18:59:26.0025 5556  Flexlm Service 1 - ok
18:59:26.0035 5556  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:59:26.0065 5556  flpydisk - ok
18:59:26.0095 5556  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:59:26.0115 5556  FltMgr - ok
18:59:26.0175 5556  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
18:59:26.0245 5556  FontCache - ok
18:59:26.0285 5556  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:59:26.0315 5556  FontCache3.0.0.0 - ok
18:59:26.0345 5556  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:59:26.0375 5556  FsDepends - ok
18:59:26.0405 5556  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:59:26.0435 5556  Fs_Rec - ok
18:59:26.0465 5556  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:59:26.0505 5556  fvevol - ok
18:59:26.0515 5556  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
18:59:26.0535 5556  gagp30kx - ok
18:59:26.0605 5556  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
18:59:26.0625 5556  GamesAppService - ok
18:59:26.0665 5556  [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:59:26.0695 5556  GEARAspiWDM - ok
18:59:26.0745 5556  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
18:59:26.0855 5556  gpsvc - ok
18:59:26.0925 5556  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:59:26.0955 5556  gupdate - ok
18:59:26.0965 5556  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:59:26.0985 5556  gupdatem - ok
18:59:27.0025 5556  [ C1B577B2169900F4CF7190C39F085794 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
18:59:27.0055 5556  gusvc - ok
18:59:27.0075 5556  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:59:27.0125 5556  hcw85cir - ok
18:59:27.0155 5556  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:59:27.0205 5556  HdAudAddService - ok
18:59:27.0235 5556  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
18:59:27.0275 5556  HDAudBus - ok
18:59:27.0295 5556  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
18:59:27.0345 5556  HidBatt - ok
18:59:27.0365 5556  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
18:59:27.0415 5556  HidBth - ok
18:59:27.0445 5556  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:59:27.0485 5556  HidIr - ok
18:59:27.0525 5556  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
18:59:27.0605 5556  hidserv - ok
18:59:27.0645 5556  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:59:27.0675 5556  HidUsb - ok
18:59:27.0715 5556  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:59:27.0805 5556  hkmsvc - ok
18:59:27.0835 5556  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:59:27.0885 5556  HomeGroupListener - ok
18:59:27.0925 5556  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:59:27.0975 5556  HomeGroupProvider - ok
18:59:28.0005 5556  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:59:28.0035 5556  HpSAMD - ok
18:59:28.0095 5556  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:59:28.0205 5556  HTTP - ok
18:59:28.0255 5556  [ CDAA8E257BB625B2387219E605DDE37D ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
18:59:28.0265 5556  hwdatacard ( UnsignedFile.Multi.Generic ) - warning
18:59:28.0265 5556  hwdatacard - detected UnsignedFile.Multi.Generic (1)
18:59:28.0285 5556  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:59:28.0315 5556  hwpolicy - ok
18:59:28.0335 5556  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
18:59:28.0375 5556  i8042prt - ok
18:59:28.0435 5556  [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
18:59:28.0475 5556  IAANTMON - ok
18:59:28.0515 5556  [ 4F6FB2CDBDEEFC47E7D2066E78254580 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
18:59:28.0545 5556  iaStor - ok
18:59:28.0565 5556  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:59:28.0585 5556  iaStorV - ok
18:59:28.0665 5556  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
18:59:28.0695 5556  IDriverT ( UnsignedFile.Multi.Generic ) - warning
18:59:28.0695 5556  IDriverT - detected UnsignedFile.Multi.Generic (1)
18:59:28.0765 5556  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:59:28.0825 5556  idsvc - ok
18:59:28.0865 5556  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
18:59:28.0875 5556  iirsp - ok
18:59:28.0925 5556  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
18:59:29.0045 5556  IKEEXT - ok
18:59:29.0065 5556  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
18:59:29.0085 5556  intelide - ok
18:59:29.0105 5556  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:59:29.0125 5556  intelppm - ok
18:59:29.0145 5556  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:59:29.0205 5556  IPBusEnum - ok
18:59:29.0235 5556  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:59:29.0315 5556  IpFilterDriver - ok
18:59:29.0345 5556  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:59:29.0455 5556  iphlpsvc - ok
18:59:29.0485 5556  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:59:29.0515 5556  IPMIDRV - ok
18:59:29.0525 5556  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:59:29.0615 5556  IPNAT - ok
18:59:29.0755 5556  [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:59:29.0805 5556  iPod Service - ok
18:59:29.0845 5556  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:59:29.0885 5556  IRENUM - ok
18:59:29.0935 5556  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:59:29.0955 5556  isapnp - ok
18:59:30.0005 5556  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:59:30.0045 5556  iScsiPrt - ok
18:59:30.0075 5556  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
18:59:30.0105 5556  kbdclass - ok
18:59:30.0145 5556  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
18:59:30.0185 5556  kbdhid - ok
18:59:30.0215 5556  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
18:59:30.0245 5556  KeyIso - ok
18:59:30.0285 5556  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:59:30.0315 5556  KSecDD - ok
18:59:30.0335 5556  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:59:30.0355 5556  KSecPkg - ok
18:59:30.0385 5556  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:59:30.0465 5556  ksthunk - ok
18:59:30.0505 5556  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:59:30.0595 5556  KtmRm - ok
18:59:30.0655 5556  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:59:30.0755 5556  LanmanServer - ok
18:59:30.0785 5556  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:59:30.0865 5556  LanmanWorkstation - ok
18:59:30.0895 5556  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:59:30.0955 5556  lltdio - ok
18:59:30.0995 5556  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:59:31.0055 5556  lltdsvc - ok
18:59:31.0075 5556  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:59:31.0125 5556  lmhosts - ok
18:59:31.0145 5556  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
18:59:31.0165 5556  LSI_FC - ok
18:59:31.0175 5556  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
18:59:31.0195 5556  LSI_SAS - ok
18:59:31.0205 5556  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:59:31.0225 5556  LSI_SAS2 - ok
18:59:31.0235 5556  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:59:31.0255 5556  LSI_SCSI - ok
18:59:31.0275 5556  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
18:59:31.0335 5556  luafv - ok
18:59:31.0365 5556  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:59:31.0395 5556  Mcx2Svc - ok
18:59:31.0415 5556  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
18:59:31.0445 5556  megasas - ok
18:59:31.0465 5556  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
18:59:31.0505 5556  MegaSR - ok
18:59:31.0585 5556  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
18:59:31.0615 5556  Microsoft Office Groove Audit Service - ok
18:59:31.0635 5556  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
18:59:31.0725 5556  MMCSS - ok
18:59:31.0745 5556  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
18:59:31.0785 5556  Modem - ok
18:59:31.0815 5556  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:59:31.0865 5556  monitor - ok
18:59:31.0896 5556  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:59:31.0926 5556  mouclass - ok
18:59:31.0936 5556  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:59:31.0976 5556  mouhid - ok
18:59:31.0996 5556  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:59:32.0016 5556  mountmgr - ok
18:59:32.0036 5556  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:59:32.0056 5556  mpio - ok
18:59:32.0066 5556  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:59:32.0116 5556  mpsdrv - ok
18:59:32.0156 5556  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:59:32.0266 5556  MpsSvc - ok
18:59:32.0296 5556  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:59:32.0356 5556  MRxDAV - ok
18:59:32.0386 5556  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:59:32.0426 5556  mrxsmb - ok
18:59:32.0446 5556  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:59:32.0486 5556  mrxsmb10 - ok
18:59:32.0516 5556  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:59:32.0536 5556  mrxsmb20 - ok
18:59:32.0758 5556  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:59:32.0778 5556  msahci - ok
18:59:32.0808 5556  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:59:32.0828 5556  msdsm - ok
18:59:32.0848 5556  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
18:59:32.0908 5556  MSDTC - ok
18:59:32.0938 5556  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:59:33.0008 5556  Msfs - ok
18:59:33.0028 5556  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:59:33.0088 5556  mshidkmdf - ok
18:59:33.0098 5556  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:59:33.0118 5556  msisadrv - ok
18:59:33.0138 5556  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:59:33.0208 5556  MSiSCSI - ok
18:59:33.0208 5556  msiserver - ok
18:59:33.0238 5556  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:59:33.0308 5556  MSKSSRV - ok
18:59:33.0348 5556  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:59:33.0408 5556  MSPCLOCK - ok
18:59:33.0428 5556  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:59:33.0488 5556  MSPQM - ok
18:59:33.0528 5556  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:59:33.0548 5556  MsRPC - ok
18:59:33.0568 5556  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
18:59:33.0578 5556  mssmbios - ok
18:59:33.0598 5556  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:59:33.0658 5556  MSTEE - ok
18:59:33.0678 5556  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
18:59:33.0698 5556  MTConfig - ok
18:59:33.0718 5556  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
18:59:33.0738 5556  Mup - ok
18:59:33.0758 5556  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
18:59:33.0828 5556  napagent - ok
18:59:33.0858 5556  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:59:33.0908 5556  NativeWifiP - ok
18:59:33.0948 5556  [ 74C4AC4E3424862A8149DD1E788ABC89 ] ncplelhp        C:\Windows\system32\DRIVERS\ncplelhp.sys
18:59:33.0958 5556  ncplelhp - ok
18:59:33.0998 5556  [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:59:34.0068 5556  NDIS - ok
18:59:34.0078 5556  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:59:34.0158 5556  NdisCap - ok
18:59:34.0178 5556  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:59:34.0238 5556  NdisTapi - ok
18:59:34.0258 5556  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:59:34.0338 5556  Ndisuio - ok
18:59:34.0358 5556  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:59:34.0458 5556  NdisWan - ok
18:59:34.0478 5556  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:59:34.0548 5556  NDProxy - ok
18:59:34.0588 5556  [ 6F4607E2333FE21E9E3FF8133A88B35B ] Netaapl         C:\Windows\system32\DRIVERS\netaapl64.sys
18:59:34.0628 5556  Netaapl - ok
18:59:34.0648 5556  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:59:34.0728 5556  NetBIOS - ok
18:59:34.0778 5556  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:59:34.0858 5556  NetBT - ok
18:59:34.0868 5556  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
18:59:34.0898 5556  Netlogon - ok
18:59:34.0938 5556  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
18:59:35.0028 5556  Netman - ok
18:59:35.0058 5556  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:59:35.0088 5556  NetMsmqActivator - ok
18:59:35.0098 5556  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:59:35.0118 5556  NetPipeActivator - ok
18:59:35.0148 5556  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
18:59:35.0248 5556  netprofm - ok
18:59:35.0258 5556  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:59:35.0278 5556  NetTcpActivator - ok
18:59:35.0288 5556  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:59:35.0318 5556  NetTcpPortSharing - ok
18:59:35.0350 5556  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
18:59:35.0370 5556  nfrd960 - ok
18:59:35.0410 5556  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:59:35.0500 5556  NlaSvc - ok
18:59:35.0520 5556  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:59:35.0590 5556  Npfs - ok
18:59:35.0610 5556  npggsvc - ok
18:59:35.0620 5556  NPPTNT2 - ok
18:59:35.0640 5556  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
18:59:35.0740 5556  nsi - ok
18:59:35.0760 5556  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:59:35.0840 5556  nsiproxy - ok
18:59:35.0890 5556  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:59:35.0990 5556  Ntfs - ok
18:59:36.0000 5556  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
18:59:36.0090 5556  Null - ok
18:59:36.0150 5556  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:59:36.0180 5556  nvraid - ok
18:59:36.0200 5556  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:59:36.0230 5556  nvstor - ok
18:59:36.0260 5556  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:59:36.0270 5556  nv_agp - ok
18:59:36.0320 5556  [ D955D5DE998DB2476BF0892BE3A96C26 ] O2FLASH         C:\Windows\system32\DRIVERS\o2flash.exe
18:59:36.0360 5556  O2FLASH - ok
18:59:36.0380 5556  [ 1B2E099223F16AAB166E9602F7A5ECD4 ] O2MDGRDR        C:\Windows\system32\DRIVERS\o2mdgx64.sys
18:59:36.0400 5556  O2MDGRDR - ok
18:59:36.0460 5556  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:59:36.0490 5556  odserv - ok
18:59:36.0520 5556  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:59:36.0560 5556  ohci1394 - ok
18:59:36.0610 5556  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:59:36.0640 5556  ose - ok
18:59:36.0680 5556  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:59:36.0740 5556  p2pimsvc - ok
18:59:36.0770 5556  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
18:59:36.0820 5556  p2psvc - ok
18:59:36.0850 5556  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:59:36.0890 5556  Parport - ok
18:59:36.0920 5556  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:59:36.0950 5556  partmgr - ok
18:59:36.0970 5556  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:59:37.0020 5556  PcaSvc - ok
18:59:37.0080 5556  [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
18:59:37.0120 5556  pccsmcfd - ok
18:59:37.0150 5556  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
18:59:37.0180 5556  pci - ok
18:59:37.0200 5556  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
18:59:37.0220 5556  pciide - ok
18:59:37.0230 5556  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
18:59:37.0250 5556  pcmcia - ok
18:59:37.0270 5556  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:59:37.0290 5556  pcw - ok
18:59:37.0380 5556  [ A1688A4FB2EC49D040C027EF6DC7A87B ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
18:59:37.0460 5556  PDF Architect Helper Service - ok
18:59:37.0520 5556  [ E23FF9B2F8EEAB2BDDA681C21C48E843 ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
18:59:37.0580 5556  PDF Architect Service - ok
18:59:37.0600 5556  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:59:37.0720 5556  PEAUTH - ok
18:59:37.0780 5556  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:59:37.0830 5556  PerfHost - ok
18:59:37.0931 5556  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
18:59:38.0071 5556  pla - ok
18:59:38.0101 5556  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:59:38.0161 5556  PlugPlay - ok
18:59:38.0191 5556  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:59:38.0241 5556  PNRPAutoReg - ok
18:59:38.0271 5556  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:59:38.0311 5556  PNRPsvc - ok
18:59:38.0341 5556  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:59:38.0451 5556  PolicyAgent - ok
18:59:38.0481 5556  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
18:59:38.0591 5556  Power - ok
18:59:38.0641 5556  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:59:38.0731 5556  PptpMiniport - ok
18:59:38.0761 5556  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
18:59:38.0801 5556  Processor - ok
18:59:38.0821 5556  [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc         C:\Windows\system32\profsvc.dll
18:59:38.0921 5556  ProfSvc - ok
18:59:38.0941 5556  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:59:38.0961 5556  ProtectedStorage - ok
18:59:39.0001 5556  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:59:39.0081 5556  Psched - ok
18:59:39.0121 5556  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
18:59:39.0151 5556  PxHlpa64 - ok
18:59:39.0191 5556  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
18:59:39.0271 5556  ql2300 - ok
18:59:39.0301 5556  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
18:59:39.0321 5556  ql40xx - ok
18:59:39.0351 5556  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
18:59:39.0381 5556  QWAVE - ok
18:59:39.0391 5556  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:59:39.0421 5556  QWAVEdrv - ok
18:59:39.0491 5556  [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
18:59:39.0521 5556  RapiMgr - ok
18:59:39.0531 5556  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:59:39.0621 5556  RasAcd - ok
18:59:39.0661 5556  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:59:39.0721 5556  RasAgileVpn - ok
18:59:39.0731 5556  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
18:59:39.0781 5556  RasAuto - ok
18:59:39.0811 5556  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:59:39.0891 5556  Rasl2tp - ok
18:59:39.0951 5556  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
18:59:40.0061 5556  RasMan - ok
18:59:40.0081 5556  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:59:40.0171 5556  RasPppoe - ok
18:59:40.0201 5556  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:59:40.0271 5556  RasSstp - ok
18:59:40.0311 5556  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:59:40.0411 5556  rdbss - ok
18:59:40.0431 5556  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:59:40.0451 5556  rdpbus - ok
18:59:40.0471 5556  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:59:40.0531 5556  RDPCDD - ok
18:59:40.0561 5556  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:59:40.0611 5556  RDPENCDD - ok
18:59:40.0631 5556  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:59:40.0681 5556  RDPREFMP - ok
18:59:40.0721 5556  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:59:40.0751 5556  RDPWD - ok
18:59:40.0791 5556  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:59:40.0811 5556  rdyboost - ok
18:59:40.0831 5556  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:59:40.0928 5556  RemoteAccess - ok
18:59:40.0958 5556  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:59:41.0048 5556  RemoteRegistry - ok
18:59:41.0078 5556  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:59:41.0168 5556  RpcEptMapper - ok
18:59:41.0208 5556  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
18:59:41.0238 5556  RpcLocator - ok
18:59:41.0288 5556  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
18:59:41.0368 5556  RpcSs - ok
18:59:41.0398 5556  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:59:41.0488 5556  rspndr - ok
18:59:41.0528 5556  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
18:59:41.0578 5556  RTL8167 - ok
18:59:41.0628 5556  [ EA268BCE30691C2DD24F02E617FD2EB5 ] s0016bus        C:\Windows\system32\DRIVERS\s0016bus.sys
18:59:41.0648 5556  s0016bus - ok
18:59:41.0678 5556  [ F5F9DEB89996D333EF976624D37E24E3 ] s0016mdfl       C:\Windows\system32\DRIVERS\s0016mdfl.sys
18:59:41.0688 5556  s0016mdfl - ok
18:59:41.0718 5556  [ C17CE2AEE67480FEBCC36ECCB54C0BE8 ] s0016mdm        C:\Windows\system32\DRIVERS\s0016mdm.sys
18:59:41.0728 5556  s0016mdm - ok
18:59:41.0748 5556  [ CC267F04C54C5EC5B7BD658D7628469F ] s0016mgmt       C:\Windows\system32\DRIVERS\s0016mgmt.sys
18:59:41.0768 5556  s0016mgmt - ok
18:59:41.0788 5556  [ 30A35BBCE09D9FE67482FD62C61911FC ] s0016nd5        C:\Windows\system32\DRIVERS\s0016nd5.sys
18:59:41.0798 5556  s0016nd5 - ok
18:59:41.0808 5556  [ CA394DCC38579C7AD82E83EE64D798A0 ] s0016obex       C:\Windows\system32\DRIVERS\s0016obex.sys
18:59:41.0818 5556  s0016obex - ok
18:59:41.0838 5556  [ EB267CCEA84E6E8598D92F73332AC67B ] s0016unic       C:\Windows\system32\DRIVERS\s0016unic.sys
18:59:41.0868 5556  s0016unic - ok
18:59:41.0888 5556  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
18:59:41.0908 5556  SamSs - ok
18:59:41.0928 5556  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:59:41.0948 5556  sbp2port - ok
18:59:41.0968 5556  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:59:42.0028 5556  SCardSvr - ok
18:59:42.0058 5556  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:59:42.0138 5556  scfilter - ok
18:59:42.0188 5556  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
18:59:42.0298 5556  Schedule - ok
18:59:42.0328 5556  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:59:42.0368 5556  SCPolicySvc - ok
18:59:42.0398 5556  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\drivers\sdbus.sys
18:59:42.0418 5556  sdbus - ok
18:59:42.0448 5556  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:59:42.0498 5556  SDRSVC - ok
18:59:42.0528 5556  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:59:42.0598 5556  secdrv - ok
18:59:42.0638 5556  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
18:59:42.0738 5556  seclogon - ok
18:59:42.0778 5556  [ EDE7A1D2715AAC2190D51DC07AFD44E3 ] seehcri         C:\Windows\system32\DRIVERS\seehcri.sys
18:59:42.0818 5556  seehcri ( UnsignedFile.Multi.Generic ) - warning
18:59:42.0818 5556  seehcri - detected UnsignedFile.Multi.Generic (1)
18:59:42.0858 5556  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
18:59:42.0948 5556  SENS - ok
18:59:42.0968 5556  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:59:42.0998 5556  SensrSvc - ok
18:59:43.0048 5556  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:59:43.0068 5556  Serenum - ok
18:59:43.0108 5556  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:59:43.0158 5556  Serial - ok
18:59:43.0178 5556  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
18:59:43.0208 5556  sermouse - ok
18:59:43.0298 5556  [ 668043F192AB9659761A349A4703600D ] ServiceLayer    C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
18:59:43.0358 5556  ServiceLayer - ok
18:59:43.0408 5556  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
18:59:43.0498 5556  SessionEnv - ok
18:59:43.0528 5556  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
18:59:43.0578 5556  sffdisk - ok
18:59:43.0608 5556  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:59:43.0648 5556  sffp_mmc - ok
18:59:43.0668 5556  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
18:59:43.0718 5556  sffp_sd - ok
18:59:43.0758 5556  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
18:59:43.0788 5556  sfloppy - ok
18:59:43.0888 5556  [ 74EC60E20516AAA573BE74F31175270F ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
18:59:43.0978 5556  SftService - ok
18:59:44.0018 5556  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:59:44.0118 5556  SharedAccess - ok
18:59:44.0158 5556  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:59:44.0258 5556  ShellHWDetection - ok
18:59:44.0288 5556  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:59:44.0298 5556  SiSRaid2 - ok
18:59:44.0318 5556  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
18:59:44.0338 5556  SiSRaid4 - ok
18:59:44.0348 5556  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:59:44.0408 5556  Smb - ok
18:59:44.0448 5556  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:59:44.0488 5556  SNMPTRAP - ok
18:59:44.0508 5556  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:59:44.0528 5556  spldr - ok
18:59:44.0549 5556  [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler         C:\Windows\System32\spoolsv.exe
18:59:44.0615 5556  Spooler - ok
18:59:44.0722 5556  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
18:59:44.0896 5556  sppsvc - ok
18:59:44.0916 5556  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:59:44.0976 5556  sppuinotify - ok
18:59:45.0026 5556  [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
18:59:45.0046 5556  sprtsvc_DellSupportCenter - ok
18:59:45.0076 5556  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:59:45.0126 5556  srv - ok
18:59:45.0156 5556  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:59:45.0206 5556  srv2 - ok
18:59:45.0226 5556  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:59:45.0266 5556  srvnet - ok
18:59:45.0296 5556  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:59:45.0396 5556  SSDPSRV - ok
18:59:45.0426 5556  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:59:45.0476 5556  SstpSvc - ok
18:59:45.0586 5556  [ 444109453A2B87E6C16BCDA5953E81A9 ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
18:59:45.0626 5556  STacSV - ok
18:59:45.0666 5556  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
18:59:45.0696 5556  stexstor - ok
18:59:45.0726 5556  [ 02E784FA49032F84964DB90A3ED81890 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
18:59:45.0776 5556  STHDA - ok
18:59:45.0816 5556  [ DECACB6921DED1A38642642685D77DAC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
18:59:45.0856 5556  StillCam - ok
18:59:45.0896 5556  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
18:59:45.0946 5556  stisvc - ok
18:59:45.0966 5556  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
18:59:45.0986 5556  swenum - ok
18:59:46.0006 5556  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
18:59:46.0086 5556  swprv - ok
18:59:46.0116 5556  [ 1657B7442D5CE30533F5C4317716B468 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
18:59:46.0146 5556  SynTP - ok
18:59:46.0206 5556  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
18:59:46.0316 5556  SysMain - ok
18:59:46.0386 5556  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:59:46.0426 5556  TabletInputService - ok
18:59:46.0446 5556  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:59:46.0556 5556  TapiSrv - ok
18:59:46.0576 5556  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
18:59:46.0676 5556  TBS - ok
18:59:46.0766 5556  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:59:46.0856 5556  Tcpip - ok
18:59:46.0896 5556  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:59:46.0966 5556  TCPIP6 - ok
18:59:47.0006 5556  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:59:47.0086 5556  tcpipreg - ok
18:59:47.0116 5556  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:59:47.0156 5556  TDPIPE - ok
18:59:47.0186 5556  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:59:47.0226 5556  TDTCP - ok
18:59:47.0256 5556  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:59:47.0326 5556  tdx - ok
18:59:47.0356 5556  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
18:59:47.0376 5556  TermDD - ok
18:59:47.0396 5556  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
18:59:47.0496 5556  TermService - ok
18:59:47.0526 5556  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
18:59:47.0586 5556  Themes - ok
18:59:47.0626 5556  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
18:59:47.0696 5556  THREADORDER - ok
18:59:47.0706 5556  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
18:59:47.0756 5556  TrkWks - ok
18:59:47.0816 5556  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:59:47.0896 5556  TrustedInstaller - ok
18:59:47.0936 5556  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:59:47.0977 5556  tssecsrv - ok
18:59:48.0027 5556  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:59:48.0057 5556  TsUsbFlt - ok
18:59:48.0097 5556  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:59:48.0157 5556  tunnel - ok
18:59:48.0197 5556  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
18:59:48.0217 5556  uagp35 - ok
18:59:48.0237 5556  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:59:48.0297 5556  udfs - ok
18:59:48.0317 5556  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:59:48.0357 5556  UI0Detect - ok
18:59:48.0397 5556  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:59:48.0427 5556  uliagpkx - ok
18:59:48.0457 5556  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
18:59:48.0507 5556  umbus - ok
18:59:48.0527 5556  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
18:59:48.0557 5556  UmPass - ok
18:59:48.0587 5556  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
18:59:48.0637 5556  upnphost - ok
18:59:48.0677 5556  [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
18:59:48.0717 5556  USBAAPL64 - ok
18:59:48.0747 5556  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:59:48.0787 5556  usbccgp - ok
18:59:48.0817 5556  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:59:48.0857 5556  usbcir - ok
18:59:48.0867 5556  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
18:59:48.0917 5556  usbehci - ok
18:59:48.0947 5556  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:59:48.0997 5556  usbhub - ok
18:59:49.0017 5556  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:59:49.0057 5556  usbohci - ok
18:59:49.0097 5556  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:59:49.0127 5556  usbprint - ok
18:59:49.0167 5556  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
18:59:49.0197 5556  usbscan - ok
18:59:49.0257 5556  [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser          C:\Windows\system32\drivers\usbser.sys
18:59:49.0297 5556  usbser - ok
18:59:49.0317 5556  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:59:49.0367 5556  USBSTOR - ok
18:59:49.0387 5556  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
18:59:49.0427 5556  usbuhci - ok
18:59:49.0467 5556  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
18:59:49.0527 5556  usbvideo - ok
18:59:49.0557 5556  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
18:59:49.0647 5556  UxSms - ok
18:59:49.0677 5556  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
18:59:49.0697 5556  VaultSvc - ok
18:59:49.0727 5556  [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
18:59:49.0767 5556  VClone - ok
18:59:49.0797 5556  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:59:49.0827 5556  vdrvroot - ok
18:59:49.0867 5556  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
18:59:49.0957 5556  vds - ok
18:59:49.0987 5556  [ 00C7DF4F50962BA218AB60D32869100B ] vflt            C:\Windows\system32\DRIVERS\vfilter.sys
18:59:50.0007 5556  vflt ( UnsignedFile.Multi.Generic ) - warning
18:59:50.0007 5556  vflt - detected UnsignedFile.Multi.Generic (1)
18:59:50.0037 5556  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:59:50.0077 5556  vga - ok
18:59:50.0087 5556  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:59:50.0177 5556  VgaSave - ok
18:59:50.0207 5556  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:59:50.0237 5556  vhdmp - ok
18:59:50.0257 5556  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:59:50.0287 5556  viaide - ok
18:59:50.0317 5556  [ A99CA064AD11266FE7067A79BF78BBB5 ] vnet            C:\Windows\system32\DRIVERS\virtualnet.sys
18:59:50.0347 5556  vnet ( UnsignedFile.Multi.Generic ) - warning
18:59:50.0347 5556  vnet - detected UnsignedFile.Multi.Generic (1)
18:59:50.0367 5556  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:59:50.0397 5556  volmgr - ok
18:59:50.0447 5556  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:59:50.0487 5556  volmgrx - ok
18:59:50.0517 5556  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:59:50.0557 5556  volsnap - ok
18:59:50.0577 5556  vpnva - ok
18:59:50.0607 5556  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
18:59:50.0637 5556  vsmraid - ok
18:59:50.0697 5556  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
18:59:50.0817 5556  VSS - ok
18:59:50.0837 5556  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
18:59:50.0877 5556  vwifibus - ok
18:59:50.0907 5556  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:59:50.0937 5556  vwififlt - ok
18:59:50.0967 5556  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
18:59:50.0987 5556  vwifimp - ok
18:59:51.0017 5556  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
18:59:51.0067 5556  W32Time - ok
18:59:51.0077 5556  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
18:59:51.0107 5556  WacomPen - ok
18:59:51.0137 5556  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:59:51.0217 5556  WANARP - ok
18:59:51.0227 5556  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:59:51.0287 5556  Wanarpv6 - ok
18:59:51.0337 5556  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
18:59:51.0417 5556  WatAdminSvc - ok
18:59:51.0487 5556  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
18:59:51.0577 5556  wbengine - ok
18:59:51.0607 5556  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:59:51.0647 5556  WbioSrvc - ok
18:59:51.0677 5556  [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
18:59:51.0707 5556  WcesComm - ok
18:59:51.0747 5556  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:59:51.0797 5556  wcncsvc - ok
18:59:51.0807 5556  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:59:51.0837 5556  WcsPlugInService - ok
18:59:51.0867 5556  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
18:59:51.0897 5556  Wd - ok
18:59:51.0917 5556  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:59:51.0977 5556  Wdf01000 - ok
18:59:51.0997 5556  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:59:52.0037 5556  WdiServiceHost - ok
18:59:52.0047 5556  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:59:52.0067 5556  WdiSystemHost - ok
18:59:52.0097 5556  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
18:59:52.0147 5556  WebClient - ok
18:59:52.0167 5556  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:59:52.0277 5556  Wecsvc - ok
18:59:52.0297 5556  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:59:52.0357 5556  wercplsupport - ok
18:59:52.0387 5556  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:59:52.0477 5556  WerSvc - ok
18:59:52.0507 5556  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:59:52.0557 5556  WfpLwf - ok
18:59:52.0597 5556  [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
18:59:52.0617 5556  WimFltr - ok
18:59:52.0647 5556  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:59:52.0667 5556  WIMMount - ok
18:59:52.0677 5556  WinDefend - ok
18:59:52.0687 5556  WinHttpAutoProxySvc - ok
18:59:52.0737 5556  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:59:52.0787 5556  Winmgmt - ok
18:59:52.0857 5556  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
18:59:53.0007 5556  WinRM - ok
18:59:53.0047 5556  [ FE88B288356E7B47B74B13372ADD906D ] WINUSB          C:\Windows\system32\DRIVERS\WinUSB.SYS
18:59:53.0097 5556  WINUSB - ok
18:59:53.0147 5556  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:59:53.0237 5556  Wlansvc - ok
18:59:53.0367 5556  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:59:53.0497 5556  wlidsvc - ok
18:59:53.0537 5556  [ 13B0A570E1AE451C92DA550085D72CF3 ] wltrysvc        C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
18:59:53.0557 5556  wltrysvc ( UnsignedFile.Multi.Generic ) - warning
18:59:53.0557 5556  wltrysvc - detected UnsignedFile.Multi.Generic (1)
18:59:53.0587 5556  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:59:53.0617 5556  WmiAcpi - ok
18:59:53.0647 5556  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:59:53.0707 5556  wmiApSrv - ok
18:59:53.0727 5556  WMPNetworkSvc - ok
18:59:53.0737 5556  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:59:53.0777 5556  WPCSvc - ok
18:59:53.0807 5556  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:59:53.0837 5556  WPDBusEnum - ok
18:59:53.0857 5556  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:59:53.0917 5556  ws2ifsl - ok
18:59:53.0947 5556  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
18:59:53.0997 5556  wscsvc - ok
18:59:54.0007 5556  WSearch - ok
18:59:54.0089 5556  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:59:54.0209 5556  wuauserv - ok
18:59:54.0249 5556  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:59:54.0339 5556  WudfPf - ok
18:59:54.0369 5556  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:59:54.0459 5556  WUDFRd - ok
18:59:54.0489 5556  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:59:54.0579 5556  wudfsvc - ok
18:59:54.0609 5556  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:59:54.0669 5556  WwanSvc - ok
18:59:54.0719 5556  ================ Scan global ===============================
18:59:54.0749 5556  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:59:54.0779 5556  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:59:54.0809 5556  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:59:54.0839 5556  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:59:54.0869 5556  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:59:54.0889 5556  [Global] - ok
18:59:54.0889 5556  ================ Scan MBR ==================================
18:59:54.0909 5556  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:59:55.0400 5556  \Device\Harddisk0\DR0 - ok
18:59:55.0420 5556  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR6
18:59:58.0300 5556  \Device\Harddisk1\DR6 - ok
18:59:58.0310 5556  ================ Scan VBR ==================================
18:59:58.0310 5556  [ 99187E142120C4F5E4110DA2CC8792AA ] \Device\Harddisk0\DR0\Partition1
18:59:58.0320 5556  \Device\Harddisk0\DR0\Partition1 - ok
18:59:58.0340 5556  [ BFA55B382B5101EA9405387DCD7CD00E ] \Device\Harddisk0\DR0\Partition2
18:59:58.0340 5556  \Device\Harddisk0\DR0\Partition2 - ok
18:59:58.0360 5556  [ 78FA9E5364539C4866B755C19B19FC32 ] \Device\Harddisk0\DR0\Partition3
18:59:58.0370 5556  \Device\Harddisk0\DR0\Partition3 - ok
18:59:58.0400 5556  [ 4E389FC7B86B56DD2AFBB04C31449C75 ] \Device\Harddisk0\DR0\Partition4
18:59:58.0400 5556  \Device\Harddisk0\DR0\Partition4 - ok
18:59:58.0410 5556  [ 49353CB5A36E986D5CB8AF35CDED1BA6 ] \Device\Harddisk1\DR6\Partition1
18:59:58.0410 5556  \Device\Harddisk1\DR6\Partition1 - ok
18:59:58.0410 5556  ============================================================
18:59:58.0410 5556  Scan finished
18:59:58.0410 5556  ============================================================
18:59:58.0430 7048  Detected object count: 7
18:59:58.0430 7048  Actual detected object count: 7
19:00:09.0181 7048  DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user
19:00:09.0181 7048  DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:00:09.0181 7048  hwdatacard ( UnsignedFile.Multi.Generic ) - skipped by user
19:00:09.0181 7048  hwdatacard ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:00:09.0181 7048  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
19:00:09.0181 7048  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:00:09.0191 7048  seehcri ( UnsignedFile.Multi.Generic ) - skipped by user
19:00:09.0191 7048  seehcri ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:00:09.0191 7048  vflt ( UnsignedFile.Multi.Generic ) - skipped by user
19:00:09.0191 7048  vflt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:00:09.0201 7048  vnet ( UnsignedFile.Multi.Generic ) - skipped by user
19:00:09.0201 7048  vnet ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:00:09.0201 7048  wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:00:09.0201 7048  wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 12.06.2013, 18:24   #7
markusg
/// Malware-holic
 
Mehrere Funde durch Malwarebytes - Standard

Mehrere Funde durch Malwarebytes



Hi,
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 12.06.2013, 21:45   #8
tam
 
Mehrere Funde durch Malwarebytes - Standard

Mehrere Funde durch Malwarebytes



hier das Ergebnis:
Code:
ATTFilter
ComboFix 13-06-08.02 - Tankeu Tokoto 12.06.2013  22:24:21.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4091.1575 [GMT 2:00]
ausgeführt von:: c:\users\Tankeu Tokoto\Desktop\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-05-12 bis 2013-06-12  ))))))))))))))))))))))))))))))
.
.
2013-06-12 20:39 . 2013-06-12 20:39	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-06-12 10:50 . 2013-06-12 10:50	--------	d-----w-	c:\program files (x86)\7-Zip
2013-06-12 07:05 . 2013-04-04 12:50	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-06-12 01:41 . 2013-06-12 01:41	76232	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{4FC0D660-02A5-4332-A74A-5A0C98BF01B5}\offreg.dll
2013-06-11 06:21 . 2013-05-13 06:37	9460464	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{4FC0D660-02A5-4332-A74A-5A0C98BF01B5}\mpengine.dll
2013-06-08 20:27 . 2013-06-08 20:27	545200	----a-w-	c:\windows\system32\npdeployJava1.dll
2013-06-08 20:27 . 2013-06-08 20:27	526768	----a-w-	c:\windows\system32\deployJava1.dll
2013-06-08 20:27 . 2013-06-08 20:27	196528	----a-w-	c:\windows\system32\javaws.exe
2013-06-08 20:27 . 2013-06-08 20:27	172976	----a-w-	c:\windows\system32\javaw.exe
2013-06-08 20:27 . 2013-06-08 20:27	172976	----a-w-	c:\windows\system32\java.exe
2013-06-08 20:27 . 2013-06-08 20:27	--------	d-----w-	c:\program files\Java
2013-05-18 10:46 . 2013-05-18 10:46	--------	d-----w-	C:\Intel
2013-05-17 14:09 . 2013-05-06 13:39	9060352	----a-w-	c:\windows\system32\mshtml.dll
2013-05-17 14:09 . 2013-02-28 12:03	1638912	----a-w-	c:\windows\system32\mshtml.tlb
2013-05-17 14:09 . 2013-02-28 11:38	1638912	----a-w-	c:\windows\SysWow64\mshtml.tlb
2013-05-17 14:09 . 2013-04-10 05:46	12294656	----a-w-	c:\windows\system32\ieframe.dll
2013-05-17 14:09 . 2013-04-10 05:46	2458112	----a-w-	c:\windows\system32\iertutil.dll
2013-05-17 10:47 . 2013-05-17 11:40	--------	d-----w-	c:\users\Tankeu Tokoto\AppData\Roaming\PerformerSoft
2013-05-17 10:47 . 2013-05-17 10:47	--------	d-----w-	c:\programdata\IBUpdaterService
2013-05-17 10:47 . 2012-12-19 13:53	19632	----a-w-	c:\windows\system32\roboot64.exe
2013-05-15 14:19 . 2013-04-10 06:01	983400	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 14:19 . 2013-04-10 06:01	265064	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 14:19 . 2011-02-03 11:25	144384	----a-w-	c:\windows\system32\cdd.dll
2013-05-15 14:19 . 2013-02-27 05:52	14172672	----a-w-	c:\windows\system32\shell32.dll
2013-05-15 14:19 . 2013-02-27 05:48	1930752	----a-w-	c:\windows\system32\authui.dll
2013-05-15 14:19 . 2013-02-27 05:52	197120	----a-w-	c:\windows\system32\shdocvw.dll
2013-05-15 14:19 . 2013-02-27 06:02	111448	----a-w-	c:\windows\system32\consent.exe
2013-05-15 14:19 . 2013-02-27 04:49	1796096	----a-w-	c:\windows\SysWow64\authui.dll
2013-05-15 14:19 . 2013-02-27 05:47	70144	----a-w-	c:\windows\system32\appinfo.dll
2013-05-15 14:19 . 2013-04-10 03:30	3153920	----a-w-	c:\windows\system32\win32k.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-08 20:21 . 2013-01-16 12:17	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-08 20:21 . 2013-01-16 12:17	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-17 12:28 . 2011-03-28 17:36	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-16 01:18 . 2010-01-02 17:26	75016696	----a-w-	c:\windows\system32\MRT.exe
2013-05-09 08:59 . 2013-03-19 20:07	65336	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59 . 2013-03-19 20:07	189936	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2013-05-09 08:59 . 2012-04-25 07:42	72016	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2013-05-09 08:59 . 2011-05-24 08:51	378432	----a-w-	c:\windows\system32\drivers\aswSP.sys
2013-05-09 08:59 . 2011-05-24 08:51	64288	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2013-05-09 08:59 . 2011-05-24 08:51	1025808	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2013-05-09 08:59 . 2011-05-24 08:51	33400	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2013-05-09 08:59 . 2011-05-24 08:51	80816	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:58 . 2011-05-24 08:50	41664	----a-w-	c:\windows\avastSS.scr
2013-05-09 08:58 . 2011-05-24 08:51	287840	----a-w-	c:\windows\system32\aswBoot.exe
2013-05-02 00:06 . 2010-08-26 10:36	278800	------w-	c:\windows\system32\MpSigStub.exe
2013-04-12 14:45 . 2013-04-23 19:02	1656680	----a-w-	c:\windows\system32\drivers\ntfs.sys
2013-04-08 08:46 . 2012-06-25 08:58	861088	----a-w-	c:\windows\SysWow64\npdeployJava1.dll
2013-04-08 08:46 . 2010-04-20 16:13	782240	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-04-04 03:35 . 2013-04-28 16:05	95648	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-04-02 14:09 . 2013-04-02 14:09	4550656	----a-w-	c:\windows\SysWow64\GPhotos.scr
2013-03-29 16:05 . 2013-03-29 16:05	9728	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-29 16:05 . 2013-03-29 16:05	9728	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-29 16:05 . 2013-03-29 16:05	648192	----a-w-	c:\windows\system32\d3d10level9.dll
2013-03-29 16:05 . 2013-03-29 16:05	604160	----a-w-	c:\windows\SysWow64\d3d10level9.dll
2013-03-29 16:05 . 2013-03-29 16:05	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-03-29 16:05 . 2013-03-29 16:05	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-03-29 16:05 . 2013-03-29 16:05	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-03-29 16:05 . 2013-03-29 16:05	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-03-29 16:05 . 2013-03-29 16:05	522752	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2013-03-29 16:05 . 2013-03-29 16:05	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2013-03-29 16:05 . 2013-03-29 16:05	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2013-03-29 16:05 . 2013-03-29 16:05	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-03-29 16:05 . 2013-03-29 16:05	4096	---ha-w-	c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-03-29 16:05 . 2013-03-29 16:05	3928064	----a-w-	c:\windows\system32\d2d1.dll
2013-03-29 16:05 . 2013-03-29 16:05	364544	----a-w-	c:\windows\SysWow64\XpsGdiConverter.dll
2013-03-29 16:05 . 2013-03-29 16:05	363008	----a-w-	c:\windows\system32\dxgi.dll
2013-03-29 16:05 . 2013-03-29 16:05	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-03-29 16:05 . 2013-03-29 16:05	3584	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-03-29 16:05 . 2013-03-29 16:05	3419136	----a-w-	c:\windows\SysWow64\d2d1.dll
2013-03-29 16:05 . 2013-03-29 16:05	333312	----a-w-	c:\windows\system32\d3d10_1core.dll
2013-03-29 16:05 . 2013-03-29 16:05	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-03-29 16:05 . 2013-03-29 16:05	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-03-29 16:05 . 2013-03-29 16:05	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-03-29 16:05 . 2013-03-29 16:05	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-03-29 16:05 . 2013-03-29 16:05	296960	----a-w-	c:\windows\system32\d3d10core.dll
2013-03-29 16:05 . 2013-03-29 16:05	293376	----a-w-	c:\windows\SysWow64\dxgi.dll
2013-03-29 16:05 . 2013-03-29 16:05	2776576	----a-w-	c:\windows\system32\msmpeg2vdec.dll
2013-03-29 16:05 . 2013-03-29 16:05	2565120	----a-w-	c:\windows\system32\d3d10warp.dll
2013-03-29 16:05 . 2013-03-29 16:05	2560	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-03-29 16:05 . 2013-03-29 16:05	2560	---ha-w-	c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-03-29 16:05 . 2013-03-29 16:05	249856	----a-w-	c:\windows\SysWow64\d3d10_1core.dll
2013-03-29 16:05 . 2013-03-29 16:05	245248	----a-w-	c:\windows\system32\WindowsCodecsExt.dll
2013-03-29 16:05 . 2013-03-29 16:05	2284544	----a-w-	c:\windows\SysWow64\msmpeg2vdec.dll
2013-03-29 16:05 . 2013-03-29 16:05	221184	----a-w-	c:\windows\system32\UIAnimation.dll
2013-03-29 16:05 . 2013-03-29 16:05	220160	----a-w-	c:\windows\SysWow64\d3d10core.dll
2013-03-29 16:05 . 2013-03-29 16:05	207872	----a-w-	c:\windows\SysWow64\WindowsCodecsExt.dll
2013-03-29 16:05 . 2013-03-29 16:05	1988096	----a-w-	c:\windows\SysWow64\d3d10warp.dll
2013-03-29 16:05 . 2013-03-29 16:05	194560	----a-w-	c:\windows\system32\d3d10_1.dll
2013-03-29 16:05 . 2013-03-29 16:05	1887232	----a-w-	c:\windows\system32\d3d11.dll
2013-03-29 16:05 . 2013-03-29 16:05	187392	----a-w-	c:\windows\SysWow64\UIAnimation.dll
2013-03-29 16:05 . 2013-03-29 16:05	1682432	----a-w-	c:\windows\system32\XpsPrint.dll
2013-03-29 16:05 . 2013-03-29 16:05	1643520	----a-w-	c:\windows\system32\DWrite.dll
2013-03-29 16:05 . 2013-03-29 16:05	161792	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2013-03-29 16:05 . 2013-03-29 16:05	1504768	----a-w-	c:\windows\SysWow64\d3d11.dll
2013-03-29 16:05 . 2013-03-29 16:05	1424384	----a-w-	c:\windows\system32\WindowsCodecs.dll
2013-03-29 16:05 . 2013-03-29 16:05	1247744	----a-w-	c:\windows\SysWow64\DWrite.dll
2013-03-29 16:05 . 2013-03-29 16:05	1238528	----a-w-	c:\windows\system32\d3d10.dll
2013-03-29 16:05 . 2013-03-29 16:05	1230336	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
2013-03-29 16:05 . 2013-03-29 16:05	1175552	----a-w-	c:\windows\system32\FntCache.dll
2013-03-29 16:05 . 2013-03-29 16:05	1158144	----a-w-	c:\windows\SysWow64\XpsPrint.dll
2013-03-29 16:05 . 2013-03-29 16:05	1080832	----a-w-	c:\windows\SysWow64\d3d10.dll
2013-03-29 16:05 . 2013-03-29 16:05	10752	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-03-29 16:05 . 2013-03-29 16:05	10752	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-03-19 06:04 . 2013-04-10 00:09	5550424	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 00:08	43520	----a-w-	c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 00:08	3968856	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 00:09	3913560	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 00:08	6656	----a-w-	c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 00:08	112640	----a-w-	c:\windows\system32\smss.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2012-12-06 14:35	1308504	----a-r-	c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2012-12-06 1308504]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\11\ISUSPM.exe" [2008-09-26 210208]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-06-26 98304]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-06-19 494064]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2013-01-30 450560]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-02-13 1263952]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-10-07 559616]
" Malwarebytes Anti-Malware "="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2013-04-04 532040]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"DellSupportCenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"OpwareSE4"="c:\program files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe"
"SSBkgdUpdate"="c:\program files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
.
R1 vflt;Shrew Soft Lightweight Filter;c:\windows\system32\DRIVERS\vfilter.sys;c:\windows\SYSNATIVE\DRIVERS\vfilter.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\Gameforge4D\CABAL Online\GameGuard\dump_wmimmc.sys;c:\program files (x86)\Gameforge4D\CABAL Online\GameGuard\dump_wmimmc.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 ncplelhp;NCP Secure Client NDIS6 Driver;c:\windows\system32\DRIVERS\ncplelhp.sys;c:\windows\SYSNATIVE\DRIVERS\ncplelhp.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys;c:\windows\SYSNATIVE\DRIVERS\s0016bus.sys [x]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s0016mdfl.sys [x]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s0016mdm.sys [x]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s0016mgmt.sys [x]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s0016nd5.sys [x]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys;c:\windows\SYSNATIVE\DRIVERS\s0016obex.sys [x]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys;c:\windows\SYSNATIVE\DRIVERS\s0016unic.sys [x]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys;c:\windows\SYSNATIVE\DRIVERS\seehcri.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 vnet;Shrew Soft Virtual Adapter;c:\windows\system32\DRIVERS\virtualnet.sys;c:\windows\SYSNATIVE\DRIVERS\virtualnet.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswKbd;aswKbd; [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe;c:\program files\Dell\DellDock\DockLogin.exe [x]
S2 Flexlm Service 1;Flexlm Service 1;c:\simulia\License\lmgrd.exe;c:\simulia\License\lmgrd.exe [x]
S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files (x86)\PDF Architect\HelperService.exe;c:\program files (x86)\PDF Architect\HelperService.exe [x]
S2 PDF Architect Service;PDF Architect Service;c:\program files (x86)\PDF Architect\ConversionService.exe;c:\program files (x86)\PDF Architect\ConversionService.exe [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Acceler.sys;c:\windows\SYSNATIVE\DRIVERS\Acceler.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
S3 O2MDGRDR;O2MDGRDR;c:\windows\system32\DRIVERS\o2mdgx64.sys;c:\windows\SYSNATIVE\DRIVERS\o2mdgx64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 44334622
*Deregistered* - 44334622
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-06 23:29	1165776	----a-w-	c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-24 19:13]
.
2013-06-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-24 19:13]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58	133840	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WrtMon.exe"="c:\windows\system32\spool\drivers\x64\3\WrtMon.exe" [2006-09-20 20480]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.holasearch.com/?affID=121962&tt=gc_&babsrc=HP_ss&mntrId=B2C60CEEE6946449
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 193.189.244.202 193.189.244.194
DPF: 55963676-2F5E-4BAF-AC28-CF26AA587566 - vpnweb.cab
FF - ProfilePath - c:\users\Tankeu Tokoto\AppData\Roaming\Mozilla\Firefox\Profiles\euqplq9m.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=2&CUI=SB_CUI&q=
FF - ExtSQL: 2013-04-17 15:50; hdvc@hdvc.com; c:\users\Tankeu Tokoto\AppData\Roaming\Mozilla\Firefox\Profiles\euqplq9m.default\extensions\hdvc@hdvc.com.xpi
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.max-connections - 96
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 24
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=b2c650db0000000000000ceee6946449&q=
FF - user.js: extensions.BabylonToolbar.id - b2c650db0000000000000ceee6946449
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15666
FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.4.9
FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.4.9
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.4.911:51
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - irhnew
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar_i.excTlbr - false
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110193&tt=201112_1849_4712_1
FF - user.js: extensions.BabylonToolbar_i.babExt - 
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar.autoRvrt - false
FF - user.js: extensions.BabylonToolbar.rvrt - false
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.holasearch.tlbrSrchUrl - 
FF - user.js: extensions.holasearch.id - b2c650db0000000000000ceee6946449
FF - user.js: extensions.holasearch.appId - {8D5CFE57-B0FD-4396-97A2-DFD0B7DA935B}
FF - user.js: extensions.holasearch.instlDay - 15842
FF - user.js: extensions.holasearch.vrsn - 1.8.16.16
FF - user.js: extensions.holasearch.vrsni - 1.8.16.16
FF - user.js: extensions.holasearch.vrsnTs - 1.8.16.1613:38
FF - user.js: extensions.holasearch.prtnrId - holasearch
FF - user.js: extensions.holasearch.prdct - holasearch
FF - user.js: extensions.holasearch.aflt - babsst
FF - user.js: extensions.holasearch.smplGrp - none
FF - user.js: extensions.holasearch.tlbrId - base
FF - user.js: extensions.holasearch.instlRef - sst
FF - user.js: extensions.holasearch.dfltLng - en
FF - user.js: extensions.holasearch.excTlbr - false
FF - user.js: extensions.holasearch.ffxUnstlRst - false
FF - user.js: extensions.holasearch.admin - false
FF - user.js: extensions.holasearch.autoRvrt - false
FF - user.js: extensions.holasearch.rvrt - false
FF - user.js: extensions.holasearch.newTab - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{c840e246-6b95-475e-9bd7-caa1c7eca9f2} - (no file)
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
WebBrowser-{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-06-12  22:43:08
ComboFix-quarantined-files.txt  2013-06-12 20:43
.
Vor Suchlauf: 15 Verzeichnis(se), 90.358.685.696 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 91.210.289.152 Bytes frei
.
- - End Of File - - BDE564ACB2641DF4E6963EBE5B300318
D41D8CD98F00B204E9800998ECF8427E
         

Alt 12.06.2013, 21:47   #9
markusg
/// Malware-holic
 
Mehrere Funde durch Malwarebytes - Standard

Mehrere Funde durch Malwarebytes



Hi,

lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 12.06.2013, 22:28   #10
tam
 
Mehrere Funde durch Malwarebytes - Standard

Mehrere Funde durch Malwarebytes



hi, hier die Liste
Code:
ATTFilter
7-Zip 9.20		12.06.2013										notwendig
Abaqus 6.10-1	Dassault Systemes Simulia Corp.	01.10.2011		6.9.0.0                                 notwendig
Abaqus FLEXnet License Server	Dassault Systemes Simulia Corp.	01.10.2011		6.9.0.0			notwendig
Adobe Flash Player 11 ActiveX	Adobe Systems Incorporated	08.06.2013	6,00MB	11.7.700.202		notwendig
Adobe Flash Player 11 Plugin	Adobe Systems Incorporated	08.06.2013	6,00MB	11.7.700.202		notwendig
Adobe Reader XI (11.0.03) - Deutsch	Adobe Systems Incorporated	19.05.2013	134MB	11.0.03		notwendig
Apple Application Support	Apple Inc.	01.07.2012	61,0MB	2.1.9					unnötig
Apple Mobile Device Support	Apple Inc.	01.07.2012	24,9MB	5.2.0.6					unnötig
Apple Software Update	Apple Inc.	05.11.2011	2,38MB	2.1.3.127					unnötig
ATI Catalyst Control Center		10.12.2009		2.009.0625.1811					notwendig
avast! Free Antivirus	AVAST Software	29.05.2013		8.0.1489.0					notwendig
Canon IJ Network Scan Utility		10.01.2010								notwendig		
Canon Inkjet Printer Driver Add-On Module		19.05.2010						notwendig								
Canon MP Navigator EX 1.0		10.01.2010								notwendig		
Canon MX700 series		10.01.2010									notwendig		
Canon My Printer		10.01.2010									notwendig	
Canon Utilities Easy-PhotoPrint EX		10.01.2010							notwendig		
Canon Utilities Solution Menu		10.01.2010								notwendig	
CCleaner	Piriform	24.05.2013		4.02							notwendig
Cisco EAP-FAST Module	Cisco Systems, Inc.	10.12.2009	1,55MB	2.2.14					unnötig			
Cisco LEAP Module	Cisco Systems, Inc.	10.12.2009	644KB	1.0.19					unnötig
Cisco PEAP Module	Cisco Systems, Inc.	10.12.2009	1,23MB	1.1.6					unnötig
Compatibility Pack für 2007 Office System	Microsoft Corporation	09.01.2013	367MB	12.0.6612.1000	unnötig
Dell DataSafe Local Backup	Dell	10.12.2009		9.4.60						unnötig
Dell DataSafe Local Backup - Support Software	Dell	10.12.2009		9.4.60				unnötig
Dell DataSafe Online	Dell, Inc.	30.04.2010	8,33MB	1.2.0011					unnötig
Dell Dock	Dell	10.12.2009		2.0.0								unnötig
Dell Getting Started Guide	Dell Inc.	10.12.2009		1.00.0000				unnötig
Dell Support Center (Support Software)	Dell	10.12.2009		2.5.09100				unnötig
Dell Webcam Central	Creative Technology Ltd	10.12.2009		1.40.05					unnötig
Dell Wireless WLAN Card Utility	Dell Inc.	10.12.2009		5.30.21.0				unnötig
DHTML Editing Component	Microsoft Corporation	27.10.2010	554KB	6.02.0001				unnötig
DivX Plus DirectShow Filters	DivX, Inc.	26.08.2010							unnötig		
DivX-Setup	DivX, LLC	17.03.2013		2.6.1.24						unnötig
FileCards	privat	12.12.2010	972KB	1.0.0								unbekannt
Flatcast Viewer Plugin 5.2.2.454	1 mal 1 Software GmbH	11.12.2011					unbekannt							
GIMP 2.6.12	The GIMP Team	14.03.2012	114MB	2.6.12							notwendig
Google Chrome	Google Inc.	24.04.2013		27.0.1453.110						unnötig
iCloud	Apple Inc.	28.05.2012	33,2MB	1.1.0.40							unnötig
Intel® Matrix Storage Manager	Intel Corporation	10.12.2009						notwendig		
iTunes	Apple Inc.	01.07.2012	182MB	10.6.3.25							unnötig
Java 7 Update 21	Oracle	08.04.2013	129MB	7.0.210							notwendig
Java(TM) 6 Update 33	Oracle	25.06.2012	95,6MB	6.0.330							notwendig
Java(TM) 6 Update 45 (64-bit)	Oracle	08.06.2013	92,3MB	6.0.450						notwendig						
Live! Cam Avatar Creator	Creative Technology Ltd	10.12.2009		4.6.3009.1			unnötig
Malwarebytes Anti-Malware Version 1.75.0.1300	Malwarebytes Corporation	12.06.2013	19,2MB	1.75.0.1300	notwendig	
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	31.01.2012	38,8MB	4.0.30319		notwendig
Microsoft .NET Framework 4 Client Profile DEU Language Pack	Microsoft Corporation	12.03.2012	2,93MB	4.0.30319	notwendig
Microsoft .NET Framework 4 Extended	Microsoft Corporation	31.01.2012	51,9MB	4.0.30319				notwendig
Microsoft HPC MPI Redistributable Pack	Microsoft Corporation	01.10.2011	7,24MB	2.1.1765.0				notwendig
Microsoft Office Enterprise 2007	Microsoft Corporation	31.01.2012		12.0.6612.1000				notwendig
Microsoft Office File Validation Add-In	Microsoft Corporation	14.09.2011	7,95MB	14.0.5130.5003				notwendig
Microsoft Office Live Add-in 1.5	Microsoft Corporation	18.04.2012	508KB	2.0.4024.1				notwendig
Microsoft Office PowerPoint Viewer 2007 (German)	Microsoft Corporation	09.01.2013	105MB	12.0.6612.1000		notwendig
Microsoft Silverlight	Microsoft Corporation	13.03.2013	149MB	5.1.20125.0						notwendig
Microsoft SQL Server 2005 Compact Edition [ENU]	Microsoft Corporation	10.12.2009	1,72MB	3.1.0000			notwendig
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053	Microsoft Corporation	09.01.2010	260KB	8.0.50727.4053	notwendig
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053	Microsoft Corporation	09.01.2010	252KB	8.0.50727.4053	notwendig
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	16.06.2011	300KB	8.0.58299				notwendig
Microsoft Visual C++ 2005 Redistributable (x64)	Microsoft Corporation	10.12.2009	708KB	8.0.61000				notwendig
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175	Microsoft Corporation	01.05.2011	580KB	8.0.51011
Microsoft Visual C++ 2005 Redistributable - KB2467175	Microsoft Corporation	07.10.2011	2,64MB	8.0.51011
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148	Microsoft Corporation	09.01.2010	212KB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570	Microsoft Corporation	01.05.2011	790KB	9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570	Microsoft Corporation	26.05.2011	598KB	9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022	Microsoft Corporation	12.10.2010	1,70MB	9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17	Microsoft Corporation	10.12.2009	788KB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148	Microsoft Corporation	01.10.2011	238KB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161	Microsoft Corporation	16.06.2011	788KB	9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729	Microsoft Corporation	21.09.2011	244KB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148	Microsoft Corporation	24.05.2011	590KB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161	Microsoft Corporation	16.06.2011	600KB	9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319	Microsoft Corporation	28.11.2011	11,0MB	10.0.30319
Microsoft Works	Microsoft Corporation	09.10.2012	0,97GB	9.7.0621								unnötig
Mozilla Firefox 21.0 (x86 de)	Mozilla	28.05.2013	47,6MB	21.0									notwendig
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	11.01.2010	1,27MB	4.20.9870.0						unbekannt
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	13.01.2010	1,33MB	4.20.9876.0						unbekannt
MySQL Connector/ODBC 5.1	MySQL AB	07.01.2011	7,09MB	5.1.5								unbekannt
Nonoh	Finarea S.A. Switzerland	03.01.2010	10,6MB	4.04 build 554								notwendig
PC Connectivity Solution	Nokia	05.11.2011	20,8MB	11.5.13.0								unnötig
PDF Architect	pdfforge	19.02.2013	91,1MB	1.0.52.8917									notwendig
Picasa 3	Google, Inc.	18.04.2013		3.9										notwendig
Power Tab Editor 1.7		11.10.2011												unbekannt		
PowerDVD DX	CyberLink Corp.	10.12.2009		8.3.5424									unnötig
Presto! PageManager 7.15.16	NewSoft Technology Corporation	10.01.2010		7.15.16						unnötig
Quickset64	Dell Inc.	10.12.2009		9.6.6										unnötig
Roxio Burn	Roxio	10.12.2009	35,1MB	1.0											notwendig
Safari	Apple Inc.	01.07.2012	104MB	5.34.57.2										unnotig
ScanSoft OmniPage SE 4	Nuance Communications, Inc.	10.01.2010	167MB	15.2.0020						unnöitig
SweetIM Bundle by SweetPacks	SweetPacks LTD	16.01.2013		1.0.0.0								unbekannt
Synaptics Pointing Device Driver	Synaptics Incorporated	10.12.2009		13.2.2.2					unbekannt
TuneUp Utilities 2013	TuneUp Software	19.02.2013		13.0.3020.2								unnötig
VirtualCloneDrive	Elaborate Bytes	31.01.2012											unnötig		
VLC media player 2.0.2	VideoLAN	21.07.2012		2.0.2									notwendig
WildTangent Games App (Dell Games)	WildTangent	18.06.2011		4.0.5.14						unnötig
WildTangent-Spiele	WildTangent	10.12.2009		1.0.0.71								unnötig
Windows Live Essentials	Microsoft Corporation	26.06.2012		15.4.3555.0308							unnötig				
Windows Live Sync	Microsoft Corporation	11.12.2010	2,79MB	14.0.8117.416							unnötig
Windows Media Player Firefox Plugin	Microsoft Corp	28.04.2010	296KB	1.0.0.8							unnötig
Windows Mobile-Gerätecenter	Microsoft Corporation	17.10.2011	27,4MB	6.1.6965.0						unnötig
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)	Nokia	05.11.2011		08/22/2008 7.0.0.0			unnötig
WinRAR		12.07.2010														notwendig	
WinRAR		12.07.2010														notwendig	
World of Warcraft	Blizzard Entertainment	18.12.2012		4.0.0.12911							notwendig
         

Alt 13.06.2013, 11:34   #11
markusg
/// Malware-holic
 
Mehrere Funde durch Malwarebytes - Standard

Mehrere Funde durch Malwarebytes



b
deinstaliere:
Adobe Flash Player alle
Adobe - Adobe Flash Player installieren
neueste version laden, instalieren.
bitte auch mal den adobe reader wie folgt konfigurieren:
adobe reader öffnen, bearbeiten, voreinstellungen.
allgemein:
nur zertifizierte zusatz module verwenden, anhaken.
Sicherheit (erweitert)
Erweiterte Sicherheit anhaken
und alle Dateien auswählen.
internet:
hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc.
es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht.
bei javascript den haken bei java script verwenden raus nehmen
bei updater, automatisch instalieren wählen.
übernehmen /ok

deinstaliere:
Cisco : alle
Dell : alle, außer du nutzt wlan das nicht
DivX: beide
Google
iCloud
iTunes
Java(TM) : alle
Live
PC Connectivity
PowerDVD
Presto
Quickset64
Safari
ScanSoft
SweetIM
TuneUp
VirtualCloneDrive
WildTangent : beide

Windows Live : beide

Öffne CCleaner, analysieren, starten, PC neustarten.
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 13.06.2013, 11:46   #12
tam
 
Mehrere Funde durch Malwarebytes - Standard

Mehrere Funde durch Malwarebytes



Hallo markus,

da ich mit meinem anderen laptop nach dem deinstallieren der programme und dem adwcleaner totale probleme jetzt habe, würde ich gerne mit dem weiteren procedere an dem laptop gerne erstmal stoppen, da ich Angst habe, dass hier das gleiche passiert und ich brauche wenigstens einen funktionierenden laptop um arbeiten zu können (stecke gerade mitten in meiner abschlussarbeit!). Deswegen hier erstmal stop und ich warte dann solange bis der andere laptop auf vordermann gebracht ist, bis ich an dem hier weitermache Ich hoffe, das ist okay!

Alt 13.06.2013, 11:50   #13
markusg
/// Malware-holic
 
Mehrere Funde durch Malwarebytes - Standard

Mehrere Funde durch Malwarebytes



verstehe ich nicht, wir arbeiten doch nur an einem gerät, warum solltest du mit dem prozedere stoppen damit es an dem anderen gerät keine Probleme gibt?
welche Probleme gibts überhaupt
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 13.06.2013, 11:53   #14
tam
 
Mehrere Funde durch Malwarebytes - Standard

Mehrere Funde durch Malwarebytes



okay, das ist der andere thread, den du auch bearbeitest, ich hab 2 laptops, der eine ist dieser und der andere, den bearbeitest du unter dem titel: zuerst keine webseite mehr geladen, dann probleme mit Avast..... Der macht seit heute früh nur noch Probleme. Aber das kannst du in dem anderen Thread lesen, bevor es zu totaler Verwirrung führt

Antwort

Themen zu Mehrere Funde durch Malwarebytes
action, anti-malware, appdata, chrome, code, default, erhalte, erhalten, explorer, folge, folgendes, funde, google, laptop, local, log, malwarebyte, malwarebytes, malwarebytes anti-malware, minute, service, service pack 1, software, storage, users




Ähnliche Themen: Mehrere Funde durch Malwarebytes


  1. Funde durch Malwarebytes
    Log-Analyse und Auswertung - 25.02.2015 (13)
  2. Windows 7: AVAST 3 Funde, Malwarebytes 8 Funde
    Log-Analyse und Auswertung - 16.12.2014 (13)
  3. Windows 8.1: Nach Toolbar Installation mehrere Funde durch Antivirensoftware
    Log-Analyse und Auswertung - 04.12.2014 (5)
  4. Malwarebytes mehrere Funde, auch Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 31.07.2014 (9)
  5. AVAST und Malwarebytes melden mehrere Funde
    Plagegeister aller Art und deren Bekämpfung - 04.05.2014 (37)
  6. 5 Funde durch Malwarebytes: SnapDo.A, Wajam.A, NextLive.A und Vittalia
    Log-Analyse und Auswertung - 01.04.2014 (9)
  7. Mehrere Funde von Java-Viren durch Avira
    Log-Analyse und Auswertung - 23.02.2014 (16)
  8. Windows 7, PC langsam und diverse Funde durch Malwarebytes Antimalware
    Log-Analyse und Auswertung - 07.12.2013 (27)
  9. Windows 7: Avira hat 172 Viren gefunden, davor mehrer Funde einzel Funde bei Malwarebytes bzw. Avira
    Log-Analyse und Auswertung - 15.09.2013 (13)
  10. Mehrere PUP Funde
    Log-Analyse und Auswertung - 12.09.2013 (15)
  11. 53 Funde durch malwarebytes
    Plagegeister aller Art und deren Bekämpfung - 31.08.2013 (9)
  12. Mehrere Funde von Malwarebytes: Hauptsächlich Registry keys!
    Log-Analyse und Auswertung - 15.06.2013 (25)
  13. Mehrere Trojaner durch Malwarebytes Anti Malware gefunden und ein Virus durch Avira gefunden (TR/Gendal.81920.6)
    Log-Analyse und Auswertung - 10.11.2012 (1)
  14. Malwarebytes Fund Backdoor.Agent / Avira mehrere Funde
    Plagegeister aller Art und deren Bekämpfung - 08.08.2012 (3)
  15. mehrere Trojaner gefunden durch Malwarebytes Antimalware
    Log-Analyse und Auswertung - 28.02.2012 (44)
  16. Mehrere Funde mit Malwarebytes: Malware.Packer.Gen, Spyware.SpyEyes (3x), Trojan.Agent (2x)
    Plagegeister aller Art und deren Bekämpfung - 10.08.2010 (29)
  17. Nach Win32/Cryptor Entfernung bei Malwarebytes Scan mehrere weitere Funde
    Log-Analyse und Auswertung - 18.12.2009 (1)

Zum Thema Mehrere Funde durch Malwarebytes - Hallo, ich habe auf unserem 2. Laptop durch Malwarebytes folgendes log erhalten: Code: Alles auswählen Aufklappen ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Version de la base de données: v2013.06.12.02 Windows 7 - Mehrere Funde durch Malwarebytes...
Archiv
Du betrachtest: Mehrere Funde durch Malwarebytes auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.