Internet bestroffen - Google zeigt nur Werbung an / Anmeldung bei Fb nicht möglich

ReVoC · 04.12.2012, 08:25

Guten Morgen,

seit ungefähr 2 Wochen habe ich das Problem das ich bei einer Googlesuche immer auf Werbung weitergeleitet werde sobald ich auf einen Link geklickt habe. Darüber hinaus kann ich mich seit dem Wochenende nicht mehr bei Facebook (jemand unbefugte soll auf meiner Seite gewesen sein. Dadurch ist das Konto gesperrt. Doch an anderen PC's kann ich mich anmelden) oder meinem E-mail Konto anmelden.

Ich habe jetzt die ANleitung dieser Seite abgearbeitet.
1. Defogger durchlaufen lassen
2. Mit GMER gescannt (hat sich nach unterschiedlichen Zeiten immer wieder fest gefahren und ist angestürzt. Auch im abgesicherten Modus zwei mal)
3. OTL durchlaufen lassen --> Logfiles unten
4. Anti-Malware durchlaufen lassen (hatte ein Fund) --> Logfile unten

Systemdaten:
Prozessor: Intel(R) Core(TM)2 Duo CPU T5850 2,16Ghz
Arbeitsspeicher: 4GB
Betriebssystem 32bit - Win7

Wenn Ihr mir helfen könntet wäre ich sehr froh.
Danke
Grüße Revoc

OTL - FIX
OTL logfile created on: 02.12.2012 20:25:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ReVoC\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 0,94 Gb Available Physical Memory | 31,22% Memory free
6,00 Gb Paging File | 3,65 Gb Available in Paging File | 60,85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286,37 Gb Total Space | 119,03 Gb Free Space | 41,57% Space Free | Partition Type: NTFS
Drive D: | 327,26 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: REVOC-PC | User Name: ReVoC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days

========== Processes (SafeList) ==========

PRC - C:\Users\ReVoC\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Google\Drive\googledrivesync.exe (Google)
PRC - C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe (Adobe Systems, Inc.)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)
PRC - C:\Programme\Ad-Aware Antivirus\AdAware.exe (Lavasoft Limited)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)
PRC - C:\Programme\pdf24\pdf24.exe (Geek Software GmbH)
PRC - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Programme\ASUS\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Programme\ASUS\ATK Media\DMedia.exe (ASUS)
PRC - C:\Programme\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Programme\ASUS\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Programme\ASUS\ATK Hotkey\AsLdrSrv.exe (ASUS)
PRC - C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
PRC - C:\Programme\ASUS\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Programme\ASUS\ATK Hotkey\KBFiltr.exe (ASUS)
PRC - C:\Programme\ASUS\ASUS Live Update\ALU.exe ()
PRC - C:\Programme\ASUS\NB Probe\SPM\spmgr.exe ()
PRC - C:\Programme\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Programme\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)

========== Modules (No Company Name) ==========

MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\win32api.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\_elementtree.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\_socket.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\windows._cacheinvalidation.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\wx._gdi_.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\wx._misc_.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\_ssl.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\pysqlite2._sqlite.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\pythoncom26.dll ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\win32com.shell.shell.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\win32security.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\pywintypes26.dll ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\_ctypes.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\wx._html2.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\win32process.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\win32ts.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\win32pdh.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\win32profile.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\win32crypt.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\wx._core_.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\wx._windows_.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\_hashlib.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\wx._wizard.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\win32file.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\win32inet.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\wx._controls_.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\unicodedata.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\pyexpat.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\win32event.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\select.pyd ()
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
MOD - C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - \\?\globalroot\systemroot\system32\mswsock.DLL ()
MOD - \\.\globalroot\systemroot\system32\mswsock.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Programme\ASUS\ASUS Live Update\ALU.exe ()
MOD - C:\Programme\Common Files\microsoft shared\Web Folders\1031\NSEXTINT.DLL ()

========== Services (SafeList) ==========

SRV - (MySQL) -- C:\Users\ReVoC\Drachenboot\Nationalteam\xampp-win32-1.7.3\xampp\mysql\bin\mysqld.exe File not found
SRV - (Apache2.2) -- C:\Users\ReVoC\Drachenboot\Nationalteam\xampp-win32-1.7.3\xampp\apache\bin\httpd.exe File not found
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Ad-Aware Service) -- C:\Programme\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (SBAMSvc) -- C:\Programme\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (fsssvc) -- C:\Programme\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (ASLDRService) -- C:\Programme\ASUS\ATK Hotkey\AsLdrSrv.exe (ASUS)
SRV - (spmgr) -- C:\Programme\ASUS\NB Probe\SPM\spmgr.exe ()
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (Lbd) -- system32\DRIVERS\Lbd.sys File not found
DRV - (Lavasoft Kernexplorer) -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys File not found
DRV - (cpuz132) -- C:\Users\ReVoC\AppData\Local\Temp\cpuz132\cpuz132_x32.sys File not found
DRV - (Btcsrusb) -- System32\Drivers\btcusb.sys File not found
DRV - (BTCOMBUS) -- System32\Drivers\btcombus.sys File not found
DRV - (BTCOM) -- system32\DRIVERS\btcomport.sys File not found
DRV - (BT) -- system32\DRIVERS\btnetdrv.sys File not found
DRV - (a2jml2kf) -- File not found
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (LVUVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)
DRV - (SbFw) -- C:\Windows\System32\drivers\SbFw.sys (GFI Software)
DRV - (sbhips) -- C:\Windows\System32\drivers\sbhips.sys (GFI Software)
DRV - (sbwtis) -- C:\Windows\System32\drivers\sbwtis.sys (GFI Software)
DRV - (sbapifs) -- C:\Windows\System32\drivers\sbapifs.sys (GFI Software)
DRV - (SBRE) -- C:\Windows\System32\drivers\SBREDrv.sys (GFI Software)
DRV - (SBFWIMCLMP) -- C:\Windows\System32\drivers\SbFwIm.sys (GFI Software)
DRV - (SBFWIMCL) -- C:\Windows\System32\drivers\SbFwIm.sys (GFI Software)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ASUS)
DRV - (ghaio) -- C:\Programme\ASUS\NB Probe\SPM\ghaio.sys ()
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (btnetBUs) -- C:\Windows\System32\drivers\btnetBus.sys ()
DRV - (IvtBtBUs) -- C:\Windows\System32\drivers\IvtBtBus.sys (IVT Corporation.)
DRV - (BtHidBus) -- C:\Windows\System32\drivers\BtHidBus.sys (IVT Corporation.)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (NETw5s32) -- C:\Windows\System32\drivers\NETw5s32.sys (Intel Corporation)
DRV - (BthAvrcp) -- C:\Windows\System32\drivers\BthAvrcp.sys (CSR, plc)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.)
DRV - (netw5v32) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (KMWDFILTERx86) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\URLSearchHook: {a51a36e6-31e7-4838-9ff7-76298b527ec0} - C:\Programme\softonic-Germany\tbsoft.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E0 40 AF 09 FD BC CC 01 [binary data]
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {a51a36e6-31e7-4838-9ff7-76298b527ec0} - C:\Programme\softonic-Germany\tbsoft.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {E6B4A756-D977-41A6-9491-4EFFAD6FD025}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.claro-search.com/?q={searchTerms}&affID=116198&tt=4112_8&babsrc=SP_ss&mntrId=4e7998d500000000000000215dc56eaf
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = hxxp://www.daemon-search.com/search/web?q={searchTerms}
IE - HKCU\..\SearchScopes\{E6B4A756-D977-41A6-9491-4EFFAD6FD025}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B582195F5-92E7-40a0-A127-DB71295901D7%7D:0.6.4.1
FF - prefs.js..extensions.enabledAddons: firefox%40facebook.com:1.8.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ReVoC\AppData\Local\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ReVoC\AppData\Local\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.10.28 19:59:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.11.09 11:32:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.02 15:42:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.11.09 11:32:58 | 000,000,000 | ---D | M]

[2012.12.02 17:24:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ReVoC\AppData\Roaming\mozilla\Extensions
[2012.10.20 19:22:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ReVoC\AppData\Roaming\mozilla\Firefox\Profiles\4ppqjtgb.default\extensions
[2012.10.20 19:22:29 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\ReVoC\AppData\Roaming\mozilla\Firefox\Profiles\4ppqjtgb.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.12.02 17:28:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ReVoC\AppData\Roaming\mozilla\Firefox\Profiles\9o5s2p34.default\extensions
[2012.12.02 17:28:14 | 000,319,802 | ---- | M] () (No name found) -- C:\Users\ReVoC\AppData\Roaming\mozilla\firefox\profiles\9o5s2p34.default\extensions\firefox@facebook.com.xpi
[2012.12.02 17:28:14 | 000,242,709 | ---- | M] () (No name found) -- C:\Users\ReVoC\AppData\Roaming\mozilla\firefox\profiles\9o5s2p34.default\extensions\{582195F5-92E7-40a0-A127-DB71295901D7}.xpi
[2012.12.02 15:42:04 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.11.29 09:26:57 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.11.29 10:19:31 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.11.29 10:19:31 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.11.29 10:19:31 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.11.29 10:19:32 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.11.29 10:19:31 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.11.29 10:19:31 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google

riginalQueryForSuggestion}{google:assistedQueryStats}{google:se archFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\ReVoC\AppData\Local\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\ReVoC\AppData\Local\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\ReVoC\AppData\Local\Google\Chrome\Application\23.0.1271.95\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Users\ReVoC\AppData\Local\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Java Deployment Toolkit 6.0.350.10 (Enabled) = C:\Windows\system32\npdeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Google Drive = C:\Users\ReVoC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\ReVoC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\ReVoC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google Kalender = C:\Users\ReVoC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: Any.DO = C:\Users\ReVoC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdadialhpiikehpdeejjeiikopddkjem\1.0.0.82_0\
CHR - Extension: Google Maps = C:\Users\ReVoC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: Google Mail-Checker = C:\Users\ReVoC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Facebook Notifications = C:\Users\ReVoC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo\1.27_0\
CHR - Extension: Android\u2122 for Google Chrome\u2122 = C:\Users\ReVoC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pafpbplbbeehhfhdfdnkgpflkfikechf\1.5_0\
CHR - Extension: Google Mail = C:\Users\ReVoC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (softonic-Germany Toolbar) - {a51a36e6-31e7-4838-9ff7-76298b527ec0} - C:\Programme\softonic-Germany\tbsoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (softonic-Germany Toolbar) - {a51a36e6-31e7-4838-9ff7-76298b527ec0} - C:\Programme\softonic-Germany\tbsoft.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-Germany Toolbar) - {A51A36E6-31E7-4838-9FF7-76298B527EC0} - C:\Programme\softonic-Germany\tbsoft.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Programme\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Programme\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Programme\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PDFPrint] C:\Programme\pdf24\pdf24.exe (Geek Software GmbH)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EPSON SX410 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIFCE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe File not found
O4 - Startup: C:\Users\ReVoC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\ReVoC\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Programme\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Programme\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 193.189.244.194 193.189.244.202
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A3437FB6-1A12-47F7-8DFB-CBA9E0FA8956}: DhcpNameServer = 192.168.1.1 193.189.244.194 193.189.244.202
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.10.17 13:32:17 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [1999.09.25 17:28:22 | 000,000,971 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{eb21b692-7579-11df-b588-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{eb21b692-7579-11df-b588-806e6f6e6963}\Shell\AutoRun\command - "" = D:\aoesetup.exe -- [1999.09.15 01:47:34 | 000,585,790 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{eb21b692-7579-11df-b588-806e6f6e6963}\Shell\directx\command - "" = D:\DIRECTX\DXSETUP.EXE -- [1999.01.09 04:10:00 | 000,096,768 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{eb21b692-7579-11df-b588-806e6f6e6963}\Shell\dplay\command - "" = D:\DIRECTX\DPLAY61A.EXE -- [1999.06.19 01:35:30 | 000,485,600 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{eb21b692-7579-11df-b588-806e6f6e6963}\Shell\dxdiag\command - "" = D:\GOODIES\AR40DEU.EXE -- [1999.06.29 17:17:26 | 005,994,880 | R--- | M] (InstallShield Software Corporation)
O33 - MountPoints2\{eb21b692-7579-11df-b588-806e6f6e6963}\Shell\dxinfo\command - "" = D:\GOODIES\DIRECTX\DXINFO.EXE -- [1997.07.15 10:00:00 | 000,299,520 | R--- | M] (Microsoft Corp.)
O33 - MountPoints2\{eb21b692-7579-11df-b588-806e6f6e6963}\Shell\dxtest\command - "" = D:\DIRECTX\DXDIAG.EXE -- [1999.01.09 04:10:00 | 001,253,648 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{eb21b692-7579-11df-b588-806e6f6e6963}\Shell\dxtool\command - "" = D:\GOODIES\DIRECTX\DXTOOL.EXE -- [1997.07.15 10:00:00 | 000,033,280 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{eb21b692-7579-11df-b588-806e6f6e6963}\Shell\log\command - "" = D:\goodies\machine\machine.exe -- [1999.08.17 23:05:36 | 000,208,896 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{eb21b692-7579-11df-b588-806e6f6e6963}\Shell\machine\command - "" = D:\GOODIES\MACHINE\MACHINE.EXE -- [1999.08.17 23:05:36 | 000,208,896 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{eb21b692-7579-11df-b588-806e6f6e6963}\Shell\setup\command - "" = D:\aoesetup.exe -- [1999.09.15 01:47:34 | 000,585,790 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{eb21b692-7579-11df-b588-806e6f6e6963}\Shell\zone\command - "" = D:\GOODIES\MSZONE\ZONEA600.EXE -- [1999.09.02 01:16:04 | 006,753,985 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 90 Days ==========

[2012.12.02 17:24:36 | 000,000,000 | ---D | C] -- C:\Users\ReVoC\AppData\Local\Macromedia
[2012.12.02 15:42:06 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.12.02 15:42:00 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.12.02 15:36:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.12.02 09:21:40 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012.12.02 09:21:39 | 000,000,000 | ---D | C] -- C:\Users\ReVoC\AppData\Roaming\Malwarebytes
[2012.12.02 09:21:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.12.02 09:21:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.12.02 09:21:21 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.12.02 09:21:21 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.12.01 23:05:46 | 000,000,000 | ---D | C] -- C:\Users\ReVoC\Desktop\Bilder
[2012.11.30 21:16:03 | 000,000,000 | ---D | C] -- C:\e0fac7fd6a6a7d61dc
[2012.11.30 20:46:43 | 000,000,000 | ---D | C] -- C:\e7a10bfe69cfd0eda0ba04a19f002677
[2012.11.30 20:36:56 | 000,000,000 | ---D | C] -- C:\Users\ReVoC\AppData\Roaming\JDownloaderDownloadAcceleratorPackages
[2012.11.30 20:36:51 | 000,000,000 | ---D | C] -- C:\646991caab469352bf828136ef
[2012.11.30 20:34:01 | 000,000,000 | ---D | C] -- C:\Program Files\DownloadManager
[2012.11.30 19:33:16 | 000,000,000 | ---D | C] -- C:\0f6c2fc4b3351ece9383c64f0b0cc5e6
[2012.11.30 19:28:54 | 000,000,000 | ---D | C] -- C:\02a36b485b7b8eede66605
[2012.11.30 19:19:16 | 000,000,000 | ---D | C] -- C:\6188b5e97f03362a69f9
[2012.11.30 19:15:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.11.30 19:15:04 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.11.30 19:15:02 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.11.30 19:15:02 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2012.11.30 18:59:42 | 000,000,000 | ---D | C] -- C:\Users\ReVoC\AppData\Roaming\Autodesk
[2012.11.30 18:59:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Autodesk
[2012.11.25 17:26:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012.11.25 17:25:34 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2012.11.25 17:08:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
[2012.11.25 17:07:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games
[2012.11.23 19:53:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012.11.23 19:53:07 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2012.11.22 21:40:23 | 000,000,000 | ---D | C] -- C:\Users\ReVoC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.11.11 16:47:44 | 000,000,000 | ---D | C] -- C:\Program Files\AOE 2
[2012.11.09 13:12:37 | 000,000,000 | ---D | C] -- C:\Users\ReVoC\AppData\Local\{EF636DFC-FAF7-4DCE-98CB-1646896CDAE7}
[2012.11.09 13:11:46 | 000,000,000 | ---D | C] -- C:\Users\ReVoC\Tracing
[2012.11.09 11:40:46 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2012.11.09 11:36:11 | 000,000,000 | ---D | C] -- C:\Users\ReVoC\AppData\Roaming\HP
[2012.11.09 11:34:08 | 000,000,000 | ---D | C] -- C:\Users\ReVoC\AppData\Local\HP
[2012.11.09 11:33:20 | 000,000,000 | ---D | C] -- C:\Users\ReVoC\AppData\Roaming\Yahoo!
[2012.11.09 11:30:14 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2012.11.09 11:29:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2012.11.09 11:27:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
[2012.11.09 11:26:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2012.11.09 11:23:00 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2012.11.09 11:16:38 | 000,452,408 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hpzids01.dll
[2012.11.09 11:10:05 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2012.11.08 21:12:10 | 000,000,000 | ---D | C] -- C:\Users\ReVoC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012.10.28 20:00:54 | 000,000,000 | ---D | C] -- C:\Users\ReVoC\AppData\Local\DDMSettings
[2012.10.28 19:58:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2012.10.28 19:58:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2012.10.25 03:12:26 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx
[2012.10.25 03:12:26 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts
[2012.10.24 07:59:15 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2012.10.24 07:51:55 | 000,696,760 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.10.24 06:56:45 | 000,000,000 | ---D | C] -- C:\Users\ReVoC\Documents\Euro Truck Simulator 2
[2012.10.17 13:32:09 | 000,000,000 | ---D | C] -- C:\Autodesk
[2012.10.10 07:23:28 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012.10.10 07:22:42 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2012.10.10 07:22:41 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012.10.10 07:22:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.10 07:22:39 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.10 07:22:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2012.10.10 07:22:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2012.10.10 07:22:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.10 07:22:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.10 07:22:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2012.10.10 07:22:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.10 07:22:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2012.10.10 07:22:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.10 07:22:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2012.10.10 07:22:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.10 07:22:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.10 07:22:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2012.10.10 07:22:37 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2012.10.10 07:22:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2012.10.10 07:22:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2012.10.10 07:22:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.10 07:22:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.10 07:22:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.10 07:22:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2012.10.10 07:22:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.10 07:22:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.10 07:22:32 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2012.10.10 07:22:32 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.10 07:22:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2012.10.10 07:22:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2012.10.10 07:22:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2012.10.10 07:22:16 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012.10.10 07:22:15 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012.10.08 12:44:01 | 000,157,680 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012.10.08 12:44:01 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012.10.08 12:44:01 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012.10.08 07:24:50 | 000,000,000 | ---D | C] -- C:\Users\ReVoC\picture
[2012.09.26 07:11:58 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OxpsConverter.exe
[2012.09.22 07:33:58 | 000,627,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.09.22 07:33:52 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.09.22 07:33:48 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.09.22 07:33:46 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.09.22 07:33:45 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.09.12 08:47:16 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2012.09.12 08:47:14 | 000,240,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2012.09.12 08:47:14 | 000,187,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2012.09.12 08:47:13 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll

========== Files - Modified Within 90 Days ==========

[2012.12.02 20:30:03 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.02 20:24:02 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.12.02 19:41:02 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1948288846-1025835670-3159353792-1000UA.job
[2012.12.02 18:15:27 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012.12.02 16:55:06 | 000,013,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.02 16:55:06 | 000,013,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.02 16:51:51 | 000,654,280 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.12.02 16:51:51 | 000,616,122 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.12.02 16:51:51 | 000,130,120 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.12.02 16:51:51 | 000,106,502 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.12.02 16:47:21 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.02 16:47:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.02 16:46:56 | 459,821,096 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.12.02 16:46:52 | 2415,218,688 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.02 16:20:32 | 000,000,324 | ---- | M] () -- C:\Windows\wininit.ini
[2012.12.02 15:42:09 | 000,001,112 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.12.02 15:36:13 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.12.02 15:35:01 | 000,001,833 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2012.12.02 09:21:24 | 000,001,078 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.12.01 21:41:01 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1948288846-1025835670-3159353792-1000Core.job
[2012.11.30 20:45:41 | 000,002,495 | ---- | M] () -- C:\Users\ReVoC\Desktop\Google Chrome.lnk
[2012.11.30 19:15:55 | 000,001,760 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.11.29 19:14:17 | 000,206,405 | ---- | M] () -- C:\Users\ReVoC\Desktop\Unbenannt.jpg
[2012.11.25 17:26:50 | 000,001,907 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012.11.25 17:08:23 | 000,002,135 | ---- | M] () -- C:\Users\Public\Desktop\Age of Empires II.lnk
[2012.11.23 19:53:18 | 000,001,822 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012.11.12 08:26:40 | 000,000,125 | -HS- | M] () -- C:\ProgramData\.zreglib
[2012.11.11 22:29:19 | 000,386,784 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.11.09 11:35:09 | 000,245,504 | ---- | M] () -- C:\Windows\hpoins19.dat
[2012.11.09 11:32:29 | 000,002,132 | ---- | M] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
[2012.11.09 11:30:07 | 000,001,316 | ---- | M] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2012.11.09 11:29:42 | 000,001,154 | ---- | M] () -- C:\Users\Public\Desktop\Shop für HP Zubehör.lnk
[2012.11.09 11:28:48 | 000,002,076 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2012.10.25 03:12:26 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx
[2012.10.25 03:12:26 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts
[2012.10.24 10:33:19 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.10.24 10:33:19 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.10.20 19:22:17 | 000,001,367 | ---- | M] () -- C:\Users\ReVoC\Desktop\Free YouTube to MP3 Converter.lnk
[2012.10.17 13:43:06 | 000,000,438 | ---- | M] () -- C:\Windows\System32\WSCConfig.xml
[2012.10.08 07:16:27 | 000,000,098 | ---- | M] () -- C:\user.js
[2012.09.29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.09.23 17:07:23 | 000,001,713 | ---- | M] () -- C:\Users\ReVoC\Desktop\Google Drive.lnk
[2012.09.14 19:28:53 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll

========== Files Created - No Company Name ==========

[2012.12.02 16:20:19 | 000,000,324 | ---- | C] () -- C:\Windows\wininit.ini
[2012.12.02 15:42:09 | 000,001,124 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.12.02 15:42:09 | 000,001,112 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.12.02 09:21:24 | 000,001,078 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.11.30 19:15:55 | 000,001,760 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.11.29 19:14:17 | 000,206,405 | ---- | C] () -- C:\Users\ReVoC\Desktop\Unbenannt.jpg
[2012.11.25 17:26:50 | 000,001,907 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012.11.25 17:08:23 | 000,002,135 | ---- | C] () -- C:\Users\Public\Desktop\Age of Empires II.lnk
[2012.11.23 19:53:18 | 000,001,822 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012.11.22 21:40:37 | 000,002,495 | ---- | C] () -- C:\Users\ReVoC\Desktop\Google Chrome.lnk
[2012.11.22 21:36:36 | 000,001,120 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1948288846-1025835670-3159353792-1000UA.job
[2012.11.22 21:36:31 | 000,001,068 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1948288846-1025835670-3159353792-1000Core.job
[2012.11.09 11:32:29 | 000,002,132 | ---- | C] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
[2012.11.09 11:30:43 | 000,001,034 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
[2012.11.09 11:30:07 | 000,001,316 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2012.11.09 11:29:42 | 000,001,154 | ---- | C] () -- C:\Users\Public\Desktop\Shop für HP Zubehör.lnk
[2012.11.09 11:28:48 | 000,002,076 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2012.11.09 11:21:51 | 000,245,504 | ---- | C] () -- C:\Windows\hpoins19.dat
[2012.11.09 11:21:51 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2012.10.24 07:51:57 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.17 13:43:06 | 000,000,438 | ---- | C] () -- C:\Windows\System32\WSCConfig.xml
[2012.10.08 07:16:27 | 000,000,098 | ---- | C] () -- C:\user.js
[2012.01.18 05:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2012.01.18 05:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2012.01.18 05:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2012.01.18 05:22:54 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2011.11.14 22:33:58 | 000,000,000 | ---- | C] () -- C:\Users\ReVoC\AppData\Local\{B1BFBF63-41AC-49E9-8A97-0F2711F2A8F6}
[2011.11.13 14:45:06 | 000,000,000 | ---- | C] () -- C:\Users\ReVoC\AppData\Local\{EA4E2F5D-9F56-4F28-8211-02A6546C1F85}
[2011.08.14 15:12:41 | 000,045,573 | -H-- | C] () -- C:\Users\ReVoC\userdiff.sav
[2011.06.24 07:25:04 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.05.29 21:16:34 | 002,681,344 | ---- | C] () -- C:\Windows\System32\dvmsg.dll
[2011.05.03 16:13:37 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011.05.03 16:13:37 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011.05.01 21:44:18 | 000,007,599 | ---- | C] () -- C:\Users\ReVoC\AppData\Local\Resmon.ResmonCfg
[2011.04.16 20:07:11 | 000,024,576 | ---- | C] () -- C:\Windows\UniFISH.exe
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.03.21 12:22:06 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011.03.02 23:57:40 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.03.02 23:57:40 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.03.02 23:57:40 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.03.02 23:57:40 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011.02.23 15:56:32 | 000,005,632 | ---- | C] () -- C:\Users\ReVoC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.26 08:25:02 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini
[2010.12.23 21:56:01 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.07.25 18:56:05 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

========== ZeroAccess Check ==========

[2012.11.30 22:52:12 | 000,000,082 | ---- | M] () -- C:\Windows\$NtUninstallKB4026$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BACHCBMJ\t.cxt.ms\lso.swf\u.sol
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2010.07.24 08:53:14 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\AD ON Multimedia
[2012.08.22 16:08:16 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\Ad-Aware Antivirus
[2012.11.30 18:59:42 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\Autodesk
[2012.11.26 08:22:44 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\DAEMON Tools Lite
[2012.10.20 19:22:39 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\DVDVideoSoft
[2012.07.22 08:21:55 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.12.09 20:42:37 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\EPSON
[2011.02.25 14:38:16 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\GetRightToGo
[2011.02.28 15:39:42 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\GHISLER
[2012.12.02 20:27:38 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\ICQ
[2012.11.30 20:36:56 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\JDownloaderDownloadAcceleratorPackages
[2011.12.26 11:47:27 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\Leadertech
[2010.09.19 14:51:16 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\MAGIX
[2011.09.09 11:24:22 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\Mp3tag
[2010.08.25 19:31:00 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\NCH Swift Sound
[2010.12.25 17:46:36 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\Red Alert 3
[2010.07.20 14:27:25 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\runic games
[2012.07.09 18:58:36 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\Samsung
[2011.02.01 23:25:35 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\simfy-VZ-edition
[2010.12.26 14:00:04 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\Synaptics
[2012.07.09 18:48:34 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\Temp
[2012.10.28 10:55:00 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\Tobit
[2012.03.17 08:32:31 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\uTorrent
[2011.03.27 10:16:59 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\WEB.DE

========== Purity Check ==========

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\$NtUninstallKB4026$] -> Error: Cannot create file handle -> Unknown point type

< End of report >

OTL-Extra
OTL Extras logfile created on: 02.12.2012 20:25:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ReVoC\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 0,94 Gb Available Physical Memory | 31,22% Memory free
6,00 Gb Paging File | 3,65 Gb Available in Paging File | 60,85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286,37 Gb Total Space | 119,03 Gb Free Space | 41,57% Space Free | Partition Type: NTFS
Drive D: | 327,26 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: REVOC-PC | User Name: ReVoC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== Firewall Settings ==========

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4800_series" = Canon iP4800 series Printer Driver
"{14ECAABB-C8B9-4A09-92F7-CDF1A45B6DDE}" = Google Drive
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1B6C0E95-182C-48E0-9C4B-4F916308249C}" = iTunes
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 35
"{2b12a4e9-c782-45ef-801e-abd0a08d3d8d}" = Ad-Aware Antivirus
"{2B4E24A0-A06F-488D-87D8-16738E5E1104}" = Windows Live Family Safety
"{2E87F4AB-99BF-421C-AF7B-365A9C08549A}" = F300
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5U8xx Media Driver ver.3.62.02
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5E6D6161-5509-4f55-9372-1E01792F843A}" = F300_Help
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{70C592EC-AE9B-4734-928B-676E824FB41E}" = MFC RunTime files
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network
"{7644E42D-B096-457F-8B5B-901238FC81AE}" = ICQ7.6
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.1.2
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{953AA732-9AFB-49C9-84A4-7F96CA0A08DA}" = SweetPacks bundle uninstaller
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{A0C9DF2B-89B5-4483-8983-18A68200F1B4}" = SweetIM for Messenger 3.7
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.3 - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B28B351F-1232-46EA-85EF-B8EA91641031}" = Nero 7 Essentials
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CCAFF072-4DDB-4846-963D-15F02A8E9472}" = Intel(R) PROSet/Wireless WiFi-Software
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F6AC5364-2FB7-437a-811A-D645F22AA6AC}" = F300Trb
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Age of Empires 2.0" = Microsoft Age of Empires II
"Avira AntiVir Desktop" = Avira Free Antivirus
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup" = DivX-Setup
"EPSON Scanner" = EPSON Scan
"Epson Stylus SX210_SX410_TX210_TX410 Benutzerhandbuch" = Epson Stylus SX210_SX410_TX210_TX410 Handbuch
"EPSON SX410 Series" = Druckerdeinstallation für EPSON SX410 Series
"FormatFactory" = FormatFactory 2.70
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.34.1015
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"MatlabR2011a" = MATLAB R2011a
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.49
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel PROSet Wireless
"Shop for HP Supplies" = Shop for HP Supplies
"softonic-Germany Toolbar" = softonic-Germany Toolbar
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uninstall_is1" = Uninstall 1.0.0.1
"USB 2.0 2.0M UVC WebCam" = USB 2.0 2.0M UVC WebCam
"VideoPad" = VideoPad Videobearbeitungs-Software
"WavePad" = WavePad Audiobearbeitungs-Software
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"JDownloader Download Accelerator Packages" = JDownloader Download Accelerator Packages

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 01.12.2012 10:49:51 | Computer Name = ReVoC-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 01.12.2012 10:49:51 | Computer Name = ReVoC-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6474

Error - 01.12.2012 10:49:51 | Computer Name = ReVoC-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6474

Error - 02.12.2012 09:29:42 | Computer Name = ReVoC-PC | Source = ESENT | ID = 490
Description = Catalog Database (1224) Catalog Database: Versuch, Datei "C:\Windows\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.

Error - 02.12.2012 09:29:42 | Computer Name = ReVoC-PC | Source = ESENT | ID = 439
Description = Catalog Database (1224) Catalog Database: Die Shadowkopfzeile für
Datei C:\Windows\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
konnte nicht geschrieben werden. Fehler -1032.

Error - 02.12.2012 09:29:47 | Computer Name = ReVoC-PC | Source = ESENT | ID = 473
Description = Catalog Database (1224) Catalog Database: Datenbank C:\Windows\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
wurde teilweise getrennt. Fehler -1032 beim Aktualisieren der Datenbankkopfzeilen.

Error - 02.12.2012 09:29:47 | Computer Name = ReVoC-PC | Source = ESENT | ID = 104
Description = Catalog Database (1224) Catalog Database: Das Datenbankmodul hat die
Instanz (0) mit dem Fehler (-1090) beendet.

Error - 02.12.2012 09:45:29 | Computer Name = ReVoC-PC | Source = System Restore | ID = 8206
Description =

Error - 02.12.2012 10:09:45 | Computer Name = ReVoC-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MAWebControl.exe, Version: 1.2.2007.1018,
Zeitstempel: 0x48d34dcd Name des fehlerhaften Moduls: MAWebControl.exe, Version:
1.2.2007.1018, Zeitstempel: 0x48d34dcd Ausnahmecode: 0xc0000005 Fehleroffset: 0x00005914
ID
des fehlerhaften Prozesses: 0x1774 Startzeit der fehlerhaften Anwendung: 0x01cdd096acf86b96
Pfad
der fehlerhaften Anwendung: C:\Program Files\MarkAny\ContentSafer\MAWebControl.exe
Pfad
des fehlerhaften Moduls: C:\Program Files\MarkAny\ContentSafer\MAWebControl.exe
Berichtskennung:
ebf3f937-3c89-11e2-ab69-00248c5ab665

Error - 02.12.2012 12:21:48 | Computer Name = ReVoC-PC | Source = Application Hang | ID = 1002
Description = Programm SpybotSD.exe, Version 1.6.2.46 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: ec8 Startzeit:
01cdd0a462606f4a Endzeit: 11 Anwendungspfad: C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe

Berichts-ID:

[ Media Center Events ]
Error - 11.12.2010 14:36:31 | Computer Name = ReVoC-PC | Source = MCUpdate | ID = 0
Description = 19:36:31 - Fehler beim Herstellen der Internetverbindung. 19:36:31
- Serververbindung konnte nicht hergestellt werden..

Error - 11.12.2010 14:36:38 | Computer Name = ReVoC-PC | Source = MCUpdate | ID = 0
Description = 19:36:37 - Fehler beim Herstellen der Internetverbindung. 19:36:37
- Serververbindung konnte nicht hergestellt werden..

Error - 11.12.2010 15:36:42 | Computer Name = ReVoC-PC | Source = MCUpdate | ID = 0
Description = 20:36:42 - Fehler beim Herstellen der Internetverbindung. 20:36:42
- Serververbindung konnte nicht hergestellt werden..

Error - 11.12.2010 15:36:48 | Computer Name = ReVoC-PC | Source = MCUpdate | ID = 0
Description = 20:36:47 - Fehler beim Herstellen der Internetverbindung. 20:36:47
- Serververbindung konnte nicht hergestellt werden..

Error - 11.12.2010 16:36:53 | Computer Name = ReVoC-PC | Source = MCUpdate | ID = 0
Description = 21:36:53 - Fehler beim Herstellen der Internetverbindung. 21:36:53
- Serververbindung konnte nicht hergestellt werden..

Error - 11.12.2010 16:36:59 | Computer Name = ReVoC-PC | Source = MCUpdate | ID = 0
Description = 21:36:58 - Fehler beim Herstellen der Internetverbindung. 21:36:58
- Serververbindung konnte nicht hergestellt werden..

Error - 19.12.2010 02:41:26 | Computer Name = ReVoC-PC | Source = MCUpdate | ID = 0
Description = 07:41:26 - Fehler beim Herstellen der Internetverbindung. 07:41:26
- Serververbindung konnte nicht hergestellt werden..

Error - 19.12.2010 02:41:41 | Computer Name = ReVoC-PC | Source = MCUpdate | ID = 0
Description = 07:41:31 - Fehler beim Herstellen der Internetverbindung. 07:41:31
- Serververbindung konnte nicht hergestellt werden..

Error - 19.12.2010 03:41:51 | Computer Name = ReVoC-PC | Source = MCUpdate | ID = 0
Description = 08:41:51 - Fehler beim Herstellen der Internetverbindung. 08:41:51
- Serververbindung konnte nicht hergestellt werden..

Error - 19.12.2010 03:41:57 | Computer Name = ReVoC-PC | Source = MCUpdate | ID = 0
Description = 08:41:56 - Fehler beim Herstellen der Internetverbindung. 08:41:56
- Serververbindung konnte nicht hergestellt werden..

[ OSession Events ]
Error - 17.11.2010 04:16:19 | Computer Name = ReVoC-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 368
seconds with 60 seconds of active time. This session ended with a crash.

Error - 23.11.2012 09:43:52 | Computer Name = ReVoC-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 358
seconds with 60 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 02.12.2012 11:47:16 | Computer Name = ReVoC-PC | Source = Service Control Manager | ID = 7003
Description = Der Dienst "IKE- und AuthIP IPsec-Schlüsselerstellungsmodule" ist
von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.

Error - 02.12.2012 11:47:16 | Computer Name = ReVoC-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "MySQL" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error - 02.12.2012 11:47:16 | Computer Name = ReVoC-PC | Source = Service Control Manager | ID = 7003
Description = Der Dienst "IPsec-Richtlinien-Agent" ist von folgendem Dienst abhängig:
BFE. Dieser Dienst ist eventuell nicht installiert.

Error - 02.12.2012 11:47:39 | Computer Name = ReVoC-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
Lbd

Error - 02.12.2012 13:27:41 | Computer Name = ReVoC-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error - 02.12.2012 13:27:47 | Computer Name = ReVoC-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error - 02.12.2012 13:27:54 | Computer Name = ReVoC-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error - 02.12.2012 13:28:00 | Computer Name = ReVoC-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error - 02.12.2012 13:28:07 | Computer Name = ReVoC-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error - 02.12.2012 13:28:13 | Computer Name = ReVoC-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

< End of report >

Anti_Malware

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.12.02.02

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
ReVoC :: REVOC-PC [Administrator]

02.12.2012 18:15:43
mbam-log-2012-12-03 (04-12-01).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 592059
Laufzeit: 6 Stunde(n), 3 Minute(n), 48 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\ReVoC\Downloads\SoftonicDownloader_fuer_extensoft-free-video-converter.exe (PUP.OfferBundler.ST) -> Keine Aktion durchgeführt.

(Ende)

markusg · 04.12.2012, 13:37

hi
Softonic bitte nicht mehr nutzen!
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten

ReVoC · 04.12.2012, 14:07

Hallo markusg,

Danke für deine schnelle Antwort.
Ich habe mein PC mit tdss Killer gescannt.

Hier der Report:

13:54:26.0777 7012 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
13:54:27.0271 7012 ============================================================
13:54:27.0271 7012 Current date / time: 2012/12/04 13:54:27.0271
13:54:27.0271 7012 SystemInfo:
13:54:27.0271 7012
13:54:27.0271 7012 OS Version: 6.1.7601 ServicePack: 1.0
13:54:27.0271 7012 Product type: Workstation
13:54:27.0271 7012 ComputerName: REVOC-PC
13:54:27.0271 7012 UserName: ReVoC
13:54:27.0271 7012 Windows directory: C:\Windows
13:54:27.0271 7012 System windows directory: C:\Windows
13:54:27.0271 7012 Processor architecture: Intel x86
13:54:27.0271 7012 Number of processors: 2
13:54:27.0271 7012 Page size: 0x1000
13:54:27.0271 7012 Boot type: Normal boot
13:54:27.0271 7012 ============================================================
13:54:28.0842 7012 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:54:28.0845 7012 ============================================================
13:54:28.0845 7012 \Device\Harddisk0\DR0:
13:54:28.0846 7012 MBR partitions:
13:54:28.0846 7012 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1771000, BlocksNum 0x23CBD000
13:54:28.0846 7012 ============================================================
13:54:28.0916 7012 C: <-> \Device\Harddisk0\DR0\Partition1
13:54:28.0917 7012 ============================================================
13:54:28.0917 7012 Initialize success
13:54:28.0917 7012 ============================================================
13:55:18.0179 2632 ============================================================
13:55:18.0179 2632 Scan started
13:55:18.0179 2632 Mode: Manual; SigCheck; TDLFS;
13:55:18.0180 2632 ============================================================
13:55:20.0515 2632 ================ Scan system memory ========================
13:55:20.0515 2632 System memory - ok
13:55:20.0516 2632 ================ Scan services =============================
13:55:20.0728 2632 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:55:20.0889 2632 1394ohci - ok
13:55:20.0922 2632 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:55:20.0945 2632 ACPI - ok
13:55:20.0986 2632 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:55:21.0112 2632 AcpiPmi - ok
13:55:21.0212 2632 [ AF9658974154C3B6A333D86DC2E0AAC8 ] Ad-Aware Service C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
13:55:21.0256 2632 Ad-Aware Service - ok
13:55:21.0316 2632 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:55:21.0332 2632 AdobeFlashPlayerUpdateSvc - ok
13:55:21.0395 2632 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:55:21.0501 2632 adp94xx - ok
13:55:21.0532 2632 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:55:21.0584 2632 adpahci - ok
13:55:21.0609 2632 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:55:21.0686 2632 adpu320 - ok
13:55:21.0725 2632 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:55:21.0807 2632 AeLookupSvc - ok
13:55:21.0896 2632 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
13:55:22.0054 2632 AFD - ok
13:55:22.0090 2632 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
13:55:22.0154 2632 agp440 - ok
13:55:22.0254 2632 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
13:55:22.0288 2632 aic78xx - ok
13:55:22.0343 2632 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
13:55:22.0435 2632 ALG - ok
13:55:22.0472 2632 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
13:55:22.0550 2632 aliide - ok
13:55:22.0574 2632 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
13:55:22.0647 2632 amdagp - ok
13:55:22.0668 2632 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
13:55:22.0757 2632 amdide - ok
13:55:22.0793 2632 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:55:22.0922 2632 AmdK8 - ok
13:55:22.0930 2632 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:55:23.0045 2632 AmdPPM - ok
13:55:23.0083 2632 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:55:23.0160 2632 amdsata - ok
13:55:23.0217 2632 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:55:23.0277 2632 amdsbs - ok
13:55:23.0331 2632 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:55:23.0461 2632 amdxata - ok
13:55:23.0549 2632 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
13:55:23.0566 2632 AntiVirSchedulerService - ok
13:55:23.0604 2632 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
13:55:23.0619 2632 AntiVirService - ok
13:55:23.0752 2632 Apache2.2 - ok
13:55:23.0818 2632 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
13:55:24.0017 2632 AppID - ok
13:55:24.0052 2632 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:55:24.0234 2632 AppIDSvc - ok
13:55:24.0297 2632 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
13:55:24.0350 2632 Appinfo - ok
13:55:24.0476 2632 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:55:24.0488 2632 Apple Mobile Device - ok
13:55:24.0543 2632 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
13:55:24.0705 2632 AppMgmt - ok
13:55:24.0733 2632 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
13:55:24.0802 2632 arc - ok
13:55:24.0817 2632 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
13:55:24.0895 2632 arcsas - ok
13:55:24.0984 2632 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
13:55:25.0021 2632 ASLDRService - ok
13:55:25.0046 2632 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:55:25.0212 2632 AsyncMac - ok
13:55:25.0268 2632 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
13:55:25.0283 2632 atapi - ok
13:55:25.0352 2632 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:55:25.0430 2632 AudioEndpointBuilder - ok
13:55:25.0461 2632 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
13:55:25.0498 2632 Audiosrv - ok
13:55:25.0573 2632 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
13:55:25.0725 2632 avgntflt - ok
13:55:25.0818 2632 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
13:55:25.0900 2632 avipbb - ok
13:55:25.0953 2632 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
13:55:26.0049 2632 avkmgr - ok
13:55:26.0135 2632 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:55:26.0355 2632 AxInstSV - ok
13:55:26.0389 2632 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
13:55:26.0613 2632 b06bdrv - ok
13:55:26.0637 2632 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
13:55:26.0734 2632 b57nd60x - ok
13:55:26.0777 2632 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
13:55:26.0889 2632 BDESVC - ok
13:55:26.0917 2632 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
13:55:27.0031 2632 Beep - ok
13:55:27.0048 2632 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:55:27.0102 2632 blbdrive - ok
13:55:27.0242 2632 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:55:27.0268 2632 Bonjour Service - ok
13:55:27.0287 2632 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:55:27.0413 2632 bowser - ok
13:55:27.0447 2632 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:55:27.0591 2632 BrFiltLo - ok
13:55:27.0608 2632 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:55:27.0709 2632 BrFiltUp - ok
13:55:27.0751 2632 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
13:55:27.0804 2632 Browser - ok
13:55:27.0826 2632 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:55:27.0940 2632 Brserid - ok
13:55:27.0959 2632 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:55:28.0007 2632 BrSerWdm - ok
13:55:28.0033 2632 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:55:28.0121 2632 BrUsbMdm - ok
13:55:28.0186 2632 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:55:28.0269 2632 BrUsbSer - ok
13:55:28.0285 2632 BT - ok
13:55:28.0293 2632 BTCOM - ok
13:55:28.0306 2632 BTCOMBUS - ok
13:55:28.0332 2632 Btcsrusb - ok
13:55:28.0373 2632 [ DB99076533FFB38CBEC8AC88E4535850 ] BthAvrcp C:\Windows\system32\DRIVERS\BthAvrcp.sys
13:55:28.0726 2632 BthAvrcp - ok
13:55:28.0772 2632 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
13:55:28.0949 2632 BthEnum - ok
13:55:28.0999 2632 [ DA9E15E55C33392D7DFD7F21116214BE ] BtHidBus C:\Windows\system32\Drivers\BtHidBus.sys
13:55:29.0034 2632 BtHidBus - ok
13:55:29.0048 2632 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
13:55:29.0154 2632 BTHMODEM - ok
13:55:29.0239 2632 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
13:55:29.0336 2632 BthPan - ok
13:55:29.0394 2632 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
13:55:29.0506 2632 BTHPORT - ok
13:55:29.0549 2632 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
13:55:29.0598 2632 bthserv - ok
13:55:29.0623 2632 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
13:55:29.0683 2632 BTHUSB - ok
13:55:29.0738 2632 [ 7BB8AC22BC9E6A1E7707DAECADA95CD9 ] btnetBUs C:\Windows\system32\Drivers\btnetBus.sys
13:55:29.0804 2632 btnetBUs - ok
13:55:29.0841 2632 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:55:29.0987 2632 cdfs - ok
13:55:30.0030 2632 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:55:30.0165 2632 cdrom - ok
13:55:30.0236 2632 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
13:55:30.0284 2632 CertPropSvc - ok
13:55:30.0326 2632 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:55:30.0382 2632 circlass - ok
13:55:30.0425 2632 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
13:55:30.0447 2632 CLFS - ok
13:55:30.0537 2632 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:55:30.0619 2632 clr_optimization_v2.0.50727_32 - ok
13:55:30.0748 2632 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:55:30.0800 2632 clr_optimization_v4.0.30319_32 - ok
13:55:30.0842 2632 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:55:30.0962 2632 CmBatt - ok
13:55:30.0992 2632 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:55:31.0063 2632 cmdide - ok
13:55:31.0157 2632 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
13:55:31.0263 2632 CNG - ok
13:55:31.0292 2632 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:55:31.0329 2632 Compbatt - ok
13:55:31.0364 2632 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
13:55:31.0456 2632 CompositeBus - ok
13:55:31.0491 2632 COMSysApp - ok
13:55:31.0573 2632 cpuz132 - ok
13:55:31.0597 2632 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
13:55:31.0692 2632 crcdisk - ok
13:55:31.0747 2632 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:55:31.0810 2632 CryptSvc - ok
13:55:31.0855 2632 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
13:55:31.0958 2632 CSC - ok
13:55:32.0010 2632 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
13:55:32.0055 2632 CscService - ok
13:55:32.0104 2632 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
13:55:32.0217 2632 DcomLaunch - ok
13:55:32.0262 2632 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
13:55:32.0338 2632 defragsvc - ok
13:55:32.0401 2632 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:55:32.0501 2632 DfsC - ok
13:55:32.0576 2632 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
13:55:32.0649 2632 Dhcp - ok
13:55:32.0683 2632 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
13:55:32.0793 2632 discache - ok
13:55:32.0825 2632 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
13:55:32.0842 2632 Disk - ok
13:55:32.0875 2632 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:55:32.0921 2632 Dnscache - ok
13:55:32.0971 2632 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
13:55:33.0093 2632 dot3svc - ok
13:55:33.0224 2632 [ B5E479EB83707DD698F66953E922042C ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
13:55:33.0356 2632 Dot4 - ok
13:55:33.0410 2632 [ CAEFD09B6A6249C53A67D55A9A9FCABF ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
13:55:33.0492 2632 Dot4Print - ok
13:55:33.0526 2632 [ CF491FF38D62143203C065260567E2F7 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
13:55:33.0571 2632 dot4usb - ok
13:55:33.0618 2632 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
13:55:33.0690 2632 DPS - ok
13:55:33.0726 2632 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:55:33.0813 2632 drmkaud - ok
13:55:33.0864 2632 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:55:33.0979 2632 DXGKrnl - ok
13:55:34.0015 2632 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
13:55:34.0074 2632 EapHost - ok
13:55:34.0223 2632 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
13:55:34.0452 2632 ebdrv - ok
13:55:34.0493 2632 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
13:55:34.0575 2632 EFS - ok
13:55:34.0661 2632 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:55:34.0824 2632 ehRecvr - ok
13:55:34.0877 2632 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
13:55:35.0008 2632 ehSched - ok
13:55:35.0049 2632 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
13:55:35.0134 2632 elxstor - ok
13:55:35.0166 2632 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:55:35.0269 2632 ErrDev - ok
13:55:35.0323 2632 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
13:55:35.0417 2632 EventSystem - ok
13:55:35.0520 2632 [ A57BE3307ADA2FC086B5B43135735283 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
13:55:35.0558 2632 EvtEng - ok
13:55:35.0578 2632 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
13:55:35.0631 2632 exfat - ok
13:55:35.0667 2632 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:55:35.0805 2632 fastfat - ok
13:55:35.0886 2632 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
13:55:35.0953 2632 Fax - ok
13:55:35.0967 2632 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:55:36.0062 2632 fdc - ok
13:55:36.0152 2632 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
13:55:36.0237 2632 fdPHost - ok
13:55:36.0248 2632 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
13:55:36.0296 2632 FDResPub - ok
13:55:36.0327 2632 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:55:36.0397 2632 FileInfo - ok
13:55:36.0416 2632 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:55:36.0512 2632 Filetrace - ok
13:55:36.0527 2632 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:55:36.0608 2632 flpydisk - ok
13:55:36.0648 2632 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:55:36.0748 2632 FltMgr - ok
13:55:36.0801 2632 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
13:55:36.0875 2632 FontCache - ok
13:55:36.0940 2632 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:55:37.0031 2632 FontCache3.0.0.0 - ok
13:55:37.0054 2632 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:55:37.0128 2632 FsDepends - ok
13:55:37.0252 2632 [ D909075FA72C090F27AA926C32CB4612 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
13:55:37.0314 2632 fssfltr - ok
13:55:37.0427 2632 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
13:55:37.0603 2632 fsssvc - ok
13:55:37.0645 2632 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:55:37.0682 2632 Fs_Rec - ok
13:55:37.0732 2632 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:55:37.0833 2632 fvevol - ok
13:55:37.0865 2632 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
13:55:37.0901 2632 gagp30kx - ok
13:55:37.0945 2632 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:55:38.0019 2632 GEARAspiWDM - ok
13:55:38.0193 2632 [ 31B40F40E09513ADDC460F6A297AD474 ] ghaio C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys
13:55:38.0276 2632 ghaio - ok
13:55:38.0331 2632 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
13:55:38.0392 2632 gpsvc - ok
13:55:38.0515 2632 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
13:55:38.0529 2632 gupdate - ok
13:55:38.0547 2632 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
13:55:38.0559 2632 gupdatem - ok
13:55:38.0582 2632 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:55:38.0687 2632 hcw85cir - ok
13:55:38.0741 2632 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:55:38.0883 2632 HdAudAddService - ok
13:55:38.0901 2632 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
13:55:38.0942 2632 HDAudBus - ok
13:55:38.0979 2632 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:55:39.0015 2632 HidBatt - ok
13:55:39.0051 2632 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:55:39.0145 2632 HidBth - ok
13:55:39.0232 2632 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:55:39.0330 2632 HidIr - ok
13:55:39.0356 2632 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
13:55:39.0409 2632 hidserv - ok
13:55:39.0450 2632 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:55:39.0538 2632 HidUsb - ok
13:55:39.0575 2632 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:55:39.0628 2632 hkmsvc - ok
13:55:39.0671 2632 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:55:39.0777 2632 HomeGroupListener - ok
13:55:39.0822 2632 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:55:39.0846 2632 HomeGroupProvider - ok
13:55:39.0957 2632 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
13:55:40.0001 2632 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
13:55:40.0001 2632 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
13:55:40.0040 2632 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
13:55:40.0144 2632 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
13:55:40.0144 2632 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
13:55:40.0179 2632 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:55:40.0249 2632 HpSAMD - ok
13:55:40.0296 2632 [ 79737E0F7D25DE8405CB34D4C9882253 ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
13:55:40.0333 2632 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
13:55:40.0333 2632 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
13:55:40.0388 2632 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:55:40.0467 2632 HTTP - ok
13:55:40.0509 2632 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:55:40.0592 2632 hwpolicy - ok
13:55:40.0635 2632 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
13:55:40.0755 2632 i8042prt - ok
13:55:40.0798 2632 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:55:40.0895 2632 iaStorV - ok
13:55:41.0035 2632 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:55:41.0164 2632 idsvc - ok
13:55:41.0202 2632 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
13:55:41.0291 2632 iirsp - ok
13:55:41.0338 2632 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
13:55:41.0398 2632 IKEEXT - ok
13:55:41.0535 2632 [ DBBFF3318FDBF663D8D5F807BB54E9C3 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
13:55:41.0686 2632 IntcAzAudAddService - ok
13:55:41.0715 2632 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
13:55:41.0789 2632 intelide - ok
13:55:41.0826 2632 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:55:41.0865 2632 intelppm - ok
13:55:41.0896 2632 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:55:42.0017 2632 IPBusEnum - ok
13:55:42.0039 2632 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:55:42.0133 2632 IpFilterDriver - ok
13:55:42.0192 2632 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:55:42.0269 2632 IPMIDRV - ok
13:55:42.0307 2632 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:55:42.0413 2632 IPNAT - ok
13:55:42.0496 2632 [ EF1C51222117B37AFBFF8F4642EA8C62 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:55:42.0532 2632 iPod Service - ok
13:55:42.0563 2632 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:55:42.0694 2632 IRENUM - ok
13:55:42.0732 2632 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:55:42.0788 2632 isapnp - ok
13:55:42.0821 2632 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:55:42.0872 2632 iScsiPrt - ok
13:55:42.0927 2632 [ 132EB047E3F94DC9EAB83C74E8C2E85A ] IvtBtBUs C:\Windows\system32\Drivers\IvtBtBus.sys
13:55:43.0007 2632 IvtBtBUs - ok
13:55:43.0054 2632 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:55:43.0142 2632 kbdclass - ok
13:55:43.0302 2632 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:55:43.0423 2632 kbdhid - ok
13:55:43.0498 2632 [ 3EB803312987FF44265C87CB960DF6AB ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
13:55:43.0562 2632 kbfiltr - ok
13:55:43.0582 2632 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
13:55:43.0622 2632 KeyIso - ok
13:55:43.0663 2632 [ 4476FE98AAF505ACDCD3EE6360AABEC1 ] KMWDFILTERx86 C:\Windows\system32\DRIVERS\KMWDFILTER.sys
13:55:44.0024 2632 KMWDFILTERx86 - ok
13:55:44.0072 2632 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:55:44.0185 2632 KSecDD - ok
13:55:44.0220 2632 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:55:44.0265 2632 KSecPkg - ok
13:55:44.0296 2632 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
13:55:44.0415 2632 KtmRm - ok
13:55:44.0446 2632 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
13:55:44.0495 2632 LanmanServer - ok
13:55:44.0533 2632 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:55:44.0611 2632 LanmanWorkstation - ok
13:55:44.0672 2632 Lavasoft Kernexplorer - ok
13:55:44.0685 2632 Lbd - ok
13:55:44.0744 2632 [ 559C9B7800FAC92FC515CD0003D7C631 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
13:55:44.0782 2632 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
13:55:44.0782 2632 LightScribeService - detected UnsignedFile.Multi.Generic (1)
13:55:44.0830 2632 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:55:44.0898 2632 lltdio - ok
13:55:44.0938 2632 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:55:45.0020 2632 lltdsvc - ok
13:55:45.0047 2632 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
13:55:45.0079 2632 lmhosts - ok
13:55:45.0158 2632 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
13:55:45.0241 2632 LSI_FC - ok
13:55:45.0267 2632 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
13:55:45.0341 2632 LSI_SAS - ok
13:55:45.0357 2632 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:55:45.0452 2632 LSI_SAS2 - ok
13:55:45.0462 2632 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:55:45.0553 2632 LSI_SCSI - ok
13:55:45.0591 2632 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
13:55:45.0635 2632 luafv - ok
13:55:45.0694 2632 [ ED643E777BA3F7151EF3F0FB6BE4F7F0 ] LVRS C:\Windows\system32\DRIVERS\lvrs.sys
13:55:45.0785 2632 LVRS - ok
13:55:45.0927 2632 [ 5BC80451109A8DD7F2DDD35BCE2929A3 ] LVUVC C:\Windows\system32\DRIVERS\lvuvc.sys
13:55:46.0547 2632 LVUVC - ok
13:55:46.0598 2632 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:55:46.0674 2632 Mcx2Svc - ok
13:55:46.0695 2632 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
13:55:46.0729 2632 megasas - ok
13:55:46.0764 2632 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
13:55:46.0848 2632 MegaSR - ok
13:55:46.0877 2632 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
13:55:46.0927 2632 MMCSS - ok
13:55:46.0962 2632 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
13:55:47.0039 2632 Modem - ok
13:55:47.0066 2632 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:55:47.0156 2632 monitor - ok
13:55:47.0197 2632 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:55:47.0275 2632 mouclass - ok
13:55:47.0317 2632 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:55:47.0380 2632 mouhid - ok
13:55:47.0426 2632 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:55:47.0507 2632 mountmgr - ok
13:55:47.0560 2632 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:55:47.0665 2632 MozillaMaintenance - ok
13:55:47.0698 2632 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
13:55:47.0789 2632 mpio - ok
13:55:47.0824 2632 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:55:47.0933 2632 mpsdrv - ok
13:55:47.0974 2632 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:55:48.0067 2632 MRxDAV - ok
13:55:48.0153 2632 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:55:48.0241 2632 mrxsmb - ok
13:55:48.0283 2632 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:55:48.0383 2632 mrxsmb10 - ok
13:55:48.0398 2632 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:55:48.0452 2632 mrxsmb20 - ok
13:55:48.0489 2632 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
13:55:48.0585 2632 msahci - ok
13:55:48.0612 2632 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:55:48.0712 2632 msdsm - ok
13:55:48.0732 2632 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
13:55:48.0837 2632 MSDTC - ok
13:55:48.0887 2632 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:55:48.0985 2632 Msfs - ok
13:55:49.0004 2632 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:55:49.0186 2632 mshidkmdf - ok
13:55:49.0218 2632 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:55:49.0250 2632 msisadrv - ok
13:55:49.0283 2632 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:55:49.0375 2632 MSiSCSI - ok
13:55:49.0380 2632 msiserver - ok
13:55:49.0425 2632 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:55:49.0527 2632 MSKSSRV - ok
13:55:49.0564 2632 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:55:49.0662 2632 MSPCLOCK - ok
13:55:49.0686 2632 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:55:49.0781 2632 MSPQM - ok
13:55:49.0829 2632 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:55:49.0872 2632 MsRPC - ok
13:55:49.0903 2632 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
13:55:49.0919 2632 mssmbios - ok
13:55:49.0936 2632 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:55:50.0021 2632 MSTEE - ok
13:55:50.0047 2632 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
13:55:50.0104 2632 MTConfig - ok
13:55:50.0205 2632 [ 2E71504A74BE4E3D4EA94568EFF7556E ] MTsensor C:\Windows\system32\DRIVERS\ATKACPI.sys
13:55:50.0246 2632 MTsensor - ok
13:55:50.0267 2632 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
13:55:50.0346 2632 Mup - ok
13:55:50.0462 2632 MySQL - ok
13:55:50.0522 2632 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
13:55:50.0578 2632 napagent - ok
13:55:50.0627 2632 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:55:50.0734 2632 NativeWifiP - ok
13:55:50.0790 2632 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:55:50.0822 2632 NDIS - ok
13:55:50.0859 2632 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:55:50.0976 2632 NdisCap - ok
13:55:51.0011 2632 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:55:51.0089 2632 NdisTapi - ok
13:55:51.0159 2632 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:55:51.0220 2632 Ndisuio - ok
13:55:51.0271 2632 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:55:51.0464 2632 NdisWan - ok
13:55:51.0504 2632 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:55:51.0650 2632 NDProxy - ok
13:55:51.0726 2632 [ 510C138564486FF926A3F773205C63D1 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
13:55:51.0824 2632 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
13:55:51.0825 2632 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
13:55:51.0864 2632 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:55:51.0991 2632 NetBIOS - ok
13:55:52.0029 2632 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:55:52.0101 2632 NetBT - ok
13:55:52.0159 2632 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
13:55:52.0198 2632 Netlogon - ok
13:55:52.0238 2632 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
13:55:52.0299 2632 Netman - ok
13:55:52.0326 2632 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
13:55:52.0381 2632 netprofm - ok
13:55:52.0423 2632 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:55:52.0511 2632 NetTcpPortSharing - ok
13:55:52.0704 2632 [ EF51B405AD8ACAAE6F0231290D20F516 ] NETw5s32 C:\Windows\system32\DRIVERS\NETw5s32.sys
13:55:53.0080 2632 NETw5s32 - ok
13:55:53.0298 2632 [ 58218EC6B61B1169CF54AAB0D00F5FE2 ] netw5v32 C:\Windows\system32\DRIVERS\netw5v32.sys
13:55:53.0558 2632 netw5v32 - ok
13:55:53.0625 2632 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
13:55:53.0689 2632 nfrd960 - ok
13:55:53.0740 2632 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:55:53.0797 2632 NlaSvc - ok
13:55:53.0866 2632 [ C4EBBBD7165BE535F0BFD06B80601D91 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
13:55:53.0888 2632 NMIndexingService ( UnsignedFile.Multi.Generic ) - warning
13:55:53.0888 2632 NMIndexingService - detected UnsignedFile.Multi.Generic (1)
13:55:53.0905 2632 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:55:54.0015 2632 Npfs - ok
13:55:54.0051 2632 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
13:55:54.0094 2632 nsi - ok
13:55:54.0153 2632 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:55:54.0255 2632 nsiproxy - ok
13:55:54.0321 2632 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:55:54.0415 2632 Ntfs - ok
13:55:54.0453 2632 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
13:55:54.0517 2632 Null - ok
13:55:54.0787 2632 [ 5CE5B23855262ACABAECCE156F48DD88 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:55:56.0376 2632 nvlddmkm - ok
13:55:56.0401 2632 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:55:56.0438 2632 nvraid - ok
13:55:56.0476 2632 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:55:56.0553 2632 nvstor - ok
13:55:56.0592 2632 [ 6DF4CC671CD9704840C5522627F3ED43 ] nvsvc C:\Windows\system32\nvvsvc.exe
13:55:56.0610 2632 nvsvc - ok
13:55:56.0625 2632 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:55:56.0671 2632 nv_agp - ok
13:55:56.0789 2632 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:55:56.0899 2632 odserv - ok
13:55:56.0927 2632 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:55:57.0010 2632 ohci1394 - ok
13:55:57.0084 2632 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:55:57.0190 2632 ose - ok
13:55:57.0247 2632 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:55:57.0284 2632 p2pimsvc - ok
13:55:57.0309 2632 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
13:55:57.0403 2632 p2psvc - ok
13:55:57.0432 2632 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:55:57.0533 2632 Parport - ok
13:55:57.0570 2632 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:55:57.0653 2632 partmgr - ok
13:55:57.0674 2632 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
13:55:57.0761 2632 Parvdm - ok
13:55:57.0784 2632 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:55:57.0819 2632 PcaSvc - ok
13:55:57.0841 2632 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
13:55:57.0914 2632 pci - ok
13:55:57.0938 2632 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
13:55:58.0009 2632 pciide - ok
13:55:58.0034 2632 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:55:58.0152 2632 pcmcia - ok
13:55:58.0172 2632 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
13:55:58.0240 2632 pcw - ok
13:55:58.0277 2632 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:55:58.0415 2632 PEAUTH - ok
13:55:58.0488 2632 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
13:55:58.0581 2632 PeerDistSvc - ok
13:55:58.0682 2632 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
13:55:58.0856 2632 pla - ok
13:55:58.0897 2632 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:55:58.0953 2632 PlugPlay - ok
13:55:59.0044 2632 [ 37E5E8FFBAD35605DAEEC3224EA0E465 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
13:55:59.0178 2632 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
13:55:59.0178 2632 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
13:55:59.0244 2632 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:55:59.0384 2632 PNRPAutoReg - ok
13:55:59.0416 2632 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:55:59.0452 2632 PNRPsvc - ok
13:55:59.0498 2632 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:55:59.0557 2632 PolicyAgent - ok
13:55:59.0602 2632 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
13:55:59.0654 2632 Power - ok
13:55:59.0692 2632 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:55:59.0765 2632 PptpMiniport - ok
13:55:59.0782 2632 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:55:59.0809 2632 Processor - ok
13:55:59.0841 2632 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
13:55:59.0897 2632 ProfSvc - ok
13:55:59.0915 2632 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:55:59.0933 2632 ProtectedStorage - ok
13:55:59.0966 2632 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:56:00.0021 2632 Psched - ok
13:56:00.0083 2632 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
13:56:00.0275 2632 ql2300 - ok
13:56:00.0302 2632 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
13:56:00.0393 2632 ql40xx - ok
13:56:00.0425 2632 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
13:56:00.0549 2632 QWAVE - ok
13:56:00.0569 2632 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:56:00.0659 2632 QWAVEdrv - ok
13:56:00.0688 2632 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:56:00.0795 2632 RasAcd - ok
13:56:00.0837 2632 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:56:00.0925 2632 RasAgileVpn - ok
13:56:00.0953 2632 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
13:56:01.0095 2632 RasAuto - ok
13:56:01.0135 2632 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:56:01.0278 2632 Rasl2tp - ok
13:56:01.0347 2632 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
13:56:01.0455 2632 RasMan - ok
13:56:01.0479 2632 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:56:01.0550 2632 RasPppoe - ok
13:56:01.0606 2632 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:56:01.0720 2632 RasSstp - ok
13:56:01.0763 2632 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:56:01.0874 2632 rdbss - ok
13:56:01.0906 2632 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:56:02.0003 2632 rdpbus - ok
13:56:02.0035 2632 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:56:02.0139 2632 RDPCDD - ok
13:56:02.0194 2632 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
13:56:02.0305 2632 RDPDR - ok
13:56:02.0330 2632 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:56:02.0369 2632 RDPENCDD - ok
13:56:02.0396 2632 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:56:02.0478 2632 RDPREFMP - ok
13:56:02.0511 2632 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:56:02.0622 2632 RDPWD - ok
13:56:02.0677 2632 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:56:02.0725 2632 rdyboost - ok
13:56:02.0833 2632 [ A171029D6B6C2D93C22861A347F43C2A ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
13:56:02.0870 2632 RegSrvc - ok
13:56:02.0901 2632 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
13:56:03.0043 2632 RemoteAccess - ok
13:56:03.0083 2632 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:56:03.0208 2632 RemoteRegistry - ok
13:56:03.0291 2632 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
13:56:03.0334 2632 RFCOMM - ok
13:56:03.0365 2632 [ DF672613FBBCD58C38BB0BC2694BCFB0 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
13:56:03.0473 2632 rimmptsk - ok
13:56:03.0516 2632 [ 9BFB54D3559F2FF7301271D29D383564 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
13:56:03.0550 2632 rimsptsk - ok
13:56:03.0575 2632 [ DCB87DA83CC1010CBC9FC4DC9E395BBC ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
13:56:03.0639 2632 rismxdp - ok
13:56:03.0678 2632 [ 564297827D213F52C7A3A2FF749568CA ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
13:56:03.0768 2632 ROOTMODEM - ok
13:56:03.0799 2632 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:56:03.0847 2632 RpcEptMapper - ok
13:56:03.0871 2632 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
13:56:03.0946 2632 RpcLocator - ok
13:56:03.0969 2632 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
13:56:04.0005 2632 RpcSs - ok
13:56:04.0042 2632 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:56:04.0225 2632 rspndr - ok
13:56:04.0271 2632 [ E099D23EE1BBCE0CF5745F811F3B1882 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
13:56:04.0352 2632 RTL8167 - ok
13:56:04.0378 2632 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
13:56:04.0435 2632 s3cap - ok
13:56:04.0448 2632 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
13:56:04.0467 2632 SamSs - ok
13:56:04.0606 2632 [ BCE943896289A91AD75CC5652620B1C6 ] SBAMSvc C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
13:56:04.0745 2632 SBAMSvc - ok
13:56:04.0793 2632 [ 3FFF8CDA4D2F29CA06F1557E85163C30 ] sbapifs C:\Windows\system32\DRIVERS\sbapifs.sys
13:56:04.0823 2632 sbapifs - ok
13:56:04.0877 2632 [ B6019CB6D66BB57BACC619195EFD7BB8 ] SbFw C:\Windows\system32\drivers\SbFw.sys
13:56:04.0881 2632 Suspicious file (Forged): C:\Windows\system32\drivers\SbFw.sys. Real md5: B6019CB6D66BB57BACC619195EFD7BB8, Fake md5: BCF3BA30C1CFA2942CF26C31384B37C7
13:56:04.0881 2632 SbFw ( Virus.Win32.ZAccess.k ) - infected
13:56:04.0882 2632 SbFw - detected Virus.Win32.ZAccess.k (0)
13:56:04.0898 2632 [ 1DCAD90CC9C0DDC7D060FD97854F8518 ] SBFWIMCL C:\Windows\system32\DRIVERS\sbfwim.sys
13:56:04.0912 2632 SBFWIMCL - ok
13:56:04.0922 2632 [ 1DCAD90CC9C0DDC7D060FD97854F8518 ] SBFWIMCLMP C:\Windows\system32\DRIVERS\SBFWIM.sys
13:56:04.0935 2632 SBFWIMCLMP - ok
13:56:04.0964 2632 [ 1AFD7178AB9C4FCE2D332DA7AA474FA6 ] sbhips C:\Windows\system32\drivers\sbhips.sys
13:56:04.0985 2632 sbhips - ok
13:56:05.0014 2632 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:56:05.0118 2632 sbp2port - ok
13:56:05.0194 2632 [ 1FD538C4FEB36B793D2121F20BBDC16F ] SBRE C:\Windows\system32\drivers\SBREdrv.sys
13:56:05.0288 2632 SBRE - ok
13:56:05.0352 2632 [ 9BDF801A6C78E3F1E6FA1C5CA90BAA8A ] sbwtis C:\Windows\system32\DRIVERS\sbwtis.sys
13:56:05.0416 2632 sbwtis - ok
13:56:05.0451 2632 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:56:05.0561 2632 SCardSvr - ok
13:56:05.0600 2632 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:56:05.0724 2632 scfilter - ok
13:56:05.0787 2632 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
13:56:05.0873 2632 Schedule - ok
13:56:05.0913 2632 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
13:56:05.0951 2632 SCPolicySvc - ok
13:56:06.0014 2632 [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus C:\Windows\system32\drivers\sdbus.sys
13:56:06.0106 2632 sdbus - ok
13:56:06.0190 2632 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:56:06.0306 2632 SDRSVC - ok
13:56:06.0375 2632 [ 81C89B8EC01BAE7B79495D840C23B166 ] Secdrv C:\Windows\system32\drivers\SECDRV.SYS
13:56:06.0403 2632 Secdrv ( UnsignedFile.Multi.Generic ) - warning
13:56:06.0403 2632 Secdrv - detected UnsignedFile.Multi.Generic (1)
13:56:06.0449 2632 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
13:56:06.0566 2632 seclogon - ok
13:56:06.0607 2632 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
13:56:06.0664 2632 SENS - ok
13:56:06.0721 2632 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:56:06.0791 2632 SensrSvc - ok
13:56:06.0824 2632 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:56:06.0873 2632 Serenum - ok
13:56:06.0905 2632 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:56:06.0993 2632 Serial - ok
13:56:07.0026 2632 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
13:56:07.0154 2632 sermouse - ok
13:56:07.0258 2632 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
13:56:07.0292 2632 SessionEnv - ok
13:56:07.0315 2632 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
13:56:07.0358 2632 sffdisk - ok
13:56:07.0364 2632 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:56:07.0454 2632 sffp_mmc - ok
13:56:07.0471 2632 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
13:56:07.0575 2632 sffp_sd - ok
13:56:07.0607 2632 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:56:07.0706 2632 sfloppy - ok
13:56:07.0751 2632 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:56:07.0788 2632 ShellHWDetection - ok
13:56:07.0806 2632 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
13:56:07.0888 2632 sisagp - ok
13:56:07.0914 2632 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:56:07.0990 2632 SiSRaid2 - ok
13:56:08.0014 2632 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
13:56:08.0054 2632 SiSRaid4 - ok
13:56:08.0124 2632 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
13:56:08.0217 2632 SkypeUpdate - ok
13:56:08.0257 2632 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:56:08.0349 2632 Smb - ok
13:56:08.0405 2632 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:56:08.0486 2632 SNMPTRAP - ok
13:56:08.0580 2632 [ 03210C439D0C1224EB36865C8010DAB6 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
13:56:08.0708 2632 SNP2UVC - ok
13:56:08.0731 2632 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
13:56:08.0810 2632 spldr - ok
13:56:08.0865 2632 [ 739DB668DBD812285ECC553E64A5E212 ] spmgr C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
13:56:08.0893 2632 spmgr - ok
13:56:08.0923 2632 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
13:56:08.0961 2632 Spooler - ok
13:56:09.0084 2632 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
13:56:09.0235 2632 sppsvc - ok
13:56:09.0311 2632 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:56:09.0419 2632 sppuinotify - ok
13:56:09.0445 2632 sptd - ok
13:56:09.0493 2632 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
13:56:09.0595 2632 srv - ok
13:56:09.0625 2632 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:56:09.0725 2632 srv2 - ok
13:56:09.0743 2632 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:56:09.0841 2632 srvnet - ok
13:56:09.0875 2632 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:56:09.0925 2632 SSDPSRV - ok
13:56:10.0000 2632 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
13:56:10.0083 2632 ssmdrv - ok
13:56:10.0119 2632 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:56:10.0219 2632 SstpSvc - ok
13:56:10.0243 2632 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
13:56:10.0322 2632 stexstor - ok
13:56:10.0374 2632 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
13:56:10.0442 2632 StiSvc - ok
13:56:10.0472 2632 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
13:56:10.0546 2632 storflt - ok
13:56:10.0583 2632 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
13:56:10.0688 2632 StorSvc - ok
13:56:10.0709 2632 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
13:56:10.0776 2632 storvsc - ok
13:56:10.0807 2632 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
13:56:10.0881 2632 swenum - ok
13:56:10.0922 2632 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
13:56:10.0970 2632 swprv - ok
13:56:11.0022 2632 [ 9574C5EEA8078C7B1A70AE912FF02FE0 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
13:56:11.0086 2632 SynTP - ok
13:56:11.0180 2632 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
13:56:11.0265 2632 SysMain - ok
13:56:11.0316 2632 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:56:11.0377 2632 TabletInputService - ok
13:56:11.0425 2632 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
13:56:11.0492 2632 TapiSrv - ok
13:56:11.0519 2632 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
13:56:11.0572 2632 TBS - ok
13:56:11.0635 2632 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:56:11.0764 2632 Tcpip - ok
13:56:11.0803 2632 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:56:11.0839 2632 TCPIP6 - ok
13:56:11.0895 2632 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:56:12.0023 2632 tcpipreg - ok
13:56:12.0071 2632 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:56:12.0199 2632 TDPIPE - ok
13:56:12.0241 2632 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:56:12.0399 2632 TDTCP - ok
13:56:12.0449 2632 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:56:12.0518 2632 tdx - ok
13:56:12.0539 2632 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
13:56:12.0592 2632 TermDD - ok
13:56:12.0657 2632 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
13:56:12.0741 2632 TermService - ok
13:56:12.0773 2632 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
13:56:12.0805 2632 Themes - ok
13:56:12.0820 2632 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
13:56:12.0859 2632 THREADORDER - ok
13:56:12.0890 2632 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
13:56:12.0995 2632 TrkWks - ok
13:56:13.0089 2632 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:56:13.0214 2632 TrustedInstaller - ok
13:56:13.0283 2632 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:56:13.0394 2632 tssecsrv - ok
13:56:13.0465 2632 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:56:13.0698 2632 TsUsbFlt - ok
13:56:13.0838 2632 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:56:13.0949 2632 tunnel - ok
13:56:13.0991 2632 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
13:56:14.0073 2632 uagp35 - ok
13:56:14.0158 2632 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:56:14.0247 2632 udfs - ok
13:56:14.0285 2632 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:56:14.0342 2632 UI0Detect - ok
13:56:14.0385 2632 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:56:14.0428 2632 uliagpkx - ok
13:56:14.0466 2632 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
13:56:14.0567 2632 umbus - ok
13:56:14.0607 2632 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:56:14.0677 2632 UmPass - ok
13:56:14.0732 2632 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
13:56:14.0781 2632 UmRdpService - ok
13:56:14.0827 2632 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
13:56:14.0878 2632 upnphost - ok
13:56:14.0921 2632 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
13:56:14.0964 2632 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
13:56:14.0965 2632 USBAAPL - detected UnsignedFile.Multi.Generic (1)
13:56:15.0030 2632 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
13:56:15.0177 2632 usbaudio - ok
13:56:15.0315 2632 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:56:15.0370 2632 usbccgp - ok
13:56:15.0403 2632 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:56:15.0530 2632 usbcir - ok
13:56:15.0548 2632 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:56:15.0642 2632 usbehci - ok
13:56:15.0693 2632 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:56:15.0878 2632 usbhub - ok
13:56:15.0897 2632 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:56:16.0020 2632 usbohci - ok
13:56:16.0052 2632 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:56:16.0251 2632 usbprint - ok
13:56:16.0294 2632 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:56:16.0378 2632 usbscan - ok
13:56:16.0408 2632 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:56:16.0511 2632 USBSTOR - ok
13:56:16.0525 2632 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:56:16.0544 2632 usbuhci - ok
13:56:16.0580 2632 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
13:56:16.0673 2632 usbvideo - ok
13:56:16.0754 2632 [ D82F43D15FDAA666856C0190CB73E7C9 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
13:56:16.0865 2632 usb_rndisx - ok
13:56:16.0888 2632 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
13:56:16.0943 2632 UxSms - ok
13:56:16.0970 2632 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
13:56:16.0992 2632 VaultSvc - ok
13:56:17.0021 2632 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:56:17.0090 2632 vdrvroot - ok
13:56:17.0178 2632 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
13:56:17.0316 2632 vds - ok
13:56:17.0339 2632 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:56:17.0434 2632 vga - ok
13:56:17.0458 2632 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
13:56:17.0530 2632 VgaSave - ok
13:56:17.0567 2632 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:56:17.0691 2632 vhdmp - ok
13:56:17.0751 2632 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
13:56:17.0787 2632 viaagp - ok
13:56:17.0815 2632 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
13:56:17.0907 2632 ViaC7 - ok
13:56:17.0943 2632 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
13:56:17.0986 2632 viaide - ok
13:56:18.0015 2632 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
13:56:18.0106 2632 vmbus - ok
13:56:18.0164 2632 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
13:56:18.0232 2632 VMBusHID - ok
13:56:18.0260 2632 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:56:18.0328 2632 volmgr - ok
13:56:18.0373 2632 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:56:18.0449 2632 volmgrx - ok
13:56:18.0483 2632 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:56:18.0584 2632 volsnap - ok
13:56:18.0600 2632 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
13:56:18.0674 2632 vsmraid - ok
13:56:18.0794 2632 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
13:56:18.0883 2632 VSS - ok
13:56:18.0903 2632 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
13:56:18.0939 2632 vwifibus - ok
13:56:18.0970 2632 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
13:56:19.0041 2632 vwififlt - ok
13:56:19.0084 2632 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
13:56:19.0172 2632 vwifimp - ok
13:56:19.0214 2632 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
13:56:19.0277 2632 W32Time - ok
13:56:19.0301 2632 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
13:56:19.0371 2632 WacomPen - ok
13:56:19.0393 2632 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:56:19.0520 2632 WANARP - ok
13:56:19.0525 2632 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:56:19.0556 2632 Wanarpv6 - ok
13:56:19.0635 2632 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
13:56:19.0762 2632 wbengine - ok
13:56:19.0790 2632 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:56:19.0877 2632 WbioSrvc - ok
13:56:19.0917 2632 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:56:20.0032 2632 wcncsvc - ok
13:56:20.0068 2632 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:56:20.0161 2632 WcsPlugInService - ok
13:56:20.0186 2632 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
13:56:20.0266 2632 Wd - ok
13:56:20.0293 2632 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:56:20.0325 2632 Wdf01000 - ok
13:56:20.0355 2632 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:56:20.0446 2632 WdiServiceHost - ok
13:56:20.0451 2632 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:56:20.0477 2632 WdiSystemHost - ok
13:56:20.0514 2632 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
13:56:20.0582 2632 WebClient - ok
13:56:20.0639 2632 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:56:20.0777 2632 Wecsvc - ok
13:56:20.0814 2632 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:56:20.0856 2632 wercplsupport - ok
13:56:20.0893 2632 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
13:56:20.0955 2632 WerSvc - ok
13:56:20.0986 2632 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:56:21.0171 2632 WfpLwf - ok
13:56:21.0226 2632 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:56:21.0338 2632 WIMMount - ok
13:56:21.0346 2632 WinHttpAutoProxySvc - ok
13:56:21.0416 2632 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:56:21.0509 2632 Winmgmt - ok
13:56:21.0593 2632 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
13:56:21.0695 2632 WinRM - ok
13:56:21.0753 2632 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:56:21.0925 2632 WinUsb - ok
13:56:21.0976 2632 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:56:22.0027 2632 Wlansvc - ok
13:56:22.0120 2632 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:56:22.0189 2632 wlcrasvc - ok
13:56:22.0298 2632 [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:56:22.0360 2632 wlidsvc - ok
13:56:22.0375 2632 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:56:22.0449 2632 WmiAcpi - ok
13:56:22.0503 2632 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:56:22.0576 2632 wmiApSrv - ok
13:56:22.0677 2632 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
13:56:22.0744 2632 WMPNetworkSvc - ok
13:56:22.0778 2632 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:56:22.0980 2632 WPCSvc - ok
13:56:23.0052 2632 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:56:23.0172 2632 WPDBusEnum - ok
13:56:23.0198 2632 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:56:23.0283 2632 ws2ifsl - ok
13:56:23.0288 2632 WSearch - ok
13:56:23.0317 2632 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:56:23.0449 2632 WudfPf - ok
13:56:23.0525 2632 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:56:23.0571 2632 WUDFRd - ok
13:56:23.0621 2632 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:56:23.0677 2632 wudfsvc - ok
13:56:23.0717 2632 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
13:56:23.0780 2632 WwanSvc - ok
13:56:23.0832 2632 ================ Scan global ===============================
13:56:23.0875 2632 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
13:56:23.0916 2632 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
13:56:23.0927 2632 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
13:56:23.0962 2632 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
13:56:24.0000 2632 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
13:56:24.0006 2632 [Global] - ok
13:56:24.0007 2632 ================ Scan MBR ==================================
13:56:24.0028 2632 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:56:24.0369 2632 \Device\Harddisk0\DR0 - ok
13:56:24.0372 2632 ================ Scan VBR ==================================
13:56:24.0373 2632 [ DC1AF1CF4A7158C5269BF45A547C4DB8 ] \Device\Harddisk0\DR0\Partition1
13:56:24.0375 2632 \Device\Harddisk0\DR0\Partition1 - ok
13:56:24.0377 2632 ============================================================
13:56:24.0377 2632 Scan finished
13:56:24.0377 2632 ============================================================
13:56:24.0397 1624 Detected object count: 10
13:56:24.0397 1624 Actual detected object count: 10
13:57:10.0580 1624 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
13:57:10.0580 1624 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:57:10.0581 1624 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
13:57:10.0581 1624 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:57:10.0583 1624 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
13:57:10.0583 1624 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:57:10.0586 1624 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
13:57:10.0586 1624 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:57:10.0588 1624 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
13:57:10.0588 1624 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:57:10.0590 1624 NMIndexingService ( UnsignedFile.Multi.Generic ) - skipped by user
13:57:10.0590 1624 NMIndexingService ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:57:10.0595 1624 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
13:57:10.0595 1624 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:57:10.0596 1624 SbFw ( Virus.Win32.ZAccess.k ) - skipped by user
13:57:10.0597 1624 SbFw ( Virus.Win32.ZAccess.k ) - User select action: Skip
13:57:10.0599 1624 Secdrv ( UnsignedFile.Multi.Generic ) - skipped by user
13:57:10.0599 1624 Secdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:57:10.0602 1624 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
13:57:10.0602 1624 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip

markusg · 04.12.2012, 14:56

Hi,
nutzt du den PC für onlinebanking, zum Einkaufen, für sonstige Zahlungsabwicklungen, oder ähnlich wichtigem, wie beruflichem?

ReVoC · 04.12.2012, 15:00

Ja das mache ich....Oh Gott was kommt jetzt....

markusg · 04.12.2012, 16:38

Hi, Bank bitte anrufen, Onlinebanking wegen zero access rootkit sperren lassen.
falls die bereits zu hatt, Notfallnummer:
116 116
der pc muss neu aufgesetzt und dann abgesichert werden
1. Datenrettung:

deaktiviere Autorun: http://www.trojaner-board.de/83238-a...sschalten.html
dann sichere Daten auf nen externen datenträger: http://www.trojaner-board.de/82533-d...ted-magic.html
Bilder, Dokumente, Musik Videos (persönliches) http://www.trojaner-board.de/71715-k...iendungen.html

2. Formatieren, Windows neu instalieren:

nutzt du eine Windows CD: http://www.trojaner-board.de/51262-a...sicherung.html
recovery cd oder recovery partition.
falls dies ein fertig pc ist, nenne hersteller + typ.
Keine Windows 7 DVD? http://www.trojaner-board.de/100776-...-download.html

3. PC absichern: http://www.trojaner-board.de/96344-a...-rechners.html
ich werde außerdem noch weitere punkte dazu posten.
4. alle Passwörter ändern!
5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen.
6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.

ReVoC · 04.12.2012, 23:21

Hi,

danke für deine Antwort. Ich hatte sowas schon vermutet. Bin jetzt dabei meinen PC neu aufzusetzen.

Was für ein Schadprogramm war das denn jetzt? Kannst du mir das sagen?

Wie kann ich mich in Zukunft schützen. Klar Downloaddisziplin. Aber gibt es Programme die mich schützen können. Welche werden empfohlen?

Grüße ReVoC

markusg · 06.12.2012, 16:45

hi
zero access rootkit
hier, Absicherungsmaßnamen
als antimalware programm würde ich emsisoft empfehlen.
diese haben für mich den besten schutz kostet aber etwas.
http://www.trojaner-board.de/103809-...i-malware.html
testversion:
Meine Antivirus-Empfehlung: Emsisoft Anti-Malware
insbesondere wenn du onlinebanking, einkäufe, sonstige zahlungsabwicklungen oder ähnlich wichtiges, wie zb berufliches machst, also sensible daten zu schützen sind, solltest du in sicherheitssoftware investieren.
vor dem aktivieren der lizenz die 30 tage testzeitraum ausnutzen.

kostenlos, aber eben nicht ganz so gut währe avast zu empfehlen.
http://www.trojaner-board.de/110895-...antivirus.html

sag mir welches du nutzt, dann gebe ich konfigurationshinweise.
bitte dein bisheriges av deinstalieren
die folgende anleitung ist umfangreich, dass ist mir klar, sie sollte aber umgesetzt werden, da nur dann dein pc sicher ist. stelle so viele fragen wie nötig, ich arbeite gern alles mit dir durch!

http://www.trojaner-board.de/96344-a...-rechners.html
Starte bitte mit der Passage, Windows Vista und Windows 7
Bitte beginne damit, Windows Updates zu instalieren.
Am besten geht dies, wenn du über Start, Suchen gehst, und dort Windows Updates eingibst.
Prüfe unter "Einstellungen ändern" dass folgendes ausgewählt ist:
- Updates automatisch Instalieren,
- Täglich
- Uhrzeit wählen
- Bitte den gesammten rest anhaken, außer:
- detailierte benachichtungen anzeigen, wenn neue Microsoft software verfügbar ist.
Klicke jetzt die Schaltfläche "OK"
Klicke jetzt "nach Updates suchen".
Bitte instaliere zunächst wichtige Updates.
Es wird nötig sein, den PC zwischendurch neu zu starten. falls dies der Fall ist, musst du erneut über Start, Suchen, Windows Update aufrufen, auf Updates suchen klicken und die nächsten instalieren.
Mache das selbe bitte mit den optionalen Updates.
Bitte übernimm den rest so, wie es im Abschnitt windows 7 / Vista zu lesen ist.
aus dem Abschnitt xp, bitte den punkt "datenausführungsverhinderung, dep" übernehmen.
als browser rate ich dir zu chrome:
Installation von Google Chrome für mehrere Nutzerkonten - Google Chrome-Hilfe
anleitung lesen bitte
falls du nen andern nutzen willst, sags mir dann muss ich teile der nun folgenden anleitung anpassen.

Sandboxie
Die devinition einer Sandbox ist hier nachzulesen:
Sandbox
Kurz gesagt, man kann Programme fast 100 %ig isuliert vom System ausführen.

Der Vorteil liegt klar auf der Hand, wenn über den Browser Schadcode eingeschläust wird, kann dieser nicht nach außen dringen.
Download Link:
Sandboxie Download - Sandboxie 3.74

anleitung:
http://www.trojaner-board.de/71542-a...sandboxie.html
ausführliche anleitung als pdf, auch abarbeiten:
Sandbox Einstellungen |

bitte folgende zusatz konfiguration machen:
sandboxie control öffnen, menü sandbox anklicken, defauldbox wählen.
dort klicke auf sandbox einstellungen.
beschrenkungen, bei programm start und internet zugriff schreibe:
chrome.exe
dann gehe auf anwendungen, webbrowser, chrome.
dort aktiviere alles außer gesammten profil ordner freigeben.
Wie du evtl. schon gesehen hast, kannst du einige Funktionen nicht nutzen.
Dies ist nur in der Vollversion nötig, zu deren Kauf ich dir rate.
Du kannst zb unter "Erzwungene Programmstarts" festlegen, dass alle Browser in der Sandbox starten.
Ansonsten musst du immer auf "Sandboxed webbrowser" klicken bzw Rechtsklick, in Sandboxie starten.
Eine lebenslange Lizenz kostet 30 €, und ist auf allen deinen PC's nutzbar.

Weiter mit:
Maßnahmen für ALLE Windows-Versionen
alles komplett durcharbeiten
anmerkung zu file hippo.
in den settings zusätzlich auswählen:
hide beta updates.
Run updateChecker when Windows starts

Backup Programm:
in meiner Anleitung ist bereits ein Backup Programm verlinkt, als Alternative bietet sich auch das Windows eigene Backup Programm an:
http://www.trojaner-board.de/82962-w...en-backup.html
Dies ist aber leider nur für Windows 7 Nutzer vernünftig nutzbar.
Alle Anderen sollten sich aber auf jeden fall auch ein Backup Programm instalieren, denn dies kann unter Umständen sehr wichtig sein, zum Beispiel, wenn die Festplatte einmal kaputt ist.

Zum Schluss, die allgemeinen sicherheitstipps beachten, wenn es dich betrifft, den Tipp zum Onlinebanking beachten und alle Passwörter ändern
bitte auch lesen, wie mache ich programme für alle sichtbar:
Programme für alle Konten nutzbar machen - PCtipp.ch - Praxis & Hilfe
surfe jetzt also nur noch im standard nutzer konto und dort in der sandbox.
wenn du die kostenlose version nutzt, dann mit klick auf sandboxed web browser, wenn du die bezahlversion hast, kannst du erzwungene programm starts festlegen, dann wird Sandboxie immer gestartet wenn du nen browser aufrufst.
wenn du mit der maus über den browser fährst sollte der eingerahmt sein, dann bist du im sandboxed web browser

passwort sicherheit:
jeder dienst benötigt ein eigenes, mindestens 12-stelliges passwort
bei der passwort verwaltung und erstellung hilft roboform
Passwort Manager, Formular Ausfueller, Passwort Management | RoboForm Passwort Manager
anleitung:
RoboForm-Bedienungsanleitung: Passwort-Manager, Verwalten von Passwörtern und persönlichen Daten

Internet bestroffen - Google zeigt nur Werbung an / Anmeldung bei Fb nicht möglich

Log-Analyse und Auswertung: Internet bestroffen - Google zeigt nur Werbung an / Anmeldung bei Fb nicht möglich