Trojaner-Board - Backdoor. Agent appconf32.exe

Hallo Chris,

hier die erstellten logs:

OTL Logfile:

Code:

OTL logfile created on: 19.04.2012 12:57:58 - Run 1

OTL by OldTimer - Version 3.2.40.0     Folder = C:\Users\Mea\Desktop

 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,22 Gb Total Physical Memory | 1,58 Gb Available Physical Memory | 49,13% Memory free

6,43 Gb Paging File | 4,65 Gb Available in Paging File | 72,39% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 195,21 Gb Total Space | 57,15 Gb Free Space | 29,28% Space Free | Partition Type: NTFS

Drive D: | 270,45 Gb Total Space | 39,34 Gb Free Space | 14,55% Space Free | Partition Type: NTFS

 

Computer Name: THE_NEW | User Name: Mea | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Users\Mea\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)

PRC - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)

PRC - C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia)

PRC - C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)

PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

PRC - C:\Program Files\Nero\Update\NASvc.exe (Nero AG)

PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)

PRC - C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe (Nero AG)

PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)

PRC - C:\Windows\vsnp2std.exe (Sonix)

 

 
 ========== Modules (No Company Name) ==========

 

MOD - C:\Users\Mea\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll ()

MOD - C:\Users\Mea\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll ()

MOD - C:\Users\Mea\AppData\Local\Google\Chrome\Application\18.0.1025.162\avutil-51.dll ()

MOD - C:\Users\Mea\AppData\Local\Google\Chrome\Application\18.0.1025.162\avformat-53.dll ()

MOD - C:\Users\Mea\AppData\Local\Google\Chrome\Application\18.0.1025.162\avcodec-53.dll ()

MOD - C:\Users\Mea\AppData\Local\Google\Chrome\Application\18.0.1025.162\gcswf32.dll ()

MOD - C:\Users\Mea\AppData\Local\Google\Chrome\APPLIC~1\180102~1.162\gcswf32.dll ()

MOD - C:\Program Files\WinRAR\RarExt.dll ()

MOD - C:\Program Files\IDM Computer Solutions\UltraEdit-32\ue32ctmn.dll ()

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - (SBSDWSCService) -- C:\Program Files\Spybot File not found

SRV - (RoxLiveShare9) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe File not found

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (TeamViewer7) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)

SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)

SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

SRV - (NAUpdate) -- C:\Program Files\Nero\Update\NASvc.exe (Nero AG)

SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

SRV - (CGVPNCliSrvc) -- C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe (mobile concepts GmbH)

SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)

SRV - (WAS) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)

SRV - (W3SVC) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)

SRV - (AppHostSvc) -- C:\Windows\System32\inetsrv\apphostsvc.dll (Microsoft Corporation)

SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)

SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies, Inc.)

SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)

SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)

SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)

SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV - (NeroMediaHomeService.4) -- C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe (Nero AG)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - (ZTEusbser6k) -- system32\DRIVERS\ZTEusbser6k.sys File not found

DRV - (ZTEusbnmea) -- system32\DRIVERS\ZTEusbnmea.sys File not found

DRV - (ZTEusbmdm6k) -- system32\DRIVERS\ZTEusbmdm6k.sys File not found

DRV - (massfilter) -- system32\drivers\massfilter.sys File not found

DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)

DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia)

DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)

DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)

DRV - (nmwcdnsuc) -- C:\Windows\System32\drivers\nmwcdnsuc.sys (Nokia)

DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)

DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)

DRV - (teamviewervpn) -- C:\Windows\System32\drivers\teamviewervpn.sys (TeamViewer GmbH)

DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)

DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)

DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)

DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)

DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)

DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)

DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)

DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)

DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)

DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)

DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)

DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)

DRV - (tap0901) -- C:\Windows\System32\drivers\tap0901.sys (The OpenVPN Project)

DRV - (BVRPMPR5) -- C:\Windows\System32\drivers\BVRPMPR5.SYS (Avanquest Software)

DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)

DRV - (SNP2STD) USB2.0 PC Camera (SNP2STD) -- C:\Windows\System32\drivers\snp2sxp.sys ()

DRV - (snpstd) -- C:\Windows\System32\drivers\snpstd.sys ()

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = hxxp://www.google.com/

IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}

IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8888;https=127.0.0.1:8888

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.update: false

FF - prefs.js..browser.search.defaultthis.engineName: "Search"

FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"

FF - prefs.js..browser.search.suggest.enabled: false

FF - prefs.js..browser.search.update: false

FF - prefs.js..browser.startup.homepage: "hxxp://search.linkury.com"

FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http: "127.0.0.1"

FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http_port: 8888

FF - prefs.js..extensions.charles.settings.disabled.network.proxy.no_proxies_on: ""

FF - prefs.js..extensions.charles.settings.disabled.network.proxy.share_proxy_settings: false

FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks: ""

FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks_port: 0

FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl: "127.0.0.1"

FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl_port: 8888

FF - prefs.js..extensions.charles.settings.disabled.network.proxy.type: 0

FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http: "127.0.0.1"

FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http_port: 8888

FF - prefs.js..extensions.charles.settings.enabled.network.proxy.no_proxies_on: ""

FF - prefs.js..extensions.charles.settings.enabled.network.proxy.share_proxy_settings: false

FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks: ""

FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks_port: 0

FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl: "127.0.0.1"

FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl_port: 8888

FF - prefs.js..extensions.charles.settings.enabled.network.proxy.type: 1

FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.7.3

FF - prefs.js..extensions.enabledItems: {3e9a3920-1b27-11da-8cd6-0800200c9a66}:3.6.2

FF - prefs.js..extensions.enabledItems: foxyproxy@eric.h.jung:3.4

FF - prefs.js..extensions.enabledItems: greasefire@skrul.com:1.0.4

FF - prefs.js..extensions.enabledItems: {9c51bd27-6ed8-4000-a2bf-36cb95c0c947}:11.0.1

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25

FF - prefs.js..extensions.enabledItems: {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}:7.3.0.0

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29

FF - prefs.js..extensions.enabledItems: {184AA5E6-741D-464a-820E-94B3ABC2F3B4}:1.0

FF - prefs.js..network.proxy.ftp: "127.0.0.1"

FF - prefs.js..network.proxy.ftp_port: 8080

FF - prefs.js..network.proxy.gopher: "127.0.0.1"

FF - prefs.js..network.proxy.gopher_port: 8080

FF - prefs.js..network.proxy.http: "127.0.0.1"

FF - prefs.js..network.proxy.http_port: 8888

FF - prefs.js..network.proxy.no_proxies_on: ""

FF - prefs.js..network.proxy.ssl: "127.0.0.1"

FF - prefs.js..network.proxy.ssl_port: 8888

FF - prefs.js..network.proxy.type: 0

FF - user.js - File not found

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Mea\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Mea\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fiddlerhook@fiddler2.com: C:\Program Files\Fiddler2\FiddlerHook [2011.08.08 10:53:43 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.01.28 14:29:33 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2011.09.13 09:07:46 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.02.10 07:42:58 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Users\Mea\AppData\Roaming\01030\install.rdf [2012.04.19 11:30:09 | 000,000,539 | ---- | M] ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.07.01 00:07:49 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.16 13:57:32 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.01.28 14:29:33 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Users\Mea\AppData\Roaming\01030 [2012.04.15 01:31:01 | 000,000,000 | ---D | M]

 

[2010.09.23 21:56:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mea\AppData\Roaming\mozilla\Extensions

[2012.04.16 02:38:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mea\AppData\Roaming\mozilla\Firefox\Profiles\l37kv09o.default\extensions

[2012.01.26 11:32:32 | 000,000,000 | ---D | M] (Charles Autoconfiguration) -- C:\Users\Mea\AppData\Roaming\mozilla\Firefox\Profiles\l37kv09o.default\extensions\{3e9a3920-1b27-11da-8cd6-0800200c9a66}

[2011.08.22 23:04:03 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\Mea\AppData\Roaming\mozilla\Firefox\Profiles\l37kv09o.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}

[2011.07.01 00:08:33 | 000,000,000 | ---D | M] (Tamper Data) -- C:\Users\Mea\AppData\Roaming\mozilla\Firefox\Profiles\l37kv09o.default\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}

[2011.09.09 12:09:30 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Mea\AppData\Roaming\mozilla\Firefox\Profiles\l37kv09o.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

[2012.01.26 11:32:32 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Mea\AppData\Roaming\mozilla\Firefox\Profiles\l37kv09o.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

[2011.11.03 16:03:34 | 000,000,000 | ---D | M] (preisspion.de) -- C:\Users\Mea\AppData\Roaming\mozilla\Firefox\Profiles\l37kv09o.default\extensions\finder@meingutscheincode.de

[2011.07.01 00:08:33 | 000,000,000 | ---D | M] (Firebug) -- C:\Users\Mea\AppData\Roaming\mozilla\Firefox\Profiles\l37kv09o.default\extensions\firebug@software.joehewitt.com

[2012.01.04 11:39:19 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Mea\AppData\Roaming\mozilla\Firefox\Profiles\l37kv09o.default\extensions\foxyproxy@eric.h.jung

[2011.07.01 00:08:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mea\AppData\Roaming\mozilla\Firefox\Profiles\l37kv09o.default\extensions\greasefire@skrul.com

[2012.04.04 10:10:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mea\AppData\Roaming\mozilla\Firefox\Profiles\l37kv09o.default\extensions\staged-xpis

[2011.01.29 10:54:17 | 000,000,873 | ---- | M] () -- C:\Users\Mea\AppData\Roaming\Mozilla\Firefox\Profiles\l37kv09o.default\searchplugins\conduit.xml

[2011.11.28 09:47:53 | 000,005,604 | ---- | M] () -- C:\Users\Mea\AppData\Roaming\Mozilla\Firefox\Profiles\l37kv09o.default\searchplugins\Linkury Smartbar Search.xml

[2012.02.07 01:28:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2010.09.23 21:50:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2010.11.07 06:20:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2011.01.02 13:09:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

[2011.07.01 00:08:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

[2011.06.04 03:40:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}

[2011.11.17 02:53:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

[2012.04.15 01:31:01 | 000,000,000 | ---D | M] (Java String Helper) -- C:\USERS\MEA\APPDATA\ROAMING\01030

[2011.11.17 02:53:01 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2011.03.22 20:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll

[2011.06.15 10:23:45 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml

[2011.06.15 10:23:45 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml

[2011.06.15 10:23:45 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml

[2011.06.15 10:23:45 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml

[2011.06.15 10:23:45 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

 
 ========== Chrome  ==========

 

CHR - default_search_provider: Linkury Smartbar Search (Enabled)

CHR - default_search_provider: search_url = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:5731629158&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com

CHR - default_search_provider: suggest_url = 

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\Mea\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\Mea\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Mea\AppData\Local\Google\Chrome\Application\18.0.1025.162\gcswf32.dll

CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Mea\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL

CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll

CHR - plugin: Winamp Application Detector (Disabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll

CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll

CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll

CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll

CHR - Extension: YouTube = C:\Users\Mea\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: Google-Suche = C:\Users\Mea\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: Google Mail = C:\Users\Mea\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

 

O1 HOSTS File: ([2012.02.16 22:54:42 | 000,617,079 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O1 - Hosts: 0.0.0.0 google-analytics.com

O1 - Hosts: 0.0.0.0 analytic.337.com/js/log.js

O1 - Hosts: 0.0.0.0 www.analytic.337.com/js/log.js

O1 - Hosts: 0.0.0.0 analytic.337.com

O1 - Hosts: 0.0.0.0 google-analytics.com/ga.js

O1 - Hosts: 0.0.0.0 www.google-analytics.com/ga.js

O1 - Hosts: 0.0.0.0 sb-ssl.google.com:443

O1 - Hosts: 0.0.0.0 www.sb-ssl.google.com:443

O1 - Hosts: 0.0.0.0 google.com:443

O1 - Hosts: 0.0.0.0 www.google.com:443

O1 - Hosts: 0.0.0.0 dl.google.com:443

O1 - Hosts: 0.0.0.0 www.dl.google.com:443

O1 - Hosts: 0.0.0.0 safebrowsing.clients.google.com

O1 - Hosts: 0.0.0.0 www.safebrowsing.clients.google.com

O1 - Hosts: 0.0.0.0 www.safebrowsing-cache.google.com

O1 - Hosts: 80.239.151.231 db1.rapidshare.com

O1 - Hosts: 80.239.151.232 db2.rapidshare.com

O1 - Hosts: 80.239.151.233 db3.rapidshare.com

O1 - Hosts: 80.239.151.234 db4.rapidshare.com

O1 - Hosts: 80.239.151.235 db5.rapidshare.com

O1 - Hosts: 80.239.151.253 games.rapidshare.com

O1 - Hosts: 80.239.151.251 images.rapidshare.com

O1 - Hosts: 80.239.151.240 images2.rapidshare.com

O1 - Hosts: 19824 more lines...

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [snp2std] C:\Windows\vsnp2std.exe (Sonix)

O4 - HKLM..\Run: [snpstd] C:\Windows\vsnpstd.exe ()

O4 - HKLM..\Run: [tsnp2std] C:\Windows\tsnp2std.exe ()

O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1

O8 - Extra context menu item: E&xport to Microsoft Excel - Reg Error: Value error. File not found

O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)

O9 - Extra Button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files\Fiddler2\Fiddler.exe (Eric Lawrence)

O9 - Extra 'Tools' menuitem : Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files\Fiddler2\Fiddler.exe (Eric Lawrence)

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)

O13 - gopher Prefix: missing

O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.68.161.141 217.68.161.171

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{55FA7A2A-1E45-4C56-8FB6-A5F32FCBF224}: DhcpNameServer = 217.68.161.141 217.68.161.171

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.04.19 12:55:44 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Mea\Desktop\OTL.exe

[2012.04.19 11:02:06 | 000,607,260 | ---- | C] (Swearware) -- C:\Users\Mea\Desktop\dds.com

[2012.04.18 11:23:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in

[2012.04.18 11:23:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft

[2012.04.15 04:41:06 | 000,000,000 | ---D | C] -- C:\Users\Mea\AppData\Roaming\UAs

[2012.04.15 03:57:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode

[2012.04.15 01:30:56 | 000,000,000 | ---D | C] -- C:\Users\Mea\AppData\Roaming\01030

[2012.04.15 01:30:35 | 000,000,000 | ---D | C] -- C:\Users\Mea\AppData\Roaming\xmldm

[2012.04.15 01:30:34 | 000,000,000 | ---D | C] -- C:\Users\Mea\AppData\Roaming\kock

[2012.04.11 16:31:54 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2012.04.11 16:31:53 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll

[2012.04.11 16:31:53 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2012.04.11 16:31:52 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2012.04.11 16:31:52 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2012.04.11 16:31:52 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2012.04.11 16:22:04 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe

[2012.04.11 16:22:04 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe

[2012.04.10 20:09:25 | 000,000,000 | ---D | C] -- C:\Users\Mea\AppData\Roaming\Roxio Log Files

[2012.04.10 02:50:48 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll

[2012.04.10 02:50:48 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll

[2012.04.10 02:50:47 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll

[2012.04.10 02:50:47 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll

[2012.04.10 02:50:46 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll

[2012.04.10 02:49:31 | 000,000,000 | ---D | C] -- C:\Users\Mea\Documents\VIDEO_TS

[2012.04.10 02:49:31 | 000,000,000 | ---D | C] -- C:\Users\Mea\Documents\Temp_DoNotDelete

[2012.04.10 02:49:31 | 000,000,000 | ---D | C] -- C:\Users\Mea\Documents\AUDIO_TS

[2012.04.10 02:23:06 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software

[2012.04.10 01:55:17 | 000,000,000 | ---D | C] -- C:\Users\Mea\Documents\NeroVision

[2012.03.30 18:35:57 | 000,025,088 | ---- | C] (TeamViewer GmbH) -- C:\Windows\System32\drivers\teamviewervpn.sys

[2012.03.30 11:05:58 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe

[2012.03.30 10:31:29 | 000,000,000 | ---D | C] -- C:\Users\Mea\Desktop\Downs

[2012.03.21 12:58:22 | 000,000,000 | ---D | C] -- C:\Users\Mea\AppData\Roaming\mkvtoolnix

[2 C:\Users\Mea\*.tmp files -> C:\Users\Mea\*.tmp -> ]

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[1 C:\Users\Mea\Desktop\*.tmp files -> C:\Users\Mea\Desktop\*.tmp -> ]

[1 C:\Users\Mea\AppData\Roaming\*.tmp files -> C:\Users\Mea\AppData\Roaming\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.04.19 12:55:45 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Mea\Desktop\OTL.exe

[2012.04.19 12:31:25 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1574621958-3227621298-3541141642-1001UA.job

[2012.04.19 12:17:00 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2012.04.19 12:13:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012.04.19 11:51:32 | 000,018,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012.04.19 11:51:32 | 000,018,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012.04.19 11:35:46 | 000,759,546 | ---- | M] () -- C:\Windows\System32\perfh007.dat

[2012.04.19 11:35:46 | 000,703,796 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2012.04.19 11:35:46 | 000,169,456 | ---- | M] () -- C:\Windows\System32\perfc007.dat

[2012.04.19 11:35:46 | 000,137,544 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2012.04.19 11:34:51 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012.04.19 11:31:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.04.19 11:31:06 | 2589,319,168 | -HS- | M] () -- C:\hiberfil.sys

[2012.04.19 11:02:06 | 000,607,260 | ---- | M] (Swearware) -- C:\Users\Mea\Desktop\dds.com

[2012.04.19 10:59:41 | 000,000,156 | ---- | M] () -- C:\Users\Mea\defogger_reenable

[2012.04.19 10:58:48 | 000,050,477 | ---- | M] () -- C:\Users\Mea\Desktop\Defogger.exe

[2012.04.18 22:31:00 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1574621958-3227621298-3541141642-1001Core.job

[2012.04.18 12:06:42 | 000,007,625 | ---- | M] () -- C:\Users\Mea\AppData\Local\resmon.resmoncfg

[2012.04.17 13:36:35 | 000,000,023 | ---- | M] () -- C:\Users\Mea\AppData\Roaming\urhtps.dat

[2012.04.16 11:34:09 | 000,226,792 | ---- | M] () -- C:\Users\Mea\AppData\Roaming\AcroIEHelpe104.dll

[2012.04.16 11:34:09 | 000,007,368 | ---- | M] () -- C:\Users\Mea\AppData\Roaming\BAcroIEHelpe104.dll

[2012.04.16 09:43:19 | 000,000,016 | ---- | M] () -- C:\Users\Mea\AppData\Roaming\blckdom.res

[2012.04.15 03:57:01 | 000,000,989 | ---- | M] () -- C:\Users\Public\Desktop\XMedia Recode.lnk

[2012.04.05 12:03:34 | 000,086,870 | ---- | M] () -- C:\Users\Mea\Documents\yrBestellung.pdf

[2012.04.05 12:02:16 | 000,397,225 | ---- | M] () -- C:\Users\Mea\Documents\Arcor UMS HTML E-Mail lesen.mht

[2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2012.03.30 11:05:58 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe

[2012.03.30 11:05:58 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2012.03.28 15:19:30 | 000,000,040 | ---- | M] () -- C:\Users\Public\Documents\_rgpl

[2012.03.27 22:33:46 | 000,025,294 | ---- | M] () -- C:\Users\Mea\Documents\password-export-2012-03-27.xml

[2 C:\Users\Mea\*.tmp files -> C:\Users\Mea\*.tmp -> ]

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[1 C:\Users\Mea\Desktop\*.tmp files -> C:\Users\Mea\Desktop\*.tmp -> ]

[1 C:\Users\Mea\AppData\Roaming\*.tmp files -> C:\Users\Mea\AppData\Roaming\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012.04.19 10:59:39 | 000,000,156 | ---- | C] () -- C:\Users\Mea\defogger_reenable

[2012.04.19 10:58:48 | 000,050,477 | ---- | C] () -- C:\Users\Mea\Desktop\Defogger.exe

[2012.04.17 13:36:35 | 000,000,023 | ---- | C] () -- C:\Users\Mea\AppData\Roaming\urhtps.dat

[2012.04.16 11:34:09 | 000,226,792 | ---- | C] () -- C:\Users\Mea\AppData\Roaming\AcroIEHelpe104.dll

[2012.04.16 11:34:09 | 000,007,368 | ---- | C] () -- C:\Users\Mea\AppData\Roaming\BAcroIEHelpe104.dll

[2012.04.15 03:57:01 | 000,000,989 | ---- | C] () -- C:\Users\Public\Desktop\XMedia Recode.lnk

[2012.04.15 01:30:52 | 000,000,016 | ---- | C] () -- C:\Users\Mea\AppData\Roaming\blckdom.res

[2012.04.05 12:03:33 | 000,086,870 | ---- | C] () -- C:\Users\Mea\Documents\yrBestellung.pdf

[2012.04.05 12:02:03 | 000,397,225 | ---- | C] () -- C:\Users\Mea\Documents\Arcor UMS HTML E-Mail lesen.mht

[2012.03.30 18:36:04 | 000,001,096 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk

[2012.03.30 11:06:00 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012.03.28 15:19:30 | 000,000,040 | ---- | C] () -- C:\Users\Public\Documents\_rgpl

[2012.03.27 22:33:46 | 000,025,294 | ---- | C] () -- C:\Users\Mea\Documents\password-export-2012-03-27.xml

[2012.03.02 22:13:42 | 000,270,336 | ---- | C] () -- C:\Windows\tsnp2std.exe

[2012.03.02 22:13:42 | 000,020,480 | ---- | C] () -- C:\Windows\FixCamera.exe

[2012.03.02 22:13:40 | 000,077,824 | ---- | C] ( ) -- C:\Windows\System32\csnp2std.dll

[2011.12.18 10:18:50 | 000,007,168 | ---- | C] () -- C:\Users\Mea\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011.04.07 23:54:14 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe

[2011.03.01 20:32:15 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2011.02.11 18:40:40 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll

[2011.02.04 23:42:48 | 000,007,625 | ---- | C] () -- C:\Users\Mea\AppData\Local\resmon.resmoncfg

[2010.09.01 04:04:36 | 000,048,640 | ---- | C] () -- C:\Windows\System32\libfdnvin.dll

[2010.09.01 04:04:36 | 000,048,640 | ---- | C] () -- C:\Windows\System32\fdnvin.dll

[2010.08.10 09:16:00 | 000,022,236 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat

[2010.08.09 03:06:34 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll

[2010.06.25 19:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll

[2010.04.21 18:08:14 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin

[2010.04.21 18:08:14 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin

[2010.04.21 18:08:14 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin

[2010.04.21 17:29:46 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
 

< End of report >

--- --- ---

OTL Logfile:

Code:

OTL Extras logfile created on: 19.04.2012 12:57:58 - Run 1

OTL by OldTimer - Version 3.2.40.0     Folder = C:\Users\Mea\Desktop

 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,22 Gb Total Physical Memory | 1,58 Gb Available Physical Memory | 49,13% Memory free

6,43 Gb Paging File | 4,65 Gb Available in Paging File | 72,39% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 195,21 Gb Total Space | 57,15 Gb Free Space | 29,28% Space Free | Partition Type: NTFS

Drive D: | 270,45 Gb Total Space | 39,34 Gb Free Space | 14,55% Space Free | Partition Type: NTFS

 

Computer Name: THE_NEW | User Name: Mea | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

.js [@ = UltraEdit.js] -- Reg Error: Key error. File not found

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)

Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)

Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\Free Music Zilla\FMZilla.exe" = C:\Program Files\Free Music Zilla\FMZilla.exe:*:Enabled:FMZilla -- ()

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi

"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources

"{02FCAA8F-59D3-4198-822E-135C61EE4F0B}" = NeroKwikMedia Help (CHM)

"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11

"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion

"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3

"{08600005-5228-4BF6-845E-E9A957AFDCB4}" = OviMPlatform

"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting

"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)

"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11

"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)

"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin

"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser

"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client

"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F7D9F37-C39C-486C-BDF8-8F440FFB3352}" = Nero Kwik Media

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service

"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10

"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29

"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10 Platinum HD

"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3

"{2B4E24A0-A06F-488D-87D8-16738E5E1104}" = Windows Live Family Safety

"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)

"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)

"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10

"{36ABE32F-D7D4-4A5E-AADD-589F506B1B50}" = Nokia Ovi Suite

"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack

"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll

"{42C8B7DF-FEB0-4D51-B169-506B6BEC5797}" = Nero 10 Menu TemplatePack 1

"{43B6667D-7520-4186-B05B-F5C0494C495D}" = UltraEdit-32

"{43FBAB46-5969-4200-9958-1FF81FEE506F}" = Nero 10 Kwik Themes 1

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4E7F7318-F34F-4AD8-952A-F85D39C862F4}" = Charles 3.6.1

"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)

"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)

"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3

"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)

"{58CB9A9A-1EFB-4EA8-B50C-3097E754AC21}" = High-Definition Video Playback

"{5F548A02-80BC-404D-BAE6-F05F9BF6B449}" = Nero DiscCopyGadget 10 Help (CHM)

"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant

"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic

"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update

"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10

"{69916AD2-3710-4C86-895E-8F475290AA64}" = Ovi Desktop Sync Engine

"{69fc3b9a-4149-43db-a557-6ed0c8d8ba44}" = Nero MediaHome 4 Help

"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All

"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files

"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash

"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2

"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10

"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3

"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10

"{70F19404-B96C-4EBB-AD2B-3574F8736197}" = Nero 10 Kwik Themes 2

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7130468A-F53F-4698-8C09-A339EA3B05E6}" = Nokia Software Updater

"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings

"{75157F34-02C6-4831-BD66-3BC49E7A8394}" = BlackBerry Desktop Software 6.1

"{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = Hama Webcam Metal Pro

"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core

"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)

"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10

"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer

"{85BEC8F6-9AA3-43FF-B56B-8276277137B3}" = Nero 10 Video TransitionPack 1

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger

"{879D5454-1A5E-4F3F-8DCC-69FBE95D0647}" = Adobe Setup

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support

"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10

"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007

"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007

"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3

"{92146419-AE44-4C8B-A48B-0ABB1B5EC026}" = Nero 10 Menu TemplatePack 3

"{92A10E9D-EA00-4A46-8F22-EEA660992D61}" = Nero 10 Sample Videos

"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)

"{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}" = Nero DiscCopy Gadget 10

"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195

"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{96ED4B78-300E-4033-AE6C-C115CEB4DF07}" = Nero 10 ClipartPack

"{99ef387e-633e-4cfb-bfa3-ab961b685ddf}" = Nero MediaHome 4

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10

"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3

"{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution

"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps

"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific

"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver

"{A70B0C7B-3527-4D53-A694-E9492ECE9EE1}" = Nero 10 Kwik Themes 4

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5

"{aa8d62e8-bbdd-45a0-873f-3a4c388c9601}" = Nero MediaHome 4 Essentials

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings

"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch

"{ACD15FDF-FC42-4175-B477-576F92FF2256}" = Nero 10 Sample ImagePack

"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh

"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86

"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11

"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center

"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3

"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3

"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter

"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3

"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11

"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)

"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common

"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2

"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)

"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10

"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections

"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3

"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CFA368B3-59C8-4EF5-83A0-39DF46588030}" = Adobe Creative Suite 3 Web Premium

"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)

"{D0D14551-3A2D-433B-861F-F4DCE5422759}" = Nokia PC Suite

"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client

"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files

"{D3C605D8-3A5E-4BAD-965D-2C61441BF2AC}" = Adobe Photoshop CS3

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)

"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings

"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)

"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade

"{DD238642-14C7-4D54-8BD7-FAD6DEA9999B}" = Nero 10 Kwik Themes 3

"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10

"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10

"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3

"{E712C273-7564-4C8E-AA59-0FA19BC35117}" = Nero 10 Menu TemplatePack 2

"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer

"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger

"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10

"{EF3A4DAE-F16F-4AC1-87BB-FE00A784084F}" = Nero 10 PiP EffectPack 1

"{EFE4AB7D-4E94-441B-9A86-98E69E37567B}" = Nero Burning ROM 11

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter

"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5

"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10

"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety

"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic

"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)

"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10

"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials

"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10

"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)

"5513-1208-7298-9440" = JDownloader 0.9

"72A50F48CC5601190B9C4E74D81161693133E7F7" = Windows-Treiberpaket - Nokia Modem  (02/25/2011 7.01.0.9)

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe_b0efd5c6e27241b2a2a88dbddd25245" = Adobe Creative Suite 3 Web Premium hinzufügen oder entfernen

"Avira AntiVir Desktop" = Avira Free Antivirus

"BlackBerry_Desktop" = BlackBerry Desktop Software 6.1

"CCleaner" = CCleaner

"Cheat Engine 6.1_is1" = Cheat Engine 6.1

"CyberGhost VPN_is1" = CyberGhost VPN Patch 4.7.18

"DAEMON Tools Lite" = DAEMON Tools Lite

"DivX Setup" = DivX-Setup

"E0AC723A3DE3A04256288CADBBB011B112AED454" = Windows-Treiberpaket - Nokia Modem  (02/25/2011 4.7)

"ENTERPRISE" = Microsoft Office Enterprise 2007

"Fiddler2" = Fiddler2

"FiddlerSyntaxAddons" = Fiddler Syntax-Highlighting Addons

"Free AVI Video Converter_is1" = Free AVI Video Converter version 5.0.7.403

"Free DVD Video Burner_is1" = Free DVD Video Burner version 3.1.4.403

"Free FLV Converter_is1" = Free FLV Converter V 7.3.0

"Free Music Zilla_is1" = Free Music Zilla

"Free Video to DVD Converter_is1" = Free Video to DVD Converter version 5.0.6.221

"Free YouTube Download_is1" = Free YouTube Download version 3.0.13.815

"FTP-Commander Standard (FreeWare)_is1" = FTP-Commander Standard 7.0 (FreeWare)

"Inno Setup 5_is1" = Inno Setup Version 5.3.9

"JAP" = JAP

"LinuxLive USB Creator" = LinuxLive USB Creator

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400

"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack

"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)

"Nokia Ovi Suite" = Nokia Ovi Suite

"Nokia PC Suite" = Nokia PC Suite

"NVIDIA Display Control Panel" = NVIDIA Display Control Panel

"NVIDIA Drivers" = NVIDIA Drivers

"PDFDrucker_is1" = PDFDrucker sponsored by ebuero

"TeamViewer 7" = TeamViewer 7

"VLC media player" = VLC media player 1.1.5

"Winamp" = Winamp

"WinLiveSuite" = Windows Live Essentials

"WinPcapInst" = WinPcap 4.1.2

"WinRAR archiver" = WinRAR

"Wireshark" = Wireshark 1.4.0

"XMedia Recode" = XMedia Recode 3.0.9.0

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Google Chrome" = Google Chrome

"Winamp Detect" = Winamp Erkennungs-Plug-in

 
 ========== Last 10 Event Log Errors ==========

 

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

 

< End of report >

--- --- ---

Guten Abend Chris,

erstmal der Scan von TDSS:

Code:

 21:41:19.0950 5236        TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:43

21:41:20.0106 5236        ============================================================

21:41:20.0106 5236        Current date / time: 2012/04/26 21:41:20.0106

21:41:20.0106 5236        SystemInfo:

21:41:20.0106 5236        

21:41:20.0106 5236        OS Version: 6.1.7601 ServicePack: 1.0

21:41:20.0106 5236        Product type: Workstation

21:41:20.0106 5236        ComputerName: THE_NEW

21:41:20.0106 5236        UserName: Mea

21:41:20.0106 5236        Windows directory: C:\Windows

21:41:20.0106 5236        System windows directory: C:\Windows

21:41:20.0106 5236        Processor architecture: Intel x86

21:41:20.0106 5236        Number of processors: 2

21:41:20.0106 5236        Page size: 0x1000

21:41:20.0106 5236        Boot type: Normal boot

21:41:20.0106 5236        ============================================================

21:41:22.0149 5236        Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050

21:41:22.0165 5236        ============================================================

21:41:22.0165 5236        \Device\Harddisk0\DR0:

21:41:22.0165 5236        MBR partitions:

21:41:22.0165 5236        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3282C, BlocksNum 0x1866DAF4

21:41:22.0165 5236        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x186A0800, BlocksNum 0x21CE4800

21:41:22.0165 5236        ============================================================

21:41:22.0258 5236        C: <-> \Device\Harddisk0\DR0\Partition0

21:41:22.0305 5236        D: <-> \Device\Harddisk0\DR0\Partition1

21:41:22.0305 5236        ============================================================

21:41:22.0305 5236        Initialize success

21:41:22.0305 5236        ============================================================

21:41:38.0872 0792        ============================================================

21:41:38.0872 0792        Scan started

21:41:38.0872 0792        Mode: Manual; SigCheck; TDLFS; 

21:41:38.0872 0792        ============================================================

21:41:41.0010 0792        1394ohci        (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys

21:41:41.0134 0792        1394ohci - ok

21:41:41.0166 0792        ACPI            (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys

21:41:41.0181 0792        ACPI - ok

21:41:41.0197 0792        AcpiPmi         (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys

21:41:41.0259 0792        AcpiPmi - ok

21:41:41.0368 0792        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

21:41:41.0384 0792        AdobeARMservice - ok

21:41:41.0478 0792        AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

21:41:41.0478 0792        AdobeFlashPlayerUpdateSvc - ok

21:41:41.0540 0792        adp94xx         (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys

21:41:41.0556 0792        adp94xx - ok

21:41:41.0571 0792        adpahci         (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys

21:41:41.0602 0792        adpahci - ok

21:41:41.0618 0792        adpu320         (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys

21:41:41.0649 0792        adpu320 - ok

21:41:41.0680 0792        AeLookupSvc     (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll

21:41:41.0727 0792        AeLookupSvc - ok

21:41:41.0774 0792        AFD             (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys

21:41:41.0805 0792        AFD - ok

21:41:41.0836 0792        agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys

21:41:41.0852 0792        agp440 - ok

21:41:41.0883 0792        aic78xx         (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys

21:41:41.0914 0792        aic78xx - ok

21:41:41.0946 0792        ALG             (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe

21:41:41.0992 0792        ALG - ok

21:41:42.0024 0792        aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys

21:41:42.0039 0792        aliide - ok

21:41:42.0070 0792        amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys

21:41:42.0102 0792        amdagp - ok

21:41:42.0102 0792        amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys

21:41:42.0117 0792        amdide - ok

21:41:42.0164 0792        AmdK8           (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys

21:41:42.0226 0792        AmdK8 - ok

21:41:42.0226 0792        AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys

21:41:42.0273 0792        AmdPPM - ok

21:41:42.0320 0792        amdsata         (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys

21:41:42.0336 0792        amdsata - ok

21:41:42.0351 0792        amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys

21:41:42.0367 0792        amdsbs - ok

21:41:42.0398 0792        amdxata         (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys

21:41:42.0414 0792        amdxata - ok

21:41:42.0492 0792        AntiVirSchedulerService (a122d68ea2541453f787f341877cb40b) C:\Program Files\Avira\AntiVir Desktop\sched.exe

21:41:42.0523 0792        AntiVirSchedulerService - ok

21:41:42.0538 0792        AntiVirService  (2fe359edeb34efcf42574752f8aebd3f) C:\Program Files\Avira\AntiVir Desktop\avguard.exe

21:41:42.0554 0792        AntiVirService - ok

21:41:42.0616 0792        AppHostSvc      (d1af38fbac0dc7e6d796b0ed01707ee0) C:\Windows\system32\inetsrv\apphostsvc.dll

21:41:42.0663 0792        AppHostSvc - ok

21:41:42.0710 0792        AppID           (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys

21:41:42.0788 0792        AppID - ok

21:41:42.0835 0792        AppIDSvc        (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll

21:41:42.0882 0792        AppIDSvc - ok

21:41:42.0913 0792        Appinfo         (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll

21:41:42.0975 0792        Appinfo - ok

21:41:43.0022 0792        AppMgmt         (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll

21:41:43.0084 0792        AppMgmt - ok

21:41:43.0116 0792        arc             (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys

21:41:43.0147 0792        arc - ok

21:41:43.0162 0792        arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys

21:41:43.0194 0792        arcsas - ok

21:41:43.0318 0792        aspnet_state    (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

21:41:43.0334 0792        aspnet_state - ok

21:41:43.0350 0792        AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys

21:41:43.0474 0792        AsyncMac - ok

21:41:43.0506 0792        atapi           (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys

21:41:43.0506 0792        atapi - ok

21:41:43.0584 0792        AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll

21:41:43.0615 0792        AudioEndpointBuilder - ok

21:41:43.0615 0792        Audiosrv        (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll

21:41:43.0646 0792        Audiosrv - ok

21:41:43.0677 0792        avgntflt        (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys

21:41:43.0911 0792        avgntflt - ok

21:41:44.0020 0792        avipbb          (13b02b9b969dde270cd7c351203dad3c) C:\Windows\system32\DRIVERS\avipbb.sys

21:41:44.0036 0792        avipbb - ok

21:41:44.0052 0792        avkmgr          (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys

21:41:44.0052 0792        avkmgr - ok

21:41:44.0098 0792        AxInstSV        (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll

21:41:44.0145 0792        AxInstSV - ok

21:41:44.0176 0792        b06bdrv         (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys

21:41:44.0223 0792        b06bdrv - ok

21:41:44.0239 0792        b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys

21:41:44.0286 0792        b57nd60x - ok

21:41:44.0348 0792        BDESVC          (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll

21:41:44.0395 0792        BDESVC - ok

21:41:44.0426 0792        Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys

21:41:44.0488 0792        Beep - ok

21:41:44.0551 0792        BFE             (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll

21:41:44.0598 0792        BFE - ok

21:41:44.0644 0792        BITS            (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll

21:41:44.0691 0792        BITS - ok

21:41:44.0722 0792        blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys

21:41:44.0769 0792        blbdrive - ok

21:41:44.0847 0792        Bonjour Service (73686fe0b2e0469f89fd2075be724704) C:\Program Files\Bonjour\mDNSResponder.exe

21:41:44.0878 0792        Bonjour Service ( UnsignedFile.Multi.Generic ) - warning

21:41:44.0878 0792        Bonjour Service - detected UnsignedFile.Multi.Generic (1)

21:41:44.0925 0792        bowser          (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys

21:41:44.0972 0792        bowser - ok

21:41:45.0034 0792        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys

21:41:45.0097 0792        BrFiltLo - ok

21:41:45.0128 0792        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys

21:41:45.0159 0792        BrFiltUp - ok

21:41:45.0190 0792        Browser         (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll

21:41:45.0253 0792        Browser - ok

21:41:45.0502 0792        Brserid         (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys

21:41:45.0580 0792        Brserid - ok

21:41:45.0580 0792        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys

21:41:45.0596 0792        BrSerWdm - ok

21:41:45.0612 0792        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys

21:41:45.0643 0792        BrUsbMdm - ok

21:41:45.0643 0792        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys

21:41:45.0690 0792        BrUsbSer - ok

21:41:45.0736 0792        BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys

21:41:45.0783 0792        BTHMODEM - ok

21:41:45.0814 0792        bthserv         (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll

21:41:45.0846 0792        bthserv - ok

21:41:45.0877 0792        BVRPMPR5        (248dfa5762dde38dfddbbd44149e9d7a) C:\Windows\system32\drivers\BVRPMPR5.SYS

21:41:45.0892 0792        BVRPMPR5 ( UnsignedFile.Multi.Generic ) - warning

21:41:45.0892 0792        BVRPMPR5 - detected UnsignedFile.Multi.Generic (1)

21:41:45.0955 0792        cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys

21:41:46.0002 0792        cdfs - ok

21:41:46.0080 0792        cdrom           (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys

21:41:46.0111 0792        cdrom - ok

21:41:46.0142 0792        CertPropSvc     (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll

21:41:46.0173 0792        CertPropSvc - ok

21:41:46.0329 0792        CGVPNCliSrvc    (8fa3860fa448ccf9eae4de6bef190735) C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe

21:41:46.0407 0792        CGVPNCliSrvc - ok

21:41:46.0532 0792        circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys

21:41:46.0579 0792        circlass - ok

21:41:46.0610 0792        CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys

21:41:46.0626 0792        CLFS - ok

21:41:46.0688 0792        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

21:41:46.0735 0792        clr_optimization_v2.0.50727_32 - ok

21:41:46.0782 0792        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

21:41:46.0828 0792        clr_optimization_v4.0.30319_32 - ok

21:41:46.0860 0792        CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys

21:41:46.0906 0792        CmBatt - ok

21:41:46.0922 0792        cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys

21:41:46.0938 0792        cmdide - ok

21:41:46.0984 0792        CNG             (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys

21:41:47.0016 0792        CNG - ok

21:41:47.0031 0792        Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys

21:41:47.0047 0792        Compbatt - ok

21:41:47.0078 0792        CompositeBus    (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys

21:41:47.0109 0792        CompositeBus - ok

21:41:47.0125 0792        COMSysApp - ok

21:41:47.0140 0792        crcdisk         (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys

21:41:47.0156 0792        crcdisk - ok

21:41:47.0187 0792        CryptSvc        (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll

21:41:47.0218 0792        CryptSvc - ok

21:41:47.0250 0792        CSC             (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys

21:41:47.0312 0792        CSC - ok

21:41:47.0343 0792        CscService      (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll

21:41:47.0374 0792        CscService - ok

21:41:47.0406 0792        DcomLaunch      (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll

21:41:47.0437 0792        DcomLaunch - ok

21:41:47.0468 0792        defragsvc       (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll

21:41:47.0484 0792        defragsvc - ok

21:41:47.0562 0792        DfsC            (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys

21:41:47.0624 0792        DfsC - ok

21:41:47.0655 0792        Dhcp            (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll

21:41:47.0686 0792        Dhcp - ok

21:41:47.0718 0792        discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys

21:41:47.0780 0792        discache - ok

21:41:47.0811 0792        Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys

21:41:47.0827 0792        Disk - ok

21:41:47.0858 0792        Dnscache        (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll

21:41:47.0920 0792        Dnscache - ok

21:41:47.0952 0792        dot3svc         (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll

21:41:47.0998 0792        dot3svc - ok

21:41:48.0014 0792        DPS             (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll

21:41:48.0076 0792        DPS - ok

21:41:48.0123 0792        drmkaud         (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys

21:41:48.0170 0792        drmkaud - ok

21:41:48.0201 0792        dtsoftbus01     (fb38473835476a6fb272215a1d972af9) C:\Windows\system32\DRIVERS\dtsoftbus01.sys

21:41:48.0232 0792        dtsoftbus01 - ok

21:41:48.0279 0792        DXGKrnl         (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys

21:41:48.0310 0792        DXGKrnl - ok

21:41:48.0342 0792        EapHost         (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll

21:41:48.0388 0792        EapHost - ok

21:41:48.0498 0792        ebdrv           (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys

21:41:48.0591 0792        ebdrv - ok

21:41:48.0700 0792        EFS             (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe

21:41:48.0747 0792        EFS - ok

21:41:48.0810 0792        elxstor         (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys

21:41:48.0856 0792        elxstor - ok

21:41:48.0919 0792        ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys

21:41:48.0966 0792        ErrDev - ok

21:41:49.0044 0792        EventSystem     (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll

21:41:49.0122 0792        EventSystem - ok

21:41:49.0153 0792        exfat           (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys

21:41:49.0184 0792        exfat - ok

21:41:49.0200 0792        fastfat         (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys

21:41:49.0231 0792        fastfat - ok

21:41:49.0293 0792        Fax             (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe

21:41:49.0356 0792        Fax - ok

21:41:49.0371 0792        fdc             (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys

21:41:49.0387 0792        fdc - ok

21:41:49.0418 0792        fdPHost         (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll

21:41:49.0465 0792        fdPHost - ok

21:41:49.0480 0792        FDResPub        (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll

21:41:49.0512 0792        FDResPub - ok

21:41:49.0543 0792        FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys

21:41:49.0543 0792        FileInfo - ok

21:41:49.0558 0792        Filetrace       (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys

21:41:49.0590 0792        Filetrace - ok

21:41:49.0699 0792        FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

21:41:49.0777 0792        FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning

21:41:49.0777 0792        FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)

21:41:49.0808 0792        flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys

21:41:49.0855 0792        flpydisk - ok

21:41:49.0886 0792        FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys

21:41:49.0902 0792        FltMgr - ok

21:41:49.0948 0792        FontCache       (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll

21:41:49.0980 0792        FontCache - ok

21:41:50.0089 0792        FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

21:41:50.0136 0792        FontCache3.0.0.0 - ok

21:41:50.0167 0792        FsDepends       (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys

21:41:50.0182 0792        FsDepends - ok

21:41:50.0214 0792        fssfltr         (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys

21:41:50.0214 0792        fssfltr - ok

21:41:50.0323 0792        fsssvc          (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files\Windows Live\Family Safety\fsssvc.exe

21:41:50.0401 0792        fsssvc - ok

21:41:50.0494 0792        Fs_Rec          (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys

21:41:50.0541 0792        Fs_Rec - ok

21:41:50.0588 0792        fvevol          (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys

21:41:50.0619 0792        fvevol - ok

21:41:50.0650 0792        gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys

21:41:50.0682 0792        gagp30kx - ok

21:41:50.0728 0792        gpsvc           (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll

21:41:50.0806 0792        gpsvc - ok

21:41:50.0900 0792        gupdate         (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe

21:41:50.0916 0792        gupdate - ok

21:41:50.0931 0792        gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe

21:41:50.0931 0792        gupdatem - ok

21:41:51.0025 0792        hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys

21:41:51.0212 0792        hcw85cir - ok

21:41:51.0399 0792        HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys

21:41:51.0430 0792        HdAudAddService - ok

21:41:51.0446 0792        HDAudBus        (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys

21:41:51.0477 0792        HDAudBus - ok

21:41:51.0493 0792        HidBatt         (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys

21:41:51.0508 0792        HidBatt - ok

21:41:51.0524 0792        HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys

21:41:51.0555 0792        HidBth - ok

21:41:51.0586 0792        HidIr           (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys

21:41:51.0649 0792        HidIr - ok

21:41:51.0680 0792        hidserv         (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll

21:41:51.0742 0792        hidserv - ok

21:41:51.0774 0792        HidUsb          (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys

21:41:51.0789 0792        HidUsb - ok

21:41:51.0820 0792        hkmsvc          (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll

21:41:51.0914 0792        hkmsvc - ok

21:41:51.0945 0792        HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll

21:41:52.0008 0792        HomeGroupListener - ok

21:41:52.0023 0792        HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll

21:41:52.0086 0792        HomeGroupProvider - ok

21:41:52.0132 0792        HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys

21:41:52.0148 0792        HpSAMD - ok

21:41:52.0195 0792        HTTP            (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys

21:41:52.0210 0792        HTTP - ok

21:41:52.0242 0792        hwpolicy        (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys

21:41:52.0257 0792        hwpolicy - ok

21:41:52.0288 0792        i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys

21:41:52.0304 0792        i8042prt - ok

21:41:52.0351 0792        iaStorV         (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys

21:41:52.0382 0792        iaStorV - ok

21:41:52.0476 0792        IDriverT        (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

21:41:52.0507 0792        IDriverT ( UnsignedFile.Multi.Generic ) - warning

21:41:52.0507 0792        IDriverT - detected UnsignedFile.Multi.Generic (1)

21:41:52.0616 0792        idsvc           (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

21:41:52.0663 0792        idsvc - ok

21:41:52.0944 0792        igfx            (dce0b53570703cce580d066f89ef58cd) C:\Windows\system32\DRIVERS\igdkmd32.sys

21:41:53.0178 0792        igfx - ok

21:41:53.0287 0792        iirsp           (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys

21:41:53.0302 0792        iirsp - ok

21:41:53.0349 0792        IKEEXT          (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll

21:41:53.0427 0792        IKEEXT - ok

21:41:53.0458 0792        intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys

21:41:53.0474 0792        intelide - ok

21:41:53.0490 0792        intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys

21:41:53.0521 0792        intelppm - ok

21:41:53.0552 0792        IPBusEnum       (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll

21:41:53.0599 0792        IPBusEnum - ok

21:41:53.0614 0792        IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys

21:41:53.0661 0792        IpFilterDriver - ok

21:41:53.0708 0792        iphlpsvc        (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll

21:41:53.0739 0792        iphlpsvc - ok

21:41:53.0770 0792        IPMIDRV         (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys

21:41:53.0802 0792        IPMIDRV - ok

21:41:53.0817 0792        IPNAT           (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys

21:41:53.0864 0792        IPNAT - ok

21:41:53.0958 0792        IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys

21:41:54.0020 0792        IRENUM - ok

21:41:54.0036 0792        isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys

21:41:54.0051 0792        isapnp - ok

21:41:54.0082 0792        iScsiPrt        (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys

21:41:54.0114 0792        iScsiPrt - ok

21:41:54.0129 0792        kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys

21:41:54.0145 0792        kbdclass - ok

21:41:54.0160 0792        kbdhid          (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys

21:41:54.0192 0792        kbdhid - ok

21:41:54.0223 0792        KeyIso          (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

21:41:54.0238 0792        KeyIso - ok

21:41:54.0254 0792        KSecDD          (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys

21:41:54.0254 0792        KSecDD - ok

21:41:54.0270 0792        KSecPkg         (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys

21:41:54.0285 0792        KSecPkg - ok

21:41:54.0301 0792        KtmRm           (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll

21:41:54.0348 0792        KtmRm - ok

21:41:54.0379 0792        LanmanServer    (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll

21:41:54.0426 0792        LanmanServer - ok

21:41:54.0457 0792        LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll

21:41:54.0488 0792        LanmanWorkstation - ok

21:41:55.0003 0792        lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys

21:41:55.0050 0792        lltdio - ok

21:41:55.0081 0792        lltdsvc         (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll

21:41:55.0112 0792        lltdsvc - ok

21:41:55.0112 0792        lmhosts         (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll

21:41:55.0143 0792        lmhosts - ok

21:41:55.0174 0792        LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys

21:41:55.0221 0792        LSI_FC - ok

21:41:55.0455 0792        LSI_SAS         (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys

21:41:55.0486 0792        LSI_SAS - ok

21:41:55.0502 0792        LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys

21:41:55.0533 0792        LSI_SAS2 - ok

21:41:55.0549 0792        LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys

21:41:55.0564 0792        LSI_SCSI - ok

21:41:55.0580 0792        luafv           (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys

21:41:55.0596 0792        luafv - ok

21:41:55.0611 0792        massfilter - ok

21:41:55.0627 0792        megasas         (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys

21:41:55.0642 0792        megasas - ok

21:41:55.0658 0792        MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys

21:41:55.0674 0792        MegaSR - ok

21:41:55.0752 0792        Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe

21:41:55.0767 0792        Microsoft Office Groove Audit Service - ok

21:41:55.0798 0792        MMCSS           (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll

21:41:55.0830 0792        MMCSS - ok

21:41:55.0845 0792        Modem           (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys

21:41:55.0876 0792        Modem - ok

21:41:55.0908 0792        monitor         (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys

21:41:55.0923 0792        monitor - ok

21:41:55.0970 0792        mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys

21:41:55.0986 0792        mouclass - ok

21:41:56.0017 0792        mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys

21:41:56.0048 0792        mouhid - ok

21:41:56.0064 0792        mountmgr        (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys

21:41:56.0079 0792        mountmgr - ok

21:41:56.0110 0792        mpio            (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys

21:41:56.0126 0792        mpio - ok

21:41:56.0142 0792        mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys

21:41:56.0173 0792        mpsdrv - ok

21:41:56.0204 0792        MpsSvc          (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll

21:41:56.0251 0792        MpsSvc - ok

21:41:56.0282 0792        MRxDAV          (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys

21:41:56.0298 0792        MRxDAV - ok

21:41:56.0344 0792        mrxsmb          (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys

21:41:56.0376 0792        mrxsmb - ok

21:41:56.0500 0792        mrxsmb10        (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys

21:41:56.0516 0792        mrxsmb10 - ok

21:41:56.0532 0792        mrxsmb20        (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys

21:41:56.0563 0792        mrxsmb20 - ok

21:41:56.0578 0792        msahci          (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys

21:41:56.0594 0792        msahci - ok

21:41:56.0625 0792        msdsm           (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys

21:41:56.0656 0792        msdsm - ok

21:41:56.0672 0792        MSDTC           (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe

21:41:56.0703 0792        MSDTC - ok

21:41:56.0734 0792        Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys

21:41:56.0750 0792        Msfs - ok

21:41:56.0766 0792        mshidkmdf       (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys

21:41:56.0797 0792        mshidkmdf - ok

21:41:56.0812 0792        msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys

21:41:56.0828 0792        msisadrv - ok

21:41:56.0844 0792        MSiSCSI         (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll

21:41:56.0890 0792        MSiSCSI - ok

21:41:56.0890 0792        msiserver - ok

21:41:56.0906 0792        MSKSSRV         (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys

21:41:56.0953 0792        MSKSSRV - ok

21:41:56.0968 0792        MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys

21:41:57.0015 0792        MSPCLOCK - ok

21:41:57.0031 0792        MSPQM           (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys

21:41:57.0062 0792        MSPQM - ok

21:41:57.0078 0792        MsRPC           (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys

21:41:57.0093 0792        MsRPC - ok

21:41:57.0124 0792        mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys

21:41:57.0124 0792        mssmbios - ok

21:41:57.0140 0792        MSTEE           (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys

21:41:57.0171 0792        MSTEE - ok

21:41:57.0171 0792        MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys

21:41:57.0187 0792        MTConfig - ok

21:41:57.0202 0792        Mup             (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys

21:41:57.0218 0792        Mup - ok

21:41:57.0249 0792        napagent        (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll

21:41:57.0296 0792        napagent - ok

21:41:57.0327 0792        NativeWifiP     (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys

21:41:57.0343 0792        NativeWifiP - ok

21:41:57.0483 0792        NAUpdate        (934bb0d23a25c8c136570800a5a149b6) C:\Program Files\Nero\Update\NASvc.exe

21:41:57.0514 0792        NAUpdate - ok

21:41:57.0546 0792        NDIS            (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys

21:41:57.0577 0792        NDIS - ok

21:41:57.0608 0792        NdisCap         (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys

21:41:57.0624 0792        NdisCap - ok

21:41:57.0639 0792        NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys

21:41:57.0686 0792        NdisTapi - ok

21:41:57.0717 0792        Ndisuio         (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys

21:41:57.0764 0792        Ndisuio - ok

21:41:57.0795 0792        NdisWan         (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys

21:41:57.0842 0792        NdisWan - ok

21:41:57.0858 0792        NDProxy         (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys

21:41:57.0904 0792        NDProxy - ok

21:41:58.0014 0792        NeroMediaHomeService.4 (b6eb664bd5e25413e730bcb54cf64272) C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe

21:41:58.0029 0792        NeroMediaHomeService.4 - ok

21:41:58.0060 0792        NetBIOS         (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys

21:41:58.0092 0792        NetBIOS - ok

21:41:58.0123 0792        NetBT           (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys

21:41:58.0154 0792        NetBT - ok

21:41:58.0185 0792        Netlogon        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

21:41:58.0201 0792        Netlogon - ok

21:41:58.0232 0792        Netman          (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll

21:41:58.0279 0792        Netman - ok

21:41:58.0372 0792        NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

21:41:58.0388 0792        NetMsmqActivator - ok

21:41:58.0388 0792        NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

21:41:58.0404 0792        NetPipeActivator - ok

21:41:58.0435 0792        netprofm        (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll

21:41:58.0482 0792        netprofm - ok

21:41:58.0482 0792        NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

21:41:58.0497 0792        NetTcpActivator - ok

21:41:58.0497 0792        NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

21:41:58.0497 0792        NetTcpPortSharing - ok

21:41:58.0544 0792        nfrd960         (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys

21:41:58.0575 0792        nfrd960 - ok

21:41:58.0606 0792        NlaSvc          (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll

21:41:58.0638 0792        NlaSvc - ok

21:41:58.0669 0792        nmwcd           (f6c40e0a565ee3ce5aeeb325e10054f2) C:\Windows\system32\drivers\ccdcmb.sys

21:41:58.0731 0792        nmwcd - ok

21:41:58.0794 0792        nmwcdc          (2a394e9e1fa3565e4b2fea470ffe4d6b) C:\Windows\system32\drivers\ccdcmbo.sys

21:41:58.0825 0792        nmwcdc - ok

21:41:58.0856 0792        nmwcdnsu        (99b224f8026cb534724aa3c408561e45) C:\Windows\system32\drivers\nmwcdnsu.sys

21:41:58.0903 0792        nmwcdnsu - ok

21:41:58.0918 0792        nmwcdnsuc       (d23257682d349a5e2e4507ed33decc16) C:\Windows\system32\drivers\nmwcdnsuc.sys

21:41:58.0950 0792        nmwcdnsuc - ok

21:41:59.0028 0792        NPF             (b48dc6abcd3aeff8618350ccbdc6b09a) C:\Windows\system32\drivers\npf.sys

21:41:59.0028 0792        NPF - ok

21:41:59.0043 0792        Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys

21:41:59.0074 0792        Npfs - ok

21:41:59.0106 0792        nsi             (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll

21:41:59.0137 0792        nsi - ok

21:41:59.0168 0792        nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys

21:41:59.0230 0792        nsiproxy - ok

21:41:59.0340 0792        Ntfs            (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys

21:41:59.0371 0792        Ntfs - ok

21:41:59.0386 0792        Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys

21:41:59.0402 0792        Null - ok

21:41:59.0433 0792        nvraid          (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys

21:41:59.0464 0792        nvraid - ok

21:41:59.0464 0792        nvstor          (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys

21:41:59.0480 0792        nvstor - ok

21:41:59.0511 0792        nvsvc           (4ed813efd77a9b7e57e341cdc1c5cbc4) C:\Windows\system32\nvvsvc.exe

21:41:59.0511 0792        nvsvc - ok

21:41:59.0542 0792        nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys

21:41:59.0558 0792        nv_agp - ok

21:41:59.0636 0792        odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

21:41:59.0652 0792        odserv - ok

21:41:59.0683 0792        ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys

21:41:59.0698 0792        ohci1394 - ok

21:41:59.0730 0792        ose             (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

21:41:59.0730 0792        ose - ok

21:41:59.0776 0792        p2pimsvc        (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll

21:41:59.0792 0792        p2pimsvc - ok

21:41:59.0808 0792        p2psvc          (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll

21:41:59.0839 0792        p2psvc - ok

21:41:59.0886 0792        Parport         (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys

21:41:59.0901 0792        Parport - ok

21:41:59.0917 0792        partmgr         (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys

21:41:59.0932 0792        partmgr - ok

21:41:59.0948 0792        Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys

21:41:59.0964 0792        Parvdm - ok

21:41:59.0995 0792        PcaSvc          (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll

21:42:00.0010 0792        PcaSvc - ok

21:42:00.0057 0792        pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys

21:42:00.0104 0792        pccsmcfd - ok

21:42:00.0135 0792        pci             (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys

21:42:00.0135 0792        pci - ok

21:42:00.0151 0792        pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys

21:42:00.0166 0792        pciide - ok

21:42:00.0198 0792        pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys

21:42:00.0213 0792        pcmcia - ok

21:42:00.0229 0792        pcw             (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys

21:42:00.0244 0792        pcw - ok

21:42:00.0276 0792        PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys

21:42:00.0338 0792        PEAUTH - ok

21:42:00.0385 0792        PeerDistSvc     (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll

21:42:00.0447 0792        PeerDistSvc - ok

21:42:00.0510 0792        pla             (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll

21:42:00.0588 0792        pla - ok

21:42:00.0712 0792        PlugPlay        (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll

21:42:00.0775 0792        PlugPlay - ok

21:42:00.0790 0792        PNRPAutoReg     (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll

21:42:00.0837 0792        PNRPAutoReg - ok

21:42:00.0853 0792        PNRPsvc         (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll

21:42:00.0868 0792        PNRPsvc - ok

21:42:00.0915 0792        PolicyAgent     (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll

21:42:00.0962 0792        PolicyAgent - ok

21:42:00.0978 0792        Power           (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll

21:42:01.0009 0792        Power - ok

21:42:01.0071 0792        PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys

21:42:01.0118 0792        PptpMiniport - ok

21:42:01.0134 0792        Processor       (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys

21:42:01.0165 0792        Processor - ok

21:42:01.0196 0792        ProfSvc         (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll

21:42:01.0227 0792        ProfSvc - ok

21:42:01.0258 0792        ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

21:42:01.0274 0792        ProtectedStorage - ok

21:42:01.0352 0792        Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys

21:42:01.0399 0792        Psched - ok

21:42:01.0430 0792        PxHelp20        (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys

21:42:01.0446 0792        PxHelp20 - ok

21:42:01.0945 0792        ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys

21:42:01.0992 0792        ql2300 - ok

21:42:02.0101 0792        ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys

21:42:02.0132 0792        ql40xx - ok

21:42:02.0163 0792        QWAVE           (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll

21:42:02.0194 0792        QWAVE - ok

21:42:02.0210 0792        QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys

21:42:02.0257 0792        QWAVEdrv - ok

21:42:02.0272 0792        RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys

21:42:02.0304 0792        RasAcd - ok

21:42:02.0350 0792        RasAgileVpn     (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys

21:42:02.0382 0792        RasAgileVpn - ok

21:42:02.0413 0792        RasAuto         (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll

21:42:02.0444 0792        RasAuto - ok

21:42:02.0460 0792        Rasl2tp         (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys

21:42:02.0506 0792        Rasl2tp - ok

21:42:02.0553 0792        RasMan          (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll

21:42:02.0600 0792        RasMan - ok

21:42:02.0631 0792        RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys

21:42:02.0662 0792        RasPppoe - ok

21:42:02.0694 0792        RasSstp         (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys

21:42:02.0725 0792        RasSstp - ok

21:42:02.0756 0792        rdbss           (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys

21:42:02.0772 0792        rdbss - ok

21:42:02.0787 0792        rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys

21:42:02.0803 0792        rdpbus - ok

21:42:02.0834 0792        RDPCDD          (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys

21:42:02.0865 0792        RDPCDD - ok

21:42:02.0881 0792        RDPDR           (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys

21:42:02.0912 0792        RDPDR - ok

21:42:02.0928 0792        RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys

21:42:02.0943 0792        RDPENCDD - ok

21:42:02.0974 0792        RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys

21:42:02.0990 0792        RDPREFMP - ok

21:42:03.0021 0792        RDPWD           (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys

21:42:03.0068 0792        RDPWD - ok

21:42:03.0099 0792        rdyboost        (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys

21:42:03.0115 0792        rdyboost - ok

21:42:03.0146 0792        RemoteAccess    (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll

21:42:03.0177 0792        RemoteAccess - ok

21:42:03.0193 0792        RemoteRegistry  (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll

21:42:03.0240 0792        RemoteRegistry - ok

21:42:03.0271 0792        RimUsb          (616eac1b0e48b236a5a9b8ae07fdb81c) C:\Windows\system32\Drivers\RimUsb.sys

21:42:03.0286 0792        RimUsb - ok

21:42:03.0318 0792        RimVSerPort     (2c4fb2e9f039287767c384e46ee91030) C:\Windows\system32\DRIVERS\RimSerial.sys

21:42:03.0364 0792        RimVSerPort - ok

21:42:03.0396 0792        ROOTMODEM       (564297827d213f52c7a3a2ff749568ca) C:\Windows\system32\Drivers\RootMdm.sys

21:42:03.0458 0792        ROOTMODEM - ok

21:42:03.0536 0792        RoxLiveShare9 - ok

21:42:03.0583 0792        rpcapd          (b60f58f175de20a6739194e85b035178) C:\Program Files\WinPcap\rpcapd.exe

21:42:03.0598 0792        rpcapd - ok

21:42:03.0645 0792        RpcEptMapper    (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll

21:42:03.0676 0792        RpcEptMapper - ok

21:42:03.0692 0792        RpcLocator      (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe

21:42:03.0723 0792        RpcLocator - ok

21:42:03.0754 0792        RpcSs           (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll

21:42:03.0770 0792        RpcSs - ok

21:42:03.0801 0792        rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys

21:42:03.0848 0792        rspndr - ok

21:42:03.0879 0792        RTL8167         (3983cea05bb855351d75f5482b6c42ce) C:\Windows\system32\DRIVERS\Rt86win7.sys

21:42:03.0926 0792        RTL8167 - ok

21:42:03.0957 0792        s3cap           (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys

21:42:04.0004 0792        s3cap - ok

21:42:04.0051 0792        SamSs           (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

21:42:04.0066 0792        SamSs - ok

21:42:04.0082 0792        sbp2port        (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys

21:42:04.0113 0792        sbp2port - ok

21:42:04.0238 0792        SBSDWSCService  (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

21:42:04.0254 0792        SBSDWSCService - ok

21:42:04.0285 0792        SCardSvr        (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll

21:42:04.0316 0792        SCardSvr - ok

21:42:04.0363 0792        scfilter        (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys

21:42:04.0425 0792        scfilter - ok

21:42:04.0690 0792        Schedule        (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll

21:42:04.0753 0792        Schedule - ok

21:42:05.0252 0792        SCPolicySvc     (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll

21:42:05.0283 0792        SCPolicySvc - ok

21:42:05.0299 0792        SDRSVC          (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll

21:42:05.0377 0792        SDRSVC - ok

21:42:05.0408 0792        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

21:42:05.0455 0792        secdrv - ok

21:42:05.0486 0792        seclogon        (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll

21:42:05.0564 0792        seclogon - ok

21:42:05.0580 0792        SENS            (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll

21:42:05.0626 0792        SENS - ok

21:42:05.0673 0792        SensrSvc        (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll

21:42:05.0704 0792        SensrSvc - ok

21:42:05.0736 0792        Serenum         (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys

21:42:05.0751 0792        Serenum - ok

21:42:05.0782 0792        Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys

21:42:05.0814 0792        Serial - ok

21:42:05.0829 0792        sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys

21:42:05.0860 0792        sermouse - ok

21:42:05.0954 0792        ServiceLayer    (f31e9531af225ca25350d5e87e999b31) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

21:42:05.0985 0792        ServiceLayer - ok

21:42:06.0016 0792        SessionEnv      (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll

21:42:06.0063 0792        SessionEnv - ok

21:42:06.0094 0792        sffdisk         (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys

21:42:06.0141 0792        sffdisk - ok

21:42:06.0141 0792        sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys

21:42:06.0172 0792        sffp_mmc - ok

21:42:06.0188 0792        sffp_sd         (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys

21:42:06.0204 0792        sffp_sd - ok

21:42:06.0235 0792        sfloppy         (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys

21:42:06.0250 0792        sfloppy - ok

21:42:06.0297 0792        SharedAccess    (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll

21:42:06.0344 0792        SharedAccess - ok

21:42:06.0375 0792        ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll

21:42:06.0391 0792        ShellHWDetection - ok

21:42:06.0422 0792        sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys

21:42:06.0438 0792        sisagp - ok

21:42:06.0469 0792        SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys

21:42:06.0484 0792        SiSRaid2 - ok

21:42:06.0484 0792        SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys

21:42:06.0500 0792        SiSRaid4 - ok

21:42:06.0531 0792        Smb             (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys

21:42:06.0562 0792        Smb - ok

21:42:06.0594 0792        SNMPTRAP        (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe

21:42:06.0609 0792        SNMPTRAP - ok

21:42:06.0968 0792        SNP2STD         (895245781f648c04ab18c6ca014b10e7) C:\Windows\system32\DRIVERS\snp2sxp.sys

21:42:07.0233 0792        SNP2STD - ok

21:42:07.0358 0792        snpstd          (d08d19ee68cb88ab1bc5da3081505847) C:\Windows\system32\DRIVERS\snpstd.sys

21:42:07.0420 0792        snpstd - ok

21:42:07.0436 0792        spldr           (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys

21:42:07.0452 0792        spldr - ok

21:42:07.0498 0792        Spooler         (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe

21:42:07.0530 0792        Spooler - ok

21:42:07.0639 0792        sppsvc          (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe

21:42:07.0717 0792        sppsvc - ok

21:42:07.0826 0792        sppuinotify     (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll

21:42:07.0888 0792        sppuinotify - ok

21:42:07.0951 0792        srv             (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys

21:42:07.0998 0792        srv - ok

21:42:08.0013 0792        srv2            (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys

21:42:08.0044 0792        srv2 - ok

21:42:08.0060 0792        srvnet          (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys

21:42:08.0076 0792        srvnet - ok

21:42:08.0107 0792        SSDPSRV         (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll

21:42:08.0138 0792        SSDPSRV - ok

21:42:08.0185 0792        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys

21:42:08.0200 0792        ssmdrv - ok

21:42:08.0216 0792        SstpSvc         (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll

21:42:08.0247 0792        SstpSvc - ok

21:42:08.0278 0792        stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys

21:42:08.0294 0792        stexstor - ok

21:42:08.0341 0792        StiSvc          (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll

21:42:08.0372 0792        StiSvc - ok

21:42:08.0403 0792        storflt         (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys

21:42:08.0419 0792        storflt - ok

21:42:08.0450 0792        StorSvc         (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll

21:42:08.0466 0792        StorSvc - ok

21:42:08.0481 0792        storvsc         (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys

21:42:08.0497 0792        storvsc - ok

21:42:08.0544 0792        swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys

21:42:08.0559 0792        swenum - ok

21:42:08.0606 0792        swprv           (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll

21:42:08.0637 0792        swprv - ok

21:42:08.0700 0792        SysMain         (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll

21:42:08.0746 0792        SysMain - ok

21:42:08.0778 0792        TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll

21:42:08.0793 0792        TabletInputService - ok

21:42:08.0856 0792        tap0901         (1e89de7a4fb7a854ebb241d0aa8996dd) C:\Windows\system32\DRIVERS\tap0901.sys

21:42:08.0902 0792        tap0901 - ok

21:42:08.0934 0792        TapiSrv         (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll

21:42:08.0996 0792        TapiSrv - ok

21:42:09.0043 0792        TBS             (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll

21:42:09.0090 0792        TBS - ok

21:42:09.0136 0792        Tcpip           (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys

21:42:09.0183 0792        Tcpip - ok

21:42:09.0199 0792        TCPIP6          (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys

21:42:09.0230 0792        TCPIP6 - ok

21:42:09.0261 0792        tcpipreg        (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys

21:42:09.0324 0792        tcpipreg - ok

21:42:09.0355 0792        TDPIPE          (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys

21:42:09.0386 0792        TDPIPE - ok

21:42:09.0402 0792        TDTCP           (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys

21:42:09.0433 0792        TDTCP - ok

21:42:09.0448 0792        tdx             (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys

21:42:09.0495 0792        tdx - ok

21:42:09.0667 0792        TeamViewer7     (a4d2ce94b028ef1e437cf4ac3d8ff26c) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe

21:42:09.0745 0792        TeamViewer7 - ok

21:42:09.0870 0792        teamviewervpn   (9101fffcfccd1a30e870a5b8a9091b10) C:\Windows\system32\DRIVERS\teamviewervpn.sys

21:42:09.0916 0792        teamviewervpn - ok

21:42:09.0963 0792        TermDD          (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys

21:42:09.0994 0792        TermDD - ok

21:42:10.0041 0792        TermService     (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll

21:42:10.0088 0792        TermService - ok

21:42:10.0119 0792        Themes          (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll

21:42:10.0135 0792        Themes - ok

21:42:10.0166 0792        THREADORDER     (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll

21:42:10.0182 0792        THREADORDER - ok

21:42:10.0213 0792        TrkWks          (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll

21:42:10.0244 0792        TrkWks - ok

21:42:10.0306 0792        TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe

21:42:10.0369 0792        TrustedInstaller - ok

21:42:10.0384 0792        tssecsrv        (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys

21:42:10.0416 0792        tssecsrv - ok

21:42:10.0462 0792        TsUsbFlt        (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys

21:42:10.0509 0792        TsUsbFlt - ok

21:42:10.0556 0792        tunnel          (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys

21:42:10.0603 0792        tunnel - ok

21:42:10.0618 0792        uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys

21:42:10.0634 0792        uagp35 - ok

21:42:10.0665 0792        udfs            (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys

21:42:10.0712 0792        udfs - ok

21:42:10.0759 0792        UI0Detect       (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe

21:42:10.0774 0792        UI0Detect - ok

21:42:10.0821 0792        uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys

21:42:10.0852 0792        uliagpkx - ok

21:42:10.0884 0792        umbus           (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys

21:42:10.0899 0792        umbus - ok

21:42:10.0915 0792        UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys

21:42:10.0930 0792        UmPass - ok

21:42:10.0962 0792        UmRdpService    (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll

21:42:10.0993 0792        UmRdpService - ok

21:42:11.0024 0792        upnphost        (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll

21:42:11.0071 0792        upnphost - ok

21:42:11.0102 0792        upperdev        (47f5f9d837d80ffd5882a14db9da0a67) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys

21:42:11.0149 0792        upperdev - ok

21:42:11.0196 0792        usbaudio        (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys

21:42:11.0211 0792        usbaudio - ok

21:42:11.0242 0792        usbccgp         (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys

21:42:11.0274 0792        usbccgp - ok

21:42:11.0352 0792        usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys

21:42:11.0367 0792        usbcir - ok

21:42:11.0383 0792        usbehci         (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys

21:42:11.0414 0792        usbehci - ok

21:42:11.0476 0792        usbhub          (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys

21:42:11.0508 0792        usbhub - ok

21:42:11.0523 0792        usbohci         (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys

21:42:11.0554 0792        usbohci - ok

21:42:11.0586 0792        usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys

21:42:11.0601 0792        usbprint - ok

21:42:11.0617 0792        usbscan         (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys

21:42:11.0632 0792        usbscan - ok

21:42:11.0679 0792        usbser          (31181de6190b39fc8007dffd1a48ffd6) C:\Windows\system32\drivers\usbser.sys

21:42:11.0742 0792        usbser - ok

21:42:11.0773 0792        UsbserFilt      (e44f0d17be0908b58dcc99ccb99c6c32) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys

21:42:11.0835 0792        UsbserFilt - ok

21:42:11.0898 0792        USBSTOR         (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS

21:42:12.0085 0792        USBSTOR - ok

21:42:12.0241 0792        usbuhci         (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys

21:42:12.0334 0792        usbuhci - ok

21:42:12.0412 0792        usbvideo        (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\system32\Drivers\usbvideo.sys

21:42:12.0444 0792        usbvideo - ok

21:42:12.0475 0792        UxSms           (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll

21:42:12.0506 0792        UxSms - ok

21:42:12.0522 0792        VaultSvc        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

21:42:12.0537 0792        VaultSvc - ok

21:42:12.0568 0792        vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys

21:42:12.0600 0792        vdrvroot - ok

21:42:12.0646 0792        vds             (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe

21:42:12.0678 0792        vds - ok

21:42:12.0709 0792        vga             (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys

21:42:12.0724 0792        vga - ok

21:42:12.0724 0792        VgaSave         (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys

21:42:12.0756 0792        VgaSave - ok

21:42:12.0787 0792        vhdmp           (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys

21:42:12.0802 0792        vhdmp - ok

21:42:12.0818 0792        viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys

21:42:12.0834 0792        viaagp - ok

21:42:12.0849 0792        ViaC7           (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys

21:42:12.0880 0792        ViaC7 - ok

21:42:12.0896 0792        viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys

21:42:12.0912 0792        viaide - ok

21:42:12.0927 0792        vmbus           (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys

21:42:12.0927 0792        vmbus - ok

21:42:12.0943 0792        VMBusHID        (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys

21:42:12.0958 0792        VMBusHID - ok

21:42:12.0974 0792        volmgr          (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys

21:42:12.0974 0792        volmgr - ok

21:42:12.0990 0792        volmgrx         (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys

21:42:13.0005 0792        volmgrx - ok

21:42:13.0021 0792        volsnap         (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys

21:42:13.0036 0792        volsnap - ok

21:42:13.0068 0792        vsmraid         (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys

21:42:13.0083 0792        vsmraid - ok

21:42:13.0130 0792        VSS             (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe

21:42:13.0177 0792        VSS - ok

21:42:13.0208 0792        vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys

21:42:13.0224 0792        vwifibus - ok

21:42:13.0255 0792        vwififlt        (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys

21:42:13.0270 0792        vwififlt - ok

21:42:13.0302 0792        W32Time         (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll

21:42:13.0348 0792        W32Time - ok

21:42:13.0411 0792        W3SVC           (57c8c20bfa5bef6bd851ebac67a8ced0) C:\Windows\system32\inetsrv\iisw3adm.dll

21:42:13.0442 0792        W3SVC - ok

21:42:13.0458 0792        WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys

21:42:13.0489 0792        WacomPen - ok

21:42:13.0536 0792        WANARP          (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys

21:42:13.0551 0792        WANARP - ok

21:42:13.0551 0792        Wanarpv6        (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys

21:42:13.0582 0792        Wanarpv6 - ok

21:42:13.0582 0792        WAS             (57c8c20bfa5bef6bd851ebac67a8ced0) C:\Windows\system32\inetsrv\iisw3adm.dll

21:42:13.0598 0792        WAS - ok

21:42:13.0692 0792        WatAdminSvc     (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe

21:42:13.0785 0792        WatAdminSvc - ok

21:42:13.0848 0792        wbengine        (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe

21:42:13.0926 0792        wbengine - ok

21:42:13.0957 0792        WbioSrvc        (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll

21:42:14.0004 0792        WbioSrvc - ok

21:42:14.0035 0792        wcncsvc         (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll

21:42:14.0066 0792        wcncsvc - ok

21:42:14.0082 0792        WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll

21:42:14.0113 0792        WcsPlugInService - ok

21:42:14.0175 0792        Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys

21:42:14.0191 0792        Wd - ok

21:42:14.0206 0792        Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys

21:42:14.0222 0792        Wdf01000 - ok

21:42:14.0238 0792        WdiServiceHost  (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll

21:42:14.0300 0792        WdiServiceHost - ok

21:42:14.0300 0792        WdiSystemHost   (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll

21:42:14.0316 0792        WdiSystemHost - ok

21:42:14.0362 0792        WebClient       (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll

21:42:14.0394 0792        WebClient - ok

21:42:14.0440 0792        Wecsvc          (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll

21:42:14.0472 0792        Wecsvc - ok

21:42:14.0550 0792        wercplsupport   (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll

21:42:14.0581 0792        wercplsupport - ok

21:42:14.0596 0792        WerSvc          (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll

21:42:14.0628 0792        WerSvc - ok

21:42:14.0659 0792        WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys

21:42:14.0674 0792        WfpLwf - ok

21:42:14.0690 0792        WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys

21:42:14.0706 0792        WIMMount - ok

21:42:14.0784 0792        WinDefend       (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll

21:42:14.0815 0792        WinDefend - ok

21:42:14.0830 0792        WinHttpAutoProxySvc - ok

21:42:14.0908 0792        Winmgmt         (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll

21:42:14.0971 0792        Winmgmt - ok

21:42:15.0033 0792        WinRM           (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll

21:42:15.0096 0792        WinRM - ok

21:42:15.0158 0792        WinUsb          (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys

21:42:15.0189 0792        WinUsb - ok

21:42:15.0236 0792        Wlansvc         (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll

21:42:15.0283 0792        Wlansvc - ok

21:42:15.0345 0792        wlcrasvc        (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

21:42:15.0361 0792        wlcrasvc - ok

21:42:15.0454 0792        wlidsvc         (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

21:42:15.0517 0792        wlidsvc - ok

21:42:15.0610 0792        WmiAcpi         (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys

21:42:15.0626 0792        WmiAcpi - ok

21:42:15.0688 0792        wmiApSrv        (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe

21:42:15.0704 0792        wmiApSrv - ok

21:42:15.0735 0792        WPCSvc          (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll

21:42:15.0766 0792        WPCSvc - ok

21:42:15.0844 0792        WPDBusEnum      (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll

21:42:15.0891 0792        WPDBusEnum - ok

21:42:15.0922 0792        ws2ifsl         (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys

21:42:15.0954 0792        ws2ifsl - ok

21:42:15.0985 0792        wscsvc          (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll

21:42:16.0016 0792        wscsvc - ok

21:42:16.0016 0792        WSearch - ok

21:42:16.0094 0792        wuauserv        (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll

21:42:16.0156 0792        wuauserv - ok

21:42:16.0266 0792        WudfPf          (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys

21:42:16.0312 0792        WudfPf - ok

21:42:16.0344 0792        WUDFRd          (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys

21:42:16.0375 0792        WUDFRd - ok

21:42:16.0406 0792        wudfsvc         (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll

21:42:16.0422 0792        wudfsvc - ok

21:42:16.0468 0792        WwanSvc         (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll

21:42:16.0500 0792        WwanSvc - ok

21:42:16.0531 0792        ZTEusbmdm6k - ok

21:42:16.0531 0792        ZTEusbnmea - ok

21:42:16.0546 0792        ZTEusbser6k - ok

21:42:16.0562 0792        MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

21:42:16.0687 0792        \Device\Harddisk0\DR0 - ok

21:42:16.0765 0792        Boot (0x1200)   (3c4e5eb2a605082b3a529b8b5e416803) \Device\Harddisk0\DR0\Partition0

21:42:16.0780 0792        \Device\Harddisk0\DR0\Partition0 - ok

21:42:16.0796 0792        Boot (0x1200)   (0c910ad54859db913581c6d280640161) \Device\Harddisk0\DR0\Partition1

21:42:16.0796 0792        \Device\Harddisk0\DR0\Partition1 - ok

21:42:16.0796 0792        ============================================================

21:42:16.0796 0792        Scan finished

21:42:16.0796 0792        ============================================================

21:42:16.0812 5260        Detected object count: 4

21:42:16.0812 5260        Actual detected object count: 4

21:45:55.0852 5260        Bonjour Service ( UnsignedFile.Multi.Generic ) - skipped by user

21:45:55.0852 5260        Bonjour Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 

21:45:55.0867 5260        BVRPMPR5 ( UnsignedFile.Multi.Generic ) - skipped by user

21:45:55.0867 5260        BVRPMPR5 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

21:45:55.0867 5260        FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user

21:45:55.0867 5260        FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 

21:45:55.0867 5260        IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

21:45:55.0867 5260        IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

Jetzt mache ich mich mal an cureit.

MfG

Hey,

also irgendwie bin ich jetzt baff, ich komme einfach nicht in den abgesicherten Modus-der Scan mit Cureit soll ja aber im abgesicherten gemacht werden.

Ich habe keine Ahnung, warum das einfach nicht geht - ich habe tausende Male F8 gedrückt, ich habe ein nicht-ordnungsgemäßes Herunterfahren provoziert -> nun bin ich mit meinem Latein am Ende.

MfG