| |
| |||||||
Log-Analyse und Auswertung: Email Port25 gesperrtWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
24.10.2012, 09:10
| #1 |
 |  Email Port25 gesperrt Bekanntes Problem: T-Online sperrt meinen port 25. Kann keine Email mehr senden. Web.de-Mail hat meinen Account komplett gespperrt. Habe Quick Scan von OTL laufen lassen. wo kann ich denn jetzt hier die txt's reinkopieren? Geändert von conzick (24.10.2012 um 09:15 Uhr) |
|
24.10.2012, 11:50
| #2 |
| /// Malware-holic   | Email Port25 gesperrt hi na in deinen beitrag zb.
__________________klick auf antworten, kopiers rein, sende es ab :-)
__________________ |
|
24.10.2012, 15:40
| #3 |
| | Email Port25 gesperrt so einfach
__________________ otl.txtOTL Logfile: Code:
ATTFilter OTL logfile created on: 24.10.2012 09:01:10 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kai-Uwe\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,04 Gb Available Physical Memory | 68,03% Memory free 5,99 Gb Paging File | 4,54 Gb Available in Paging File | 75,73% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 252,27 Gb Total Space | 197,53 Gb Free Space | 78,30% Space Free | Partition Type: NTFS Drive D: | 203,73 Gb Total Space | 136,00 Gb Free Space | 66,75% Space Free | Partition Type: NTFS Drive H: | 931,51 Gb Total Space | 491,32 Gb Free Space | 52,74% Space Free | Partition Type: NTFS Drive I: | 9,76 Gb Total Space | 2,44 Gb Free Space | 24,98% Space Free | Partition Type: NTFS Computer Name: KAI-UWE-PC | User Name: Kai-Uwe | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.10.22 11:04:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kai-Uwe\Desktop\OTL.exe PRC - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012.08.16 12:48:55 | 000,374,560 | ---- | M] (CyberLink Corp.) -- C:\Programme\CyberLink\PowerDVD12\PowerDVD12Agent.exe PRC - [2012.08.16 12:48:54 | 000,295,440 | ---- | M] (CyberLink) -- C:\Programme\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe PRC - [2012.08.16 12:48:51 | 000,078,352 | ---- | M] (CyberLink) -- C:\Programme\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe PRC - [2012.08.16 12:48:47 | 000,090,640 | ---- | M] (CyberLink Corp.) -- C:\Programme\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe PRC - [2012.06.26 13:10:30 | 001,516,632 | ---- | M] (Nokia) -- C:\Programme\Nokia\Nokia PC Suite 7\PCSuite.exe PRC - [2012.06.11 11:33:26 | 000,724,376 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe PRC - [2012.06.11 11:33:14 | 000,174,488 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe PRC - [2012.06.11 11:33:06 | 000,126,872 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe PRC - [2012.03.05 17:15:41 | 000,234,784 | ---- | M] (Apple Inc.) -- C:\AirPrint\airprint.exe PRC - [2012.03.05 15:13:46 | 000,156,160 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE PRC - [2012.03.05 15:13:46 | 000,125,440 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE PRC - [2012.02.23 13:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Programme\Common Files\Apple\Internet Services\ubd.exe PRC - [2012.02.02 17:48:38 | 000,701,736 | ---- | M] (CyberLink Corporation.) -- C:\Programme\CyberLink\InstantBurn\Win2K\IBurn.exe PRC - [2012.01.23 06:43:08 | 000,247,728 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe PRC - [2012.01.23 06:43:08 | 000,092,592 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe PRC - [2011.11.24 00:27:26 | 003,221,328 | ---- | M] (O&O Software GmbH) -- C:\Programme\OO Software\DiskImage\oodiag.exe PRC - [2011.11.17 19:18:00 | 002,773,328 | ---- | M] (O&O Software GmbH) -- C:\Programme\OO Software\Defrag\oodtray.exe PRC - [2011.11.17 19:17:46 | 002,489,680 | ---- | M] (O&O Software GmbH) -- C:\Programme\OO Software\Defrag\oodag.exe PRC - [2011.11.17 01:04:20 | 000,822,384 | ---- | M] (ACD Systems) -- C:\Programme\ACD Systems\ACDSee Pro\5.0\ACDSeeProInTouch2.exe PRC - [2011.10.28 03:27:11 | 000,107,816 | ---- | M] (CyberLink) -- C:\Programme\CyberLink\Power2Go8\CLMLSvc_P2G8.exe PRC - [2011.10.24 09:53:38 | 002,565,632 | ---- | M] (Deutsche Telekom AG) -- C:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe PRC - [2011.10.15 10:53:00 | 001,328,960 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2011.10.15 01:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2011.09.08 19:30:10 | 000,401,408 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2011.09.08 19:29:46 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2011.08.02 09:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd) -- C:\Programme\DAEMON Tools Lite\DTLite.exe PRC - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe PRC - [2011.06.24 06:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2011.03.11 16:12:42 | 000,316,744 | ---- | M] (O&O Software GmbH) -- C:\Programme\OO Software\Shared\GatewayAgent\ooemcgats.exe PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2011.02.18 08:18:50 | 000,245,760 | ---- | M] () -- C:\Programme\Synology\Assistant\UsbClientService.exe PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010.10.12 14:56:40 | 000,979,328 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Programme\Epson Software\Event Manager\EEventManager.exe PRC - [2010.07.13 02:34:46 | 000,906,648 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe PRC - [2010.07.08 15:28:56 | 000,815,704 | ---- | M] (GlavSoft LLC.) -- C:\Programme\TightVNC\tvnserver.exe PRC - [2010.04.02 22:34:12 | 000,073,728 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe PRC - [2010.01.12 11:45:36 | 000,245,760 | ---- | M] () -- C:\Programme\Synology Data Replicator 3\SynoDrService.exe PRC - [2009.12.07 15:38:02 | 001,128,008 | ---- | M] (G Data Software AG) -- C:\Programme\Common Files\G DATA\AVKProxy\AVKProxy.exe PRC - [2009.11.26 13:50:52 | 000,302,152 | ---- | M] (G Data Software AG) -- C:\Programme\Common Files\G DATA\GDScan\GDScan.exe PRC - [2009.11.25 03:07:32 | 001,251,488 | ---- | M] (G Data Software AG) -- C:\Programme\G Data\InternetSecurity\AVK\AVKWCtl.exe PRC - [2009.09.18 15:49:08 | 000,924,232 | ---- | M] (G Data Software AG) -- C:\Programme\G Data\InternetSecurity\AVKTray\AVKTray.exe PRC - [2009.08.08 12:33:28 | 000,397,896 | ---- | M] (G Data Software AG) -- C:\Programme\G Data\InternetSecurity\AVK\AVKService.exe PRC - [2009.07.14 03:14:43 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vdsldr.exe PRC - [2009.05.13 17:05:08 | 002,033,544 | ---- | M] (zoneLINK) -- C:\Programme\SystemUp 2009\Tuning\DefragService.exe PRC - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2006.12.19 19:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Programme\Common Files\EPSON\EBAPI\eEBSvc.exe ========== Modules (No Company Name) ========== MOD - [2012.06.26 13:11:10 | 000,345,688 | ---- | M] () -- C:\Programme\Nokia\Nokia PC Suite 7\QtXml4.dll MOD - [2012.06.26 13:11:08 | 000,282,200 | ---- | M] () -- C:\Programme\Nokia\Nokia PC Suite 7\QtSvg4.dll MOD - [2012.06.26 13:11:02 | 008,197,208 | ---- | M] () -- C:\Programme\Nokia\Nokia PC Suite 7\QtGUI4.dll MOD - [2012.06.26 13:11:00 | 002,302,040 | ---- | M] () -- C:\Programme\Nokia\Nokia PC Suite 7\QtCore4.dll MOD - [2012.06.26 13:10:58 | 000,202,328 | ---- | M] () -- C:\Programme\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll MOD - [2012.06.26 13:10:58 | 000,027,736 | ---- | M] () -- C:\Programme\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll MOD - [2011.11.24 00:27:12 | 000,354,128 | ---- | M] () -- C:\Programme\OO Software\DiskImage\oodishrs.dll MOD - [2011.10.28 09:27:12 | 000,013,096 | ---- | M] () -- C:\Programme\CyberLink\Power2Go8\CLMLSvcPS.dll MOD - [2011.10.28 03:27:11 | 000,623,912 | ---- | M] () -- C:\Programme\CyberLink\Power2Go8\CLMediaLibrary.dll MOD - [2011.09.27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.09.27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011.08.24 04:39:11 | 000,655,360 | ---- | M] () -- C:\Programme\CyberLink\PowerDVD12\Common\Koan\_ssl.pyd MOD - [2011.08.24 04:39:11 | 000,081,920 | ---- | M] () -- C:\Programme\CyberLink\PowerDVD12\Common\Koan\_ctypes.pyd MOD - [2011.08.24 04:39:11 | 000,053,248 | ---- | M] () -- C:\Programme\CyberLink\PowerDVD12\Common\Koan\_socket.pyd MOD - [2011.07.29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe MOD - [2010.07.13 02:29:42 | 000,143,360 | ---- | M] () -- C:\Programme\Sony\Reader\Data\bin\launcher\connectionDetector.dll MOD - [2010.07.13 02:28:42 | 000,856,064 | ---- | M] () -- C:\Programme\Sony\Reader\Data\bin\launcher\fsk.dll MOD - [2010.07.13 02:26:12 | 000,018,432 | ---- | M] () -- C:\Programme\Sony\Reader\Data\bin\launcher\FskNetInterface.dll MOD - [2010.07.13 02:25:56 | 000,008,704 | ---- | M] () -- C:\Programme\Sony\Reader\Data\bin\launcher\FskTimeHardware.dll MOD - [2010.07.13 02:25:50 | 000,028,160 | ---- | M] () -- C:\Programme\Sony\Reader\Data\bin\launcher\ticket.dll MOD - [2010.07.13 02:25:42 | 000,011,776 | ---- | M] () -- C:\Programme\Sony\Reader\Data\bin\launcher\ebookDeviceNotifier.dll MOD - [2010.07.13 02:22:36 | 000,020,480 | ---- | M] () -- C:\Programme\Sony\Reader\Data\bin\FskinLocalize.dll MOD - [2010.07.13 02:22:02 | 000,009,728 | ---- | M] () -- C:\Programme\Sony\Reader\Data\bin\FskPower.dll MOD - [2010.07.13 02:16:16 | 000,118,784 | ---- | M] () -- C:\Programme\Sony\Reader\Data\bin\FskDocumentViewer.dll MOD - [2010.07.13 02:15:58 | 000,010,240 | ---- | M] () -- C:\Programme\Sony\Reader\Data\bin\FskMobileMediaDevice.dll MOD - [2010.07.13 02:15:52 | 000,233,472 | ---- | M] () -- C:\Programme\Sony\Reader\Data\bin\Fskin.dll MOD - [2010.07.13 02:13:42 | 000,033,792 | ---- | M] () -- C:\Programme\Sony\Reader\Data\bin\FskMediaPlayers.dll MOD - [2010.07.13 02:10:56 | 000,172,032 | ---- | M] () -- C:\Programme\Sony\Reader\Data\bin\launcher\USBDetector.dll MOD - [2010.04.02 22:23:36 | 000,815,104 | ---- | M] () -- C:\Programme\Sony\Reader\Data\bin\FskSecurity.dll MOD - [2010.04.02 21:44:16 | 000,086,016 | ---- | M] () -- C:\Programme\Sony\Reader\Data\bin\launcher\ebookUsb.dll MOD - [2010.02.12 09:37:50 | 000,633,696 | ---- | M] () -- C:\Programme\Ashampoo\Ashampoo WinOptimizer 6\ContextHandler.dll MOD - [2010.02.09 10:52:34 | 033,744,168 | ---- | M] () -- C:\Programme\CyberLink\InstantBurn\Win2K\Res.dll MOD - [2009.08.16 18:06:02 | 000,141,312 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll MOD - [2008.11.25 14:23:40 | 000,721,288 | ---- | M] () -- C:\Programme\SystemUp 2009\Tuning\FSExMenu.dll ========== Services (SafeList) ========== SRV - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012.08.16 12:48:54 | 000,295,440 | ---- | M] (CyberLink) [Auto | Running] -- C:\Programme\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe -- (CyberLink PowerDVD 12 Media Server Service) SRV - [2012.08.16 12:48:51 | 000,078,352 | ---- | M] (CyberLink) [Auto | Running] -- C:\Programme\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe -- (CyberLink PowerDVD 12 Media Server Monitor Service) SRV - [2012.08.16 12:48:47 | 000,090,640 | ---- | M] (CyberLink Corp.) [Auto | Running] -- C:\Programme\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe -- (CLHNServiceForPowerDVD12) SRV - [2012.07.30 11:44:53 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.06.11 11:33:26 | 000,724,376 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2012.03.05 17:15:41 | 000,234,784 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\AirPrint\airprint.exe -- (AirPrint) SRV - [2012.03.05 15:13:46 | 000,156,160 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE -- (EPSON_EB_RPCV4_04) SRV - [2012.03.05 15:13:46 | 000,125,440 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE -- (EPSON_PM_RPCV4_04) SRV - [2012.01.23 06:43:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2011.11.24 00:27:26 | 003,221,328 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\Programme\OO Software\DiskImage\oodiag.exe -- (OO DiskImage) SRV - [2011.11.17 19:17:46 | 002,489,680 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\Programme\OO Software\Defrag\oodag.exe -- (OODefragAgent) SRV - [2011.10.24 09:53:38 | 002,565,632 | ---- | M] (Deutsche Telekom AG) [Auto | Running] -- C:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe -- (Netzmanager Service) SRV - [2011.10.15 01:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2011.09.08 19:29:46 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2011.07.30 13:52:42 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011.03.11 16:12:42 | 000,316,744 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\Programme\OO Software\Shared\GatewayAgent\ooemcgats.exe -- (GatewayAgentService) SRV - [2011.02.18 08:18:50 | 000,245,760 | ---- | M] () [Auto | Running] -- C:\Programme\Synology\Assistant\UsbClientService.exe -- (UsbClientService) SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2010.07.08 15:28:56 | 000,815,704 | ---- | M] (GlavSoft LLC.) [Auto | Running] -- C:\Programme\TightVNC\tvnserver.exe -- (tvnserver) SRV - [2010.04.02 22:34:12 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe -- (Sony SCSI Helper Service) SRV - [2010.01.12 11:45:36 | 000,245,760 | ---- | M] () [Auto | Running] -- C:\Programme\Synology Data Replicator 3\SynoDrService.exe -- (SynoDrService) SRV - [2009.12.07 15:38:02 | 001,128,008 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Programme\Common Files\G DATA\AVKProxy\AVKProxy.exe -- (AVKProxy) SRV - [2009.11.26 13:50:52 | 000,302,152 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Programme\Common Files\G DATA\GDScan\GDScan.exe -- (GDScan) SRV - [2009.11.25 03:07:32 | 001,251,488 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Programme\G Data\InternetSecurity\AVK\AVKWCtl.exe -- (AVKWCtl) SRV - [2009.08.24 21:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Programme\Ashampoo\Ashampoo WinOptimizer 6\DfSdkS.exe -- (DfSdkS) SRV - [2009.08.08 12:33:28 | 000,397,896 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Programme\G Data\InternetSecurity\AVK\AVKService.exe -- (AVKService) SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009.05.13 17:05:08 | 002,033,544 | ---- | M] (zoneLINK) [Auto | Running] -- C:\Programme\SystemUp 2009\Tuning\DefragService.exe -- (zoneLINKDefrag) SRV - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2006.12.19 19:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Programme\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (aodm67wa) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Kai-Uwe\Desktop\AIDA64\kerneld.x32 -- (AIDA64Driver) DRV - [2012.09.29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2012.08.14 18:57:50 | 000,088,312 | ---- | M] (CyberLink Corp.) [2012/10/09 16:25:32] [Kernel | Auto | Running] -- C:\Programme\CyberLink\PowerDVD12\Common\NavFilter\000.fcl -- ({73526619-C24F-470B-9BED-53D455FBB5C6}) DRV - [2012.06.20 11:35:49 | 000,121,208 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Programme\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12.sys -- (ntk_PowerDVD12) DRV - [2012.06.11 11:33:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2012.02.02 17:29:26 | 000,163,880 | ---- | M] (CyberLink Corporation.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\CLBUDF.sys -- (CLBUDF) DRV - [2012.02.02 17:29:26 | 000,015,784 | ---- | M] (Cyberlink Co.,Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\CLBStor.sys -- (CLBStor) DRV - [2012.01.09 17:28:20 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2012.01.09 17:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2012.01.09 17:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2012.01.09 17:28:20 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc) DRV - [2012.01.09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2012.01.09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2011.12.26 21:37:42 | 000,073,712 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\System32\drivers\CLVirtualDrive.sys -- (CLVirtualDrive) DRV - [2011.12.21 14:44:51 | 000,232,512 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2011.12.21 14:06:17 | 000,436,792 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd) DRV - [2011.10.15 10:53:00 | 010,327,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2011.09.08 20:26:10 | 008,606,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2011.09.08 20:26:10 | 008,606,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2011.09.08 18:52:20 | 000,248,832 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2011.09.06 02:09:12 | 000,208,464 | ---- | M] (O&O Software GmbH) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\oodivd.sys -- (oodivd) DRV - [2011.09.06 02:09:12 | 000,031,824 | ---- | M] (O&O Software GmbH) [File_System | Boot | Running] -- C:\Windows\System32\drivers\oodivdh.sys -- (oodivdh) DRV - [2011.09.06 02:09:10 | 000,096,848 | ---- | M] (O&O Software GmbH) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\oodisr.sys -- (oodisr) DRV - [2011.09.06 02:09:10 | 000,028,752 | ---- | M] (O&O Software GmbH) [File_System | Boot | Running] -- C:\Windows\System32\drivers\oodisrh.sys -- (oodisrh) DRV - [2011.07.08 01:21:28 | 000,139,880 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2011.07.06 19:12:48 | 000,328,552 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService) DRV - [2011.02.18 08:20:22 | 000,046,304 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\busenum.sys -- (busenum) DRV - [2010.12.17 13:13:09 | 000,101,248 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avmaudio.sys -- (avmaudio) DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010.11.20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2010.09.16 17:02:33 | 000,035,040 | ---- | M] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) [Kernel | On_Demand | Stopped] -- C:\Programme\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys -- (TelekomNM3) DRV - [2010.07.19 15:02:11 | 000,040,904 | ---- | M] (G DATA Software AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\gdwfpcd32.sys -- (gdwfpcd) DRV - [2010.02.07 12:15:47 | 000,029,992 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\GRD.sys -- (GRD) DRV - [2010.01.08 19:29:21 | 000,028,616 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\GDBehave.sys -- (GDBehave) DRV - [2009.12.04 10:57:33 | 000,035,363 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\windrvNT.sys -- (windrvNT) DRV - [2009.11.30 00:35:00 | 000,061,952 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SCL0102K.sys -- (SCL0102K) DRV - [2009.11.28 17:30:35 | 000,055,624 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MiniIcpt.sys -- (GDMnIcpt) DRV - [2009.11.28 17:30:14 | 000,035,272 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HookCentre.sys -- (HookCentre) DRV - [2009.10.19 10:08:08 | 000,067,072 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SPR3322K.sys -- (SPR3322K) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.intl.acer.yahoo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.intl.acer.yahoo.com IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = H:\downloads IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE = hxxp://de.rd.yahoo.com/customize/ycomp/defaults/sp/*hxxp://de.yahoo.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\SearchScopes,DefaultScope = {E9BBA075-F746-4607-9001-DF4B2A078AFF} IE - HKCU\..\SearchScopes\{E9BBA075-F746-4607-9001-DF4B2A078AFF}: "URL" = hxxp://www.google.de/search?q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box;*.local ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Bing" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de" FF - prefs.js..extensions.enabledAddons: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.13 FF - prefs.js..extensions.enabledAddons: {3e0e7d2a-070f-4a47-b019-91fe5385ba79}:3.5.8 FF - prefs.js..extensions.enabledAddons: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:4.2.2 FF - prefs.js..extensions.enabledAddons: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.5.2rc2 FF - prefs.js..extensions.enabledAddons: {5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}:2.0.6 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0 FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:3.0.8 FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.6 FF - prefs.js..extensions.enabledItems: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.5 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:20.1.0.4 FF - prefs.js..extensions.enabledItems: {3e0e7d2a-070f-4a47-b019-91fe5385ba79}:3.1.1 FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.6.5.99999 FF - prefs.js..extensions.enabledItems: {4F3D26C8-9907-48ff-BC74-B8C572D317BF}:1.0.3.0 FF - prefs.js..extensions.enabledItems: {5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}:1.8.69 FF - prefs.js..network.proxy.type: 2 FF - user.js..browser.search.openintab: false FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.6.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@openlimit.com/eCardClient,version=3.0: C:\Program Files\AusweisApp\npeCC30.dll (OpenLimit SignCubes AG) FF - HKLM\Software\MozillaPlugins\@sony.com/eBookLibrary: C:\Program Files\Sony\Reader\Data\bin\npebldetectmoz.dll (Sony Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4F3D26C8-9907-48ff-BC74-B8C572D317BF}: C:\Program Files\AusweisApp\mozilla\AusweisApp_FF3x_Win [2011.03.03 16:33:16 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.13 11:27:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.09.13 11:27:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.09.27 15:52:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.13 11:27:59 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.09.13 11:27:59 | 000,000,000 | ---D | M] [2010.10.25 13:42:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kai-Uwe\AppData\Roaming\mozilla\Extensions [2010.05.20 13:57:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kai-Uwe\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2010.10.25 13:42:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kai-Uwe\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2012.10.16 09:51:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kai-Uwe\AppData\Roaming\mozilla\Firefox\Profiles\en8bz3wi.default\extensions [2012.07.05 17:23:25 | 000,000,000 | ---D | M] (AddThis) -- C:\Users\Kai-Uwe\AppData\Roaming\mozilla\Firefox\Profiles\en8bz3wi.default\extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79} [2012.05.18 15:04:12 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Kai-Uwe\AppData\Roaming\mozilla\Firefox\Profiles\en8bz3wi.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2010.05.21 11:28:42 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\Kai-Uwe\AppData\Roaming\mozilla\Firefox\Profiles\en8bz3wi.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca} [2009.11.29 13:23:30 | 000,000,000 | ---D | M] (CustomizeGoogle) -- C:\Users\Kai-Uwe\AppData\Roaming\mozilla\Firefox\Profiles\en8bz3wi.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb} [2012.08.15 09:42:48 | 000,340,132 | ---- | M] () (No name found) -- C:\Users\Kai-Uwe\AppData\Roaming\mozilla\firefox\profiles\en8bz3wi.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2012.07.21 17:29:31 | 000,660,568 | ---- | M] () (No name found) -- C:\Users\Kai-Uwe\AppData\Roaming\mozilla\firefox\profiles\en8bz3wi.default\extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}.xpi [2012.10.16 09:51:58 | 000,527,238 | ---- | M] () (No name found) -- C:\Users\Kai-Uwe\AppData\Roaming\mozilla\firefox\profiles\en8bz3wi.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012.08.07 09:39:31 | 000,314,397 | ---- | M] () (No name found) -- C:\Users\Kai-Uwe\AppData\Roaming\mozilla\firefox\profiles\en8bz3wi.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}.xpi [2012.07.26 12:10:29 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Kai-Uwe\AppData\Roaming\mozilla\firefox\profiles\en8bz3wi.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012.02.16 10:42:59 | 000,709,293 | ---- | M] () (No name found) -- C:\Users\Kai-Uwe\AppData\Roaming\mozilla\firefox\profiles\en8bz3wi.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2012.02.02 12:47:57 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2010.07.19 18:17:19 | 000,000,000 | ---D | M] (G Data WebFilter) -- C:\Programme\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE} [2012.07.30 11:44:54 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2010.12.10 18:01:13 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll [2011.12.09 19:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012.07.14 10:37:16 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.07.14 10:37:15 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.07.14 10:37:15 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.07.14 10:37:15 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.07.14 10:37:15 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.07.14 10:37:15 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: hxxp://www.google.com/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Kai-Uwe\AppData\Local\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Kai-Uwe\AppData\Local\Google\Chrome\Application\16.0.912.63\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Kai-Uwe\AppData\Local\Google\Chrome\Application\16.0.912.63\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Java Deployment Toolkit 7.0.10.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 7 U1 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll CHR - plugin: AusweisApp (Enabled) = C:\Program Files\AusweisApp\npeCC30.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Reader Library (Enabled) = C:\Program Files\Sony\Reader\Data\bin\npebldetectmoz.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: YouTube = C:\Users\Kai-Uwe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: YouTube = C:\Users\Kai-Uwe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\ CHR - Extension: Google-Suche = C:\Users\Kai-Uwe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\ CHR - Extension: Google-Suche = C:\Users\Kai-Uwe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Google Mail = C:\Users\Kai-Uwe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\ CHR - Extension: Google Mail = C:\Users\Kai-Uwe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\G Data\InternetSecurity\Webfilter\AVKWebIE.dll (G Data Software AG) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (eCard Client Initiator) - {C9EE92B7-EDD5-4ad9-8029-2EC6818E653A} - C:\Programme\AusweisApp\siqeCardClient.ols (OpenLimit SignCubes AG) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\G Data\InternetSecurity\Webfilter\AVKWebIE.dll (G Data Software AG) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [ACPW05DE] C:\Program Files\ACD Systems\ACDSee Pro\5.0\ACDSeeProInTouch2.exe (ACD Systems) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [Ashampoo HDD Control Guard] C:\Program Files\Ashampoo\Ashampoo HDD Control\HDDControlGuard.exe (Ashampoo Development GmbH & Co. KG) O4 - HKLM..\Run: [CherryConfigDlg] C:\Program Files\Cherry\SmartDevice\ConfigDlg.exe (Cherry GmbH) O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink) O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [G DATA AntiVirus Trayapplication] C:\Programme\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG) O4 - HKLM..\Run: [InstantBurn] C:\Programme\CyberLink\InstantBurn\Win2K\IBurn.exe (CyberLink Corporation.) O4 - HKLM..\Run: [NSU_agent] C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe () O4 - HKLM..\Run: [OODefragTray] C:\Programme\OO Software\Defrag\oodtray.exe (O&O Software GmbH) O4 - HKLM..\Run: [OODITRAY.EXE] C:\Programme\OO Software\DiskImage\ooditray.exe (O&O Software GmbH) O4 - HKLM..\Run: [PowerDVD12Agent] C:\Program Files\CyberLink\PowerDVD12\PowerDVD12Agent.exe (CyberLink Corp.) O4 - HKLM..\Run: [Reader Library Launcher] C:\Programme\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe (Sony Corporation) O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [MobileDocuments] C:\Programme\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.) O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia) O4 - HKCU..\Run: [pcape] rundll32.exe "C:\Users\Kai-Uwe\AppData\Roaming\pcape.dll",DupCursor File not found O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil32_11_4_402_265_Plugin.exe (Adobe Systems Incorporated) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1 O8 - Extra context menu item: &Download by Arles Download Manager - C:\Users\Kai-Uwe\AppData\Local\Ariel Download Manager\DownloadManager.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet) O15 - HKCU\..Trusted Ranges: Range78 ([*] in Local intranet) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.6.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{63FC50B5-C8C9-4C04-8AE1-14D390E4347B}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2011.08.19 14:28:03 | 000,000,000 | ---D | M] - H:\Auto -- [ NTFS ] O32 - AutoRun File - [2008.12.15 11:52:18 | 000,000,080 | ---- | M] () - H:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2006.01.15 15:06:33 | 000,000,000 | ---D | M] - I:\AUTORUN -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk /p \??\H:) O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (OODBSautocheck turegopt) O34 - HKLM BootExecute: (OODBS) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Sharedaccess - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: wuauserv - File not found NetSvcs: BITS - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.10.23 18:10:20 | 004,986,495 | ---- | C] (Swearware) -- C:\Users\Kai-Uwe\Desktop\ComboFix.exe [2012.10.23 18:10:20 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Kai-Uwe\Desktop\OTL.exe [2012.10.23 08:15:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.10.18 10:48:37 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip [2012.10.18 10:48:36 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip [2012.10.18 10:33:00 | 000,000,000 | ---D | C] -- C:\ProgramData\iyhobvehlhiomny [2012.10.16 11:44:48 | 000,000,000 | ---D | C] -- C:\Program Files\HDR Darkroom [2010.07.17 13:03:53 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Kai-Uwe\AppData\Roaming\pcouffin.sys [2010.01.22 12:25:27 | 004,411,392 | ---- | C] (Gabest) -- C:\Program Files\mplayerc.exe [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.10.24 08:34:17 | 000,013,536 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.10.24 08:34:17 | 000,013,536 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.10.24 08:26:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.10.24 08:26:49 | 2415,370,240 | -HS- | M] () -- C:\hiberfil.sys [2012.10.24 08:26:47 | 001,600,104 | ---- | M] () -- C:\Windows\System32\oodbs.lor [2012.10.23 18:12:31 | 000,696,620 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.10.23 18:12:31 | 000,651,938 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.10.23 18:12:31 | 000,147,916 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.10.23 18:12:31 | 000,120,870 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.10.22 11:04:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kai-Uwe\Desktop\OTL.exe [2012.10.22 11:03:02 | 000,538,941 | ---- | M] () -- C:\Users\Kai-Uwe\Desktop\adwcleaner.exe [2012.10.22 11:02:10 | 004,986,495 | ---- | M] (Swearware) -- C:\Users\Kai-Uwe\Desktop\ComboFix.exe [2012.10.18 13:13:19 | 083,023,306 | ---- | M] () -- C:\ProgramData\emorhc.pad [2012.10.18 10:33:09 | 000,076,375 | ---- | M] () -- C:\ProgramData\jslroockdsrxpom [2012.10.09 11:39:34 | 283,970,435 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012.09.29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.10.23 18:10:20 | 000,538,941 | ---- | C] () -- C:\Users\Kai-Uwe\Desktop\adwcleaner.exe [2012.10.18 12:43:50 | 083,023,306 | ---- | C] () -- C:\ProgramData\emorhc.pad [2012.10.15 14:43:08 | 000,076,375 | ---- | C] () -- C:\ProgramData\jslroockdsrxpom [2012.07.04 14:18:22 | 004,503,728 | ---- | C] () -- C:\ProgramData\l_u0_0.pad [2011.11.23 15:28:58 | 000,000,000 | ---- | C] () -- C:\Windows\Bench32.INI [2011.11.11 11:37:58 | 000,150,996 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT [2011.11.10 20:28:31 | 000,125,952 | ---- | C] () -- C:\Windows\System32\ZLhp1600.DLL [2011.10.15 01:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe [2011.09.14 12:47:40 | 000,053,760 | ---- | C] () -- C:\Windows\System32\OVDecode.dll [2011.08.26 16:34:14 | 000,239,869 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2011.08.03 10:44:45 | 000,000,000 | ---- | C] () -- C:\ProgramData\PKP_DLdy.DAT [2011.06.25 09:39:12 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2011.06.25 09:37:36 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011.06.10 17:35:14 | 000,102,400 | ---- | C] () -- C:\Windows\RegBootClean.exe [2011.06.10 17:35:14 | 000,011,264 | ---- | C] () -- C:\Windows\DCEBoot.exe [2011.06.10 17:28:12 | 000,000,036 | ---- | C] () -- C:\Users\Kai-Uwe\AppData\Local\housecall.guid.cache [2011.06.10 07:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2011.04.22 10:37:24 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll [2011.03.17 20:21:36 | 000,337,920 | ---- | C] () -- C:\Windows\System32\ZSHP1600.EXE [2011.03.17 19:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat [2011.03.04 20:44:19 | 000,000,636 | ---- | C] () -- C:\Windows\HBCIKRNL.INI [2010.07.17 13:03:53 | 000,087,608 | ---- | C] () -- C:\Users\Kai-Uwe\AppData\Roaming\inst.exe [2010.07.17 13:03:53 | 000,007,887 | ---- | C] () -- C:\Users\Kai-Uwe\AppData\Roaming\pcouffin.cat [2010.07.17 13:03:53 | 000,001,144 | ---- | C] () -- C:\Users\Kai-Uwe\AppData\Roaming\pcouffin.inf [2010.03.10 13:10:22 | 000,001,498 | ---- | C] () -- C:\Users\Kai-Uwe\.recently-used.xbel [2009.11.29 11:59:10 | 000,350,720 | ---- | C] () -- C:\Program Files\hjsplit.exe [2009.11.28 19:27:06 | 003,211,264 | ---- | C] () -- C:\Program Files\Common FilesDDBACSetup.msi [2009.01.29 19:34:00 | 000,000,128 | -H-- | C] () -- C:\Users\Kai-Uwe\microsoft.dat [2009.01.23 16:55:42 | 000,000,000 | ---- | C] () -- C:\Users\Kai-Uwe\.y0 [2008.07.21 12:41:50 | 000,001,024 | ---- | C] () -- C:\Users\Kai-Uwe\.rnd ========== ZeroAccess Check ========== [2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] "ThreadingModel" = Both "" = shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2012.10.23 17:52:18 | 000,000,000 | -HSD | M] -- C:\Users\Kai-Uwe\AppData\Roaming\.# [2012.03.21 19:20:32 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\ACD Systems [2010.07.06 12:52:16 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\AceBIT [2010.12.17 14:25:05 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\AnvSoft [2012.03.12 14:50:56 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\Ashampoo [2012.07.05 17:23:25 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\Binreader [2011.03.29 10:32:22 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\calibre [2011.03.04 18:34:09 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\Cherry [2011.12.21 14:49:45 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\DAEMON Tools Lite [2010.07.06 12:39:06 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\Daoisoft [2009.11.28 19:37:49 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\DataDesign [2011.07.08 12:16:47 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\Dateicommander [2009.12.08 13:44:54 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\EIZO [2009.11.29 11:56:30 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\Engelmann Media [2012.03.05 17:37:21 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\Epson [2010.02.17 13:49:39 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\FairStars Audio Converter [2011.07.07 18:39:00 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\FRITZ! [2010.06.06 12:29:43 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\gsmartcontrol [2010.03.10 13:10:22 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\gtk-2.0 [2012.07.10 18:38:10 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\Jaangle [2010.03.11 16:41:57 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\Leadertech [2010.10.08 15:18:20 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\Leawo [2011.04.28 10:36:42 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\Lexware [2012.08.22 11:11:40 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\Nokia [2011.07.08 14:53:02 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\Oniton [2011.11.17 17:41:18 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\OpenOffice.org [2011.01.28 17:34:13 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\Opera [2011.07.27 12:42:27 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\Orbit [2012.08.21 19:24:26 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\PC Suite [2011.07.27 12:37:11 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\ProgSense [2011.07.07 14:30:40 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\RouterControl [2011.11.29 15:36:41 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\SolSuite [2010.12.04 12:48:20 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\SpeedProject [2011.11.28 11:12:56 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\Steganos [2010.02.14 14:58:54 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\SuperMP3Download [2009.11.28 18:44:22 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\SystemUp [2010.04.23 12:16:02 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\Thinstall [2010.05.20 13:57:53 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\Thunderbird [2010.10.24 11:48:40 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\TightVNC [2010.10.25 13:42:15 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\TomTom [2011.12.21 14:57:33 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\TuneUp Software [2011.08.17 17:47:21 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\Vso [2010.12.16 14:26:52 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\WinAVI [2009.12.17 18:04:09 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\WindSolutions [2012.03.24 13:32:43 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\Xilisoft [2012.09.05 14:08:03 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\xsecva [2011.12.05 18:29:53 | 000,000,000 | ---D | M] -- C:\Users\Kai-Uwe\AppData\Roaming\Zoner ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2009.11.29 13:35:00 | 000,000,000 | -H-D | M] -- C:\$avg8.vault$ [2011.11.11 12:01:25 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2009.11.29 13:35:00 | 000,000,000 | ---D | M] -- C:\Acer [2009.11.29 13:35:00 | 000,000,000 | ---D | M] -- C:\AcerSW [2012.03.05 17:15:41 | 000,000,000 | ---D | M] -- C:\AirPrint [2009.11.29 13:35:07 | 000,000,000 | ---D | M] -- C:\Book [2009.11.29 13:35:07 | 000,000,000 | ---D | M] -- C:\divx [2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2009.11.26 22:57:21 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2011.07.21 10:57:36 | 000,000,000 | ---D | M] -- C:\downloads [2009.11.29 13:35:07 | 000,000,000 | ---D | M] -- C:\DRV [2009.11.29 13:35:22 | 000,000,000 | ---D | M] -- C:\finalburner [2009.11.29 13:35:22 | 000,000,000 | ---D | M] -- C:\IDAPI [2009.11.29 13:35:24 | 000,000,000 | ---D | M] -- C:\KOCHEN [2009.11.29 13:35:25 | 000,000,000 | ---D | M] -- C:\lib [2009.05.14 15:57:21 | 000,000,000 | ---D | M] -- C:\My Music [2011.11.23 15:35:13 | 000,000,000 | ---D | M] -- C:\NAS Performance Toolkit [2012.10.18 10:48:36 | 000,000,000 | R--D | M] -- C:\Program Files [2012.10.24 08:25:42 | 000,000,000 | -H-D | M] -- C:\ProgramData [2009.11.29 13:35:25 | 000,000,000 | ---D | M] -- C:\PROGRAMM [2009.11.26 22:57:21 | 000,000,000 | -HSD | M] -- C:\Programme [2009.11.26 22:57:21 | 000,000,000 | -HSD | M] -- C:\Recovery [2012.10.24 09:03:42 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2009.12.17 12:46:11 | 000,000,000 | ---D | M] -- C:\TEMP [2009.11.29 13:35:34 | 000,000,000 | ---D | M] -- C:\Treiber [2009.11.26 22:57:32 | 000,000,000 | R--D | M] -- C:\Users [2012.10.18 10:48:50 | 000,000,000 | ---D | M] -- C:\Windows [2009.11.29 13:35:51 | 000,000,000 | ---D | M] -- C:\Zeitschriften, Bedienungsanleitungen < %PROGRAMFILES%\*.exe > [2009.07.10 14:39:00 | 000,350,720 | ---- | M] () -- C:\Program Files\hjsplit.exe [2009.07.06 18:39:58 | 004,411,392 | ---- | M] (Gabest) -- C:\Program Files\mplayerc.exe < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < C:\Windows\system32\*.tsp > [2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp [2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp [2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp [2009.07.14 03:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp [2010.11.20 14:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp [2009.07.14 06:53:46 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT < MD5 for: AGP440.SYS > [2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys [2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys [2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys < MD5 for: AHCIX86S.SYS > [2006.08.14 14:27:02 | 000,117,760 | ---- | M] (ATI Technologies Inc.) MD5=6241F2C3073FEAB1EB1BCEE7EEE7A95A -- C:\DRV\VGA\ATI\Packages\Drivers\SBDrv\SB6xx\RAID\LH\ahcix86s.sys < MD5 for: ATAPI.SYS > [2008.01.18 23:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Treiber\Intel(R) 82801G (ICH7 Family) Ultra ATA Storage Controllers - 27DF\atapi.sys [2008.01.18 23:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Treiber\Intel(R) 82801GB GR GH (ICH7 Family) Serial ATA Storage Controller - 27C0\atapi.sys [2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys [2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll < MD5 for: EVENTLOG.DLL > [2012.01.31 12:22:06 | 000,006,952 | ---- | M] () MD5=D9A27F35D231BAC3AD58E922C7644E8B -- C:\Program Files\CyberLink\PowerDirector10\EventLog.dll < MD5 for: EXPLORER.EXE > [2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe [2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe [2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe [2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe [2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe [2009.10.15 01:09:38 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=9880F8FADFF45A0175E0BBDFD9D31F5B -- C:\Windows\Resources\Themes\Explorer\x64\SMALL\Explorer.exe [2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe [2009.10.15 01:09:38 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B29FCEEBEE938506FB23B8A9CE898B9C -- C:\Windows\Resources\Themes\Explorer\x86\BIG\Explorer.exe [2009.10.15 01:09:38 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=B6365B1E0EB9191ED4D916B2A94EBA67 -- C:\Windows\Resources\Themes\Explorer\x64\BIG\Explorer.exe [2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe [2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe [2009.10.15 01:09:40 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=D1FA2634386B7E4E96CFFB9063EE6833 -- C:\Windows\Resources\Themes\Explorer\x86\SMALL\Explorer.exe < MD5 for: IASTORV.SYS > [2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys [2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys [2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys [2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys [2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys [2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys [2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys [2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys [2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys < MD5 for: NETLOGON.DLL > [2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll [2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll [2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll < MD5 for: NVSTOR.SYS > [2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys [2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys [2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys [2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys [2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys [2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys [2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys [2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys [2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys < MD5 for: SCECLI.DLL > [2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll [2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll [2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll < MD5 for: USER32.DLL > [2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll [2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll [2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll < MD5 for: USERINIT.EXE > [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe < MD5 for: WINLOGON.EXE > [2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe [2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2012.09.29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys [2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > [2011.12.21 14:06:17 | 000,436,792 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys < %systemroot%\System32\config\*.sav > < %systemroot%\system32\*.dll /lockedfiles > < %USERPROFILE%\*.* > [2010.03.10 13:10:22 | 000,001,498 | ---- | M] () -- C:\Users\Kai-Uwe\.recently-used.xbel [2009.02.25 10:58:20 | 000,001,024 | ---- | M] () -- C:\Users\Kai-Uwe\.rnd [2009.01.23 16:55:42 | 000,000,000 | ---- | M] () -- C:\Users\Kai-Uwe\.y0 [2011.12.07 18:01:36 | 000,001,522 | -H-- | M] () -- C:\Users\Kai-Uwe\drlog.txt [2009.01.29 19:34:00 | 000,000,128 | -H-- | M] () -- C:\Users\Kai-Uwe\microsoft.dat [2012.10.24 09:01:25 | 006,291,456 | -HS- | M] () -- C:\Users\Kai-Uwe\ntuser.dat [2012.10.24 09:01:25 | 000,262,144 | -HS- | M] () -- C:\Users\Kai-Uwe\ntuser.dat.LOG1 [2009.11.26 22:57:35 | 000,000,000 | -HS- | M] () -- C:\Users\Kai-Uwe\ntuser.dat.LOG2 [2011.11.06 16:43:38 | 000,065,536 | -HS- | M] () -- C:\Users\Kai-Uwe\ntuser.dat{16ed1698-0883-11e1-acf2-001bb9f77373}.TM.blf [2011.11.06 16:43:38 | 000,524,288 | -HS- | M] () -- C:\Users\Kai-Uwe\ntuser.dat{16ed1698-0883-11e1-acf2-001bb9f77373}.TMContainer00000000000000000001.regtrans-ms [2011.11.06 16:43:38 | 000,524,288 | -HS- | M] () -- C:\Users\Kai-Uwe\ntuser.dat{16ed1698-0883-11e1-acf2-001bb9f77373}.TMContainer00000000000000000002.regtrans-ms [2009.11.26 23:06:48 | 000,065,536 | -HS- | M] () -- C:\Users\Kai-Uwe\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf [2009.11.26 23:06:48 | 000,524,288 | -HS- | M] () -- C:\Users\Kai-Uwe\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms [2009.11.26 23:06:48 | 000,524,288 | -HS- | M] () -- C:\Users\Kai-Uwe\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms [2011.11.06 15:34:10 | 000,065,536 | -HS- | M] () -- C:\Users\Kai-Uwe\ntuser.dat{dc31b115-0877-11e1-bbcc-001bb9f77373}.TM.blf [2011.11.06 15:34:10 | 000,524,288 | -HS- | M] () -- C:\Users\Kai-Uwe\ntuser.dat{dc31b115-0877-11e1-bbcc-001bb9f77373}.TMContainer00000000000000000001.regtrans-ms [2011.11.06 15:34:10 | 000,524,288 | -HS- | M] () -- C:\Users\Kai-Uwe\ntuser.dat{dc31b115-0877-11e1-bbcc-001bb9f77373}.TMContainer00000000000000000002.regtrans-ms [2011.11.03 10:41:18 | 000,065,536 | -HS- | M] () -- C:\Users\Kai-Uwe\ntuser.dat{ebee929a-05f6-11e1-bdb8-001bb9f77373}.TM.blf [2011.11.03 10:41:18 | 000,524,288 | -HS- | M] () -- C:\Users\Kai-Uwe\ntuser.dat{ebee929a-05f6-11e1-bdb8-001bb9f77373}.TMContainer00000000000000000001.regtrans-ms [2011.11.03 10:41:18 | 000,524,288 | -HS- | M] () -- C:\Users\Kai-Uwe\ntuser.dat{ebee929a-05f6-11e1-bdb8-001bb9f77373}.TMContainer00000000000000000002.regtrans-ms [2009.11.26 22:57:35 | 000,000,020 | -HS- | M] () -- C:\Users\Kai-Uwe\ntuser.ini [2009.09.15 12:25:50 | 000,017,408 | ---- | M] () -- C:\Users\Kai-Uwe\Reise Nürnberg, Expertenrunde.doc < %USERPROFILE%\Local Settings\Temp\*.exe > < %USERPROFILE%\Local Settings\Temp\*.dll > < %USERPROFILE%\Application Data\*.exe > < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ========== Alternate Data Streams ========== @Alternate Data Stream - 197 bytes -> C:\ProgramData\TEMP:74A2CB83 @Alternate Data Stream - 188 bytes -> C:\ProgramData\TEMP:FB1B13D8 < End of report > extras.txtOTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 24.10.2012 09:01:10 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kai-Uwe\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,04 Gb Available Physical Memory | 68,03% Memory free
5,99 Gb Paging File | 4,54 Gb Available in Paging File | 75,73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 252,27 Gb Total Space | 197,53 Gb Free Space | 78,30% Space Free | Partition Type: NTFS
Drive D: | 203,73 Gb Total Space | 136,00 Gb Free Space | 66,75% Space Free | Partition Type: NTFS
Drive H: | 931,51 Gb Total Space | 491,32 Gb Free Space | 52,74% Space Free | Partition Type: NTFS
Drive I: | 9,76 Gb Total Space | 2,44 Gb Free Space | 24,98% Space Free | Partition Type: NTFS
Computer Name: KAI-UWE-PC | User Name: Kai-Uwe | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Pro 5.Manage] -- "C:\Program Files\ACD Systems\ACDSee Pro\5.0\ACDSeeQVPro5.exe" "%1" (ACD Systems International Inc.)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotoschau] -- "C:\Program Files\Pixum\Pixum EasyBook\Fotoschau.exe" -d "%1" ()
Directory [MediaMonkey.1Play] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Directory [pd4Encrypt] -- "C:\Program Files\AceBIT\Password Depot 4\PasswordDepot.exe" -encrypt "%1" (AceBIT GmbH)
Directory [pd4Erase] -- "C:\Program Files\AceBIT\Password Depot 4\PasswordDepot.exe" -erase "%1" (AceBIT GmbH)
Directory [Pixum EasyBook] -- "C:\Program Files\Pixum\Pixum EasyBook\Pixum EasyBook.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{04DAD9AB-AC18-4C47-B65B-11C68D7DBA70}" = SPR532 SmartCard Reader V2.25
"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0c8ebb00-4909-459c-8347-b2068b7f0319}" = OEM Share Pack
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
"{1111706F-666A-4037-7777-203328764D10}" = JavaFX 2.0.3
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = Geeks3D.com FurMark 1.9.1
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83217006FF}" = Java 7 Update 6
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{2FC7CE3A-23E5-41E8-975B-AA0236D649FD}" = Quicken DELUXE 2012
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}" = CyberLink WaveEditor 2
"{35E0BA9D-3AFE-402A-99CA-D94FE1E73D18}" = ACDSee Pro 5
"{3BAF214A-6C22-4101-95A9-682FDC6A3270}" = NAS Performance Toolkit
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D47B2C0-8748-4450-99AE-0746A5A74C8E}" = Binreader
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{42C123A7-EEF1-4FB1-9BDC-043BCFBAC515}" = AusweisApp
"{43B74FAB-FB58-447D-8D3A-5F638AF36FD1}" = Netzmanager
"{446DE210-2833-43A3-9916-799DD0729C18}" = calibre
"{450008C6-3722-4214-AB4F-9E45B57CB422}" = DDBAC
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E452688-1FFE-4042-8074-DFC4F85DFA5D}" = O&O Defrag Server
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution
"{7020FC34-6E04-4858-924D-354B28CB2402}_is1" = Luminance HDR 2.2.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7130468A-F53F-4698-8C09-A339EA3B05E6}" = Nokia Software Updater
"{71AA2137-C3F3-45C6-A408-81697FE5A3B8}" = PCmover Professional
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A70FCC4-E09F-45CE-ADB5-C208CEBF0A82}" = Servicepack Datumsaktualisierung
"{7D7C9A8A-F3B4-42A2-9AD2-5B0CA013267C}" = Lexware online banking
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}" = Nokia PC Suite
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E310838-457C-4269-B177-3EFB300CBDDC}" = Synology Data Replicator 3
"{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}" = Epson Event Manager
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8FCCB703-3FBF-49e7-A43F-A81E27D9B07E}" = CyberLink MediaShow 6
"{90AF0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-003F-0407-0000-0000000FF1CE}" = Microsoft Office Excel Viewer
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DDF445F-D818-4280-B182-41FAC10DB715}" = Configo
"{9F70E36A-8C0F-4069-9C81-9708E46E6F5E}" = O&O PartitionManager Professional
"{A212E6C2-20F7-4A8E-BD8E-DC3EE7483FA2}" = PRS-500 USB driver
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A748A983-311C-4D65-B570-E7764492803E}" = Password Depot 4
"{A7BF5269-3E74-11D5-B00F-00104B398D77}" = QuarkXPress 5.0
"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = CyberLink PowerBackup 2.6
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.2.24.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"{B70E5793-F912-4C62-AFE2-C4F0B078FD31}" = Reader Library by Sony
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer 5.5
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint 2.5
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CCE2DCFE-4A89-4BC0-B3EF-6A3F8E30A2D6}" = CyberLink OEM Share Pack 2
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240D2}" = WinZip 16.5
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{D729E05E-B2B9-4DC4-AF57-47310576EDE0}" = G Data InternetSecurity
"{DA7DF8E2-4B8F-4286-97FE-DE3FFFE9B728}" = iCloud
"{DD9098AC-05D1-4CAA-A28C-0927929543BE}" = O&O DiskImage Professional
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso 6.5
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy 1.5
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EC2F8A30-787F-4DA5-9A8F-8E7DFE777CC2}" = Servicepack Datumsaktualisierung
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2B28805-AFE6-46D6-B7CE-D2E758CEE629}" = SCL011 Generic Contactless Reader
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F7DAC756-8358-484B-928C-457F4E0E4B82}" = Cherry Smart Device Package V1.10 Build 4
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FA4C2D53-205F-4245-9717-F3761154824D}" = Safari
"{FE96C49B-DB90-405E-A00E-09E38372F880}" = Camera Control Pro 2
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0)
"5513-1208-7298-9440" = JDownloader 0.9
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Windows-Treiberpaket - Nokia Modem (02/25/2011 7.01.0.9)
"75070B1806113224B16C70296B90DD1AD8A53479" = Windows Driver Package - Sony Corporation (PRSUSB) USB (08/08/2006 1.0.03.08080)
"7Tweak_is1" = 7Tweak
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Allok AVI to DVD SVCD VCD Converter_is1" = Allok AVI to DVD SVCD VCD Converter 4.0.0422
"Any DVD Converter Professional_is1" = Any DVD Converter Professional 4.1.0
"Ape2CD_is1" = Ape2CD 4.5.1
"ArtStudioPro_is1" = ArtStudioPro
"Ashampoo Burning Studio 2009_is1" = Ashampoo Burning Studio 2009
"Ashampoo ClipFinder HD_is1" = Ashampoo ClipFinder HD v.2.2.6
"Ashampoo HDD Control_is1" = Ashampoo HDD Control 1.12
"Ashampoo Photo Converter_is1" = Ashampoo Photo Converter v.1.0.0
"Ashampoo WinOptimizer 6_is1" = Ashampoo WinOptimizer 6.60
"Audacity_is1" = Audacity 1.2.6
"Bytescout XLS Viewer_is1" = Bytescout XLS Viewer 2.30a (FREEWARE)
"Cartoonist_is1" = Cartoonist 1.3
"Collectorz.com MP3 Collector" = Collectorz.com MP3 Collector
"Collectorz.com Music Collector" = Collectorz.com Music Collector
"DAEMON Tools Lite" = DAEMON Tools Lite
"Digitale Bibliothek 5" = Digitale Bibliothek 5
"DivX Setup" = DivX-Setup
"DVDx 4.0 Open Edition" = DVDx 4.0 Open Edition
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Windows-Treiberpaket - Nokia Modem (02/25/2011 4.7)
"Easy Video Joiner_is1" = Easy Video Joiner 5.21
"EPSON Scanner" = EPSON Scan
"EPSON SX430 Series" = EPSON SX430 Series Printer Uninstall
"EPSON SX430 Series Bog" = Benutzerhandbuch - Grundlagen EPSON SX430 Series
"EPSON SX430 Series Netg" = Netzwerkhandbuch EPSON SX430 Series
"EPSON SX430 Series Useg" = Benutzerhandbuch EPSON SX430 Series
"eSan FLAC Ripper_is1" = eSan FLAC Ripper 1.0
"ESET Online Scanner" = ESET Online Scanner v3
"EZ Vinyl/Tape Converter by MixMeister_is1" = EZ Vinyl/Tape Converter 7.4 by MixMeister
"FairStars Audio Converter_is1" = FairStars Audio Converter 1.86
"Free Ape Player_is1" = Free Ape Player 1.5.1
"HDR Darkroom" = HDR Darkroom Windows Version v4.0
"ipswDownloader" = ipswDownloader 1.4
"IsoBuster_is1" = IsoBuster 2.5
"Jaangle music management" = Jaangle music management
"JDownloader" = JDownloader
"LaCie Device Updater" = LaCie Device Updater
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"MBase 2" = MBase 2
"MediaMonkey_is1" = MediaMonkey 3.2
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"Mozilla Thunderbird 12.0.1 (x86 de)" = Mozilla Thunderbird 12.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Netzmanager" = Netzmanager
"Nokia PC Suite" = Nokia PC Suite
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 11.64.1403" = Opera 11.64
"Opera 12.02.1578" = Opera 12.02
"Passbild-Generator_is1" = Bewerbungsfoto-/Passbild-Generator v3.5a
"Pixum EasyBook" = Pixum EasyBook
"QuarkXPress Passport" = QuarkXPress Passport 4.0
"RapidShare Manager" = RapidShare Manager
"RAR Password Cracker" = RAR Password Cracker 4.12
"RAR Repair Tool_is1" = RAR Repair Tool v.4.0.1
"ReNamer_is1" = ReNamer
"SpeedCommander 13" = SpeedCommander 13
"Synology Assistant" = Synology Assistant (remove only)
"Tag&Rename_is1" = Tag&Rename 3.5.7
"TightVNC" = TightVNC 2.0.2
"TomTom HOME" = TomTom HOME 2.8.3.2499
"U.R.Celeb" = U.R.Celeb 2.53
"VLC media player" = VLC media player 1.0.0
"Winamp" = Winamp
"WinAVI Video Converter 10.0_is1" = WinAVI Video Converter
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Xilisoft AVI to DVD Converter 6" = Xilisoft AVI to DVD Converter 6
"Xilisoft HD Video Converter" = Xilisoft HD Video Converter
"YouTube Video Grabber_is1" = YouTube Video Grabber version 1.9.6
"zonelink_TUNING_is1" = zoneLINK SystemUp 2009 Tuning
"ZonerPhotoStudio11_DE_is1" = Zoner Photo Studio 11
"ZonerPhotoStudio12_DE_is1" = Zoner Photo Studio 12
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Bubbles" = Bubbles
"f58f3889281ea80b" = ContainerEx Decrypter
"Folder Lock" = Folder Lock
"Google Chrome" = Google Chrome
"Sudoku-X" = Sudoku-X
"Winamp Detect" = Winamp Anwendungserkennung
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 27.09.2012 10:18:25 | Computer Name = Kai-Uwe-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll". Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 02.10.2012 05:30:51 | Computer Name = Kai-Uwe-PC | Source = Windows Backup | ID = 4103
Description =
Error - 02.10.2012 06:00:00 | Computer Name = Kai-Uwe-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll". Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 04.10.2012 07:38:13 | Computer Name = Kai-Uwe-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll". Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 09.10.2012 10:21:56 | Computer Name = Kai-Uwe-PC | Source = VSS | ID = 8194
Description =
Error - 09.10.2012 12:03:52 | Computer Name = Kai-Uwe-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll". Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 10.10.2012 08:41:07 | Computer Name = Kai-Uwe-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll". Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 15.10.2012 11:30:42 | Computer Name = Kai-Uwe-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll". Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 16.10.2012 05:19:44 | Computer Name = Kai-Uwe-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll". Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 23.10.2012 03:39:17 | Computer Name = Kai-Uwe-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll". Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
[ System Events ]
Error - 23.10.2012 02:13:28 | Computer Name = Kai-Uwe-PC | Source = VDS Basic Provider | ID = 33554433
Description =
Error - 23.10.2012 02:13:34 | Computer Name = Kai-Uwe-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet: %%1060
Error - 23.10.2012 02:14:15 | Computer Name = Kai-Uwe-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem
Fehler beendet: %%-2147024891
Error - 23.10.2012 02:14:15 | Computer Name = Kai-Uwe-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2147024891
Error - 23.10.2012 12:08:35 | Computer Name = Kai-Uwe-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 24.10.2012 02:27:00 | Computer Name = Kai-Uwe-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem
Fehler beendet: %%-2147024891
Error - 24.10.2012 02:27:11 | Computer Name = Kai-Uwe-PC | Source = VDS Basic Provider | ID = 33554433
Description =
Error - 24.10.2012 02:27:17 | Computer Name = Kai-Uwe-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet: %%1060
Error - 24.10.2012 02:27:43 | Computer Name = Kai-Uwe-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem
Fehler beendet: %%-2147024891
Error - 24.10.2012 02:27:43 | Computer Name = Kai-Uwe-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2147024891
< End of report >
|
|
24.10.2012, 17:22
| #4 | |
| /// Malware-holic | Email Port25 gesperrt hi Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!Downloade dir bitte Combofix von einem dieser Downloadspiegel Link 1 Link 2 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
25.10.2012, 08:22
| #5 |
| | Email Port25 gesperrt Combofix läuft seit 13Stunden. Ist das normal? Danke für deine Hilfe!!!! |
|
26.10.2012, 11:48
| #6 |
| | Email Port25 gesperrt Habe Combofix nach 15 Stunden (!) beenden wollen. Bildschirm eingefroren. Bin jetzt hilflos. Leute, was kann ich tun? |
|
26.10.2012, 11:52
| #7 |
| /// Malware-holic | Email Port25 gesperrt drücke mal reset. starte dann neu, drücke f8 wähle abgesicherter modus, melde dich in deinem konto an und versuche es mit combofix erneut, höchstens 2 stunden, bzw beachte, ob die stufen weiterlaufen.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
26.10.2012, 17:13
| #8 |
| | Email Port25 gesperrt Klappt auch nicht. Er sucht seit 90 Minuten nach infizierten Dateien. Cursor blinkt. Nichts passiert. Mist! Also noch mal zusammengefasst: Combofix läuft nicht. Auch nicht im abgesicherten Modus. Mein G-Data-Virenscanner ist abgeschaltet. Starte Combofix als Administrator vom Desktop. Aber nach dem Hinweis: "Suche nach infizierten Datein. Das sollte nicht länger als 10 Minuten dauern..." blinkt der Cursor, aber nichts passiert. Stundenlang. Ich bin hilflos. Gibt es eine Alternative? Danke für eure Mithilfe... |
|
28.10.2012, 20:49
| #9 |
| | Email Port25 gesperrt Kann mir denn jemand weiterhelfen? |
|
29.10.2012, 18:53
| #10 |
| /// Malware-holic | Email Port25 gesperrt schon mal was vom wochenende gehört? download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
29.10.2012, 19:27
| #11 |
| | Email Port25 gesperrt Sorry! Ich wollte niemanden ärgern. Habe gescannt, kann den Report aber nicht posten. Er zeigt ihn an. Ich kann ihn aber nicht kopieren. |
|
29.10.2012, 19:34
| #12 |
| /// Malware-holic | Email Port25 gesperrt tdss killer schließen. c: öffnen dort liegt eine tdsskiller-datum-version.txt deren inhalt posten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
29.10.2012, 19:41
| #13 |
| | Email Port25 gesperrt 19:16:52.0458 4552 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47 19:16:52.0676 4552 ============================================================ 19:16:52.0676 4552 Current date / time: 2012/10/29 19:16:52.0676 19:16:52.0676 4552 SystemInfo: 19:16:52.0676 4552 19:16:52.0676 4552 OS Version: 6.1.7601 ServicePack: 1.0 19:16:52.0676 4552 Product type: Workstation 19:16:52.0676 4552 ComputerName: KAI-UWE-PC 19:16:52.0676 4552 UserName: Kai-Uwe 19:16:52.0676 4552 Windows directory: C:\Windows 19:16:52.0676 4552 System windows directory: C:\Windows 19:16:52.0676 4552 Processor architecture: Intel x86 19:16:52.0676 4552 Number of processors: 4 19:16:52.0676 4552 Page size: 0x1000 19:16:52.0676 4552 Boot type: Normal boot 19:16:52.0676 4552 ============================================================ 19:16:53.0566 4552 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 19:16:53.0566 4552 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 19:16:53.0612 4552 ============================================================ 19:16:53.0612 4552 \Device\Harddisk0\DR0: 19:16:53.0612 4552 MBR partitions: 19:16:53.0612 4552 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1385000, BlocksNum 0x1977489D 19:16:53.0612 4552 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1AAF989D, BlocksNum 0x1F88C792 19:16:53.0612 4552 \Device\Harddisk1\DR1: 19:16:53.0612 4552 MBR partitions: 19:16:53.0612 4552 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x747059C1 19:16:53.0612 4552 ============================================================ 19:16:53.0784 4552 C: <-> \Device\Harddisk0\DR0\Partition2 19:16:53.0924 4552 D: <-> \Device\Harddisk0\DR0\Partition1 19:16:53.0940 4552 H: <-> \Device\Harddisk1\DR1\Partition1 19:16:53.0940 4552 ============================================================ 19:16:53.0940 4552 Initialize success 19:16:53.0940 4552 ============================================================ 19:17:32.0452 5572 ============================================================ 19:17:32.0452 5572 Scan started 19:17:32.0452 5572 Mode: Manual; SigCheck; TDLFS; 19:17:32.0452 5572 ============================================================ 19:17:32.0842 5572 ================ Scan system memory ======================== 19:17:32.0842 5572 System memory - ok 19:17:32.0842 5572 ================ Scan services ============================= 19:17:33.0013 5572 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 19:17:33.0263 5572 1394ohci - ok 19:17:33.0310 5572 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys 19:17:33.0466 5572 ACPI - ok 19:17:33.0513 5572 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 19:17:33.0622 5572 AcpiPmi - ok 19:17:33.0684 5572 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 19:17:33.0793 5572 adp94xx - ok 19:17:33.0809 5572 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 19:17:33.0918 5572 adpahci - ok 19:17:33.0949 5572 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 19:17:33.0996 5572 adpu320 - ok 19:17:34.0027 5572 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 19:17:34.0152 5572 AeLookupSvc - ok 19:17:34.0183 5572 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys 19:17:34.0339 5572 AFD - ok 19:17:34.0386 5572 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys 19:17:34.0480 5572 agp440 - ok 19:17:34.0527 5572 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys 19:17:34.0605 5572 aic78xx - ok 19:17:34.0698 5572 AIDA64Driver - ok 19:17:34.0745 5572 AirPrint - ok 19:17:34.0792 5572 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe 19:17:34.0963 5572 ALG - ok 19:17:35.0010 5572 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys 19:17:35.0104 5572 aliide - ok 19:17:35.0151 5572 [ 4B808991F51D50BC6A3A3C8541D52748 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 19:17:35.0353 5572 AMD External Events Utility - ok 19:17:35.0385 5572 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys 19:17:35.0463 5572 amdagp - ok 19:17:35.0494 5572 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys 19:17:35.0556 5572 amdide - ok 19:17:35.0587 5572 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 19:17:35.0712 5572 AmdK8 - ok 19:17:35.0946 5572 [ BC7C2154C4B23F74222859C4D93A3039 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 19:17:36.0430 5572 amdkmdag - ok 19:17:36.0477 5572 [ DC5D417390A70DB5583374A232BE622F ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 19:17:36.0601 5572 amdkmdap - ok 19:17:36.0633 5572 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 19:17:36.0711 5572 AmdPPM - ok 19:17:36.0742 5572 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys 19:17:36.0835 5572 amdsata - ok 19:17:36.0882 5572 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 19:17:36.0945 5572 amdsbs - ok 19:17:36.0976 5572 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys 19:17:37.0054 5572 amdxata - ok 19:17:37.0085 5572 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys 19:17:37.0179 5572 AppID - ok 19:17:37.0225 5572 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll 19:17:37.0319 5572 AppIDSvc - ok 19:17:37.0350 5572 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll 19:17:37.0428 5572 Appinfo - ok 19:17:37.0553 5572 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 19:17:37.0615 5572 Apple Mobile Device - ok 19:17:37.0662 5572 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll 19:17:37.0787 5572 AppMgmt - ok 19:17:37.0834 5572 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys 19:17:37.0896 5572 arc - ok 19:17:37.0912 5572 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 19:17:37.0990 5572 arcsas - ok 19:17:38.0099 5572 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 19:17:38.0161 5572 aspnet_state - ok 19:17:38.0193 5572 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 19:17:38.0364 5572 AsyncMac - ok 19:17:38.0395 5572 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys 19:17:38.0505 5572 atapi - ok 19:17:38.0723 5572 [ BC7C2154C4B23F74222859C4D93A3039 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys 19:17:39.0004 5572 atikmdag - ok 19:17:39.0066 5572 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 19:17:39.0222 5572 AudioEndpointBuilder - ok 19:17:39.0253 5572 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll 19:17:39.0316 5572 Audiosrv - ok 19:17:39.0425 5572 [ 780AC17E6C1B5A35AB5A2BA58212EA55 ] AVKProxy C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe 19:17:39.0721 5572 AVKProxy - ok 19:17:39.0768 5572 [ EB024C7DFCFBC24117BABD07B4020D81 ] AVKService C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe 19:17:39.0924 5572 AVKService - ok 19:17:39.0971 5572 [ 360E4F34D4FD87A432639A48054954EA ] AVKWCtl C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe 19:17:40.0189 5572 AVKWCtl - ok 19:17:40.0221 5572 [ 728C4A6C722535C16D1025F51AA31E22 ] avmaudio C:\Windows\system32\DRIVERS\avmaudio.sys 19:17:40.0361 5572 avmaudio - ok 19:17:40.0392 5572 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll 19:17:40.0470 5572 AxInstSV - ok 19:17:40.0517 5572 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys 19:17:40.0689 5572 b06bdrv - ok 19:17:40.0735 5572 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys 19:17:40.0813 5572 b57nd60x - ok 19:17:40.0860 5572 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll 19:17:40.0938 5572 BDESVC - ok 19:17:40.0969 5572 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys 19:17:41.0047 5572 Beep - ok 19:17:41.0110 5572 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll 19:17:41.0250 5572 BFE - ok 19:17:41.0344 5572 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll 19:17:41.0469 5572 BITS - ok 19:17:41.0500 5572 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 19:17:41.0578 5572 blbdrive - ok 19:17:41.0671 5572 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 19:17:41.0765 5572 Bonjour Service - ok 19:17:41.0812 5572 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 19:17:41.0937 5572 bowser - ok 19:17:41.0968 5572 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 19:17:42.0108 5572 BrFiltLo - ok 19:17:42.0155 5572 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 19:17:42.0249 5572 BrFiltUp - ok 19:17:42.0280 5572 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys 19:17:42.0405 5572 BridgeMP - ok 19:17:42.0436 5572 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll 19:17:42.0529 5572 Browser - ok 19:17:42.0545 5572 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys 19:17:42.0717 5572 Brserid - ok 19:17:42.0717 5572 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 19:17:42.0795 5572 BrSerWdm - ok 19:17:42.0826 5572 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 19:17:42.0904 5572 BrUsbMdm - ok 19:17:42.0904 5572 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 19:17:42.0982 5572 BrUsbSer - ok 19:17:42.0997 5572 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 19:17:43.0091 5572 BTHMODEM - ok 19:17:43.0153 5572 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll 19:17:43.0263 5572 bthserv - ok 19:17:43.0309 5572 [ 8352B60010DBB820D271C18DD197DA90 ] busenum C:\Windows\system32\DRIVERS\busenum.sys 19:17:43.0403 5572 busenum - ok 19:17:43.0481 5572 [ D94B86AD01A3CC323619D4FF512ED6FA ] catchme C:\Users\Kai-Uwe\AppData\Local\Temp\catchme.sys 19:17:43.0637 5572 catchme ( UnsignedFile.Multi.Generic ) - warning 19:17:43.0637 5572 catchme - detected UnsignedFile.Multi.Generic (1) 19:17:43.0668 5572 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 19:17:43.0762 5572 cdfs - ok 19:17:43.0809 5572 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 19:17:43.0902 5572 cdrom - ok 19:17:43.0949 5572 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll 19:17:44.0074 5572 CertPropSvc - ok 19:17:44.0105 5572 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys 19:17:44.0183 5572 circlass - ok 19:17:44.0214 5572 [ A0962F52FA8C5155119E9AD781304D20 ] CLBStor C:\Windows\system32\drivers\CLBStor.sys 19:17:44.0292 5572 CLBStor - ok 19:17:44.0401 5572 [ F5047CFBC9F83940EF541F7361A4D98F ] CLBUDF C:\Windows\system32\drivers\CLBUDF.sys 19:17:44.0479 5572 CLBUDF - ok 19:17:44.0511 5572 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys 19:17:44.0604 5572 CLFS - ok 19:17:44.0760 5572 [ FC9BC12BA16B8A6B827D20089EFFDF72 ] CLHNServiceForPowerDVD12 C:\Program Files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe 19:17:44.0885 5572 CLHNServiceForPowerDVD12 - ok 19:17:44.0947 5572 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 19:17:45.0041 5572 clr_optimization_v2.0.50727_32 - ok 19:17:45.0103 5572 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 19:17:45.0166 5572 clr_optimization_v4.0.30319_32 - ok 19:17:45.0228 5572 [ 94AAA1A2EE909305B44DE9868B616BC4 ] CLVirtualDrive C:\Windows\system32\DRIVERS\CLVirtualDrive.sys 19:17:45.0291 5572 CLVirtualDrive - ok 19:17:45.0322 5572 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 19:17:45.0415 5572 CmBatt - ok 19:17:45.0431 5572 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys 19:17:45.0493 5572 cmdide - ok 19:17:45.0509 5572 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys 19:17:45.0649 5572 CNG - ok 19:17:45.0681 5572 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 19:17:45.0743 5572 Compbatt - ok 19:17:45.0774 5572 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 19:17:45.0868 5572 CompositeBus - ok 19:17:45.0883 5572 COMSysApp - ok 19:17:45.0899 5572 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 19:17:45.0977 5572 crcdisk - ok 19:17:46.0008 5572 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll 19:17:46.0102 5572 CryptSvc - ok 19:17:46.0149 5572 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys 19:17:46.0289 5572 CSC - ok 19:17:46.0320 5572 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll 19:17:46.0445 5572 CscService - ok 19:17:46.0507 5572 [ 056F2A081BBD1F053BFE82049D592C1E ] CyberLink PowerDVD 12 Media Server Monitor Service C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe 19:17:46.0585 5572 CyberLink PowerDVD 12 Media Server Monitor Service - ok 19:17:46.0632 5572 [ FE9D94580ACDFA1BEA117EA1FADBD615 ] CyberLink PowerDVD 12 Media Server Service C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe 19:17:46.0741 5572 CyberLink PowerDVD 12 Media Server Service - ok 19:17:46.0773 5572 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll 19:17:46.0929 5572 DcomLaunch - ok 19:17:46.0975 5572 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll 19:17:47.0085 5572 defragsvc - ok 19:17:47.0116 5572 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 19:17:47.0225 5572 DfsC - ok 19:17:47.0350 5572 [ 92AE26F2CAF4A67E24A0BA6DDF32CC3C ] DfSdkS C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe 19:17:47.0490 5572 DfSdkS ( UnsignedFile.Multi.Generic ) - warning 19:17:47.0490 5572 DfSdkS - detected UnsignedFile.Multi.Generic (1) 19:17:47.0537 5572 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll 19:17:47.0631 5572 Dhcp - ok 19:17:47.0662 5572 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys 19:17:47.0755 5572 discache - ok 19:17:47.0802 5572 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys 19:17:47.0880 5572 Disk - ok 19:17:47.0911 5572 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll 19:17:48.0021 5572 Dnscache - ok 19:17:48.0052 5572 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll 19:17:48.0161 5572 dot3svc - ok 19:17:48.0192 5572 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll 19:17:48.0301 5572 DPS - ok 19:17:48.0333 5572 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 19:17:48.0411 5572 drmkaud - ok 19:17:48.0442 5572 [ C0C7CECCB6C85994C2BC92D58E52D3F2 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys 19:17:48.0504 5572 dtsoftbus01 - ok 19:17:48.0551 5572 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 19:17:48.0676 5572 DXGKrnl - ok 19:17:48.0691 5572 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll 19:17:48.0801 5572 EapHost - ok 19:17:48.0910 5572 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys 19:17:49.0113 5572 ebdrv - ok 19:17:49.0144 5572 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe 19:17:49.0222 5572 EFS - ok 19:17:49.0284 5572 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 19:17:49.0425 5572 ehRecvr - ok 19:17:49.0456 5572 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe 19:17:49.0565 5572 ehSched - ok 19:17:49.0627 5572 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 19:17:49.0721 5572 elxstor - ok 19:17:49.0783 5572 [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe 19:17:49.0877 5572 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - warning 19:17:49.0877 5572 EpsonBidirectionalService - detected UnsignedFile.Multi.Generic (1) 19:17:49.0939 5572 [ 0786BF6298B4927FCFBB0B34614AEC79 ] EPSON_EB_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE 19:17:50.0033 5572 EPSON_EB_RPCV4_04 - ok 19:17:50.0064 5572 [ 41655972D8829F0974812FFE342031B5 ] EPSON_PM_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE 19:17:50.0142 5572 EPSON_PM_RPCV4_04 - ok 19:17:50.0173 5572 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys 19:17:50.0267 5572 ErrDev - ok 19:17:50.0314 5572 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll 19:17:50.0439 5572 EventSystem - ok 19:17:50.0470 5572 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys 19:17:50.0548 5572 exfat - ok 19:17:50.0563 5572 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys 19:17:50.0688 5572 fastfat - ok 19:17:50.0735 5572 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe 19:17:50.0922 5572 Fax - ok 19:17:50.0953 5572 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys 19:17:51.0031 5572 fdc - ok 19:17:51.0063 5572 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll 19:17:51.0156 5572 fdPHost - ok 19:17:51.0187 5572 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll 19:17:51.0297 5572 FDResPub - ok 19:17:51.0312 5572 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 19:17:51.0406 5572 FileInfo - ok 19:17:51.0421 5572 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 19:17:51.0499 5572 Filetrace - ok 19:17:51.0609 5572 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 19:17:51.0765 5572 FLEXnet Licensing Service - ok 19:17:51.0796 5572 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 19:17:51.0874 5572 flpydisk - ok 19:17:51.0889 5572 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 19:17:51.0999 5572 FltMgr - ok 19:17:52.0045 5572 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll 19:17:52.0186 5572 FontCache - ok 19:17:52.0233 5572 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 19:17:52.0311 5572 FontCache3.0.0.0 - ok 19:17:52.0342 5572 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 19:17:52.0389 5572 FsDepends - ok 19:17:52.0404 5572 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 19:17:52.0467 5572 Fs_Rec - ok 19:17:52.0513 5572 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 19:17:52.0607 5572 fvevol - ok 19:17:52.0654 5572 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 19:17:52.0732 5572 gagp30kx - ok 19:17:52.0794 5572 [ B8BF5309C3ECAE7727CDE3B4778C8DCF ] GatewayAgentService C:\Program Files\OO Software\Shared\GatewayAgent\ooemcgats.exe 19:17:52.0857 5572 GatewayAgentService - ok 19:17:52.0903 5572 [ D54A94BB49EC52A930EB39A3EB4F43C6 ] GDBehave C:\Windows\system32\drivers\GDBehave.sys 19:17:52.0966 5572 GDBehave - ok 19:17:52.0997 5572 [ 76E409E9264E6732359F89FBCAC098A7 ] GDMnIcpt C:\Windows\system32\drivers\MiniIcpt.sys 19:17:53.0075 5572 GDMnIcpt - ok 19:17:53.0122 5572 [ D31F31342349964E245EAAC1BDC5F6A6 ] GDScan C:\Program Files\Common Files\G DATA\GDScan\GDScan.exe 19:17:53.0247 5572 GDScan - ok 19:17:53.0262 5572 [ DF12E76844F20E6537991E127F1202F4 ] gdwfpcd C:\Windows\system32\DRIVERS\gdwfpcd32.sys 19:17:53.0340 5572 gdwfpcd - ok 19:17:53.0387 5572 [ 185ADA973B5020655CEE342059A86CBB ] GearAspiWDM C:\Windows\system32\drivers\GEARAspiWDM.sys 19:17:53.0449 5572 GearAspiWDM - ok 19:17:53.0496 5572 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll 19:17:53.0637 5572 gpsvc - ok 19:17:53.0699 5572 [ 0AC851CDCBA2D19AC13C3975EDFCA777 ] GRD C:\Windows\system32\drivers\GRD.sys 19:17:53.0761 5572 GRD - ok 19:17:53.0793 5572 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 19:17:53.0902 5572 hcw85cir - ok 19:17:53.0964 5572 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 19:17:54.0058 5572 HdAudAddService - ok 19:17:54.0089 5572 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 19:17:54.0198 5572 HDAudBus - ok 19:17:54.0229 5572 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 19:17:54.0307 5572 HidBatt - ok 19:17:54.0323 5572 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 19:17:54.0417 5572 HidBth - ok 19:17:54.0432 5572 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 19:17:54.0495 5572 HidIr - ok 19:17:54.0510 5572 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll 19:17:54.0604 5572 hidserv - ok 19:17:54.0651 5572 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 19:17:54.0729 5572 HidUsb - ok 19:17:54.0760 5572 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll 19:17:54.0838 5572 hkmsvc - ok 19:17:54.0885 5572 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 19:17:54.0994 5572 HomeGroupListener - ok 19:17:55.0041 5572 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 19:17:55.0134 5572 HomeGroupProvider - ok 19:17:55.0166 5572 [ 17BF8A644D80DAF08E28556DCB80BEA2 ] HookCentre C:\Windows\system32\drivers\HookCentre.sys 19:17:55.0228 5572 HookCentre - ok 19:17:55.0275 5572 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 19:17:55.0353 5572 HpSAMD - ok 19:17:55.0400 5572 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys 19:17:55.0587 5572 HTTP - ok 19:17:55.0618 5572 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 19:17:55.0680 5572 hwpolicy - ok 19:17:55.0727 5572 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 19:17:55.0821 5572 i8042prt - ok 19:17:55.0868 5572 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 19:17:55.0961 5572 iaStorV - ok 19:17:56.0039 5572 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 19:17:56.0164 5572 IDriverT ( UnsignedFile.Multi.Generic ) - warning 19:17:56.0164 5572 IDriverT - detected UnsignedFile.Multi.Generic (1) 19:17:56.0211 5572 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 19:17:56.0398 5572 idsvc - ok 19:17:56.0445 5572 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 19:17:56.0523 5572 iirsp - ok 19:17:56.0570 5572 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll 19:17:56.0679 5572 IKEEXT - ok 19:17:56.0804 5572 [ 345AC48D17F5C2F2AA1EE50D34C3978B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys 19:17:57.0100 5572 IntcAzAudAddService - ok 19:17:57.0131 5572 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys 19:17:57.0225 5572 intelide - ok 19:17:57.0256 5572 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 19:17:57.0303 5572 intelppm - ok 19:17:57.0334 5572 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 19:17:57.0443 5572 IPBusEnum - ok 19:17:57.0459 5572 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 19:17:57.0537 5572 IpFilterDriver - ok 19:17:57.0552 5572 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 19:17:57.0646 5572 IPMIDRV - ok 19:17:57.0662 5572 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys 19:17:57.0771 5572 IPNAT - ok 19:17:57.0849 5572 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 19:17:58.0052 5572 iPod Service - ok 19:17:58.0083 5572 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys 19:17:58.0176 5572 IRENUM - ok 19:17:58.0192 5572 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys 19:17:58.0239 5572 isapnp - ok 19:17:58.0254 5572 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 19:17:58.0364 5572 iScsiPrt - ok 19:17:58.0410 5572 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 19:17:58.0504 5572 kbdclass - ok 19:17:58.0551 5572 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 19:17:58.0629 5572 kbdhid - ok 19:17:58.0644 5572 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe 19:17:58.0691 5572 KeyIso - ok 19:17:58.0722 5572 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 19:17:58.0785 5572 KSecDD - ok 19:17:58.0800 5572 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 19:17:58.0894 5572 KSecPkg - ok 19:17:58.0925 5572 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll 19:17:59.0034 5572 KtmRm - ok 19:17:59.0081 5572 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll 19:17:59.0175 5572 LanmanServer - ok 19:17:59.0206 5572 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 19:17:59.0284 5572 LanmanWorkstation - ok 19:17:59.0315 5572 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 19:17:59.0424 5572 lltdio - ok 19:17:59.0456 5572 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll 19:17:59.0549 5572 lltdsvc - ok 19:17:59.0565 5572 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll 19:17:59.0643 5572 lmhosts - ok 19:17:59.0690 5572 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 19:17:59.0752 5572 LSI_FC - ok 19:17:59.0768 5572 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 19:17:59.0846 5572 LSI_SAS - ok 19:17:59.0877 5572 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 19:17:59.0939 5572 LSI_SAS2 - ok 19:17:59.0970 5572 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 19:18:00.0033 5572 LSI_SCSI - ok 19:18:00.0064 5572 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys 19:18:00.0158 5572 luafv - ok 19:18:00.0204 5572 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 19:18:00.0251 5572 MBAMProtector - ok 19:18:00.0329 5572 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe 19:18:00.0438 5572 MBAMScheduler - ok 19:18:00.0501 5572 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe 19:18:00.0626 5572 MBAMService - ok 19:18:00.0672 5572 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 19:18:00.0719 5572 Mcx2Svc - ok 19:18:00.0766 5572 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 19:18:00.0828 5572 megasas - ok 19:18:00.0844 5572 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 19:18:00.0922 5572 MegaSR - ok 19:18:00.0953 5572 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll 19:18:01.0016 5572 MMCSS - ok 19:18:01.0031 5572 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys 19:18:01.0125 5572 Modem - ok 19:18:01.0172 5572 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 19:18:01.0250 5572 monitor - ok 19:18:01.0281 5572 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 19:18:01.0328 5572 mouclass - ok 19:18:01.0390 5572 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 19:18:01.0468 5572 mouhid - ok 19:18:01.0499 5572 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 19:18:01.0562 5572 mountmgr - ok 19:18:01.0640 5572 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 19:18:01.0718 5572 MozillaMaintenance - ok 19:18:01.0749 5572 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys 19:18:01.0827 5572 mpio - ok 19:18:01.0858 5572 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 19:18:01.0936 5572 mpsdrv - ok 19:18:01.0967 5572 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 19:18:02.0045 5572 MRxDAV - ok 19:18:02.0076 5572 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 19:18:02.0186 5572 mrxsmb - ok 19:18:02.0217 5572 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 19:18:02.0310 5572 mrxsmb10 - ok 19:18:02.0326 5572 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 19:18:02.0420 5572 mrxsmb20 - ok 19:18:02.0466 5572 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys 19:18:02.0498 5572 msahci - ok 19:18:02.0529 5572 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys 19:18:02.0576 5572 msdsm - ok 19:18:02.0607 5572 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe 19:18:02.0700 5572 MSDTC - ok 19:18:02.0732 5572 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys 19:18:02.0825 5572 Msfs - ok 19:18:02.0841 5572 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 19:18:02.0934 5572 mshidkmdf - ok 19:18:02.0950 5572 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 19:18:03.0028 5572 msisadrv - ok 19:18:03.0075 5572 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 19:18:03.0184 5572 MSiSCSI - ok 19:18:03.0184 5572 msiserver - ok 19:18:03.0215 5572 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 19:18:03.0309 5572 MSKSSRV - ok 19:18:03.0324 5572 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 19:18:03.0434 5572 MSPCLOCK - ok 19:18:03.0449 5572 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 19:18:03.0543 5572 MSPQM - ok 19:18:03.0558 5572 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 19:18:03.0652 5572 MsRPC - ok 19:18:03.0699 5572 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 19:18:03.0761 5572 mssmbios - ok 19:18:03.0792 5572 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 19:18:03.0839 5572 MSTEE - ok 19:18:03.0855 5572 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 19:18:03.0902 5572 MTConfig - ok 19:18:03.0933 5572 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys 19:18:03.0980 5572 Mup - ok 19:18:04.0011 5572 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll 19:18:04.0167 5572 napagent - ok 19:18:04.0214 5572 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 19:18:04.0276 5572 NativeWifiP - ok 19:18:04.0323 5572 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys 19:18:04.0479 5572 NDIS - ok 19:18:04.0526 5572 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 19:18:04.0619 5572 NdisCap - ok 19:18:04.0650 5572 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 19:18:04.0713 5572 NdisTapi - ok 19:18:04.0760 5572 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 19:18:04.0838 5572 Ndisuio - ok 19:18:04.0869 5572 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 19:18:04.0962 5572 NdisWan - ok 19:18:04.0994 5572 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 19:18:05.0072 5572 NDProxy - ok 19:18:05.0118 5572 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 19:18:05.0181 5572 NetBIOS - ok 19:18:05.0228 5572 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 19:18:05.0352 5572 NetBT - ok 19:18:05.0368 5572 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe 19:18:05.0415 5572 Netlogon - ok 19:18:05.0462 5572 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll 19:18:05.0586 5572 Netman - ok 19:18:05.0633 5572 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 19:18:05.0680 5572 NetMsmqActivator - ok 19:18:05.0696 5572 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 19:18:05.0742 5572 NetPipeActivator - ok 19:18:05.0774 5572 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll 19:18:05.0898 5572 netprofm - ok 19:18:05.0930 5572 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 19:18:05.0976 5572 NetTcpActivator - ok 19:18:05.0976 5572 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 19:18:06.0023 5572 NetTcpPortSharing - ok 19:18:06.0164 5572 [ 70B5B4E69A07895DF30291CAB6ABDA54 ] Netzmanager Service C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe 19:18:06.0366 5572 Netzmanager Service ( UnsignedFile.Multi.Generic ) - warning 19:18:06.0366 5572 Netzmanager Service - detected UnsignedFile.Multi.Generic (1) 19:18:06.0398 5572 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 19:18:06.0476 5572 nfrd960 - ok 19:18:06.0507 5572 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll 19:18:06.0632 5572 NlaSvc - ok 19:18:06.0678 5572 [ F6C40E0A565EE3CE5AEEB325E10054F2 ] nmwcd C:\Windows\system32\drivers\ccdcmb.sys 19:18:06.0788 5572 nmwcd - ok 19:18:06.0834 5572 [ 2A394E9E1FA3565E4B2FEA470FFE4D6B ] nmwcdc C:\Windows\system32\drivers\ccdcmbo.sys 19:18:06.0928 5572 nmwcdc - ok 19:18:06.0990 5572 [ 99B224F8026CB534724AA3C408561E45 ] nmwcdnsu C:\Windows\system32\drivers\nmwcdnsu.sys 19:18:07.0100 5572 nmwcdnsu - ok 19:18:07.0162 5572 [ D23257682D349A5E2E4507ED33DECC16 ] nmwcdnsuc C:\Windows\system32\drivers\nmwcdnsuc.sys 19:18:07.0224 5572 nmwcdnsuc - ok 19:18:07.0240 5572 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys 19:18:07.0334 5572 Npfs - ok 19:18:07.0365 5572 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll 19:18:07.0458 5572 nsi - ok 19:18:07.0474 5572 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 19:18:07.0552 5572 nsiproxy - ok 19:18:07.0614 5572 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 19:18:07.0895 5572 Ntfs - ok 19:18:07.0973 5572 [ 5C534BA2266F6063A6EC054C81745C7B ] ntk_PowerDVD12 C:\Program Files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12.sys 19:18:08.0020 5572 ntk_PowerDVD12 - ok 19:18:08.0051 5572 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys 19:18:08.0145 5572 Null - ok 19:18:08.0207 5572 [ 93C0F383B39B1F5FE7203E3270D4CF52 ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys 19:18:08.0285 5572 NVHDA - ok 19:18:08.0550 5572 [ 66B4BF606FCC7F0622D4A21BB1461089 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 19:18:09.0081 5572 nvlddmkm - ok 19:18:09.0112 5572 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys 19:18:09.0174 5572 nvraid - ok 19:18:09.0174 5572 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys 19:18:09.0252 5572 nvstor - ok 19:18:09.0315 5572 [ D122F7C5F79C68868F5DC28CEFEB2ECF ] nvsvc C:\Windows\system32\nvvsvc.exe 19:18:09.0486 5572 nvsvc - ok 19:18:09.0518 5572 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 19:18:09.0580 5572 nv_agp - ok 19:18:09.0611 5572 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 19:18:09.0689 5572 ohci1394 - ok 19:18:09.0861 5572 [ 0F0F3CD29D8DE33DBFDC3AD5750B9AE2 ] OO DiskImage C:\Program Files\OO Software\DiskImage\oodiag.exe 19:18:10.0110 5572 OO DiskImage - ok 19:18:10.0220 5572 [ 98A418CFF837DF4954006BD8F23EC903 ] OODefragAgent C:\Program Files\OO Software\Defrag\oodag.exe 19:18:10.0407 5572 OODefragAgent - ok 19:18:10.0469 5572 [ 835CF86D029E7D8292FE2E7EE042B8A4 ] oodisr C:\Windows\system32\DRIVERS\oodisr.sys 19:18:10.0532 5572 oodisr - ok 19:18:10.0563 5572 [ 29C27F767A8DF88F63C5C15F64D7DA72 ] oodisrh C:\Windows\system32\DRIVERS\oodisrh.sys 19:18:10.0641 5572 oodisrh - ok 19:18:10.0672 5572 [ 6B46FBC12A1F389E2CC8B255B45BD64B ] oodivd C:\Windows\system32\DRIVERS\oodivd.sys 19:18:10.0766 5572 oodivd - ok 19:18:10.0766 5572 [ 705D4DE2F708A1D81091923FC1AE9D91 ] oodivdh C:\Windows\system32\DRIVERS\oodivdh.sys 19:18:10.0812 5572 oodivdh - ok 19:18:10.0844 5572 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 19:18:10.0953 5572 p2pimsvc - ok 19:18:11.0000 5572 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll 19:18:11.0078 5572 p2psvc - ok 19:18:11.0124 5572 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys 19:18:11.0187 5572 Parport - ok 19:18:11.0218 5572 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys 19:18:11.0296 5572 partmgr - ok 19:18:11.0327 5572 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys 19:18:11.0405 5572 Parvdm - ok 19:18:11.0436 5572 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll 19:18:11.0514 5572 PcaSvc - ok 19:18:11.0561 5572 [ F451DCACBAA67F3307305EBD4A39EA07 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys 19:18:11.0655 5572 pccsmcfd - ok 19:18:11.0686 5572 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys 19:18:11.0764 5572 pci - ok 19:18:11.0811 5572 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys 19:18:11.0858 5572 pciide - ok 19:18:11.0904 5572 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 19:18:11.0967 5572 pcmcia - ok 19:18:11.0998 5572 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys 19:18:12.0045 5572 pcw - ok 19:18:12.0076 5572 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys 19:18:12.0216 5572 PEAUTH - ok 19:18:12.0279 5572 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 19:18:12.0388 5572 PeerDistSvc - ok 19:18:12.0528 5572 [ F042EE4C8D66248D9B86DCF52ABAE416 ] PEVSystemStart C:\ComboFix\pev.3XE 19:18:12.0778 5572 PEVSystemStart ( UnsignedFile.Multi.Generic ) - warning 19:18:12.0778 5572 PEVSystemStart - detected UnsignedFile.Multi.Generic (1) 19:18:12.0840 5572 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll 19:18:13.0012 5572 pla - ok 19:18:13.0074 5572 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll 19:18:13.0230 5572 PlugPlay - ok 19:18:13.0262 5572 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 19:18:13.0340 5572 PNRPAutoReg - ok 19:18:13.0371 5572 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 19:18:13.0418 5572 PNRPsvc - ok 19:18:13.0464 5572 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 19:18:13.0558 5572 PolicyAgent - ok 19:18:13.0589 5572 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll 19:18:13.0667 5572 Power - ok 19:18:13.0698 5572 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 19:18:13.0776 5572 PptpMiniport - ok 19:18:13.0808 5572 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys 19:18:13.0870 5572 Processor - ok 19:18:13.0901 5572 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll 19:18:13.0995 5572 ProfSvc - ok 19:18:14.0010 5572 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe 19:18:14.0073 5572 ProtectedStorage - ok 19:18:14.0104 5572 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys 19:18:14.0213 5572 Psched - ok 19:18:14.0276 5572 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 19:18:14.0385 5572 ql2300 - ok 19:18:14.0400 5572 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 19:18:14.0447 5572 ql40xx - ok 19:18:14.0478 5572 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll 19:18:14.0572 5572 QWAVE - ok 19:18:14.0603 5572 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 19:18:14.0666 5572 QWAVEdrv - ok 19:18:14.0666 5572 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 19:18:14.0744 5572 RasAcd - ok 19:18:14.0775 5572 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 19:18:14.0837 5572 RasAgileVpn - ok 19:18:14.0853 5572 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll 19:18:14.0946 5572 RasAuto - ok 19:18:14.0978 5572 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 19:18:15.0056 5572 Rasl2tp - ok 19:18:15.0087 5572 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll 19:18:15.0180 5572 RasMan - ok 19:18:15.0212 5572 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 19:18:15.0274 5572 RasPppoe - ok 19:18:15.0321 5572 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 19:18:15.0414 5572 RasSstp - ok 19:18:15.0446 5572 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 19:18:15.0555 5572 rdbss - ok 19:18:15.0586 5572 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 19:18:15.0633 5572 rdpbus - ok 19:18:15.0664 5572 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 19:18:15.0726 5572 RDPCDD - ok 19:18:15.0773 5572 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 19:18:15.0836 5572 RDPDR - ok 19:18:15.0882 5572 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 19:18:15.0960 5572 RDPENCDD - ok 19:18:15.0976 5572 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 19:18:16.0054 5572 RDPREFMP - ok 19:18:16.0116 5572 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 19:18:16.0194 5572 RdpVideoMiniport - ok 19:18:16.0226 5572 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 19:18:16.0335 5572 RDPWD - ok 19:18:16.0382 5572 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 19:18:16.0444 5572 rdyboost - ok 19:18:16.0475 5572 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll 19:18:16.0553 5572 RemoteAccess - ok 19:18:16.0584 5572 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll 19:18:16.0647 5572 RemoteRegistry - ok 19:18:16.0709 5572 [ 7728B6AEDC83BC0DEFD0A53371D4613B ] RichVideo C:\Program Files\CyberLink\Shared files\RichVideo.exe 19:18:16.0803 5572 RichVideo - ok 19:18:16.0834 5572 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 19:18:16.0912 5572 RpcEptMapper - ok 19:18:16.0943 5572 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe 19:18:17.0021 5572 RpcLocator - ok 19:18:17.0052 5572 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll 19:18:17.0130 5572 RpcSs - ok 19:18:17.0146 5572 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 19:18:17.0255 5572 rspndr - ok 19:18:17.0318 5572 [ 2C358271F0A50167BA3DFB6A2C35607A ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys 19:18:17.0380 5572 RTHDMIAzAudService - ok 19:18:17.0427 5572 [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys 19:18:17.0520 5572 RTL8167 - ok 19:18:17.0552 5572 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys 19:18:17.0661 5572 s3cap - ok 19:18:17.0676 5572 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe 19:18:17.0723 5572 SamSs - ok 19:18:17.0754 5572 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 19:18:17.0832 5572 sbp2port - ok 19:18:17.0864 5572 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll 19:18:17.0942 5572 SCardSvr - ok 19:18:17.0973 5572 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 19:18:18.0035 5572 scfilter - ok 19:18:18.0082 5572 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll 19:18:18.0238 5572 Schedule - ok 19:18:18.0269 5572 [ B9CE591016265A6AED7D215BD88B4610 ] SCL0102K C:\Windows\system32\DRIVERS\SCL0102K.sys 19:18:18.0363 5572 SCL0102K - ok 19:18:18.0394 5572 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll 19:18:18.0456 5572 SCPolicySvc - ok 19:18:18.0472 5572 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll 19:18:18.0597 5572 SDRSVC - ok 19:18:18.0628 5572 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys 19:18:18.0722 5572 secdrv - ok 19:18:18.0753 5572 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll 19:18:18.0831 5572 seclogon - ok 19:18:18.0878 5572 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll 19:18:18.0971 5572 SENS - ok 19:18:18.0987 5572 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll 19:18:19.0065 5572 SensrSvc - ok 19:18:19.0096 5572 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 19:18:19.0174 5572 Serenum - ok 19:18:19.0205 5572 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys 19:18:19.0283 5572 Serial - ok 19:18:19.0314 5572 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 19:18:19.0361 5572 sermouse - ok 19:18:19.0424 5572 [ C3BB6CF8F9EE199005A2AAE2815AD756 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe 19:18:19.0533 5572 ServiceLayer - ok 19:18:19.0564 5572 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll 19:18:19.0658 5572 SessionEnv - ok 19:18:19.0689 5572 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 19:18:19.0782 5572 sffdisk - ok 19:18:19.0798 5572 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 19:18:19.0845 5572 sffp_mmc - ok 19:18:19.0860 5572 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 19:18:19.0923 5572 sffp_sd - ok 19:18:19.0938 5572 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 19:18:19.0985 5572 sfloppy - ok 19:18:20.0001 5572 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 19:18:20.0094 5572 ShellHWDetection - ok 19:18:20.0126 5572 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys 19:18:20.0188 5572 sisagp - ok 19:18:20.0219 5572 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 19:18:20.0250 5572 SiSRaid2 - ok 19:18:20.0266 5572 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 19:18:20.0328 5572 SiSRaid4 - ok 19:18:20.0344 5572 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys 19:18:20.0422 5572 Smb - ok 19:18:20.0484 5572 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 19:18:20.0531 5572 SNMPTRAP - ok 19:18:20.0594 5572 [ 3BB48F7E33C2B76184DDF233000C09CD ] Sony SCSI Helper Service C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe 19:18:20.0672 5572 Sony SCSI Helper Service ( UnsignedFile.Multi.Generic ) - warning 19:18:20.0672 5572 Sony SCSI Helper Service - detected UnsignedFile.Multi.Generic (1) 19:18:20.0703 5572 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys 19:18:20.0750 5572 spldr - ok 19:18:20.0796 5572 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe 19:18:20.0906 5572 Spooler - ok 19:18:21.0015 5572 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe 19:18:21.0296 5572 sppsvc - ok 19:18:21.0327 5572 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll 19:18:21.0389 5572 sppuinotify - ok 19:18:21.0420 5572 [ 956019FB7EEDA191086A9BD446DF3215 ] SPR3322K C:\Windows\system32\DRIVERS\SPR3322K.sys 19:18:21.0514 5572 SPR3322K - ok 19:18:21.0561 5572 [ A199171385BE17973FD800FA91F8F78A ] sptd C:\Windows\system32\Drivers\sptd.sys 19:18:21.0561 5572 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: A199171385BE17973FD800FA91F8F78A 19:18:21.0561 5572 sptd ( LockedFile.Multi.Generic ) - warning 19:18:21.0561 5572 sptd - detected LockedFile.Multi.Generic (1) 19:18:21.0608 5572 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys 19:18:21.0732 5572 srv - ok 19:18:21.0764 5572 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 19:18:21.0842 5572 srv2 - ok 19:18:21.0857 5572 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 19:18:21.0951 5572 srvnet - ok 19:18:21.0966 5572 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 19:18:22.0060 5572 SSDPSRV - ok 19:18:22.0091 5572 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll 19:18:22.0185 5572 SstpSvc - ok 19:18:22.0325 5572 [ B1691AF4A072CB674D600DB16DD7308E ] StarWindServiceAE C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe 19:18:22.0450 5572 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - warning 19:18:22.0450 5572 StarWindServiceAE - detected UnsignedFile.Multi.Generic (1) 19:18:22.0497 5572 [ 9E1222C417291BC836210743624A8E5E ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 19:18:22.0653 5572 Stereo Service - ok 19:18:22.0684 5572 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 19:18:22.0746 5572 stexstor - ok 19:18:22.0793 5572 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll 19:18:22.0934 5572 StiSvc - ok 19:18:22.0965 5572 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys 19:18:23.0027 5572 storflt - ok 19:18:23.0058 5572 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys 19:18:23.0105 5572 storvsc - ok 19:18:23.0136 5572 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys 19:18:23.0199 5572 swenum - ok 19:18:23.0230 5572 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll 19:18:23.0355 5572 swprv - ok 19:18:23.0402 5572 [ CF01636A8753AF8C6B81F49A3404AA5D ] SynoDrService C:\Program Files\Synology Data Replicator 3\SynoDrService.exe 19:18:23.0558 5572 SynoDrService ( UnsignedFile.Multi.Generic ) - warning 19:18:23.0558 5572 SynoDrService - detected UnsignedFile.Multi.Generic (1) 19:18:23.0573 5572 Synth3dVsc - ok 19:18:23.0620 5572 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll 19:18:23.0729 5572 SysMain - ok 19:18:23.0760 5572 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll 19:18:23.0838 5572 TabletInputService - ok 19:18:23.0870 5572 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll 19:18:23.0948 5572 TapiSrv - ok 19:18:23.0979 5572 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll 19:18:24.0041 5572 TBS - ok 19:18:24.0088 5572 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys 19:18:24.0353 5572 Tcpip - ok 19:18:24.0400 5572 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 19:18:24.0540 5572 TCPIP6 - ok 19:18:24.0572 5572 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 19:18:24.0650 5572 tcpipreg - ok 19:18:24.0681 5572 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 19:18:24.0774 5572 TDPIPE - ok 19:18:24.0790 5572 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 19:18:24.0868 5572 TDTCP - ok 19:18:24.0899 5572 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 19:18:25.0008 5572 tdx - ok 19:18:25.0086 5572 [ 5D528200679C3B4595B4237E02C077D5 ] TelekomNM3 C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys 19:18:25.0180 5572 TelekomNM3 - ok 19:18:25.0211 5572 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys 19:18:25.0258 5572 TermDD - ok 19:18:25.0289 5572 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll 19:18:25.0398 5572 TermService - ok 19:18:25.0414 5572 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll 19:18:25.0461 5572 Themes - ok 19:18:25.0476 5572 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll 19:18:25.0539 5572 THREADORDER - ok 19:18:25.0617 5572 [ 3199A477F0F06EEDE41BD55179F8EB05 ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe 19:18:25.0664 5572 TomTomHOMEService - ok 19:18:25.0679 5572 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll 19:18:25.0788 5572 TrkWks - ok 19:18:25.0835 5572 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 19:18:25.0913 5572 TrustedInstaller - ok 19:18:25.0944 5572 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 19:18:26.0022 5572 tssecsrv - ok 19:18:26.0054 5572 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 19:18:26.0147 5572 TsUsbFlt - ok 19:18:26.0163 5572 tsusbhub - ok 19:18:26.0210 5572 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 19:18:26.0303 5572 tunnel - ok 19:18:26.0366 5572 [ 711561440FDC396CB6E4C69C13375A38 ] tvnserver C:\Program Files\TightVNC\tvnserver.exe 19:18:26.0506 5572 tvnserver - ok 19:18:26.0537 5572 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 19:18:26.0600 5572 uagp35 - ok 19:18:26.0600 5572 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys 19:18:26.0709 5572 udfs - ok 19:18:26.0740 5572 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe 19:18:26.0865 5572 UI0Detect - ok 19:18:26.0912 5572 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 19:18:26.0974 5572 uliagpkx - ok 19:18:27.0005 5572 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys 19:18:27.0052 5572 umbus - ok 19:18:27.0068 5572 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 19:18:27.0114 5572 UmPass - ok 19:18:27.0146 5572 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll 19:18:27.0224 5572 UmRdpService - ok 19:18:27.0255 5572 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll 19:18:27.0333 5572 upnphost - ok 19:18:27.0380 5572 [ 47F5F9D837D80FFD5882A14DB9DA0A67 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerflt.sys 19:18:27.0426 5572 upperdev - ok 19:18:27.0473 5572 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys 19:18:27.0536 5572 USBAAPL - ok 19:18:27.0567 5572 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 19:18:27.0629 5572 usbaudio - ok 19:18:27.0660 5572 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 19:18:27.0738 5572 usbccgp - ok 19:18:27.0770 5572 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys 19:18:27.0816 5572 usbcir - ok 19:18:27.0894 5572 [ 6AF12011C88C80920D0543616E107CFF ] UsbClientService C:\Program Files\Synology\Assistant\UsbClientService.exe 19:18:28.0004 5572 UsbClientService ( UnsignedFile.Multi.Generic ) - warning 19:18:28.0004 5572 UsbClientService - detected UnsignedFile.Multi.Generic (1) 19:18:28.0035 5572 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 19:18:28.0097 5572 usbehci - ok 19:18:28.0160 5572 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 19:18:28.0284 5572 usbhub - ok 19:18:28.0316 5572 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys 19:18:28.0362 5572 usbohci - ok 19:18:28.0394 5572 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 19:18:28.0440 5572 usbprint - ok 19:18:28.0518 5572 [ 31181DE6190B39FC8007DFFD1A48FFD6 ] usbser C:\Windows\system32\drivers\usbser.sys 19:18:28.0596 5572 usbser - ok 19:18:28.0628 5572 [ E44F0D17BE0908B58DCC99CCB99C6C32 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys 19:18:28.0706 5572 UsbserFilt - ok 19:18:28.0752 5572 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 19:18:28.0830 5572 USBSTOR - ok 19:18:28.0846 5572 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 19:18:28.0893 5572 usbuhci - ok 19:18:28.0908 5572 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll 19:18:29.0002 5572 UxSms - ok 19:18:29.0018 5572 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe 19:18:29.0064 5572 VaultSvc - ok 19:18:29.0096 5572 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 19:18:29.0158 5572 vdrvroot - ok 19:18:29.0205 5572 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe 19:18:29.0298 5572 vds - ok 19:18:29.0330 5572 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 19:18:29.0376 5572 vga - ok 19:18:29.0408 5572 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys 19:18:29.0470 5572 VgaSave - ok 19:18:29.0486 5572 VGPU - ok 19:18:29.0532 5572 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 19:18:29.0595 5572 vhdmp - ok 19:18:29.0626 5572 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys 19:18:29.0673 5572 viaagp - ok 19:18:29.0688 5572 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys 19:18:29.0751 5572 ViaC7 - ok 19:18:29.0782 5572 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys 19:18:29.0813 5572 viaide - ok 19:18:29.0844 5572 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys 19:18:29.0907 5572 vmbus - ok 19:18:29.0922 5572 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 19:18:29.0969 5572 VMBusHID - ok 19:18:30.0000 5572 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys 19:18:30.0047 5572 volmgr - ok 19:18:30.0063 5572 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 19:18:30.0125 5572 volmgrx - ok 19:18:30.0156 5572 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys 19:18:30.0250 5572 volsnap - ok 19:18:30.0297 5572 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 19:18:30.0359 5572 vsmraid - ok 19:18:30.0390 5572 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe 19:18:30.0546 5572 VSS - ok 19:18:30.0562 5572 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 19:18:30.0624 5572 vwifibus - ok 19:18:30.0656 5572 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll 19:18:30.0765 5572 W32Time - ok 19:18:30.0796 5572 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 19:18:30.0874 5572 WacomPen - ok 19:18:30.0905 5572 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 19:18:30.0983 5572 WANARP - ok 19:18:30.0983 5572 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 19:18:31.0046 5572 Wanarpv6 - ok 19:18:31.0124 5572 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe 19:18:31.0280 5572 wbengine - ok 19:18:31.0311 5572 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 19:18:31.0389 5572 WbioSrvc - ok 19:18:31.0420 5572 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll 19:18:31.0498 5572 wcncsvc - ok 19:18:31.0529 5572 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 19:18:31.0607 5572 WcsPlugInService - ok 19:18:31.0623 5572 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys 19:18:31.0670 5572 Wd - ok 19:18:31.0701 5572 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 19:18:31.0810 5572 Wdf01000 - ok 19:18:31.0826 5572 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll 19:18:31.0966 5572 WdiServiceHost - ok 19:18:31.0966 5572 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll 19:18:32.0013 5572 WdiSystemHost - ok 19:18:32.0044 5572 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll 19:18:32.0138 5572 WebClient - ok 19:18:32.0184 5572 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll 19:18:32.0262 5572 Wecsvc - ok 19:18:32.0294 5572 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll 19:18:32.0372 5572 wercplsupport - ok 19:18:32.0403 5572 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll 19:18:32.0481 5572 WerSvc - ok 19:18:32.0512 5572 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 19:18:32.0559 5572 WfpLwf - ok 19:18:32.0574 5572 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys 19:18:32.0621 5572 WIMMount - ok 19:18:32.0699 5572 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 19:18:32.0793 5572 WinDefend - ok 19:18:32.0840 5572 [ CE291805CB4CD561A5A569DF4E28E41F ] windrvNT C:\Windows\system32\windrvNT.sys 19:18:32.0902 5572 windrvNT ( UnsignedFile.Multi.Generic ) - warning 19:18:32.0902 5572 windrvNT - detected UnsignedFile.Multi.Generic (1) 19:18:32.0918 5572 WinHttpAutoProxySvc - ok 19:18:32.0964 5572 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 19:18:33.0042 5572 Winmgmt - ok 19:18:33.0089 5572 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll 19:18:33.0245 5572 WinRM - ok 19:18:33.0308 5572 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 19:18:33.0417 5572 WinUsb - ok 19:18:33.0464 5572 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll 19:18:33.0604 5572 Wlansvc - ok 19:18:33.0635 5572 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 19:18:33.0682 5572 WmiAcpi - ok 19:18:33.0713 5572 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 19:18:33.0822 5572 wmiApSrv - ok 19:18:33.0900 5572 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 19:18:34.0119 5572 WMPNetworkSvc - ok 19:18:34.0150 5572 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll 19:18:34.0212 5572 WPCSvc - ok 19:18:34.0244 5572 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 19:18:34.0337 5572 WPDBusEnum - ok 19:18:34.0368 5572 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 19:18:34.0462 5572 ws2ifsl - ok 19:18:34.0493 5572 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll 19:18:34.0587 5572 wscsvc - ok 19:18:34.0587 5572 WSearch - ok 19:18:34.0680 5572 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll 19:18:34.0836 5572 wuauserv - ok 19:18:34.0868 5572 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 19:18:34.0961 5572 WudfPf - ok 19:18:35.0008 5572 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 19:18:35.0086 5572 WUDFRd - ok 19:18:35.0117 5572 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 19:18:35.0211 5572 wudfsvc - ok 19:18:35.0258 5572 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll 19:18:35.0320 5572 WwanSvc - ok 19:18:35.0414 5572 [ 82FA1A47C2BB762203BFAFFCFE2ECF47 ] zoneLINKDefrag C:\Program Files\SystemUp 2009\Tuning\DefragService.exe 19:18:35.0788 5572 zoneLINKDefrag - ok 19:18:35.0928 5572 [ 5530FFC979CAEAF7A91F4C6DFFEFD26D ] {73526619-C24F-470B-9BED-53D455FBB5C6} C:\Program Files\CyberLink\PowerDVD12\Common\NavFilter\000.fcl 19:18:36.0084 5572 {73526619-C24F-470B-9BED-53D455FBB5C6} - ok 19:18:36.0084 5572 ================ Scan global =============================== 19:18:36.0116 5572 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll 19:18:36.0147 5572 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll 19:18:36.0162 5572 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll 19:18:36.0194 5572 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll 19:18:36.0209 5572 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe 19:18:36.0225 5572 [Global] - ok 19:18:36.0225 5572 ================ Scan MBR ================================== 19:18:36.0240 5572 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 19:18:36.0521 5572 \Device\Harddisk0\DR0 - ok 19:18:36.0537 5572 [ 739B36F7A373FC81121D831231B6D311 ] \Device\Harddisk1\DR1 19:18:36.0818 5572 \Device\Harddisk1\DR1 - ok 19:18:36.0818 5572 ================ Scan VBR ================================== 19:18:36.0818 5572 [ 69AF3713995C2DD5F5AEE54C01EFCA65 ] \Device\Harddisk0\DR0\Partition1 19:18:36.0818 5572 \Device\Harddisk0\DR0\Partition1 - ok 19:18:36.0849 5572 [ 25D26633F4EA6856BAD1A8704AE21888 ] \Device\Harddisk0\DR0\Partition2 19:18:36.0849 5572 \Device\Harddisk0\DR0\Partition2 - ok 19:18:36.0849 5572 [ B325D9E06FFFA375D76F0F53B62364BD ] \Device\Harddisk1\DR1\Partition1 19:18:36.0849 5572 \Device\Harddisk1\DR1\Partition1 - ok 19:18:36.0849 5572 ============================================================ 19:18:36.0849 5572 Scan finished 19:18:36.0849 5572 ============================================================ 19:18:36.0864 4636 Detected object count: 12 19:18:36.0864 4636 Actual detected object count: 12 19:19:03.0026 4636 catchme ( UnsignedFile.Multi.Generic ) - skipped by user 19:19:03.0026 4636 catchme ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:19:03.0026 4636 DfSdkS ( UnsignedFile.Multi.Generic ) - skipped by user 19:19:03.0026 4636 DfSdkS ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:19:03.0026 4636 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - skipped by user 19:19:03.0026 4636 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:19:03.0026 4636 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 19:19:03.0026 4636 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:19:03.0041 4636 Netzmanager Service ( UnsignedFile.Multi.Generic ) - skipped by user 19:19:03.0041 4636 Netzmanager Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:19:03.0041 4636 PEVSystemStart ( UnsignedFile.Multi.Generic ) - skipped by user 19:19:03.0041 4636 PEVSystemStart ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:19:03.0041 4636 Sony SCSI Helper Service ( UnsignedFile.Multi.Generic ) - skipped by user 19:19:03.0041 4636 Sony SCSI Helper Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:19:03.0041 4636 sptd ( LockedFile.Multi.Generic ) - skipped by user 19:19:03.0041 4636 sptd ( LockedFile.Multi.Generic ) - User select action: Skip 19:19:03.0041 4636 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - skipped by user 19:19:03.0041 4636 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:19:03.0041 4636 SynoDrService ( UnsignedFile.Multi.Generic ) - skipped by user 19:19:03.0041 4636 SynoDrService ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:19:03.0041 4636 UsbClientService ( UnsignedFile.Multi.Generic ) - skipped by user 19:19:03.0041 4636 UsbClientService ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:19:03.0041 4636 windrvNT ( UnsignedFile.Multi.Generic ) - skipped by user 19:19:03.0041 4636 windrvNT ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:41:16.0902 4408 Deinitialize success |
|
29.10.2012, 21:07
| #14 |
| /// Malware-holic | Email Port25 gesperrt hast du noch mehr pcs oder ist das der einzige?
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
29.10.2012, 22:01
| #15 |
| | Email Port25 gesperrt ist der einzige abgesehen von einem ipad, das über das gleiche heimnetz läuft |
|
| Themen zu Email Port25 gesperrt |
| account, email, gesperrt, komplett, laufe, laufen, port, problem, quick, scan, sende, sperrt |
Linear-Darstellung
