| |
| |||||||
Log-Analyse und Auswertung: System Sauber oder doch nicht?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
19.10.2012, 04:54
| #1 |
 |  System Sauber oder doch nicht? Ich Grüße euch alle Miteinander. Ich habe folgende frage zu meinem System ist es Sauber oder nicht? Warum Ich diese Frage stelle, hat folgenden Grund. " PlayStation(R)Network Downloader Check Plug-in " Ich habe in dieser Nacht durch Zufall folgendes Addon in Firefox gefunden. Kann mir aber nicht erklären woher es kommt und was es dort soll. Ich bin weder in Besitz einer Playstadion, noch habe Ich irgend welche anderen Hardware. Die Ich damit verknüpfen würde. Durch Suche per Googel bin Ich hier auf das Forum gestoßen und hoffe das es nicht schlimmer wird. Ich kann auch nicht sagen was mein Bruder ewentuell verursacht hat oder Installiert hat. Ich persönlich war die Letzten Woche nicht da. Und da vor war es Defenetiv nicht da. Ich habe mich an die Anleitung für neulinge gehalten und die Punkte 1- Download von Malwarebytes Anti-Malware und dem Scannen 2- Download Defogger und dem Starten, habe eine fehler meldung bekommen nach dem Starten und ich habe mich an die folgende anweißung gehalten. (Klicke den Re-enable Button nicht ohne Anweisung.) defogger_disable Inhalt: defogger_disable by jpshortstuff (23.02.10.1) Log created at 04:54 on 19/10/2012 (Robert Köppen) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- 3- Download von OTL und dem dem Anschließenden Quick scan. Ich habe die Log Datein per 7-zip gepackt und hier angehangen. Das Posten der Beiden Log hier im Tread habe ich erst ein mal unterlassen da sie beide recht lang sind. Wenn es aber noch Gewünscht wird tu Ich es auch noch. Ich hoffe doch mal das mein System nix abbekommen hat. |
|
19.10.2012, 13:22
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | System Sauber oder doch nicht? Die Logs bitte nur in den Anhang (gezippt) legen, wenn sie zu groß sind um direkt gepostet zu werden!
__________________Ansonsten bitte alles nach Möglichkeit hier in CODE-Tags posten. Das ist einfacher übersichtlicher und man spart sich ne Menge Rumklickerei Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ |
|
20.10.2012, 10:43
| #3 |
| | System Sauber oder doch nicht? Der Text, den Sie eingegeben haben, besteht aus 128237 Zeichen und ist damit zu lang. Bitte kürzen Sie den Text auf die maximale Länge von 120000 Zeichen.
__________________Logs bitte als Archiv an den Beitrag anhängen! Das Bekomme Ich als Meldung wen Ich es nach deiner Anleitung mache.. |
|
21.10.2012, 12:12
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | System Sauber oder doch nicht? Die Logs bitte einzeln posten, pro Beitrag ein Log, dann müsste es passen
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
21.10.2012, 20:43
| #5 |
| | System Sauber oder doch nicht?Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 11:23 on 20/10/2012 (Robert Köppen)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Extra OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 19.10.2012 04:58:01 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Users\**************************\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 6,01 Gb Available Physical Memory | 75,17% Memory free
20,00 Gb Paging File | 17,77 Gb Available in Paging File | 88,89% Paging File free
Paging file location(s): d:\pagefile.sys 12288 12288 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = D:\Program Files (x86)
Drive C: | 59,52 Gb Total Space | 45,91 Gb Free Space | 77,14% Space Free | Partition Type: NTFS
Drive D: | 97,66 Gb Total Space | 62,38 Gb Free Space | 63,87% Space Free | Partition Type: NTFS
Drive E: | 833,85 Gb Total Space | 832,36 Gb Free Space | 99,82% Space Free | Partition Type: NTFS
Drive K: | 929,32 Gb Total Space | 268,65 Gb Free Space | 28,91% Space Free | Partition Type: NTFS
Drive M: | 1863,01 Gb Total Space | 1774,86 Gb Free Space | 95,27% Space Free | Partition Type: NTFS
Drive Y: | 933,68 Gb Total Space | 932,40 Gb Free Space | 99,86% Space Free | Partition Type: NTFS
Computer Name: **************************-PC | User Name: ************************** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- D:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- D:\Program Files (x86)\Opera\Opera.exe (Opera Software)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "D:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "D:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "D:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "D:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = D:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"D:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = D:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"D:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = D:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"D:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = D:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04B83563-5F4B-4B8B-8836-885BD6419767}" = rport=139 | protocol=6 | dir=out | app=system |
"{22E8C608-4A6E-4437-9D2B-8D28F095FF5D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{26F50ABA-DBDC-4E43-85AB-4901004BCB98}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2919629F-18A1-4C37-8A85-8337EBEE00A3}" = lport=10243 | protocol=6 | dir=in | app=system |
"{3FF2C4A9-2EA6-4476-8520-528EAD22FA10}" = rport=445 | protocol=6 | dir=out | app=system |
"{46CD71E3-10A3-433C-9ABD-9C9C54104255}" = rport=138 | protocol=17 | dir=out | app=system |
"{4796E067-2ECD-42B1-AAF4-082AC5A5C84D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4942BCFA-F4C8-4B69-91F3-D2D4CFB53333}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4EF84696-3520-4159-AED8-4A2BD42DAA50}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{511D7112-2F85-43B3-BC1A-93FD156AFFF0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6A361DD4-7394-43A5-8FA5-11F935446730}" = rport=10243 | protocol=6 | dir=out | app=system |
"{75A48BE0-D991-4DD8-8464-D0B510CEA286}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{775E56DB-8E04-41A2-A3D1-EC68D0E9E550}" = lport=445 | protocol=6 | dir=in | app=system |
"{7BDA3B97-C07E-48B4-9EFC-D3939FC80E95}" = rport=137 | protocol=17 | dir=out | app=system |
"{7C26BD9D-9271-4077-8C80-B468F2E01251}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8412D266-D0FB-418B-A1EA-418F45C74BB7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{86C16AAB-2A3B-42B0-B2ED-D6AA5040BDF6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{93B069FE-A88A-40B0-800A-DD8FEA868B65}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{961C5B60-3E8B-4907-BFCC-81720B5E55AA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9ACB29CB-F699-4D9B-A70F-3A2A6CEC8ED0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A8B473AC-1830-41CD-90B9-6EA1118D2778}" = lport=138 | protocol=17 | dir=in | app=system |
"{AC7BEF5E-0236-475E-9986-835E0E8392BE}" = lport=137 | protocol=17 | dir=in | app=system |
"{AEBD141D-5929-4019-BE83-3197987B6F05}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{AF91C9A9-38E2-416A-9BB1-4B7971D84298}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B760D869-1391-4D49-A9DD-E3DFFA93B622}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CD66E903-7D9A-481D-8D23-82E151E1BCEE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D48D691D-A71A-45A5-95BA-1960D88BF0DB}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{DAC49ED6-1110-43BE-ABD1-4ECC97675EE1}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{DC4FF5CA-888E-47BD-9567-DEAD4167DAC6}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{DCE12EBC-AD42-445C-9F44-619D2DDA9553}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E095DE5E-7D22-4738-836C-BCB397AA81ED}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F2D6F3D7-6E9F-465D-8293-024AFE5AB25D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FFB6DB74-9677-4557-A7F9-B77438F680EB}" = lport=139 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{34AB7462-3DDC-4219-9932-05890FC64990}" = protocol=17 | dir=in | app=d:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{35D8EBA7-6143-4FD2-BFC8-8634FE64A106}" = dir=in | app=d:\program files (x86)\windows live\contacts\wlcomm.exe |
"{36C531E5-7CE7-4663-90AA-3D3D30042962}" = dir=in | app=d:\users\**************************\appdata\local\microsoft\skydrive\skydrive.exe |
"{378B492E-9B5C-4881-A143-4E177969A67D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3A86C683-07F4-45C7-965D-DCFFD9A9623D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{418C352A-9DFB-427E-B9E0-EE3792F01204}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{42EE7B8C-8E6B-4C27-A380-78DA675B4110}" = protocol=6 | dir=in | app=d:\program files (x86)\opera\opera.exe |
"{43D36B44-62A3-4A33-978B-2E39BB2A121A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4B255D73-0BEF-4213-AD1D-FE1BA32CAE34}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5292B5B2-BBB0-4CC5-BDCC-67E3BA7E84D0}" = protocol=6 | dir=in | app=d:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{53B52D1A-5AE1-4B12-90F9-D96F7F4D13E3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{540A65BB-6A32-45B3-86FE-6240AFD7AE70}" = protocol=6 | dir=in | app=d:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{574135BE-D3A8-4AE0-B125-FF631E73F361}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6633C9B1-F36E-499E-B808-ED7594C0ABD8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6C436D85-F0DC-4172-BC59-E572040F1AD1}" = protocol=17 | dir=in | app=d:\program files (x86)\icq7m\icq.exe |
"{6D8ACE58-7BFB-406E-9EDB-E9F11EDD3212}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{6DD81023-DCA1-45C6-BEFD-729762B2989C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{71D47265-424F-471B-AA5D-32703E2CCEDD}" = protocol=17 | dir=in | app=d:\program files (x86)\opera\opera.exe |
"{793FA024-783F-4889-B2A4-2913324A0C0E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7CF24584-DE49-46CA-82E4-F50E6317DD47}" = dir=in | app=d:\program files (x86)\skype\phone\skype.exe |
"{81F455B3-FE1F-4CDC-8D25-3DF31542FD52}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{8BD12FF8-3633-4432-938C-78F4D04FD48B}" = protocol=6 | dir=in | app=d:\program files (x86)\icq7m\icq.exe |
"{90FA6CC4-C51E-4348-BEB6-92F29CB8E7E5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{95D8A93F-D9F8-49E5-9ABF-C975B1D946DA}" = protocol=17 | dir=in | app=d:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{9D31604A-193D-4D03-B8C1-2690E42505B1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9E89A5F4-77BE-49AF-A346-1E9F95AE7F95}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A726CF1A-16AE-4392-B684-0BEEFDFFC1EC}" = protocol=17 | dir=in | app=d:\program files (x86)\icq7m\icq.exe |
"{ACFC32C9-0567-4D2C-A20A-D822F32ED4F0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B8856B97-91DF-4100-94E3-DF518482918B}" = protocol=6 | dir=out | app=system |
"{BC3B53DB-2068-425D-BAFB-F4A396DD5AF0}" = dir=in | app=d:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{CD52C852-3245-48D1-8BD7-1BD41CEAE9D0}" = protocol=6 | dir=in | app=d:\program files (x86)\icq7m\icq.exe |
"{D4D864E5-0B33-403C-AD0C-9E49BAE85A15}" = protocol=6 | dir=in | app=d:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{E44FFD75-AA23-4805-89DF-9F3A97FCF1BC}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{FA108C49-5CC2-49BA-92F3-40F9D4976B27}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FDD81A77-0BD4-4C3E-9093-C6BFE3F4EA76}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FF353E5C-9D3B-418B-B644-C286DCE4C872}" = protocol=17 | dir=in | app=d:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"TCP Query User{2D7190F6-4B12-4E95-BA8C-EAC60C475BA2}D:\program files (x86)\jdownloader\jdownloader2.exe" = protocol=6 | dir=in | app=d:\program files (x86)\jdownloader\jdownloader2.exe |
"TCP Query User{43E4E99E-9C83-47D9-AB0B-089ED5D83E30}D:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{6ECA8B57-7774-4CA4-9B8C-345E55A7E468}D:\program files (x86)\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=d:\program files (x86)\myphoneexplorer\myphoneexplorer.exe |
"TCP Query User{B0E9D937-A1A1-454E-ADD6-88C5EDF2F496}D:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=d:\program files (x86)\orbitdownloader\orbitnet.exe |
"TCP Query User{C9BF61FD-8293-41AD-A73C-3C321F28EC40}D:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=d:\program files (x86)\orbitdownloader\orbitnet.exe |
"TCP Query User{D3D59935-A75B-49A8-854C-0AE0A3B2C56D}D:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=d:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{FC72D730-AA02-4459-AE1F-A82E70D0A572}D:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=d:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{02639F04-AEFC-4EE0-BB24-602F07F2266F}D:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{0C599EA4-161D-467D-A760-1D25DAF411C6}D:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=d:\program files (x86)\orbitdownloader\orbitnet.exe |
"UDP Query User{39C8CCA5-2FAA-4D96-8C73-B9FE93F5AEBB}D:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=d:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{47F5FC05-583D-4620-A476-86B9FE5503D1}D:\program files (x86)\jdownloader\jdownloader2.exe" = protocol=17 | dir=in | app=d:\program files (x86)\jdownloader\jdownloader2.exe |
"UDP Query User{542A7D6C-844C-4CD8-A97E-3C9E1289A30D}D:\program files (x86)\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=d:\program files (x86)\myphoneexplorer\myphoneexplorer.exe |
"UDP Query User{73394810-52B5-4F23-B2C0-D6FE4C3465F8}D:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=d:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{EEF13D97-5A75-4937-A2BC-9EAE85A91851}D:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=d:\program files (x86)\orbitdownloader\orbitnet.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02359FE8-6BBF-407A-B7E1-39AA26C09525}" = MAGIX Foto Manager MX
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5F611ADA-B98C-4DBB-ADDE-414F08457ECF}" = Windows Live Family Safety
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6C2E334F-37F5-C312-53BA-1482F9A6FD4D}" = ccc-utility64
"{81D00339-968D-15D1-3499-8431658E896F}" = AMD Catalyst Install Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DB33E7CB-D489-4CE5-8FD4-9CCCB4188C2F}" = MAGIX Screenshare
"{E6F5D8BE-0B00-6DD9-18F9-D4045798FCBE}" = AMD Media Foundation Decoders
"{E7D9D138-7DFA-441A-B1A9-703193C5D6D3}_is1" = USBLogon 1.5.0.0
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F55458B0-DCA9-38C9-6C8D-829F22463A55}" = AMD Drag and Drop Transcoding
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"Creative VF0470" = Creative Live! Cam Notebook (VF0470) Driver (1.03.01.00)
"EnhanceMySe7en_is1" = EnhanceMySe7en
"KLiteCodecPack64_is1" = K-Lite Codec Pack 9.3.0 (64-bit)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"sp6" = Logitech SetPoint 6.32
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VLC media player" = VLC media player 2.0.2
"x64 Components_is1" = x64 Components v3.8.0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01496C89-6117-AD97-3CB3-98AF2026070C}" = CCC Help German
"{03CC9D58-B132-4CC0-A521-4F3660AA43C7}" = Movie Maker
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{0486991B-63F4-5106-06CE-404D7BA55041}" = CCC Help Italian
"{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1" = MiniTool Partition Wizard Home Edition 7.6
"{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{15F3A6F5-06AE-4332-AE3E-21CD0416827A}" = Windows Live Mail
"{177A3BC5-ECD3-BFF1-4D87-C4B417924DF2}" = CCC Help Russian
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19D368B2-5601-007B-A296-535706E00D97}" = CCC Help English
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{278FA289-F502-D888-A3BA-5FA10308AAAD}" = CCC Help Danish
"{2BF9702B-52EE-4841-83C4-B5E640B6C97A}" = Media Go
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3C3DCD2B-6FC7-41BF-BB80-40A936E1A785}" = Windows Live Writer
"{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}" = Fotogalerie
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{44F77218-4BBD-1B74-88B7-FC302868F2B3}" = CCC Help Japanese
"{489BC3B4-AEF9-E14A-11BC-B70FDE9D543D}" = CCC Help Chinese Traditional
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A85AE1B-9727-261D-9EAF-07C1AECCF977}" = CCC Help Turkish
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4E1E1394-F813-420E-A4D0-63D6FE26ACBE}" = BlueStacks
"{502699FF-F586-54B1-91E8-E85D9FAE0D6D}" = CCC Help Greek
"{53EF1C4D-0705-98F2-1889-A69BBF9F03F3}" = CCC Help Thai
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{548A4EF3-BD97-0813-B469-E1E2FC9DE487}" = CCC Help Korean
"{55533224-CAD0-39B5-6297-E1B2D1D8F176}" = Catalyst Control Center
"{590828E0-9BA6-3E4D-8491-A1D9CC3EB8CE}" = CCC Help French
"{6563FAF5-84F9-0A35-C032-182EBC4C3BDB}" = CCC Help Finnish
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{69437EE7-060C-4A38-BDF4-C4585C986D23}" = Radeon RAMDisk
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6C5F8503-55D2-4398-858C-362B7A7AF51C}" = Firebird SQL Server - MAGIX Edition
"{6D46F639-5F2F-90F3-4B60-EB2EF264B82E}" = CCC Help Spanish
"{70210CF8-CAB1-8FEB-D964-C33AFE18730B}" = CCC Help Czech
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{85CE9026-C02A-46B4-B08C-4C77CCCC54FF}" = Windows Live Family Safety
"{8913AC02-67B8-4B52-91B2-BBA7B9C265B5}" = Windows Live Writer Resources
"{89F1F5CF-144F-466B-A939-1675B0022ADE}" = Pacemaker Editor
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8B1AEC85-4507-28BD-F3BA-4A5D732752E7}" = CCC Help Hungarian
"{8C5ACED4-34D3-23BB-F90E-2F90420321BC}" = Catalyst Control Center Localization All
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3DAD349-E48E-AE45-3F26-7B80A4FFCD26}" = Catalyst Control Center InstallProxy
"{A4F094CE-9B05-FB0C-DD73-A85DE5D8D283}" = Media Go Video Playback Engine 1.92.169.06150
"{AE364ACC-B9DF-466B-B4EA-AEECD0CD581E}" = Windows Live Messenger
"{B0B1A8A5-4711-BB6C-DD59-9794AD928368}" = CCC Help Dutch
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B33D2348-2938-1A03-0CD3-E6F7101244E0}" = CCC Help Polish
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{B7C8D838-9C3A-1177-B80A-E3C512FD8AF5}" = CCC Help Swedish
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{DDCB737A-EEC8-3815-42DA-69011A55E3E5}" = Catalyst Control Center Graphics Previews Common
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{E170E984-6B20-79C2-1E9F-0256EC5ADFB4}" = CCC Help Chinese Standard
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E866E52C-1F56-4CCF-0071-CA915F8CFEDA}" = CCC Help Norwegian
"{EC3825A1-02C6-4A83-8CA4-3F97A25CD37B}" = simplitec simplicheck
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.094
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F5D245CC-C332-1E8E-CCB1-75E0C3C4D6F1}" = CCC Help Portuguese
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"CrystalDiskInfo_is1" = CrystalDiskInfo 5.0.0
"Free Studio_is1" = Free Studio version 5.7.5.1005
"FreeCommander XE_is1" = FreeCommander XE
"jdownloader2" = JDownloader 2.0
"MAGIX_{02359FE8-6BBF-407A-B7E1-39AA26C09525}" = MAGIX Foto Manager MX
"MAGIX_{DB33E7CB-D489-4CE5-8FD4-9CCCB4188C2F}" = MAGIX Screenshare
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Mixxx (1.10.1)" = Mixxx 1.10.1 (64-bit)
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 16.0.1 (x86 de)" = Mozilla Firefox 16.0.1 (x86 de)
"Mozilla Thunderbird 16.0.1 (x86 de)" = Mozilla Thunderbird 16.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MPE" = MyPhoneExplorer
"Opera 12.02.1578" = Opera 12.02
"Orbit_is1" = Orbit Downloader
"PriceGong" = PriceGong 2.6.7
"RMPrepUSB" = RMPrepUSB
"Secunia PSI" = Secunia PSI (3.0.0.4001)
"SpeedFan" = SpeedFan (remove only)
"TeamViewer 7" = TeamViewer 7
"Update Engine" = Sony Ericsson Update Engine
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-Bit)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SkyDriveSetup.exe" = Microsoft SkyDrive
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 18.10.2012 12:47:01 | Computer Name = **************************-PC | Source = VSS | ID = 8193
Description =
Error - 18.10.2012 12:47:01 | Computer Name = **************************-PC | Source = VSS | ID = 13
Description =
Error - 18.10.2012 12:47:01 | Computer Name = **************************-PC | Source = VSS | ID = 8193
Description =
Error - 18.10.2012 17:02:37 | Computer Name = **************************-PC | Source = VSS | ID = 13
Description =
Error - 18.10.2012 17:02:37 | Computer Name = **************************-PC | Source = VSS | ID = 8193
Description =
Error - 18.10.2012 17:02:37 | Computer Name = **************************-PC | Source = System Restore | ID = 8193
Description =
Error - 18.10.2012 17:29:12 | Computer Name = **************************-PC | Source = WinMgmt | ID = 10
Description =
Error - 18.10.2012 17:30:40 | Computer Name = **************************-PC | Source = .NET Runtime Optimization Service | ID = 1103
Description =
Error - 18.10.2012 17:30:40 | Computer Name = **************************-PC | Source = .NET Runtime Optimization Service | ID = 1103
Description =
Error - 18.10.2012 17:44:32 | Computer Name = **************************-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 18.10.2012 17:38:20 | Computer Name = **************************-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%-2140993535
Error - 18.10.2012 17:38:20 | Computer Name = **************************-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
beendet: %%-2140993535
Error - 18.10.2012 17:38:20 | Computer Name = **************************-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%-2140993535
Error - 18.10.2012 17:42:52 | Computer Name = **************************-PC | Source = NETLOGON | ID = 3095
Description = Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert,
nicht als Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser Konfiguration
nicht gestartet zu sein.
Error - 18.10.2012 17:43:00 | Computer Name = **************************-PC | Source = SNMP | ID = 16713180
Description = Beim Zugreifen auf den Registrierungsschlüssel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration
ist ein Fehler aufgetreten.
Error - 18.10.2012 17:43:08 | Computer Name = **************************-PC | Source = RemoteAccess | ID = 20152
Description = Der momentan konfigurierte Authentifizierungsanbieter konnte nicht
geladen und initialisiert werden. Der angeforderte Name ist gültig, es wurden jedoch
keine Daten des angeforderten Typs gefunden.
Error - 18.10.2012 17:43:10 | Computer Name = **************************-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Routing und RAS" wurde mit folgendem dienstspezifischem
Fehler beendet: %%11004.
Error - 18.10.2012 17:44:28 | Computer Name = **************************-PC | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Diagnosediensthost" wurde nicht richtig gestartet.
Error - 18.10.2012 17:44:30 | Computer Name = **************************-PC | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Diagnosesystemhost" wurde nicht richtig gestartet.
Error - 18.10.2012 17:44:30 | Computer Name = **************************-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
< End of report >
[/code] Beim dem Log der OTl bekomme ich auch einzeln die Meldung das es zu Groß ist Tut mir leid |
|
22.10.2012, 10:15
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | System Sauber oder doch nicht? Dann poste bitte die Logs verteilt über zwei Postings, notfalls kann ich mir das OTL-Log aber auch aus dem ersten Posting rausholen Ich will nur vermeiden JEDES Log erst mal runterladen und entpacken zu müssen, diese Infos sieht man direkter ohne Umwege wenn die Logs direkt im Beitrag gepostet sind
__________________ --> System Sauber oder doch nicht? |
|
24.10.2012, 11:55
| #7 |
| | System Sauber oder doch nicht? OTL Logfile: Code:
ATTFilter OTL logfile created on: 19.10.2012 04:58:01 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = D:\Users\******\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 8,00 Gb Total Physical Memory | 6,01 Gb Available Physical Memory | 75,17% Memory free 20,00 Gb Paging File | 17,77 Gb Available in Paging File | 88,89% Paging File free Paging file location(s): d:\pagefile.sys 12288 12288 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = D:\Program Files (x86) Drive C: | 59,52 Gb Total Space | 45,91 Gb Free Space | 77,14% Space Free | Partition Type: NTFS Drive D: | 97,66 Gb Total Space | 62,38 Gb Free Space | 63,87% Space Free | Partition Type: NTFS Drive E: | 833,85 Gb Total Space | 832,36 Gb Free Space | 99,82% Space Free | Partition Type: NTFS Drive K: | 929,32 Gb Total Space | 268,65 Gb Free Space | 28,91% Space Free | Partition Type: NTFS Drive M: | 1863,01 Gb Total Space | 1774,86 Gb Free Space | 95,27% Space Free | Partition Type: NTFS Drive Y: | 933,68 Gb Total Space | 932,40 Gb Free Space | 99,86% Space Free | Partition Type: NTFS Computer Name: ******KÖPPEN-PC | User Name: ****** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.10.19 04:55:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Users\******\Desktop\OTL.exe PRC - [2012.10.19 04:48:56 | 000,050,477 | ---- | M] () -- D:\Users\******\Desktop\Defogger.exe PRC - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012.09.24 16:05:00 | 000,384,888 | ---- | M] (BlueStack Systems, Inc.) -- D:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe PRC - [2012.09.24 16:04:32 | 000,393,080 | ---- | M] (BlueStack Systems, Inc.) -- D:\Program Files (x86)\BlueStacks\HD-Service.exe PRC - [2012.09.24 16:04:28 | 000,367,480 | ---- | M] (BlueStack Systems) -- D:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe PRC - [2012.09.24 16:04:20 | 000,260,472 | ---- | M] (BlueStack Systems) -- D:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe PRC - [2012.09.24 16:04:16 | 000,375,672 | ---- | M] (BlueStack Systems) -- D:\Program Files (x86)\BlueStacks\HD-Network.exe PRC - [2012.09.24 14:46:16 | 001,328,736 | ---- | M] (Secunia) -- D:\Program Files (x86)\Secunia\PSI\PSIA.exe PRC - [2012.09.24 14:46:16 | 000,656,480 | ---- | M] (Secunia) -- D:\Program Files (x86)\Secunia\PSI\sua.exe PRC - [2012.09.07 15:23:10 | 002,637,624 | ---- | M] (Orbitdownloader.com) -- D:\Program Files (x86)\Orbitdownloader\orbitdm.exe PRC - [2012.09.07 15:14:36 | 000,557,056 | ---- | M] (Orbitdownloader.com) -- D:\Program Files (x86)\Orbitdownloader\orbitnet.exe PRC - [2012.08.31 16:02:02 | 002,754,984 | ---- | M] (TeamViewer GmbH) -- D:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- D:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- D:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2012.08.17 04:37:56 | 000,277,504 | ---- | M] (Intel Corporation) -- D:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2012.08.17 04:37:50 | 000,007,168 | ---- | M] (Intel Corporation) -- D:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2011.05.24 10:33:30 | 001,840,128 | ---- | M] (MAGIX AG) -- D:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe ========== Modules (No Company Name) ========== MOD - [2012.10.19 04:48:56 | 000,050,477 | ---- | M] () -- D:\Users\******\Desktop\Defogger.exe MOD - [2012.10.08 06:10:06 | 001,226,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\6831f648f5b925f1194f691b0b491662\System.WorkflowServices.ni.dll MOD - [2012.10.08 06:09:37 | 000,369,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\dc86fe1c7a6e3a7ce9e9c1f13d9b1e8e\System.ServiceModel.Routing.ni.dll MOD - [2012.10.08 06:09:36 | 001,140,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\ec057796972ce41b751eaa3a8306fbcb\System.ServiceModel.Discovery.ni.dll MOD - [2012.10.08 06:09:35 | 000,082,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\d09c237ee72af3935f1a01388ef8e315\System.ServiceModel.Channels.ni.dll MOD - [2012.10.08 06:09:25 | 001,086,464 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\f42c2acdb000001066c78acfc6cd8655\System.ServiceModel.Web.ni.dll MOD - [2012.10.08 06:07:52 | 001,393,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\5055b60e339143bbace5871f5fe4b114\System.ServiceModel.Activities.ni.dll MOD - [2012.10.08 06:07:48 | 001,072,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\bd28f26b18b8ffeee1a0fbaa98f5810e\System.IdentityModel.ni.dll MOD - [2012.10.08 06:07:46 | 018,058,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\cfece6f67593b4d8bb58d23b7fdcc470\System.ServiceModel.ni.dll MOD - [2012.10.08 06:07:32 | 000,027,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorDataMgrSvcInt#\d4adb751b6243b8669237a5259e4a035\IAStorDataMgrSvcInterfaces.ni.dll MOD - [2012.10.08 06:07:29 | 000,026,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorCommon\7da8678130c6186e5635f0dab9de8bae\IAStorCommon.ni.dll MOD - [2012.10.08 06:07:26 | 000,361,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorUtil\eaf38851778a2b0b790de0f2f41af37b\IAStorUtil.ni.dll MOD - [2012.10.08 06:07:07 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\79ac99fe5274fb82ffcff2c15f71854c\System.Runtime.DurableInstancing.ni.dll MOD - [2012.10.08 06:07:06 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8a9fac9cb825b5d2db0bdb867fff940e\System.Runtime.Serialization.ni.dll MOD - [2012.10.08 06:07:06 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\bb97517e4ca64e02282fca24612ce8ad\SMDiagnostics.ni.dll MOD - [2012.10.08 06:06:56 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d234eceae699d070b5a5712ce776c01f\System.Xaml.ni.dll MOD - [2012.10.08 04:47:35 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll MOD - [2012.10.08 04:47:28 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll MOD - [2012.10.08 04:45:30 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll MOD - [2012.10.08 04:45:28 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll MOD - [2012.10.08 04:45:26 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll MOD - [2012.10.08 04:45:21 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll MOD - [2012.10.08 04:45:17 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll MOD - [2012.09.07 15:19:12 | 000,397,312 | ---- | M] () -- D:\Program Files (x86)\Orbitdownloader\wtlctrl.dll ========== Services (SafeList) ========== SRV:64bit: - [2012.10.06 14:49:46 | 000,009,216 | ---- | M] () [Auto | Running] -- D:\Program Files\USBLogon\usblonsvc.exe -- (USBLogonService) SRV:64bit: - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- D:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:64bit: - [2012.07.28 04:09:44 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2011.09.27 21:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- D:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe -- (LBTServ) SRV:64bit: - [2011.01.26 13:38:11 | 000,350,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\ftpsvc.dll -- (ftpsvc) SRV:64bit: - [2010.11.21 05:24:51 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\snmp.exe -- (SNMP) SRV:64bit: - [2010.11.21 05:24:38 | 000,189,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqtgsvc.exe -- (MSMQTriggers) SRV:64bit: - [2010.11.21 05:24:38 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\inetinfo.exe -- (IISADMIN) SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2009.07.14 03:41:10 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iprip.dll -- (iprip) SRV:64bit: - [2009.07.14 03:39:56 | 000,010,752 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\WMSvc.exe -- (WMSVC) SRV:64bit: - [2009.07.14 03:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp) SRV:64bit: - [2009.07.14 03:39:20 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqsvc.exe -- (MSMQ) SRV:64bit: - [2009.07.14 03:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC) SRV - [2012.10.14 07:24:19 | 000,115,168 | ---- | M] (Mozilla Foundation) [Auto | Stopped] -- D:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.10.13 10:59:52 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012.09.24 16:05:00 | 000,384,888 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- D:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc) SRV - [2012.09.24 16:04:32 | 000,393,080 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- D:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc) SRV - [2012.09.24 14:46:16 | 001,328,736 | ---- | M] (Secunia) [Auto | Running] -- D:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent) SRV - [2012.09.24 14:46:16 | 000,656,480 | ---- | M] (Secunia) [Auto | Running] -- D:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent) SRV - [2012.08.31 16:02:02 | 002,754,984 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- D:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2012.08.17 04:37:50 | 000,007,168 | ---- | M] (Intel Corporation) [Auto | Running] -- D:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- D:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.01.18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- D:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion) SRV - [2011.05.24 10:33:30 | 001,840,128 | ---- | M] (MAGIX AG) [Auto | Running] -- D:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs) SRV - [2011.04.26 13:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- D:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) SRV - [2010.11.21 05:25:10 | 000,047,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\snmp.exe -- (SNMP) SRV - [2010.11.21 05:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS) SRV - [2010.11.21 05:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC) SRV - [2010.11.21 05:24:51 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.07.14 03:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.10.14 08:19:29 | 000,027,760 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc) DRV:64bit: - [2012.10.14 08:19:29 | 000,014,448 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt) DRV:64bit: - [2012.09.12 15:20:04 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2012.08.21 11:13:13 | 000,969,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2012.08.21 11:13:13 | 000,359,464 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2012.08.21 11:13:13 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:64bit: - [2012.08.21 11:13:12 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2012.08.21 11:13:12 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:64bit: - [2012.08.21 11:13:11 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:64bit: - [2012.08.20 14:48:50 | 000,019,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio) DRV:64bit: - [2012.08.20 14:48:48 | 000,012,384 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio) DRV:64bit: - [2012.08.17 04:33:42 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA) DRV:64bit: - [2012.08.17 04:33:38 | 000,027,456 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF) DRV:64bit: - [2012.07.28 06:07:44 | 010,278,912 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2012.07.28 03:14:46 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2012.06.05 13:45:16 | 000,237,968 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.12.16 16:20:10 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI) DRV:64bit: - [2011.09.02 08:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:64bit: - [2011.09.02 08:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.21 05:24:15 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST) DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 02:26:13 | 000,189,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mqac.sys -- (MQAC) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.03.01 23:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2007.05.09 01:00:00 | 000,183,200 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\V0470Vid.sys -- (VF0470Vid) DRV - [2012.10.08 02:22:42 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2012.09.24 16:04:50 | 000,071,032 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- D:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D4 A4 66 F9 21 A3 CD 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "https://www.google.de/" FF - prefs.js..extensions.enabledAddons: wrc@avast.com:7.0.1466 FF - prefs.js..extensions.enabledAddons: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.10 FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.10 FF - prefs.js..extensions.enabledAddons: {988da70d-b78d-44a1-a9c7-ed11832a9e2e}:1.3 FF - prefs.js..extensions.enabledAddons: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.6.7 FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: D:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: D:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: D:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: D:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: D:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.) FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: D:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: D:\Program Files\AVAST Software\Avast\WebRep\FF [2012.10.05 21:04:17 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: D:\Program Files (x86)\Mozilla Firefox\components [2012.10.14 07:24:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: D:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Components: D:\Program Files (x86)\Mozilla Thunderbird\components [2012.10.11 16:54:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Plugins: D:\Program Files (x86)\Mozilla Thunderbird\plugins [2012.10.05 21:51:11 | 000,000,000 | ---D | M] (No name found) -- D:\Users\******\AppData\Roaming\Mozilla\Extensions [2012.10.05 21:51:11 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- D:\Users\******\AppData\Roaming\Mozilla\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.10.05 21:51:11 | 000,000,000 | ---D | M] (DownloadHelper) -- D:\Users\******\AppData\Roaming\Mozilla\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012.10.05 21:51:11 | 000,000,000 | ---D | M] (IMinent Toolbar) -- D:\Users\******\AppData\Roaming\Mozilla\Extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444} [2012.10.05 21:51:11 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- D:\Users\******\AppData\Roaming\Mozilla\Extensions\battlefieldplay4free@ea.com [2012.10.05 21:51:11 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- D:\Users\******\AppData\Roaming\Mozilla\Extensions\ich@maltegoetz.de [2012.10.18 18:16:10 | 000,000,000 | ---D | M] (No name found) -- D:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\5g4bf4er.default\extensions [2012.10.18 18:16:10 | 000,000,000 | ---D | M] (PriceGong) -- D:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\5g4bf4er.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829} [2012.10.06 01:20:40 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- D:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\5g4bf4er.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.10.08 23:50:25 | 000,000,000 | ---D | M] (DownloadHelper) -- D:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\5g4bf4er.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012.08.30 18:22:28 | 000,079,759 | ---- | M] () (No name found) -- D:\Users\******\AppData\Roaming\Mozilla\Extensions\jid0-VYmz57LiwomhDdFigX6o1UAZnIE@jetpack.xpi [2012.08.31 00:13:38 | 000,340,132 | ---- | M] () (No name found) -- D:\Users\******\AppData\Roaming\Mozilla\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2012.08.31 00:12:48 | 000,709,293 | ---- | M] () (No name found) -- D:\Users\******\AppData\Roaming\Mozilla\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2012.10.12 21:28:29 | 000,015,162 | ---- | M] () (No name found) -- D:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\5g4bf4er.default\extensions\{988da70d-b78d-44a1-a9c7-ed11832a9e2e}.xpi [2012.10.14 07:24:16 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files (x86)\mozilla firefox\extensions [2012.10.14 07:24:16 | 000,000,000 | ---D | M] (Skype Click to Call) -- D:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012.10.05 21:04:17 | 000,000,000 | ---D | M] (avast! WebRep) -- D:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF File not found (No name found) -- D:\USERS\****** ******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5G4BF4ER.DEFAULT\EXTENSIONS\{8A9386B4-E958-4C4C-ADF4-8F26DB3E4829} File not found (No name found) -- D:\USERS\****** ******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5G4BF4ER.DEFAULT\EXTENSIONS\{988DA70D-B78D-44A1-A9C7-ED11832A9E2E}.XPI File not found (No name found) -- D:\USERS\****** ******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5G4BF4ER.DEFAULT\EXTENSIONS\{ACAA314B-EEBA-48E4-AD47-84E31C44796C} File not found (No name found) -- D:\USERS\****** ******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5G4BF4ER.DEFAULT\EXTENSIONS\{B9DB16A4-6EDC-47EC-A1F4-B86292ED211D} [2012.10.14 07:24:20 | 000,261,600 | ---- | M] (Mozilla Foundation) -- D:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.08.25 04:49:52 | 000,001,392 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.08.25 04:49:52 | 000,002,465 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.08.25 04:49:52 | 000,001,153 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.08.25 04:49:52 | 000,006,805 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.08.25 04:49:52 | 000,001,178 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.08.25 04:49:52 | 000,001,105 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com) O2 - BHO: (Shopping Assistant Plugin) - {1631550F-191D-4826-B069-D9439253D926} - D:\Program Files (x86)\PriceGong\2.6.7\PriceGongIE.dll (PriceGong) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - D:\Program Files (x86)\Orbitdownloader\GrabPro.dll () O4:64bit: - HKLM..\Run: [EvtMgr6] D:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [MsmqIntCert] C:\Windows\SysNative\mqrt.dll (Microsoft Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] D:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avast] D:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [IAStorIcon] D:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation) O4 - HKLM..\Run: [StartCCC] D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - Startup: D:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk = D:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech) O4 - Startup: D:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SystemExplorerDisabled [2012.10.13 11:06:50 | 000,000,000 | -H-D | M] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: &Download by Orbit - D:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8:64bit: - Extra context menu item: &Grab video by Orbit - D:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8:64bit: - Extra context menu item: Do&wnload selected by Orbit - D:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8:64bit: - Extra context menu item: Down&load all by Orbit - D:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8:64bit: - Extra context menu item: Free YouTube Download - D:\Users\******\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm () O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - D:\Users\******\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: &Download by Orbit - D:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: &Grab video by Orbit - D:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Do&wnload selected by Orbit - D:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Down&load all by Orbit - D:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Free YouTube Download - D:\Users\******\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - D:\Users\******\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - D:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - D:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4BF905C7-4B4C-420D-8345-806629704CEA}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EFA8E424-6B7C-4AA9-8D78-2E9AF48B83F9}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (d:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - d:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{e37e847d-15a3-11e2-a9d9-001fd0a154cb}\Shell - "" = AutoRun O33 - MountPoints2\{e37e847d-15a3-11e2-a9d9-001fd0a154cb}\Shell\AutoRun\command - "" = L:\Startme.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.10.19 04:55:25 | 000,602,112 | ---- | C] (OldTimer Tools) -- D:\Users\******\Desktop\OTL.exe [2012.10.19 04:54:16 | 000,000,000 | ---D | C] -- D:\Users\******\Desktop\Log Daten [2012.10.19 04:53:08 | 000,000,000 | ---D | C] -- D:\Users\******\Desktop\Programme [2012.10.19 04:44:16 | 010,669,952 | ---- | C] (Malwarebytes Corporation ) -- D:\Users\******\Desktop\mbam-setup-1.65.1.1000.exe [2012.10.19 03:04:15 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\MyPhoneExplorer [2012.10.18 23:29:11 | 000,000,000 | ---D | C] -- C:\Users [2012.10.18 21:06:24 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\TeamViewer [2012.10.18 18:54:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup [2012.10.18 18:16:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong [2012.10.18 18:16:09 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\PriceGong [2012.10.18 18:16:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer [2012.10.18 18:16:01 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\MyPhoneExplorer [2012.10.18 08:31:36 | 000,000,000 | ---D | C] -- D:\Users\******\Documents\DVDVideoSoft [2012.10.18 07:58:28 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Local\FreeCommanderXE [2012.10.18 07:58:27 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\FreeCommander XE [2012.10.18 06:54:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7M [2012.10.18 06:54:27 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\ICQ Search [2012.10.18 06:54:07 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\ICQ [2012.10.18 06:54:03 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\ICQ7M [2012.10.18 06:50:18 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacksSetup [2012.10.18 06:50:08 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\BlueStacks [2012.10.18 06:50:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks [2012.10.18 06:50:08 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacks [2012.10.18 06:14:27 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Radeon RAMDisk [2012.10.18 06:06:28 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\ProgSense [2012.10.18 06:06:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orbit [2012.10.18 06:06:25 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\GrabPro [2012.10.18 06:06:25 | 000,000,000 | ---D | C] -- C:\downloads [2012.10.18 06:06:22 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Orbitdownloader [2012.10.18 06:05:36 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Orbit [2012.10.18 05:59:49 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\JDownloader [2012.10.15 00:25:06 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2012.10.14 11:31:33 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Opera [2012.10.14 11:31:33 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Local\Opera [2012.10.14 11:31:30 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Opera [2012.10.14 08:19:29 | 000,027,760 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggsemc.sys [2012.10.14 08:19:29 | 000,014,448 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggflt.sys [2012.10.14 08:19:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Ericsson [2012.10.14 08:19:24 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Sony Ericsson [2012.10.14 08:19:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2012.10.14 08:19:05 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\Java [2012.10.14 08:18:55 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Java [2012.10.14 08:16:56 | 000,000,000 | ---D | C] -- D:\Users\******\Podcasts [2012.10.14 08:16:56 | 000,000,000 | ---D | C] -- D:\Users\******\Documents\Media Go [2012.10.14 08:14:36 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Local\Sony [2012.10.14 08:14:34 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\Sony Shared [2012.10.14 08:14:04 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Local\Downloaded Installations [2012.10.14 08:13:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Corporation [2012.10.14 08:12:36 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Sony Media Go Install [2012.10.14 08:12:36 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Sony [2012.10.14 08:07:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony [2012.10.14 08:07:29 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Sony [2012.10.14 08:07:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony [2012.10.14 07:24:16 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Mozilla Firefox [2012.10.13 12:18:35 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RMPrepUSB [2012.10.13 12:18:34 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\RMPrepUSB [2012.10.13 11:09:13 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\SeriousBit [2012.10.13 11:06:50 | 000,000,000 | -H-D | C] -- D:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SystemExplorerDisabled [2012.10.13 10:59:09 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Local\Secunia PSI [2012.10.13 10:52:37 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\System Explorer [2012.10.13 10:52:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnhanceMySe7en [2012.10.13 10:52:24 | 000,000,000 | ---D | C] -- D:\Program Files\EnhanceMySe7en [2012.10.13 10:52:06 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Secunia [2012.10.13 10:51:48 | 000,000,000 | ---D | C] -- D:\Program Files\USBLogon [2012.10.13 10:51:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quadsoft USBLogon [2012.10.13 04:24:11 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\MAGIX [2012.10.13 04:24:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX [2012.10.13 04:24:09 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\simplitec [2012.10.13 04:24:09 | 000,000,000 | ---D | C] -- C:\ProgramData\simplitec [2012.10.13 04:24:08 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\simplitec [2012.10.13 04:24:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec [2012.10.13 04:24:06 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX [2012.10.13 04:24:04 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\MAGIX Services [2012.10.13 04:24:02 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\MSXML 4.0 [2012.10.13 04:23:23 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Tonium [2012.10.13 04:22:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tonium [2012.10.13 04:22:48 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Tonium [2012.10.13 04:22:10 | 000,000,000 | ---D | C] -- D:\Users\******\Documents\MAGIX Downloads [2012.10.13 04:22:09 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\MAGIX [2012.10.12 21:38:01 | 000,000,000 | ---D | C] -- D:\Users\******\dwhelper [2012.10.10 22:59:47 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\CrystalDiskInfo [2012.10.09 05:38:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Home Edition 7.6 [2012.10.09 05:38:52 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\MiniTool Partition Wizard Home Edition 7.6 [2012.10.08 22:51:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard Company [2012.10.08 21:22:08 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Malwarebytes [2012.10.08 21:22:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.10.08 21:22:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.10.08 21:22:03 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.10.08 21:22:03 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.10.08 03:40:01 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Seagate [2012.10.08 03:40:00 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Seagate [2012.10.08 03:39:29 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\Wise Installation Wizard [2012.10.08 03:29:30 | 000,000,000 | ---D | C] -- D:\Users\******\Documents\TCeinstellung [2012.10.08 03:16:05 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012.10.08 01:33:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE [2012.10.08 01:33:45 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\GIGABYTE [2012.10.08 00:31:36 | 000,000,000 | ---D | C] -- D:\Program Files\Tracker Software [2012.10.07 23:08:02 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan [2012.10.07 23:08:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan [2012.10.07 23:08:01 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\SpeedFan [2012.10.07 19:29:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2012.10.07 19:28:22 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft Silverlight [2012.10.07 19:28:22 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Microsoft Silverlight [2012.10.07 19:20:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack x64 [2012.10.07 19:20:23 | 000,000,000 | ---D | C] -- D:\Program Files\K-Lite Codec Pack x64 [2012.10.07 14:37:55 | 000,000,000 | ---D | C] -- D:\Users\******\Documents\iMacros [2012.10.07 12:36:36 | 000,000,000 | ---D | C] -- D:\Users\******\Tracing [2012.10.07 12:34:24 | 000,000,000 | ---D | C] -- C:\Windows\de [2012.10.07 12:33:47 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Microsoft SQL Server Compact Edition [2012.10.07 12:33:31 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live [2012.10.07 12:33:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2012.10.07 12:33:29 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Live [2012.10.07 12:33:23 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012.10.07 12:33:16 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Windows Live [2012.10.07 12:32:40 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Microsoft SkyDrive [2012.10.07 12:32:39 | 000,000,000 | R--D | C] -- D:\Users\******\SkyDrive [2012.10.07 12:32:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive [2012.10.07 12:32:12 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Local\Windows Live [2012.10.07 12:31:56 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\Windows Live [2012.10.07 08:23:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emerge Desktop [2012.10.07 08:09:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs [2012.10.07 08:09:01 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Shark007 [2012.10.07 08:09:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Shark007 [2012.10.07 08:08:58 | 001,416,704 | ---- | C] (MPC-HC Team) -- C:\Windows\SysNative\VSFilter.dll [2012.10.07 08:08:58 | 000,361,472 | ---- | C] (fccHandler) -- C:\Windows\SysNative\aacacm.acm [2012.10.07 08:08:58 | 000,180,736 | ---- | C] (fccHandler) -- C:\Windows\SysNative\ac3acm.acm [2012.10.07 08:08:58 | 000,124,909 | ---- | C] (Open Source Software community project) -- C:\Windows\SysNative\pthreadGC2.dll [2012.10.07 08:08:58 | 000,000,000 | ---D | C] -- D:\Program Files\Shark007 [2012.10.06 21:45:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative [2012.10.06 21:44:53 | 000,811,008 | ---- | C] (Pizzolato Davide - www.xdp.it) -- C:\Windows\SysWow64\cximage.dll [2012.10.06 21:41:24 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Skype [2012.10.06 21:41:21 | 000,000,000 | R--D | C] -- D:\Program Files (x86)\Skype [2012.10.06 21:41:21 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\Skype [2012.10.06 21:41:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012.10.06 21:41:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2012.10.06 19:25:29 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\vlc [2012.10.06 19:01:09 | 000,000,000 | ---D | C] -- D:\Users\******\Local Settings [2012.10.06 18:57:08 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\SoundControl [2012.10.06 18:57:03 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SoundControl [2012.10.06 18:57:03 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\SoundControl [2012.10.06 18:56:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mixxx [2012.10.06 18:56:50 | 000,000,000 | ---D | C] -- D:\Program Files\Mixxx [2012.10.06 01:30:13 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Microsoft [2012.10.06 01:20:39 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\DVDVideoSoftIEHelpers [2012.10.06 01:20:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft [2012.10.06 01:19:11 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\DVDVideoSoft [2012.10.06 01:19:11 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\DVDVideoSoft [2012.10.06 01:18:39 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\DVDVideoSoft [2012.10.05 23:39:30 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\wargaming.net [2012.10.05 23:39:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks [2012.10.05 23:39:20 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx [2012.10.05 23:11:02 | 000,000,000 | ---D | C] -- D:\Program Files\Easersoft [2012.10.05 23:05:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2012.10.05 23:05:27 | 000,000,000 | ---D | C] -- D:\Program Files\VideoLAN [2012.10.05 23:00:24 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Mozilla Maintenance Service [2012.10.05 23:00:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012.10.05 22:17:43 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\TeamViewer [2012.10.05 22:08:06 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Microsoft.NET [2012.10.05 21:22:04 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\TS3Client [2012.10.05 21:20:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client [2012.10.05 21:04:25 | 000,359,464 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2012.10.05 21:04:25 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2012.10.05 21:04:25 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2012.10.05 21:04:25 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2012.10.05 21:04:25 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Local\Google [2012.10.05 21:04:25 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Google [2012.10.05 21:04:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2012.10.05 21:04:24 | 000,969,200 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2012.10.05 21:04:24 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2012.10.05 21:04:24 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2012.10.05 21:04:12 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2012.10.05 21:04:12 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2012.10.05 21:04:04 | 000,000,000 | ---D | C] -- D:\Program Files\AVAST Software [2012.10.05 21:04:04 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2012.10.05 21:00:39 | 000,000,000 | ---D | C] -- D:\Program Files\TeamSpeak 3 Client [2012.10.05 20:55:38 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Local\Macromedia [2012.10.05 20:52:42 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Local\Mozilla [2012.10.05 20:50:21 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Thunderbird [2012.10.05 20:50:21 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Local\Thunderbird [2012.10.05 20:50:21 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Mozilla [2012.10.05 20:47:21 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\MozBackup [2012.10.05 20:46:37 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Mozilla Thunderbird [2012.10.05 20:16:25 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\WinRAR [2012.10.05 20:16:25 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2012.10.05 20:16:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2012.10.05 20:16:23 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\WinRAR [2012.10.05 20:16:19 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\7-Zip [2012.10.05 20:16:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2012.10.05 20:10:20 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Local\ElevatedDiagnostics [2012.10.05 19:55:15 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Macromedia [2012.10.05 19:55:15 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Adobe [2012.10.05 19:55:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2012.10.05 19:17:23 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\Intel Corporation [2012.10.05 19:16:43 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Intel Corporation [2012.10.05 19:15:43 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\ATI [2012.10.05 19:15:43 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Local\ATI [2012.10.05 19:15:43 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2012.10.05 19:07:49 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [2012.10.05 19:04:25 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll [2012.10.05 19:04:25 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Intel [2012.10.05 19:04:13 | 000,000,000 | ---D | C] -- C:\Intel [2012.10.05 19:03:07 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\AMD APP [2012.10.05 19:03:06 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\ATI Technologies [2012.10.05 19:03:06 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\ATI Technologies [2012.10.05 19:03:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2012.10.05 19:02:47 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\ATI Technologies [2012.10.05 19:02:46 | 000,000,000 | ---D | C] -- D:\Program Files\ATI [2012.10.05 19:02:01 | 000,000,000 | ---D | C] -- D:\Program Files\ATI Technologies [2012.10.05 18:59:23 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Local\LogiShrd [2012.10.05 18:58:38 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Leadertech [2012.10.05 18:58:37 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\LogiShrd [2012.10.05 18:58:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech [2012.10.05 18:58:25 | 000,000,000 | ---D | C] -- D:\Users\Public\Documents\LogiShrd [2012.10.05 18:58:23 | 000,000,000 | ---D | C] -- D:\Program Files\Logitech [2012.10.05 18:58:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Logishrd [2012.10.05 18:58:19 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2012.10.05 18:57:10 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\LogiShrd [2012.10.05 18:57:08 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Logitech [2012.10.05 18:57:08 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Logishrd [2012.10.05 18:55:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2012.10.05 18:55:47 | 002,080,120 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll [2012.10.05 18:55:47 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2012.10.05 18:55:47 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2012.10.05 18:55:47 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2012.10.05 18:55:47 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2012.10.05 18:55:47 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll [2012.10.05 18:55:47 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2012.10.05 18:55:47 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll [2012.10.05 18:55:47 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2012.10.05 18:55:47 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2012.10.05 18:55:47 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2012.10.05 18:55:46 | 002,535,008 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2012.10.05 18:55:46 | 002,028,920 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll [2012.10.05 18:55:46 | 000,834,936 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll [2012.10.05 18:55:46 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2012.10.05 18:55:46 | 000,110,592 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll [2012.10.05 18:55:46 | 000,000,000 | -H-D | C] -- D:\Program Files (x86)\InstallShield Installation Information [2012.10.05 18:55:46 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Realtek [2012.10.05 18:54:51 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\InstallShield [2012.10.05 18:53:29 | 000,000,000 | ---D | C] -- D:\Program Files\Realtek [2012.10.05 18:53:27 | 007,163,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64H.dll [2012.10.05 18:53:27 | 000,433,504 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64H.dll [2012.10.05 18:53:27 | 000,372,056 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64H.dll [2012.10.05 18:53:27 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DHT64.dll [2012.10.05 18:53:27 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DAA64.dll [2012.10.05 18:53:27 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64H.dll [2012.10.05 18:53:27 | 000,141,152 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64H.dll [2012.10.05 18:53:27 | 000,123,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64H.dll [2012.10.05 18:53:27 | 000,097,624 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64H.dll [2012.10.05 18:53:27 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64H.dll [2012.10.05 18:53:27 | 000,074,592 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64H.dll [2012.10.05 18:53:16 | 000,000,000 | -H-D | C] -- D:\Program Files (x86)\Temp [2012.10.05 18:43:21 | 000,000,000 | ---D | C] -- D:\Users\Public\Documents\DriverGenius [2012.10.05 18:42:56 | 000,000,000 | ---D | C] -- C:\ProgramData\DriverGenius [2012.10.05 18:34:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer [2012.10.05 18:34:33 | 000,000,000 | ---D | C] -- C:\Windows\ShellNew [2012.10.05 18:34:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\msmq [2012.10.05 18:34:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\FxsTmp [2012.10.05 18:34:33 | 000,000,000 | ---D | C] -- C:\Windows\ehome [2012.10.05 18:34:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\BestPractices [2012.10.05 18:34:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\BestPractices [2012.10.05 18:34:33 | 000,000,000 | ---D | C] -- C:\Windows\addins [2012.10.05 18:34:32 | 000,000,000 | RH-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC [2012.10.05 18:34:32 | 000,000,000 | ---D | C] -- C:\inetpub [2012.10.05 18:34:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\FxsTmp [2012.10.05 18:34:30 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Windows Sidebar [2012.10.05 18:34:30 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Windows Media Player [2012.10.05 18:34:30 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Reference Assemblies [2012.10.05 18:34:30 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\MSBuild [2012.10.05 18:34:28 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Sidebar [2012.10.05 18:34:27 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Journal [2012.10.05 18:34:27 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft Games [2012.10.05 18:34:26 | 000,000,000 | ---D | C] -- D:\Program Files\Reference Assemblies [2012.10.05 18:34:26 | 000,000,000 | ---D | C] -- D:\Program Files\MSBuild [2012.10.05 18:29:31 | 000,000,000 | -H-D | C] -- D:\Program Files (x86)\Uninstall Information [2012.10.05 18:29:31 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Portable Devices [2012.10.05 18:29:31 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Windows Portable Devices [2012.10.05 18:29:31 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Photo Viewer [2012.10.05 18:29:31 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Windows Photo Viewer [2012.10.05 18:29:31 | 000,000,000 | ---D | C] -- D:\Program Files\Windows NT [2012.10.05 18:29:31 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Windows NT [2012.10.05 18:29:31 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Media Player [2012.10.05 18:29:31 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Windows Mail [2012.10.05 18:29:31 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Windows Defender [2012.10.05 18:29:31 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\System [2012.10.05 18:29:31 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\SpeechEngines [2012.10.05 18:29:31 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\Services [2012.10.05 18:29:31 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\microsoft shared [2012.10.05 18:29:31 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Internet Explorer [2012.10.05 18:29:31 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files [2012.10.05 18:29:30 | 000,000,000 | -H-D | C] -- D:\Program Files\Uninstall Information [2012.10.05 18:29:30 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Mail [2012.10.05 18:29:30 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Defender [2012.10.05 18:29:30 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\System [2012.10.05 18:29:30 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\SpeechEngines [2012.10.05 18:29:30 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Services [2012.10.05 18:29:30 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Microsoft Shared [2012.10.05 18:29:30 | 000,000,000 | ---D | C] -- D:\Program Files\DVD Maker [2012.10.05 18:29:30 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files [2012.10.05 17:54:15 | 000,000,000 | R--D | C] -- D:\Users\******\Videos [2012.10.05 17:54:15 | 000,000,000 | R--D | C] -- D:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012.10.05 17:54:15 | 000,000,000 | R--D | C] -- D:\Users\******\Saved Games [2012.10.05 17:54:15 | 000,000,000 | R--D | C] -- D:\Users\******\Pictures [2012.10.05 17:54:15 | 000,000,000 | R--D | C] -- D:\Users\******\Music [2012.10.05 17:54:15 | 000,000,000 | R--D | C] -- D:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012.10.05 17:54:15 | 000,000,000 | R--D | C] -- D:\Users\******\Links [2012.10.05 17:54:15 | 000,000,000 | R--D | C] -- D:\Users\******\Favorites [2012.10.05 17:54:15 | 000,000,000 | R--D | C] -- D:\Users\******\Downloads [2012.10.05 17:54:15 | 000,000,000 | R--D | C] -- D:\Users\******\Documents [2012.10.05 17:54:15 | 000,000,000 | R--D | C] -- D:\Users\******\Desktop [2012.10.05 17:54:15 | 000,000,000 | R--D | C] -- D:\Users\******\Contacts [2012.10.05 17:54:15 | 000,000,000 | R--D | C] -- D:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012.10.05 17:54:15 | 000,000,000 | R--D | C] -- D:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012.10.05 17:54:15 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Local\VirtualStore [2012.10.05 17:54:15 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Local\Temp [2012.10.05 17:54:15 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Media Center Programs [2012.10.05 17:54:15 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Identities [2012.10.05 17:52:08 | 000,000,000 | R--D | C] -- D:\Users\******\Searches [2012.10.05 17:50:43 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Local\Microsoft [2012.10.05 17:50:26 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Microsoft [2012.10.05 17:50:26 | 000,000,000 | ---D | C] -- D:\Users\******\AppData [2012.10.05 17:12:49 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2012.10.05 16:55:36 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2012.10.05 16:19:22 | 000,000,000 | -HSD | C] -- C:\Recovery [2012.10.05 16:19:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2012.10.05 16:19:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2012.10.05 16:19:21 | 000,000,000 | -HSD | C] -- C:\Programme [2012.10.05 16:19:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2012.10.05 16:19:21 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2012.10.05 16:19:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2012.10.05 16:19:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2012.10.05 16:19:19 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012.10.05 16:13:40 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2012.10.05 16:13:27 | 000,000,000 | -HSD | C] -- C:\System Volume Information ========== Files - Modified Within 30 Days ========== [2012.10.19 04:55:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Users\******\Desktop\OTL.exe [2012.10.19 04:54:53 | 000,000,000 | ---- | M] () -- D:\Users\******\defogger_reenable [2012.10.19 04:48:56 | 000,050,477 | ---- | M] () -- D:\Users\******\Desktop\Defogger.exe [2012.10.19 04:45:27 | 000,001,149 | ---- | M] () -- D:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.10.19 04:44:19 | 010,669,952 | ---- | M] (Malwarebytes Corporation ) -- D:\Users\******\Desktop\mbam-setup-1.65.1.1000.exe [2012.10.19 04:44:02 | 000,001,781 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Orbit.lnk [2012.10.19 03:04:28 | 001,833,466 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.10.19 03:04:28 | 000,784,310 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.10.19 03:04:28 | 000,723,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.10.19 03:04:28 | 000,179,100 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.10.19 03:04:28 | 000,146,200 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.10.19 01:01:10 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.10.19 01:01:10 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.10.18 23:42:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.10.17 14:28:15 | 000,000,000 | -H-- | M] () -- D:\Users\******\Documents\Default.rdp [2012.10.14 08:35:36 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggsemc_01009.Wdf [2012.10.14 08:35:36 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggflt_01009.Wdf [2012.10.14 08:19:29 | 000,027,760 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggsemc.sys [2012.10.14 08:19:29 | 000,014,448 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggflt.sys [2012.10.13 17:22:55 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.10.08 22:11:50 | 001,801,110 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.10.08 01:46:06 | 000,001,376 | ---- | M] () -- D:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk [2012.10.07 23:08:01 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo [2012.10.05 22:03:55 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.10.05 21:30:34 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2012.10.05 21:30:34 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2012.10.05 21:04:24 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2012.10.05 19:15:14 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2012.10.05 18:36:44 | 000,000,535 | ---- | M] () -- C:\Windows\SysWow64\mapisvc.inf [2012.10.05 17:20:20 | 000,000,035 | ---- | M] () -- C:\Windows\VB.MNM [2012.10.05 16:15:52 | 000,159,772 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2012.10.05 16:15:52 | 000,159,772 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2012.10.05 16:14:14 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012.09.29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.09.20 20:00:00 | 000,127,488 | ---- | M] () -- C:\Windows\SysNative\ff_vfw.dll ========== Files Created - No Company Name ========== [2012.10.19 04:54:53 | 000,000,000 | ---- | C] () -- D:\Users\******\defogger_reenable [2012.10.19 04:48:55 | 000,050,477 | ---- | C] () -- D:\Users\******\Desktop\Defogger.exe [2012.10.18 18:22:05 | 000,001,149 | ---- | C] () -- D:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.10.18 06:06:29 | 000,001,781 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Orbit.lnk [2012.10.18 06:00:19 | 000,002,051 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk [2012.10.18 06:00:19 | 000,002,035 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk [2012.10.18 06:00:19 | 000,001,980 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk [2012.10.17 14:28:15 | 000,000,000 | -H-- | C] () -- D:\Users\******\Documents\Default.rdp [2012.10.14 11:31:31 | 000,001,761 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk [2012.10.14 08:35:36 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggsemc_01009.Wdf [2012.10.14 08:35:36 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggflt_01009.Wdf [2012.10.13 10:59:58 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.10.13 10:52:07 | 000,000,981 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk [2012.10.09 05:38:58 | 002,966,720 | ---- | C] () -- C:\Windows\SysNative\pwNative.exe [2012.10.09 05:38:58 | 000,019,032 | ---- | C] () -- C:\Windows\SysNative\pwdrvio.sys [2012.10.09 05:38:58 | 000,012,384 | ---- | C] () -- C:\Windows\SysNative\pwdspio.sys [2012.10.08 01:46:06 | 000,001,376 | ---- | C] () -- D:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk [2012.10.07 23:08:01 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo [2012.10.07 12:34:18 | 000,001,183 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk [2012.10.07 12:34:14 | 000,001,246 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk [2012.10.07 12:33:44 | 000,001,356 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk [2012.10.07 12:33:42 | 000,002,372 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk [2012.10.07 12:32:39 | 000,002,231 | ---- | C] () -- D:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk [2012.10.07 08:09:00 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [2012.10.07 08:08:58 | 004,408,832 | ---- | C] () -- C:\Windows\SysNative\x264vfw.dll [2012.10.07 08:08:58 | 000,580,096 | ---- | C] () -- C:\Windows\SysNative\ac3filter.acm [2012.10.07 08:08:58 | 000,206,336 | ---- | C] () -- C:\Windows\SysNative\unrar.dll [2012.10.07 08:08:58 | 000,148,992 | ---- | C] ( ) -- C:\Windows\SysNative\lagarith.dll [2012.10.07 08:08:58 | 000,137,216 | ---- | C] () -- C:\Windows\SysNative\mlc.dll [2012.10.07 08:08:58 | 000,127,488 | ---- | C] () -- C:\Windows\SysNative\ff_vfw.dll [2012.10.06 21:44:54 | 000,057,656 | ---- | C] () -- C:\Windows\SysNative\drivers\V0470PC.bmp [2012.10.06 21:44:54 | 000,003,632 | ---- | C] () -- C:\Windows\VF0470.uns [2012.10.06 21:44:53 | 000,188,891 | ---- | C] () -- C:\Windows\SysWow64\V0470Cvw.bff [2012.10.05 22:17:46 | 000,000,988 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk [2012.10.05 21:30:34 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2012.10.05 21:30:34 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2012.10.05 21:04:24 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2012.10.05 20:47:05 | 000,001,044 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012.10.05 20:46:38 | 000,001,990 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk [2012.10.05 19:15:14 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012.10.05 18:55:47 | 000,336,393 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT [2012.10.05 18:37:40 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2012.10.05 18:37:38 | 000,001,246 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk [2012.10.05 18:37:37 | 000,001,222 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2012.10.05 18:37:37 | 000,001,216 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk [2012.10.05 18:37:36 | 000,001,409 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [2012.10.05 18:37:22 | 001,801,110 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.10.05 18:36:44 | 000,001,210 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk [2012.10.05 17:20:20 | 000,000,035 | ---- | C] () -- C:\Windows\VB.MNM [2012.10.05 16:19:43 | 000,001,461 | ---- | C] () -- D:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012.10.05 16:14:14 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012.07.28 03:39:50 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012.07.28 03:39:50 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.10.11 02:18:55 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\DVDVideoSoft [2012.10.06 01:20:40 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\DVDVideoSoftIEHelpers [2012.10.18 06:06:25 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\GrabPro [2012.10.18 22:25:09 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\ICQ [2012.10.18 06:54:27 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\ICQ Search [2012.10.05 18:58:38 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\Leadertech [2012.10.13 04:29:19 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\MAGIX [2012.10.19 03:08:09 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\MyPhoneExplorer [2012.10.14 11:31:33 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\Opera [2012.10.19 04:44:02 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\Orbit [2012.10.18 06:06:28 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\ProgSense [2012.10.13 11:09:13 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\SeriousBit [2012.10.07 08:09:01 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\Shark007 [2012.10.13 04:24:09 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\simplitec [2012.10.14 08:16:54 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\Sony [2012.10.07 16:58:22 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\SoundControl [2012.10.18 21:56:41 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\TeamViewer [2012.10.05 20:50:21 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\Thunderbird [2012.10.13 04:23:23 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\Tonium [2012.10.06 02:28:15 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\TS3Client [2012.10.06 01:32:43 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\wargaming.net ========== Purity Check ========== < End of report > Geändert von cosinus (24.10.2012 um 16:26 Uhr) |
|
24.10.2012, 16:30
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | System Sauber oder doch nicht? Passt ja doch in einem - ich hab mal die CODE-Tags korrigiert Bitte die nächsten angeforderten Logs nicht mehr als Anhang wenn es direkt passt Wie ich sehe ist dein Malwarebytes-Log ohne Funde. War das der erste und einzige Scan, sprich hat Malwarebytes nie etwas gefunden?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.10.2012, 19:46
| #9 |
| | System Sauber oder doch nicht? Malwarebytes läuft immer und Ich habe bis heute keinen einzigen Fund. Als Antiviren Software habe Ich Avast free auch dort ist bis heute kein Fund. Bis auf ein paar kleineren Meldungen bei E-Mails oder Internet Seiten nix. |
|
24.10.2012, 20:43
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | System Sauber oder doch nicht? Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm!
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.10.2012, 22:38
| #11 |
| | System Sauber oder doch nicht? Log aswMBR.txt Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-24 23:26:31
-----------------------------
23:26:31.410 OS Version: Windows x64 6.1.7601 Service Pack 1
23:26:31.410 Number of processors: 4 586 0xF0B
23:26:31.411 ComputerName: ROBERTKÖPPEN-PC UserName: Robert Köppen
23:26:31.604 Initialize success
23:26:31.658 AVAST engine defs: 12102400
23:26:51.402 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000064
23:26:51.404 Disk 0 Vendor: ATA_____ M011 Size: 61053MB BusType: 11
23:26:51.406 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000065
23:26:51.407 Disk 1 Vendor: ATA_____ A31B Size: 953868MB BusType: 11
23:26:51.409 Disk 2 \Device\Harddisk2\DR2 -> \Device\00000067
23:26:51.412 Disk 2 Vendor: ATA_____ 0003 Size: 1907729MB BusType: 11
23:26:51.416 Disk 0 MBR read successfully
23:26:51.418 Disk 0 MBR scan
23:26:51.422 Disk 0 Windows 7 default MBR code
23:26:51.424 Disk 0 Partition 1 00 07 HPFS/NTFS NTFS 100 MB offset 2048
23:26:51.428 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 60951 MB offset 206848
23:26:51.434 Disk 0 scanning C:\Windows\system32\drivers
23:26:53.858 Service scanning
23:26:59.336 Modules scanning
23:26:59.343 Disk 0 trace - called modules:
23:26:59.351 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys ACPI.sys storport.sys hal.dll iaStorA.sys
23:26:59.354 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80093b1060]
23:26:59.358 3 CLASSPNP.SYS[fffff88000db843f] -> nt!IofCallDriver -> [0xfffffa80092b0c50]
23:26:59.362 5 iaStorF.sys[fffff880018af168] -> nt!IofCallDriver -> [0xfffffa80091c0040]
23:26:59.366 7 ACPI.sys[fffff88000ee27a1] -> nt!IofCallDriver -> \Device\00000064[0xfffffa80081be660]
23:26:59.479 AVAST engine scan C:\Windows
23:26:59.697 File: C:\Windows\notepad.exe **INFECTED** Win32:Ransom-WH [Trj]
23:26:59.914 AVAST engine scan C:\Windows\system32
23:27:15.791 File: C:\Windows\system32\notepad.exe **INFECTED** Win32:Ransom-WH [Trj]
23:27:47.091 AVAST engine scan C:\Windows\system32\drivers
23:27:49.455 AVAST engine scan D:\Users\******
23:35:14.723 Disk 0 MBR has been saved successfully to "D:\Users\****\Desktop\MBR.dat"
23:35:14.729 The log file has been saved successfully to "D:\Users\****\Desktop\aswMBR.txt"
|
|
25.10.2012, 10:26
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | System Sauber oder doch nicht?Code:
ATTFilter File: C:\Windows\notepad.exe **INFECTED** Win32:Ransom-WH [Trj]
Bitte diese Datei bei Virustotal auswerten lassen und den Ergebnislink posten. Falls Du die Datei nicht siehst, musst Du sie evtl. vorher sichtbar machen. Wenn die Datei schon ausgewertet sein sollte, bitte eine weitere Auswertung starten.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.10.2012, 09:43
| #13 |
| | System Sauber oder doch nicht? Das Bekomme Ich nach dem Scan der Datei angezeigt. File already analysed This file was already analysed by VirusTotal on 2012-10-26 07:48:15. Detection ratio: 0/41 You can take a look at the last analysis or analyse it again now. |
|
26.10.2012, 13:22
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | System Sauber oder doch nicht? Entweder ist das ein Fehlalarm oder eine Manipulation Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.10.2012, 18:11
| #15 |
| | System Sauber oder doch nicht?Code:
ATTFilter 19:09:35.0927 8076 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
19:09:36.0257 8076 ============================================================
19:09:36.0257 8076 Current date / time: 2012/10/26 19:09:36.0257
19:09:36.0257 8076 SystemInfo:
19:09:36.0257 8076
19:09:36.0257 8076 OS Version: 6.1.7601 ServicePack: 1.0
19:09:36.0257 8076 Product type: Workstation
19:09:36.0257 8076 ComputerName: ROBERTKÖPPEN-PC
19:09:36.0257 8076 UserName: Robert Köppen
19:09:36.0257 8076 Windows directory: C:\Windows
19:09:36.0257 8076 System windows directory: C:\Windows
19:09:36.0257 8076 Running under WOW64
19:09:36.0257 8076 Processor architecture: Intel x64
19:09:36.0257 8076 Number of processors: 4
19:09:36.0257 8076 Page size: 0x1000
19:09:36.0257 8076 Boot type: Normal boot
19:09:36.0257 8076 ============================================================
19:09:36.0496 8076 Drive \Device\Harddisk0\DR0 - Size: 0xEE7D4DE00 (59.62 Gb), SectorSize: 0x200, Cylinders: 0x2A65E, SectorsPerTrack: 0xC, TracksPerCylinder: 0x3C, Type 'K0', Flags 0x00000040
19:09:36.0505 8076 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0CADE00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:09:36.0505 8076 Drive \Device\Harddisk2\DR2 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:09:36.0521 8076 Drive \Device\Harddisk3\DR12 - Size: 0x3BC000000 (14.94 Gb), SectorSize: 0x200, Cylinders: 0x79D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:09:36.0548 8076 Drive \Device\Harddisk8\DR13 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:09:36.0814 8076 ============================================================
19:09:36.0814 8076 \Device\Harddisk0\DR0:
19:09:36.0815 8076 MBR partitions:
19:09:36.0815 8076 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:09:36.0815 8076 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x770B800
19:09:36.0815 8076 \Device\Harddisk1\DR1:
19:09:36.0815 8076 MBR partitions:
19:09:36.0815 8076 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xC350000
19:09:36.0815 8076 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0xC350800, BlocksNum 0x683B5000
19:09:36.0815 8076 \Device\Harddisk2\DR2:
19:09:36.0815 8076 MBR partitions:
19:09:36.0815 8076 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
19:09:36.0815 8076 \Device\Harddisk3\DR12:
19:09:36.0816 8076 MBR partitions:
19:09:36.0816 8076 \Device\Harddisk3\DR12\Partition1: MBR, Type 0xC, StartLBA 0x800, BlocksNum 0x1DDB800
19:09:36.0816 8076 \Device\Harddisk8\DR13:
19:09:36.0816 8076 MBR partitions:
19:09:36.0816 8076 \Device\Harddisk8\DR13\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xDF92800
19:09:36.0816 8076 ============================================================
19:09:36.0820 8076 C: <-> \Device\Harddisk0\DR0\Partition2
19:09:36.0833 8076 D: <-> \Device\Harddisk1\DR1\Partition1
19:09:36.0852 8076 E: <-> \Device\Harddisk1\DR1\Partition2
19:09:36.0940 8076 L: <-> \Device\Harddisk8\DR13\Partition1
19:09:37.0711 8076 F: <-> \Device\Harddisk2\DR2\Partition1
19:09:37.0711 8076 ============================================================
19:09:37.0711 8076 Initialize success
19:09:37.0711 8076 ============================================================
19:09:51.0349 9792 ============================================================
19:09:51.0349 9792 Scan started
19:09:51.0349 9792 Mode: Manual; SigCheck; TDLFS;
19:09:51.0349 9792 ============================================================
19:09:51.0991 9792 ================ Scan system memory ========================
19:09:51.0991 9792 System memory - ok
19:09:51.0992 9792 ================ Scan services =============================
19:09:52.0064 9792 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
19:09:52.0129 9792 1394ohci - ok
19:09:52.0137 9792 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:09:52.0156 9792 ACPI - ok
19:09:52.0160 9792 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:09:52.0194 9792 AcpiPmi - ok
19:09:52.0242 9792 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:09:52.0258 9792 AdobeFlashPlayerUpdateSvc - ok
19:09:52.0267 9792 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:09:52.0290 9792 adp94xx - ok
19:09:52.0298 9792 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:09:52.0318 9792 adpahci - ok
19:09:52.0325 9792 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:09:52.0342 9792 adpu320 - ok
19:09:52.0349 9792 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:09:52.0403 9792 AeLookupSvc - ok
19:09:52.0412 9792 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:09:52.0435 9792 AFD - ok
19:09:52.0439 9792 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:09:52.0452 9792 agp440 - ok
19:09:52.0457 9792 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:09:52.0476 9792 ALG - ok
19:09:52.0481 9792 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:09:52.0493 9792 aliide - ok
19:09:52.0500 9792 [ B3B263B419FC9E7B1D41E61FDAE45BD9 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:09:52.0539 9792 AMD External Events Utility - ok
19:09:52.0543 9792 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:09:52.0556 9792 amdide - ok
19:09:52.0561 9792 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:09:52.0576 9792 AmdK8 - ok
19:09:52.0672 9792 [ 9A6E9363F7A5E5A06629D9DDC76EE6B5 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:09:52.0817 9792 amdkmdag - ok
19:09:52.0828 9792 [ 957A4C13E1981B1701E600EF1E823C68 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:09:52.0852 9792 amdkmdap - ok
19:09:52.0857 9792 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
19:09:52.0872 9792 AmdPPM - ok
19:09:52.0877 9792 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:09:52.0891 9792 amdsata - ok
19:09:52.0897 9792 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:09:52.0913 9792 amdsbs - ok
19:09:52.0917 9792 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:09:52.0930 9792 amdxata - ok
19:09:52.0942 9792 [ 59D01FA91962C9C1E9B4022B2D3B46DB ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
19:09:52.0958 9792 AppHostSvc - ok
19:09:52.0966 9792 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:09:53.0046 9792 AppID - ok
19:09:53.0050 9792 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:09:53.0084 9792 AppIDSvc - ok
19:09:53.0089 9792 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:09:53.0120 9792 Appinfo - ok
19:09:53.0125 9792 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
19:09:53.0139 9792 arc - ok
19:09:53.0143 9792 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:09:53.0157 9792 arcsas - ok
19:09:53.0186 9792 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:09:53.0197 9792 aspnet_state - ok
19:09:53.0202 9792 [ F9278A56E92DF6B16476431B582236B4 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
19:09:53.0219 9792 aswFsBlk - ok
19:09:53.0224 9792 [ FA86861F5B30A2909F8A555ACCF10F33 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
19:09:53.0237 9792 aswMonFlt - ok
19:09:53.0243 9792 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
19:09:53.0255 9792 aswRdr - ok
19:09:53.0269 9792 [ 0CB9A8CFB177E4FBA9F3A3D7EB038AC7 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
19:09:53.0298 9792 aswSnx - ok
19:09:53.0308 9792 [ 27215E171E212EA5770406EC216F7409 ] aswSP C:\Windows\system32\drivers\aswSP.sys
19:09:53.0326 9792 aswSP - ok
19:09:53.0331 9792 [ 88AF99223812186A8046001EA22DAB86 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
19:09:53.0344 9792 aswTdi - ok
19:09:53.0349 9792 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:09:53.0384 9792 AsyncMac - ok
19:09:53.0388 9792 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:09:53.0401 9792 atapi - ok
19:09:53.0413 9792 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:09:53.0453 9792 AudioEndpointBuilder - ok
19:09:53.0463 9792 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:09:53.0497 9792 AudioSrv - ok
19:09:53.0581 9792 [ FB05FF189FC5F57DE636315B1F5E56DB ] avast! Antivirus D:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:09:53.0591 9792 avast! Antivirus - ok
19:09:53.0602 9792 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:09:53.0629 9792 AxInstSV - ok
19:09:53.0639 9792 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:09:53.0661 9792 b06bdrv - ok
19:09:53.0669 9792 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:09:53.0688 9792 b57nd60a - ok
19:09:53.0696 9792 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:09:53.0711 9792 BDESVC - ok
19:09:53.0715 9792 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:09:53.0747 9792 Beep - ok
19:09:53.0760 9792 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:09:53.0804 9792 BFE - ok
19:09:53.0818 9792 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
19:09:53.0864 9792 BITS - ok
19:09:53.0869 9792 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:09:53.0884 9792 blbdrive - ok
19:09:53.0890 9792 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:09:53.0905 9792 bowser - ok
19:09:53.0909 9792 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:09:53.0927 9792 BrFiltLo - ok
19:09:53.0931 9792 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:09:53.0946 9792 BrFiltUp - ok
19:09:53.0953 9792 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:09:53.0971 9792 Browser - ok
19:09:53.0978 9792 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:09:54.0002 9792 Brserid - ok
19:09:54.0007 9792 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:09:54.0024 9792 BrSerWdm - ok
19:09:54.0029 9792 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:09:54.0046 9792 BrUsbMdm - ok
19:09:54.0051 9792 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:09:54.0066 9792 BrUsbSer - ok
19:09:54.0072 9792 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:09:54.0091 9792 BTHMODEM - ok
19:09:54.0098 9792 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:09:54.0132 9792 bthserv - ok
19:09:54.0139 9792 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:09:54.0174 9792 cdfs - ok
19:09:54.0179 9792 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:09:54.0196 9792 cdrom - ok
19:09:54.0203 9792 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:09:54.0253 9792 CertPropSvc - ok
19:09:54.0259 9792 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
19:09:54.0298 9792 circlass - ok
19:09:54.0303 9792 [ FF60401F1C659CA2ED4BAE85D3FD14DA ] CISVC C:\Windows\system32\CISVC.EXE
19:09:54.0340 9792 CISVC - ok
19:09:54.0349 9792 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:09:54.0367 9792 CLFS - ok
19:09:54.0381 9792 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:09:54.0392 9792 clr_optimization_v2.0.50727_32 - ok
19:09:54.0406 9792 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:09:54.0418 9792 clr_optimization_v2.0.50727_64 - ok
19:09:54.0435 9792 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:09:54.0448 9792 clr_optimization_v4.0.30319_32 - ok
19:09:54.0453 9792 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:09:54.0466 9792 clr_optimization_v4.0.30319_64 - ok
19:09:54.0470 9792 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
19:09:54.0485 9792 CmBatt - ok
19:09:54.0489 9792 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:09:54.0501 9792 cmdide - ok
19:09:54.0512 9792 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:09:54.0538 9792 CNG - ok
19:09:54.0543 9792 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:09:54.0556 9792 Compbatt - ok
19:09:54.0561 9792 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
19:09:54.0593 9792 CompositeBus - ok
19:09:54.0596 9792 COMSysApp - ok
19:09:54.0699 9792 cpuz135 - ok
19:09:54.0703 9792 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:09:54.0716 9792 crcdisk - ok
19:09:54.0725 9792 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:09:54.0742 9792 CryptSvc - ok
19:09:54.0753 9792 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:09:54.0812 9792 DcomLaunch - ok
19:09:54.0820 9792 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:09:54.0859 9792 defragsvc - ok
19:09:54.0864 9792 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:09:54.0896 9792 DfsC - ok
19:09:54.0902 9792 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
19:09:54.0915 9792 dg_ssudbus - ok
19:09:54.0922 9792 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:09:54.0960 9792 Dhcp - ok
19:09:54.0964 9792 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:09:54.0996 9792 discache - ok
19:09:55.0001 9792 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
19:09:55.0015 9792 Disk - ok
19:09:55.0022 9792 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:09:55.0038 9792 Dnscache - ok
19:09:55.0048 9792 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:09:55.0084 9792 dot3svc - ok
19:09:55.0090 9792 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:09:55.0125 9792 DPS - ok
19:09:55.0129 9792 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:09:55.0145 9792 drmkaud - ok
19:09:55.0159 9792 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:09:55.0187 9792 DXGKrnl - ok
19:09:55.0193 9792 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:09:55.0226 9792 EapHost - ok
19:09:55.0260 9792 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:09:55.0316 9792 ebdrv - ok
19:09:55.0322 9792 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:09:55.0339 9792 EFS - ok
19:09:55.0352 9792 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:09:55.0381 9792 ehRecvr - ok
19:09:55.0389 9792 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:09:55.0405 9792 ehSched - ok
19:09:55.0415 9792 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:09:55.0436 9792 elxstor - ok
19:09:55.0441 9792 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:09:55.0455 9792 ErrDev - ok
19:09:55.0468 9792 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:09:55.0508 9792 EventSystem - ok
19:09:55.0515 9792 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:09:55.0550 9792 exfat - ok
19:09:55.0556 9792 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:09:55.0591 9792 fastfat - ok
19:09:55.0604 9792 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:09:55.0630 9792 Fax - ok
19:09:55.0634 9792 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:09:55.0650 9792 fdc - ok
19:09:55.0654 9792 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:09:55.0687 9792 fdPHost - ok
19:09:55.0692 9792 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:09:55.0724 9792 FDResPub - ok
19:09:55.0728 9792 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:09:55.0741 9792 FileInfo - ok
19:09:55.0746 9792 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:09:55.0779 9792 Filetrace - ok
19:09:55.0783 9792 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:09:55.0797 9792 flpydisk - ok
19:09:55.0805 9792 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:09:55.0823 9792 FltMgr - ok
19:09:55.0838 9792 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:09:55.0869 9792 FontCache - ok
19:09:55.0875 9792 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:09:55.0885 9792 FontCache3.0.0.0 - ok
19:09:55.0889 9792 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:09:55.0902 9792 FsDepends - ok
19:09:55.0908 9792 [ B16B626996C74B564005BA855C5DEE90 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
19:09:55.0924 9792 fssfltr - ok
19:09:56.0012 9792 [ 812E1BA5C52A78F13EA6AA10DF708B1D ] fsssvc D:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
19:09:56.0048 9792 fsssvc - ok
19:09:56.0053 9792 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:09:56.0066 9792 Fs_Rec - ok
19:09:56.0078 9792 [ 79179C6F8A3784CC3A20CDE998D5BD2C ] ftpsvc C:\Windows\system32\inetsrv\ftpsvc.dll
19:09:56.0099 9792 ftpsvc - ok
19:09:56.0108 9792 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:09:56.0126 9792 fvevol - ok
19:09:56.0131 9792 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:09:56.0144 9792 gagp30kx - ok
19:09:56.0148 9792 [ 7907E14F9BCF3A4689C9A74A1A873CB6 ] gdrv C:\Windows\gdrv.sys
19:09:56.0160 9792 gdrv - ok
19:09:56.0163 9792 GEARAspiWDM - ok
19:09:56.0169 9792 [ 16C2A6BCDDA8952C2035DEC861492A19 ] ggflt C:\Windows\system32\DRIVERS\ggflt.sys
19:09:56.0180 9792 ggflt - ok
19:09:56.0184 9792 [ 6B503DF845EABF3457E49FBBDA26C10E ] ggsemc C:\Windows\system32\DRIVERS\ggsemc.sys
19:09:56.0195 9792 ggsemc - ok
19:09:56.0206 9792 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:09:56.0249 9792 gpsvc - ok
19:09:56.0255 9792 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:09:56.0271 9792 hcw85cir - ok
19:09:56.0280 9792 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:09:56.0302 9792 HdAudAddService - ok
19:09:56.0308 9792 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:09:56.0325 9792 HDAudBus - ok
19:09:56.0330 9792 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:09:56.0344 9792 HidBatt - ok
19:09:56.0349 9792 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:09:56.0367 9792 HidBth - ok
19:09:56.0372 9792 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
19:09:56.0388 9792 HidIr - ok
19:09:56.0393 9792 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:09:56.0426 9792 hidserv - ok
19:09:56.0431 9792 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:09:56.0445 9792 HidUsb - ok
19:09:56.0451 9792 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:09:56.0484 9792 hkmsvc - ok
19:09:56.0491 9792 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:09:56.0511 9792 HomeGroupListener - ok
19:09:56.0518 9792 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:09:56.0538 9792 HomeGroupProvider - ok
19:09:56.0543 9792 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:09:56.0557 9792 HpSAMD - ok
19:09:56.0568 9792 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:09:56.0610 9792 HTTP - ok
19:09:56.0614 9792 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:09:56.0625 9792 hwpolicy - ok
19:09:56.0630 9792 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:09:56.0645 9792 i8042prt - ok
19:09:56.0657 9792 [ 6C024B3AE192D72B216166802AF345DD ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
19:09:56.0674 9792 iaStorA - ok
19:09:56.0735 9792 [ 7F7A03D03FA18A0DB2DAC37A8D620E7F ] IAStorDataMgrSvc D:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
19:09:56.0740 9792 IAStorDataMgrSvc ( UnsignedFile.Multi.Generic ) - warning
19:09:56.0740 9792 IAStorDataMgrSvc - detected UnsignedFile.Multi.Generic (1)
19:09:56.0744 9792 [ 661594437CA343CC89C586283442AF73 ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
19:09:56.0755 9792 iaStorF - ok
19:09:56.0764 9792 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:09:56.0784 9792 iaStorV - ok
19:09:56.0800 9792 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:09:56.0824 9792 idsvc - ok
19:09:56.0829 9792 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:09:56.0842 9792 iirsp - ok
19:09:56.0846 9792 [ AB55B8A9B13130F638546881CE4425F8 ] IISADMIN C:\Windows\system32\inetsrv\inetinfo.exe
19:09:56.0864 9792 IISADMIN - ok
19:09:56.0877 9792 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:09:56.0921 9792 IKEEXT - ok
19:09:56.0965 9792 [ 900A45658DCB6BAE1003764991BB5FAB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:09:57.0040 9792 IntcAzAudAddService - ok
19:09:57.0046 9792 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:09:57.0059 9792 intelide - ok
19:09:57.0064 9792 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:09:57.0079 9792 intelppm - ok
19:09:57.0086 9792 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:09:57.0120 9792 IPBusEnum - ok
19:09:57.0126 9792 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:09:57.0157 9792 IpFilterDriver - ok
19:09:57.0167 9792 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:09:57.0208 9792 iphlpsvc - ok
19:09:57.0213 9792 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:09:57.0229 9792 IPMIDRV - ok
19:09:57.0233 9792 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:09:57.0266 9792 IPNAT - ok
19:09:57.0275 9792 [ 11FE7637A49B67D9B1F895B2AD4D982F ] iprip C:\Windows\System32\iprip.dll
19:09:57.0292 9792 iprip - ok
19:09:57.0296 9792 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:09:57.0315 9792 IRENUM - ok
19:09:57.0321 9792 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:09:57.0333 9792 isapnp - ok
19:09:57.0341 9792 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
19:09:57.0359 9792 iScsiPrt - ok
19:09:57.0364 9792 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:09:57.0377 9792 kbdclass - ok
19:09:57.0382 9792 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:09:57.0396 9792 kbdhid - ok
19:09:57.0400 9792 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:09:57.0414 9792 KeyIso - ok
19:09:57.0419 9792 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:09:57.0433 9792 KSecDD - ok
19:09:57.0438 9792 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:09:57.0453 9792 KSecPkg - ok
19:09:57.0457 9792 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:09:57.0490 9792 ksthunk - ok
19:09:57.0498 9792 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:09:57.0539 9792 KtmRm - ok
19:09:57.0546 9792 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:09:57.0583 9792 LanmanServer - ok
19:09:57.0590 9792 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:09:57.0625 9792 LanmanWorkstation - ok
19:09:57.0679 9792 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ D:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
19:09:57.0696 9792 LBTServ - ok
19:09:57.0702 9792 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
19:09:57.0715 9792 LHidFilt - ok
19:09:57.0720 9792 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:09:57.0752 9792 lltdio - ok
19:09:57.0760 9792 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:09:57.0800 9792 lltdsvc - ok
19:09:57.0804 9792 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:09:57.0837 9792 lmhosts - ok
19:09:57.0843 9792 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
19:09:57.0855 9792 LMouFilt - ok
19:09:57.0863 9792 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:09:57.0877 9792 LSI_FC - ok
19:09:57.0882 9792 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:09:57.0896 9792 LSI_SAS - ok
19:09:57.0901 9792 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:09:57.0914 9792 LSI_SAS2 - ok
19:09:57.0918 9792 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:09:57.0932 9792 LSI_SCSI - ok
19:09:57.0937 9792 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:09:57.0970 9792 luafv - ok
19:09:57.0975 9792 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:09:57.0992 9792 Mcx2Svc - ok
19:09:57.0996 9792 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
19:09:58.0009 9792 megasas - ok
19:09:58.0017 9792 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:09:58.0035 9792 MegaSR - ok
19:09:58.0042 9792 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:09:58.0076 9792 MMCSS - ok
19:09:58.0080 9792 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:09:58.0113 9792 Modem - ok
19:09:58.0117 9792 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:09:58.0134 9792 monitor - ok
19:09:58.0138 9792 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:09:58.0151 9792 mouclass - ok
19:09:58.0157 9792 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:09:58.0171 9792 mouhid - ok
19:09:58.0176 9792 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:09:58.0189 9792 mountmgr - ok
19:09:58.0202 9792 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance D:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:09:58.0213 9792 MozillaMaintenance - ok
19:09:58.0219 9792 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:09:58.0235 9792 mpio - ok
19:09:58.0240 9792 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:09:58.0273 9792 mpsdrv - ok
19:09:58.0285 9792 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:09:58.0329 9792 MpsSvc - ok
19:09:58.0336 9792 [ CD22D2563039DDA6793F7624719363A7 ] MQAC C:\Windows\system32\drivers\mqac.sys
19:09:58.0355 9792 MQAC - ok
19:09:58.0362 9792 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:09:58.0382 9792 MRxDAV - ok
19:09:58.0389 9792 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:09:58.0406 9792 mrxsmb - ok
19:09:58.0413 9792 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:09:58.0431 9792 mrxsmb10 - ok
19:09:58.0438 9792 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:09:58.0452 9792 mrxsmb20 - ok
19:09:58.0457 9792 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:09:58.0469 9792 msahci - ok
19:09:58.0475 9792 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:09:58.0490 9792 msdsm - ok
19:09:58.0497 9792 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:09:58.0516 9792 MSDTC - ok
19:09:58.0524 9792 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:09:58.0556 9792 Msfs - ok
19:09:58.0560 9792 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:09:58.0592 9792 mshidkmdf - ok
19:09:58.0596 9792 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:09:58.0608 9792 msisadrv - ok
19:09:58.0615 9792 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:09:58.0651 9792 MSiSCSI - ok
19:09:58.0654 9792 msiserver - ok
19:09:58.0658 9792 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:09:58.0690 9792 MSKSSRV - ok
19:09:58.0695 9792 [ FAAEAEF99E53561BEEE58F946CA56F0D ] MSMQ C:\Windows\system32\mqsvc.exe
19:09:58.0709 9792 MSMQ - ok
19:09:58.0716 9792 [ 59ED174FD4314B0218DC91F9BFA6CD3D ] MSMQTriggers C:\Windows\system32\mqtgsvc.exe
19:09:58.0735 9792 MSMQTriggers - ok
19:09:58.0739 9792 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:09:58.0772 9792 MSPCLOCK - ok
19:09:58.0776 9792 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:09:58.0808 9792 MSPQM - ok
19:09:58.0816 9792 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:09:58.0835 9792 MsRPC - ok
19:09:58.0842 9792 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:09:58.0855 9792 mssmbios - ok
19:09:58.0859 9792 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:09:58.0892 9792 MSTEE - ok
19:09:58.0895 9792 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:09:58.0910 9792 MTConfig - ok
19:09:58.0914 9792 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:09:58.0927 9792 Mup - ok
19:09:58.0937 9792 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:09:58.0978 9792 napagent - ok
19:09:58.0987 9792 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:09:59.0011 9792 NativeWifiP - ok
19:09:59.0024 9792 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:09:59.0052 9792 NDIS - ok
19:09:59.0057 9792 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:09:59.0090 9792 NdisCap - ok
19:09:59.0095 9792 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:09:59.0127 9792 NdisTapi - ok
19:09:59.0131 9792 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:09:59.0163 9792 Ndisuio - ok
19:09:59.0169 9792 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:09:59.0203 9792 NdisWan - ok
19:09:59.0207 9792 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:09:59.0238 9792 NDProxy - ok
19:09:59.0243 9792 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:09:59.0275 9792 NetBIOS - ok
19:09:59.0281 9792 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:09:59.0315 9792 NetBT - ok
19:09:59.0320 9792 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:09:59.0334 9792 Netlogon - ok
19:09:59.0344 9792 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:09:59.0384 9792 Netman - ok
19:09:59.0391 9792 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:09:59.0402 9792 NetMsmqActivator - ok
19:09:59.0406 9792 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:09:59.0417 9792 NetPipeActivator - ok
19:09:59.0427 9792 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:09:59.0467 9792 netprofm - ok
19:09:59.0472 9792 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:09:59.0482 9792 NetTcpActivator - ok
19:09:59.0486 9792 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:09:59.0497 9792 NetTcpPortSharing - ok
19:09:59.0502 9792 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:09:59.0515 9792 nfrd960 - ok
19:09:59.0522 9792 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:09:59.0561 9792 NlaSvc - ok
19:09:59.0566 9792 [ 4903177FC90E77ABEB19021451E9475E ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
19:09:59.0594 9792 nmwcd - ok
19:09:59.0600 9792 [ E6844A4C97E5409BBE24BB4ED000320D ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
19:09:59.0625 9792 nmwcdc - ok
19:09:59.0630 9792 [ F59F8CF59F7905622686637177E2A828 ] nmwcdnsucx64 C:\Windows\system32\drivers\nmwcdnsucx64.sys
19:09:59.0654 9792 nmwcdnsucx64 - ok
19:09:59.0661 9792 [ A0E7F80157AF77B1CEAA8ADD3A3E7D85 ] nmwcdnsux64 C:\Windows\system32\drivers\nmwcdnsux64.sys
19:09:59.0689 9792 nmwcdnsux64 - ok
19:09:59.0694 9792 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:09:59.0726 9792 Npfs - ok
19:09:59.0730 9792 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:09:59.0764 9792 nsi - ok
19:09:59.0767 9792 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:09:59.0799 9792 nsiproxy - ok
19:09:59.0821 9792 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:09:59.0862 9792 Ntfs - ok
19:09:59.0867 9792 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:09:59.0899 9792 Null - ok
19:09:59.0905 9792 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:09:59.0920 9792 nvraid - ok
19:09:59.0927 9792 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:09:59.0942 9792 nvstor - ok
19:09:59.0948 9792 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:09:59.0962 9792 nv_agp - ok
19:09:59.0966 9792 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:09:59.0982 9792 ohci1394 - ok
19:09:59.0990 9792 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:10:00.0013 9792 p2pimsvc - ok
19:10:00.0025 9792 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:10:00.0049 9792 p2psvc - ok
19:10:00.0066 9792 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
19:10:00.0082 9792 Parport - ok
19:10:00.0087 9792 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:10:00.0101 9792 partmgr - ok
19:10:00.0108 9792 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:10:00.0131 9792 PcaSvc - ok
19:10:00.0137 9792 [ 3FDE033DFB0D07F8B7D5C9A3044AA121 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
19:10:00.0150 9792 pccsmcfd - ok
19:10:00.0156 9792 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:10:00.0171 9792 pci - ok
19:10:00.0175 9792 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:10:00.0187 9792 pciide - ok
19:10:00.0194 9792 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:10:00.0211 9792 pcmcia - ok
19:10:00.0215 9792 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:10:00.0228 9792 pcw - ok
19:10:00.0239 9792 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:10:00.0281 9792 PEAUTH - ok
19:10:00.0323 9792 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:10:00.0339 9792 PerfHost - ok
19:10:00.0362 9792 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:10:00.0415 9792 pla - ok
19:10:00.0425 9792 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:10:00.0449 9792 PlugPlay - ok
19:10:00.0454 9792 PnkBstrA - ok
19:10:00.0460 9792 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:10:00.0475 9792 PNRPAutoReg - ok
19:10:00.0483 9792 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:10:00.0500 9792 PNRPsvc - ok
19:10:00.0511 9792 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:10:00.0552 9792 PolicyAgent - ok
19:10:00.0561 9792 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:10:00.0600 9792 Power - ok
19:10:00.0607 9792 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:10:00.0639 9792 PptpMiniport - ok
19:10:00.0644 9792 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
19:10:00.0659 9792 Processor - ok
19:10:00.0665 9792 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:10:00.0686 9792 ProfSvc - ok
19:10:00.0690 9792 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:10:00.0705 9792 ProtectedStorage - ok
19:10:00.0712 9792 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:10:00.0744 9792 Psched - ok
19:10:00.0749 9792 [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
19:10:00.0760 9792 PSI - ok
19:10:00.0767 9792 [ DEFD557D9B8C0FA3CEA6CC576400114E ] pwdrvio C:\Windows\system32\pwdrvio.sys
19:10:00.0783 9792 pwdrvio - ok
19:10:00.0789 9792 [ A2EE3B70A9E05F651B888078726C2787 ] pwdspio C:\Windows\system32\pwdspio.sys
19:10:00.0803 9792 pwdspio - ok
19:10:00.0821 9792 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:10:00.0859 9792 ql2300 - ok
19:10:00.0865 9792 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:10:00.0880 9792 ql40xx - ok
19:10:00.0887 9792 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:10:00.0910 9792 QWAVE - ok
19:10:00.0915 9792 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:10:00.0933 9792 QWAVEdrv - ok
19:10:00.0939 9792 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:10:00.0972 9792 RasAcd - ok
19:10:00.0978 9792 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:10:01.0010 9792 RasAgileVpn - ok
19:10:01.0016 9792 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:10:01.0051 9792 RasAuto - ok
19:10:01.0057 9792 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:10:01.0090 9792 Rasl2tp - ok
19:10:01.0098 9792 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:10:01.0138 9792 RasMan - ok
19:10:01.0143 9792 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:10:01.0177 9792 RasPppoe - ok
19:10:01.0182 9792 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:10:01.0215 9792 RasSstp - ok
19:10:01.0222 9792 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:10:01.0259 9792 rdbss - ok
19:10:01.0263 9792 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
19:10:01.0280 9792 rdpbus - ok
19:10:01.0284 9792 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:10:01.0315 9792 RDPCDD - ok
19:10:01.0322 9792 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:10:01.0354 9792 RDPENCDD - ok
19:10:01.0359 9792 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:10:01.0390 9792 RDPREFMP - ok
19:10:01.0397 9792 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:10:01.0415 9792 RDPWD - ok
19:10:01.0422 9792 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:10:01.0439 9792 rdyboost - ok
19:10:01.0445 9792 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:10:01.0480 9792 RemoteAccess - ok
19:10:01.0486 9792 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:10:01.0523 9792 RemoteRegistry - ok
19:10:01.0529 9792 [ CAF88D6573D21CD2AA27001DDBFDC74D ] RMCAST C:\Windows\system32\DRIVERS\RMCAST.sys
19:10:01.0562 9792 RMCAST - ok
19:10:01.0567 9792 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:10:01.0602 9792 RpcEptMapper - ok
19:10:01.0607 9792 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:10:01.0623 9792 RpcLocator - ok
19:10:01.0631 9792 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:10:01.0667 9792 RpcSs - ok
19:10:01.0673 9792 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:10:01.0706 9792 rspndr - ok
19:10:01.0713 9792 [ C435AC77704EB16E85C9D630F4D4B4F7 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
19:10:01.0729 9792 RTHDMIAzAudService - ok
19:10:01.0736 9792 [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:10:01.0766 9792 RTL8167 - ok
19:10:01.0771 9792 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:10:01.0785 9792 SamSs - ok
19:10:01.0791 9792 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:10:01.0804 9792 sbp2port - ok
19:10:01.0811 9792 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:10:01.0847 9792 SCardSvr - ok
19:10:01.0853 9792 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:10:01.0884 9792 scfilter - ok
19:10:01.0899 9792 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:10:01.0946 9792 Schedule - ok
19:10:01.0952 9792 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:10:01.0983 9792 SCPolicySvc - ok
19:10:01.0989 9792 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:10:02.0010 9792 SDRSVC - ok
19:10:02.0014 9792 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:10:02.0047 9792 secdrv - ok
19:10:02.0051 9792 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:10:02.0084 9792 seclogon - ok
19:10:02.0168 9792 [ 9901DCF2B6DD2AD12CB42BD559E0C92D ] Secunia PSI Agent D:\Program Files (x86)\Secunia\PSI\PSIA.exe
19:10:02.0199 9792 Secunia PSI Agent - ok
19:10:02.0252 9792 [ 4F2056349F8BA4154D5213BF8A476B14 ] Secunia Update Agent D:\Program Files (x86)\Secunia\PSI\sua.exe
19:10:02.0272 9792 Secunia Update Agent - ok
19:10:02.0277 9792 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:10:02.0312 9792 SENS - ok
19:10:02.0316 9792 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:10:02.0334 9792 SensrSvc - ok
19:10:02.0339 9792 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:10:02.0355 9792 Serenum - ok
19:10:02.0360 9792 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:10:02.0375 9792 Serial - ok
19:10:02.0379 9792 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:10:02.0394 9792 sermouse - ok
19:10:02.0441 9792 [ 9BDE8F1F5D060E912FCF9FB58B71CBC1 ] ServiceLayer D:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
19:10:02.0462 9792 ServiceLayer - ok
19:10:02.0474 9792 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:10:02.0509 9792 SessionEnv - ok
19:10:02.0513 9792 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:10:02.0529 9792 sffdisk - ok
19:10:02.0533 9792 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:10:02.0549 9792 sffp_mmc - ok
19:10:02.0554 9792 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:10:02.0571 9792 sffp_sd - ok
19:10:02.0575 9792 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:10:02.0590 9792 sfloppy - ok
19:10:02.0599 9792 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:10:02.0639 9792 SharedAccess - ok
19:10:02.0648 9792 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:10:02.0687 9792 ShellHWDetection - ok
19:10:02.0692 9792 [ E9E830D540EDEDED650F906628468548 ] simptcp C:\Windows\System32\tcpsvcs.exe
19:10:02.0710 9792 simptcp - ok
19:10:02.0714 9792 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:10:02.0727 9792 SiSRaid2 - ok
19:10:02.0732 9792 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:10:02.0746 9792 SiSRaid4 - ok
19:10:02.0780 9792 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
19:10:02.0838 9792 Skype C2C Service - ok
19:10:02.0864 9792 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate D:\Program Files (x86)\Skype\Updater\Updater.exe
19:10:02.0874 9792 SkypeUpdate - ok
19:10:02.0879 9792 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:10:02.0914 9792 Smb - ok
19:10:02.0922 9792 [ CA62AE004E98374BF7F082CD765EEA02 ] SNMP C:\Windows\System32\snmp.exe
19:10:02.0940 9792 SNMP - ok
19:10:02.0945 9792 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:10:02.0961 9792 SNMPTRAP - ok
19:10:02.0971 9792 Sony PC Companion - ok
19:10:02.0976 9792 [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan C:\Windows\syswow64\speedfan.sys
19:10:02.0990 9792 speedfan - ok
19:10:02.0994 9792 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:10:03.0007 9792 spldr - ok
19:10:03.0017 9792 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:10:03.0042 9792 Spooler - ok
19:10:03.0078 9792 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:10:03.0158 9792 sppsvc - ok
19:10:03.0163 9792 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:10:03.0198 9792 sppuinotify - ok
19:10:03.0207 9792 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:10:03.0230 9792 srv - ok
19:10:03.0239 9792 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:10:03.0260 9792 srv2 - ok
19:10:03.0267 9792 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:10:03.0283 9792 srvnet - ok
19:10:03.0291 9792 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:10:03.0328 9792 SSDPSRV - ok
19:10:03.0333 9792 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:10:03.0368 9792 SstpSvc - ok
19:10:03.0375 9792 [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
19:10:03.0390 9792 ssudmdm - ok
19:10:03.0395 9792 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:10:03.0408 9792 stexstor - ok
19:10:03.0418 9792 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:10:03.0448 9792 stisvc - ok
19:10:03.0453 9792 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:10:03.0465 9792 swenum - ok
19:10:03.0475 9792 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:10:03.0517 9792 swprv - ok
19:10:03.0538 9792 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:10:03.0582 9792 SysMain - ok
19:10:03.0588 9792 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:10:03.0610 9792 TabletInputService - ok
19:10:03.0617 9792 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:10:03.0657 9792 TapiSrv - ok
19:10:03.0663 9792 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:10:03.0698 9792 TBS - ok
19:10:03.0720 9792 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:10:03.0765 9792 Tcpip - ok
19:10:03.0788 9792 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:10:03.0821 9792 TCPIP6 - ok
19:10:03.0828 9792 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:10:03.0861 9792 tcpipreg - ok
19:10:03.0867 9792 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:10:03.0882 9792 TDPIPE - ok
19:10:03.0887 9792 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:10:03.0901 9792 TDTCP - ok
19:10:03.0906 9792 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:10:03.0938 9792 tdx - ok
19:10:04.0009 9792 [ 5E53CF8AD0FD33B35000C113656AB37B ] TeamViewer7 D:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
19:10:04.0060 9792 TeamViewer7 - ok
19:10:04.0066 9792 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:10:04.0079 9792 TermDD - ok
19:10:04.0090 9792 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:10:04.0135 9792 TermService - ok
19:10:04.0140 9792 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:10:04.0161 9792 Themes - ok
19:10:04.0166 9792 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:10:04.0199 9792 THREADORDER - ok
19:10:04.0205 9792 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:10:04.0240 9792 TrkWks - ok
19:10:04.0247 9792 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:10:04.0282 9792 TrustedInstaller - ok
19:10:04.0288 9792 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:10:04.0319 9792 tssecsrv - ok
19:10:04.0325 9792 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:10:04.0339 9792 TsUsbFlt - ok
19:10:04.0343 9792 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:10:04.0358 9792 TsUsbGD - ok
19:10:04.0363 9792 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:10:04.0397 9792 tunnel - ok
19:10:04.0401 9792 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:10:04.0414 9792 uagp35 - ok
19:10:04.0422 9792 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:10:04.0461 9792 udfs - ok
19:10:04.0469 9792 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:10:04.0488 9792 UI0Detect - ok
19:10:04.0492 9792 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:10:04.0505 9792 uliagpkx - ok
19:10:04.0510 9792 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:10:04.0525 9792 umbus - ok
19:10:04.0528 9792 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
19:10:04.0543 9792 UmPass - ok
19:10:04.0551 9792 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:10:04.0591 9792 upnphost - ok
19:10:04.0597 9792 [ 907F50B8695DAA65A9445D27AD306E65 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
19:10:04.0622 9792 upperdev - ok
19:10:04.0628 9792 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:10:04.0645 9792 usbaudio - ok
19:10:04.0650 9792 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:10:04.0666 9792 usbccgp - ok
19:10:04.0672 9792 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:10:04.0689 9792 usbcir - ok
19:10:04.0693 9792 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:10:04.0708 9792 usbehci - ok
19:10:04.0717 9792 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:10:04.0737 9792 usbhub - ok
19:10:04.0764 9792 [ 6CA7B1B31E6E3180F4CC3811BE3D190E ] USBLogonService D:\Program Files\USBLogon\usblonsvc.exe
19:10:04.0769 9792 USBLogonService ( UnsignedFile.Multi.Generic ) - warning
19:10:04.0769 9792 USBLogonService - detected UnsignedFile.Multi.Generic (1)
19:10:04.0773 9792 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:10:04.0787 9792 usbohci - ok
19:10:04.0792 9792 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
19:10:04.0808 9792 usbprint - ok
19:10:04.0813 9792 [ 3F7498527B48657091C355F683BEB0DD ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
19:10:04.0838 9792 UsbserFilt - ok
19:10:04.0844 9792 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:10:04.0860 9792 USBSTOR - ok
19:10:04.0863 9792 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:10:04.0878 9792 usbuhci - ok
19:10:04.0882 9792 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:10:04.0918 9792 UxSms - ok
19:10:04.0922 9792 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:10:04.0936 9792 VaultSvc - ok
19:10:04.0941 9792 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:10:04.0954 9792 vdrvroot - ok
19:10:04.0963 9792 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:10:05.0005 9792 vds - ok
19:10:05.0012 9792 [ 8108E4573F819A6C76C7EFB4021B4DFE ] VF0470Vid C:\Windows\system32\DRIVERS\V0470Vid.sys
19:10:05.0029 9792 VF0470Vid - ok
19:10:05.0034 9792 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:10:05.0051 9792 vga - ok
19:10:05.0055 9792 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:10:05.0088 9792 VgaSave - ok
19:10:05.0094 9792 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:10:05.0111 9792 vhdmp - ok
19:10:05.0115 9792 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:10:05.0128 9792 viaide - ok
19:10:05.0133 9792 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:10:05.0147 9792 volmgr - ok
19:10:05.0154 9792 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:10:05.0172 9792 volmgrx - ok
19:10:05.0180 9792 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:10:05.0199 9792 volsnap - ok
19:10:05.0206 9792 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:10:05.0221 9792 vsmraid - ok
19:10:05.0240 9792 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:10:05.0296 9792 VSS - ok
19:10:05.0301 9792 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:10:05.0318 9792 vwifibus - ok
19:10:05.0327 9792 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:10:05.0367 9792 W32Time - ok
19:10:05.0381 9792 [ B32009DB1972E7F2C227499289C4384A ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
19:10:05.0401 9792 W3SVC - ok
19:10:05.0407 9792 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:10:05.0422 9792 WacomPen - ok
19:10:05.0428 9792 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:10:05.0460 9792 WANARP - ok
19:10:05.0464 9792 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:10:05.0495 9792 Wanarpv6 - ok
19:10:05.0506 9792 [ B32009DB1972E7F2C227499289C4384A ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
19:10:05.0522 9792 WAS - ok
19:10:05.0541 9792 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:10:05.0578 9792 wbengine - ok
19:10:05.0585 9792 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:10:05.0608 9792 WbioSrvc - ok
19:10:05.0617 9792 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:10:05.0644 9792 wcncsvc - ok
19:10:05.0648 9792 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:10:05.0667 9792 WcsPlugInService - ok
19:10:05.0672 9792 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
19:10:05.0684 9792 Wd - ok
19:10:05.0695 9792 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:10:05.0719 9792 Wdf01000 - ok
19:10:05.0725 9792 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:10:05.0769 9792 WdiServiceHost - ok
19:10:05.0773 9792 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:10:05.0793 9792 WdiSystemHost - ok
19:10:05.0800 9792 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:10:05.0824 9792 WebClient - ok
19:10:05.0831 9792 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:10:05.0870 9792 Wecsvc - ok
19:10:05.0876 9792 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:10:05.0911 9792 wercplsupport - ok
19:10:05.0916 9792 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:10:05.0952 9792 WerSvc - ok
19:10:05.0957 9792 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:10:05.0989 9792 WfpLwf - ok
19:10:05.0993 9792 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:10:06.0006 9792 WIMMount - ok
19:10:06.0011 9792 WinDefend - ok
19:10:06.0017 9792 WinHttpAutoProxySvc - ok
19:10:06.0037 9792 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:10:06.0073 9792 Winmgmt - ok
19:10:06.0097 9792 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:10:06.0157 9792 WinRM - ok
19:10:06.0167 9792 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:10:06.0184 9792 WinUsb - ok
19:10:06.0197 9792 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:10:06.0231 9792 Wlansvc - ok
19:10:06.0289 9792 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:10:06.0334 9792 wlidsvc - ok
19:10:06.0340 9792 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:10:06.0354 9792 WmiAcpi - ok
19:10:06.0364 9792 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:10:06.0383 9792 wmiApSrv - ok
19:10:06.0399 9792 WMPNetworkSvc - ok
19:10:06.0403 9792 [ B5BD872122A2CE82D196ABF2D5D8D80A ] WMSVC C:\Windows\system32\inetsrv\wmsvc.exe
19:10:06.0421 9792 WMSVC - ok
19:10:06.0426 9792 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:10:06.0442 9792 WPCSvc - ok
19:10:06.0448 9792 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:10:06.0472 9792 WPDBusEnum - ok
19:10:06.0478 9792 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:10:06.0510 9792 ws2ifsl - ok
19:10:06.0515 9792 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
19:10:06.0538 9792 wscsvc - ok
19:10:06.0541 9792 WSearch - ok
19:10:06.0570 9792 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:10:06.0623 9792 wuauserv - ok
19:10:06.0630 9792 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:10:06.0662 9792 WudfPf - ok
19:10:06.0668 9792 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:10:06.0703 9792 WUDFRd - ok
19:10:06.0709 9792 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:10:06.0742 9792 wudfsvc - ok
19:10:06.0750 9792 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:10:06.0776 9792 WwanSvc - ok
19:10:06.0783 9792 ================ Scan global ===============================
19:10:06.0787 9792 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:10:06.0795 9792 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:10:06.0807 9792 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:10:06.0815 9792 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:10:06.0825 9792 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:10:06.0833 9792 [Global] - ok
19:10:06.0833 9792 ================ Scan MBR ==================================
19:10:06.0836 9792 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:10:06.0946 9792 \Device\Harddisk0\DR0 - ok
19:10:06.0953 9792 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk1\DR1
19:10:07.0015 9792 \Device\Harddisk1\DR1 - ok
19:10:07.0023 9792 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
19:10:07.0075 9792 \Device\Harddisk2\DR2 - ok
19:10:07.0079 9792 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR12
19:10:07.0217 9792 \Device\Harddisk3\DR12 - ok
19:10:07.0497 9792 [ A863475757CC50891AA8458C415E4B25 ] \Device\Harddisk8\DR13
19:10:09.0514 9792 \Device\Harddisk8\DR13 - ok
19:10:09.0514 9792 ================ Scan VBR ==================================
19:10:09.0516 9792 [ 2A6810F9031FA296E3073AB5CCD4C45C ] \Device\Harddisk0\DR0\Partition1
19:10:09.0520 9792 \Device\Harddisk0\DR0\Partition1 - ok
19:10:09.0523 9792 [ 2700F5C7A27BA3EA40DAB1595D279A87 ] \Device\Harddisk0\DR0\Partition2
19:10:09.0526 9792 \Device\Harddisk0\DR0\Partition2 - ok
19:10:09.0535 9792 [ CA78DFD62C8E90C311B535ED059DD0E6 ] \Device\Harddisk1\DR1\Partition1
19:10:09.0536 9792 \Device\Harddisk1\DR1\Partition1 - ok
19:10:09.0549 9792 [ 2B6A859D33D116253FE64511CD9F18AC ] \Device\Harddisk1\DR1\Partition2
19:10:09.0550 9792 \Device\Harddisk1\DR1\Partition2 - ok
19:10:09.0553 9792 [ 5D3D6AF6FFA3F3019D89DEA05364CA22 ] \Device\Harddisk2\DR2\Partition1
19:10:09.0554 9792 \Device\Harddisk2\DR2\Partition1 - ok
19:10:09.0558 9792 [ E5AD5DFAA2A6A6AA952298E7D9D2FB10 ] \Device\Harddisk3\DR12\Partition1
19:10:09.0559 9792 \Device\Harddisk3\DR12\Partition1 - ok
19:10:09.0594 9792 [ BD93561BAB51365901584781A3471917 ] \Device\Harddisk8\DR13\Partition1
19:10:09.0596 9792 \Device\Harddisk8\DR13\Partition1 - ok
19:10:09.0596 9792 ============================================================
19:10:09.0596 9792 Scan finished
19:10:09.0596 9792 ============================================================
19:10:09.0604 0552 Detected object count: 2
19:10:09.0604 0552 Actual detected object count: 2
19:10:22.0957 0552 IAStorDataMgrSvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:10:22.0957 0552 IAStorDataMgrSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:10:22.0958 0552 USBLogonService ( UnsignedFile.Multi.Generic ) - skipped by user
19:10:22.0958 0552 USBLogonService ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
| Themen zu System Sauber oder doch nicht? |
| 7-zip, anderen, anleitung, anti-malware, autostart, button, check, datei, downloader, fehler, firefox, folge, folgende, folgendes, frage, inhalt, klicke, malwarebytes, meldung, network, plug-in, posten, quick, recht, scan, starten, system |
Linear-Darstellung
