Computer auffällig langsamer und Passwort geknackt

Dexian · 19.06.2012, 11:04

Hallo liebe Community,

mein Problem ist, dass mein Rechner seit einiger Zeit oftmals viel langsamer ist als sonst. Nun ist auch noch hinzugekommen, dass das Passwort von meinem E-Mail Account gecracked wurde und es deswegen gesperrt wurde.

Ich würde gerne ausschließen, dass es mit irgendeiner bösartigen Software o.ä. zusammenhängt und euch bitten, einmal ein Auge auf mein System zu werfen.

Hier die Logfiles, bei OTL wurde jedoch keine Extras.txt erstellt

Psychotic · 20.06.2012, 08:20

Mein Name ist Marius und ich werde dir bei deinem Problem helfen.

Eines vorneweg:

Hinweis: Wir können hier nie dafür garantieren, dass wir sämtliche Reste von Schadsoftware gefunden haben. Eine Formatierung ist meist der schnellste und immer der sicherste Weg.

Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass dein Rechner clean ist.

Eine Bereinigung ist mitunter mit viel Arbeit für dich verbunden.

Bitte arbeite alle Schritte der Reihe nach ab.
Lese die Anleitungen sorgfältig. Solltest du irgendwo nicht weiterkommen, stoppe an diesem Punkt und beschreibe dein Problem hier!
Nur Scans durchführen, zu denen du von einem Helfer aufgefordert wirst.
Bitte kein Crossposting (posten in mehreren Foren) - wenn du die Anweisungen mehrere Helfer ausführst, kann das schwere Probleme nach sich ziehen!.
Installiere oder Deinstalliere während der Bereinigung keine Software (ausser, du wurdest dazu aufgefordert).
Wenn etwas unklar ist: Frage, bevor du etwas "blind" machst!

...und ganz wichtig:
Poste die Logfiles mit code-tags (das #-Symbol oben im Antwortfenster) in deinen Thread! Nicht anhängen, außer, ich fordere dich dazu auf. (Erschwert mir nämlich das Auswerten).

Vista und Win7 User
Alle Tools mit Rechtsklick --> "als Administrator ausführen" starten.

Schritt 1: aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe - (aswMBR.exe Anleitung) Vista und Win7 User mit Rechtsklick "als Admininstartor starten"
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. ( Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen ) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Schritt 2: Scan mit TDSS-Killer

Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen. Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe
Klicke Change parameters, wähle Detect TDLFS file system, klicke OK.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und speichere das Logfile. TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern ( Meistens C:\ ) Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt

Poste den Inhalt bitte hier in deinen Thread.

Schritt 3: ckscan

Downloade dir bitte CKScanner Wichtig: Speichere die Datei am Desktop.

Doppelklick auf die CKScanner.exe und klicke auf Search For Files.
Danach klick auf Save List To File.
Es wird eine Box aufpoppen was dir mitteilt das die Datei gespeichert wurde (file saved)
Öffne die CKFiles.txt auf deinem Desktop und poste den Inhalt hier.

Schritt 4: OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden)

Doppelklick auf die OTL.exe
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles hier in den Thread.

Dexian · 20.06.2012, 20:47

Wollte gerne mit dem ersten Programm beginnen, jedoch bekomme ich bei aswMBR einen Absturz. Habe es 2x probiert, jedes mal an der selben Stelle.

Um den Screen zu sehen, Link:

Psychotic · 21.06.2012, 12:02

Versuche es im abgesicherten Modus!

Abgesicherter Modus zur Bereinigung

Windows mit F8-Taste beim Start in den abgesicherten Modus bringen.
Starte den Rechner in den abgesicherten Modus mit Netzwerktreibern:

Ansonsten:

Lasse den aswMBR weg!

Dexian · 21.06.2012, 17:08

Also auch im Abgesicherten Modus hängt sich der aswMBR auf.

Die anderen Programme ergeben folgendes:

TDSS:

Code:

ATTFilter

17:43:41.0605 5312	TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32
17:43:42.0853 5312	============================================================
17:43:42.0853 5312	Current date / time: 2012/06/21 17:43:42.0853
17:43:42.0853 5312	SystemInfo:
17:43:42.0853 5312	
17:43:42.0853 5312	OS Version: 6.1.7601 ServicePack: 1.0
17:43:42.0853 5312	Product type: Workstation
17:43:42.0853 5312	ComputerName: DEIM-PC
17:43:42.0853 5312	UserName: Gerrit
17:43:42.0853 5312	Windows directory: C:\Windows
17:43:42.0853 5312	System windows directory: C:\Windows
17:43:42.0853 5312	Running under WOW64
17:43:42.0853 5312	Processor architecture: Intel x64
17:43:42.0853 5312	Number of processors: 4
17:43:42.0853 5312	Page size: 0x1000
17:43:42.0853 5312	Boot type: Normal boot
17:43:42.0853 5312	============================================================
17:43:43.0883 5312	Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:43:43.0883 5312	============================================================
17:43:43.0883 5312	\Device\Harddisk0\DR0:
17:43:43.0883 5312	MBR partitions:
17:43:43.0883 5312	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:43:43.0883 5312	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
17:43:43.0883 5312	============================================================
17:43:43.0914 5312	C: <-> \Device\Harddisk0\DR0\Partition1
17:43:43.0914 5312	============================================================
17:43:43.0914 5312	Initialize success
17:43:43.0914 5312	============================================================
17:44:01.0277 4132	============================================================
17:44:01.0277 4132	Scan started
17:44:01.0277 4132	Mode: Manual; TDLFS; 
17:44:01.0277 4132	============================================================
17:44:02.0462 4132	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
17:44:02.0478 4132	1394ohci - ok
17:44:02.0540 4132	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:44:02.0540 4132	ACPI - ok
17:44:02.0556 4132	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:44:02.0556 4132	AcpiPmi - ok
17:44:02.0696 4132	AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:44:02.0743 4132	AdobeFlashPlayerUpdateSvc - ok
17:44:02.0790 4132	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
17:44:02.0790 4132	adp94xx - ok
17:44:02.0821 4132	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
17:44:02.0821 4132	adpahci - ok
17:44:02.0852 4132	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
17:44:02.0852 4132	adpu320 - ok
17:44:02.0883 4132	AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
17:44:02.0883 4132	AeLookupSvc - ok
17:44:02.0946 4132	AF9035BDA       (0a0889d0b7afd2577d49f6799a26e05d) C:\Windows\system32\DRIVERS\AF15BDA.sys
17:44:02.0961 4132	AF9035BDA - ok
17:44:03.0008 4132	AFD             (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
17:44:03.0024 4132	AFD - ok
17:44:03.0102 4132	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:44:03.0117 4132	agp440 - ok
17:44:03.0195 4132	ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
17:44:03.0211 4132	ALG - ok
17:44:03.0242 4132	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:44:03.0242 4132	aliide - ok
17:44:03.0336 4132	AMD External Events Utility (a2f5bea5b45a8e7c4776f39c25e8699d) C:\Windows\system32\atiesrxx.exe
17:44:03.0336 4132	AMD External Events Utility - ok
17:44:03.0367 4132	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:44:03.0367 4132	amdide - ok
17:44:03.0414 4132	amdiox64        (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
17:44:03.0414 4132	amdiox64 - ok
17:44:03.0445 4132	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
17:44:03.0445 4132	AmdK8 - ok
17:44:03.0866 4132	amdkmdag        (5b03217859b014b090cb5060c1d96875) C:\Windows\system32\DRIVERS\atikmdag.sys
17:44:03.0991 4132	amdkmdag - ok
17:44:04.0085 4132	amdkmdap        (35d2184a99ad4cd5d17284d6c9f382c9) C:\Windows\system32\DRIVERS\atikmpag.sys
17:44:04.0085 4132	amdkmdap - ok
17:44:04.0116 4132	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:44:04.0116 4132	AmdPPM - ok
17:44:04.0163 4132	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
17:44:04.0163 4132	amdsata - ok
17:44:04.0178 4132	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
17:44:04.0178 4132	amdsbs - ok
17:44:04.0194 4132	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
17:44:04.0194 4132	amdxata - ok
17:44:04.0256 4132	AnyDVD          (2d71d1eed26923802c1c1b26e603fe0c) C:\Windows\system32\Drivers\AnyDVD.sys
17:44:04.0256 4132	AnyDVD - ok
17:44:04.0287 4132	AODDriver4.01 - ok
17:44:04.0334 4132	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:44:04.0350 4132	AppID - ok
17:44:04.0365 4132	AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
17:44:04.0365 4132	AppIDSvc - ok
17:44:04.0412 4132	Appinfo         (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
17:44:04.0412 4132	Appinfo - ok
17:44:04.0490 4132	Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:44:04.0490 4132	Apple Mobile Device - ok
17:44:04.0521 4132	AppMgmt         (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
17:44:04.0521 4132	AppMgmt - ok
17:44:04.0553 4132	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
17:44:04.0553 4132	arc - ok
17:44:04.0553 4132	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
17:44:04.0568 4132	arcsas - ok
17:44:04.0584 4132	aspnet_state - ok
17:44:04.0599 4132	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:44:04.0599 4132	AsyncMac - ok
17:44:04.0615 4132	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:44:04.0615 4132	atapi - ok
17:44:04.0677 4132	AtiHDAudioService (dbb487d09f56c674430ac454fd8bcab9) C:\Windows\system32\drivers\AtihdW76.sys
17:44:04.0693 4132	AtiHDAudioService - ok
17:44:04.0724 4132	AtiPcie         (e82e61f46d1336447f4deff8c074f13e) C:\Windows\system32\DRIVERS\AtiPcie64.sys
17:44:04.0724 4132	AtiPcie - ok
17:44:04.0771 4132	atksgt          (fc0e8778c000291caf60eb88c011e931) C:\Windows\system32\DRIVERS\atksgt.sys
17:44:04.0771 4132	atksgt - ok
17:44:04.0849 4132	AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:44:04.0849 4132	AudioEndpointBuilder - ok
17:44:04.0849 4132	AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:44:04.0849 4132	AudioSrv - ok
17:44:04.0989 4132	AVKProxy        (b0a3876af08b4cbe7044bb1721e8a86e) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe
17:44:05.0005 4132	AVKProxy - ok
17:44:05.0067 4132	AVKService      (1ec1623d18f51d2dab1090155456ab3d) C:\Program Files (x86)\G Data\TotalCare\AVK\AVKService.exe
17:44:05.0067 4132	AVKService - ok
17:44:05.0192 4132	AVKWCtl         (0255c17c2dca5fe8a99ce03a7cc6886e) C:\Program Files (x86)\G Data\TotalCare\AVK\AVKWCtlX64.exe
17:44:05.0208 4132	AVKWCtl - ok
17:44:05.0301 4132	avmeject        (1dc2f715792cf33428ad7993acbd224d) C:\Windows\system32\drivers\avmeject.sys
17:44:05.0301 4132	avmeject - ok
17:44:05.0473 4132	AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
17:44:05.0489 4132	AxInstSV - ok
17:44:05.0754 4132	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
17:44:05.0769 4132	b06bdrv - ok
17:44:05.0801 4132	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:44:05.0816 4132	b57nd60a - ok
17:44:05.0894 4132	BCMH43XX        (e49110a58a32e9450356686a95dd7763) C:\Windows\system32\DRIVERS\bcmwlhigh664.sys
17:44:05.0925 4132	BCMH43XX - ok
17:44:05.0972 4132	BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
17:44:05.0972 4132	BDESVC - ok
17:44:05.0988 4132	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:44:05.0988 4132	Beep - ok
17:44:06.0081 4132	BFE             (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
17:44:06.0097 4132	BFE - ok
17:44:06.0175 4132	BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
17:44:06.0191 4132	BITS - ok
17:44:06.0253 4132	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:44:06.0253 4132	blbdrive - ok
17:44:06.0362 4132	Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
17:44:06.0362 4132	Bonjour Service - ok
17:44:06.0393 4132	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:44:06.0393 4132	bowser - ok
17:44:06.0440 4132	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:44:06.0440 4132	BrFiltLo - ok
17:44:06.0440 4132	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:44:06.0440 4132	BrFiltUp - ok
17:44:06.0487 4132	Browser         (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
17:44:06.0487 4132	Browser - ok
17:44:06.0518 4132	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:44:06.0518 4132	Brserid - ok
17:44:06.0518 4132	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:44:06.0534 4132	BrSerWdm - ok
17:44:06.0534 4132	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:44:06.0534 4132	BrUsbMdm - ok
17:44:06.0534 4132	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:44:06.0534 4132	BrUsbSer - ok
17:44:06.0549 4132	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
17:44:06.0549 4132	BTHMODEM - ok
17:44:06.0565 4132	bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
17:44:06.0565 4132	bthserv - ok
17:44:06.0581 4132	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:44:06.0581 4132	cdfs - ok
17:44:06.0627 4132	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
17:44:06.0627 4132	cdrom - ok
17:44:06.0674 4132	CertPropSvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:44:06.0674 4132	CertPropSvc - ok
17:44:06.0690 4132	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
17:44:06.0690 4132	circlass - ok
17:44:06.0721 4132	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:44:06.0721 4132	CLFS - ok
17:44:06.0752 4132	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:44:06.0768 4132	clr_optimization_v2.0.50727_32 - ok
17:44:06.0799 4132	clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:44:06.0799 4132	clr_optimization_v2.0.50727_64 - ok
17:44:06.0893 4132	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:44:06.0908 4132	clr_optimization_v4.0.30319_32 - ok
17:44:06.0955 4132	clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:44:06.0955 4132	clr_optimization_v4.0.30319_64 - ok
17:44:06.0971 4132	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
17:44:06.0971 4132	CmBatt - ok
17:44:07.0002 4132	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:44:07.0002 4132	cmdide - ok
17:44:07.0049 4132	CNG             (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
17:44:07.0049 4132	CNG - ok
17:44:07.0064 4132	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
17:44:07.0064 4132	Compbatt - ok
17:44:07.0111 4132	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
17:44:07.0111 4132	CompositeBus - ok
17:44:07.0127 4132	COMSysApp - ok
17:44:07.0127 4132	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
17:44:07.0127 4132	crcdisk - ok
17:44:07.0205 4132	Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
17:44:07.0205 4132	Creative ALchemy AL6 Licensing Service - ok
17:44:07.0220 4132	Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
17:44:07.0220 4132	Creative Audio Engine Licensing Service - ok
17:44:07.0251 4132	CryptSvc        (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
17:44:07.0251 4132	CryptSvc - ok
17:44:07.0298 4132	CSC             (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
17:44:07.0345 4132	CSC - ok
17:44:07.0407 4132	CscService      (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
17:44:07.0407 4132	CscService - ok
17:44:07.0485 4132	CTAudSvcService (5ce3d0e1d1b3832ee052cfc442eee0fa) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
17:44:07.0485 4132	CTAudSvcService - ok
17:44:07.0548 4132	DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:44:07.0548 4132	DcomLaunch - ok
17:44:07.0610 4132	defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
17:44:07.0626 4132	defragsvc - ok
17:44:07.0688 4132	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:44:07.0688 4132	DfsC - ok
17:44:07.0719 4132	Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
17:44:07.0719 4132	Dhcp - ok
17:44:07.0735 4132	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:44:07.0735 4132	discache - ok
17:44:07.0797 4132	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
17:44:07.0797 4132	Disk - ok
17:44:07.0922 4132	Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
17:44:07.0922 4132	Dnscache - ok
17:44:08.0000 4132	dot3svc         (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
17:44:08.0016 4132	dot3svc - ok
17:44:08.0047 4132	DPS             (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
17:44:08.0047 4132	DPS - ok
17:44:08.0078 4132	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:44:08.0078 4132	drmkaud - ok
17:44:08.0141 4132	dtsoftbus01     (400582b09e0bb557d0ec28a945150eeb) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:44:08.0141 4132	dtsoftbus01 - ok
17:44:08.0219 4132	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:44:08.0219 4132	DXGKrnl - ok
17:44:08.0281 4132	E1G60           (edc6e9c057c9d7f83eea22b4cef5dcad) C:\Windows\system32\DRIVERS\E1G6032E.sys
17:44:08.0281 4132	E1G60 - ok
17:44:08.0312 4132	EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
17:44:08.0312 4132	EapHost - ok
17:44:08.0468 4132	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
17:44:08.0499 4132	ebdrv - ok
17:44:08.0593 4132	EFS             (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
17:44:08.0593 4132	EFS - ok
17:44:08.0640 4132	ehRecvr         (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
17:44:08.0671 4132	ehRecvr - ok
17:44:08.0702 4132	ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
17:44:08.0702 4132	ehSched - ok
17:44:08.0765 4132	ElbyCDIO        (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys
17:44:08.0765 4132	ElbyCDIO - ok
17:44:08.0811 4132	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
17:44:08.0827 4132	elxstor - ok
17:44:08.0858 4132	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:44:08.0858 4132	ErrDev - ok
17:44:08.0905 4132	EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
17:44:08.0905 4132	EventSystem - ok
17:44:08.0999 4132	EverestDriver   (13a2b915f6d93e52505656773d53096f) C:\Installierte Programme\EVEREST Ultimate Edition\kerneld.amd64
17:44:08.0999 4132	EverestDriver - ok
17:44:09.0014 4132	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:44:09.0030 4132	exfat - ok
17:44:09.0045 4132	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:44:09.0045 4132	fastfat - ok
17:44:09.0108 4132	Fax             (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
17:44:09.0123 4132	Fax - ok
17:44:09.0139 4132	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
17:44:09.0139 4132	fdc - ok
17:44:09.0139 4132	fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
17:44:09.0139 4132	fdPHost - ok
17:44:09.0155 4132	FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
17:44:09.0155 4132	FDResPub - ok
17:44:09.0170 4132	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:44:09.0170 4132	FileInfo - ok
17:44:09.0186 4132	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:44:09.0186 4132	Filetrace - ok
17:44:09.0217 4132	FlashUSB        (af44fcb577661690e59b6bdb8db0e28e) C:\Windows\system32\DRIVERS\FlashUSB_x64.sys
17:44:09.0233 4132	FlashUSB - ok
17:44:09.0233 4132	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
17:44:09.0233 4132	flpydisk - ok
17:44:09.0279 4132	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:44:09.0279 4132	FltMgr - ok
17:44:09.0357 4132	FontCache       (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
17:44:09.0373 4132	FontCache - ok
17:44:09.0420 4132	FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:44:09.0420 4132	FontCache3.0.0.0 - ok
17:44:09.0451 4132	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:44:09.0451 4132	FsDepends - ok
17:44:09.0482 4132	Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
17:44:09.0482 4132	Fs_Rec - ok
17:44:09.0545 4132	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:44:09.0545 4132	fvevol - ok
17:44:09.0607 4132	FWLANUSB        (444534cba693dd23c1cc589681e01656) C:\Windows\system32\DRIVERS\fwlanusb.sys
17:44:09.0607 4132	FWLANUSB - ok
17:44:09.0638 4132	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:44:09.0638 4132	gagp30kx - ok
17:44:09.0763 4132	GDBackupSvc     (be8d41cdf5dec88c55c8b559ad6c9f4a) C:\Program Files (x86)\G Data\TotalCare\AVKBackup\AVKBackupService.exe
17:44:09.0825 4132	GDBackupSvc - ok
17:44:09.0903 4132	GDBehave        (70f2b7c787602c857525fd1939ef680a) C:\Windows\system32\drivers\GDBehave.sys
17:44:09.0903 4132	GDBehave - ok
17:44:10.0153 4132	GDFwSvc         (9b510af4a6a63261f5c9a961a7508963) C:\Program Files (x86)\G Data\TotalCare\Firewall\GDFwSvcx64.exe
17:44:10.0169 4132	GDFwSvc - ok
17:44:10.0418 4132	GDMnIcpt        (185b4958bf8ccc6ffa0eea5c0e7f65f6) C:\Windows\system32\drivers\MiniIcpt.sys
17:44:10.0418 4132	GDMnIcpt - ok
17:44:10.0465 4132	GdNetMon        (cebda28d56f0ca2f08367c93741e5f76) C:\Windows\system32\drivers\GdNetMon64.sys
17:44:10.0465 4132	GdNetMon - ok
17:44:10.0481 4132	GDPkIcpt        (a7dbc5e8767e70dbf59114f826d4b1b6) C:\Windows\system32\drivers\PktIcpt.sys
17:44:10.0481 4132	GDPkIcpt - ok
17:44:10.0605 4132	GDScan          (b6bf441373adc1596d8bb1d61281814d) C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe
17:44:10.0605 4132	GDScan - ok
17:44:10.0683 4132	GDTunerSvc      (7ec5ceefed97f1ab48a48c1df1d0af7f) C:\Program Files (x86)\G Data\TotalCare\AVKTuner\AVKTunerService.exe
17:44:10.0715 4132	GDTunerSvc - ok
17:44:10.0777 4132	gdwfpcd         (a59e3e53fa5ba6355a300b31782d2e34) C:\Windows\system32\drivers\gdwfpcd64.sys
17:44:10.0777 4132	gdwfpcd - ok
17:44:10.0839 4132	GearAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\drivers\GEARAspiWDM.sys
17:44:10.0839 4132	GearAspiWDM - ok
17:44:10.0886 4132	gpsvc           (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
17:44:10.0902 4132	gpsvc - ok
17:44:10.0917 4132	GRD             (18281d981f422e61aeb5a6fdac577401) C:\Windows\system32\drivers\GRD.sys
17:44:10.0917 4132	GRD - ok
17:44:11.0027 4132	gupdate         (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:44:11.0027 4132	gupdate - ok
17:44:11.0042 4132	gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:44:11.0042 4132	gupdatem - ok
17:44:11.0167 4132	HauppaugeTVServer (6b1768972fb81d31de294ed8827dc6f7) C:\INSTAL~1\HAUPPA~1\WinTV\TVServer\HAUPPA~1.EXE
17:44:11.0183 4132	HauppaugeTVServer - ok
17:44:11.0229 4132	hcw17bda        (edab8aa9f2b68e52ad0ff26dc7ff8448) C:\Windows\system32\drivers\hcw17bda.sys
17:44:11.0229 4132	hcw17bda - ok
17:44:11.0261 4132	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:44:11.0261 4132	hcw85cir - ok
17:44:11.0307 4132	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
17:44:11.0307 4132	HdAudAddService - ok
17:44:11.0323 4132	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:44:11.0323 4132	HDAudBus - ok
17:44:11.0339 4132	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
17:44:11.0354 4132	HidBatt - ok
17:44:11.0370 4132	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
17:44:11.0370 4132	HidBth - ok
17:44:11.0385 4132	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
17:44:11.0385 4132	HidIr - ok
17:44:11.0401 4132	hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
17:44:11.0401 4132	hidserv - ok
17:44:11.0448 4132	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
17:44:11.0448 4132	HidUsb - ok
17:44:11.0495 4132	hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
17:44:11.0495 4132	hkmsvc - ok
17:44:11.0526 4132	HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
17:44:11.0541 4132	HomeGroupListener - ok
17:44:11.0573 4132	HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
17:44:11.0573 4132	HomeGroupProvider - ok
17:44:11.0635 4132	HookCentre      (3bcb98418bf3cffb152109d3b10b1c85) C:\Windows\system32\drivers\HookCentre.sys
17:44:11.0635 4132	HookCentre - ok
17:44:11.0666 4132	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:44:11.0666 4132	HpSAMD - ok
17:44:11.0697 4132	HTCAND64        (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys
17:44:11.0697 4132	HTCAND64 - ok
17:44:11.0744 4132	htcnprot        (b8b1b284362e1d8135112573395d5da5) C:\Windows\system32\DRIVERS\htcnprot.sys
17:44:11.0744 4132	htcnprot - ok
17:44:11.0822 4132	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:44:11.0822 4132	HTTP - ok
17:44:11.0853 4132	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:44:11.0853 4132	hwpolicy - ok
17:44:11.0885 4132	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
17:44:11.0885 4132	i8042prt - ok
17:44:11.0916 4132	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:44:11.0931 4132	iaStorV - ok
17:44:12.0009 4132	idsvc           (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:44:12.0025 4132	idsvc - ok
17:44:12.0087 4132	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
17:44:12.0087 4132	iirsp - ok
17:44:12.0134 4132	IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
17:44:12.0134 4132	IKEEXT - ok
17:44:12.0165 4132	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:44:12.0165 4132	intelide - ok
17:44:12.0181 4132	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:44:12.0181 4132	intelppm - ok
17:44:12.0212 4132	IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
17:44:12.0212 4132	IPBusEnum - ok
17:44:12.0243 4132	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:44:12.0243 4132	IpFilterDriver - ok
17:44:12.0306 4132	iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
17:44:12.0306 4132	iphlpsvc - ok
17:44:12.0321 4132	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:44:12.0321 4132	IPMIDRV - ok
17:44:12.0337 4132	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:44:12.0337 4132	IPNAT - ok
17:44:12.0727 4132	iPod Service    (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
17:44:12.0727 4132	iPod Service - ok
17:44:12.0758 4132	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:44:12.0758 4132	IRENUM - ok
17:44:12.0805 4132	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:44:12.0805 4132	isapnp - ok
17:44:12.0836 4132	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:44:12.0852 4132	iScsiPrt - ok
17:44:12.0867 4132	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
17:44:12.0867 4132	kbdclass - ok
17:44:12.0899 4132	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
17:44:12.0899 4132	kbdhid - ok
17:44:12.0914 4132	KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:44:12.0914 4132	KeyIso - ok
17:44:13.0023 4132	ksaud           (e5e6ed52e30e1dfc05ccf83286faa1ad) C:\Windows\system32\drivers\ksaud.sys
17:44:13.0086 4132	ksaud - ok
17:44:13.0164 4132	KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
17:44:13.0164 4132	KSecDD - ok
17:44:13.0179 4132	KSecPkg         (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
17:44:13.0179 4132	KSecPkg - ok
17:44:13.0195 4132	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:44:13.0195 4132	ksthunk - ok
17:44:13.0242 4132	KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
17:44:13.0242 4132	KtmRm - ok
17:44:13.0273 4132	L1C             (2377ec4cc3e356655b996f39b43486b6) C:\Windows\system32\DRIVERS\L1C62x64.sys
17:44:13.0273 4132	L1C - ok
17:44:13.0320 4132	LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
17:44:13.0335 4132	LanmanServer - ok
17:44:13.0367 4132	LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
17:44:13.0367 4132	LanmanWorkstation - ok
17:44:13.0429 4132	LgBttPort       (174803f2eea3b22165dfe0e5a1f20685) C:\Windows\system32\DRIVERS\lgbtpt64.sys
17:44:13.0429 4132	LgBttPort - ok
17:44:13.0460 4132	lgbusenum       (565f93bb7c0361e61b3daea670c354d6) C:\Windows\system32\DRIVERS\lgbtbs64.sys
17:44:13.0460 4132	lgbusenum - ok
17:44:13.0476 4132	LGVMODEM        (abf477857b7ced873362ec92c6ce10a7) C:\Windows\system32\DRIVERS\lgvmdm64.sys
17:44:13.0476 4132	LGVMODEM - ok
17:44:13.0538 4132	lirsgt          (156ab2e56dc3ca0b582e3362e07cded7) C:\Windows\system32\DRIVERS\lirsgt.sys
17:44:13.0538 4132	lirsgt - ok
17:44:13.0585 4132	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:44:13.0585 4132	lltdio - ok
17:44:13.0632 4132	lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
17:44:13.0632 4132	lltdsvc - ok
17:44:13.0663 4132	lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
17:44:13.0663 4132	lmhosts - ok
17:44:13.0710 4132	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
17:44:13.0710 4132	LSI_FC - ok
17:44:13.0725 4132	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
17:44:13.0725 4132	LSI_SAS - ok
17:44:13.0741 4132	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:44:13.0741 4132	LSI_SAS2 - ok
17:44:13.0757 4132	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:44:13.0757 4132	LSI_SCSI - ok
17:44:13.0788 4132	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:44:13.0803 4132	luafv - ok
17:44:13.0944 4132	MBAMProtector   (9c4fb231b6e02f84580de2f00f3c5293) C:\Windows\system32\drivers\mbam.sys
17:44:13.0944 4132	MBAMProtector - ok
17:44:14.0583 4132	MBAMService     (37036c07983ef1024b2ff3c28aae5700) C:\Installierte Programme\Malwarebytes' Anti-Malware\mbamservice.exe
17:44:14.0583 4132	MBAMService - ok
17:44:14.0927 4132	Mcx2Svc         (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
17:44:15.0005 4132	Mcx2Svc - ok
17:44:15.0176 4132	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
17:44:15.0207 4132	megasas - ok
17:44:15.0582 4132	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
17:44:15.0597 4132	MegaSR - ok
17:44:15.0691 4132	Microsoft SharePoint Workspace Audit Service - ok
17:44:15.0722 4132	MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:44:15.0722 4132	MMCSS - ok
17:44:15.0738 4132	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:44:15.0738 4132	Modem - ok
17:44:15.0769 4132	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:44:15.0769 4132	monitor - ok
17:44:15.0800 4132	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:44:15.0816 4132	mouclass - ok
17:44:15.0816 4132	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:44:15.0831 4132	mouhid - ok
17:44:15.0863 4132	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:44:15.0863 4132	mountmgr - ok
17:44:15.0925 4132	MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:44:15.0941 4132	MozillaMaintenance - ok
17:44:15.0972 4132	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:44:15.0972 4132	mpio - ok
17:44:15.0987 4132	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:44:15.0987 4132	mpsdrv - ok
17:44:16.0050 4132	MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
17:44:16.0065 4132	MpsSvc - ok
17:44:16.0112 4132	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:44:16.0112 4132	MRxDAV - ok
17:44:16.0159 4132	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:44:16.0159 4132	mrxsmb - ok
17:44:16.0206 4132	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:44:16.0206 4132	mrxsmb10 - ok
17:44:16.0221 4132	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:44:16.0221 4132	mrxsmb20 - ok
17:44:16.0237 4132	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:44:16.0237 4132	msahci - ok
17:44:16.0315 4132	MSCamSvc        (ab94aa7a8c00ad8d9ed6c9b8261b0c1e) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
17:44:16.0315 4132	MSCamSvc - ok
17:44:16.0346 4132	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:44:16.0362 4132	msdsm - ok
17:44:16.0377 4132	MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
17:44:16.0377 4132	MSDTC - ok
17:44:16.0393 4132	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:44:16.0393 4132	Msfs - ok
17:44:16.0409 4132	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:44:16.0409 4132	mshidkmdf - ok
17:44:16.0440 4132	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:44:16.0440 4132	msisadrv - ok
17:44:16.0471 4132	MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
17:44:16.0487 4132	MSiSCSI - ok
17:44:16.0487 4132	msiserver - ok
17:44:16.0518 4132	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:44:16.0518 4132	MSKSSRV - ok
17:44:16.0533 4132	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:44:16.0533 4132	MSPCLOCK - ok
17:44:16.0549 4132	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:44:16.0549 4132	MSPQM - ok
17:44:16.0596 4132	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:44:16.0611 4132	MsRPC - ok
17:44:16.0627 4132	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
17:44:16.0627 4132	mssmbios - ok
17:44:16.0643 4132	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:44:16.0643 4132	MSTEE - ok
17:44:16.0658 4132	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
17:44:16.0658 4132	MTConfig - ok
17:44:16.0689 4132	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:44:16.0689 4132	Mup - ok
17:44:16.0736 4132	napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
17:44:16.0736 4132	napagent - ok
17:44:16.0783 4132	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:44:16.0799 4132	NativeWifiP - ok
17:44:16.0845 4132	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
17:44:16.0845 4132	NDIS - ok
17:44:16.0861 4132	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:44:16.0861 4132	NdisCap - ok
17:44:16.0892 4132	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:44:16.0892 4132	NdisTapi - ok
17:44:16.0939 4132	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:44:16.0939 4132	Ndisuio - ok
17:44:16.0970 4132	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:44:16.0970 4132	NdisWan - ok
17:44:17.0017 4132	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:44:17.0017 4132	NDProxy - ok
17:44:17.0033 4132	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:44:17.0033 4132	NetBIOS - ok
17:44:17.0079 4132	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:44:17.0079 4132	NetBT - ok
17:44:17.0111 4132	Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:44:17.0111 4132	Netlogon - ok
17:44:17.0173 4132	Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
17:44:17.0173 4132	Netman - ok
17:44:17.0204 4132	netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
17:44:17.0204 4132	netprofm - ok
17:44:17.0251 4132	NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:44:17.0251 4132	NetTcpPortSharing - ok
17:44:17.0267 4132	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
17:44:17.0282 4132	nfrd960 - ok
17:44:17.0407 4132	NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
17:44:17.0407 4132	NlaSvc - ok
17:44:17.0469 4132	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:44:17.0469 4132	Npfs - ok
17:44:17.0501 4132	nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
17:44:17.0501 4132	nsi - ok
17:44:17.0501 4132	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:44:17.0501 4132	nsiproxy - ok
17:44:17.0781 4132	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:44:17.0797 4132	Ntfs - ok
17:44:17.0875 4132	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:44:17.0875 4132	Null - ok
17:44:18.0483 4132	nvlddmkm        (ba0b4889c40380a01ecdf84c227a89c9) C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:44:18.0593 4132	nvlddmkm - ok
17:44:18.0686 4132	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:44:18.0686 4132	nvraid - ok
17:44:18.0717 4132	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:44:18.0733 4132	nvstor - ok
17:44:18.0811 4132	nvsvc           (06633cf95bea62164c3bfca24bce6b11) C:\Windows\system32\nvvsvc.exe
17:44:18.0827 4132	nvsvc - ok
17:44:18.0951 4132	nvUpdatusService (53b629ce436b110c5689c2f6439e567b) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:44:18.0951 4132	nvUpdatusService - ok
17:44:18.0998 4132	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:44:18.0998 4132	nv_agp - ok
17:44:19.0045 4132	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:44:19.0045 4132	ohci1394 - ok
17:44:19.0107 4132	ose             (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:44:19.0107 4132	ose - ok
17:44:19.0388 4132	osppsvc         (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:44:19.0419 4132	osppsvc - ok
17:44:19.0482 4132	p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:44:19.0482 4132	p2pimsvc - ok
17:44:19.0513 4132	p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
17:44:19.0529 4132	p2psvc - ok
17:44:19.0560 4132	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
17:44:19.0575 4132	Parport - ok
17:44:19.0607 4132	partmgr         (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
17:44:19.0607 4132	partmgr - ok
17:44:19.0700 4132	PassThru Service (39b9dcd7040654c2e57d7396736c718e) C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
17:44:19.0700 4132	PassThru Service - ok
17:44:19.0716 4132	PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
17:44:19.0731 4132	PcaSvc - ok
17:44:19.0841 4132	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:44:19.0841 4132	pci - ok
17:44:19.0872 4132	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:44:19.0872 4132	pciide - ok
17:44:20.0012 4132	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
17:44:20.0028 4132	pcmcia - ok
17:44:20.0043 4132	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:44:20.0043 4132	pcw - ok
17:44:20.0075 4132	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:44:20.0090 4132	PEAUTH - ok
17:44:20.0199 4132	PeerDistSvc     (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
17:44:20.0199 4132	PeerDistSvc - ok
17:44:20.0262 4132	PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
17:44:20.0262 4132	PerfHost - ok
17:44:20.0387 4132	pla             (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
17:44:20.0402 4132	pla - ok
17:44:20.0465 4132	PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
17:44:20.0465 4132	PlugPlay - ok
17:44:20.0480 4132	PnkBstrA - ok
17:44:20.0496 4132	PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
17:44:20.0496 4132	PNRPAutoReg - ok
17:44:20.0511 4132	PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:44:20.0527 4132	PNRPsvc - ok
17:44:20.0574 4132	PolicyAgent     (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
17:44:20.0574 4132	PolicyAgent - ok
17:44:20.0605 4132	Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
17:44:20.0605 4132	Power - ok
17:44:20.0683 4132	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:44:20.0683 4132	PptpMiniport - ok
17:44:20.0699 4132	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
17:44:20.0699 4132	Processor - ok
17:44:20.0745 4132	ProfSvc         (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
17:44:20.0745 4132	ProfSvc - ok
17:44:20.0777 4132	ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:44:20.0777 4132	ProtectedStorage - ok
17:44:20.0808 4132	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:44:20.0808 4132	Psched - ok
17:44:20.0855 4132	PStrip64        (23eed24b0a780863df35b500c4ea0733) C:\Windows\system32\drivers\pstrip64.sys
17:44:20.0855 4132	PStrip64 - ok
17:44:20.0917 4132	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
17:44:20.0964 4132	ql2300 - ok
17:44:21.0026 4132	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
17:44:21.0042 4132	ql40xx - ok
17:44:21.0073 4132	QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
17:44:21.0073 4132	QWAVE - ok
17:44:21.0089 4132	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:44:21.0089 4132	QWAVEdrv - ok
17:44:21.0104 4132	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:44:21.0104 4132	RasAcd - ok
17:44:21.0120 4132	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:44:21.0120 4132	RasAgileVpn - ok
17:44:21.0135 4132	RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
17:44:21.0135 4132	RasAuto - ok
17:44:21.0182 4132	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:44:21.0182 4132	Rasl2tp - ok
17:44:21.0245 4132	RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
17:44:21.0245 4132	RasMan - ok
17:44:21.0260 4132	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:44:21.0260 4132	RasPppoe - ok
17:44:21.0276 4132	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:44:21.0276 4132	RasSstp - ok
17:44:21.0323 4132	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:44:21.0323 4132	rdbss - ok
17:44:21.0323 4132	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
17:44:21.0323 4132	rdpbus - ok
17:44:21.0338 4132	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:44:21.0338 4132	RDPCDD - ok
17:44:21.0369 4132	RDPDR           (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
17:44:21.0369 4132	RDPDR - ok
17:44:21.0385 4132	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:44:21.0401 4132	RDPENCDD - ok
17:44:21.0401 4132	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:44:21.0401 4132	RDPREFMP - ok
17:44:21.0494 4132	RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
17:44:21.0510 4132	RdpVideoMiniport - ok
17:44:21.0557 4132	RDPWD           (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
17:44:21.0557 4132	RDPWD - ok
17:44:21.0603 4132	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:44:21.0619 4132	rdyboost - ok
17:44:21.0635 4132	RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
17:44:21.0635 4132	RemoteAccess - ok
17:44:21.0666 4132	RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
17:44:21.0666 4132	RemoteRegistry - ok
17:44:21.0681 4132	RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
17:44:21.0681 4132	RpcEptMapper - ok
17:44:21.0697 4132	RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
17:44:21.0697 4132	RpcLocator - ok
17:44:21.0744 4132	RpcSs           (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:44:21.0759 4132	RpcSs - ok
17:44:21.0791 4132	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:44:21.0791 4132	rspndr - ok
17:44:21.0822 4132	s3cap           (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
17:44:21.0822 4132	s3cap - ok
17:44:21.0853 4132	SamSs           (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:44:21.0853 4132	SamSs - ok
17:44:21.0884 4132	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:44:21.0900 4132	sbp2port - ok
17:44:21.0915 4132	SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
17:44:21.0915 4132	SCardSvr - ok
17:44:21.0947 4132	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:44:21.0947 4132	scfilter - ok
17:44:22.0025 4132	Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
17:44:22.0025 4132	Schedule - ok
17:44:22.0103 4132	SCPolicySvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:44:22.0103 4132	SCPolicySvc - ok
17:44:22.0196 4132	SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
17:44:22.0196 4132	SDRSVC - ok
17:44:22.0227 4132	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:44:22.0227 4132	secdrv - ok
17:44:22.0259 4132	seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
17:44:22.0259 4132	seclogon - ok
17:44:22.0290 4132	SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
17:44:22.0290 4132	SENS - ok
17:44:22.0305 4132	SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
17:44:22.0305 4132	SensrSvc - ok
17:44:22.0321 4132	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
17:44:22.0321 4132	Serenum - ok
17:44:22.0337 4132	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
17:44:22.0337 4132	Serial - ok
17:44:22.0383 4132	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
17:44:22.0383 4132	sermouse - ok
17:44:22.0415 4132	SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
17:44:22.0430 4132	SessionEnv - ok
17:44:22.0446 4132	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:44:22.0461 4132	sffdisk - ok
17:44:22.0461 4132	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:44:22.0461 4132	sffp_mmc - ok
17:44:22.0461 4132	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:44:22.0461 4132	sffp_sd - ok
17:44:22.0477 4132	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
17:44:22.0477 4132	sfloppy - ok
17:44:22.0524 4132	SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
17:44:22.0524 4132	SharedAccess - ok
17:44:22.0571 4132	ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
17:44:22.0586 4132	ShellHWDetection - ok
17:44:22.0602 4132	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:44:22.0602 4132	SiSRaid2 - ok
17:44:22.0617 4132	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
17:44:22.0617 4132	SiSRaid4 - ok
17:44:22.0649 4132	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:44:22.0649 4132	Smb - ok
17:44:22.0664 4132	SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
17:44:22.0664 4132	SNMPTRAP - ok
17:44:22.0680 4132	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:44:22.0680 4132	spldr - ok
17:44:22.0742 4132	Spooler         (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
17:44:22.0742 4132	Spooler - ok
17:44:22.0945 4132	sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
17:44:22.0961 4132	sppsvc - ok
17:44:23.0023 4132	sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
17:44:23.0023 4132	sppuinotify - ok
17:44:23.0132 4132	sptd            (602884696850c86434530790b110e8eb) C:\Windows\System32\Drivers\sptd.sys
17:44:23.0148 4132	sptd - ok
17:44:23.0210 4132	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:44:23.0210 4132	srv - ok
17:44:23.0241 4132	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:44:23.0257 4132	srv2 - ok
17:44:23.0288 4132	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:44:23.0288 4132	srvnet - ok
17:44:23.0319 4132	SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
17:44:23.0319 4132	SSDPSRV - ok
17:44:23.0351 4132	SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
17:44:23.0351 4132	SstpSvc - ok
17:44:23.0397 4132	Steam Client Service - ok
17:44:23.0507 4132	Stereo Service  (c354621b6b94e10ae7f5cdbe745feb86) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:44:23.0507 4132	Stereo Service - ok
17:44:23.0538 4132	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
17:44:23.0538 4132	stexstor - ok
17:44:23.0585 4132	stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
17:44:23.0600 4132	stisvc - ok
17:44:23.0647 4132	storflt         (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
17:44:23.0647 4132	storflt - ok
17:44:23.0663 4132	storvsc         (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
17:44:23.0663 4132	storvsc - ok
17:44:23.0678 4132	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
17:44:23.0678 4132	swenum - ok
17:44:23.0709 4132	swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
17:44:23.0741 4132	swprv - ok
17:44:23.0772 4132	Synth3dVsc - ok
17:44:23.0865 4132	SysMain         (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
17:44:23.0881 4132	SysMain - ok
17:44:23.0959 4132	TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
17:44:23.0959 4132	TabletInputService - ok
17:44:24.0006 4132	TapiSrv         (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
17:44:24.0006 4132	TapiSrv - ok
17:44:24.0021 4132	TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
17:44:24.0037 4132	TBS - ok
17:44:24.0131 4132	Tcpip           (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
17:44:24.0162 4132	Tcpip - ok
17:44:24.0365 4132	TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
17:44:24.0380 4132	TCPIP6 - ok
17:44:24.0427 4132	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:44:24.0427 4132	tcpipreg - ok
17:44:24.0443 4132	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:44:24.0458 4132	TDPIPE - ok
17:44:24.0474 4132	TDTCP           (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
17:44:24.0489 4132	TDTCP - ok
17:44:24.0521 4132	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:44:24.0521 4132	tdx - ok
17:44:24.0567 4132	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
17:44:24.0567 4132	TermDD - ok
17:44:24.0630 4132	TermService     (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
17:44:24.0661 4132	TermService - ok
17:44:24.0692 4132	Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
17:44:24.0692 4132	Themes - ok
17:44:24.0708 4132	THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:44:24.0708 4132	THREADORDER - ok
17:44:24.0723 4132	TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
17:44:24.0739 4132	TrkWks - ok
17:44:24.0786 4132	TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
17:44:24.0786 4132	TrustedInstaller - ok
17:44:24.0817 4132	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:44:24.0817 4132	tssecsrv - ok
17:44:24.0848 4132	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:44:24.0848 4132	TsUsbFlt - ok
17:44:24.0864 4132	tsusbhub - ok
17:44:24.0911 4132	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:44:24.0911 4132	tunnel - ok
17:44:25.0035 4132	tvnserver       (aaf458cc200326bef602b5339400bf86) C:\Program Files (x86)\TightVNC\tvnserver.exe
17:44:25.0035 4132	tvnserver - ok
17:44:25.0051 4132	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
17:44:25.0051 4132	uagp35 - ok
17:44:25.0098 4132	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:44:25.0098 4132	udfs - ok
17:44:25.0113 4132	UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
17:44:25.0113 4132	UI0Detect - ok
17:44:25.0145 4132	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:44:25.0145 4132	uliagpkx - ok
17:44:25.0160 4132	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
17:44:25.0160 4132	umbus - ok
17:44:25.0191 4132	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
17:44:25.0207 4132	UmPass - ok
17:44:25.0238 4132	UmRdpService    (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
17:44:25.0238 4132	UmRdpService - ok
17:44:25.0269 4132	upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
17:44:25.0269 4132	upnphost - ok
17:44:25.0316 4132	USBAAPL64       (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
17:44:25.0316 4132	USBAAPL64 - ok
17:44:25.0347 4132	usbaudio        (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
17:44:25.0347 4132	usbaudio - ok
17:44:25.0394 4132	usbbus          (c73cb90e6a2ff90fd02451a8dfc6af8a) C:\Windows\system32\DRIVERS\lgx64bus.sys
17:44:25.0394 4132	usbbus - ok
17:44:25.0425 4132	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
17:44:25.0425 4132	usbccgp - ok
17:44:25.0457 4132	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:44:25.0457 4132	usbcir - ok
17:44:25.0472 4132	UsbDiag         (856ce1f23785369bb5a2de0aedad0aa7) C:\Windows\system32\DRIVERS\lgx64diag.sys
17:44:25.0488 4132	UsbDiag - ok
17:44:25.0519 4132	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
17:44:25.0519 4132	usbehci - ok
17:44:25.0581 4132	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
17:44:25.0581 4132	usbhub - ok
17:44:25.0597 4132	USBModem        (f81055629778d33c9317b32e4d2b58db) C:\Windows\system32\DRIVERS\lgx64modem.sys
17:44:25.0613 4132	USBModem - ok
17:44:25.0628 4132	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
17:44:25.0628 4132	usbohci - ok
17:44:25.0644 4132	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:44:25.0644 4132	usbprint - ok
17:44:25.0675 4132	usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
17:44:25.0675 4132	usbscan - ok
17:44:25.0691 4132	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:44:25.0691 4132	USBSTOR - ok
17:44:25.0722 4132	usbuhci         (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
17:44:25.0722 4132	usbuhci - ok
17:44:25.0737 4132	UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
17:44:25.0737 4132	UxSms - ok
17:44:25.0769 4132	VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:44:25.0769 4132	VaultSvc - ok
17:44:25.0800 4132	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:44:25.0815 4132	vdrvroot - ok
17:44:25.0862 4132	vds             (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
17:44:25.0893 4132	vds - ok
17:44:25.0925 4132	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:44:25.0925 4132	vga - ok
17:44:25.0925 4132	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:44:25.0925 4132	VgaSave - ok
17:44:25.0940 4132	VGPU - ok
17:44:25.0987 4132	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:44:25.0987 4132	vhdmp - ok
17:44:26.0112 4132	VIAHdAudAddService (f41d49d99a12057841547ff4224fb580) C:\Windows\system32\drivers\viahduaa.sys
17:44:26.0127 4132	VIAHdAudAddService - ok
17:44:26.0205 4132	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:44:26.0205 4132	viaide - ok
17:44:26.0221 4132	VIAKaraokeService (d60ed94ba878fee30810fc17a798c290) C:\Windows\system32\viakaraokesrv.exe
17:44:26.0221 4132	VIAKaraokeService - ok
17:44:26.0237 4132	vmbus           (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
17:44:26.0237 4132	vmbus - ok
17:44:26.0252 4132	VMBusHID        (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
17:44:26.0252 4132	VMBusHID - ok
17:44:26.0268 4132	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:44:26.0268 4132	volmgr - ok
17:44:26.0315 4132	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:44:26.0315 4132	volmgrx - ok
17:44:26.0439 4132	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:44:26.0455 4132	volsnap - ok
17:44:26.0627 4132	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
17:44:26.0642 4132	vsmraid - ok
17:44:26.0845 4132	VSS             (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
17:44:26.0876 4132	VSS - ok
17:44:26.0970 4132	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:44:26.0970 4132	vwifibus - ok
17:44:26.0970 4132	vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:44:26.0970 4132	vwififlt - ok
17:44:27.0095 4132	VX1000          (ce6c085771812d5ee863cc7ef93caef2) C:\Windows\system32\DRIVERS\VX1000.sys
17:44:27.0110 4132	VX1000 - ok
17:44:27.0173 4132	W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
17:44:27.0173 4132	W32Time - ok
17:44:27.0204 4132	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
17:44:27.0204 4132	WacomPen - ok
17:44:27.0251 4132	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:44:27.0251 4132	WANARP - ok
17:44:27.0266 4132	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:44:27.0266 4132	Wanarpv6 - ok
17:44:27.0344 4132	wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
17:44:27.0375 4132	wbengine - ok
17:44:27.0422 4132	WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
17:44:27.0422 4132	WbioSrvc - ok
17:44:27.0485 4132	wcncsvc         (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
17:44:27.0485 4132	wcncsvc - ok
17:44:27.0516 4132	WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
17:44:27.0516 4132	WcsPlugInService - ok
17:44:27.0531 4132	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
17:44:27.0531 4132	Wd - ok
17:44:27.0563 4132	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:44:27.0578 4132	Wdf01000 - ok
17:44:27.0594 4132	WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:44:27.0594 4132	WdiServiceHost - ok
17:44:27.0594 4132	WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:44:27.0594 4132	WdiSystemHost - ok
17:44:27.0641 4132	WebClient       (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
17:44:27.0641 4132	WebClient - ok
17:44:27.0672 4132	Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
17:44:27.0672 4132	Wecsvc - ok
17:44:27.0687 4132	wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
17:44:27.0687 4132	wercplsupport - ok
17:44:27.0703 4132	WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
17:44:27.0703 4132	WerSvc - ok
17:44:27.0734 4132	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:44:27.0734 4132	WfpLwf - ok
17:44:27.0750 4132	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:44:27.0750 4132	WIMMount - ok
17:44:27.0765 4132	WinDefend - ok
17:44:27.0765 4132	WinHttpAutoProxySvc - ok
17:44:27.0828 4132	Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
17:44:27.0828 4132	Winmgmt - ok
17:44:27.0937 4132	WinRM           (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
17:44:27.0984 4132	WinRM - ok
17:44:28.0093 4132	WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
17:44:28.0093 4132	WinUsb - ok
17:44:28.0155 4132	WLANBelkinService (0f695800783c3f9e577b94bf1e71d95a) C:\Installierte Programme\Belkin\wlansrv.exe
17:44:28.0155 4132	WLANBelkinService - ok
17:44:28.0218 4132	Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
17:44:28.0218 4132	Wlansvc - ok
17:44:28.0405 4132	wlidsvc         (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:44:28.0405 4132	wlidsvc - ok
17:44:28.0483 4132	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
17:44:28.0483 4132	WmiAcpi - ok
17:44:28.0530 4132	wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
17:44:28.0530 4132	wmiApSrv - ok
17:44:28.0561 4132	WMPNetworkSvc - ok
17:44:28.0577 4132	WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
17:44:28.0577 4132	WPCSvc - ok
17:44:28.0608 4132	WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
17:44:28.0623 4132	WPDBusEnum - ok
17:44:28.0639 4132	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:44:28.0639 4132	ws2ifsl - ok
17:44:28.0655 4132	wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
17:44:28.0655 4132	wscsvc - ok
17:44:28.0686 4132	WSDPrintDevice  (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
17:44:28.0686 4132	WSDPrintDevice - ok
17:44:28.0717 4132	WSDScan         (4a2a5c50dd1a63577d3aca94269fbc7f) C:\Windows\system32\DRIVERS\WSDScan.sys
17:44:28.0717 4132	WSDScan - ok
17:44:28.0717 4132	WSearch - ok
17:44:28.0982 4132	wuauserv        (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
17:44:28.0998 4132	wuauserv - ok
17:44:29.0091 4132	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:44:29.0091 4132	WudfPf - ok
17:44:29.0123 4132	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:44:29.0138 4132	WUDFRd - ok
17:44:29.0169 4132	wudfsvc         (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
17:44:29.0169 4132	wudfsvc - ok
17:44:29.0185 4132	WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
17:44:29.0201 4132	WwanSvc - ok
17:44:29.0216 4132	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
17:44:29.0419 4132	\Device\Harddisk0\DR0 - ok
17:44:29.0419 4132	Boot (0x1200)   (47e067664aeb9f296da4b17d69ff7b1e) \Device\Harddisk0\DR0\Partition0
17:44:29.0419 4132	\Device\Harddisk0\DR0\Partition0 - ok
17:44:29.0450 4132	Boot (0x1200)   (ab16179d0ed382f9d0aca5d24cfebf8d) \Device\Harddisk0\DR0\Partition1
17:44:29.0450 4132	\Device\Harddisk0\DR0\Partition1 - ok
17:44:29.0450 4132	============================================================
17:44:29.0450 4132	Scan finished
17:44:29.0450 4132	============================================================
17:44:29.0466 3604	Detected object count: 0
17:44:29.0466 3604	Actual detected object count: 0
17:44:54.0719 3464	Deinitialize success

und

Code:

ATTFilter

17:42:19.0337 3192	TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
17:42:21.0350 3192	============================================================
17:42:21.0350 3192	Current date / time: 2012/06/21 17:42:21.0350
17:42:21.0350 3192	SystemInfo:
17:42:21.0350 3192	
17:42:21.0350 3192	OS Version: 6.1.7601 ServicePack: 1.0
17:42:21.0350 3192	Product type: Workstation
17:42:21.0350 3192	ComputerName: DEIM-PC
17:42:21.0350 3192	UserName: Gerrit
17:42:21.0350 3192	Windows directory: C:\Windows
17:42:21.0350 3192	System windows directory: C:\Windows
17:42:21.0350 3192	Running under WOW64
17:42:21.0350 3192	Processor architecture: Intel x64
17:42:21.0350 3192	Number of processors: 4
17:42:21.0350 3192	Page size: 0x1000
17:42:21.0350 3192	Boot type: Normal boot
17:42:21.0350 3192	============================================================
17:42:25.0390 3192	Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:42:25.0390 3192	============================================================
17:42:25.0390 3192	\Device\Harddisk0\DR0:
17:42:25.0390 3192	MBR partitions:
17:42:25.0390 3192	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:42:25.0390 3192	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
17:42:25.0390 3192	============================================================
17:42:25.0437 3192	C: <-> \Device\Harddisk0\DR0\Partition1
17:42:25.0437 3192	============================================================
17:42:25.0437 3192	Initialize success
17:42:25.0437 3192	============================================================
17:43:38.0611 5836	Deinitialize success

ckscan:

Code:

ATTFilter

CKScanner - Additional Security Risks - These are not necessarily bad
c:\installierte programme\gimp\share\gimp\2.0\patterns\cracked.pat
c:\installierte programme\jdownloader\jd\plugins\hoster\crackedcom.class
c:\installierte programme\steam\steamapps\common\audiosurf\engine\crypt.dll
c:\installierte programme\steam\steamapps\common\audiosurf\engine\channels\crypt.dll
c:\users\***\desktop\challenger4life\cracker\flax-chili.docx
c:\users\***\desktop\challenger4life\cracker\noch im test\400 g leinsamen.docx
c:\users\***\desktop\challenger4life\cracker\noch im test\challenge.docx
c:\users\***\desktop\challenger4life\rezepte_update_01\challenge-chili-cracker.docx
c:\users\***\desktop\challenger_rezepte\challenger_rezepte(1)\cracker\flax-chili.docx
c:\users\***\desktop\challenger_rezepte\challenger_rezepte(1)\cracker\noch im test\400 g leinsamen.docx
c:\users\***\desktop\challenger_rezepte\challenger_rezepte(1)\cracker\noch im test\challenge.docx
c:\users\***\desktop\challenger_rezepte\cracker\flax-chili.docx
c:\users\***\desktop\challenger_rezepte\cracker\noch im test\400 g leinsamen.docx
c:\users\***\desktop\challenger_rezepte\cracker\noch im test\challenge.docx
c:\users\***\desktop\challenger_rezepte\rezepte_update_01\challenge-chili-cracker.docx
scanner sequence 3.DK.11.PLLBHV
 ----- EOF -----

und

OTL gibt auch einen Fehler a ´la "List index out of bound" aus. Leider vergessen einen Screen zu erstellen :-/

Code:

ATTFilter

OTL logfile created on: 21.06.2012 18:06:24 - Run 3
OTL by OldTimer - Version 3.2.49.0     Folder = C:\Users\***\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,09 Gb Available Physical Memory | 52,14% Memory free
8,00 Gb Paging File | 5,72 Gb Available in Paging File | 71,48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 106,05 Gb Free Space | 22,77% Space Free | Partition Type: NTFS
 
Computer Name: DEIM-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\TotalCare\Firewall\GDFirewallTray.exe (G Data Software AG)
PRC - C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe (G Data Software AG)
PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
PRC - C:\Program Files (x86)\TightVNC\tvnserver.exe (GlavSoft LLC.)
PRC - C:\Installierte Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\G Data\TotalCare\AVKTray\AVKTray.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\TotalCare\AVK\AVKService.exe (G Data Software AG)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Installierte Programme\EVEREST Ultimate Edition\everest.exe (Lavalys, Inc.)
PRC - C:\Installierte Programme\Creative Sound\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\Installierte Programme\StrokeIT\strokeit.exe ()
PRC - C:\Installierte Programme\Belkin\wlansrv.exe ()
PRC - C:\Installierte Programme\Belkin\PBN.exe ()
PRC - C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()
MOD - C:\Windows\SysWOW64\APOMngr.DLL ()
MOD - C:\Installierte Programme\StrokeIT\Plugins\exec.dll ()
MOD - C:\Installierte Programme\StrokeIT\Plugins\msg.dll ()
MOD - C:\Installierte Programme\StrokeIT\Plugins\OSD.dll ()
MOD - C:\Installierte Programme\StrokeIT\Plugins\keys.dll ()
MOD - C:\Installierte Programme\StrokeIT\Plugins\win.dll ()
MOD - C:\Installierte Programme\StrokeIT\Plugins\utilities.dll ()
MOD - C:\Installierte Programme\StrokeIT\Plugins\multimon.dll ()
MOD - C:\Installierte Programme\StrokeIT\Plugins\siControl.dll ()
MOD - C:\Installierte Programme\StrokeIT\strokeit.exe ()
MOD - C:\Installierte Programme\StrokeIT\mhook.dll ()
MOD - C:\Windows\SysWOW64\CmdRtr.DLL ()
MOD - C:\Installierte Programme\Belkin\PBN.exe ()
MOD - C:\Installierte Programme\Belkin\BelkinwcuiDLL.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (VIAKaraokeService) -- C:\Windows\SysNative\ViakaraokeSrv.exe (VIA Technologies, Inc.)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (GDBackupSvc) -- C:\Program Files (x86)\G Data\TotalCare\AVKBackup\AVKBackupService.exe (G Data Software AG)
SRV - (AVKProxy) -- C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe (G Data Software AG)
SRV - (GDScan) -- C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe (G Data Software AG)
SRV - (AVKWCtl) -- C:\Program Files (x86)\G Data\TotalCare\AVK\AVKWCtlX64.exe (G Data Software AG)
SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (GDFwSvc) -- C:\Program Files (x86)\G Data\TotalCare\Firewall\GDFwSvcx64.exe (G Data Software AG)
SRV - (tvnserver) -- C:\Program Files (x86)\TightVNC\tvnserver.exe (GlavSoft LLC.)
SRV - (MBAMService) -- C:\Installierte Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (GDTunerSvc) -- C:\Program Files (x86)\G Data\TotalCare\AVKTuner\AVKTunerService.exe (G Data Software AG)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (AVKService) -- C:\Program Files (x86)\G Data\TotalCare\AVK\AVKService.exe (G Data Software AG)
SRV - (Creative ALchemy AL6 Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (MSCamSvc) -- C:\Programme\Microsoft LifeCam\MSCamS64.exe (Microsoft Corporation)
SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (WLANBelkinService) -- C:\Installierte Programme\Belkin\wlansrv.exe ()
SRV - (HauppaugeTVServer) -- C:\Installierte Programme\Hauppauge\WinTV\TVServer\HauppaugeTVServer.exe (Hauppauge Computer Works)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (AODDriver4.01) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys File not found
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (HookCentre) -- C:\Windows\SysNative\drivers\HookCentre.sys (G Data Software AG)
DRV:64bit: - (GDMnIcpt) -- C:\Windows\SysNative\drivers\MiniIcpt.sys (G Data Software AG)
DRV:64bit: - (gdwfpcd) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys (G Data Software AG)
DRV:64bit: - (GDBehave) -- C:\Windows\SysNative\drivers\GDBehave.sys (G Data Software AG)
DRV:64bit: - (GDPkIcpt) -- C:\Windows\SysNative\drivers\PktIcpt.sys (G Data Software AG)
DRV:64bit: - (GRD) -- C:\Windows\SysNative\drivers\GRD.sys (G Data Software)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AnyDVD) -- C:\Windows\SysNative\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV:64bit: - (GdNetMon) -- C:\Windows\SysNative\drivers\GdNetMon64.sys (G Data Software AG)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (AF9035BDA) -- C:\Windows\SysNative\drivers\AF15BDA.sys (ITETech                  )
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (ksaud) -- C:\Windows\SysNative\drivers\ksaud.sys (Creative Technology Ltd.)
DRV:64bit: - (htcnprot) -- C:\Windows\SysNative\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie64.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (VX1000) -- C:\Windows\SysNative\drivers\VX1000.sys (Microsoft Corporation)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (UsbDiag) -- C:\Windows\SysNative\drivers\lgx64diag.sys (LG Electronics Inc.)
DRV:64bit: - (USBModem) -- C:\Windows\SysNative\drivers\lgx64modem.sys (LG Electronics Inc.)
DRV:64bit: - (usbbus) -- C:\Windows\SysNative\drivers\lgx64bus.sys (LG Electronics Inc.)
DRV:64bit: - (BCMH43XX) -- C:\Windows\SysNative\drivers\bcmwlhigh664.sys (Broadcom Corporation)
DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV:64bit: - (LgBttPort) -- C:\Windows\SysNative\drivers\lgbtpt64.sys (LG Electronics Inc.)
DRV:64bit: - (LGVMODEM) -- C:\Windows\SysNative\drivers\lgvmdm64.sys (LG Electronics Inc.)
DRV:64bit: - (lgbusenum) -- C:\Windows\SysNative\drivers\lgbtbs64.sys (LG Electronics Inc.)
DRV:64bit: - (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (WSDScan) -- C:\Windows\SysNative\drivers\WSDScan.sys (Microsoft Corporation)
DRV:64bit: - (hcw17bda) -- C:\Windows\SysNative\drivers\hcw17bda.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GearAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (FlashUSB) -- C:\Windows\SysNative\drivers\FlashUSB_x64.sys (Danish Wireless Design A/S)
DRV:64bit: - (FWLANUSB) -- C:\Windows\SysNative\drivers\fwlanusb.sys (AVM GmbH)
DRV:64bit: - (avmeject) -- C:\Windows\SysNative\drivers\avmeject.sys (AVM Berlin)
DRV:64bit: - (PStrip64) -- C:\Windows\SysNative\drivers\pstrip64.sys ()
DRV - (AnyDVD) -- C:\Windows\SysWOW64\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (GRD) -- C:\Windows\SysWOW64\drivers\GRD.sys (G Data Software)
DRV - (EverestDriver) -- C:\Installierte Programme\EVEREST Ultimate Edition\kerneld.amd64 ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (FlashUSB) -- C:\Windows\SysWOW64\drivers\FlashUsb_x64.sys (Danish Wireless Design A/S)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2653012
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 20 CC AA 56 C6 AD CA 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {9DF2771F-8AF1-4CDE-8068-7B93E8C53E78}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{9DF2771F-8AF1-4CDE-8068-7B93E8C53E78}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2653012
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de"
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.0.2
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:21.1.10084.997
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..keyword.URL: "chrome://browser-region/locale/region.properties"
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Installierte Programme\Adobe Acrobat\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\***\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\***\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.10 21:17:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.06.10 21:17:25 | 000,000,000 | ---D | M]
 
[2010.01.15 01:22:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2012.06.19 11:36:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\4ozyzd4c.default\extensions
[2010.01.15 01:58:06 | 000,000,000 | ---D | M] (Dr.Web anti-virus link checker) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\4ozyzd4c.default\extensions\{6614d11d-d21d-b211-ae23-815234e1ebb5}(2)
[2010.01.15 01:58:06 | 000,000,000 | ---D | M] ("BetterPrivacy") -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\4ozyzd4c.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}(2)
[2012.05.17 22:32:29 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\4ozyzd4c.default\extensions\ich@maltegoetz.de
[2011.03.11 23:25:11 | 000,000,000 | ---D | M] (Personas) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\4ozyzd4c.default\extensions\personas@christopher.beard
[2011.03.21 14:46:56 | 000,000,933 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4ozyzd4c.default\searchplugins\conduit.xml
[2011.11.05 13:05:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.01.06 08:06:20 | 000,000,000 | ---D | M] (G Data BankGuard) -- C:\Program Files (x86)\mozilla firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}
[2011.11.05 13:05:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
[2012.06.12 23:34:33 | 000,525,301 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4OZYZD4C.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
[2012.01.06 04:11:13 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4OZYZD4C.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012.05.04 13:43:38 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.10.26 20:49:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2011.09.29 03:24:37 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.09.29 03:16:42 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.09.29 03:24:37 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.09.29 03:24:37 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.09.29 03:24:37 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.09.29 03:24:37 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\***\AppData\Local\Google\Chrome\Application\17.0.963.78\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\***\AppData\Local\Google\Chrome\Application\17.0.963.78\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\***\AppData\Local\Google\Chrome\Application\17.0.963.78\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Installierte Programme\Adobe Acrobat\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Installierte Programme\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Installierte Programme\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Installierte Programme\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Installierte Programme\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Installierte Programme\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Installierte Programme\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Installierte Programme\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Skype Click to Call = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\TotalCare\Webfilter\AVKWebIEx64.dll (G Data Software AG)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\TotalCare\WebFilter\AvkWebIE.dll (G Data Software AG)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G Data\AVKProxy\BanksafeBHO.dll (G Data Software AG)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O3:64bit: - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\TotalCare\Webfilter\AVKWebIEx64.dll (G Data Software AG)
O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\TotalCare\WebFilter\AvkWebIE.dll (G Data Software AG)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~2\TerraTec\TERRAT~1\THCDES~1.DLL (TerraTec Electronic GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [Creative SB Monitoring Utility] C:\Windows\SysNative\SBAVMon.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Installierte Programme\Adobe Acrobat\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\TotalCare\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\TotalCare\Firewall\GDFirewallTray.exe (G Data Software AG)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Installierte Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Module Loader] C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [tvncontrol] C:\Program Files (x86)\TightVNC\tvnserver.exe (GlavSoft LLC.)
O4 - HKLM..\Run: [VolPanel] C:\Installierte Programme\Creative Sound\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKCU..\Run: [StrokeIt] C:\Installierte Programme\StrokeIT\strokeit.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: BID Link Explorer: Öffne aktuelle Seite - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlinkexplorer.htm ()
O8:64bit: - Extra context menu item: BID: Link in Queue einreihen - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlinkqueue.htm ()
O8:64bit: - Extra context menu item: BID: Öffne aktuelle Seite - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebid.htm ()
O8:64bit: - Extra context menu item: BID: Öffne diesen &Link - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlink.htm ()
O8:64bit: - Extra context menu item: BID: Seite in &Queue einreihen - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidqueue.htm ()
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: BID Link Explorer: Öffne aktuelle Seite - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlinkexplorer.htm ()
O8 - Extra context menu item: BID: Link in Queue einreihen - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlinkqueue.htm ()
O8 - Extra context menu item: BID: Öffne aktuelle Seite - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebid.htm ()
O8 - Extra context menu item: BID: Öffne diesen &Link - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlink.htm ()
O8 - Extra context menu item: BID: Seite in &Queue einreihen - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidqueue.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Installierte Programme\ICQ\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Installierte Programme\ICQ\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{188A2009-2BDF-484F-AFD4-B012853F2240}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8F24F444-F3C5-405A-9CE8-A795140CA3AB}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B1789511-27C6-4128-8CBE-E4325EEE1A52}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{00529125-79e9-11df-8d86-40618658d82c}\Shell - "" = AutoRun
O33 - MountPoints2\{00529125-79e9-11df-8d86-40618658d82c}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{e816693f-d62c-11df-92ff-40618658d82c}\Shell - "" = AutoRun
O33 - MountPoints2\{e816693f-d62c-11df-92ff-40618658d82c}\Shell\AutoRun\command - "" = H:\pushinst.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.06.21 16:20:25 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.06.21 16:20:25 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012.06.21 16:20:25 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.06.21 16:19:52 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012.06.21 16:19:52 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012.06.20 21:33:41 | 002,127,960 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\***\Desktop\tdsskiller.exe
[2012.06.20 21:30:24 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\***\Desktop\aswMBR.exe
[2012.06.19 11:37:35 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2012.06.13 15:56:00 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.06.13 15:56:00 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.06.13 15:55:59 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.06.13 15:55:59 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.06.13 15:55:58 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.06.13 15:55:58 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.06.13 15:55:57 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.06.13 15:55:57 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.06.13 15:55:54 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.06.13 15:55:54 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.06.13 15:55:54 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.06.13 15:55:54 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.06.13 15:55:53 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.06.13 14:26:09 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012.06.13 14:26:09 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012.06.13 14:26:09 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012.06.13 14:26:01 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.06.13 14:26:01 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.06.13 14:26:00 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.06.13 14:25:58 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2012.06.13 14:25:53 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012.06.13 14:25:49 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.06.13 14:25:49 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.06.12 10:07:32 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\challenger4life
[2012.06.11 02:25:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Apps Sync
[2012.06.11 02:25:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012.06.11 02:21:18 | 008,105,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012.06.11 02:21:17 | 025,743,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012.06.11 02:21:17 | 025,248,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012.06.11 02:21:17 | 019,607,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012.06.11 02:21:17 | 018,044,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012.06.11 02:21:17 | 017,551,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012.06.11 02:21:17 | 015,322,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012.06.11 02:21:17 | 008,139,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012.06.11 02:21:17 | 005,982,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012.06.11 02:21:17 | 002,881,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012.06.11 02:21:17 | 002,681,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012.06.11 02:21:17 | 002,524,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012.06.11 02:21:17 | 002,445,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012.06.11 01:22:27 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Macromedia
[2012.06.10 22:13:09 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Diablo III
[2012.06.10 21:17:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012.06.10 21:13:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
[2012.06.10 21:13:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diablo III
[2012.06.10 21:00:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.06.21 17:48:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1293076610-2430302069-3362149001-1001UA.job
[2012.06.21 17:48:00 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1293076610-2430302069-3362149001-1001Core.job
[2012.06.21 17:46:07 | 000,020,672 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.21 17:46:07 | 000,020,672 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.21 17:41:16 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2012.06.21 17:39:51 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.06.21 17:39:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.21 17:24:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.06.21 17:19:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.06.21 13:35:12 | 000,685,331 | ---- | M] () -- C:\Windows\SysWow64\sig.bin
[2012.06.21 13:35:12 | 000,040,886 | ---- | M] () -- C:\Windows\SysWow64\nmp.map
[2012.06.20 21:34:42 | 000,458,240 | ---- | M] () -- C:\Users\***\Desktop\CKScanner.exe
[2012.06.20 21:33:49 | 002,127,960 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\***\Desktop\tdsskiller.exe
[2012.06.20 21:30:33 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\***\Desktop\aswMBR.exe
[2012.06.19 11:37:37 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2012.06.19 00:00:03 | 001,527,740 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.06.19 00:00:03 | 000,664,618 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.06.19 00:00:03 | 000,624,800 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.06.19 00:00:03 | 000,134,786 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.06.19 00:00:03 | 000,110,438 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.06.18 23:57:59 | 000,002,076 | ---- | M] () -- C:\Users\***\.recently-used.xbel
[2012.06.13 20:57:27 | 005,011,888 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.06.11 01:18:50 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.06.11 01:18:50 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.06.03 00:19:42 | 000,057,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012.06.03 00:19:42 | 000,044,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.06.03 00:15:31 | 002,622,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.06.02 15:19:42 | 000,186,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012.06.02 15:15:12 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.06.20 21:34:42 | 000,458,240 | ---- | C] () -- C:\Users\***\Desktop\CKScanner.exe
[2012.06.18 23:57:59 | 000,002,076 | ---- | C] () -- C:\Users\***\.recently-used.xbel
[2012.05.15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012.01.26 23:58:44 | 000,000,600 | ---- | C] () -- C:\Users\***\AppData\Roaming\winscp.rnd
[2011.09.09 21:36:51 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.09.05 18:42:19 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.08.24 20:19:10 | 000,056,320 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011.07.22 00:16:58 | 000,921,600 | ---- | C] () -- C:\Windows\SysWow64\vorbisenc.dll
[2011.07.22 00:16:58 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\OggDS.dll
[2011.07.22 00:16:58 | 000,188,416 | ---- | C] () -- C:\Windows\SysWow64\vorbis.dll
[2011.07.22 00:16:58 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\ogg.dll
[2011.07.16 22:44:23 | 000,685,331 | ---- | C] () -- C:\Windows\SysWow64\sig.bin
[2011.06.07 22:03:12 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.03.17 19:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.11.30 19:34:11 | 000,181,760 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2010.11.30 19:34:11 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2010.11.30 19:33:14 | 000,001,772 | ---- | C] () -- C:\ProgramData\cfSB1095.ini
[2010.09.21 23:27:22 | 000,045,568 | R--- | C] () -- C:\Windows\UniFish3.exe
[2010.09.18 13:01:59 | 000,000,094 | ---- | C] () -- C:\Users\***\AppData\Local\fusioncache.dat
[2010.09.17 15:28:28 | 001,526,730 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.09.17 15:26:56 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.09.17 15:26:54 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.09.17 15:26:54 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.09.16 12:16:09 | 000,000,132 | ---- | C] () -- C:\Users\***\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2010.09.10 00:33:04 | 000,065,536 | ---- | C] () -- C:\Windows\IFinst27.exe
[2010.09.03 23:33:36 | 000,000,088 | RHS- | C] () -- C:\ProgramData\69C5FFC5C3.sys
[2010.09.03 23:33:35 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.08.21 18:31:28 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
 
========== Files - Unicode (All) ==========
[2010.08.09 17:26:56 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G??{d6124de8-a3c6-11df-8757-40618658d82c}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\坝G쀜㬲{d6124de8-a3c6-11df-8757-40618658d82c}.TMContainer00000000000000000002.regtrans-ms
[2010.08.09 17:26:56 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G??{d6124de8-a3c6-11df-8757-40618658d82c}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\坝G쀜㬲{d6124de8-a3c6-11df-8757-40618658d82c}.TMContainer00000000000000000001.regtrans-ms
[2010.08.09 17:26:56 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G??{d6124de4-a3c6-11df-8757-40618658d82c}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\坝G쀜㬲{d6124de4-a3c6-11df-8757-40618658d82c}.TMContainer00000000000000000002.regtrans-ms
[2010.08.09 17:26:56 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G??{d6124de4-a3c6-11df-8757-40618658d82c}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\坝G쀜㬲{d6124de4-a3c6-11df-8757-40618658d82c}.TMContainer00000000000000000001.regtrans-ms
[2010.08.09 17:26:56 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G??{d6124de8-a3c6-11df-8757-40618658d82c}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\坝G쀜㬲{d6124de8-a3c6-11df-8757-40618658d82c}.TMContainer00000000000000000002.regtrans-ms
[2010.08.09 17:26:56 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G??{d6124de8-a3c6-11df-8757-40618658d82c}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\坝G쀜㬲{d6124de8-a3c6-11df-8757-40618658d82c}.TMContainer00000000000000000001.regtrans-ms
[2010.08.09 17:26:56 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G??{d6124de4-a3c6-11df-8757-40618658d82c}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\坝G쀜㬲{d6124de4-a3c6-11df-8757-40618658d82c}.TMContainer00000000000000000002.regtrans-ms
[2010.08.09 17:26:56 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G??{d6124de4-a3c6-11df-8757-40618658d82c}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\坝G쀜㬲{d6124de4-a3c6-11df-8757-40618658d82c}.TMContainer00000000000000000001.regtrans-ms
[2010.08.09 17:26:56 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G??) -- C:\Windows\SysWow64\坝G쀜㬲
[2010.08.09 17:26:56 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G??) -- C:\Windows\SysWow64\坝G쀜㬲
[2010.08.09 17:26:56 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G??{d6124de8-a3c6-11df-8757-40618658d82c}.TM.blf) -- C:\Windows\SysWow64\坝G쀜㬲{d6124de8-a3c6-11df-8757-40618658d82c}.TM.blf
[2010.08.09 17:26:56 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G??{d6124de4-a3c6-11df-8757-40618658d82c}.TM.blf) -- C:\Windows\SysWow64\坝G쀜㬲{d6124de4-a3c6-11df-8757-40618658d82c}.TM.blf
[2010.08.09 17:26:56 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G??{d6124de8-a3c6-11df-8757-40618658d82c}.TM.blf) -- C:\Windows\SysWow64\坝G쀜㬲{d6124de8-a3c6-11df-8757-40618658d82c}.TM.blf
[2010.08.09 17:26:56 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G??{d6124de4-a3c6-11df-8757-40618658d82c}.TM.blf) -- C:\Windows\SysWow64\坝G쀜㬲{d6124de4-a3c6-11df-8757-40618658d82c}.TM.blf
[2010.08.09 17:26:56 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G??.LOG1) -- C:\Windows\SysWow64\坝G쀜㬲.LOG1
[2010.08.09 17:26:56 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G??.LOG1) -- C:\Windows\SysWow64\坝G쀜㬲.LOG1
[2010.08.09 17:26:56 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G??.LOG2) -- C:\Windows\SysWow64\坝G쀜㬲.LOG2
[2010.08.09 17:26:56 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G??.LOG2) -- C:\Windows\SysWow64\坝G쀜㬲.LOG2
[2010.03.08 19:54:43 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?F??) -- C:\Windows\SysWow64\F滋䱜
[2010.03.08 19:54:43 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?F??.LOG1) -- C:\Windows\SysWow64\F滋䱜.LOG1
[2010.03.08 19:54:42 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?F??{ec44a248-2abb-11df-ab12-40618658d82c}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\F滋䱜{ec44a248-2abb-11df-ab12-40618658d82c}.TMContainer00000000000000000002.regtrans-ms
[2010.03.08 19:54:42 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?F??{ec44a248-2abb-11df-ab12-40618658d82c}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\F滋䱜{ec44a248-2abb-11df-ab12-40618658d82c}.TMContainer00000000000000000001.regtrans-ms
[2010.03.08 19:54:42 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?F??{ec44a244-2abb-11df-ab12-40618658d82c}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\F滋䱜{ec44a244-2abb-11df-ab12-40618658d82c}.TMContainer00000000000000000002.regtrans-ms
[2010.03.08 19:54:42 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?F??{ec44a244-2abb-11df-ab12-40618658d82c}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\F滋䱜{ec44a244-2abb-11df-ab12-40618658d82c}.TMContainer00000000000000000001.regtrans-ms
[2010.03.08 19:54:42 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?F??{ec44a248-2abb-11df-ab12-40618658d82c}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\F滋䱜{ec44a248-2abb-11df-ab12-40618658d82c}.TMContainer00000000000000000002.regtrans-ms
[2010.03.08 19:54:42 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?F??{ec44a248-2abb-11df-ab12-40618658d82c}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\F滋䱜{ec44a248-2abb-11df-ab12-40618658d82c}.TMContainer00000000000000000001.regtrans-ms
[2010.03.08 19:54:42 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?F??{ec44a244-2abb-11df-ab12-40618658d82c}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\F滋䱜{ec44a244-2abb-11df-ab12-40618658d82c}.TMContainer00000000000000000002.regtrans-ms
[2010.03.08 19:54:42 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?F??{ec44a244-2abb-11df-ab12-40618658d82c}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\F滋䱜{ec44a244-2abb-11df-ab12-40618658d82c}.TMContainer00000000000000000001.regtrans-ms
[2010.03.08 19:54:42 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?F??) -- C:\Windows\SysWow64\F滋䱜
[2010.03.08 19:54:42 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?F??{ec44a248-2abb-11df-ab12-40618658d82c}.TM.blf) -- C:\Windows\SysWow64\F滋䱜{ec44a248-2abb-11df-ab12-40618658d82c}.TM.blf
[2010.03.08 19:54:42 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?F??{ec44a244-2abb-11df-ab12-40618658d82c}.TM.blf) -- C:\Windows\SysWow64\F滋䱜{ec44a244-2abb-11df-ab12-40618658d82c}.TM.blf
[2010.03.08 19:54:42 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?F??{ec44a248-2abb-11df-ab12-40618658d82c}.TM.blf) -- C:\Windows\SysWow64\F滋䱜{ec44a248-2abb-11df-ab12-40618658d82c}.TM.blf
[2010.03.08 19:54:42 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?F??{ec44a244-2abb-11df-ab12-40618658d82c}.TM.blf) -- C:\Windows\SysWow64\F滋䱜{ec44a244-2abb-11df-ab12-40618658d82c}.TM.blf
[2010.03.08 19:54:42 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?F??.LOG1) -- C:\Windows\SysWow64\F滋䱜.LOG1
[2010.03.08 19:54:42 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?F??.LOG2) -- C:\Windows\SysWow64\F滋䱜.LOG2
[2010.03.08 19:54:42 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?F??.LOG2) -- C:\Windows\SysWow64\F滋䱜.LOG2

< End of report >

Habe mich nun dazu entschieden, meinen Computer einfach mal zu formatieren, wird wohl generell das Beste für ihn sein.

Gibt es irgendeinen Tipp, wie ich die Datensicherung mit einer externen Festplatte am sichersten gestalte? Nicht, dass ich später noch jegliche schädliche Software auf der Externen habe

Psychotic · 22.06.2012, 08:22

übertrage nur Dateien, die nicht ausführbar sind - also keine Programme!
Nimm nur wichtige dokumente/Musikdateien/Videodatein, usw.

Scanne die Festplatte anschließend mit einem Onlinescanner, z.B. ESET.

Psychotic · 26.06.2012, 09:00

Dieses Thema scheint erledigt und wurde aus meinen Abos gelöscht.
Solltest du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und ein eigenes Thema erstellen!

22.06.2012, 08:22	#6
Psychotic /// Malwareteam	Computer auffällig langsamer und Passwort geknackt übertrage nur Dateien, die nicht ausführbar sind - also keine Programme! Nimm nur wichtige dokumente/Musikdateien/Videodatein, usw. Scanne die Festplatte anschließend mit einem Onlinescanner, z.B. ESET. __________________ --> Computer auffällig langsamer und Passwort geknackt

Computer auffällig langsamer und Passwort geknackt

Plagegeister aller Art und deren Bekämpfung: Computer auffällig langsamer und Passwort geknackt