Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
web.de "mail deliver failed..."

web.de "mail deliver failed..."


Plagegeister aller Art und deren Bekämpfung: web.de "mail deliver failed..."

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 2 von 2 1 2
Alt 20.11.2012, 22:55   #16
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
web.de "mail deliver failed..." - Standard

web.de "mail deliver failed..."


Irgendwie scheint die Nachricht wohl aber doch über web.de geschickt worden zu sein, irgendwie hab ich das zuerst falsch gesehen

Edit: hab mich verklickt

1. aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.


2. TDSS-Killer

Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 20.11.2012, 23:15   #17
BieneTVB
 
web.de "mail deliver failed..." - Standard

web.de "mail deliver failed..."


Code:
ATTFilter
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-20 23:05:41
-----------------------------
23:05:41.770    OS Version: Windows x64 6.1.7601 Service Pack 1
23:05:41.770    Number of processors: 4 586 0x2A07
23:05:41.770    ComputerName: HAGEMANN-PC  UserName: Hagemann
23:05:41.880    Initialize success
23:05:41.920    AVAST engine defs: 12112000
23:05:57.802    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
23:05:57.812    Disk 0 Vendor: SAMSUNG_SSD_830_Series CXM03B1Q Size: 122104MB BusType: 11
23:05:57.812    Disk 1  \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-10
23:05:57.812    Disk 1 Vendor: Hitachi_HDS721010DLE630 MS2OA610 Size: 953869MB BusType: 11
23:05:57.812    Disk 0 MBR read successfully
23:05:57.812    Disk 0 MBR scan
23:05:57.812    Disk 0 Windows 7 default MBR code
23:05:57.822    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
23:05:57.822    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       122002 MB offset 206848
23:05:57.822    Disk 0 scanning C:\Windows\system32\drivers
23:05:58.720    Service scanning
23:06:01.190    Modules scanning
23:06:01.190    Disk 0 trace - called modules:
23:06:01.190    ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll asahci64.sys 
23:06:01.200    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006f08060]
23:06:01.200    3 CLASSPNP.SYS[fffff88001ba543f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0xfffffa8006cfe060]
23:06:01.320    AVAST engine scan C:\Windows
23:06:01.510    AVAST engine scan C:\Windows\system32
23:06:19.131    AVAST engine scan C:\Windows\system32\drivers
23:06:20.271    AVAST engine scan C:\Users\Hagemann
23:06:23.691    AVAST engine scan C:\ProgramData
23:06:28.871    Scan finished successfully
23:08:47.070    Disk 0 MBR has been saved successfully to "C:\Users\Hagemann\Desktop\MBR.dat"
23:08:47.070    The log file has been saved successfully to "C:\Users\Hagemann\Desktop\aswMBR.txt"
Code:
ATTFilter
23:09:21.0630 6020  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
23:09:21.0890 6020  ============================================================
23:09:21.0890 6020  Current date / time: 2012/11/20 23:09:21.0890
23:09:21.0890 6020  SystemInfo:
23:09:21.0890 6020  
23:09:21.0890 6020  OS Version: 6.1.7601 ServicePack: 1.0
23:09:21.0890 6020  Product type: Workstation
23:09:21.0890 6020  ComputerName: HAGEMANN-PC
23:09:21.0890 6020  UserName: Hagemann
23:09:21.0890 6020  Windows directory: C:\Windows
23:09:21.0890 6020  System windows directory: C:\Windows
23:09:21.0890 6020  Running under WOW64
23:09:21.0890 6020  Processor architecture: Intel x64
23:09:21.0890 6020  Number of processors: 4
23:09:21.0890 6020  Page size: 0x1000
23:09:21.0890 6020  Boot type: Normal boot
23:09:21.0890 6020  ============================================================
23:09:22.0080 6020  Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 (119.24 Gb), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:09:27.0730 6020  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:09:27.0750 6020  ============================================================
23:09:27.0750 6020  \Device\Harddisk0\DR0:
23:09:27.0750 6020  MBR partitions:
23:09:27.0750 6020  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:09:27.0750 6020  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
23:09:27.0750 6020  \Device\Harddisk1\DR1:
23:09:27.0760 6020  MBR partitions:
23:09:27.0760 6020  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
23:09:27.0760 6020  ============================================================
23:09:27.0760 6020  C: <-> \Device\Harddisk0\DR0\Partition2
23:09:27.0770 6020  D: <-> \Device\Harddisk1\DR1\Partition1
23:09:27.0770 6020  ============================================================
23:09:27.0770 6020  Initialize success
23:09:27.0770 6020  ============================================================
23:10:02.0661 6132  ============================================================
23:10:02.0661 6132  Scan started
23:10:02.0661 6132  Mode: Manual; SigCheck; TDLFS; 
23:10:02.0661 6132  ============================================================
23:10:02.0771 6132  ================ Scan system memory ========================
23:10:02.0771 6132  System memory - ok
23:10:02.0771 6132  ================ Scan services =============================
23:10:02.0802 6132  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
23:10:02.0842 6132  1394ohci - ok
23:10:02.0842 6132  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
23:10:02.0852 6132  ACPI - ok
23:10:02.0862 6132  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
23:10:02.0872 6132  AcpiPmi - ok
23:10:02.0872 6132  [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:10:02.0882 6132  AdobeARMservice - ok
23:10:02.0902 6132  [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:10:02.0912 6132  AdobeFlashPlayerUpdateSvc - ok
23:10:02.0912 6132  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
23:10:02.0932 6132  adp94xx - ok
23:10:02.0932 6132  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
23:10:02.0942 6132  adpahci - ok
23:10:02.0952 6132  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
23:10:02.0952 6132  adpu320 - ok
23:10:02.0962 6132  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:10:02.0982 6132  AeLookupSvc - ok
23:10:02.0992 6132  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
23:10:03.0002 6132  AFD - ok
23:10:03.0002 6132  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
23:10:03.0012 6132  agp440 - ok
23:10:03.0012 6132  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
23:10:03.0022 6132  ALG - ok
23:10:03.0032 6132  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
23:10:03.0032 6132  aliide - ok
23:10:03.0042 6132  [ 4C1E3649C89C7D542CD18ECC5210099D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
23:10:03.0052 6132  AMD External Events Utility - ok
23:10:03.0052 6132  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
23:10:03.0062 6132  amdide - ok
23:10:03.0062 6132  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
23:10:03.0072 6132  AmdK8 - ok
23:10:03.0142 6132  [ A3C0A15B39F979E8F3EABA901D72ECD7 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
23:10:03.0252 6132  amdkmdag - ok
23:10:03.0252 6132  [ 20F3CD38B107C1BD747C0EA37D450165 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
23:10:03.0272 6132  amdkmdap - ok
23:10:03.0272 6132  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
23:10:03.0282 6132  AmdPPM - ok
23:10:03.0282 6132  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
23:10:03.0292 6132  amdsata - ok
23:10:03.0292 6132  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
23:10:03.0302 6132  amdsbs - ok
23:10:03.0302 6132  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
23:10:03.0312 6132  amdxata - ok
23:10:03.0312 6132  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
23:10:03.0332 6132  AppID - ok
23:10:03.0342 6132  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:10:03.0362 6132  AppIDSvc - ok
23:10:03.0362 6132  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
23:10:03.0382 6132  Appinfo - ok
23:10:03.0392 6132  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:10:03.0392 6132  Apple Mobile Device - ok
23:10:03.0402 6132  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
23:10:03.0402 6132  arc - ok
23:10:03.0412 6132  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
23:10:03.0412 6132  arcsas - ok
23:10:03.0422 6132  [ D7989234601A2DE9A1801F4ED9533B6E ] asahci64        C:\Windows\system32\DRIVERS\asahci64.sys
23:10:03.0432 6132  asahci64 - ok
23:10:03.0432 6132  [ 22842362DF890F5492F85AA60916A697 ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
23:10:03.0442 6132  asmthub3 - ok
23:10:03.0452 6132  [ 08E2D77766CC05E75A0707207D9FC684 ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
23:10:03.0462 6132  asmtxhci - ok
23:10:03.0462 6132  [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
23:10:03.0472 6132  aswFsBlk - ok
23:10:03.0472 6132  [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
23:10:03.0482 6132  aswMonFlt - ok
23:10:03.0482 6132  [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
23:10:03.0492 6132  aswRdr - ok
23:10:03.0502 6132  [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
23:10:03.0512 6132  aswSnx - ok
23:10:03.0522 6132  [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
23:10:03.0532 6132  aswSP - ok
23:10:03.0532 6132  [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
23:10:03.0542 6132  aswTdi - ok
23:10:03.0542 6132  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:10:03.0562 6132  AsyncMac - ok
23:10:03.0562 6132  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
23:10:03.0572 6132  atapi - ok
23:10:03.0592 6132  [ EA0AF9B866DF07E8FE6C2342585788B0 ] athur           C:\Windows\system32\DRIVERS\athurx.sys
23:10:03.0612 6132  athur - ok
23:10:03.0612 6132  [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
23:10:03.0622 6132  AtiHDAudioService - ok
23:10:03.0632 6132  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:10:03.0662 6132  AudioEndpointBuilder - ok
23:10:03.0662 6132  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
23:10:03.0692 6132  AudioSrv - ok
23:10:03.0692 6132  [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
23:10:03.0702 6132  avast! Antivirus - ok
23:10:03.0702 6132  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:10:03.0722 6132  AxInstSV - ok
23:10:03.0722 6132  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
23:10:03.0732 6132  b06bdrv - ok
23:10:03.0742 6132  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
23:10:03.0752 6132  b57nd60a - ok
23:10:03.0752 6132  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:10:03.0762 6132  BDESVC - ok
23:10:03.0762 6132  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:10:03.0792 6132  Beep - ok
23:10:03.0792 6132  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
23:10:03.0822 6132  BFE - ok
23:10:03.0832 6132  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
23:10:03.0862 6132  BITS - ok
23:10:03.0872 6132  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
23:10:03.0872 6132  blbdrive - ok
23:10:03.0882 6132  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:10:03.0892 6132  Bonjour Service - ok
23:10:03.0892 6132  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:10:03.0902 6132  bowser - ok
23:10:03.0902 6132  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
23:10:03.0912 6132  BrFiltLo - ok
23:10:03.0922 6132  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
23:10:03.0932 6132  BrFiltUp - ok
23:10:03.0932 6132  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
23:10:03.0942 6132  Browser - ok
23:10:03.0942 6132  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
23:10:03.0952 6132  Brserid - ok
23:10:03.0962 6132  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
23:10:03.0972 6132  BrSerWdm - ok
23:10:03.0972 6132  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
23:10:03.0982 6132  BrUsbMdm - ok
23:10:03.0982 6132  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
23:10:03.0992 6132  BrUsbSer - ok
23:10:03.0992 6132  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
23:10:04.0002 6132  BTHMODEM - ok
23:10:04.0002 6132  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
23:10:04.0032 6132  bthserv - ok
23:10:04.0032 6132  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:10:04.0052 6132  cdfs - ok
23:10:04.0062 6132  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
23:10:04.0072 6132  cdrom - ok
23:10:04.0072 6132  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
23:10:04.0092 6132  CertPropSvc - ok
23:10:04.0092 6132  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
23:10:04.0102 6132  circlass - ok
23:10:04.0112 6132  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
23:10:04.0122 6132  CLFS - ok
23:10:04.0132 6132  [ 524DC3807CB1746225F9D26ADD19C319 ] CLKMSVC10_38F51D56 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
23:10:04.0142 6132  CLKMSVC10_38F51D56 - ok
23:10:04.0152 6132  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:10:04.0152 6132  clr_optimization_v2.0.50727_32 - ok
23:10:04.0162 6132  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:10:04.0172 6132  clr_optimization_v2.0.50727_64 - ok
23:10:04.0182 6132  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:10:04.0182 6132  clr_optimization_v4.0.30319_32 - ok
23:10:04.0192 6132  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:10:04.0202 6132  clr_optimization_v4.0.30319_64 - ok
23:10:04.0202 6132  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
23:10:04.0212 6132  CmBatt - ok
23:10:04.0212 6132  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
23:10:04.0222 6132  cmdide - ok
23:10:04.0222 6132  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
23:10:04.0242 6132  CNG - ok
23:10:04.0242 6132  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
23:10:04.0252 6132  Compbatt - ok
23:10:04.0252 6132  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
23:10:04.0262 6132  CompositeBus - ok
23:10:04.0272 6132  COMSysApp - ok
23:10:04.0272 6132  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
23:10:04.0282 6132  crcdisk - ok
23:10:04.0282 6132  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:10:04.0292 6132  CryptSvc - ok
23:10:04.0302 6132  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:10:04.0332 6132  DcomLaunch - ok
23:10:04.0332 6132  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
23:10:04.0362 6132  defragsvc - ok
23:10:04.0362 6132  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:10:04.0382 6132  DfsC - ok
23:10:04.0392 6132  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:10:04.0402 6132  Dhcp - ok
23:10:04.0402 6132  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
23:10:04.0422 6132  discache - ok
23:10:04.0432 6132  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
23:10:04.0432 6132  Disk - ok
23:10:04.0442 6132  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:10:04.0452 6132  Dnscache - ok
23:10:04.0452 6132  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
23:10:04.0482 6132  dot3svc - ok
23:10:04.0482 6132  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
23:10:04.0502 6132  DPS - ok
23:10:04.0512 6132  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:10:04.0522 6132  drmkaud - ok
23:10:04.0532 6132  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:10:04.0542 6132  DXGKrnl - ok
23:10:04.0542 6132  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
23:10:04.0572 6132  EapHost - ok
23:10:04.0592 6132  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
23:10:04.0632 6132  ebdrv - ok
23:10:04.0632 6132  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
23:10:04.0642 6132  EFS - ok
23:10:04.0652 6132  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
23:10:04.0672 6132  ehRecvr - ok
23:10:04.0672 6132  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
23:10:04.0682 6132  ehSched - ok
23:10:04.0692 6132  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
23:10:04.0692 6132  elxstor - ok
23:10:04.0692 6132  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
23:10:04.0708 6132  ErrDev - ok
23:10:04.0708 6132  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
23:10:04.0739 6132  EventSystem - ok
23:10:04.0739 6132  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
23:10:04.0770 6132  exfat - ok
23:10:04.0770 6132  Fabs - ok
23:10:04.0770 6132  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:10:04.0801 6132  fastfat - ok
23:10:04.0801 6132  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
23:10:04.0817 6132  Fax - ok
23:10:04.0817 6132  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
23:10:04.0832 6132  fdc - ok
23:10:04.0832 6132  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
23:10:04.0864 6132  fdPHost - ok
23:10:04.0864 6132  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:10:04.0879 6132  FDResPub - ok
23:10:04.0879 6132  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:10:04.0895 6132  FileInfo - ok
23:10:04.0895 6132  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:10:04.0926 6132  Filetrace - ok
23:10:04.0942 6132  [ 5BD96D8C5411ACE71A7EAACAF0EF2903 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
23:10:04.0972 6132  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
23:10:04.0972 6132  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
23:10:04.0972 6132  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
23:10:04.0982 6132  flpydisk - ok
23:10:04.0992 6132  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:10:05.0002 6132  FltMgr - ok
23:10:05.0012 6132  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
23:10:05.0022 6132  FontCache - ok
23:10:05.0032 6132  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:10:05.0032 6132  FontCache3.0.0.0 - ok
23:10:05.0032 6132  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:10:05.0042 6132  FsDepends - ok
23:10:05.0042 6132  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:10:05.0052 6132  Fs_Rec - ok
23:10:05.0052 6132  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:10:05.0062 6132  fvevol - ok
23:10:05.0072 6132  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
23:10:05.0072 6132  gagp30kx - ok
23:10:05.0082 6132  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:10:05.0082 6132  GEARAspiWDM - ok
23:10:05.0092 6132  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
23:10:05.0122 6132  gpsvc - ok
23:10:05.0122 6132  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:10:05.0132 6132  gupdate - ok
23:10:05.0132 6132  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:10:05.0142 6132  gupdatem - ok
23:10:05.0142 6132  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
23:10:05.0152 6132  hcw85cir - ok
23:10:05.0152 6132  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:10:05.0172 6132  HdAudAddService - ok
23:10:05.0172 6132  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
23:10:05.0182 6132  HDAudBus - ok
23:10:05.0182 6132  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
23:10:05.0192 6132  HidBatt - ok
23:10:05.0192 6132  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
23:10:05.0202 6132  HidBth - ok
23:10:05.0212 6132  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
23:10:05.0222 6132  HidIr - ok
23:10:05.0222 6132  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
23:10:05.0242 6132  hidserv - ok
23:10:05.0242 6132  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:10:05.0252 6132  HidUsb - ok
23:10:05.0252 6132  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:10:05.0282 6132  hkmsvc - ok
23:10:05.0282 6132  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:10:05.0292 6132  HomeGroupListener - ok
23:10:05.0302 6132  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:10:05.0312 6132  HomeGroupProvider - ok
23:10:05.0312 6132  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
23:10:05.0322 6132  HpSAMD - ok
23:10:05.0332 6132  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:10:05.0362 6132  HTTP - ok
23:10:05.0362 6132  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:10:05.0362 6132  hwpolicy - ok
23:10:05.0372 6132  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
23:10:05.0382 6132  i8042prt - ok
23:10:05.0382 6132  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
23:10:05.0392 6132  iaStorV - ok
23:10:05.0402 6132  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:10:05.0422 6132  idsvc - ok
23:10:05.0422 6132  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
23:10:05.0432 6132  iirsp - ok
23:10:05.0442 6132  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
23:10:05.0472 6132  IKEEXT - ok
23:10:05.0502 6132  [ 150AC23F21DBDBF8488408BA944B0D65 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:10:05.0552 6132  IntcAzAudAddService - ok
23:10:05.0562 6132  [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
23:10:05.0572 6132  Intel(R) Capability Licensing Service Interface - ok
23:10:05.0572 6132  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
23:10:05.0582 6132  intelide - ok
23:10:05.0582 6132  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:10:05.0592 6132  intelppm - ok
23:10:05.0592 6132  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:10:05.0622 6132  IPBusEnum - ok
23:10:05.0622 6132  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:10:05.0642 6132  IpFilterDriver - ok
23:10:05.0652 6132  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:10:05.0662 6132  iphlpsvc - ok
23:10:05.0672 6132  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
23:10:05.0672 6132  IPMIDRV - ok
23:10:05.0682 6132  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:10:05.0702 6132  IPNAT - ok
23:10:05.0712 6132  [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
23:10:05.0732 6132  iPod Service - ok
23:10:05.0732 6132  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:10:05.0742 6132  IRENUM - ok
23:10:05.0742 6132  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:10:05.0752 6132  isapnp - ok
23:10:05.0752 6132  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
23:10:05.0762 6132  iScsiPrt - ok
23:10:05.0772 6132  [ C44B44E24B929631D9D7368F5B2B40CF ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
23:10:05.0782 6132  jhi_service - ok
23:10:05.0782 6132  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
23:10:05.0792 6132  kbdclass - ok
23:10:05.0792 6132  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
23:10:05.0802 6132  kbdhid - ok
23:10:05.0802 6132  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
23:10:05.0812 6132  KeyIso - ok
23:10:05.0812 6132  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:10:05.0822 6132  KSecDD - ok
23:10:05.0822 6132  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:10:05.0832 6132  KSecPkg - ok
23:10:05.0832 6132  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
23:10:05.0852 6132  ksthunk - ok
23:10:05.0862 6132  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:10:05.0882 6132  KtmRm - ok
23:10:05.0892 6132  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
23:10:05.0912 6132  LanmanServer - ok
23:10:05.0922 6132  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:10:05.0942 6132  LanmanWorkstation - ok
23:10:05.0952 6132  [ C34411A244029F1C08687F7C752C4563 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
23:10:05.0952 6132  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
23:10:05.0952 6132  LightScribeService - detected UnsignedFile.Multi.Generic (1)
23:10:05.0952 6132  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:10:05.0972 6132  lltdio - ok
23:10:05.0982 6132  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:10:06.0002 6132  lltdsvc - ok
23:10:06.0012 6132  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:10:06.0032 6132  lmhosts - ok
23:10:06.0042 6132  [ 75F29D77B0540FCF47EE3BE000BBABDA ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
23:10:06.0042 6132  LMS - ok
23:10:06.0052 6132  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
23:10:06.0062 6132  LSI_FC - ok
23:10:06.0062 6132  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
23:10:06.0072 6132  LSI_SAS - ok
23:10:06.0072 6132  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
23:10:06.0082 6132  LSI_SAS2 - ok
23:10:06.0082 6132  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
23:10:06.0092 6132  LSI_SCSI - ok
23:10:06.0092 6132  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
23:10:06.0112 6132  luafv - ok
23:10:06.0122 6132  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
23:10:06.0132 6132  Mcx2Svc - ok
23:10:06.0132 6132  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
23:10:06.0142 6132  megasas - ok
23:10:06.0142 6132  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
23:10:06.0152 6132  MegaSR - ok
23:10:06.0152 6132  [ 6B01B7414A105B9E51652089A03027CF ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
23:10:06.0162 6132  MEIx64 - ok
23:10:06.0162 6132  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
23:10:06.0192 6132  MMCSS - ok
23:10:06.0192 6132  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
23:10:06.0212 6132  Modem - ok
23:10:06.0212 6132  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:10:06.0222 6132  monitor - ok
23:10:06.0222 6132  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:10:06.0232 6132  mouclass - ok
23:10:06.0232 6132  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:10:06.0242 6132  mouhid - ok
23:10:06.0252 6132  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:10:06.0252 6132  mountmgr - ok
23:10:06.0262 6132  [ 313265CF4F5F02ED927774DA1DB3FE00 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:10:06.0262 6132  MozillaMaintenance - ok
23:10:06.0272 6132  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
23:10:06.0272 6132  mpio - ok
23:10:06.0282 6132  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:10:06.0302 6132  mpsdrv - ok
23:10:06.0312 6132  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:10:06.0342 6132  MpsSvc - ok
23:10:06.0342 6132  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:10:06.0352 6132  MRxDAV - ok
23:10:06.0362 6132  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:10:06.0372 6132  mrxsmb - ok
23:10:06.0372 6132  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:10:06.0382 6132  mrxsmb10 - ok
23:10:06.0382 6132  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:10:06.0392 6132  mrxsmb20 - ok
23:10:06.0392 6132  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
23:10:06.0402 6132  msahci - ok
23:10:06.0402 6132  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
23:10:06.0412 6132  msdsm - ok
23:10:06.0422 6132  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
23:10:06.0432 6132  MSDTC - ok
23:10:06.0432 6132  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:10:06.0452 6132  Msfs - ok
23:10:06.0462 6132  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:10:06.0482 6132  mshidkmdf - ok
23:10:06.0482 6132  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:10:06.0492 6132  msisadrv - ok
23:10:06.0492 6132  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:10:06.0512 6132  MSiSCSI - ok
23:10:06.0522 6132  msiserver - ok
23:10:06.0522 6132  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:10:06.0542 6132  MSKSSRV - ok
23:10:06.0542 6132  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:10:06.0562 6132  MSPCLOCK - ok
23:10:06.0572 6132  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:10:06.0592 6132  MSPQM - ok
23:10:06.0592 6132  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:10:06.0602 6132  MsRPC - ok
23:10:06.0612 6132  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
23:10:06.0612 6132  mssmbios - ok
23:10:06.0622 6132  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:10:06.0642 6132  MSTEE - ok
23:10:06.0642 6132  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
23:10:06.0652 6132  MTConfig - ok
23:10:06.0652 6132  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
23:10:06.0662 6132  Mup - ok
23:10:06.0662 6132  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
23:10:06.0692 6132  napagent - ok
23:10:06.0702 6132  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:10:06.0712 6132  NativeWifiP - ok
23:10:06.0722 6132  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:10:06.0742 6132  NDIS - ok
23:10:06.0742 6132  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
23:10:06.0762 6132  NdisCap - ok
23:10:06.0772 6132  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:10:06.0792 6132  NdisTapi - ok
23:10:06.0792 6132  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:10:06.0812 6132  Ndisuio - ok
23:10:06.0822 6132  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:10:06.0842 6132  NdisWan - ok
23:10:06.0842 6132  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:10:06.0862 6132  NDProxy - ok
23:10:06.0862 6132  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:10:06.0892 6132  NetBIOS - ok
23:10:06.0892 6132  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:10:06.0912 6132  NetBT - ok
23:10:06.0922 6132  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
23:10:06.0922 6132  Netlogon - ok
23:10:06.0932 6132  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
23:10:06.0962 6132  Netman - ok
23:10:06.0962 6132  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
23:10:06.0987 6132  netprofm - ok
23:10:06.0987 6132  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:10:07.0003 6132  NetTcpPortSharing - ok
23:10:07.0003 6132  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
23:10:07.0003 6132  nfrd960 - ok
23:10:07.0018 6132  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:10:07.0018 6132  NlaSvc - ok
23:10:07.0018 6132  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:10:07.0050 6132  Npfs - ok
23:10:07.0050 6132  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
23:10:07.0081 6132  nsi - ok
23:10:07.0081 6132  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:10:07.0096 6132  nsiproxy - ok
23:10:07.0112 6132  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:10:07.0143 6132  Ntfs - ok
23:10:07.0143 6132  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
23:10:07.0159 6132  Null - ok
23:10:07.0174 6132  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:10:07.0174 6132  nvraid - ok
23:10:07.0174 6132  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:10:07.0190 6132  nvstor - ok
23:10:07.0190 6132  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:10:07.0200 6132  nv_agp - ok
23:10:07.0200 6132  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
23:10:07.0210 6132  ohci1394 - ok
23:10:07.0220 6132  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:10:07.0230 6132  p2pimsvc - ok
23:10:07.0230 6132  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
23:10:07.0250 6132  p2psvc - ok
23:10:07.0250 6132  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
23:10:07.0260 6132  Parport - ok
23:10:07.0260 6132  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:10:07.0270 6132  partmgr - ok
23:10:07.0270 6132  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:10:07.0290 6132  PcaSvc - ok
23:10:07.0290 6132  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
23:10:07.0300 6132  pci - ok
23:10:07.0300 6132  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
23:10:07.0310 6132  pciide - ok
23:10:07.0310 6132  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
23:10:07.0320 6132  pcmcia - ok
23:10:07.0320 6132  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
23:10:07.0330 6132  pcw - ok
23:10:07.0340 6132  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:10:07.0360 6132  PEAUTH - ok
23:10:07.0380 6132  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
23:10:07.0390 6132  PerfHost - ok
23:10:07.0400 6132  [ ACC93675D78D1C07DAD09D7837F2397A ] pgsql-8.3       C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe
23:10:07.0400 6132  pgsql-8.3 ( UnsignedFile.Multi.Generic ) - warning
23:10:07.0400 6132  pgsql-8.3 - detected UnsignedFile.Multi.Generic (1)
23:10:07.0420 6132  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
23:10:07.0450 6132  pla - ok
23:10:07.0460 6132  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:10:07.0470 6132  PlugPlay - ok
23:10:07.0470 6132  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:10:07.0480 6132  PNRPAutoReg - ok
23:10:07.0490 6132  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:10:07.0500 6132  PNRPsvc - ok
23:10:07.0500 6132  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:10:07.0530 6132  PolicyAgent - ok
23:10:07.0530 6132  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
23:10:07.0560 6132  Power - ok
23:10:07.0560 6132  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:10:07.0580 6132  PptpMiniport - ok
23:10:07.0590 6132  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
23:10:07.0600 6132  Processor - ok
23:10:07.0600 6132  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
23:10:07.0610 6132  ProfSvc - ok
23:10:07.0610 6132  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:10:07.0620 6132  ProtectedStorage - ok
23:10:07.0620 6132  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
23:10:07.0650 6132  Psched - ok
23:10:07.0660 6132  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
23:10:07.0680 6132  ql2300 - ok
23:10:07.0690 6132  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
23:10:07.0700 6132  ql40xx - ok
23:10:07.0700 6132  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
23:10:07.0710 6132  QWAVE - ok
23:10:07.0720 6132  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:10:07.0730 6132  QWAVEdrv - ok
23:10:07.0730 6132  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:10:07.0750 6132  RasAcd - ok
23:10:07.0760 6132  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
23:10:07.0780 6132  RasAgileVpn - ok
23:10:07.0780 6132  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
23:10:07.0810 6132  RasAuto - ok
23:10:07.0810 6132  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:10:07.0830 6132  Rasl2tp - ok
23:10:07.0840 6132  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
23:10:07.0860 6132  RasMan - ok
23:10:07.0860 6132  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:10:07.0890 6132  RasPppoe - ok
23:10:07.0890 6132  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:10:07.0910 6132  RasSstp - ok
23:10:07.0920 6132  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:10:07.0940 6132  rdbss - ok
23:10:07.0940 6132  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
23:10:07.0950 6132  rdpbus - ok
23:10:07.0960 6132  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:10:07.0980 6132  RDPCDD - ok
23:10:07.0980 6132  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:10:08.0000 6132  RDPENCDD - ok
23:10:08.0010 6132  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
23:10:08.0030 6132  RDPREFMP - ok
23:10:08.0030 6132  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:10:08.0040 6132  RDPWD - ok
23:10:08.0040 6132  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:10:08.0050 6132  rdyboost - ok
23:10:08.0060 6132  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:10:08.0080 6132  RemoteAccess - ok
23:10:08.0080 6132  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:10:08.0110 6132  RemoteRegistry - ok
23:10:08.0110 6132  [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
23:10:08.0120 6132  RichVideo ( UnsignedFile.Multi.Generic ) - warning
23:10:08.0120 6132  RichVideo - detected UnsignedFile.Multi.Generic (1)
23:10:08.0120 6132  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:10:08.0150 6132  RpcEptMapper - ok
23:10:08.0150 6132  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
23:10:08.0160 6132  RpcLocator - ok
23:10:08.0160 6132  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
23:10:08.0190 6132  RpcSs - ok
23:10:08.0190 6132  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:10:08.0210 6132  rspndr - ok
23:10:08.0220 6132  [ 8181B5E7BFC040E0B26349C73E719335 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
23:10:08.0240 6132  RTL8167 - ok
23:10:08.0240 6132  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
23:10:08.0250 6132  SamSs - ok
23:10:08.0250 6132  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:10:08.0260 6132  sbp2port - ok
23:10:08.0260 6132  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:10:08.0280 6132  SCardSvr - ok
23:10:08.0290 6132  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:10:08.0310 6132  scfilter - ok
23:10:08.0320 6132  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
23:10:08.0350 6132  Schedule - ok
23:10:08.0360 6132  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:10:08.0380 6132  SCPolicySvc - ok
23:10:08.0380 6132  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:10:08.0390 6132  SDRSVC - ok
23:10:08.0390 6132  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:10:08.0420 6132  secdrv - ok
23:10:08.0420 6132  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
23:10:08.0440 6132  seclogon - ok
23:10:08.0440 6132  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
23:10:08.0470 6132  SENS - ok
23:10:08.0470 6132  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:10:08.0480 6132  SensrSvc - ok
23:10:08.0480 6132  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
23:10:08.0490 6132  Serenum - ok
23:10:08.0490 6132  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
23:10:08.0500 6132  Serial - ok
23:10:08.0510 6132  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
23:10:08.0510 6132  sermouse - ok
23:10:08.0520 6132  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
23:10:08.0540 6132  SessionEnv - ok
23:10:08.0550 6132  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
23:10:08.0560 6132  sffdisk - ok
23:10:08.0560 6132  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
23:10:08.0570 6132  sffp_mmc - ok
23:10:08.0570 6132  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
23:10:08.0580 6132  sffp_sd - ok
23:10:08.0580 6132  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
23:10:08.0590 6132  sfloppy - ok
23:10:08.0590 6132  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:10:08.0620 6132  SharedAccess - ok
23:10:08.0630 6132  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:10:08.0650 6132  ShellHWDetection - ok
23:10:08.0650 6132  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
23:10:08.0660 6132  SiSRaid2 - ok
23:10:08.0660 6132  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
23:10:08.0670 6132  SiSRaid4 - ok
23:10:08.0680 6132  [ B866E8C5ED1DCBEA72285BA4107892C2 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
23:10:08.0680 6132  SkypeUpdate - ok
23:10:08.0690 6132  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:10:08.0710 6132  Smb - ok
23:10:08.0710 6132  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:10:08.0720 6132  SNMPTRAP - ok
23:10:08.0720 6132  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
23:10:08.0730 6132  spldr - ok
23:10:08.0740 6132  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
23:10:08.0750 6132  Spooler - ok
23:10:08.0780 6132  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
23:10:08.0830 6132  sppsvc - ok
23:10:08.0840 6132  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
23:10:08.0860 6132  sppuinotify - ok
23:10:08.0870 6132  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:10:08.0880 6132  srv - ok
23:10:08.0880 6132  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:10:08.0890 6132  srv2 - ok
23:10:08.0900 6132  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:10:08.0910 6132  srvnet - ok
23:10:08.0910 6132  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:10:08.0940 6132  SSDPSRV - ok
23:10:08.0940 6132  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:10:08.0960 6132  SstpSvc - ok
23:10:08.0970 6132  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
23:10:08.0970 6132  stexstor - ok
23:10:08.0980 6132  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
23:10:09.0000 6132  stisvc - ok
23:10:09.0000 6132  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
23:10:09.0010 6132  swenum - ok
23:10:09.0010 6132  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
23:10:09.0040 6132  swprv - ok
23:10:09.0060 6132  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
23:10:09.0080 6132  SysMain - ok
23:10:09.0090 6132  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:10:09.0100 6132  TabletInputService - ok
23:10:09.0110 6132  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:10:09.0130 6132  TapiSrv - ok
23:10:09.0130 6132  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
23:10:09.0160 6132  TBS - ok
23:10:09.0170 6132  [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:10:09.0200 6132  Tcpip - ok
23:10:09.0220 6132  [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
23:10:09.0240 6132  TCPIP6 - ok
23:10:09.0250 6132  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:10:09.0260 6132  tcpipreg - ok
23:10:09.0260 6132  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:10:09.0270 6132  TDPIPE - ok
23:10:09.0270 6132  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:10:09.0280 6132  TDTCP - ok
23:10:09.0280 6132  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:10:09.0300 6132  tdx - ok
23:10:09.0300 6132  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
23:10:09.0310 6132  TermDD - ok
23:10:09.0320 6132  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
23:10:09.0350 6132  TermService - ok
23:10:09.0350 6132  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
23:10:09.0360 6132  Themes - ok
23:10:09.0370 6132  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
23:10:09.0390 6132  THREADORDER - ok
23:10:09.0390 6132  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
23:10:09.0420 6132  TrkWks - ok
23:10:09.0420 6132  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:10:09.0440 6132  TrustedInstaller - ok
23:10:09.0450 6132  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:10:09.0470 6132  tssecsrv - ok
23:10:09.0470 6132  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
23:10:09.0480 6132  TsUsbFlt - ok
23:10:09.0480 6132  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
23:10:09.0490 6132  TsUsbGD - ok
23:10:09.0510 6132  [ 25E302D93CBDFA1D1269FE3C41B94390 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
23:10:09.0540 6132  TuneUp.UtilitiesSvc - ok
23:10:09.0540 6132  [ 7BC3381C0713F613B31ACDE38B71CB53 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys
23:10:09.0550 6132  TuneUpUtilitiesDrv - ok
23:10:09.0550 6132  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:10:09.0580 6132  tunnel - ok
23:10:09.0580 6132  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
23:10:09.0580 6132  uagp35 - ok
23:10:09.0590 6132  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:10:09.0610 6132  udfs - ok
23:10:09.0620 6132  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:10:09.0630 6132  UI0Detect - ok
23:10:09.0630 6132  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:10:09.0640 6132  uliagpkx - ok
23:10:09.0640 6132  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
23:10:09.0650 6132  umbus - ok
23:10:09.0650 6132  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
23:10:09.0660 6132  UmPass - ok
23:10:09.0670 6132  [ 193AD338F2A64D17300AD640ADFA5D0A ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
23:10:09.0680 6132  UNS - ok
23:10:09.0680 6132  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
23:10:09.0710 6132  upnphost - ok
23:10:09.0710 6132  [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
23:10:09.0720 6132  USBAAPL64 - ok
23:10:09.0720 6132  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
23:10:09.0730 6132  usbccgp - ok
23:10:09.0730 6132  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
23:10:09.0740 6132  usbcir - ok
23:10:09.0750 6132  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
23:10:09.0750 6132  usbehci - ok
23:10:09.0760 6132  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:10:09.0770 6132  usbhub - ok
23:10:09.0770 6132  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
23:10:09.0780 6132  usbohci - ok
23:10:09.0780 6132  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
23:10:09.0790 6132  usbprint - ok
23:10:09.0800 6132  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
23:10:09.0810 6132  usbscan - ok
23:10:09.0810 6132  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:10:09.0820 6132  USBSTOR - ok
23:10:09.0820 6132  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
23:10:09.0830 6132  usbuhci - ok
23:10:09.0830 6132  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
23:10:09.0850 6132  UxSms - ok
23:10:09.0860 6132  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
23:10:09.0860 6132  VaultSvc - ok
23:10:09.0870 6132  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
23:10:09.0870 6132  vdrvroot - ok
23:10:09.0880 6132  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
23:10:09.0910 6132  vds - ok
23:10:09.0910 6132  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:10:09.0920 6132  vga - ok
23:10:09.0920 6132  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
23:10:09.0950 6132  VgaSave - ok
23:10:09.0950 6132  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
23:10:09.0960 6132  vhdmp - ok
23:10:09.0960 6132  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
23:10:09.0970 6132  viaide - ok
23:10:09.0970 6132  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:10:09.0980 6132  volmgr - ok
23:10:09.0980 6132  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:10:09.0990 6132  volmgrx - ok
23:10:10.0000 6132  [ DF8126BD41180351A093A3AD2FC8903B ] volsnap         C:\Windows\system32\drivers\volsnap.sys
23:10:10.0010 6132  volsnap - ok
23:10:10.0010 6132  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
23:10:10.0020 6132  vsmraid - ok
23:10:10.0030 6132  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
23:10:10.0070 6132  VSS - ok
23:10:10.0070 6132  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
23:10:10.0080 6132  vwifibus - ok
23:10:10.0090 6132  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
23:10:10.0100 6132  vwififlt - ok
23:10:10.0100 6132  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
23:10:10.0130 6132  W32Time - ok
23:10:10.0130 6132  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
23:10:10.0140 6132  WacomPen - ok
23:10:10.0150 6132  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
23:10:10.0170 6132  WANARP - ok
23:10:10.0170 6132  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:10:10.0190 6132  Wanarpv6 - ok
23:10:10.0210 6132  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
23:10:10.0230 6132  wbengine - ok
23:10:10.0230 6132  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:10:10.0250 6132  WbioSrvc - ok
23:10:10.0250 6132  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:10:10.0270 6132  wcncsvc - ok
23:10:10.0270 6132  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:10:10.0280 6132  WcsPlugInService - ok
23:10:10.0280 6132  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
23:10:10.0290 6132  Wd - ok
23:10:10.0300 6132  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:10:10.0310 6132  Wdf01000 - ok
23:10:10.0320 6132  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:10:10.0330 6132  WdiServiceHost - ok
23:10:10.0330 6132  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:10:10.0350 6132  WdiSystemHost - ok
23:10:10.0350 6132  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
23:10:10.0370 6132  WebClient - ok
23:10:10.0370 6132  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:10:10.0400 6132  Wecsvc - ok
23:10:10.0400 6132  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:10:10.0420 6132  wercplsupport - ok
23:10:10.0430 6132  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:10:10.0450 6132  WerSvc - ok
23:10:10.0450 6132  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
23:10:10.0480 6132  WfpLwf - ok
23:10:10.0480 6132  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:10:10.0480 6132  WIMMount - ok
23:10:10.0490 6132  WinDefend - ok
23:10:10.0490 6132  WinHttpAutoProxySvc - ok
23:10:10.0500 6132  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:10:10.0520 6132  Winmgmt - ok
23:10:10.0540 6132  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
23:10:10.0580 6132  WinRM - ok
23:10:10.0580 6132  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
23:10:10.0590 6132  WinUsb - ok
23:10:10.0600 6132  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
23:10:10.0630 6132  Wlansvc - ok
23:10:10.0650 6132  [ 98F138897EF4246381D197CB81846D62 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:10:10.0680 6132  wlidsvc - ok
23:10:10.0680 6132  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
23:10:10.0690 6132  WmiAcpi - ok
23:10:10.0690 6132  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:10:10.0710 6132  wmiApSrv - ok
23:10:10.0710 6132  WMPNetworkSvc - ok
23:10:10.0710 6132  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:10:10.0720 6132  WPCSvc - ok
23:10:10.0720 6132  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:10:10.0730 6132  WPDBusEnum - ok
23:10:10.0740 6132  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:10:10.0760 6132  ws2ifsl - ok
23:10:10.0760 6132  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
23:10:10.0780 6132  wscsvc - ok
23:10:10.0780 6132  WSearch - ok
23:10:10.0800 6132  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
23:10:10.0830 6132  wuauserv - ok
23:10:10.0840 6132  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:10:10.0850 6132  WudfPf - ok
23:10:10.0850 6132  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:10:10.0860 6132  WUDFRd - ok
23:10:10.0860 6132  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:10:10.0870 6132  wudfsvc - ok
23:10:10.0880 6132  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
23:10:10.0890 6132  WwanSvc - ok
23:10:10.0900 6132  ================ Scan global ===============================
23:10:10.0900 6132  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:10:10.0900 6132  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
23:10:10.0910 6132  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
23:10:10.0910 6132  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:10:10.0920 6132  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
23:10:10.0920 6132  [Global] - ok
23:10:10.0920 6132  ================ Scan MBR ==================================
23:10:10.0920 6132  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:10:11.0010 6132  \Device\Harddisk0\DR0 - ok
23:10:11.0020 6132  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk1\DR1
23:10:11.0090 6132  \Device\Harddisk1\DR1 - ok
23:10:11.0090 6132  ================ Scan VBR ==================================
23:10:11.0090 6132  [ 69ECE193A03CC47601019C1E33096078 ] \Device\Harddisk0\DR0\Partition1
23:10:11.0090 6132  \Device\Harddisk0\DR0\Partition1 - ok
23:10:11.0090 6132  [ C8EBE3C303A0E4C60A83A87AB907696E ] \Device\Harddisk0\DR0\Partition2
23:10:11.0090 6132  \Device\Harddisk0\DR0\Partition2 - ok
23:10:11.0090 6132  [ 94338ACC1F3A45F8C7F9DF1BD7E9F3FD ] \Device\Harddisk1\DR1\Partition1
23:10:11.0090 6132  \Device\Harddisk1\DR1\Partition1 - ok
23:10:11.0100 6132  ============================================================
23:10:11.0100 6132  Scan finished
23:10:11.0100 6132  ============================================================
23:10:11.0100 3856  Detected object count: 4
23:10:11.0100 3856  Actual detected object count: 4
23:10:57.0540 3856  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
23:10:57.0540 3856  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:10:57.0540 3856  LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
23:10:57.0540 3856  LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:10:57.0540 3856  pgsql-8.3 ( UnsignedFile.Multi.Generic ) - skipped by user
23:10:57.0540 3856  pgsql-8.3 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:10:57.0540 3856  RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
23:10:57.0540 3856  RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:13:12.0111 5456  Deinitialize success
__________________
Alt 21.11.2012, 10:21   #18
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
web.de "mail deliver failed..." - Standard

web.de "mail deliver failed..."


Mach bitte einen CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet

Code:
ATTFilter
msconfig
netsvcs
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMROOT%\system32\drivers\*.sys /lockedfiles
%SYSTEMROOT%\System32\config\*.sav
%SYSTEMROOT%\*. /mp /s
%SYSTEMROOT%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread
__________________
__________________
Alt 21.11.2012, 12:39   #19
BieneTVB
 
web.de "mail deliver failed..." - Standard

web.de "mail deliver failed..."


Code:
ATTFilter
OTL logfile created on: 21.11.2012 12:34:01 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Hagemann\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,97 Gb Total Physical Memory | 6,79 Gb Available Physical Memory | 85,22% Memory free
15,93 Gb Paging File | 14,69 Gb Available in Paging File | 92,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,14 Gb Total Space | 56,14 Gb Free Space | 47,12% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 912,98 Gb Free Space | 98,01% Space Free | Partition Type: NTFS
Drive I: | 7,03 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: HAGEMANN-PC | User Name: Hagemann | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.11.20 12:35:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Hagemann\Desktop\OTL.exe
PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.08.13 11:08:08 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2012.08.13 11:08:08 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2012.02.07 17:53:34 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012.02.07 17:53:32 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012.02.07 17:52:04 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2011.09.28 01:37:56 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2009.12.10 03:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe
PRC - [2009.12.10 03:37:16 | 003,690,496 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.08.10 16:51:32 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2011.03.04 12:02:54 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2011.03.04 12:02:52 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2011.03.04 12:02:50 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012.09.28 02:38:16 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012.11.20 19:46:26 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.11.20 07:16:13 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.10.19 16:14:08 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.09.19 11:29:44 | 002,365,792 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.02.07 17:53:34 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.02.07 17:53:32 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.02.07 17:52:04 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012.02.02 22:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2011.04.20 09:57:02 | 000,241,648 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe -- (CLKMSVC10_38F51D56)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.12.10 03:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe -- (pgsql-8.3)
SRV - [2009.08.18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.10.30 23:51:56 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012.10.30 23:51:55 | 000,984,144 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012.10.30 23:51:55 | 000,370,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012.10.30 23:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012.10.30 23:51:53 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.10.15 17:59:28 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012.09.28 03:21:20 | 010,697,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.09.28 02:12:52 | 000,460,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.07.09 13:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.05.14 07:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.03 14:01:20 | 000,677,480 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.11.10 01:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011.11.03 11:10:42 | 000,395,752 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011.11.03 11:10:42 | 000,130,536 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011.04.20 03:07:48 | 001,930,240 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur)
DRV:64bit: - [2011.03.23 15:41:28 | 000,036,448 | ---- | M] (Asmedia Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\asahci64.sys -- (asahci64)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012.09.19 10:50:50 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-4131250592-1838384388-922388214-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=109727&tt=311012_niche_4412_4&babsrc=HP_ss&mntrId=721a3d7b00000000000090f652e6eb59
IE - HKU\S-1-5-21-4131250592-1838384388-922388214-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-4131250592-1838384388-922388214-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-4131250592-1838384388-922388214-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 38 AB 93 38 3D B7 CD 01  [binary data]
IE - HKU\S-1-5-21-4131250592-1838384388-922388214-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-4131250592-1838384388-922388214-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-4131250592-1838384388-922388214-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-4131250592-1838384388-922388214-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=109727&tt=311012_niche_4412_4&babsrc=SP_ss&mntrId=721a3d7b00000000000090f652e6eb59
IE - HKU\S-1-5-21-4131250592-1838384388-922388214-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4131250592-1838384388-922388214-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:7.0.1474
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.11.02 18:29:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.20 19:18:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.11.20 19:19:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hagemann\AppData\Roaming\mozilla\Extensions
[2012.11.20 19:38:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hagemann\AppData\Roaming\mozilla\Firefox\Profiles\8aqu1nm7.default\extensions
[2012.11.20 19:38:03 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Hagemann\AppData\Roaming\mozilla\firefox\profiles\8aqu1nm7.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.11.20 19:18:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.11.02 18:29:38 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012.11.20 07:17:00 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.11.20 08:13:26 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.11.20 08:13:26 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.11.20 08:13:26 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.11.20 08:13:26 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.11.20 08:13:26 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.11.20 08:13:26 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4131250592-1838384388-922388214-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-4131250592-1838384388-922388214-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Hagemann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Hagemann\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Hagemann\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe (PokerStars)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7AACC0C1-6273-4F0F-938B-58BD3476DED7}: DhcpNameServer = 192.168.10.4 192.168.10.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E53FDE10-D543-4BA8-A460-B483277A1286}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll) -  File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\AcroRd32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\labelprint.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\power2go.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\power2goexpress.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\producer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\ps.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\skype.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\youcam.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\AcroRd32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\labelprint.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\power2go.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\power2goexpress.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\producer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\ps.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\skype.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\youcam.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.11.15 10:52:50 | 000,161,088 | R--- | M] (Take-Two Interactive Software, Inc.) - I:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2008.10.11 18:03:48 | 000,000,054 | R--- | M] () - I:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{84e48d4a-2321-11e2-a253-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{84e48d4a-2321-11e2-a253-806e6f6e6963}\Shell\AutoRun\command - "" = I:\Autorun.exe -- [2008.11.15 10:52:50 | 000,161,088 | R--- | M] (Take-Two Interactive Software, Inc.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 
 
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
System Restore Service not available.
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.11.20 23:43:55 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012.11.20 23:33:34 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.11.20 23:32:10 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\Desktop\miami
[2012.11.20 23:07:44 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Hagemann\Desktop\tdsskiller.exe
[2012.11.20 22:58:49 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Hagemann\Desktop\aswMBR.exe
[2012.11.20 19:46:51 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Local\Macromedia
[2012.11.20 19:18:56 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Roaming\Mozilla
[2012.11.20 19:18:56 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Local\Mozilla
[2012.11.20 19:18:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.11.20 19:18:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012.11.20 12:35:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Hagemann\Desktop\OTL.exe
[2012.11.19 09:50:51 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Local\Diagnostics
[2012.11.15 12:28:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012.11.15 12:28:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012.11.14 20:27:53 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Roaming\OpenOffice.org
[2012.11.10 12:45:23 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2012.11.10 12:45:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2012.11.10 12:45:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2012.11.10 12:44:59 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2012.11.10 12:44:29 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Local\HP
[2012.11.10 12:43:09 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Local\ElevatedDiagnostics
[2012.11.08 08:48:17 | 000,034,656 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2012.11.08 08:48:17 | 000,025,952 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2012.11.08 08:48:17 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2012.11.08 08:48:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
[2012.11.08 08:48:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2013
[2012.11.08 08:48:01 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2012.11.05 15:43:59 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.11.05 15:43:59 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Roaming\DVDVideoSoft
[2012.11.05 15:43:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2012.11.05 15:43:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2012.11.05 15:43:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2012.11.05 14:47:06 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Local\MJProductions
[2012.11.05 14:45:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Route Generator
[2012.11.05 14:29:49 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Roaming\FreeScreenToVideo
[2012.11.05 14:29:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Screen To Video
[2012.11.05 13:58:20 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Local\MAGIX_AG
[2012.11.04 17:01:13 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Roaming\Skype
[2012.11.04 17:01:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.11.04 17:01:08 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012.11.04 17:01:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.11.04 17:01:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012.11.04 14:18:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2012.11.04 14:05:39 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\Documents\Games for Windows - LIVE Demos
[2012.11.04 14:03:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2012.11.04 13:46:43 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\Documents\Rockstar Games
[2012.11.04 13:44:55 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2012.11.04 13:44:07 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Local\Rockstar Games
[2012.11.04 13:42:59 | 000,000,000 | RH-D | C] -- C:\Users\Hagemann\AppData\Roaming\SecuROM
[2012.11.04 13:37:59 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2012.11.04 13:35:39 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2012.11.04 13:35:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2012.11.04 13:06:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[2012.11.04 13:06:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games
[2012.11.02 18:50:03 | 000,000,000 | R--D | C] -- C:\Users\Hagemann\Desktop\Programme
[2012.11.02 18:35:02 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Local\Xara
[2012.11.02 18:35:01 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Roaming\MAGIX
[2012.11.02 18:34:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MAGIX Shared
[2012.11.02 18:33:54 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2012.11.02 18:33:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MAGIX Services
[2012.11.02 18:33:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012.11.02 18:29:47 | 000,984,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012.11.02 18:29:47 | 000,370,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012.11.02 18:29:47 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012.11.02 18:29:47 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012.11.02 18:29:47 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012.11.02 18:29:47 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012.11.02 18:29:47 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012.11.02 18:29:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012.11.02 18:29:33 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012.11.02 18:29:33 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.11.02 18:29:24 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012.11.02 18:29:24 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012.11.02 18:14:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.11.02 18:14:21 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Roaming\Apple Computer
[2012.11.02 18:14:21 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Local\Apple Computer
[2012.11.02 18:14:20 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2012.11.02 18:14:07 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.11.02 18:14:06 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.11.02 18:14:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012.11.02 18:14:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012.11.02 18:14:06 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012.11.02 18:13:58 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Local\Apple
[2012.11.02 18:13:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012.11.02 18:13:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012.11.02 18:13:49 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012.11.02 18:13:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012.11.02 18:13:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012.11.02 18:13:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012.11.02 17:53:24 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Roaming\TuneUp Software
[2012.11.02 17:47:29 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2012.11.02 17:47:26 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.11.02 17:47:26 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.11.02 17:46:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins
[2012.11.02 17:46:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions
[2012.11.02 17:46:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.11.02 17:45:46 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Roaming\Babylon
[2012.11.02 17:45:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012.11.02 17:45:45 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Roaming\DesktopIconForAmazon
[2012.11.02 17:39:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3
[2012.11.02 17:39:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PostgreSQL
[2012.11.02 17:34:27 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Local\PokerStars.EU
[2012.11.02 17:34:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.EU
[2012.11.02 17:34:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PokerStars.EU
[2012.11.02 17:19:29 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 3
[2012.11.02 17:19:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerTracker 3
[2012.11.02 17:19:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PokerTracker 3
[2012.11.02 17:11:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012.11.02 17:11:40 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Local\Google
[2012.11.02 17:10:00 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Local\Deployment
[2012.11.02 17:10:00 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Local\Apps
[2012.11.02 17:04:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
[2012.11.02 17:03:48 | 001,930,240 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athurx.sys
[2012.11.02 17:03:48 | 001,930,240 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\athurx.sys
[2012.11.02 17:03:01 | 000,000,000 | ---D | C] -- C:\ProgramData\TP-LINK
[2012.11.02 12:41:07 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Local\Power2Go
[2012.11.02 12:26:55 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
[2012.11.02 12:25:00 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Roaming\CyberLink
[2012.11.02 12:25:00 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Local\Cyberlink
[2012.11.02 12:23:32 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling
[2012.11.02 12:23:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LightScribe
[2012.11.02 12:22:49 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
[2012.11.02 12:22:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2012.11.02 12:22:29 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2012.11.02 12:22:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2012.11.02 10:56:13 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
[2012.11.02 10:55:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
[2012.11.02 10:52:12 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Roaming\WinRAR
[2012.11.02 10:52:12 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.11.02 10:52:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.11.02 10:52:10 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012.11.02 10:32:10 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Local\ashampoo
[2012.11.02 10:32:10 | 000,000,000 | ---D | C] -- C:\ProgramData\ashampoo
[2012.11.02 10:30:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012.11.02 10:30:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012.11.02 10:29:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012.11.02 10:29:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.11.02 10:29:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012.11.02 10:27:54 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Roaming\Macromedia
[2012.11.02 10:27:54 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Roaming\Adobe
[2012.11.02 10:26:41 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012.11.02 10:26:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012.11.02 10:26:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012.10.31 18:05:12 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Roaming\ATI
[2012.10.31 18:05:12 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Local\ATI
[2012.10.31 18:05:12 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012.10.31 18:04:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2012.10.31 18:04:06 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2012.10.31 18:04:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2012.10.31 18:04:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2012.10.31 18:04:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012.10.31 18:04:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2012.10.31 18:03:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2012.10.31 18:02:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012.10.31 18:02:30 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012.10.31 18:02:29 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012.10.31 08:57:30 | 000,000,000 | ---D | C] -- C:\Treiber
[2012.10.31 08:53:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM104xUSB3
[2012.10.31 08:53:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012.10.31 08:52:59 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012.10.31 08:52:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2012.10.31 08:52:28 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Roaming\InstallShield
[2012.10.31 08:52:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmedia Technology
[2012.10.31 08:52:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM106xSATA
[2012.10.31 08:52:12 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012.10.31 08:51:27 | 000,677,480 | ---- | C] (Realtek                                            ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2012.10.31 08:51:08 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2012.10.31 08:51:08 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012.10.31 08:50:58 | 002,604,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2012.10.31 08:50:57 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2012.10.31 08:50:57 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2012.10.31 08:50:57 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2012.10.31 08:50:57 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2012.10.31 08:50:57 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2012.10.31 08:50:57 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2012.10.31 08:50:57 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2012.10.31 08:50:57 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2012.10.31 08:50:48 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2012.10.31 08:50:48 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2012.10.31 08:50:48 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2012.10.31 08:50:48 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2012.10.31 08:50:48 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2012.10.31 08:50:48 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2012.10.31 08:50:42 | 003,308,376 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2012.10.31 08:50:42 | 000,426,328 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2012.10.31 08:50:42 | 000,136,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2012.10.31 08:50:42 | 000,118,104 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2012.10.31 08:50:42 | 000,074,072 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2012.10.31 08:50:41 | 000,702,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek2.dll
[2012.10.31 08:50:41 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2012.10.31 08:50:39 | 003,768,152 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll
[2012.10.31 08:50:39 | 002,132,824 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2012.10.31 08:50:39 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2012.10.31 08:50:39 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2012.10.31 08:50:37 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2012.10.31 08:50:31 | 002,085,440 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012.10.31 08:50:30 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2012.10.31 08:50:30 | 000,527,872 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll
[2012.10.31 08:50:30 | 000,515,584 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll
[2012.10.31 08:50:30 | 000,439,808 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll
[2012.10.31 08:50:29 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2012.10.31 08:50:29 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2012.10.31 08:50:29 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2012.10.31 08:50:29 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2012.10.31 08:50:28 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2012.10.31 08:50:28 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2012.10.31 08:50:28 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2012.10.31 08:50:28 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2012.10.31 08:50:28 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2012.10.31 08:50:28 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2012.10.31 08:50:27 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2012.10.31 08:50:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2012.10.31 08:50:24 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2012.10.31 08:50:24 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012.10.31 08:50:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012.10.31 08:49:27 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012.10.31 08:49:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012.10.31 08:48:35 | 000,000,000 | ---D | C] -- C:\Windows\AsusInstAll
[2012.10.31 07:41:20 | 000,000,000 | R--D | C] -- C:\Users\Hagemann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.10.31 07:41:20 | 000,000,000 | R--D | C] -- C:\Users\Hagemann\Searches
[2012.10.31 07:41:20 | 000,000,000 | R--D | C] -- C:\Users\Hagemann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.10.31 07:41:15 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Roaming\Identities
[2012.10.31 07:41:14 | 000,000,000 | R--D | C] -- C:\Users\Hagemann\Contacts
[2012.10.31 07:41:13 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Local\VirtualStore
[2012.10.31 07:41:11 | 000,000,000 | --SD | C] -- C:\Users\Hagemann\AppData\Roaming\Microsoft
[2012.10.31 07:41:11 | 000,000,000 | R--D | C] -- C:\Users\Hagemann\Videos
[2012.10.31 07:41:11 | 000,000,000 | R--D | C] -- C:\Users\Hagemann\Saved Games
[2012.10.31 07:41:11 | 000,000,000 | R--D | C] -- C:\Users\Hagemann\Pictures
[2012.10.31 07:41:11 | 000,000,000 | R--D | C] -- C:\Users\Hagemann\Music
[2012.10.31 07:41:11 | 000,000,000 | R--D | C] -- C:\Users\Hagemann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.10.31 07:41:11 | 000,000,000 | R--D | C] -- C:\Users\Hagemann\Links
[2012.10.31 07:41:11 | 000,000,000 | R--D | C] -- C:\Users\Hagemann\Favorites
[2012.10.31 07:41:11 | 000,000,000 | R--D | C] -- C:\Users\Hagemann\Downloads
[2012.10.31 07:41:11 | 000,000,000 | R--D | C] -- C:\Users\Hagemann\Documents
[2012.10.31 07:41:11 | 000,000,000 | R--D | C] -- C:\Users\Hagemann\Desktop
[2012.10.31 07:41:11 | 000,000,000 | R--D | C] -- C:\Users\Hagemann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.10.31 07:41:11 | 000,000,000 | -HSD | C] -- C:\Users\Hagemann\Vorlagen
[2012.10.31 07:41:11 | 000,000,000 | -HSD | C] -- C:\Users\Hagemann\AppData\Local\Verlauf
[2012.10.31 07:41:11 | 000,000,000 | -HSD | C] -- C:\Users\Hagemann\AppData\Local\Temporary Internet Files
[2012.10.31 07:41:11 | 000,000,000 | -HSD | C] -- C:\Users\Hagemann\Startmenü
[2012.10.31 07:41:11 | 000,000,000 | -HSD | C] -- C:\Users\Hagemann\SendTo
[2012.10.31 07:41:11 | 000,000,000 | -HSD | C] -- C:\Users\Hagemann\Recent
[2012.10.31 07:41:11 | 000,000,000 | -HSD | C] -- C:\Users\Hagemann\Netzwerkumgebung
[2012.10.31 07:41:11 | 000,000,000 | -HSD | C] -- C:\Users\Hagemann\Lokale Einstellungen
[2012.10.31 07:41:11 | 000,000,000 | -HSD | C] -- C:\Users\Hagemann\Documents\Eigene Videos
[2012.10.31 07:41:11 | 000,000,000 | -HSD | C] -- C:\Users\Hagemann\Documents\Eigene Musik
[2012.10.31 07:41:11 | 000,000,000 | -HSD | C] -- C:\Users\Hagemann\Eigene Dateien
[2012.10.31 07:41:11 | 000,000,000 | -HSD | C] -- C:\Users\Hagemann\Documents\Eigene Bilder
[2012.10.31 07:41:11 | 000,000,000 | -HSD | C] -- C:\Users\Hagemann\Druckumgebung
[2012.10.31 07:41:11 | 000,000,000 | -HSD | C] -- C:\Users\Hagemann\Cookies
[2012.10.31 07:41:11 | 000,000,000 | -HSD | C] -- C:\Users\Hagemann\AppData\Local\Anwendungsdaten
[2012.10.31 07:41:11 | 000,000,000 | -HSD | C] -- C:\Users\Hagemann\Anwendungsdaten
[2012.10.31 07:41:11 | 000,000,000 | -H-D | C] -- C:\Users\Hagemann\AppData
[2012.10.31 07:41:11 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Local\Temp
[2012.10.31 07:41:11 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Local\Microsoft
[2012.10.31 07:41:11 | 000,000,000 | ---D | C] -- C:\Users\Hagemann\AppData\Roaming\Media Center Programs
[2012.10.31 07:41:10 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2012.10.31 07:41:10 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2012.10.31 07:41:10 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012.10.31 07:41:10 | 000,000,000 | -HSD | C] -- C:\Programme
[2012.10.31 07:41:10 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2012.10.31 07:41:10 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2012.10.31 07:41:10 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2012.10.31 07:41:10 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2012.10.31 07:41:10 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2012.10.31 07:41:10 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2012.10.31 07:41:10 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2012.10.31 07:41:10 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2012.10.31 07:41:09 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.10.31 07:09:36 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012.10.31 07:09:27 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012.10.31 07:08:58 | 000,000,000 | ---D | C] -- C:\Windows\Panther
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.21 12:34:41 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.21 12:34:41 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.11.21 12:34:41 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.21 12:34:41 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.11.21 12:34:41 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.21 12:30:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.21 10:06:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.21 09:57:57 | 000,021,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.21 09:57:57 | 000,021,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.21 09:50:53 | 000,419,608 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.11.20 23:07:49 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Hagemann\Desktop\tdsskiller.exe
[2012.11.20 22:59:06 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Hagemann\Desktop\aswMBR.exe
[2012.11.20 20:31:33 | 000,001,069 | ---- | M] () -- C:\Users\Hagemann\Desktop\PokerTracker 3.lnk
[2012.11.20 19:18:54 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.11.20 12:35:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Hagemann\Desktop\OTL.exe
[2012.11.20 12:33:55 | 000,000,000 | ---- | M] () -- C:\Users\Hagemann\defogger_reenable
[2012.11.20 12:32:17 | 000,050,477 | ---- | M] () -- C:\Users\Hagemann\Desktop\Defogger.exe
[2012.11.15 16:16:20 | 000,069,162 | ---- | M] () -- C:\Users\Hagemann\Desktop\clubmail_871948_att.jpg
[2012.11.14 20:27:57 | 000,001,235 | ---- | M] () -- C:\Users\Hagemann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
[2012.11.10 12:36:09 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.10 12:36:09 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.08 19:29:22 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012.11.08 08:38:37 | 000,000,224 | ---- | M] () -- C:\Users\Hagemann\Documents\Tune UP Produktschlüssel.rtf
[2012.11.05 15:43:58 | 000,001,398 | ---- | M] () -- C:\Users\Hagemann\Desktop\Free YouTube to MP3 Converter.lnk
[2012.11.04 17:01:09 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.11.04 14:00:55 | 000,002,196 | ---- | M] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2012.11.04 13:37:59 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2012.11.02 18:35:23 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012.11.02 18:29:47 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012.11.02 18:14:21 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.11.02 17:34:27 | 000,001,084 | ---- | M] () -- C:\Users\Public\Desktop\PokerStars.eu.lnk
[2012.11.02 17:19:52 | 000,004,996 | ---- | M] () -- C:\ProgramData\bltofzsb.qlf
[2012.11.02 17:07:40 | 000,000,207 | ---- | M] () -- C:\Users\Hagemann\Documents\Heimnetz.rtf
[2012.10.31 18:13:23 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.10.31 18:13:23 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012.10.31 18:05:07 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2012.10.31 08:53:29 | 000,044,274 | ---- | M] () -- C:\Windows\Ascd_log.ini
[2012.10.31 08:43:40 | 000,031,393 | ---- | M] () -- C:\Windows\Ascd_tmp.ini
[2012.10.31 08:43:14 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini
[2012.10.31 07:11:27 | 000,159,772 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012.10.31 07:11:27 | 000,159,772 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012.10.31 07:10:02 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.10.30 23:51:56 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012.10.30 23:51:55 | 000,984,144 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012.10.30 23:51:55 | 000,370,288 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012.10.30 23:51:55 | 000,071,600 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012.10.30 23:51:53 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012.10.30 23:51:07 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.10.30 23:50:59 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012.10.30 23:50:30 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
 
========== Files Created - No Company Name ==========
 
[2012.11.21 09:50:49 | 000,419,608 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.11.20 19:18:54 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.11.20 19:18:54 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.11.20 12:33:55 | 000,000,000 | ---- | C] () -- C:\Users\Hagemann\defogger_reenable
[2012.11.20 12:32:16 | 000,050,477 | ---- | C] () -- C:\Users\Hagemann\Desktop\Defogger.exe
[2012.11.19 00:24:08 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.11.19 00:21:27 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.11.15 16:16:20 | 000,069,162 | ---- | C] () -- C:\Users\Hagemann\Desktop\clubmail_871948_att.jpg
[2012.11.14 20:27:57 | 000,001,235 | ---- | C] () -- C:\Users\Hagemann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
[2012.11.08 19:29:22 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012.11.08 17:50:25 | 021,378,698 | ---- | C] () -- C:\Users\Hagemann\Desktop\Fritz & Paul Kalkbrenner - Sky and Sand (Original Mix).mp3
[2012.11.08 11:11:32 | 005,021,359 | ---- | C] () -- C:\Users\Hagemann\Desktop\Simple Plan - Summer Paradise ft. Sean Paul (Official Audio).mp3
[2012.11.08 08:48:16 | 000,002,201 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
[2012.11.08 08:38:37 | 000,000,224 | ---- | C] () -- C:\Users\Hagemann\Documents\Tune UP Produktschlüssel.rtf
[2012.11.05 15:43:58 | 000,001,398 | ---- | C] () -- C:\Users\Hagemann\Desktop\Free YouTube to MP3 Converter.lnk
[2012.11.04 17:01:09 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.11.04 14:03:41 | 000,001,338 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2012.11.04 13:34:33 | 000,002,196 | ---- | C] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2012.11.02 18:29:47 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012.11.02 18:14:21 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.11.02 18:13:57 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012.11.02 17:34:27 | 000,001,084 | ---- | C] () -- C:\Users\Public\Desktop\PokerStars.eu.lnk
[2012.11.02 17:19:52 | 000,004,996 | ---- | C] () -- C:\ProgramData\bltofzsb.qlf
[2012.11.02 17:19:29 | 000,001,069 | ---- | C] () -- C:\Users\Hagemann\Desktop\PokerTracker 3.lnk
[2012.11.02 17:11:51 | 000,001,114 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.02 17:11:51 | 000,001,110 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.02 17:07:40 | 000,000,207 | ---- | C] () -- C:\Users\Hagemann\Documents\Heimnetz.rtf
[2012.11.02 17:03:48 | 000,027,040 | ---- | C] () -- C:\Windows\SysNative\netathurx.inf
[2012.11.02 17:03:48 | 000,008,820 | ---- | C] () -- C:\Windows\SysNative\athurextx.cat
[2012.11.02 10:31:02 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2012.11.02 10:26:42 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.02 10:25:59 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012.10.31 18:13:23 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.10.31 18:13:23 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012.10.31 18:05:07 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.10.31 08:53:04 | 000,015,128 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2012.10.31 08:50:48 | 000,200,468 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2012.10.31 08:48:21 | 000,044,274 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2012.10.31 08:43:09 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012.10.31 08:43:01 | 000,031,393 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2012.10.31 07:41:22 | 000,001,405 | ---- | C] () -- C:\Users\Hagemann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012.10.31 07:41:21 | 000,001,439 | ---- | C] () -- C:\Users\Hagemann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.10.31 07:11:22 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012.10.31 07:11:22 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012.10.31 07:10:02 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.09.28 02:29:54 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.09.28 02:29:54 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.05.02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.02.02 22:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.11.02 17:45:46 | 000,000,000 | ---D | M] -- C:\Users\Hagemann\AppData\Roaming\Babylon
[2012.11.20 19:34:48 | 000,000,000 | ---D | M] -- C:\Users\Hagemann\AppData\Roaming\DesktopIconForAmazon
[2012.11.05 15:44:01 | 000,000,000 | ---D | M] -- C:\Users\Hagemann\AppData\Roaming\DVDVideoSoft
[2012.11.05 15:43:59 | 000,000,000 | ---D | M] -- C:\Users\Hagemann\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.11.20 23:38:24 | 000,000,000 | ---D | M] -- C:\Users\Hagemann\AppData\Roaming\FreeScreenToVideo
[2012.11.05 17:37:48 | 000,000,000 | ---D | M] -- C:\Users\Hagemann\AppData\Roaming\MAGIX
[2012.11.14 20:27:53 | 000,000,000 | ---D | M] -- C:\Users\Hagemann\AppData\Roaming\OpenOffice.org
[2012.11.08 08:48:14 | 000,000,000 | ---D | M] -- C:\Users\Hagemann\AppData\Roaming\TuneUp Software
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012.10.31 07:41:14 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2012.11.21 09:50:47 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2012.10.31 07:41:10 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.11.10 12:44:59 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.11.20 23:35:00 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2012.11.21 09:50:47 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2012.10.31 07:41:10 | 000,000,000 | -HSD | M] -- C:\Programme
[2012.10.31 07:41:10 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012.11.08 19:38:22 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.11.20 23:43:55 | 000,000,000 | ---D | M] -- C:\TDSSKiller_Quarantine
[2012.10.31 18:01:16 | 000,000,000 | ---D | M] -- C:\Treiber
[2012.11.02 17:39:58 | 000,000,000 | R--D | M] -- C:\Users
[2012.11.21 09:50:52 | 000,000,000 | ---D | M] -- C:\Windows
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.11.02 10:27:54 | 000,000,000 | ---D | M] -- C:\Users\Hagemann\AppData\Roaming\Adobe
[2012.11.08 19:43:19 | 000,000,000 | ---D | M] -- C:\Users\Hagemann\AppData\Roaming\Apple Computer
[2012.10.31 18:05:12 | 000,000,000 | ---D | M] -- C:\Users\Hagemann\AppData\Roaming\ATI
[2012.11.02 17:45:46 | 000,000,000 | ---D | M] -- C:\Users\Hagemann\AppData\Roaming\Babylon
[2012.11.02 12:25:00 | 000,000,000 | ---D | M] -- C:\Users\Hagemann\AppData\Roaming\CyberLink
[2012.11.20 19:34:48 | 000,000,000 | ---D | M] -- C:\Users\Hagemann\AppData\Roaming\DesktopIconForAmazon
[2012.11.05 15:44:01 | 000,000,000 | ---D | M] -- C:\Users\Hagemann\AppData\Roaming\DVDVideoSoft
[2012.11.05 15:43:59 | 000,000,000 | ---D | M] -- C:\Users\Hagemann\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.11.20 23:38:24 | 000,000,000 | ---D | M] -- C:\Users\Hagemann\AppData\Roaming\FreeScreenToVideo
[2012.10.31 07:41:15 | 000,000,000 | ---D | M] -- C:\Users\Hagemann\AppData\Roaming\Identities
[2012.10.31 08:52:28 | 000,000,000 | ---D | M] -- C:\Users\Hagemann\AppData\Roaming\InstallShield
[2012.11.02 10:27:54 | 000,000,000 | ---D | M] -- C:\Users\Hagemann\AppData\Roaming\Macromedia
[2012.11.05 17:37:48 | 000,000,000 | ---D | M] -- C:\Users\Hagemann\AppData\Roaming\MAGIX
[2011.04.12 08:54:43 | 000,000,000 | ---D | M] -- C:\Users\Hagemann\AppData\Roaming\Media Center Programs
[2012.11.21 09:51:36 | 000,000,000 | --SD | M] -- C:\Users\Hagemann\AppData\Roaming\Microsoft
[2012.11.20 19:19:04 | 000,000,000 | ---D | M] -- C:\Users\Hagemann\AppData\Roaming\Mozilla
[2012.11.14 20:27:53 | 000,000,000 | ---D | M] -- C:\Users\Hagemann\AppData\Roaming\OpenOffice.org
[2012.11.04 13:42:59 | 000,000,000 | RH-D | M] -- C:\Users\Hagemann\AppData\Roaming\SecuROM
[2012.11.08 08:15:59 | 000,000,000 | ---D | M] -- C:\Users\Hagemann\AppData\Roaming\Skype
[2012.11.08 08:48:14 | 000,000,000 | ---D | M] -- C:\Users\Hagemann\AppData\Roaming\TuneUp Software
[2012.11.02 18:32:56 | 000,000,000 | ---D | M] -- C:\Users\Hagemann\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2012.11.02 17:45:45 | 000,753,664 | ---- | M] (Microsoft) -- C:\Users\Hagemann\AppData\Roaming\DesktopIconForAmazon\IconForAmazon.exe
 
< %SYSTEMROOT%\system32\drivers\*.sys /lockedfiles >
 
< %SYSTEMROOT%\System32\config\*.sav >
 
< %SYSTEMROOT%\*. /mp /s >
 
< %SYSTEMROOT%\system32\*.dll /lockedfiles >
 
<           >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,012,978 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.11.02 10:26:42 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.11.02 17:11:51 | 000,001,110 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.11.02 17:11:51 | 000,001,114 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< End of report >

Alt 21.11.2012, 15:41   #20
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
web.de "mail deliver failed..." - Standard

web.de "mail deliver failed..."


Ist unauffällig, sind aber ein paar Toolbars drin.
Die Mails bekommst du seit der Passwortänderung nicht mehr? Besonders Schwache Passwörter wurden erst letztens per Bruteforce geknackt. Zwar schon im Juli und das auch bei GMX, aber GMX und web.de gehören beide zur 1&1 Mail & Media GmbH

Sind dir mal irgenwann misslungene Loginversuche aufgefallen?

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 21.11.2012, 17:08   #21
BieneTVB
 
web.de "mail deliver failed..." - Standard

web.de "mail deliver failed..."


Die mails bekomm ich seit der Passwortänderung nicht mehr.

Mir ist vorher nichts aufgefallen.

Alt 21.11.2012, 17:13   #22
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
web.de "mail deliver failed..." - Standard

web.de "mail deliver failed..."


Dann war echt dein Passwort zu schwach oder es wurde von einer anderen infizierten Maschine irgendwie ausgelesen

Code:
ATTFilter
Received: from serversima ([95.224.62.76]) by smtp.web.de (mrweb002) with
Um da nochmal darauf zurückzukommen, "serversima" hat tatsächlich den SMTP-Server von web.de benutzt um seinen Spam abzuladen. Dafür musste der Spammer dein Kennwort kennen, völlig anonym bzw. ohne Login kann man bei web.de keine Mails schicken
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 21.11.2012, 17:26   #23
BieneTVB
 
web.de "mail deliver failed..." - Standard

web.de "mail deliver failed..."


OK dann werd ich in Zukunft bessere Passwörter nutzen.

Danke für deine Hilfe

Alt 21.11.2012, 17:28   #24
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
web.de "mail deliver failed..." - Standard

web.de "mail deliver failed..."


Schau dir mal KeePass an, damit kann man auch viele und sehr komplexe Passwörter gut verwalten
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort
Seite 2 von 2 1 2

Themen zu web.de "mail deliver failed..."
adresse, antivirus, babylontoolbar, beitrag, bereits, browser manager, focus, gefunde, grand theft auto, grund, hoffe, install.exe, irgend, keineantwortadresse@web.de, mail, mail delivery, meldungen, nichts, nutze, passwörter, plug-in, problem, programm, recht, scan, schei, spammails, täglich, usb 3.0, usern, verschickt, vorgehen, wichtige, zulässig


« Trojaner (OBTSM) durch Verknüpfungen einer NFO | Trojaner PUP.LoadTubes / Trojan.Agent/Gen-Nullo bei "Routinescan" gefunden - gefährlich? »


Ähnliche Themen: web.de "mail deliver failed..."


  1. Bekomme massen E-Mail "This message was created automatically by mail delivery software."
    Plagegeister aller Art und deren Bekämpfung - 31.08.2015 (2)
  2. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  3. "Mail delivery failed: returning message to sender" bei web.de
    Log-Analyse und Auswertung - 28.01.2014 (1)
  4. Viele "Mail delivery failed: returning message to sender" und komische Emails im Postfach!
    Plagegeister aller Art und deren Bekämpfung - 27.10.2013 (3)
  5. Postfach überschwemmt mit: "Mail Delivery Failed [...]" (GMX)
    Plagegeister aller Art und deren Bekämpfung - 12.03.2013 (0)
  6. "Mail delivery failed" häuft sich im Posteingang
    Log-Analyse und Auswertung - 17.11.2012 (9)
  7. Noch ein Fall von "Mail delivery failed: returning message to sender"
    Plagegeister aller Art und deren Bekämpfung - 10.10.2012 (2)
  8. "Falsche" E-Mail von Freund mit Link ins Netz -> Virus oder nur "Werbung"?
    Log-Analyse und Auswertung - 30.07.2012 (1)
  9. windows 7 gecrasht - "Windows - Delayed Write Failed" "Failed to save all the components..."
    Plagegeister aller Art und deren Bekämpfung - 26.01.2012 (12)
  10. "Delayed write failed"- Virus/ Versteckte Objekte
    Log-Analyse und Auswertung - 06.01.2012 (20)
  11. privacy.exe "Failed to save all the components for the file System32\\00... " Win7
    Log-Analyse und Auswertung - 17.12.2011 (5)
  12. "Windows - Delayed Write Failed" - Schwarzer Bildschirm, keine Icons
    Log-Analyse und Auswertung - 23.11.2011 (24)
  13. Schwarzer Desktop, Icons versteckt, "delayed write failed..."
    Plagegeister aller Art und deren Bekämpfung - 22.11.2011 (48)
  14. Nach "Windows - Delayed Write Failed" Laptop Trojaner Frei?
    Log-Analyse und Auswertung - 08.11.2011 (10)
  15. Alle Dateien weg, "windows - delayed write failed" usw.
    Log-Analyse und Auswertung - 06.11.2011 (3)
  16. Alle Dateien weg, "windows - delayed write failed"
    Mülltonne - 04.11.2011 (1)
  17. Heute schon über 30 "Mail Delivery System "Mail Delivery System" Mail bekommen
    Log-Analyse und Auswertung - 26.05.2008 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema web.de "mail deliver failed..." - Irgendwie scheint die Nachricht wohl aber doch über web.de geschickt worden zu sein, irgendwie hab ich das zuerst falsch gesehen Edit: hab mich verklickt 1. aswMBR Downloade dir bitte aswMBR.exe - web.de "mail deliver failed..."...
Archiv
Du betrachtest: web.de "mail deliver failed..." auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131