Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Telekom Nachricht: Port 25 geschlossen nach Spam Versand

Telekom Nachricht: Port 25 geschlossen nach Spam Versand


Plagegeister aller Art und deren Bekämpfung: Telekom Nachricht: Port 25 geschlossen nach Spam Versand

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 11.12.2012, 14:48   #1
Berlin_Duke
 
Telekom Nachricht: Port 25 geschlossen nach Spam Versand - Standard

Telekom Nachricht: Port 25 geschlossen nach Spam Versand


Hallo, ich poste hier das erste Mal, deshalb bitte ich um Nachsicht. Leider sind meine Kenntnisse auch nur oberflächlich. Ich betreibe in unserer Firma 2 Rechner und eine Laptop an einem Server. Ich erhielt die erste Mail von der Telekom über die Benutzung unserer Computer zur Versendung von Spam. Ich habe die Mail ignoriert, da ich mir über die Echtheit nicht sicher war. Einige Tage später erhiet ich die zweite Mal in der die Sperrung des Ports 25 angekündigt wurde. Als erstes möchte ich mein Laptop überprüfen. Es läuft mit Windows 7 64 bit. Als Virenprogramm läuft Avira. Ich habe mit Malwarebytes und Eset online scanner nicht gefunden. Regelmäßig benutzte ich den CC Cleaner. Ich habe den Log von OTL beigefügt. Kann jemand bitte drüber schauen und mir mitteilen, was ich weiter machen kann. Vielen Dank im voraus.

OTL logfile created on: 11.12.2012 14:12:54 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\AE\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,95 Gb Total Physical Memory | 1,42 Gb Available Physical Memory | 35,99% Memory free
7,90 Gb Paging File | 4,74 Gb Available in Paging File | 59,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 693,63 Gb Total Space | 476,77 Gb Free Space | 68,74% Space Free | Partition Type: NTFS
Drive E: | 4,99 Gb Total Space | 4,98 Gb Free Space | 99,87% Space Free | Partition Type: FAT32
Drive F: | 465,64 Gb Total Space | 356,54 Gb Free Space | 76,57% Space Free | Partition Type: FAT32

Computer Name: AE-ELITEBOOK | User Name: AE | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.12.11 14:12:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\AE\Desktop\OTL.exe
PRC - [2012.10.13 15:05:42 | 000,042,496 | ---- | M] () -- C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
PRC - [2012.09.28 14:11:56 | 001,691,240 | ---- | M] (Copernic Inc.) -- C:\Program Files (x86)\Copernic Desktop Search - Home\DesktopSearchService.exe
PRC - [2012.08.29 14:00:12 | 000,059,280 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2012.08.04 20:47:55 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.07.27 21:51:38 | 000,823,224 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2012.07.27 12:51:28 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.05.14 15:28:34 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.14 15:28:33 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2012.05.14 15:28:33 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
PRC - [2012.05.14 15:28:33 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.02.21 02:05:12 | 000,101,048 | ---- | M] () -- C:\Program Files (x86)\ContourStoryteller\ContourAutoplay.exe
PRC - [2011.07.06 13:17:17 | 000,688,128 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe
PRC - [2011.04.29 08:58:05 | 001,990,144 | ---- | M] () -- C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe
PRC - [2011.03.28 16:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011.02.15 15:48:52 | 001,071,160 | ---- | M] (Hewlett-Packard Development Company L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
PRC - [2011.02.11 20:07:16 | 000,820,048 | R--- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
PRC - [2011.02.11 01:16:02 | 000,586,280 | R--- | M] (Ericsson AB) -- C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
PRC - [2011.02.09 11:51:36 | 000,200,704 | ---- | M] () -- C:\Programme\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
PRC - [2011.02.09 11:28:12 | 001,318,912 | ---- | M] () -- C:\Programme\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
PRC - [2011.02.07 11:41:42 | 012,274,688 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
PRC - [2011.02.07 11:41:26 | 000,320,000 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
PRC - [2011.01.28 20:32:40 | 001,825,360 | ---- | M] (Sanford, L.P.) -- C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe
PRC - [2011.01.28 15:27:06 | 000,281,656 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
PRC - [2011.01.28 09:41:30 | 000,133,688 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
PRC - [2011.01.20 06:55:18 | 001,125,728 | ---- | M] (Infineon Technologies AG) -- C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXSPMGT.exe
PRC - [2011.01.20 06:50:16 | 000,329,056 | ---- | M] (Infineon Technologies AG) -- C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
PRC - [2011.01.20 06:43:00 | 000,203,104 | ---- | M] (Infineon Technologies AG) -- C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
PRC - [2011.01.20 05:49:00 | 000,980,320 | ---- | M] (Infineon Technologies AG) -- C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXTCS.exe
PRC - [2011.01.18 13:42:48 | 000,070,256 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
PRC - [2011.01.18 13:42:44 | 000,113,264 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
PRC - [2011.01.13 09:22:20 | 001,126,936 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2011.01.12 11:49:18 | 001,440,240 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe
PRC - [2011.01.12 11:48:48 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2011.01.12 11:12:06 | 000,036,864 | ---- | M] (Hewlett-Packard Development Company, L.P) -- C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
PRC - [2011.01.03 23:16:42 | 002,656,280 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.01.03 23:16:40 | 000,326,168 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.11.29 12:10:32 | 000,210,896 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
PRC - [2010.11.11 08:43:00 | 000,502,464 | R--- | M] (ArcSoft, Inc.) -- C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
PRC - [2010.07.29 11:11:32 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
PRC - [2010.07.29 05:44:26 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
PRC - [2009.11.20 19:17:54 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009.11.11 15:17:02 | 000,771,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\AirPort\APAgent.exe


========== Modules (No Company Name) ==========

MOD - [2012.11.19 11:28:40 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\239d84cfdb9de9730c1efb43840ef2eb\System.Core.ni.dll
MOD - [2012.11.19 11:17:51 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1ec80905a71750be50dfc7981ad5ae28\PresentationFramework.ni.dll
MOD - [2012.11.19 11:17:41 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
MOD - [2012.11.19 11:17:36 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
MOD - [2012.11.19 11:17:33 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\53d6d827964619285771ed72332d3659\PresentationCore.ni.dll
MOD - [2012.11.19 11:17:26 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll
MOD - [2012.11.19 11:17:23 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll
MOD - [2012.11.19 11:17:21 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
MOD - [2012.11.19 11:17:20 | 007,988,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
MOD - [2012.11.19 11:17:16 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
MOD - [2012.10.13 15:05:42 | 000,042,496 | ---- | M] () -- C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
MOD - [2012.07.27 21:51:54 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\AcroTray.DEU
MOD - [2012.02.21 02:05:12 | 000,101,048 | ---- | M] () -- C:\Program Files (x86)\ContourStoryteller\ContourAutoplay.exe
MOD - [2012.02.07 01:46:53 | 000,971,776 | ---- | M] () -- C:\Program Files (x86)\ContourStoryteller\QtNetwork4.dll
MOD - [2012.02.07 01:46:52 | 008,191,488 | ---- | M] () -- C:\Program Files (x86)\ContourStoryteller\QtGui4.dll
MOD - [2012.02.07 01:46:52 | 002,296,320 | ---- | M] () -- C:\Program Files (x86)\ContourStoryteller\QtCore4.dll
MOD - [2011.11.01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.11.01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.07.06 13:17:17 | 000,688,128 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe
MOD - [2011.04.29 08:58:05 | 001,990,144 | ---- | M] () -- C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe
MOD - [2011.03.16 23:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011.02.09 11:51:36 | 000,200,704 | ---- | M] () -- C:\Programme\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
MOD - [2011.02.03 15:09:24 | 000,366,176 | ---- | M] () -- C:\Windows\SysWOW64\flcdlmsg.dll
MOD - [2011.01.28 20:14:54 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\DYMO\DYMO Label Software\DYMO.Common.dll
MOD - [2011.01.12 11:49:18 | 001,440,240 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe
MOD - [2011.01.12 11:48:48 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2011.01.12 11:48:26 | 000,662,000 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\BBEngineAS.dll
MOD - [2010.11.24 22:44:02 | 000,375,280 | ---- | M] () -- c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll
MOD - [2010.11.13 01:08:41 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.11 10:46:14 | 000,293,888 | ---- | M] () -- C:\Windows\twain_32\Samsung\CLX3180\NetModule2.dll
MOD - [2009.10.31 14:42:43 | 001,384,520 | ---- | M] () -- C:\Windows\twain_32\Samsung\CLX3180\SSOle.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012.02.28 12:15:16 | 000,031,000 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2011.04.22 11:11:22 | 005,873,840 | ---- | M] (CANON INC.) [Auto | Running] -- C:\Program Files\Canon\DIAS\CnxDIAS.exe -- (Canon Driver Information Assist Service)
SRV:64bit: - [2011.02.06 08:39:18 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.01.28 09:41:30 | 000,133,688 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe -- (HPDayStarterService)
SRV:64bit: - [2011.01.21 19:36:02 | 003,154,224 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009.03.03 11:42:00 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2012.11.28 13:05:26 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.06 02:25:06 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.27 12:51:28 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.05.14 15:28:34 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.14 15:28:33 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012.05.14 15:28:33 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2012.05.14 15:28:33 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.09.09 16:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011.03.28 16:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011.02.15 15:48:52 | 001,071,160 | ---- | M] (Hewlett-Packard Development Company L.P.) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe -- (hpCMSrv)
SRV - [2011.02.11 20:07:16 | 000,313,680 | R--- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Programme\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe -- (DpHost)
SRV - [2011.02.11 01:16:02 | 000,586,280 | R--- | M] (Ericsson AB) [Auto | Running] -- C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe -- (WMCoreService)
SRV - [2011.02.09 11:28:12 | 001,318,912 | ---- | M] () [Auto | Running] -- C:\Programme\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe -- (McAfee Endpoint Encryption Agent)
SRV - [2011.02.07 11:41:26 | 000,320,000 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
SRV - [2011.02.03 15:09:18 | 000,464,480 | ---- | M] (Hewlett-Packard Company) [On_Demand | Stopped] -- C:\Windows\SysWOW64\flcdlock.exe -- (FLCDLOCK)
SRV - [2011.01.28 20:34:52 | 000,032,336 | ---- | M] (Sanford, L.P.) [Auto | Running] -- C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe -- (DymoPnpService)
SRV - [2011.01.28 15:27:06 | 000,281,656 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe -- (hpHotkeyMonitor)
SRV - [2011.01.27 10:52:00 | 000,296,448 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Programme\IDT\WDM\stacsv64.exe -- (STacSV)
SRV - [2011.01.26 18:11:48 | 000,131,128 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe -- (HP Power Assistant Service)
SRV - [2011.01.21 19:24:50 | 002,708,784 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2011.01.20 06:55:18 | 001,125,728 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXSPMGT.exe -- (IFXSpMgtSrv)
SRV - [2011.01.20 06:43:00 | 000,203,104 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe -- (PersonalSecureDriveService)
SRV - [2011.01.20 05:49:00 | 000,980,320 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXTCS.exe -- (IFXTCS)
SRV - [2011.01.18 13:42:44 | 000,113,264 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2011.01.15 05:32:30 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2011.01.13 09:22:20 | 001,126,936 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2011.01.12 11:12:06 | 000,036,864 | ---- | M] (Hewlett-Packard Development Company, L.P) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2011.01.03 23:16:42 | 002,656,280 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.01.03 23:16:40 | 000,326,168 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.11.29 12:10:32 | 000,210,896 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service)
SRV - [2010.11.11 08:43:00 | 000,502,464 | R--- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe -- (uArcCapture)
SRV - [2010.07.29 05:44:26 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe -- (DragonSvc)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.12.10 16:04:43 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012.08.21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.07.09 12:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.05.14 15:28:34 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.14 15:28:34 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.28 12:15:16 | 000,043,800 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2012.02.28 12:15:16 | 000,029,976 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011.10.11 15:06:12 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.08.01 15:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.09 11:59:52 | 000,168,008 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\MfeEpePc.sys -- (MfeEpePc)
DRV:64bit: - [2011.02.08 10:13:50 | 000,276,520 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WwanUsbMp64.sys -- (WwanUsbServ)
DRV:64bit: - [2011.02.07 07:50:26 | 000,063,336 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DAMDrv64.sys -- (DAMDrv)
DRV:64bit: - [2011.02.06 09:22:40 | 009,090,048 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.02.06 08:01:44 | 000,299,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.02.04 04:59:06 | 001,413,680 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.01.27 10:52:00 | 000,520,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011.01.18 11:38:42 | 000,026,712 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\johci.sys -- (johci)
DRV:64bit: - [2011.01.05 22:56:16 | 008,505,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2010.12.28 12:25:58 | 000,173,656 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2010.12.21 10:21:16 | 001,826,048 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2010.12.21 01:31:00 | 000,316,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2010.12.10 22:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.12.10 22:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.12.02 17:02:58 | 000,025,912 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2010.12.01 16:02:26 | 000,101,416 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\h36wgps64.sys -- (h36wgps)
DRV:64bit: - [2010.11.20 14:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010.11.20 14:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010.11.20 12:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.17 02:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010.11.11 08:46:00 | 000,032,192 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftVCapture.sys -- (ARCVCAM)
DRV:64bit: - [2010.10.31 16:43:10 | 000,472,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Mbm3Mdm.sys -- (Mbm3Mdm)
DRV:64bit: - [2010.10.31 16:43:10 | 000,419,912 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Mbm3DevMt.sys -- (Mbm3DevMt)
DRV:64bit: - [2010.10.31 16:43:10 | 000,411,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Mbm3CBus.sys -- (Mbm3CBus)
DRV:64bit: - [2010.10.31 16:43:10 | 000,019,528 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Mbm3mdfl.sys -- (Mbm3mdfl)
DRV:64bit: - [2010.10.20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.03.19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010.02.23 19:25:30 | 000,030,248 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wwussf64.sys -- (ecnssndisfltr)
DRV:64bit: - [2010.02.23 19:25:30 | 000,026,664 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wwuss64.sys -- (ecnssndis)
DRV:64bit: - [2010.01.26 06:31:08 | 000,044,576 | ---- | M] (Infineon Technologies AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\psd.sys -- (PersonalSecureDrive)
DRV:64bit: - [2009.10.22 13:54:24 | 000,040,464 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\20491752.sys -- (20491752)
DRV:64bit: - [2009.10.09 23:30:56 | 000,352,784 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\2049175.sys -- (setup_9.0.0.722_09.12.2012_06-10drv)
DRV:64bit: - [2009.09.25 17:59:46 | 000,157,712 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\20491751.sys -- (20491751)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009.07.14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009.07.13 09:16:42 | 000,011,576 | R--- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.SYS -- (SSPORT)
DRV:64bit: - [2009.07.13 09:13:51 | 000,053,816 | R--- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\DgivEcp.sys -- (DgiVecp)
DRV:64bit: - [2009.06.10 22:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.09.08 17:26:20 | 000,015,360 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Spyder3.sys -- (Spyder3)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 41 31 47 5B FA E7 CC 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{2DB830BD-3443-48C7-816A-E4EA4685E519}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}: "URL" = hxxp://www.searchplusnetwork.com/?sp=vit4&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.19
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@dymo.com/DymoLabelFramework: C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll ( Sanford L.P.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~3\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~3\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@phonostar.de/phonostar: C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ [2012.02.10 14:58:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012.08.23 08:20:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.28 10:50:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{7d666f76-9295-4370-b662-37e2dc87b5d7}: C:\Program Files (x86)\Copernic Desktop Search - Home\Firefox110Connector [2012.08.07 15:38:47 | 000,000,000 | ---D | M]

[2012.09.28 10:51:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AE\AppData\Roaming\mozilla\Extensions
[2012.09.28 10:52:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AE\AppData\Roaming\mozilla\Firefox\Profiles\zz0vbmeo.default\extensions
[2012.09.28 10:52:50 | 000,061,406 | ---- | M] () (No name found) -- C:\Users\AE\AppData\Roaming\mozilla\firefox\profiles\zz0vbmeo.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2012.09.28 10:50:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.09.06 02:26:03 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.09.06 03:07:37 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.06 03:07:37 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.09.06 03:07:37 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.09.06 03:07:37 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.09.06 03:07:37 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.09.06 03:07:37 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (File Sanitizer for HP ProtectTools) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [MfeEpePcMonitor] C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [3180 Scan2PC] C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe ()
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AirPort Base Station Agent] C:\Program Files (x86)\AirPort\APAgent.exe (Apple Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CLX3180_Scan2Pc] C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe ()
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [DNS7reminder] C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe (Hewlett-Packard Development Company L.P.)
O4 - HKLM..\Run: [IFXSPMGT] C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe (Infineon Technologies AG)
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [ContourCameraFinder] C:\Program Files (x86)\ContourStoryteller\ContourAutoplay.exe ()
O4 - HKCU..\Run: [Copernic Desktop Search - Home] C:\Program Files (x86)\Copernic Desktop Search - Home\DesktopSearchService.exe (Copernic Inc.)
O4 - HKCU..\Run: [DymoQuickPrint] C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe (Sanford, L.P.)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKCU..\Run: [phonostar-PlayerTimer] C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe ()
O4 - HKCU..\Run: [phonostarTimer] C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe ()
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - Startup: C:\Users\AE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_09.12.2012_06-10.lnk = C:\Users\AE\Desktop\Sicherheit\DE-Cleaner powered by Kaspersky\setup_9.0.0.722_09.12.2012_06-10\startup.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~3\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~3\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (Reg Error: Key error.)
O16:64bit: - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Key error.)
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {3A5EF8E2-34B2-4B01-962B-FF430245CCA4} hxxp://192.168.2.109/IPCamPluginDM.cab (IC3015PlugIn Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3677B5F3-963B-42EF-8A8A-8AA35B53B4B8}: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{66508EA9-D585-4AFD-B594-A214B73459E5}: NameServer = 139.7.30.125,139.7.30.126
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8E641148-848D-4183-855F-2BDB72427896}: DhcpNameServer = 192.168.2.1 192.168.2.1
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe) - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe (DigitalPersona, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\DeviceNP: DllName - (DeviceNP.dll) - C:\Windows\SysWow64\DeviceNP.dll (Hewlett-Packard Company)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.02.10 10:00:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012.12.11 14:12:19 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\AE\Desktop\OTL.exe
[2012.12.10 17:39:42 | 000,000,000 | ---D | C] -- C:\Users\AE\Desktop\backups
[2012.12.10 17:02:57 | 000,000,000 | ---D | C] -- C:\Users\AE\AppData\Roaming\Malwarebytes
[2012.12.10 17:02:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.12.10 17:02:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.12.10 17:02:38 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.12.10 17:02:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.12.10 16:04:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LSoft Technologies
[2012.12.10 16:04:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ ISO Burner
[2012.12.10 10:33:48 | 000,000,000 | R--D | C] -- C:\Users\AE\Desktop\Sicherheit
[2012.12.09 18:34:04 | 000,000,000 | ---D | C] -- C:\Users\AE\Documents\tdsskiller
[2012.12.09 12:11:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012.12.09 12:10:57 | 000,352,784 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\2049175.sys
[2012.12.09 12:10:57 | 000,157,712 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\20491751.sys
[2012.12.09 12:10:57 | 000,040,464 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\20491752.sys
[2012.11.30 11:43:40 | 000,000,000 | ---D | C] -- C:\Users\AE\AppData\Local\touchbyte_GmbH
[2012.11.30 11:43:39 | 000,000,000 | ---D | C] -- C:\Users\AE\AppData\Roaming\PhotoSync
[2012.11.30 11:43:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoSync
[2012.11.30 11:43:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoSync
[2012.11.26 16:12:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ePaperPress
[2012.11.19 10:31:45 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2012.11.19 10:31:45 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2012.11.19 10:30:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2012.11.19 10:23:26 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.11.19 10:23:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.11.19 10:23:26 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.11.19 10:23:26 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.11.19 10:23:25 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.11.19 10:23:25 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.11.19 10:23:25 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.11.19 10:23:25 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.11.19 10:23:25 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.11.19 10:23:25 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.11.19 10:23:25 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.11.19 10:23:24 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.11.19 10:23:23 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.11.19 10:23:23 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.11.19 10:23:23 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.11.19 10:18:24 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012.11.19 10:18:23 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012.11.19 10:18:23 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012.11.19 10:18:23 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012.11.16 11:19:55 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012.11.16 11:19:55 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012.11.16 11:19:55 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012.11.16 11:19:48 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012.11.16 11:19:48 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012.11.16 11:19:48 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012.11.16 11:19:48 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012.11.16 11:19:48 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012.11.16 11:19:48 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012.11.16 11:19:24 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012.11.16 11:19:24 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2012.11.15 12:20:14 | 000,000,000 | ---D | C] -- C:\Users\AE\AppData\Local\{351EC49A-091B-4E8C-9BC0-E4B00AAB5F91}
[2012.11.13 15:54:18 | 000,000,000 | ---D | C] -- C:\Users\AE\AppData\Roaming\PDAppFlex
[2012.11.13 15:53:38 | 000,000,000 | ---D | C] -- C:\Users\AE\Documents\Adobe Scripts
[2012.11.12 13:43:25 | 000,000,000 | ---D | C] -- C:\Users\AE\AppData\Local\OXSTORE2
[2012.11.12 13:37:32 | 000,000,000 | ---D | C] -- C:\Users\AE\AppData\Local\Open-Xchange
[2012.11.12 13:36:56 | 000,000,000 | ---D | C] -- C:\Users\AE\AppData\Local\1&1

========== Files - Modified Within 30 Days ==========

[2012.12.11 14:17:12 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.11 14:16:24 | 000,009,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.11 14:16:24 | 000,009,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.11 14:13:46 | 001,621,244 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.12.11 14:13:46 | 000,702,312 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.12.11 14:13:46 | 000,655,648 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.12.11 14:13:46 | 000,149,836 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.12.11 14:13:46 | 000,122,520 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.12.11 14:12:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\AE\Desktop\OTL.exe
[2012.12.11 14:06:09 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.11 14:05:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.11 14:05:05 | 4242,915,328 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.11 13:24:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.12.10 16:04:43 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2012.12.10 14:29:37 | 000,002,606 | ---- | M] () -- C:\Users\AE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_09.12.2012_06-10.lnk
[2012.11.30 10:22:46 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\Quark Updater.job
[2012.11.28 13:05:24 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.11.28 13:05:23 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.11.19 11:13:16 | 005,088,928 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.11.12 13:39:19 | 000,000,020 | ---- | M] () -- C:\Windows\oxstor32.ini

========== Files Created - No Company Name ==========

[2012.12.10 16:04:43 | 000,834,544 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2012.12.09 12:11:58 | 000,002,606 | ---- | C] () -- C:\Users\AE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_09.12.2012_06-10.lnk
[2012.11.26 16:12:50 | 000,002,611 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PTLens.lnk
[2012.11.19 10:31:49 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.11.19 10:18:23 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.11.13 14:23:35 | 000,001,075 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
[2012.11.13 14:22:57 | 000,001,167 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
[2012.11.13 14:22:13 | 000,001,037 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
[2012.11.13 14:21:49 | 000,001,129 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
[2012.11.13 14:19:41 | 000,001,313 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
[2012.11.13 14:19:34 | 000,001,479 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
[2012.11.12 13:39:19 | 000,000,020 | ---- | C] () -- C:\Windows\oxstor32.ini
[2012.09.13 15:59:03 | 000,019,968 | ---- | C] () -- C:\Users\AE\My Wallet.wlt
[2012.06.07 18:03:10 | 000,012,163 | ---- | C] () -- C:\Users\AE\AppData\Roaming\SmarThruOptions.xml
[2012.06.07 18:03:05 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\SvcMan.exe
[2012.06.07 18:02:52 | 000,000,136 | ---- | C] () -- C:\Windows\Readiris.ini
[2012.06.07 18:02:50 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\irisco32.dll
[2012.06.07 18:00:24 | 000,493,432 | ---- | C] () -- C:\Windows\SSndii.exe
[2012.06.07 17:58:29 | 000,143,872 | ---- | C] () -- C:\Windows\Wiainst64.exe
[2012.06.04 16:07:32 | 000,001,456 | ---- | C] () -- C:\Users\AE\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2012.05.22 15:11:42 | 000,002,238 | ---- | C] () -- C:\Users\AE\AppData\Roaming\SAS7_000.DAT
[2012.03.01 11:49:35 | 000,004,096 | -H-- | C] () -- C:\Users\AE\AppData\Local\keyfile3.drm
[2012.02.15 13:03:46 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2012.02.10 15:07:40 | 000,003,120 | ---- | C] () -- C:\Windows\SysWow64\drivers\wdbfhc.sys
[2012.02.10 15:06:41 | 000,003,120 | ---- | C] () -- C:\Windows\SysWow64\drivers\wdbedg.sys
[2012.02.10 14:58:56 | 000,003,120 | ---- | C] () -- C:\Windows\SysWow64\drivers\wdbfjg.sys
[2012.02.10 14:55:52 | 000,000,191 | ---- | C] () -- C:\Windows\SysWow64\HPPA.ini
[2012.02.10 14:40:20 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.02.10 14:38:04 | 000,030,042 | R--- | C] () -- C:\Windows\ConnectionProfiles.dat
[2012.02.10 14:35:19 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2012.02.10 14:28:45 | 000,025,984 | ---- | C] () -- C:\Windows\snuvcdsm.exe
[2012.02.10 14:28:45 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2012.02.10 14:26:16 | 000,003,113 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012.02.10 14:24:38 | 001,645,398 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.11.30 10:19:57 | 000,014,277 | ---- | C] () -- C:\Users\AE\Firmenwissen_Dokument.pdf
[2011.02.11 20:07:16 | 000,000,256 | R--- | C] () -- C:\Windows\SysWow64\DPSCEL.dll.hpsign
[2011.02.11 20:07:16 | 000,000,256 | R--- | C] () -- C:\Windows\SysWow64\DPFPApi.dll.hpsign
[2011.02.11 20:07:16 | 000,000,256 | R--- | C] () -- C:\Windows\SysWow64\DPClback.dll.hpsign
[2011.02.11 20:04:36 | 000,000,256 | R--- | C] () -- C:\Windows\SysWow64\DPLic.dll.hpsign
[2011.02.03 15:09:24 | 000,366,176 | ---- | C] () -- C:\Windows\SysWow64\flcdlmsg.dll
[2011.02.02 20:49:02 | 000,000,256 | R--- | C] () -- C:\Windows\SysWow64\DPFPApiUI.dll.hpsign
[2011.02.02 20:47:42 | 000,000,256 | R--- | C] () -- C:\Windows\SysWow64\DPPassFilter.dll.hpsign
[2011.02.02 20:47:42 | 000,000,256 | R--- | C] () -- C:\Windows\SysWow64\DPCrProv.dll.hpsign
[2011.01.29 16:49:32 | 000,017,232 | ---- | C] () -- C:\Windows\SysWow64\CoHpCasl.exe
[2011.01.22 12:40:54 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\vcsAPIShared.dll.hpsign
[2011.01.10 20:03:08 | 086,271,980 | ---- | C] () -- C:\Windows\SysWow64\BioTrustFace.dat
[2009.02.18 13:12:20 | 000,031,934 | ---- | C] () -- C:\Users\AE\FirmenWissen_Dokument_Gastro.pdf

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 249 bytes -> C:\ProgramData\TEMP:0FF263E8

< End of report >

Alt 11.12.2012, 15:12   #2
ryder
/// TB-Ausbilder
 
Telekom Nachricht: Port 25 geschlossen nach Spam Versand - Standard

Telekom Nachricht: Port 25 geschlossen nach Spam Versand


Zitat:
Ich betreibe in unserer Firma 2 Rechner und eine Laptop an einem Server.
Gewerblich genutzte Rechner bereinigen wir nur in Ausnahmefällen und zwar dann, wenn es keine IT-Abteilung gibt bei sehr kleinen Firmen.
__________________

__________________
Alt 11.12.2012, 15:22   #3
Berlin_Duke
 
Telekom Nachricht: Port 25 geschlossen nach Spam Versand - Standard

Telekom Nachricht: Port 25 geschlossen nach Spam Versand


Hallo ryder, vielen Dank für die schnelle Antwort. Ich habe leider keine IT Abteilung und kein Supportvertrag oder ähnliches. Ich arbeite mit zwei halbtags Kräften. Ich denke "klein" bis "sehr klein" trifft zu.
VG
__________________
Alt 11.12.2012, 15:33   #4
ryder
/// TB-Ausbilder
 
Telekom Nachricht: Port 25 geschlossen nach Spam Versand - Standard

Telekom Nachricht: Port 25 geschlossen nach Spam Versand


Gut, dann ...
Zitat:
Lesestoff:
Hinweise: Gewerblich genutzte Rechner
  • Die Hilfe, die wir hier anbieten, erfolgt für den User auf eigene Gefahr. Auch wenn wir uns nach bestem Wissen bemühen, so besteht doch das Risiko, dass der Computer im Laufe der Bereinigung evtl. nicht mehr startbar sein könnte oder es zu Datenverlust kommen kann. Für eine Sicherung der vorhandenen Arbeits- und ggf. Kundendaten hat der User selbst zu sorgen. Eine Haftung ist durch die Nutzungsvereinbarung auf jeden Fall ausgeschlossen. Darauf wurde hiermit hingewiesen.
  • Weiterhin wird hiermit darauf hingewiesen, dass in den zu postenden Logfiles eventuell Kundendaten mit anfallen könnten, beispielsweise dann, wenn infizierte Dokumente nach Kundennamen benannt wurden. Trojaner-Board wird die Logfiles im Nachhinein nicht abändern oder den Thread löschen.
  • Die Bereinigung erfolgt für kleine Unternehmen kostenfrei. Du hast allerdings die Möglichkeit uns mit einer Spende zu unterstützen.
Gelesen und verstanden?

Schritt 1:
Laufwerksemulationen abschalten mit Defogger
Downloade Dir bitte defogger von jpshortstuff auf Deinem Desktop und starte es:
  • Klicke nun auf den Disable Button, um die Treiber gewisser Emulatoren zu deaktivieren.
  • Defogger wird dich fragen "Defogger will forcefully ... Continue?" bestätige dies mit Ja.
  • Wenn der Scan beendet wurde (Finished), klicke auf OK.
  • Defogger fordert gegebenfalls zum Neustart auf. Bestätige dies mit OK.
Poste bitte die defogger_disable.txt von deinem Desktop.
Klicke den Re-enable Button nicht ohne Anweisung.
Schritt 2:
Scan mit aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Vista und Win7 User mit Rechtsklick "als Admininstartor starten"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. ( Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.
Schritt 3:
Scan mit dem TDSS-Killer

Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen.

Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe
  • Klicke auf Change parameters, setze einen Haken bei Detect TDLFS file system und bestätige mit OK.
  • Drücke Start Scan
  • Warnung:
    Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und speichere das Logfile.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern ( Meistens C:\ )
    Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt
Poste den Inhalt bitte hier in deinen Thread.
Schritt 4:
Scan mit DDS (+ attach)
Downloade dir bitte DDS (von sUBs) von einem der folgenden Downloadspiegel und speichere die Datei auf deinem Desktop.

dds.com | dds.scr | dds.pif
  • Schließe alle laufenden Programme und starte DDS mit Doppelklick.
  • Der Desktop wird verschwinden, das ist normal.
  • Stelle folgendes ein:

    [X] dds.txt
    [X] attach.txt
    [ ] options for dds.txt

  • Ändere keine Einstellung ohne Anweisung.
  • Klicke auf Start.
  • Es werden 2 Logfiles auf deinem Desktop erstellt.
    • dds.txt
    • attach.txt
  • Poste die beiden Logfile hier, möglichst in CODE-Tags.
__________________
Digitale Freibeuter gegen Malware!
Keine Hilfe per PM!
Alt 11.12.2012, 16:13   #5
Berlin_Duke
 
Telekom Nachricht: Port 25 geschlossen nach Spam Versand - Standard

Telekom Nachricht: Port 25 geschlossen nach Spam Versand


Vielen Dank.
1.defogger_disable by jpshortstuff (23.02.10.1)
Log created at 15:44 on 11/12/2012 (AE)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
SPTD -> Disabled (Service running -> reboot required)


-=E.O.F=-

2.aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-11 16:06:32
-----------------------------
16:06:32.069 OS Version: Windows x64 6.1.7601 Service Pack 1
16:06:32.069 Number of processors: 4 586 0x2A07
16:06:32.069 ComputerName: AE-ELITEBOOK UserName: AE
16:06:34.768 Initialize success
16:06:39.308 AVAST engine defs: 12121101
16:06:44.705 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
16:06:44.705 Disk 0 Vendor: ST9750420AS 0001SDM5 Size: 715404MB BusType: 3
16:06:44.736 Disk 0 MBR read successfully
16:06:44.736 Disk 0 MBR scan
16:06:44.736 Disk 0 Windows 7 default MBR code
16:06:44.752 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 710275 MB offset 2048
16:06:44.783 Disk 0 Partition 2 00 0C FAT32 LBA MSDOS5.0 5120 MB offset 1454647296
16:06:44.814 Disk 0 scanning C:\Windows\system32\drivers
16:07:01.461 Service scanning
16:07:27.123 Modules scanning
16:07:27.123 Disk 0 trace - called modules:
16:07:27.216 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
16:07:27.216 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004d64060]
16:07:27.232 3 CLASSPNP.SYS[fffff88001ba343f] -> nt!IofCallDriver -> [0xfffffa8004bf5b10]
16:07:27.232 5 hpdskflt.sys[fffff88001b4a189] -> nt!IofCallDriver -> [0xfffffa8004af2bc0]
16:07:27.232 7 ACPI.sys[fffff88000f6b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004adf060]
16:07:42.426 AVAST engine scan C:\Windows
16:07:45.499 Disk 0 MBR has been saved successfully to "C:\Users\AE\Desktop\MBR.dat"
16:07:45.499 The log file has been saved successfully to "C:\Users\AE\Desktop\aswMBR.txt"


Bei C:\windows\assembly\GAL_MSIL\Microsoft.visualStudio.Tools.Applications
bricht Windows das Programm ab.

Ich mache jetzt mit TDSS weiter.

Ok hier TDSS ohne Befund:

16:15:19.0144 2424 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:15:19.0456 2424 ============================================================
16:15:19.0456 2424 Current date / time: 2012/12/11 16:15:19.0456
16:15:19.0456 2424 SystemInfo:
16:15:19.0456 2424
16:15:19.0456 2424 OS Version: 6.1.7601 ServicePack: 1.0
16:15:19.0456 2424 Product type: Workstation
16:15:19.0456 2424 ComputerName: AE-ELITEBOOK
16:15:19.0456 2424 UserName: AE
16:15:19.0456 2424 Windows directory: C:\Windows
16:15:19.0456 2424 System windows directory: C:\Windows
16:15:19.0456 2424 Running under WOW64
16:15:19.0456 2424 Processor architecture: Intel x64
16:15:19.0456 2424 Number of processors: 4
16:15:19.0456 2424 Page size: 0x1000
16:15:19.0456 2424 Boot type: Normal boot
16:15:19.0456 2424 ============================================================
16:15:20.0844 2424 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:15:20.0844 2424 Drive \Device\Harddisk1\DR1 - Size: 0x7470C00000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:15:20.0844 2424 ============================================================
16:15:20.0844 2424 \Device\Harddisk0\DR0:
16:15:20.0844 2424 MBR partitions:
16:15:20.0844 2424 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x56B41EF0
16:15:20.0844 2424 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x56B42800, BlocksNum 0xA00000
16:15:20.0844 2424 \Device\Harddisk1\DR1:
16:15:20.0844 2424 MBR partitions:
16:15:20.0844 2424 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x800, BlocksNum 0x3A384441
16:15:20.0844 2424 ============================================================
16:15:20.0876 2424 C: <-> \Device\Harddisk0\DR0\Partition1
16:15:20.0907 2424 E: <-> \Device\Harddisk0\DR0\Partition2
16:15:20.0907 2424 F: <-> \Device\Harddisk1\DR1\Partition1
16:15:20.0907 2424 ============================================================
16:15:20.0907 2424 Initialize success
16:15:20.0907 2424 ============================================================
16:15:30.0750 4364 ============================================================
16:15:30.0750 4364 Scan started
16:15:30.0750 4364 Mode: Manual; TDLFS;
16:15:30.0750 4364 ============================================================
16:15:31.0437 4364 ================ Scan system memory ========================
16:15:31.0437 4364 System memory - ok
16:15:31.0437 4364 ================ Scan services =============================
16:15:31.0562 4364 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:15:31.0562 4364 1394ohci - ok
16:15:31.0608 4364 [ 6C5461EEB3FFA1B1DCF9A07F8C3B3AFE ] 20491751 C:\Windows\system32\DRIVERS\20491751.sys
16:15:31.0608 4364 20491751 - ok
16:15:31.0624 4364 [ 3EC7DFDA521B4FB22CE9F76DF15DB099 ] 20491752 C:\Windows\system32\DRIVERS\20491752.sys
16:15:31.0624 4364 20491752 - ok
16:15:31.0671 4364 [ A3D3A95303269011060BBCFB97CA1DD5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
16:15:31.0671 4364 Accelerometer - ok
16:15:31.0686 4364 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:15:31.0686 4364 ACPI - ok
16:15:31.0733 4364 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:15:31.0733 4364 AcpiPmi - ok
16:15:31.0827 4364 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:15:31.0827 4364 AdobeARMservice - ok
16:15:31.0936 4364 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:15:31.0952 4364 AdobeFlashPlayerUpdateSvc - ok
16:15:31.0983 4364 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:15:31.0998 4364 adp94xx - ok
16:15:32.0014 4364 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:15:32.0030 4364 adpahci - ok
16:15:32.0030 4364 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:15:32.0030 4364 adpu320 - ok
16:15:32.0061 4364 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:15:32.0061 4364 AeLookupSvc - ok
16:15:32.0154 4364 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
16:15:32.0154 4364 AESTFilters - ok
16:15:32.0186 4364 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:15:32.0201 4364 AFD - ok
16:15:32.0232 4364 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
16:15:32.0248 4364 AgereSoftModem - ok
16:15:32.0279 4364 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:15:32.0279 4364 agp440 - ok
16:15:32.0310 4364 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:15:32.0310 4364 ALG - ok
16:15:32.0310 4364 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:15:32.0310 4364 aliide - ok
16:15:32.0357 4364 [ CFB48BC8B4A5A43075F8363D8B8E34C0 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:15:32.0357 4364 AMD External Events Utility - ok
16:15:32.0373 4364 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:15:32.0373 4364 amdide - ok
16:15:32.0388 4364 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:15:32.0388 4364 AmdK8 - ok
16:15:32.0544 4364 [ E4ADB0BFC3F2F878FA1BAA3187A48F42 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:15:32.0669 4364 amdkmdag - ok
16:15:32.0685 4364 [ 6B68035CEA83015C055E6621669C1CAA ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
16:15:32.0685 4364 amdkmdap - ok
16:15:32.0700 4364 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:15:32.0700 4364 AmdPPM - ok
16:15:32.0732 4364 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:15:32.0732 4364 amdsata - ok
16:15:32.0747 4364 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:15:32.0747 4364 amdsbs - ok
16:15:32.0763 4364 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:15:32.0763 4364 amdxata - ok
16:15:32.0825 4364 [ B9B5DFAFEA592BD4CA967824EBB42E3D ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
16:15:32.0825 4364 AntiVirMailService - ok
16:15:32.0841 4364 [ 67B1D78711B4386C26241096326EE14A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
16:15:32.0841 4364 AntiVirSchedulerService - ok
16:15:32.0841 4364 [ 845C4E7AE211EDAD5E0B832126F56932 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
16:15:32.0841 4364 AntiVirService - ok
16:15:32.0856 4364 [ 30D71E0C149943A8985D02EA0944F2FE ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
16:15:32.0856 4364 AntiVirWebService - ok
16:15:32.0919 4364 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:15:32.0919 4364 AppID - ok
16:15:32.0950 4364 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:15:32.0950 4364 AppIDSvc - ok
16:15:32.0966 4364 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:15:32.0966 4364 Appinfo - ok
16:15:33.0028 4364 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:15:33.0028 4364 Apple Mobile Device - ok
16:15:33.0059 4364 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
16:15:33.0075 4364 AppMgmt - ok
16:15:33.0090 4364 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
16:15:33.0090 4364 arc - ok
16:15:33.0106 4364 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:15:33.0106 4364 arcsas - ok
16:15:33.0153 4364 [ 357635F16D28558C50870F4EF8AA4712 ] ARCVCAM C:\Windows\system32\DRIVERS\ArcSoftVCapture.sys
16:15:33.0153 4364 ARCVCAM - ok
16:15:33.0262 4364 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:15:33.0278 4364 aspnet_state - ok
16:15:33.0293 4364 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:15:33.0309 4364 AsyncMac - ok
16:15:33.0324 4364 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:15:33.0324 4364 atapi - ok
16:15:33.0371 4364 [ 4BF5BCA6E2608CD8A00BC4A6673A9F47 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
16:15:33.0371 4364 AtiHDAudioService - ok
16:15:33.0418 4364 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:15:33.0434 4364 AudioEndpointBuilder - ok
16:15:33.0434 4364 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:15:33.0449 4364 AudioSrv - ok
16:15:33.0449 4364 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
16:15:33.0449 4364 avgntflt - ok
16:15:33.0480 4364 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
16:15:33.0480 4364 avipbb - ok
16:15:33.0496 4364 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
16:15:33.0496 4364 avkmgr - ok
16:15:33.0527 4364 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:15:33.0527 4364 AxInstSV - ok
16:15:33.0558 4364 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
16:15:33.0574 4364 b06bdrv - ok
16:15:33.0590 4364 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:15:33.0590 4364 b57nd60a - ok
16:15:33.0636 4364 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:15:33.0636 4364 BDESVC - ok
16:15:33.0668 4364 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:15:33.0668 4364 Beep - ok
16:15:33.0714 4364 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
16:15:33.0730 4364 BFE - ok
16:15:33.0761 4364 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
16:15:33.0777 4364 BITS - ok
16:15:33.0777 4364 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:15:33.0777 4364 blbdrive - ok
16:15:33.0839 4364 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:15:33.0839 4364 Bonjour Service - ok
16:15:33.0870 4364 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:15:33.0870 4364 bowser - ok
16:15:33.0886 4364 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:15:33.0886 4364 BrFiltLo - ok
16:15:33.0886 4364 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:15:33.0886 4364 BrFiltUp - ok
16:15:33.0933 4364 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:15:33.0933 4364 Browser - ok
16:15:33.0948 4364 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:15:33.0948 4364 Brserid - ok
16:15:33.0948 4364 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:15:33.0948 4364 BrSerWdm - ok
16:15:33.0948 4364 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:15:33.0948 4364 BrUsbMdm - ok
16:15:33.0964 4364 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:15:33.0964 4364 BrUsbSer - ok
16:15:34.0011 4364 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
16:15:34.0011 4364 BthEnum - ok
16:15:34.0011 4364 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:15:34.0011 4364 BTHMODEM - ok
16:15:34.0042 4364 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
16:15:34.0042 4364 BthPan - ok
16:15:34.0058 4364 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
16:15:34.0073 4364 BTHPORT - ok
16:15:34.0089 4364 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:15:34.0089 4364 bthserv - ok
16:15:34.0104 4364 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
16:15:34.0104 4364 BTHUSB - ok
16:15:34.0229 4364 [ 9D8A415DF6E7BEF4FC34BF0A4C5C69AC ] Canon Driver Information Assist Service C:\Program Files\Canon\DIAS\CnxDIAS.exe
16:15:34.0323 4364 Canon Driver Information Assist Service - ok
16:15:34.0370 4364 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:15:34.0370 4364 cdfs - ok
16:15:34.0416 4364 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
16:15:34.0416 4364 cdrom - ok
16:15:34.0463 4364 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:15:34.0463 4364 CertPropSvc - ok
16:15:34.0479 4364 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:15:34.0479 4364 circlass - ok
16:15:34.0510 4364 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:15:34.0510 4364 CLFS - ok
16:15:34.0557 4364 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:15:34.0557 4364 clr_optimization_v2.0.50727_32 - ok
16:15:34.0604 4364 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:15:34.0604 4364 clr_optimization_v2.0.50727_64 - ok
16:15:34.0697 4364 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:15:34.0760 4364 clr_optimization_v4.0.30319_32 - ok
16:15:34.0791 4364 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:15:34.0806 4364 clr_optimization_v4.0.30319_64 - ok
16:15:34.0822 4364 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:15:34.0822 4364 CmBatt - ok
16:15:34.0853 4364 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:15:34.0853 4364 cmdide - ok
16:15:34.0900 4364 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
16:15:34.0916 4364 CNG - ok
16:15:34.0931 4364 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:15:34.0931 4364 Compbatt - ok
16:15:34.0962 4364 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:15:34.0962 4364 CompositeBus - ok
16:15:34.0962 4364 COMSysApp - ok
16:15:34.0978 4364 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:15:34.0978 4364 crcdisk - ok
16:15:35.0009 4364 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:15:35.0009 4364 CryptSvc - ok
16:15:35.0056 4364 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
16:15:35.0056 4364 CSC - ok
16:15:35.0087 4364 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
16:15:35.0087 4364 CscService - ok
16:15:35.0150 4364 [ 2E3374F9F0B5A3247B779978980C24CB ] DAMDrv C:\Windows\system32\DRIVERS\DAMDrv64.sys
16:15:35.0150 4364 DAMDrv - ok
16:15:35.0181 4364 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:15:35.0181 4364 DcomLaunch - ok
16:15:35.0196 4364 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:15:35.0212 4364 defragsvc - ok
16:15:35.0243 4364 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:15:35.0243 4364 DfsC - ok
16:15:35.0290 4364 [ 2D589A2C024B2FB238535DB9F7B3597D ] DgiVecp C:\Windows\system32\Drivers\DgiVecp.sys
16:15:35.0290 4364 DgiVecp - ok
16:15:35.0306 4364 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:15:35.0306 4364 Dhcp - ok
16:15:35.0321 4364 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:15:35.0321 4364 discache - ok
16:15:35.0352 4364 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:15:35.0352 4364 Disk - ok
16:15:35.0368 4364 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:15:35.0368 4364 Dnscache - ok
16:15:35.0415 4364 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:15:35.0415 4364 dot3svc - ok
16:15:35.0508 4364 [ AA224B1BA5B2093DE97D6FCDDCF5D13B ] DpHost C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
16:15:35.0524 4364 DpHost - ok
16:15:35.0555 4364 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:15:35.0555 4364 DPS - ok
16:15:35.0633 4364 [ D6A3C0BB5D4A42DA68B02CF6F240E010 ] DragonSvc C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
16:15:35.0649 4364 DragonSvc - ok
16:15:35.0664 4364 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:15:35.0664 4364 drmkaud - ok
16:15:35.0711 4364 [ 209F1A92CB507B2C2EB9E28A1416590E ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:15:35.0727 4364 DXGKrnl - ok
16:15:35.0867 4364 [ 4E6C490CBD91CDF4D42EDC973D6D1835 ] DymoPnpService C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
16:15:35.0867 4364 DymoPnpService - ok
16:15:35.0914 4364 [ DC1776D086AA9733B1929A3D979D9FDD ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
16:15:35.0914 4364 e1cexpress - ok
16:15:35.0930 4364 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:15:35.0930 4364 EapHost - ok
16:15:35.0992 4364 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
16:15:36.0039 4364 ebdrv - ok
16:15:36.0070 4364 [ F88F2E5806FC405B0FA94B7947A5875E ] ecnssndis C:\Windows\system32\Drivers\wwuss64.sys
16:15:36.0070 4364 ecnssndis - ok
16:15:36.0070 4364 [ C8CD88218EFC28F7E44A9892B3E97F4D ] ecnssndisfltr C:\Windows\system32\Drivers\wwussf64.sys
16:15:36.0070 4364 ecnssndisfltr - ok
16:15:36.0101 4364 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:15:36.0101 4364 EFS - ok
16:15:36.0132 4364 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:15:36.0148 4364 ehRecvr - ok
16:15:36.0164 4364 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:15:36.0179 4364 ehSched - ok
16:15:36.0195 4364 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:15:36.0210 4364 elxstor - ok
16:15:36.0242 4364 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:15:36.0242 4364 ErrDev - ok
16:15:36.0273 4364 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:15:36.0273 4364 EventSystem - ok
16:15:36.0304 4364 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:15:36.0304 4364 exfat - ok
16:15:36.0320 4364 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:15:36.0320 4364 fastfat - ok
16:15:36.0351 4364 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:15:36.0366 4364 Fax - ok
16:15:36.0382 4364 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:15:36.0382 4364 fdc - ok
16:15:36.0398 4364 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:15:36.0398 4364 fdPHost - ok
16:15:36.0413 4364 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:15:36.0413 4364 FDResPub - ok
16:15:36.0429 4364 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:15:36.0429 4364 FileInfo - ok
16:15:36.0444 4364 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:15:36.0444 4364 Filetrace - ok
16:15:36.0522 4364 [ 87B3E5C567509DDF3B124B16A6A3FBB7 ] FLCDLOCK C:\Windows\SysWOW64\flcdlock.exe
16:15:36.0554 4364 FLCDLOCK - ok
16:15:36.0554 4364 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:15:36.0554 4364 flpydisk - ok
16:15:36.0600 4364 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:15:36.0600 4364 FltMgr - ok
16:15:36.0632 4364 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
16:15:36.0647 4364 FontCache - ok
16:15:36.0694 4364 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:15:36.0694 4364 FontCache3.0.0.0 - ok
16:15:36.0725 4364 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:15:36.0725 4364 FsDepends - ok
16:15:36.0756 4364 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:15:36.0756 4364 Fs_Rec - ok
16:15:36.0772 4364 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:15:36.0772 4364 fvevol - ok
16:15:36.0788 4364 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:15:36.0788 4364 gagp30kx - ok
16:15:36.0819 4364 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:15:36.0819 4364 GEARAspiWDM - ok
16:15:36.0866 4364 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:15:36.0866 4364 gpsvc - ok
16:15:36.0944 4364 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:15:36.0944 4364 gupdate - ok
16:15:36.0944 4364 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:15:36.0944 4364 gupdatem - ok
16:15:36.0990 4364 [ 0FEF994D890C92D8F23442BC52D4FEA9 ] h36wgps C:\Windows\system32\DRIVERS\h36wgps64.sys
16:15:36.0990 4364 h36wgps - ok
16:15:37.0006 4364 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:15:37.0006 4364 hcw85cir - ok
16:15:37.0053 4364 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:15:37.0053 4364 HdAudAddService - ok
16:15:37.0084 4364 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:15:37.0084 4364 HDAudBus - ok
16:15:37.0100 4364 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:15:37.0100 4364 HidBatt - ok
16:15:37.0100 4364 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:15:37.0100 4364 HidBth - ok
16:15:37.0100 4364 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:15:37.0100 4364 HidIr - ok
16:15:37.0131 4364 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
16:15:37.0131 4364 hidserv - ok
16:15:37.0146 4364 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:15:37.0146 4364 HidUsb - ok
16:15:37.0193 4364 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:15:37.0193 4364 hkmsvc - ok
16:15:37.0224 4364 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:15:37.0224 4364 HomeGroupListener - ok
16:15:37.0271 4364 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:15:37.0271 4364 HomeGroupProvider - ok
16:15:37.0318 4364 [ 02C2108111D9656A9729995D2219FB99 ] HP Power Assistant Service C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
16:15:37.0318 4364 HP Power Assistant Service - ok
16:15:37.0396 4364 [ 37890FDD25BEAC6AEDA3E2D57F2B29EB ] HP ProtectTools Service C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
16:15:37.0412 4364 HP ProtectTools Service - ok
16:15:37.0474 4364 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
16:15:37.0474 4364 HP Support Assistant Service - ok
16:15:37.0536 4364 [ E040F0064D39F73BB4995D494F3DCBB8 ] hpCMSrv C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
16:15:37.0536 4364 hpCMSrv - ok
16:15:37.0583 4364 [ A9FC4D7EA174BBF5A675B299FFAD80A2 ] HPDayStarterService C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
16:15:37.0583 4364 HPDayStarterService - ok
16:15:37.0646 4364 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
16:15:37.0646 4364 HPDrvMntSvc.exe - ok
16:15:37.0677 4364 [ 4EC5F601B46C00DF87323CD58E8AA1A3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
16:15:37.0677 4364 hpdskflt - ok
16:15:37.0739 4364 [ 98FAB0413C7365C9069994D7CE47F3EC ] HPFSService C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
16:15:37.0739 4364 HPFSService - ok
16:15:37.0786 4364 [ 0ADC6AFAB2B17FFC9C6E24DD1583F888 ] hpHotkeyMonitor C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
16:15:37.0786 4364 hpHotkeyMonitor - ok
16:15:37.0802 4364 [ B98EE5D4535A685634B90F7E04DE0DF7 ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
16:15:37.0802 4364 HpqKbFiltr - ok
16:15:37.0833 4364 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
16:15:37.0833 4364 hpqwmiex - ok
16:15:37.0895 4364 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:15:37.0895 4364 HpSAMD - ok
16:15:37.0926 4364 [ 3A63CD2EAC2188CF2660A8E8DA701AB7 ] hpsrv C:\Windows\system32\Hpservice.exe
16:15:37.0926 4364 hpsrv - ok
16:15:37.0973 4364 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:15:37.0973 4364 HTTP - ok
16:15:38.0020 4364 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:15:38.0020 4364 hwpolicy - ok
16:15:38.0036 4364 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
16:15:38.0036 4364 i8042prt - ok
16:15:38.0051 4364 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:15:38.0067 4364 iaStorV - ok
16:15:38.0098 4364 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:15:38.0129 4364 idsvc - ok
16:15:38.0192 4364 [ D59429259F82924E4D3B90C0F0FF7144 ] IFXSpMgtSrv C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe
16:15:38.0207 4364 IFXSpMgtSrv - ok
16:15:38.0223 4364 [ 0D1BFD3318674D0D6E9465936D7CC17F ] IFXTCS C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
16:15:38.0238 4364 IFXTCS - ok
16:15:38.0254 4364 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:15:38.0254 4364 iirsp - ok
16:15:38.0301 4364 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:15:38.0301 4364 IKEEXT - ok
16:15:38.0332 4364 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:15:38.0332 4364 intelide - ok
16:15:38.0348 4364 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:15:38.0348 4364 intelppm - ok
16:15:38.0379 4364 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:15:38.0379 4364 IPBusEnum - ok
16:15:38.0410 4364 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:15:38.0410 4364 IpFilterDriver - ok
16:15:38.0472 4364 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:15:38.0472 4364 iphlpsvc - ok
16:15:38.0504 4364 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:15:38.0504 4364 IPMIDRV - ok
16:15:38.0535 4364 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:15:38.0535 4364 IPNAT - ok
16:15:38.0582 4364 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:15:38.0597 4364 iPod Service - ok
16:15:38.0597 4364 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:15:38.0597 4364 IRENUM - ok
16:15:38.0613 4364 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:15:38.0613 4364 isapnp - ok
16:15:38.0628 4364 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:15:38.0628 4364 iScsiPrt - ok
16:15:38.0675 4364 [ 3B794CA0DE73790420DEBA3C759F1502 ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
16:15:38.0675 4364 jhi_service - ok
16:15:38.0706 4364 [ DF4265062DB60A2A72E8E04C358BD3D1 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
16:15:38.0722 4364 JMCR - ok
16:15:38.0738 4364 [ 885B4A3134E8F35A272DA63496F6E789 ] johci C:\Windows\system32\DRIVERS\johci.sys
16:15:38.0738 4364 johci - ok
16:15:38.0753 4364 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:15:38.0753 4364 kbdclass - ok
16:15:38.0784 4364 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:15:38.0784 4364 kbdhid - ok
16:15:38.0800 4364 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:15:38.0800 4364 KeyIso - ok
16:15:38.0831 4364 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:15:38.0831 4364 KSecDD - ok
16:15:38.0862 4364 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:15:38.0862 4364 KSecPkg - ok
16:15:38.0878 4364 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:15:38.0878 4364 ksthunk - ok
16:15:38.0909 4364 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:15:38.0909 4364 KtmRm - ok
16:15:38.0940 4364 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:15:38.0956 4364 LanmanServer - ok
16:15:38.0987 4364 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:15:38.0987 4364 LanmanWorkstation - ok
16:15:39.0018 4364 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:15:39.0018 4364 lltdio - ok
16:15:39.0034 4364 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:15:39.0034 4364 lltdsvc - ok
16:15:39.0050 4364 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:15:39.0050 4364 lmhosts - ok
16:15:39.0112 4364 [ DE75F2EA497DA4B3A764D4EAC43135E9 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:15:39.0112 4364 LMS - ok
16:15:39.0128 4364 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:15:39.0128 4364 LSI_FC - ok
16:15:39.0143 4364 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:15:39.0143 4364 LSI_SAS - ok
16:15:39.0143 4364 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:15:39.0143 4364 LSI_SAS2 - ok
16:15:39.0159 4364 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:15:39.0159 4364 LSI_SCSI - ok
16:15:39.0174 4364 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:15:39.0174 4364 luafv - ok
16:15:39.0190 4364 [ 0845DA0BFF1AF5C57DE4DD97ACAF2FCD ] Mbm3CBus C:\Windows\system32\DRIVERS\Mbm3CBus.sys
16:15:39.0190 4364 Mbm3CBus - ok
16:15:39.0206 4364 [ DB6FA599AA79324E287C4EAF6020DA37 ] Mbm3DevMt C:\Windows\system32\DRIVERS\Mbm3DevMt.sys
16:15:39.0206 4364 Mbm3DevMt - ok
16:15:39.0221 4364 [ 2F71EDB697752D409B9983F0E1D88F70 ] Mbm3mdfl C:\Windows\system32\DRIVERS\Mbm3mdfl.sys
16:15:39.0221 4364 Mbm3mdfl - ok
16:15:39.0268 4364 [ 21B412A36DE3CCFE4E13383B88CFC90C ] Mbm3Mdm C:\Windows\system32\DRIVERS\Mbm3Mdm.sys
16:15:39.0268 4364 Mbm3Mdm - ok
16:15:39.0362 4364 [ 80E7E71CAAF758BF084BDF13996D52D0 ] McAfee Endpoint Encryption Agent C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
16:15:39.0377 4364 McAfee Endpoint Encryption Agent - ok
16:15:39.0408 4364 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:15:39.0408 4364 Mcx2Svc - ok
16:15:39.0471 4364 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
16:15:39.0471 4364 MDM - ok
16:15:39.0486 4364 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:15:39.0486 4364 megasas - ok
16:15:39.0518 4364 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:15:39.0518 4364 MegaSR - ok
16:15:39.0549 4364 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:15:39.0549 4364 MEIx64 - ok
16:15:39.0596 4364 [ A11F574A809B3751A17815F00C88781F ] MfeEpePc C:\Windows\system32\drivers\MfeEpePc.sys
16:15:39.0596 4364 MfeEpePc - ok
16:15:39.0611 4364 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:15:39.0627 4364 MMCSS - ok
16:15:39.0705 4364 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:15:39.0705 4364 Modem - ok
16:15:39.0783 4364 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:15:39.0783 4364 monitor - ok
16:15:39.0814 4364 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:15:39.0830 4364 mouclass - ok
16:15:39.0845 4364 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:15:39.0845 4364 mouhid - ok
16:15:39.0876 4364 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:15:39.0876 4364 mountmgr - ok
16:15:39.0970 4364 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:15:39.0970 4364 MozillaMaintenance - ok
16:15:40.0001 4364 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:15:40.0001 4364 mpio - ok
16:15:40.0017 4364 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:15:40.0017 4364 mpsdrv - ok
16:15:40.0064 4364 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:15:40.0079 4364 MpsSvc - ok
16:15:40.0110 4364 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:15:40.0110 4364 MRxDAV - ok
16:15:40.0126 4364 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:15:40.0126 4364 mrxsmb - ok
16:15:40.0142 4364 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:15:40.0157 4364 mrxsmb10 - ok
16:15:40.0157 4364 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:15:40.0157 4364 mrxsmb20 - ok
16:15:40.0188 4364 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:15:40.0188 4364 msahci - ok
16:15:40.0204 4364 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:15:40.0204 4364 msdsm - ok
16:15:40.0204 4364 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:15:40.0220 4364 MSDTC - ok
16:15:40.0235 4364 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:15:40.0235 4364 Msfs - ok
16:15:40.0235 4364 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:15:40.0235 4364 mshidkmdf - ok
16:15:40.0251 4364 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:15:40.0251 4364 msisadrv - ok
16:15:40.0266 4364 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:15:40.0266 4364 MSiSCSI - ok
16:15:40.0266 4364 msiserver - ok
16:15:40.0298 4364 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:15:40.0298 4364 MSKSSRV - ok
16:15:40.0298 4364 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:15:40.0298 4364 MSPCLOCK - ok
16:15:40.0313 4364 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:15:40.0313 4364 MSPQM - ok
16:15:40.0344 4364 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:15:40.0344 4364 MsRPC - ok
16:15:40.0360 4364 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:15:40.0360 4364 mssmbios - ok
16:15:40.0376 4364 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:15:40.0376 4364 MSTEE - ok
16:15:40.0391 4364 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:15:40.0391 4364 MTConfig - ok
16:15:40.0407 4364 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:15:40.0407 4364 Mup - ok
16:15:40.0438 4364 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:15:40.0438 4364 napagent - ok
16:15:40.0469 4364 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:15:40.0485 4364 NativeWifiP - ok
16:15:40.0516 4364 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:15:40.0532 4364 NDIS - ok
16:15:40.0547 4364 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:15:40.0547 4364 NdisCap - ok
16:15:40.0563 4364 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:15:40.0563 4364 NdisTapi - ok
16:15:40.0610 4364 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:15:40.0610 4364 Ndisuio - ok
16:15:40.0641 4364 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:15:40.0641 4364 NdisWan - ok
16:15:40.0656 4364 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:15:40.0656 4364 NDProxy - ok
16:15:40.0703 4364 [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
16:15:40.0703 4364 Net Driver HPZ12 - ok
16:15:40.0719 4364 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:15:40.0719 4364 NetBIOS - ok
16:15:40.0766 4364 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:15:40.0766 4364 NetBT - ok
16:15:40.0781 4364 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:15:40.0781 4364 Netlogon - ok
16:15:40.0812 4364 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:15:40.0812 4364 Netman - ok
16:15:40.0890 4364 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:15:40.0906 4364 NetMsmqActivator - ok
16:15:40.0922 4364 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:15:40.0922 4364 NetPipeActivator - ok
16:15:40.0937 4364 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:15:40.0953 4364 netprofm - ok
16:15:40.0953 4364 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:15:40.0953 4364 NetTcpActivator - ok
16:15:40.0953 4364 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:15:40.0953 4364 NetTcpPortSharing - ok
16:15:41.0109 4364 [ 5D262402B0634C998F8CBCEAD7DD8676 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
16:15:41.0234 4364 NETwNs64 - ok
16:15:41.0265 4364 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:15:41.0265 4364 nfrd960 - ok
16:15:41.0358 4364 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:15:41.0405 4364 NlaSvc - ok
16:15:41.0483 4364 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:15:41.0483 4364 Npfs - ok
16:15:41.0514 4364 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:15:41.0514 4364 nsi - ok
16:15:41.0514 4364 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:15:41.0514 4364 nsiproxy - ok
16:15:41.0577 4364 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:15:41.0592 4364 Ntfs - ok
16:15:41.0608 4364 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:15:41.0608 4364 Null - ok
16:15:41.0639 4364 [ 158AD24745BD85BA9BE3C51C38F48C32 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
16:15:41.0639 4364 nusb3hub - ok
16:15:41.0670 4364 [ D40A13B2C0891E218F9523B376955DB6 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
16:15:41.0670 4364 nusb3xhc - ok
16:15:41.0702 4364 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:15:41.0702 4364 nvraid - ok
16:15:41.0717 4364 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:15:41.0717 4364 nvstor - ok
16:15:41.0748 4364 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:15:41.0748 4364 nv_agp - ok
16:15:41.0748 4364 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:15:41.0748 4364 ohci1394 - ok
16:15:41.0795 4364 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:15:41.0811 4364 ose - ok
16:15:41.0920 4364 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:15:42.0060 4364 osppsvc - ok
16:15:42.0092 4364 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:15:42.0092 4364 p2pimsvc - ok
16:15:42.0107 4364 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:15:42.0123 4364 p2psvc - ok
16:15:42.0138 4364 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:15:42.0138 4364 Parport - ok
16:15:42.0170 4364 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:15:42.0170 4364 partmgr - ok
16:15:42.0185 4364 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:15:42.0201 4364 PcaSvc - ok
16:15:42.0232 4364 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:15:42.0232 4364 pci - ok
16:15:42.0248 4364 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:15:42.0248 4364 pciide - ok
16:15:42.0248 4364 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:15:42.0248 4364 pcmcia - ok
16:15:42.0263 4364 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:15:42.0263 4364 pcw - ok
16:15:42.0294 4364 pdfcDispatcher - ok
16:15:42.0326 4364 [ 8F924F00F2F81422FD7C340FDA0E00D8 ] PdiService C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
16:15:42.0326 4364 PdiService - ok
16:15:42.0341 4364 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:15:42.0341 4364 PEAUTH - ok
16:15:42.0388 4364 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
16:15:42.0404 4364 PeerDistSvc - ok
16:15:42.0466 4364 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:15:42.0482 4364 PerfHost - ok
16:15:42.0513 4364 [ F20612DF7E12DE3A087D0F44CC545FB1 ] PersonalSecureDrive C:\Windows\System32\drivers\psd.sys
16:15:42.0513 4364 PersonalSecureDrive - ok
16:15:42.0560 4364 [ F473D5D43FA7D5C657A3137C5171CB77 ] PersonalSecureDriveService C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
16:15:42.0560 4364 PersonalSecureDriveService - ok
16:15:42.0606 4364 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:15:42.0622 4364 pla - ok
16:15:42.0653 4364 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:15:42.0669 4364 PlugPlay - ok
16:15:42.0684 4364 [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
16:15:42.0684 4364 Pml Driver HPZ12 - ok
16:15:42.0716 4364 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:15:42.0716 4364 PNRPAutoReg - ok
16:15:42.0731 4364 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:15:42.0731 4364 PNRPsvc - ok
16:15:42.0762 4364 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
16:15:42.0762 4364 Point64 - ok
16:15:42.0794 4364 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:15:42.0794 4364 PolicyAgent - ok
16:15:42.0825 4364 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
16:15:42.0825 4364 Power - ok
16:15:42.0856 4364 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:15:42.0856 4364 PptpMiniport - ok
16:15:42.0872 4364 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:15:42.0872 4364 Processor - ok
16:15:42.0903 4364 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
16:15:42.0903 4364 ProfSvc - ok
16:15:42.0918 4364 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:15:42.0918 4364 ProtectedStorage - ok
16:15:42.0965 4364 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:15:42.0965 4364 Psched - ok
16:15:42.0996 4364 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
16:15:42.0996 4364 PxHlpa64 - ok
16:15:43.0043 4364 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:15:43.0074 4364 ql2300 - ok
16:15:43.0074 4364 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:15:43.0090 4364 ql40xx - ok
16:15:43.0106 4364 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:15:43.0106 4364 QWAVE - ok
16:15:43.0121 4364 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:15:43.0121 4364 QWAVEdrv - ok
16:15:43.0121 4364 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:15:43.0121 4364 RasAcd - ok
16:15:43.0152 4364 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:15:43.0152 4364 RasAgileVpn - ok
16:15:43.0168 4364 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:15:43.0168 4364 RasAuto - ok
16:15:43.0199 4364 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:15:43.0199 4364 Rasl2tp - ok
16:15:43.0246 4364 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:15:43.0246 4364 RasMan - ok
16:15:43.0262 4364 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:15:43.0262 4364 RasPppoe - ok
16:15:43.0262 4364 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:15:43.0262 4364 RasSstp - ok
16:15:43.0277 4364 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:15:43.0277 4364 rdbss - ok
16:15:43.0293 4364 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:15:43.0293 4364 rdpbus - ok
16:15:43.0324 4364 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:15:43.0324 4364 RDPCDD - ok
16:15:43.0355 4364 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
16:15:43.0355 4364 RDPDR - ok
16:15:43.0371 4364 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:15:43.0371 4364 RDPENCDD - ok
16:15:43.0371 4364 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:15:43.0371 4364 RDPREFMP - ok
16:15:43.0402 4364 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:15:43.0402 4364 RDPWD - ok
16:15:43.0449 4364 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:15:43.0464 4364 rdyboost - ok
16:15:43.0464 4364 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:15:43.0464 4364 RemoteAccess - ok
16:15:43.0480 4364 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:15:43.0480 4364 RemoteRegistry - ok
16:15:43.0496 4364 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
16:15:43.0496 4364 RFCOMM - ok
16:15:43.0589 4364 [ 7566F7C551606D44479A5E22F3405B89 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
16:15:43.0620 4364 RoxMediaDB12OEM - ok
16:15:43.0636 4364 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:15:43.0636 4364 RpcEptMapper - ok
16:15:43.0667 4364 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:15:43.0667 4364 RpcLocator - ok
16:15:43.0698 4364 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
16:15:43.0698 4364 RpcSs - ok
16:15:43.0714 4364 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:15:43.0714 4364 rspndr - ok
16:15:43.0745 4364 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
16:15:43.0745 4364 s3cap - ok
16:15:43.0761 4364 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:15:43.0761 4364 SamSs - ok
16:15:43.0792 4364 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:15:43.0792 4364 sbp2port - ok
16:15:43.0808 4364 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:15:43.0808 4364 SCardSvr - ok
16:15:43.0839 4364 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:15:43.0839 4364 scfilter - ok
16:15:43.0870 4364 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:15:43.0870 4364 Schedule - ok
16:15:43.0901 4364 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:15:43.0901 4364 SCPolicySvc - ok
16:15:43.0917 4364 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
16:15:43.0917 4364 sdbus - ok
16:15:43.0948 4364 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:15:43.0964 4364 SDRSVC - ok
16:15:43.0979 4364 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:15:43.0979 4364 secdrv - ok
16:15:43.0995 4364 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:15:43.0995 4364 seclogon - ok
16:15:44.0010 4364 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:15:44.0026 4364 SENS - ok
16:15:44.0026 4364 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:15:44.0026 4364 SensrSvc - ok
16:15:44.0042 4364 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:15:44.0042 4364 Serenum - ok
16:15:44.0057 4364 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:15:44.0057 4364 Serial - ok
16:15:44.0104 4364 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:15:44.0104 4364 sermouse - ok
16:15:44.0135 4364 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:15:44.0135 4364 SessionEnv - ok
16:15:44.0198 4364 [ 8423DB42808E94847EC4E53EFDA6BEE2 ] setup_9.0.0.722_09.12.2012_06-10drv C:\Windows\system32\DRIVERS\2049175.sys
16:15:44.0198 4364 setup_9.0.0.722_09.12.2012_06-10drv - ok
16:15:44.0213 4364 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:15:44.0213 4364 sffdisk - ok
16:15:44.0229 4364 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:15:44.0229 4364 sffp_mmc - ok
16:15:44.0229 4364 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:15:44.0229 4364 sffp_sd - ok
16:15:44.0244 4364 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:15:44.0244 4364 sfloppy - ok
16:15:44.0276 4364 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:15:44.0276 4364 SharedAccess - ok
16:15:44.0322 4364 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:15:44.0322 4364 ShellHWDetection - ok
16:15:44.0338 4364 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:15:44.0338 4364 SiSRaid2 - ok
16:15:44.0354 4364 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:15:44.0354 4364 SiSRaid4 - ok
16:15:44.0354 4364 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:15:44.0369 4364 Smb - ok
16:15:44.0385 4364 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:15:44.0385 4364 SNMPTRAP - ok
16:15:44.0447 4364 [ 43FBAA2C9E6B01B6AFC40B69019C27EC ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
16:15:44.0478 4364 SNP2UVC - ok
16:15:44.0494 4364 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:15:44.0494 4364 spldr - ok
16:15:44.0541 4364 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
16:15:44.0541 4364 Spooler - ok
16:15:44.0619 4364 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:15:44.0666 4364 sppsvc - ok
16:15:44.0697 4364 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:15:44.0697 4364 sppuinotify - ok
16:15:44.0744 4364 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\System32\Drivers\sptd.sys
16:15:44.0744 4364 sptd - ok
16:15:44.0790 4364 [ D8B882C520FC83547E22014FF5EC66D7 ] Spyder3 C:\Windows\system32\DRIVERS\Spyder3.sys
16:15:44.0790 4364 Spyder3 - ok
16:15:44.0822 4364 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:15:44.0822 4364 srv - ok
16:15:44.0837 4364 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:15:44.0837 4364 srv2 - ok
16:15:44.0853 4364 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:15:44.0853 4364 srvnet - ok
16:15:44.0884 4364 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:15:44.0884 4364 SSDPSRV - ok
16:15:44.0915 4364 [ 0211AB46B73A2623B86C1CFCB30579AB ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
16:15:44.0931 4364 SSPORT - ok
16:15:44.0931 4364 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:15:44.0931 4364 SstpSvc - ok
16:15:44.0993 4364 [ 0CDEA5ACBB69C45F642E96D81E906CCD ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
16:15:44.0993 4364 STacSV - ok
16:15:45.0024 4364 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:15:45.0024 4364 stexstor - ok
16:15:45.0040 4364 [ 5C8D6072D1D09F11789C6A014688048A ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
16:15:45.0056 4364 STHDA - ok
16:15:45.0087 4364 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:15:45.0102 4364 stisvc - ok
16:15:45.0134 4364 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
16:15:45.0149 4364 stllssvr - ok
16:15:45.0180 4364 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
16:15:45.0180 4364 storflt - ok
16:15:45.0196 4364 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
16:15:45.0196 4364 StorSvc - ok
16:15:45.0212 4364 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
16:15:45.0212 4364 storvsc - ok
16:15:45.0243 4364 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
16:15:45.0243 4364 swenum - ok
16:15:45.0305 4364 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
16:15:45.0321 4364 SwitchBoard - ok
16:15:45.0352 4364 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:15:45.0368 4364 swprv - ok
16:15:45.0414 4364 [ F5B46DF59FEAA48A442AED7EEB754D4B ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
16:15:45.0430 4364 SynTP - ok
16:15:45.0492 4364 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:15:45.0508 4364 SysMain - ok
16:15:45.0539 4364 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:15:45.0539 4364 TabletInputService - ok
16:15:45.0586 4364 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:15:45.0586 4364 TapiSrv - ok
16:15:45.0602 4364 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:15:45.0602 4364 TBS - ok
16:15:45.0648 4364 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:15:45.0680 4364 Tcpip - ok
16:15:45.0711 4364 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:15:45.0711 4364 TCPIP6 - ok
16:15:45.0726 4364 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:15:45.0726 4364 tcpipreg - ok
16:15:45.0742 4364 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:15:45.0742 4364 TDPIPE - ok
16:15:45.0758 4364 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:15:45.0758 4364 TDTCP - ok
16:15:45.0804 4364 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:15:45.0804 4364 tdx - ok
16:15:45.0836 4364 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
16:15:45.0836 4364 TermDD - ok
16:15:45.0851 4364 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:15:45.0851 4364 TermService - ok
16:15:45.0867 4364 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:15:45.0882 4364 Themes - ok
16:15:45.0898 4364 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:15:45.0898 4364 THREADORDER - ok
16:15:45.0929 4364 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
16:15:45.0929 4364 TPM - ok
16:15:45.0929 4364 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:15:45.0945 4364 TrkWks - ok
16:15:45.0976 4364 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:15:45.0976 4364 TrustedInstaller - ok
16:15:46.0007 4364 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:15:46.0007 4364 tssecsrv - ok
16:15:46.0054 4364 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:15:46.0054 4364 TsUsbFlt - ok
16:15:46.0085 4364 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:15:46.0085 4364 tunnel - ok
16:15:46.0116 4364 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:15:46.0116 4364 uagp35 - ok
16:15:46.0148 4364 [ D5994AB5C2B2D72D6320A7004D52617C ] uArcCapture C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe
16:15:46.0148 4364 uArcCapture - ok
16:15:46.0194 4364 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:15:46.0194 4364 udfs - ok
16:15:46.0226 4364 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:15:46.0226 4364 UI0Detect - ok
16:15:46.0241 4364 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:15:46.0257 4364 uliagpkx - ok
16:15:46.0288 4364 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:15:46.0288 4364 umbus - ok
16:15:46.0304 4364 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:15:46.0319 4364 UmPass - ok
16:15:46.0350 4364 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
16:15:46.0350 4364 UmRdpService - ok
16:15:46.0428 4364 [ 2955A9ADBC618B6A09E3D3BECC3CCB3D ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:15:46.0475 4364 UNS - ok
16:15:46.0584 4364 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:15:46.0584 4364 upnphost - ok
16:15:46.0709 4364 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
16:15:46.0709 4364 USBAAPL64 - ok
16:15:46.0803 4364 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:15:46.0803 4364 usbccgp - ok
16:15:46.0865 4364 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:15:46.0865 4364 usbcir - ok
16:15:46.0881 4364 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
16:15:46.0881 4364 usbehci - ok
16:15:46.0896 4364 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:15:46.0912 4364 usbhub - ok
16:15:46.0928 4364 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:15:46.0928 4364 usbohci - ok
16:15:46.0959 4364 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:15:46.0959 4364 usbprint - ok
16:15:46.0990 4364 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:15:46.0990 4364 usbscan - ok
16:15:47.0006 4364 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:15:47.0006 4364 USBSTOR - ok
16:15:47.0021 4364 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:15:47.0021 4364 usbuhci - ok
16:15:47.0037 4364 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
16:15:47.0037 4364 usbvideo - ok
16:15:47.0068 4364 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:15:47.0068 4364 UxSms - ok
16:15:47.0084 4364 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:15:47.0084 4364 VaultSvc - ok
16:15:47.0162 4364 [ 41EEF971DD82A3674D07F275A4DEF702 ] vcsFPService C:\Windows\system32\vcsFPService.exe
16:15:47.0208 4364 vcsFPService - ok
16:15:47.0224 4364 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:15:47.0224 4364 vdrvroot - ok
16:15:47.0255 4364 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:15:47.0271 4364 vds - ok
16:15:47.0302 4364 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:15:47.0302 4364 vga - ok
16:15:47.0302 4364 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:15:47.0302 4364 VgaSave - ok
16:15:47.0333 4364 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:15:47.0333 4364 vhdmp - ok
16:15:47.0349 4364 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:15:47.0349 4364 viaide - ok
16:15:47.0364 4364 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
16:15:47.0364 4364 vmbus - ok
16:15:47.0380 4364 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
16:15:47.0380 4364 VMBusHID - ok
16:15:47.0396 4364 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:15:47.0396 4364 volmgr - ok
16:15:47.0442 4364 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:15:47.0442 4364 volmgrx - ok
16:15:47.0474 4364 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:15:47.0474 4364 volsnap - ok
16:15:47.0505 4364 [ B4A73CA4EF9A02B9738CEA9AD5FE5917 ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys
16:15:47.0505 4364 vpcbus - ok
16:15:47.0552 4364 [ E675FB2B48C54F09895482E2253B289C ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys
16:15:47.0552 4364 vpcnfltr - ok
16:15:47.0567 4364 [ 5FB42082B0D19A0268705F1DD343DF20 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
16:15:47.0567 4364 vpcusb - ok
16:15:47.0614 4364 [ 207B6539799CC1C112661A9B620DD233 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
16:15:47.0630 4364 vpcvmm - ok
16:15:47.0661 4364 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:15:47.0661 4364 vsmraid - ok
16:15:47.0692 4364 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:15:47.0708 4364 VSS - ok
16:15:47.0723 4364 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:15:47.0723 4364 vwifibus - ok
16:15:47.0739 4364 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:15:47.0739 4364 vwififlt - ok
16:15:47.0754 4364 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
16:15:47.0754 4364 vwifimp - ok
16:15:47.0786 4364 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:15:47.0786 4364 W32Time - ok
16:15:47.0801 4364 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:15:47.0801 4364 WacomPen - ok
16:15:47.0848 4364 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:15:47.0848 4364 WANARP - ok
16:15:47.0848 4364 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:15:47.0848 4364 Wanarpv6 - ok
16:15:47.0910 4364 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
16:15:47.0926 4364 wbengine - ok
16:15:47.0942 4364 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:15:47.0942 4364 WbioSrvc - ok
16:15:47.0988 4364 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:15:47.0988 4364 wcncsvc - ok
16:15:48.0004 4364 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:15:48.0004 4364 WcsPlugInService - ok
16:15:48.0020 4364 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:15:48.0020 4364 Wd - ok
16:15:48.0066 4364 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:15:48.0066 4364 Wdf01000 - ok
16:15:48.0082 4364 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:15:48.0082 4364 WdiServiceHost - ok
16:15:48.0098 4364 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:15:48.0098 4364 WdiSystemHost - ok
16:15:48.0129 4364 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
16:15:48.0129 4364 WebClient - ok
16:15:48.0144 4364 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:15:48.0144 4364 Wecsvc - ok
16:15:48.0160 4364 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:15:48.0160 4364 wercplsupport - ok
16:15:48.0176 4364 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:15:48.0176 4364 WerSvc - ok
16:15:48.0191 4364 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:15:48.0191 4364 WfpLwf - ok
16:15:48.0191 4364 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:15:48.0191 4364 WIMMount - ok
16:15:48.0207 4364 WinDefend - ok
16:15:48.0222 4364 WinHttpAutoProxySvc - ok
16:15:48.0254 4364 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:15:48.0269 4364 Winmgmt - ok
16:15:48.0316 4364 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
16:15:48.0363 4364 WinRM - ok
16:15:48.0410 4364 [ FE88B288356E7B47B74B13372ADD906D ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
16:15:48.0410 4364 WinUSB - ok
16:15:48.0425 4364 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:15:48.0441 4364 Wlansvc - ok
16:15:48.0534 4364 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:15:48.0566 4364 wlidsvc - ok
16:15:48.0581 4364 WMCoreService - ok
16:15:48.0597 4364 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:15:48.0597 4364 WmiAcpi - ok
16:15:48.0628 4364 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:15:48.0628 4364 wmiApSrv - ok
16:15:48.0659 4364 WMPNetworkSvc - ok
16:15:48.0675 4364 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:15:48.0675 4364 WPCSvc - ok
16:15:48.0722 4364 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:15:48.0722 4364 WPDBusEnum - ok
16:15:48.0737 4364 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:15:48.0737 4364 ws2ifsl - ok
16:15:48.0753 4364 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
16:15:48.0753 4364 wscsvc - ok
16:15:48.0768 4364 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
16:15:48.0768 4364 WSDPrintDevice - ok
16:15:48.0768 4364 WSearch - ok
16:15:48.0815 4364 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:15:48.0846 4364 wuauserv - ok
16:15:48.0893 4364 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:15:48.0893 4364 WudfPf - ok
16:15:48.0909 4364 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:15:48.0909 4364 WUDFRd - ok
16:15:48.0956 4364 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:15:48.0956 4364 wudfsvc - ok
16:15:48.0987 4364 [ CE8CF9DE9CBFDAA318BD04D8BE3FCADA ] WwanSvc C:\Windows\System32\wwansvc.dll
16:15:48.0987 4364 WwanSvc - ok
16:15:49.0018 4364 [ DDA7CD9F319AA76385F24BB2BD320044 ] WwanUsbServ C:\Windows\system32\DRIVERS\WwanUsbMp64.sys
16:15:49.0018 4364 WwanUsbServ - ok
16:15:49.0034 4364 ================ Scan global ===============================
16:15:49.0049 4364 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:15:49.0096 4364 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
16:15:49.0096 4364 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
16:15:49.0112 4364 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:15:49.0143 4364 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:15:49.0143 4364 [Global] - ok
16:15:49.0143 4364 ================ Scan MBR ==================================
16:15:49.0158 4364 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:15:49.0471 4364 \Device\Harddisk0\DR0 - ok
16:15:49.0471 4364 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
16:15:49.0892 4364 \Device\Harddisk1\DR1 - ok
16:15:49.0892 4364 ================ Scan VBR ==================================
16:15:49.0985 4364 [ 0C0CB502D6797A69205C52FB2D0AFBCF ] \Device\Harddisk0\DR0\Partition1
16:15:49.0985 4364 \Device\Harddisk0\DR0\Partition1 - ok
16:15:50.0017 4364 [ 7B717028EC29EA89C138F50A6BDEE685 ] \Device\Harddisk0\DR0\Partition2
16:15:50.0017 4364 \Device\Harddisk0\DR0\Partition2 - ok
16:15:50.0017 4364 [ 7D736131B70C222B57E6AE6227E30DDB ] \Device\Harddisk1\DR1\Partition1
16:15:50.0017 4364 \Device\Harddisk1\DR1\Partition1 - ok
16:15:50.0017 4364 ============================================================
16:15:50.0017 4364 Scan finished
16:15:50.0017 4364 ============================================================
16:15:50.0017 3120 Detected object count: 0
16:15:50.0017 3120 Actual detected object count: 0


Alt 11.12.2012, 16:27   #6
Berlin_Duke
 
Telekom Nachricht: Port 25 geschlossen nach Spam Versand - Standard

Telekom Nachricht: Port 25 geschlossen nach Spam Versand


Ok hier TDSS ohne Befund:

16:15:19.0144 2424 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:15:19.0456 2424 ============================================================
16:15:19.0456 2424 Current date / time: 2012/12/11 16:15:19.0456
16:15:19.0456 2424 SystemInfo:
16:15:19.0456 2424
16:15:19.0456 2424 OS Version: 6.1.7601 ServicePack: 1.0
16:15:19.0456 2424 Product type: Workstation
16:15:19.0456 2424 ComputerName: AE-ELITEBOOK
16:15:19.0456 2424 UserName: AE
16:15:19.0456 2424 Windows directory: C:\Windows
16:15:19.0456 2424 System windows directory: C:\Windows
16:15:19.0456 2424 Running under WOW64
16:15:19.0456 2424 Processor architecture: Intel x64
16:15:19.0456 2424 Number of processors: 4
16:15:19.0456 2424 Page size: 0x1000
16:15:19.0456 2424 Boot type: Normal boot
16:15:19.0456 2424 ============================================================
16:15:20.0844 2424 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:15:20.0844 2424 Drive \Device\Harddisk1\DR1 - Size: 0x7470C00000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:15:20.0844 2424 ============================================================
16:15:20.0844 2424 \Device\Harddisk0\DR0:
16:15:20.0844 2424 MBR partitions:
16:15:20.0844 2424 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x56B41EF0
16:15:20.0844 2424 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x56B42800, BlocksNum 0xA00000
16:15:20.0844 2424 \Device\Harddisk1\DR1:
16:15:20.0844 2424 MBR partitions:
16:15:20.0844 2424 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x800, BlocksNum 0x3A384441
16:15:20.0844 2424 ============================================================
16:15:20.0876 2424 C: <-> \Device\Harddisk0\DR0\Partition1
16:15:20.0907 2424 E: <-> \Device\Harddisk0\DR0\Partition2
16:15:20.0907 2424 F: <-> \Device\Harddisk1\DR1\Partition1
16:15:20.0907 2424 ============================================================
16:15:20.0907 2424 Initialize success
16:15:20.0907 2424 ============================================================
16:15:30.0750 4364 ============================================================
16:15:30.0750 4364 Scan started
16:15:30.0750 4364 Mode: Manual; TDLFS;
16:15:30.0750 4364 ============================================================
16:15:31.0437 4364 ================ Scan system memory ========================
16:15:31.0437 4364 System memory - ok
16:15:31.0437 4364 ================ Scan services =============================
16:15:31.0562 4364 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:15:31.0562 4364 1394ohci - ok
16:15:31.0608 4364 [ 6C5461EEB3FFA1B1DCF9A07F8C3B3AFE ] 20491751 C:\Windows\system32\DRIVERS\20491751.sys
16:15:31.0608 4364 20491751 - ok
16:15:31.0624 4364 [ 3EC7DFDA521B4FB22CE9F76DF15DB099 ] 20491752 C:\Windows\system32\DRIVERS\20491752.sys
16:15:31.0624 4364 20491752 - ok
16:15:31.0671 4364 [ A3D3A95303269011060BBCFB97CA1DD5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
16:15:31.0671 4364 Accelerometer - ok
16:15:31.0686 4364 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:15:31.0686 4364 ACPI - ok
16:15:31.0733 4364 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:15:31.0733 4364 AcpiPmi - ok
16:15:31.0827 4364 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:15:31.0827 4364 AdobeARMservice - ok
16:15:31.0936 4364 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:15:31.0952 4364 AdobeFlashPlayerUpdateSvc - ok
16:15:31.0983 4364 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:15:31.0998 4364 adp94xx - ok
16:15:32.0014 4364 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:15:32.0030 4364 adpahci - ok
16:15:32.0030 4364 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:15:32.0030 4364 adpu320 - ok
16:15:32.0061 4364 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:15:32.0061 4364 AeLookupSvc - ok
16:15:32.0154 4364 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
16:15:32.0154 4364 AESTFilters - ok
16:15:32.0186 4364 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:15:32.0201 4364 AFD - ok
16:15:32.0232 4364 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
16:15:32.0248 4364 AgereSoftModem - ok
16:15:32.0279 4364 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:15:32.0279 4364 agp440 - ok
16:15:32.0310 4364 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:15:32.0310 4364 ALG - ok
16:15:32.0310 4364 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:15:32.0310 4364 aliide - ok
16:15:32.0357 4364 [ CFB48BC8B4A5A43075F8363D8B8E34C0 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:15:32.0357 4364 AMD External Events Utility - ok
16:15:32.0373 4364 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:15:32.0373 4364 amdide - ok
16:15:32.0388 4364 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:15:32.0388 4364 AmdK8 - ok
16:15:32.0544 4364 [ E4ADB0BFC3F2F878FA1BAA3187A48F42 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:15:32.0669 4364 amdkmdag - ok
16:15:32.0685 4364 [ 6B68035CEA83015C055E6621669C1CAA ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
16:15:32.0685 4364 amdkmdap - ok
16:15:32.0700 4364 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:15:32.0700 4364 AmdPPM - ok
16:15:32.0732 4364 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:15:32.0732 4364 amdsata - ok
16:15:32.0747 4364 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:15:32.0747 4364 amdsbs - ok
16:15:32.0763 4364 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:15:32.0763 4364 amdxata - ok
16:15:32.0825 4364 [ B9B5DFAFEA592BD4CA967824EBB42E3D ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
16:15:32.0825 4364 AntiVirMailService - ok
16:15:32.0841 4364 [ 67B1D78711B4386C26241096326EE14A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
16:15:32.0841 4364 AntiVirSchedulerService - ok
16:15:32.0841 4364 [ 845C4E7AE211EDAD5E0B832126F56932 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
16:15:32.0841 4364 AntiVirService - ok
16:15:32.0856 4364 [ 30D71E0C149943A8985D02EA0944F2FE ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
16:15:32.0856 4364 AntiVirWebService - ok
16:15:32.0919 4364 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:15:32.0919 4364 AppID - ok
16:15:32.0950 4364 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:15:32.0950 4364 AppIDSvc - ok
16:15:32.0966 4364 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:15:32.0966 4364 Appinfo - ok
16:15:33.0028 4364 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:15:33.0028 4364 Apple Mobile Device - ok
16:15:33.0059 4364 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
16:15:33.0075 4364 AppMgmt - ok
16:15:33.0090 4364 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
16:15:33.0090 4364 arc - ok
16:15:33.0106 4364 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:15:33.0106 4364 arcsas - ok
16:15:33.0153 4364 [ 357635F16D28558C50870F4EF8AA4712 ] ARCVCAM C:\Windows\system32\DRIVERS\ArcSoftVCapture.sys
16:15:33.0153 4364 ARCVCAM - ok
16:15:33.0262 4364 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:15:33.0278 4364 aspnet_state - ok
16:15:33.0293 4364 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:15:33.0309 4364 AsyncMac - ok
16:15:33.0324 4364 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:15:33.0324 4364 atapi - ok
16:15:33.0371 4364 [ 4BF5BCA6E2608CD8A00BC4A6673A9F47 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
16:15:33.0371 4364 AtiHDAudioService - ok
16:15:33.0418 4364 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:15:33.0434 4364 AudioEndpointBuilder - ok
16:15:33.0434 4364 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:15:33.0449 4364 AudioSrv - ok
16:15:33.0449 4364 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
16:15:33.0449 4364 avgntflt - ok
16:15:33.0480 4364 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
16:15:33.0480 4364 avipbb - ok
16:15:33.0496 4364 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
16:15:33.0496 4364 avkmgr - ok
16:15:33.0527 4364 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:15:33.0527 4364 AxInstSV - ok
16:15:33.0558 4364 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
16:15:33.0574 4364 b06bdrv - ok
16:15:33.0590 4364 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:15:33.0590 4364 b57nd60a - ok
16:15:33.0636 4364 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:15:33.0636 4364 BDESVC - ok
16:15:33.0668 4364 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:15:33.0668 4364 Beep - ok
16:15:33.0714 4364 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
16:15:33.0730 4364 BFE - ok
16:15:33.0761 4364 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
16:15:33.0777 4364 BITS - ok
16:15:33.0777 4364 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:15:33.0777 4364 blbdrive - ok
16:15:33.0839 4364 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:15:33.0839 4364 Bonjour Service - ok
16:15:33.0870 4364 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:15:33.0870 4364 bowser - ok
16:15:33.0886 4364 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:15:33.0886 4364 BrFiltLo - ok
16:15:33.0886 4364 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:15:33.0886 4364 BrFiltUp - ok
16:15:33.0933 4364 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:15:33.0933 4364 Browser - ok
16:15:33.0948 4364 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:15:33.0948 4364 Brserid - ok
16:15:33.0948 4364 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:15:33.0948 4364 BrSerWdm - ok
16:15:33.0948 4364 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:15:33.0948 4364 BrUsbMdm - ok
16:15:33.0964 4364 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:15:33.0964 4364 BrUsbSer - ok
16:15:34.0011 4364 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
16:15:34.0011 4364 BthEnum - ok
16:15:34.0011 4364 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:15:34.0011 4364 BTHMODEM - ok
16:15:34.0042 4364 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
16:15:34.0042 4364 BthPan - ok
16:15:34.0058 4364 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
16:15:34.0073 4364 BTHPORT - ok
16:15:34.0089 4364 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:15:34.0089 4364 bthserv - ok
16:15:34.0104 4364 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
16:15:34.0104 4364 BTHUSB - ok
16:15:34.0229 4364 [ 9D8A415DF6E7BEF4FC34BF0A4C5C69AC ] Canon Driver Information Assist Service C:\Program Files\Canon\DIAS\CnxDIAS.exe
16:15:34.0323 4364 Canon Driver Information Assist Service - ok
16:15:34.0370 4364 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:15:34.0370 4364 cdfs - ok
16:15:34.0416 4364 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
16:15:34.0416 4364 cdrom - ok
16:15:34.0463 4364 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:15:34.0463 4364 CertPropSvc - ok
16:15:34.0479 4364 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:15:34.0479 4364 circlass - ok
16:15:34.0510 4364 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:15:34.0510 4364 CLFS - ok
16:15:34.0557 4364 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:15:34.0557 4364 clr_optimization_v2.0.50727_32 - ok
16:15:34.0604 4364 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:15:34.0604 4364 clr_optimization_v2.0.50727_64 - ok
16:15:34.0697 4364 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:15:34.0760 4364 clr_optimization_v4.0.30319_32 - ok
16:15:34.0791 4364 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:15:34.0806 4364 clr_optimization_v4.0.30319_64 - ok
16:15:34.0822 4364 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:15:34.0822 4364 CmBatt - ok
16:15:34.0853 4364 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:15:34.0853 4364 cmdide - ok
16:15:34.0900 4364 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
16:15:34.0916 4364 CNG - ok
16:15:34.0931 4364 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:15:34.0931 4364 Compbatt - ok
16:15:34.0962 4364 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:15:34.0962 4364 CompositeBus - ok
16:15:34.0962 4364 COMSysApp - ok
16:15:34.0978 4364 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:15:34.0978 4364 crcdisk - ok
16:15:35.0009 4364 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:15:35.0009 4364 CryptSvc - ok
16:15:35.0056 4364 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
16:15:35.0056 4364 CSC - ok
16:15:35.0087 4364 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
16:15:35.0087 4364 CscService - ok
16:15:35.0150 4364 [ 2E3374F9F0B5A3247B779978980C24CB ] DAMDrv C:\Windows\system32\DRIVERS\DAMDrv64.sys
16:15:35.0150 4364 DAMDrv - ok
16:15:35.0181 4364 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:15:35.0181 4364 DcomLaunch - ok
16:15:35.0196 4364 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:15:35.0212 4364 defragsvc - ok
16:15:35.0243 4364 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:15:35.0243 4364 DfsC - ok
16:15:35.0290 4364 [ 2D589A2C024B2FB238535DB9F7B3597D ] DgiVecp C:\Windows\system32\Drivers\DgiVecp.sys
16:15:35.0290 4364 DgiVecp - ok
16:15:35.0306 4364 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:15:35.0306 4364 Dhcp - ok
16:15:35.0321 4364 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:15:35.0321 4364 discache - ok
16:15:35.0352 4364 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:15:35.0352 4364 Disk - ok
16:15:35.0368 4364 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:15:35.0368 4364 Dnscache - ok
16:15:35.0415 4364 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:15:35.0415 4364 dot3svc - ok
16:15:35.0508 4364 [ AA224B1BA5B2093DE97D6FCDDCF5D13B ] DpHost C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
16:15:35.0524 4364 DpHost - ok
16:15:35.0555 4364 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:15:35.0555 4364 DPS - ok
16:15:35.0633 4364 [ D6A3C0BB5D4A42DA68B02CF6F240E010 ] DragonSvc C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
16:15:35.0649 4364 DragonSvc - ok
16:15:35.0664 4364 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:15:35.0664 4364 drmkaud - ok
16:15:35.0711 4364 [ 209F1A92CB507B2C2EB9E28A1416590E ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:15:35.0727 4364 DXGKrnl - ok
16:15:35.0867 4364 [ 4E6C490CBD91CDF4D42EDC973D6D1835 ] DymoPnpService C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
16:15:35.0867 4364 DymoPnpService - ok
16:15:35.0914 4364 [ DC1776D086AA9733B1929A3D979D9FDD ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
16:15:35.0914 4364 e1cexpress - ok
16:15:35.0930 4364 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:15:35.0930 4364 EapHost - ok
16:15:35.0992 4364 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
16:15:36.0039 4364 ebdrv - ok
16:15:36.0070 4364 [ F88F2E5806FC405B0FA94B7947A5875E ] ecnssndis C:\Windows\system32\Drivers\wwuss64.sys
16:15:36.0070 4364 ecnssndis - ok
16:15:36.0070 4364 [ C8CD88218EFC28F7E44A9892B3E97F4D ] ecnssndisfltr C:\Windows\system32\Drivers\wwussf64.sys
16:15:36.0070 4364 ecnssndisfltr - ok
16:15:36.0101 4364 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:15:36.0101 4364 EFS - ok
16:15:36.0132 4364 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:15:36.0148 4364 ehRecvr - ok
16:15:36.0164 4364 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:15:36.0179 4364 ehSched - ok
16:15:36.0195 4364 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:15:36.0210 4364 elxstor - ok
16:15:36.0242 4364 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:15:36.0242 4364 ErrDev - ok
16:15:36.0273 4364 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:15:36.0273 4364 EventSystem - ok
16:15:36.0304 4364 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:15:36.0304 4364 exfat - ok
16:15:36.0320 4364 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:15:36.0320 4364 fastfat - ok
16:15:36.0351 4364 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:15:36.0366 4364 Fax - ok
16:15:36.0382 4364 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:15:36.0382 4364 fdc - ok
16:15:36.0398 4364 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:15:36.0398 4364 fdPHost - ok
16:15:36.0413 4364 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:15:36.0413 4364 FDResPub - ok
16:15:36.0429 4364 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:15:36.0429 4364 FileInfo - ok
16:15:36.0444 4364 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:15:36.0444 4364 Filetrace - ok
16:15:36.0522 4364 [ 87B3E5C567509DDF3B124B16A6A3FBB7 ] FLCDLOCK C:\Windows\SysWOW64\flcdlock.exe
16:15:36.0554 4364 FLCDLOCK - ok
16:15:36.0554 4364 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:15:36.0554 4364 flpydisk - ok
16:15:36.0600 4364 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:15:36.0600 4364 FltMgr - ok
16:15:36.0632 4364 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
16:15:36.0647 4364 FontCache - ok
16:15:36.0694 4364 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:15:36.0694 4364 FontCache3.0.0.0 - ok
16:15:36.0725 4364 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:15:36.0725 4364 FsDepends - ok
16:15:36.0756 4364 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:15:36.0756 4364 Fs_Rec - ok
16:15:36.0772 4364 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:15:36.0772 4364 fvevol - ok
16:15:36.0788 4364 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:15:36.0788 4364 gagp30kx - ok
16:15:36.0819 4364 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:15:36.0819 4364 GEARAspiWDM - ok
16:15:36.0866 4364 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:15:36.0866 4364 gpsvc - ok
16:15:36.0944 4364 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:15:36.0944 4364 gupdate - ok
16:15:36.0944 4364 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:15:36.0944 4364 gupdatem - ok
16:15:36.0990 4364 [ 0FEF994D890C92D8F23442BC52D4FEA9 ] h36wgps C:\Windows\system32\DRIVERS\h36wgps64.sys
16:15:36.0990 4364 h36wgps - ok
16:15:37.0006 4364 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:15:37.0006 4364 hcw85cir - ok
16:15:37.0053 4364 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:15:37.0053 4364 HdAudAddService - ok
16:15:37.0084 4364 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:15:37.0084 4364 HDAudBus - ok
16:15:37.0100 4364 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:15:37.0100 4364 HidBatt - ok
16:15:37.0100 4364 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:15:37.0100 4364 HidBth - ok
16:15:37.0100 4364 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:15:37.0100 4364 HidIr - ok
16:15:37.0131 4364 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
16:15:37.0131 4364 hidserv - ok
16:15:37.0146 4364 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:15:37.0146 4364 HidUsb - ok
16:15:37.0193 4364 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:15:37.0193 4364 hkmsvc - ok
16:15:37.0224 4364 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:15:37.0224 4364 HomeGroupListener - ok
16:15:37.0271 4364 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:15:37.0271 4364 HomeGroupProvider - ok
16:15:37.0318 4364 [ 02C2108111D9656A9729995D2219FB99 ] HP Power Assistant Service C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
16:15:37.0318 4364 HP Power Assistant Service - ok
16:15:37.0396 4364 [ 37890FDD25BEAC6AEDA3E2D57F2B29EB ] HP ProtectTools Service C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
16:15:37.0412 4364 HP ProtectTools Service - ok
16:15:37.0474 4364 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
16:15:37.0474 4364 HP Support Assistant Service - ok
16:15:37.0536 4364 [ E040F0064D39F73BB4995D494F3DCBB8 ] hpCMSrv C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
16:15:37.0536 4364 hpCMSrv - ok
16:15:37.0583 4364 [ A9FC4D7EA174BBF5A675B299FFAD80A2 ] HPDayStarterService C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
16:15:37.0583 4364 HPDayStarterService - ok
16:15:37.0646 4364 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
16:15:37.0646 4364 HPDrvMntSvc.exe - ok
16:15:37.0677 4364 [ 4EC5F601B46C00DF87323CD58E8AA1A3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
16:15:37.0677 4364 hpdskflt - ok
16:15:37.0739 4364 [ 98FAB0413C7365C9069994D7CE47F3EC ] HPFSService C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
16:15:37.0739 4364 HPFSService - ok
16:15:37.0786 4364 [ 0ADC6AFAB2B17FFC9C6E24DD1583F888 ] hpHotkeyMonitor C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
16:15:37.0786 4364 hpHotkeyMonitor - ok
16:15:37.0802 4364 [ B98EE5D4535A685634B90F7E04DE0DF7 ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
16:15:37.0802 4364 HpqKbFiltr - ok
16:15:37.0833 4364 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
16:15:37.0833 4364 hpqwmiex - ok
16:15:37.0895 4364 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:15:37.0895 4364 HpSAMD - ok
16:15:37.0926 4364 [ 3A63CD2EAC2188CF2660A8E8DA701AB7 ] hpsrv C:\Windows\system32\Hpservice.exe
16:15:37.0926 4364 hpsrv - ok
16:15:37.0973 4364 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:15:37.0973 4364 HTTP - ok
16:15:38.0020 4364 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:15:38.0020 4364 hwpolicy - ok
16:15:38.0036 4364 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
16:15:38.0036 4364 i8042prt - ok
16:15:38.0051 4364 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:15:38.0067 4364 iaStorV - ok
16:15:38.0098 4364 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:15:38.0129 4364 idsvc - ok
16:15:38.0192 4364 [ D59429259F82924E4D3B90C0F0FF7144 ] IFXSpMgtSrv C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe
16:15:38.0207 4364 IFXSpMgtSrv - ok
16:15:38.0223 4364 [ 0D1BFD3318674D0D6E9465936D7CC17F ] IFXTCS C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
16:15:38.0238 4364 IFXTCS - ok
16:15:38.0254 4364 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:15:38.0254 4364 iirsp - ok
16:15:38.0301 4364 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:15:38.0301 4364 IKEEXT - ok
16:15:38.0332 4364 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:15:38.0332 4364 intelide - ok
16:15:38.0348 4364 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:15:38.0348 4364 intelppm - ok
16:15:38.0379 4364 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:15:38.0379 4364 IPBusEnum - ok
16:15:38.0410 4364 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:15:38.0410 4364 IpFilterDriver - ok
16:15:38.0472 4364 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:15:38.0472 4364 iphlpsvc - ok
16:15:38.0504 4364 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:15:38.0504 4364 IPMIDRV - ok
16:15:38.0535 4364 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:15:38.0535 4364 IPNAT - ok
16:15:38.0582 4364 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:15:38.0597 4364 iPod Service - ok
16:15:38.0597 4364 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:15:38.0597 4364 IRENUM - ok
16:15:38.0613 4364 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:15:38.0613 4364 isapnp - ok
16:15:38.0628 4364 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:15:38.0628 4364 iScsiPrt - ok
16:15:38.0675 4364 [ 3B794CA0DE73790420DEBA3C759F1502 ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
16:15:38.0675 4364 jhi_service - ok
16:15:38.0706 4364 [ DF4265062DB60A2A72E8E04C358BD3D1 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
16:15:38.0722 4364 JMCR - ok
16:15:38.0738 4364 [ 885B4A3134E8F35A272DA63496F6E789 ] johci C:\Windows\system32\DRIVERS\johci.sys
16:15:38.0738 4364 johci - ok
16:15:38.0753 4364 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:15:38.0753 4364 kbdclass - ok
16:15:38.0784 4364 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:15:38.0784 4364 kbdhid - ok
16:15:38.0800 4364 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:15:38.0800 4364 KeyIso - ok
16:15:38.0831 4364 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:15:38.0831 4364 KSecDD - ok
16:15:38.0862 4364 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:15:38.0862 4364 KSecPkg - ok
16:15:38.0878 4364 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:15:38.0878 4364 ksthunk - ok
16:15:38.0909 4364 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:15:38.0909 4364 KtmRm - ok
16:15:38.0940 4364 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:15:38.0956 4364 LanmanServer - ok
16:15:38.0987 4364 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:15:38.0987 4364 LanmanWorkstation - ok
16:15:39.0018 4364 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:15:39.0018 4364 lltdio - ok
16:15:39.0034 4364 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:15:39.0034 4364 lltdsvc - ok
16:15:39.0050 4364 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:15:39.0050 4364 lmhosts - ok
16:15:39.0112 4364 [ DE75F2EA497DA4B3A764D4EAC43135E9 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:15:39.0112 4364 LMS - ok
16:15:39.0128 4364 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:15:39.0128 4364 LSI_FC - ok
16:15:39.0143 4364 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:15:39.0143 4364 LSI_SAS - ok
16:15:39.0143 4364 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:15:39.0143 4364 LSI_SAS2 - ok
16:15:39.0159 4364 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:15:39.0159 4364 LSI_SCSI - ok
16:15:39.0174 4364 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:15:39.0174 4364 luafv - ok
16:15:39.0190 4364 [ 0845DA0BFF1AF5C57DE4DD97ACAF2FCD ] Mbm3CBus C:\Windows\system32\DRIVERS\Mbm3CBus.sys
16:15:39.0190 4364 Mbm3CBus - ok
16:15:39.0206 4364 [ DB6FA599AA79324E287C4EAF6020DA37 ] Mbm3DevMt C:\Windows\system32\DRIVERS\Mbm3DevMt.sys
16:15:39.0206 4364 Mbm3DevMt - ok
16:15:39.0221 4364 [ 2F71EDB697752D409B9983F0E1D88F70 ] Mbm3mdfl C:\Windows\system32\DRIVERS\Mbm3mdfl.sys
16:15:39.0221 4364 Mbm3mdfl - ok
16:15:39.0268 4364 [ 21B412A36DE3CCFE4E13383B88CFC90C ] Mbm3Mdm C:\Windows\system32\DRIVERS\Mbm3Mdm.sys
16:15:39.0268 4364 Mbm3Mdm - ok
16:15:39.0362 4364 [ 80E7E71CAAF758BF084BDF13996D52D0 ] McAfee Endpoint Encryption Agent C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
16:15:39.0377 4364 McAfee Endpoint Encryption Agent - ok
16:15:39.0408 4364 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:15:39.0408 4364 Mcx2Svc - ok
16:15:39.0471 4364 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
16:15:39.0471 4364 MDM - ok
16:15:39.0486 4364 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:15:39.0486 4364 megasas - ok
16:15:39.0518 4364 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:15:39.0518 4364 MegaSR - ok
16:15:39.0549 4364 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:15:39.0549 4364 MEIx64 - ok
16:15:39.0596 4364 [ A11F574A809B3751A17815F00C88781F ] MfeEpePc C:\Windows\system32\drivers\MfeEpePc.sys
16:15:39.0596 4364 MfeEpePc - ok
16:15:39.0611 4364 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:15:39.0627 4364 MMCSS - ok
16:15:39.0705 4364 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:15:39.0705 4364 Modem - ok
16:15:39.0783 4364 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:15:39.0783 4364 monitor - ok
16:15:39.0814 4364 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:15:39.0830 4364 mouclass - ok
16:15:39.0845 4364 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:15:39.0845 4364 mouhid - ok
16:15:39.0876 4364 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:15:39.0876 4364 mountmgr - ok
16:15:39.0970 4364 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:15:39.0970 4364 MozillaMaintenance - ok
16:15:40.0001 4364 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:15:40.0001 4364 mpio - ok
16:15:40.0017 4364 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:15:40.0017 4364 mpsdrv - ok
16:15:40.0064 4364 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:15:40.0079 4364 MpsSvc - ok
16:15:40.0110 4364 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:15:40.0110 4364 MRxDAV - ok
16:15:40.0126 4364 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:15:40.0126 4364 mrxsmb - ok
16:15:40.0142 4364 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:15:40.0157 4364 mrxsmb10 - ok
16:15:40.0157 4364 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:15:40.0157 4364 mrxsmb20 - ok
16:15:40.0188 4364 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:15:40.0188 4364 msahci - ok
16:15:40.0204 4364 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:15:40.0204 4364 msdsm - ok
16:15:40.0204 4364 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:15:40.0220 4364 MSDTC - ok
16:15:40.0235 4364 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:15:40.0235 4364 Msfs - ok
16:15:40.0235 4364 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:15:40.0235 4364 mshidkmdf - ok
16:15:40.0251 4364 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:15:40.0251 4364 msisadrv - ok
16:15:40.0266 4364 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:15:40.0266 4364 MSiSCSI - ok
16:15:40.0266 4364 msiserver - ok
16:15:40.0298 4364 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:15:40.0298 4364 MSKSSRV - ok
16:15:40.0298 4364 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:15:40.0298 4364 MSPCLOCK - ok
16:15:40.0313 4364 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:15:40.0313 4364 MSPQM - ok
16:15:40.0344 4364 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:15:40.0344 4364 MsRPC - ok
16:15:40.0360 4364 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:15:40.0360 4364 mssmbios - ok
16:15:40.0376 4364 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:15:40.0376 4364 MSTEE - ok
16:15:40.0391 4364 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:15:40.0391 4364 MTConfig - ok
16:15:40.0407 4364 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:15:40.0407 4364 Mup - ok
16:15:40.0438 4364 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:15:40.0438 4364 napagent - ok
16:15:40.0469 4364 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:15:40.0485 4364 NativeWifiP - ok
16:15:40.0516 4364 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:15:40.0532 4364 NDIS - ok
16:15:40.0547 4364 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:15:40.0547 4364 NdisCap - ok
16:15:40.0563 4364 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:15:40.0563 4364 NdisTapi - ok
16:15:40.0610 4364 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:15:40.0610 4364 Ndisuio - ok
16:15:40.0641 4364 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:15:40.0641 4364 NdisWan - ok
16:15:40.0656 4364 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:15:40.0656 4364 NDProxy - ok
16:15:40.0703 4364 [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
16:15:40.0703 4364 Net Driver HPZ12 - ok
16:15:40.0719 4364 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:15:40.0719 4364 NetBIOS - ok
16:15:40.0766 4364 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:15:40.0766 4364 NetBT - ok
16:15:40.0781 4364 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:15:40.0781 4364 Netlogon - ok
16:15:40.0812 4364 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:15:40.0812 4364 Netman - ok
16:15:40.0890 4364 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:15:40.0906 4364 NetMsmqActivator - ok
16:15:40.0922 4364 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:15:40.0922 4364 NetPipeActivator - ok
16:15:40.0937 4364 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:15:40.0953 4364 netprofm - ok
16:15:40.0953 4364 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:15:40.0953 4364 NetTcpActivator - ok
16:15:40.0953 4364 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:15:40.0953 4364 NetTcpPortSharing - ok
16:15:41.0109 4364 [ 5D262402B0634C998F8CBCEAD7DD8676 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
16:15:41.0234 4364 NETwNs64 - ok
16:15:41.0265 4364 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:15:41.0265 4364 nfrd960 - ok
16:15:41.0358 4364 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:15:41.0405 4364 NlaSvc - ok
16:15:41.0483 4364 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:15:41.0483 4364 Npfs - ok
16:15:41.0514 4364 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:15:41.0514 4364 nsi - ok
16:15:41.0514 4364 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:15:41.0514 4364 nsiproxy - ok
16:15:41.0577 4364 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:15:41.0592 4364 Ntfs - ok
16:15:41.0608 4364 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:15:41.0608 4364 Null - ok
16:15:41.0639 4364 [ 158AD24745BD85BA9BE3C51C38F48C32 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
16:15:41.0639 4364 nusb3hub - ok
16:15:41.0670 4364 [ D40A13B2C0891E218F9523B376955DB6 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
16:15:41.0670 4364 nusb3xhc - ok
16:15:41.0702 4364 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:15:41.0702 4364 nvraid - ok
16:15:41.0717 4364 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:15:41.0717 4364 nvstor - ok
16:15:41.0748 4364 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:15:41.0748 4364 nv_agp - ok
16:15:41.0748 4364 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:15:41.0748 4364 ohci1394 - ok
16:15:41.0795 4364 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:15:41.0811 4364 ose - ok
16:15:41.0920 4364 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:15:42.0060 4364 osppsvc - ok
16:15:42.0092 4364 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:15:42.0092 4364 p2pimsvc - ok
16:15:42.0107 4364 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:15:42.0123 4364 p2psvc - ok
16:15:42.0138 4364 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:15:42.0138 4364 Parport - ok
16:15:42.0170 4364 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:15:42.0170 4364 partmgr - ok
16:15:42.0185 4364 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:15:42.0201 4364 PcaSvc - ok
16:15:42.0232 4364 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:15:42.0232 4364 pci - ok
16:15:42.0248 4364 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:15:42.0248 4364 pciide - ok
16:15:42.0248 4364 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:15:42.0248 4364 pcmcia - ok
16:15:42.0263 4364 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:15:42.0263 4364 pcw - ok
16:15:42.0294 4364 pdfcDispatcher - ok
16:15:42.0326 4364 [ 8F924F00F2F81422FD7C340FDA0E00D8 ] PdiService C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
16:15:42.0326 4364 PdiService - ok
16:15:42.0341 4364 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:15:42.0341 4364 PEAUTH - ok
16:15:42.0388 4364 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
16:15:42.0404 4364 PeerDistSvc - ok
16:15:42.0466 4364 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:15:42.0482 4364 PerfHost - ok
16:15:42.0513 4364 [ F20612DF7E12DE3A087D0F44CC545FB1 ] PersonalSecureDrive C:\Windows\System32\drivers\psd.sys
16:15:42.0513 4364 PersonalSecureDrive - ok
16:15:42.0560 4364 [ F473D5D43FA7D5C657A3137C5171CB77 ] PersonalSecureDriveService C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
16:15:42.0560 4364 PersonalSecureDriveService - ok
16:15:42.0606 4364 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:15:42.0622 4364 pla - ok
16:15:42.0653 4364 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:15:42.0669 4364 PlugPlay - ok
16:15:42.0684 4364 [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
16:15:42.0684 4364 Pml Driver HPZ12 - ok
16:15:42.0716 4364 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:15:42.0716 4364 PNRPAutoReg - ok
16:15:42.0731 4364 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:15:42.0731 4364 PNRPsvc - ok
16:15:42.0762 4364 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
16:15:42.0762 4364 Point64 - ok
16:15:42.0794 4364 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:15:42.0794 4364 PolicyAgent - ok
16:15:42.0825 4364 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
16:15:42.0825 4364 Power - ok
16:15:42.0856 4364 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:15:42.0856 4364 PptpMiniport - ok
16:15:42.0872 4364 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:15:42.0872 4364 Processor - ok
16:15:42.0903 4364 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
16:15:42.0903 4364 ProfSvc - ok
16:15:42.0918 4364 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:15:42.0918 4364 ProtectedStorage - ok
16:15:42.0965 4364 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:15:42.0965 4364 Psched - ok
16:15:42.0996 4364 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
16:15:42.0996 4364 PxHlpa64 - ok
16:15:43.0043 4364 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:15:43.0074 4364 ql2300 - ok
16:15:43.0074 4364 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:15:43.0090 4364 ql40xx - ok
16:15:43.0106 4364 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:15:43.0106 4364 QWAVE - ok
16:15:43.0121 4364 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:15:43.0121 4364 QWAVEdrv - ok
16:15:43.0121 4364 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:15:43.0121 4364 RasAcd - ok
16:15:43.0152 4364 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:15:43.0152 4364 RasAgileVpn - ok
16:15:43.0168 4364 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:15:43.0168 4364 RasAuto - ok
16:15:43.0199 4364 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:15:43.0199 4364 Rasl2tp - ok
16:15:43.0246 4364 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:15:43.0246 4364 RasMan - ok
16:15:43.0262 4364 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:15:43.0262 4364 RasPppoe - ok
16:15:43.0262 4364 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:15:43.0262 4364 RasSstp - ok
16:15:43.0277 4364 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:15:43.0277 4364 rdbss - ok
16:15:43.0293 4364 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:15:43.0293 4364 rdpbus - ok
16:15:43.0324 4364 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:15:43.0324 4364 RDPCDD - ok
16:15:43.0355 4364 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
16:15:43.0355 4364 RDPDR - ok
16:15:43.0371 4364 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:15:43.0371 4364 RDPENCDD - ok
16:15:43.0371 4364 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:15:43.0371 4364 RDPREFMP - ok
16:15:43.0402 4364 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:15:43.0402 4364 RDPWD - ok
16:15:43.0449 4364 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:15:43.0464 4364 rdyboost - ok
16:15:43.0464 4364 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:15:43.0464 4364 RemoteAccess - ok
16:15:43.0480 4364 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:15:43.0480 4364 RemoteRegistry - ok
16:15:43.0496 4364 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
16:15:43.0496 4364 RFCOMM - ok
16:15:43.0589 4364 [ 7566F7C551606D44479A5E22F3405B89 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
16:15:43.0620 4364 RoxMediaDB12OEM - ok
16:15:43.0636 4364 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:15:43.0636 4364 RpcEptMapper - ok
16:15:43.0667 4364 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:15:43.0667 4364 RpcLocator - ok
16:15:43.0698 4364 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
16:15:43.0698 4364 RpcSs - ok
16:15:43.0714 4364 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:15:43.0714 4364 rspndr - ok
16:15:43.0745 4364 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
16:15:43.0745 4364 s3cap - ok
16:15:43.0761 4364 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:15:43.0761 4364 SamSs - ok
16:15:43.0792 4364 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:15:43.0792 4364 sbp2port - ok
16:15:43.0808 4364 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:15:43.0808 4364 SCardSvr - ok
16:15:43.0839 4364 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:15:43.0839 4364 scfilter - ok
16:15:43.0870 4364 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:15:43.0870 4364 Schedule - ok
16:15:43.0901 4364 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:15:43.0901 4364 SCPolicySvc - ok
16:15:43.0917 4364 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
16:15:43.0917 4364 sdbus - ok
16:15:43.0948 4364 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:15:43.0964 4364 SDRSVC - ok
16:15:43.0979 4364 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:15:43.0979 4364 secdrv - ok
16:15:43.0995 4364 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:15:43.0995 4364 seclogon - ok
16:15:44.0010 4364 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:15:44.0026 4364 SENS - ok
16:15:44.0026 4364 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:15:44.0026 4364 SensrSvc - ok
16:15:44.0042 4364 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:15:44.0042 4364 Serenum - ok
16:15:44.0057 4364 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:15:44.0057 4364 Serial - ok
16:15:44.0104 4364 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:15:44.0104 4364 sermouse - ok
16:15:44.0135 4364 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:15:44.0135 4364 SessionEnv - ok
16:15:44.0198 4364 [ 8423DB42808E94847EC4E53EFDA6BEE2 ] setup_9.0.0.722_09.12.2012_06-10drv C:\Windows\system32\DRIVERS\2049175.sys
16:15:44.0198 4364 setup_9.0.0.722_09.12.2012_06-10drv - ok
16:15:44.0213 4364 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:15:44.0213 4364 sffdisk - ok
16:15:44.0229 4364 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:15:44.0229 4364 sffp_mmc - ok
16:15:44.0229 4364 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:15:44.0229 4364 sffp_sd - ok
16:15:44.0244 4364 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:15:44.0244 4364 sfloppy - ok
16:15:44.0276 4364 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:15:44.0276 4364 SharedAccess - ok
16:15:44.0322 4364 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:15:44.0322 4364 ShellHWDetection - ok
16:15:44.0338 4364 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:15:44.0338 4364 SiSRaid2 - ok
16:15:44.0354 4364 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:15:44.0354 4364 SiSRaid4 - ok
16:15:44.0354 4364 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:15:44.0369 4364 Smb - ok
16:15:44.0385 4364 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:15:44.0385 4364 SNMPTRAP - ok
16:15:44.0447 4364 [ 43FBAA2C9E6B01B6AFC40B69019C27EC ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
16:15:44.0478 4364 SNP2UVC - ok
16:15:44.0494 4364 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:15:44.0494 4364 spldr - ok
16:15:44.0541 4364 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
16:15:44.0541 4364 Spooler - ok
16:15:44.0619 4364 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:15:44.0666 4364 sppsvc - ok
16:15:44.0697 4364 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:15:44.0697 4364 sppuinotify - ok
16:15:44.0744 4364 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\System32\Drivers\sptd.sys
16:15:44.0744 4364 sptd - ok
16:15:44.0790 4364 [ D8B882C520FC83547E22014FF5EC66D7 ] Spyder3 C:\Windows\system32\DRIVERS\Spyder3.sys
16:15:44.0790 4364 Spyder3 - ok
16:15:44.0822 4364 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:15:44.0822 4364 srv - ok
16:15:44.0837 4364 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:15:44.0837 4364 srv2 - ok
16:15:44.0853 4364 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:15:44.0853 4364 srvnet - ok
16:15:44.0884 4364 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:15:44.0884 4364 SSDPSRV - ok
16:15:44.0915 4364 [ 0211AB46B73A2623B86C1CFCB30579AB ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
16:15:44.0931 4364 SSPORT - ok
16:15:44.0931 4364 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:15:44.0931 4364 SstpSvc - ok
16:15:44.0993 4364 [ 0CDEA5ACBB69C45F642E96D81E906CCD ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
16:15:44.0993 4364 STacSV - ok
16:15:45.0024 4364 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:15:45.0024 4364 stexstor - ok
16:15:45.0040 4364 [ 5C8D6072D1D09F11789C6A014688048A ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
16:15:45.0056 4364 STHDA - ok
16:15:45.0087 4364 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:15:45.0102 4364 stisvc - ok
16:15:45.0134 4364 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
16:15:45.0149 4364 stllssvr - ok
16:15:45.0180 4364 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
16:15:45.0180 4364 storflt - ok
16:15:45.0196 4364 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
16:15:45.0196 4364 StorSvc - ok
16:15:45.0212 4364 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
16:15:45.0212 4364 storvsc - ok
16:15:45.0243 4364 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
16:15:45.0243 4364 swenum - ok
16:15:45.0305 4364 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
16:15:45.0321 4364 SwitchBoard - ok
16:15:45.0352 4364 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:15:45.0368 4364 swprv - ok
16:15:45.0414 4364 [ F5B46DF59FEAA48A442AED7EEB754D4B ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
16:15:45.0430 4364 SynTP - ok
16:15:45.0492 4364 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:15:45.0508 4364 SysMain - ok
16:15:45.0539 4364 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:15:45.0539 4364 TabletInputService - ok
16:15:45.0586 4364 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:15:45.0586 4364 TapiSrv - ok
16:15:45.0602 4364 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:15:45.0602 4364 TBS - ok
16:15:45.0648 4364 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:15:45.0680 4364 Tcpip - ok
16:15:45.0711 4364 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:15:45.0711 4364 TCPIP6 - ok
16:15:45.0726 4364 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:15:45.0726 4364 tcpipreg - ok
16:15:45.0742 4364 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:15:45.0742 4364 TDPIPE - ok
16:15:45.0758 4364 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:15:45.0758 4364 TDTCP - ok
16:15:45.0804 4364 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:15:45.0804 4364 tdx - ok
16:15:45.0836 4364 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
16:15:45.0836 4364 TermDD - ok
16:15:45.0851 4364 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:15:45.0851 4364 TermService - ok
16:15:45.0867 4364 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:15:45.0882 4364 Themes - ok
16:15:45.0898 4364 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:15:45.0898 4364 THREADORDER - ok
16:15:45.0929 4364 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
16:15:45.0929 4364 TPM - ok
16:15:45.0929 4364 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:15:45.0945 4364 TrkWks - ok
16:15:45.0976 4364 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:15:45.0976 4364 TrustedInstaller - ok
16:15:46.0007 4364 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:15:46.0007 4364 tssecsrv - ok
16:15:46.0054 4364 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:15:46.0054 4364 TsUsbFlt - ok
16:15:46.0085 4364 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:15:46.0085 4364 tunnel - ok
16:15:46.0116 4364 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:15:46.0116 4364 uagp35 - ok
16:15:46.0148 4364 [ D5994AB5C2B2D72D6320A7004D52617C ] uArcCapture C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe
16:15:46.0148 4364 uArcCapture - ok
16:15:46.0194 4364 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:15:46.0194 4364 udfs - ok
16:15:46.0226 4364 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:15:46.0226 4364 UI0Detect - ok
16:15:46.0241 4364 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:15:46.0257 4364 uliagpkx - ok
16:15:46.0288 4364 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:15:46.0288 4364 umbus - ok
16:15:46.0304 4364 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:15:46.0319 4364 UmPass - ok
16:15:46.0350 4364 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
16:15:46.0350 4364 UmRdpService - ok
16:15:46.0428 4364 [ 2955A9ADBC618B6A09E3D3BECC3CCB3D ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:15:46.0475 4364 UNS - ok
16:15:46.0584 4364 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:15:46.0584 4364 upnphost - ok
16:15:46.0709 4364 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
16:15:46.0709 4364 USBAAPL64 - ok
16:15:46.0803 4364 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:15:46.0803 4364 usbccgp - ok
16:15:46.0865 4364 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:15:46.0865 4364 usbcir - ok
16:15:46.0881 4364 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
16:15:46.0881 4364 usbehci - ok
16:15:46.0896 4364 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:15:46.0912 4364 usbhub - ok
16:15:46.0928 4364 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:15:46.0928 4364 usbohci - ok
16:15:46.0959 4364 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:15:46.0959 4364 usbprint - ok
16:15:46.0990 4364 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:15:46.0990 4364 usbscan - ok
16:15:47.0006 4364 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:15:47.0006 4364 USBSTOR - ok
16:15:47.0021 4364 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:15:47.0021 4364 usbuhci - ok
16:15:47.0037 4364 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
16:15:47.0037 4364 usbvideo - ok
16:15:47.0068 4364 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:15:47.0068 4364 UxSms - ok
16:15:47.0084 4364 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:15:47.0084 4364 VaultSvc - ok
16:15:47.0162 4364 [ 41EEF971DD82A3674D07F275A4DEF702 ] vcsFPService C:\Windows\system32\vcsFPService.exe
16:15:47.0208 4364 vcsFPService - ok
16:15:47.0224 4364 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:15:47.0224 4364 vdrvroot - ok
16:15:47.0255 4364 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:15:47.0271 4364 vds - ok
16:15:47.0302 4364 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:15:47.0302 4364 vga - ok
16:15:47.0302 4364 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:15:47.0302 4364 VgaSave - ok
16:15:47.0333 4364 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:15:47.0333 4364 vhdmp - ok
16:15:47.0349 4364 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:15:47.0349 4364 viaide - ok
16:15:47.0364 4364 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
16:15:47.0364 4364 vmbus - ok
16:15:47.0380 4364 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
16:15:47.0380 4364 VMBusHID - ok
16:15:47.0396 4364 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:15:47.0396 4364 volmgr - ok
16:15:47.0442 4364 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:15:47.0442 4364 volmgrx - ok
16:15:47.0474 4364 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:15:47.0474 4364 volsnap - ok
16:15:47.0505 4364 [ B4A73CA4EF9A02B9738CEA9AD5FE5917 ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys
16:15:47.0505 4364 vpcbus - ok
16:15:47.0552 4364 [ E675FB2B48C54F09895482E2253B289C ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys
16:15:47.0552 4364 vpcnfltr - ok
16:15:47.0567 4364 [ 5FB42082B0D19A0268705F1DD343DF20 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
16:15:47.0567 4364 vpcusb - ok
16:15:47.0614 4364 [ 207B6539799CC1C112661A9B620DD233 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
16:15:47.0630 4364 vpcvmm - ok
16:15:47.0661 4364 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:15:47.0661 4364 vsmraid - ok
16:15:47.0692 4364 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:15:47.0708 4364 VSS - ok
16:15:47.0723 4364 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:15:47.0723 4364 vwifibus - ok
16:15:47.0739 4364 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:15:47.0739 4364 vwififlt - ok
16:15:47.0754 4364 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
16:15:47.0754 4364 vwifimp - ok
16:15:47.0786 4364 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:15:47.0786 4364 W32Time - ok
16:15:47.0801 4364 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:15:47.0801 4364 WacomPen - ok
16:15:47.0848 4364 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:15:47.0848 4364 WANARP - ok
16:15:47.0848 4364 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:15:47.0848 4364 Wanarpv6 - ok
16:15:47.0910 4364 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
16:15:47.0926 4364 wbengine - ok
16:15:47.0942 4364 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:15:47.0942 4364 WbioSrvc - ok
16:15:47.0988 4364 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:15:47.0988 4364 wcncsvc - ok
16:15:48.0004 4364 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:15:48.0004 4364 WcsPlugInService - ok
16:15:48.0020 4364 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:15:48.0020 4364 Wd - ok
16:15:48.0066 4364 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:15:48.0066 4364 Wdf01000 - ok
16:15:48.0082 4364 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:15:48.0082 4364 WdiServiceHost - ok
16:15:48.0098 4364 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:15:48.0098 4364 WdiSystemHost - ok
16:15:48.0129 4364 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
16:15:48.0129 4364 WebClient - ok
16:15:48.0144 4364 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:15:48.0144 4364 Wecsvc - ok
16:15:48.0160 4364 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:15:48.0160 4364 wercplsupport - ok
16:15:48.0176 4364 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:15:48.0176 4364 WerSvc - ok
16:15:48.0191 4364 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:15:48.0191 4364 WfpLwf - ok
16:15:48.0191 4364 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:15:48.0191 4364 WIMMount - ok
16:15:48.0207 4364 WinDefend - ok
16:15:48.0222 4364 WinHttpAutoProxySvc - ok
16:15:48.0254 4364 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:15:48.0269 4364 Winmgmt - ok
16:15:48.0316 4364 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
16:15:48.0363 4364 WinRM - ok
16:15:48.0410 4364 [ FE88B288356E7B47B74B13372ADD906D ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
16:15:48.0410 4364 WinUSB - ok
16:15:48.0425 4364 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:15:48.0441 4364 Wlansvc - ok
16:15:48.0534 4364 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:15:48.0566 4364 wlidsvc - ok
16:15:48.0581 4364 WMCoreService - ok
16:15:48.0597 4364 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:15:48.0597 4364 WmiAcpi - ok
16:15:48.0628 4364 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:15:48.0628 4364 wmiApSrv - ok
16:15:48.0659 4364 WMPNetworkSvc - ok
16:15:48.0675 4364 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:15:48.0675 4364 WPCSvc - ok
16:15:48.0722 4364 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:15:48.0722 4364 WPDBusEnum - ok
16:15:48.0737 4364 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:15:48.0737 4364 ws2ifsl - ok
16:15:48.0753 4364 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
16:15:48.0753 4364 wscsvc - ok
16:15:48.0768 4364 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
16:15:48.0768 4364 WSDPrintDevice - ok
16:15:48.0768 4364 WSearch - ok
16:15:48.0815 4364 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:15:48.0846 4364 wuauserv - ok
16:15:48.0893 4364 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:15:48.0893 4364 WudfPf - ok
16:15:48.0909 4364 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:15:48.0909 4364 WUDFRd - ok
16:15:48.0956 4364 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:15:48.0956 4364 wudfsvc - ok
16:15:48.0987 4364 [ CE8CF9DE9CBFDAA318BD04D8BE3FCADA ] WwanSvc C:\Windows\System32\wwansvc.dll
16:15:48.0987 4364 WwanSvc - ok
16:15:49.0018 4364 [ DDA7CD9F319AA76385F24BB2BD320044 ] WwanUsbServ C:\Windows\system32\DRIVERS\WwanUsbMp64.sys
16:15:49.0018 4364 WwanUsbServ - ok
16:15:49.0034 4364 ================ Scan global ===============================
16:15:49.0049 4364 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:15:49.0096 4364 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
16:15:49.0096 4364 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
16:15:49.0112 4364 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:15:49.0143 4364 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:15:49.0143 4364 [Global] - ok
16:15:49.0143 4364 ================ Scan MBR ==================================
16:15:49.0158 4364 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:15:49.0471 4364 \Device\Harddisk0\DR0 - ok
16:15:49.0471 4364 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
16:15:49.0892 4364 \Device\Harddisk1\DR1 - ok
16:15:49.0892 4364 ================ Scan VBR ==================================
16:15:49.0985 4364 [ 0C0CB502D6797A69205C52FB2D0AFBCF ] \Device\Harddisk0\DR0\Partition1
16:15:49.0985 4364 \Device\Harddisk0\DR0\Partition1 - ok
16:15:50.0017 4364 [ 7B717028EC29EA89C138F50A6BDEE685 ] \Device\Harddisk0\DR0\Partition2
16:15:50.0017 4364 \Device\Harddisk0\DR0\Partition2 - ok
16:15:50.0017 4364 [ 7D736131B70C222B57E6AE6227E30DDB ] \Device\Harddisk1\DR1\Partition1
16:15:50.0017 4364 \Device\Harddisk1\DR1\Partition1 - ok
16:15:50.0017 4364 ============================================================
16:15:50.0017 4364 Scan finished
16:15:50.0017 4364 ============================================================
16:15:50.0017 3120 Detected object count: 0
16:15:50.0017 3120 Actual detected object count: 0

Hier die DDS Logs

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.DDS Logfile:
Code:
ATTFilter
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional 
Boot Device: \Device\HarddiskVolume1
Install Date: 10.02.2012 14:14:21
System Uptime: 11.12.2012 15:45:34 (1 hours ago)
.
Motherboard: Hewlett-Packard |  | 1618
Processor: Intel(R) Core(TM) i5-2540M CPU @ 2.60GHz | CPU 1 | 2601/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 694 GiB total, 476,385 GiB free.
D: is CDROM ()
E: is FIXED (FAT32) - 5 GiB total, 4,982 GiB free.
F: is FIXED (FAT32) - 466 GiB total, 356,539 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP181: 30.11.2012 11:42:23 - PhotoSync wird installiert
RP182: 04.12.2012 09:46:42 - Windows Update
RP183: 09.12.2012 11:24:31 - Windows Update
RP184: 10.12.2012 16:04:03 - Installed Active@ ISO Burner
RP186: 10.12.2012 16:04:29 - SPTD setup V1.62
RP187: 10.12.2012 16:22:33 - Windows-Sicherung
.
==== Installed Programs ======================
.
64 Bit HP CIO Components Installer
Active@ ISO Burner
Adobe Acrobat X Pro - English, Français, Deutsch
Adobe AIR
Adobe Community Help
Adobe Content Viewer
Adobe Creative Suite 5.5 Design Standard
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS6
AirPort
Alcor Micro Smart Card Reader Driver
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Webcam Sharing Manager
ATI Catalyst Install Manager
Avira Antivirus Premium 2012
Bonjour
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
Catalyst Control Center Profiles Mobile
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Compatibility Pack für 2007 Office System
Compatibility Pack for the 2007 Office system
Contour Storyteller
Copernic Desktop Search - Home
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Device Access Manager for HP ProtectTools
DirectX 9 Runtime
Dragon NaturallySpeaking 11
Drive Encryption For HP ProtectTools
DYMO Label v.8
ElsterFormular für Privatanwender und Unternehmer
Embedded Security for HP ProtectTools
eWallet 7.4 for Windows PCs
Face Recognition for HP ProtectTools
File Sanitizer For HP ProtectTools
Google Earth
Google Update Helper
Hewlett-Packard ACLM.NET v1.1.2.0
HP 3D DriveGuard
HP Color LaserJet CP4520-CP4020 Series Benutzerhandbuch
HP Color LaserJet CP4520-CP4020 Series Bildschirmschriften
HP Color LaserJet CP4520 Series PCL6,HP Color LaserJet CP4020 Series PCL6 [HP Color LaserJet CP4520 Series PCL6, NPIC307C6 (HP Color LaserJet CP4520 Series)]
HP Connection Manager
HP DayStarter
HP ESU for Microsoft Windows 7
HP HotKey Support
HP Mobile Broadband Drivers
HP Power Assistant
HP ProtectTools Security Manager
HP Software Framework
HP Support Assistant
HP System Default Settings
HP Wallpaper
HP Web Camera
HP Webcam
HP Webcam Driver
iCloud
IDT Audio
Image Resizer Powertoy Clone for Windows (64 bit)
Intel(R) Identity Protection Technology 1.0.71.0
Intel(R) Management Engine Components
Intel(R) Network Connections Drivers
IPCam Admin v3.0.31
iTunes
Java(TM) 6 Update 31 (64-bit)
JMicron 1394 Filter Driver
JMicron Flash Media Controller Driver
Malwarebytes Anti-Malware Version 1.65.1.1000
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft IntelliPoint 8.2
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010
Microsoft Office Excel MUI (German) 2010
Microsoft Office File Validation Add-In
Microsoft Office Live Add-in 1.5
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (German) 2010
Microsoft Office Outlook MUI (German) 2010
Microsoft Office PowerPoint MUI (German) 2010
Microsoft Office Professional 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (German) 2010
Microsoft Office Proof (Italian) 2010
Microsoft Office Proofing (German) 2010
Microsoft Office Publisher MUI (German) 2010
Microsoft Office Shared 64-bit MUI (German) 2010
Microsoft Office Shared MUI (German) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (German) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft_VC80_ATL_x86
Microsoft_VC80_ATL_x86_x64
Microsoft_VC80_CRT_x86
Microsoft_VC80_CRT_x86_x64
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFC_x86_x64
Microsoft_VC80_MFCLOC_x86
Microsoft_VC80_MFCLOC_x86_x64
Microsoft_VC90_ATL_x86
Microsoft_VC90_ATL_x86_x64
Microsoft_VC90_CRT_x86
Microsoft_VC90_CRT_x86_x64
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFC_x86_x64
Microsoft_VC90_MFCLOC_x86
Microsoft_VC90_MFCLOC_x86_x64
Mozilla Firefox 15.0.1 (x86 de)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NEC Electronics USB 3.0 Host Controller Driver
PDF Complete Special Edition
PDF Settings CS5
PDF Settings CS6
phonostar-Player Version 3.02.7
PhotoSync
Privacy Manager for HP ProtectTools
PTLens
QuickTime
RBVirtualFolder64Inst
Readiris Pro 10
Renesas Electronics USB 3.0 Host Controller Driver
Roxio Activation Module
Roxio CinePlayer Decoder Pack
Roxio Express Labeler 3
Roxio MyDVD Business 2010
Roxio Secure Burn
Safari
Samsung Scan Assistant
SDK
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2553488) 32-Bit Edition
SmarThru 4
STANLY Track
Synaptics Pointing Device Driver
Theft Recovery for HP ProtectTools
TuneUp Companion 2.4.6.4
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Validity Fingerprint Sensor Driver
VIP Access SDK x64(1.0.0.50) 
Visual C++ 9.0 CRT (x86) WinSXS MSM
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64)
VLC media player 2.0.0
Wartung Samsung CLX-3180 Series
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotogalerie
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows XP Mode
YadeRD
.
==== End Of File ===========================


DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 9.0.8112.16455
Run by AE at 16:23:44 on 2012-12-11
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.4046.2056 [GMT 1:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Canon\DIAS\CnxDIAS.exe
C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Windows\Explorer.EXE
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
C:\Program Files (x86)\ContourStoryteller\ContourAutoplay.exe
C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files (x86)\Copernic Desktop Search - Home\DesktopSearchService.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe
C:\Program Files (x86)\AirPort\APAgent.exe
C:\Windows\Samsung\PanelMgr\caller64.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe
C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe
C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
C:\Windows\system32\Macromed\Flash\FlashUtil64_11_5_502_110_ActiveX.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.de/
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: File Sanitizer for HP ProtectTools: {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
BHO: Windows Live ID-Anmelde-Hilfsprogramm: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
uRun: [phonostarTimer] C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
uRun: [phonostar-PlayerTimer] "C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe"
uRun: [ContourCameraFinder] "C:\Program Files (x86)\ContourStoryteller\ContourAutoplay.exe" 
uRun: [DymoQuickPrint] "C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe" /startup
uRun: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
uRun: [Copernic Desktop Search - Home] "C:\Program Files (x86)\Copernic Desktop Search - Home\DesktopSearchService.exe" /tray
uRun: [AdobeBridge] <no file>
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
mRun: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun: [IFXSPMGT] "C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" /NotifyLogon
mRun: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun: [DNS7reminder] "C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking11\Ereg.ini
mRun: [CLX3180_Scan2Pc] C:\Windows\Twain_32\Samsung\CLX3180\Scan2pc.exe
mRun: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
mRun: [3180 Scan2PC] "C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [AirPort Base Station Agent] "C:\Program Files (x86)\AirPort\APAgent.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
StartupFolder: C:\Users\AE\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\Users\AE\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SETUP_~1.LNK - C:\Users\AE\Desktop\Sicherheit\DE-Cleaner powered by Kaspersky\setup_9.0.0.722_09.12.2012_06-10\startup.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: An OneNote s&enden - C:\PROGRA~3\MICROS~2\Office14\ONBttnIE.dll/105
IE: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Nach Microsoft &Excel exportieren - C:\PROGRA~3\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Nach Microsoft E&xcel exportieren - C:\PROGRA~3\MICROS~2\Office14\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
LSP: C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll
DPF: {3A5EF8E2-34B2-4B01-962B-FF430245CCA4} - hxxp://192.168.2.109/IPCamPluginDM.cab
TCP: NameServer = 192.168.2.1 192.168.2.1
TCP: Interfaces\{3677B5F3-963B-42EF-8A8A-8AA35B53B4B8} : DHCPNameServer = 192.168.2.1 192.168.2.1
TCP: Interfaces\{3677B5F3-963B-42EF-8A8A-8AA35B53B4B8}\140707C65602E4564777F627B602163323160356 : DHCPNameServer = 10.0.1.1
TCP: Interfaces\{3677B5F3-963B-42EF-8A8A-8AA35B53B4B8}\75C414E4D2736314032363 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{3677B5F3-963B-42EF-8A8A-8AA35B53B4B8}\E45647A7775627B6B6D6 : DHCPNameServer = 192.168.178.1
TCP: Interfaces\{66508EA9-D585-4AFD-B594-A214B73459E5} : NameServer = 139.7.30.125,139.7.30.126
TCP: Interfaces\{8E641148-848D-4183-855F-2BDB72427896} : DHCPNameServer = 192.168.2.1 192.168.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: DeviceNP - DeviceNP.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages =  EpePcNp64 DPPassFilter scecli
x64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe,C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden
x64-Run: [MfeEpePcMonitor] "C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
x64-DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
x64-DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\AE\AppData\Roaming\Mozilla\Firefox\Profiles\zz0vbmeo.default\
FF - plugin: C:\PROGRA~3\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~3\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
.
============= SERVICES / DRIVERS ===============
.
R0 20491752;20491752 Boot Guard Driver;C:\Windows\System32\drivers\20491752.sys [2012-12-9 40464]
R0 johci;JMicron 1394 Filter Driver;C:\Windows\System32\drivers\johci.sys [2012-2-10 26712]
R0 MfeEpePc;MfeEpePc;C:\Windows\System32\drivers\MfeEpePc.sys [2011-2-9 168008]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-2-10 55856]
R1 20491751;20491751;C:\Windows\System32\drivers\20491751.sys [2012-12-9 157712]
R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2012-2-10 27760]
R1 PersonalSecureDrive;PersonalSecureDrive;C:\Windows\System32\drivers\psd.sys [2010-1-26 44576]
R1 setup_9.0.0.722_09.12.2012_06-10drv;setup_9.0.0.722_09.12.2012_06-10drv;C:\Windows\System32\drivers\2049175.sys [2012-12-9 352784]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2012-2-10 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-2-10 203776]
R2 AntiVirMailService;Avira Email Schutz;C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [2012-2-10 375760]
R2 AntiVirSchedulerService;Avira Planer;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-2-10 86224]
R2 AntiVirService;Avira Echtzeit Scanner;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-2-10 110032]
R2 AntiVirWebService;Avira Browser Schutz;C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe [2012-2-10 465360]
R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2012-2-10 98848]
R2 DragonSvc;Dragon Service;C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [2010-7-29 296808]
R2 HP Power Assistant Service;HP Power Assistant Service;C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-1-26 131128]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
R2 HPDayStarterService;HP DayStarter Service;C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-1-28 133688]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]
R2 HPFSService;File Sanitizer for HP ProtectTools;C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-2-7 320000]
R2 hpHotkeyMonitor;hpHotkeyMonitor;C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2011-1-28 281656]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2012-2-28 31000]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2010-11-29 210896]
R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2011-2-9 1318912]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2012-2-10 1126936]
R2 PdiService;Portrait Displays SDK Service;C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2012-2-10 113264]
R2 SSPORT;SSPORT;C:\Windows\System32\drivers\SSPORT.SYS [2009-7-13 11576]
R2 uArcCapture;ArcCapture;C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe [2012-2-10 502464]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-2-10 2656280]
R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2011-1-21 3154224]
R2 WMCoreService;Mobile Broadband Service;C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe servicemode --> C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe servicemode [?]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;C:\Windows\System32\drivers\ArcSoftVCapture.sys [2012-2-10 32192]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-2-10 115216]
R3 ecnssndis; Mobile Broadband Driver;C:\Windows\System32\drivers\wwuss64.sys [2012-2-10 26664]
R3 ecnssndisfltr; Mobile Broadband Driver Filter;C:\Windows\System32\drivers\wwussf64.sys [2012-2-10 30248]
R3 h36wgps;HP  Mobile Broadband Module NMEA;C:\Windows\System32\drivers\h36wgps64.sys [2012-2-10 101416]
R3 HP ProtectTools Service;HP ProtectTools Service;C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2011-1-12 36864]
R3 hpCMSrv;HP Connection Manager 4.0 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-2-15 1071160]
R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2012-2-10 173656]
R3 Mbm3CBus;HP hs2340 HSPA+ Mobile Broadband Module USB Device (WDM);C:\Windows\System32\drivers\Mbm3CBus.sys [2012-2-10 411208]
R3 Mbm3DevMt;HP  Mobile Broadband Module Device Management Driver (WDM);C:\Windows\System32\drivers\Mbm3DevMt.sys [2012-2-10 419912]
R3 Mbm3mdfl;HP  Mobile Broadband Module Modem Filter;C:\Windows\System32\drivers\Mbm3mdfl.sys [2012-2-10 19528]
R3 Mbm3Mdm;HP  Mobile Broadband Module Modem Driver;C:\Windows\System32\drivers\Mbm3Mdm.sys [2012-2-10 472648]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-12-10 181248]
R3 WwanUsbServ;Mobile Broadband Driver;C:\Windows\System32\drivers\WwanUsbMp64.sys [2012-2-10 276520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 DymoPnpService;DYMO PnP Service;C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [2011-1-28 32336]
S3 DAMDrv;DAMDrv;C:\Windows\System32\drivers\DAMDrv64.sys [2011-2-7 63336]
S3 FLCDLOCK;HP ProtectTools Gerätesperre/Überwachung;C:\Windows\SysWOW64\flcdlock.exe [2011-2-3 464480]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2011-1-15 1116656]
S3 Spyder3;Datacolor Spyder3;C:\Windows\System32\drivers\Spyder3.sys [2008-9-8 15360]
S3 StorSvc;Speicherdienst;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-2-17 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
.
=============== Created Last 30 ================
.
2012-12-10 16:02:57	--------	d-----w-	C:\Users\AE\AppData\Roaming\Malwarebytes
2012-12-10 16:02:40	--------	d-----w-	C:\ProgramData\Malwarebytes
2012-12-10 16:02:38	25928	----a-w-	C:\Windows\System32\drivers\mbam.sys
2012-12-10 16:02:38	--------	d-----w-	C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-12-10 15:04:43	834544	----a-w-	C:\Windows\System32\drivers\sptd.sys
2012-12-10 15:04:18	--------	d-----w-	C:\Program Files (x86)\LSoft Technologies
2012-12-09 11:11:58	--------	d-----w-	C:\ProgramData\Kaspersky Lab
2012-12-09 11:10:57	40464	----a-w-	C:\Windows\System32\drivers\20491752.sys
2012-12-09 11:10:57	352784	----a-w-	C:\Windows\System32\drivers\2049175.sys
2012-12-09 11:10:57	157712	----a-w-	C:\Windows\System32\drivers\20491751.sys
2012-12-09 10:25:35	9125352	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{98EE3367-DBCC-4E61-A3C5-F5DF199A5005}\mpengine.dll
2012-11-30 10:43:40	--------	d-----w-	C:\Users\AE\AppData\Local\touchbyte_GmbH
2012-11-30 10:43:39	--------	d-----w-	C:\Users\AE\AppData\Roaming\PhotoSync
2012-11-30 10:43:03	--------	d-----w-	C:\Program Files (x86)\PhotoSync
2012-11-26 15:12:43	--------	d-----w-	C:\Program Files (x86)\ePaperPress
2012-11-19 09:31:47	2560	----a-w-	C:\Windows\System32\drivers\de-DE\wdf01000.sys.mui
2012-11-19 09:31:45	9728	----a-w-	C:\Windows\System32\Wdfres.dll
2012-11-19 09:31:45	785512	----a-w-	C:\Windows\System32\drivers\Wdf01000.sys
2012-11-19 09:31:45	54376	----a-w-	C:\Windows\System32\drivers\WdfLdr.sys
2012-11-19 09:18:24	87040	----a-w-	C:\Windows\System32\drivers\WUDFPf.sys
2012-11-19 09:18:24	84992	----a-w-	C:\Windows\System32\WUDFSvc.dll
2012-11-19 09:18:24	198656	----a-w-	C:\Windows\System32\drivers\WUDFRd.sys
2012-11-19 09:18:24	194048	----a-w-	C:\Windows\System32\WUDFPlatform.dll
2012-11-19 09:18:23	744448	----a-w-	C:\Windows\System32\WUDFx.dll
2012-11-19 09:18:23	45056	----a-w-	C:\Windows\System32\WUDFCoinstaller.dll
2012-11-19 09:18:23	229888	----a-w-	C:\Windows\System32\WUDFHost.exe
2012-11-15 11:20:14	--------	d-----w-	C:\Users\AE\AppData\Local\{351EC49A-091B-4E8C-9BC0-E4B00AAB5F91}
2012-11-13 14:54:18	--------	d-----w-	C:\Users\AE\AppData\Roaming\PDAppFlex
2012-11-12 12:43:25	--------	d-----w-	C:\Users\AE\AppData\Local\OXSTORE2
2012-11-12 12:37:32	--------	d-----w-	C:\Users\AE\AppData\Local\Open-Xchange
2012-11-12 12:36:56	--------	d-----w-	C:\Users\AE\AppData\Local\1&1
.
==================== Find3M  ====================
.
2012-11-28 12:05:24	697272	----a-w-	C:\Windows\SysWow64\FlashPlayerApp.exe
2012-11-28 12:05:23	73656	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-18 18:25:58	3149824	----a-w-	C:\Windows\System32\win32k.sys
2012-10-16 08:38:37	135168	----a-w-	C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34	350208	----a-w-	C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52	561664	----a-w-	C:\Windows\apppatch\AcLayers.dll
2012-10-09 18:17:13	55296	----a-w-	C:\Windows\System32\dhcpcsvc6.dll
2012-10-09 18:17:13	226816	----a-w-	C:\Windows\System32\dhcpcore6.dll
2012-10-09 17:40:31	44032	----a-w-	C:\Windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31	193536	----a-w-	C:\Windows\SysWow64\dhcpcore6.dll
2012-10-08 11:31:03	2312704	----a-w-	C:\Windows\System32\jscript9.dll
2012-10-08 11:23:52	1392128	----a-w-	C:\Windows\System32\wininet.dll
2012-10-08 11:22:55	1494528	----a-w-	C:\Windows\System32\inetcpl.cpl
2012-10-08 11:18:22	173056	----a-w-	C:\Windows\System32\ieUnatt.exe
2012-10-08 11:17:35	599040	----a-w-	C:\Windows\System32\vbscript.dll
2012-10-08 11:13:33	2382848	----a-w-	C:\Windows\System32\mshtml.tlb
2012-10-08 07:56:24	1800704	----a-w-	C:\Windows\SysWow64\jscript9.dll
2012-10-08 07:48:03	1129472	----a-w-	C:\Windows\SysWow64\wininet.dll
2012-10-08 07:47:44	1427968	----a-w-	C:\Windows\SysWow64\inetcpl.cpl
2012-10-08 07:44:05	142848	----a-w-	C:\Windows\SysWow64\ieUnatt.exe
2012-10-08 07:43:21	420864	----a-w-	C:\Windows\SysWow64\vbscript.dll
2012-10-08 07:40:56	2382848	----a-w-	C:\Windows\SysWow64\mshtml.tlb
2012-10-03 17:56:54	1914248	----a-w-	C:\Windows\System32\drivers\tcpip.sys
2012-10-03 17:44:21	70656	----a-w-	C:\Windows\System32\nlaapi.dll
2012-10-03 17:44:21	303104	----a-w-	C:\Windows\System32\nlasvc.dll
2012-10-03 17:44:17	246272	----a-w-	C:\Windows\System32\netcorehc.dll
2012-10-03 17:44:17	18944	----a-w-	C:\Windows\System32\netevent.dll
2012-10-03 17:44:16	216576	----a-w-	C:\Windows\System32\ncsi.dll
2012-10-03 17:42:16	569344	----a-w-	C:\Windows\System32\iphlpsvc.dll
2012-10-03 16:42:24	18944	----a-w-	C:\Windows\SysWow64\netevent.dll
2012-10-03 16:42:24	175104	----a-w-	C:\Windows\SysWow64\netcorehc.dll
2012-10-03 16:42:23	156672	----a-w-	C:\Windows\SysWow64\ncsi.dll
2012-10-03 16:07:26	45568	----a-w-	C:\Windows\System32\drivers\tcpipreg.sys
2012-09-25 22:47:43	78336	----a-w-	C:\Windows\SysWow64\synceng.dll
2012-09-25 22:46:17	95744	----a-w-	C:\Windows\System32\synceng.dll
2012-09-14 19:19:29	2048	----a-w-	C:\Windows\System32\tzres.dll
2012-09-14 18:28:53	2048	----a-w-	C:\Windows\SysWow64\tzres.dll
.
============= FINISH: 16:24:48,93 ===============
--- --- ---
Alt 11.12.2012, 17:19   #7
ryder
/// TB-Ausbilder
 
Telekom Nachricht: Port 25 geschlossen nach Spam Versand - Standard

Telekom Nachricht: Port 25 geschlossen nach Spam Versand


Ok, dann geht es weiter:


Schritt 1:
Deinstalliere DE-Cleaner!

Schritt 2:
AdwCleaner: Werbeprogramme suchen und löschen

Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet, je nach Schwere der Infektion auch mehrmals - das ist normal. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.

Schritt 3:
Scan mit Combofix
Zitat:
WARNUNG:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
Digitale Freibeuter gegen Malware!
Keine Hilfe per PM!
Alt 11.12.2012, 17:55   #8
Berlin_Duke
 
Telekom Nachricht: Port 25 geschlossen nach Spam Versand - Standard

Telekom Nachricht: Port 25 geschlossen nach Spam Versand


OK hier das Ergebnis:

Combofix Logfile:
Code:
ATTFilter
ComboFix 12-12-10.01 - AE 11.12.2012  17:27:56.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.4046.1551 [GMT 1:00]
ausgeführt von:: c:\users\AE\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\BrowserCompanion
c:\program files (x86)\BrowserCompanion\logo.ico
c:\program files (x86)\BrowserCompanion\terms.lnk.url
c:\program files (x86)\phonostar-Player\phonostarTimer.exe
c:\users\Public\sdelevURL.tmp
c:\windows\IsUn0407.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-11-11 bis 2012-12-11  ))))))))))))))))))))))))))))))
.
.
2012-12-10 16:02 . 2012-12-10 16:02	--------	d-----w-	c:\users\AE\AppData\Roaming\Malwarebytes
2012-12-10 16:02 . 2012-12-10 16:02	--------	d-----w-	c:\programdata\Malwarebytes
2012-12-10 16:02 . 2012-12-10 16:02	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2012-12-10 16:02 . 2012-09-29 18:54	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-12-10 15:04 . 2012-12-10 15:04	834544	----a-w-	c:\windows\system32\drivers\sptd.sys
2012-12-10 15:04 . 2012-12-10 15:04	--------	d-----w-	c:\program files (x86)\LSoft Technologies
2012-12-09 11:11 . 2012-12-10 16:40	--------	d-----w-	c:\programdata\Kaspersky Lab
2012-12-09 11:10 . 2009-10-22 12:54	40464	----a-w-	c:\windows\system32\drivers\20491752.sys
2012-12-09 11:10 . 2009-10-09 22:30	352784	----a-w-	c:\windows\system32\drivers\2049175.sys
2012-12-09 11:10 . 2009-09-25 16:59	157712	----a-w-	c:\windows\system32\drivers\20491751.sys
2012-12-09 10:25 . 2012-11-08 17:24	9125352	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{98EE3367-DBCC-4E61-A3C5-F5DF199A5005}\mpengine.dll
2012-11-30 10:43 . 2012-11-30 10:43	--------	d-----w-	c:\users\AE\AppData\Local\touchbyte_GmbH
2012-11-30 10:43 . 2012-11-30 10:43	--------	d-----w-	c:\users\AE\AppData\Roaming\PhotoSync
2012-11-30 10:43 . 2012-11-30 10:43	--------	d-----w-	c:\program files (x86)\PhotoSync
2012-11-26 15:12 . 2012-11-26 15:12	--------	d-----w-	c:\program files (x86)\ePaperPress
2012-11-19 09:31 . 2012-07-26 07:46	2560	----a-w-	c:\windows\system32\drivers\de-DE\wdf01000.sys.mui
2012-11-19 09:31 . 2012-07-26 04:55	785512	----a-w-	c:\windows\system32\drivers\Wdf01000.sys
2012-11-19 09:31 . 2012-07-26 04:55	54376	----a-w-	c:\windows\system32\drivers\WdfLdr.sys
2012-11-19 09:31 . 2012-07-26 02:36	9728	----a-w-	c:\windows\system32\Wdfres.dll
2012-11-19 09:18 . 2012-07-26 03:08	84992	----a-w-	c:\windows\system32\WUDFSvc.dll
2012-11-19 09:18 . 2012-07-26 03:08	194048	----a-w-	c:\windows\system32\WUDFPlatform.dll
2012-11-19 09:18 . 2012-07-26 02:26	87040	----a-w-	c:\windows\system32\drivers\WUDFPf.sys
2012-11-19 09:18 . 2012-07-26 02:26	198656	----a-w-	c:\windows\system32\drivers\WUDFRd.sys
2012-11-19 09:18 . 2012-07-26 03:08	229888	----a-w-	c:\windows\system32\WUDFHost.exe
2012-11-19 09:18 . 2012-07-26 03:08	744448	----a-w-	c:\windows\system32\WUDFx.dll
2012-11-19 09:18 . 2012-07-26 03:08	45056	----a-w-	c:\windows\system32\WUDFCoinstaller.dll
2012-11-13 14:54 . 2012-11-13 14:54	--------	d-----w-	c:\users\AE\AppData\Roaming\PDAppFlex
2012-11-12 12:43 . 2012-11-13 11:07	--------	d-----w-	c:\users\AE\AppData\Local\OXSTORE2
2012-11-12 12:37 . 2012-11-12 12:37	--------	d-----w-	c:\users\AE\AppData\Local\Open-Xchange
2012-11-12 12:36 . 2012-11-15 14:11	--------	d-----w-	c:\users\AE\AppData\Local\1&1
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-28 12:05 . 2012-04-13 10:49	697272	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-28 12:05 . 2012-02-10 19:35	73656	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-19 09:19 . 2012-02-17 13:58	66395536	----a-w-	c:\windows\system32\MRT.exe
2012-10-16 08:38 . 2012-11-28 12:09	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 12:09	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 12:09	561664	----a-w-	c:\windows\apppatch\AcLayers.dll
2012-09-14 19:19 . 2012-10-10 13:02	2048	----a-w-	c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 13:02	2048	----a-w-	c:\windows\SysWow64\tzres.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ContourCameraFinder"="c:\program files (x86)\ContourStoryteller\ContourAutoplay.exe" [2012-02-21 101048]
"DymoQuickPrint"="c:\program files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe" [2011-01-28 1825360]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2010-07-29 222496]
"Copernic Desktop Search - Home"="c:\program files (x86)\Copernic Desktop Search - Home\DesktopSearchService.exe" [2012-09-28 1691240]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2012-08-29 59280]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-02-06 336384]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2011-01-28 299576]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2011-01-03 112152]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-11-20 106496]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-02-15 94264]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-01-13 895512]
"IFXSPMGT"="c:\program files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" [2011-01-20 1125728]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2011-02-07 12274688]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2011-01-12 514544]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-04 348664]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2012-07-27 36800]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2012-07-27 823224]
"DNS7reminder"="c:\program files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe" [2007-04-16 259624]
"CLX3180_Scan2Pc"="c:\windows\Twain_32\Samsung\CLX3180\Scan2pc.exe" [2011-04-29 1990144]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2011-07-06 688128]
"3180 Scan2PC"="c:\windows\twain_32\Samsung\CLX3180\Scan2Pc.exe" [2011-04-29 1990144]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"AirPort Base Station Agent"="c:\program files (x86)\AirPort\APAgent.exe" [2009-11-11 771360]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
.
c:\users\AE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712]
setup_9.0.0.722_09.12.2012_06-10.lnk - c:\users\AE\Desktop\Sicherheit\DE-Cleaner powered by Kaspersky\setup_9.0.0.722_09.12.2012_06-10\startup.exe [N/A]
_uninst_.lnk - c:\users\AE\AppData\Local\Temp\_uninst_.bat [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2011-02-03 14:09	75360	----a-w-	c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages	REG_MULTI_SZ   	DPPassFilter scecli
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-01-26 131128]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys [2011-02-07 63336]
R3 FLCDLOCK;HP ProtectTools Gerätesperre/Überwachung;c:\windows\SysWOW64\flcdlock.exe [2011-02-03 464480]
R3 hpCMSrv;HP Connection Manager 4.0 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-02-15 1071160]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2011-01-15 1116656]
R3 Spyder3;Datacolor Spyder3;c:\windows\system32\DRIVERS\Spyder3.sys [2008-09-08 15360]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2012-12-10 834544]
S0 20491752;20491752 Boot Guard Driver;c:\windows\system32\DRIVERS\20491752.sys [2009-10-22 40464]
S0 johci;JMicron 1394 Filter Driver;c:\windows\system32\DRIVERS\johci.sys [2011-01-18 26712]
S0 MfeEpePc;MfeEpePc; [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S1 20491751;20491751;c:\windows\system32\DRIVERS\20491751.sys [2009-09-25 157712]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-10-11 27760]
S1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\System32\drivers\psd.sys [2010-01-26 44576]
S1 setup_9.0.0.722_09.12.2012_06-10drv;setup_9.0.0.722_09.12.2012_06-10drv;c:\windows\system32\DRIVERS\2049175.sys [2009-10-09 352784]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-02-06 203776]
S2 AntiVirMailService;Avira Email Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avmailc.exe [2012-05-14 375760]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-14 86224]
S2 AntiVirWebService;Avira Browser Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-05-14 465360]
S2 DragonSvc;Dragon Service;c:\program files (x86)\Common Files\Nuance\dgnsvc.exe [2010-07-29 296808]
S2 DymoPnpService;DYMO PnP Service;c:\program files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [2011-01-28 32336]
S2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-01-28 133688]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-02-07 320000]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2011-01-28 281656]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2012-02-28 31000]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2010-11-29 210896]
S2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2011-02-09 1318912]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2011-01-13 1126936]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-01-18 113264]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2009-07-13 11576]
S2 uArcCapture;ArcCapture;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-03 2656280]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2011-01-21 3154224]
S2 WMCoreService;Mobile Broadband Service;c:\program files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe servicemode [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
S3 ecnssndis; Mobile Broadband Driver;c:\windows\system32\Drivers\wwuss64.sys [2010-02-23 26664]
S3 ecnssndisfltr; Mobile Broadband Driver Filter;c:\windows\system32\Drivers\wwussf64.sys [2010-02-23 30248]
S3 h36wgps;HP  Mobile Broadband Module NMEA;c:\windows\system32\DRIVERS\h36wgps64.sys [2010-12-01 101416]
S3 HP ProtectTools Service;HP ProtectTools Service;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2011-01-12 36864]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2010-12-28 173656]
S3 Mbm3CBus;HP hs2340 HSPA+ Mobile Broadband Module USB Device (WDM);c:\windows\system32\DRIVERS\Mbm3CBus.sys [2010-10-31 411208]
S3 Mbm3DevMt;HP  Mobile Broadband Module Device Management Driver (WDM);c:\windows\system32\DRIVERS\Mbm3DevMt.sys [2010-10-31 419912]
S3 Mbm3mdfl;HP  Mobile Broadband Module Modem Filter;c:\windows\system32\DRIVERS\Mbm3mdfl.sys [2010-10-31 19528]
S3 Mbm3Mdm;HP  Mobile Broadband Module Modem Driver;c:\windows\system32\DRIVERS\Mbm3Mdm.sys [2010-10-31 472648]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
S3 WwanUsbServ;Mobile Broadband Driver;c:\windows\system32\DRIVERS\WwanUsbMp64.sys [2011-02-08 276520]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-12-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 12:05]
.
2012-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-04 15:27]
.
2012-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-04 15:27]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-01-27 835072]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe" [2011-01-26 13880]
"MfeEpePcMonitor"="c:\program files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe" [2011-02-09 200704]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~3\MICROS~2\Office14\ONBttnIE.dll/105
IE: An vorhandene PDF-Datei anfügen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Nach Microsoft &Excel exportieren - c:\progra~3\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Nach Microsoft E&xcel exportieren - c:\progra~3\MICROS~2\Office14\EXCEL.EXE/3000
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
TCP: Interfaces\{66508EA9-D585-4AFD-B594-A214B73459E5}: NameServer = 139.7.30.125,139.7.30.126
DPF: {3A5EF8E2-34B2-4B01-962B-FF430245CCA4} - hxxp://192.168.2.109/IPCamPluginDM.cab
FF - ProfilePath - c:\users\AE\AppData\Roaming\Mozilla\Firefox\Profiles\zz0vbmeo.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-phonostarTimer - c:\program files (x86)\phonostar-Player\phonostarTimer.exe
Wow6432Node-HKCU-Run-phonostar-PlayerTimer - c:\program files (x86)\phonostar-Player\phonostarTimer.exe
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-YadeRD - c:\windows\ISUN0407.EXE
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
c:\program files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-12-11  17:45:16 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-12-11 16:45
.
Vor Suchlauf: 10 Verzeichnis(se), 511.737.270.272 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 511.300.317.184 Bytes frei
.
- - End Of File - - C2DCD06E12C408794448E714FEA4AEB7
--- --- ---
Alt 11.12.2012, 18:01   #9
ryder
/// TB-Ausbilder
 
Telekom Nachricht: Port 25 geschlossen nach Spam Versand - Standard

Telekom Nachricht: Port 25 geschlossen nach Spam Versand


Schritt 1 und 2 hast du ausgeführt?
__________________
Digitale Freibeuter gegen Malware!
Keine Hilfe per PM!
Alt 11.12.2012, 18:15   #10
Berlin_Duke
 
Telekom Nachricht: Port 25 geschlossen nach Spam Versand - Standard

Telekom Nachricht: Port 25 geschlossen nach Spam Versand


Ja hier die logs von adwcleaner

# AdwCleaner v2.100 - Datei am 11/12/2012 um 18:05:50 erstellt
# Aktualisiert am 09/12/2012 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : AE - AE-ELITEBOOK
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\AE\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\Users\AE\AppData\Roaming\BrowserCompanion

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16455

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v15.0.1 (de)

Profilname : default
Datei : C:\Users\AE\AppData\Roaming\Mozilla\Firefox\Profiles\zz0vbmeo.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [970 octets] - [11/12/2012 18:05:50]

########## EOF - C:\AdwCleaner[S1].txt - [1029 octets] ##########

Und was meinst du?

Alt 11.12.2012, 20:09   #11
ryder
/// TB-Ausbilder
 
Telekom Nachricht: Port 25 geschlossen nach Spam Versand - Standard

Telekom Nachricht: Port 25 geschlossen nach Spam Versand


Sieht eigentlich soweit okay aus. Ich möchte aber sicher gehen:

Schritt 1:
Scan mit MBAR

Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Entpacke das Archiv auf deinem Desktop.
  • Im neu erstellten Ordner starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile (mbar-log-<Jahr-Monat-Tag>.txt) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
Schritt 2:
Neues Logfile von Combofix.
__________________
Digitale Freibeuter gegen Malware!
Keine Hilfe per PM!
Alt 12.12.2012, 11:10   #12
Berlin_Duke
 
Telekom Nachricht: Port 25 geschlossen nach Spam Versand - Standard

Telekom Nachricht: Port 25 geschlossen nach Spam Versand


Guten Tag,

mbar hat keinen Befund festgestellt. Hier der Logfile

Malwarebytes Anti-Rootkit 1.01.0.1011
www.malwarebytes.org

Database version: v2012.12.12.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
AE :: AE-ELITEBOOK [administrator]

12.12.2012 10:48:38
mbar-log-2012-12-12 (10-48-38).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 32048
Time elapsed: 22 minute(s), 29 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Hier der ComboFix Logfile:

Combofix Logfile:
Code:
ATTFilter
ComboFix 12-12-10.01 - AE 12.12.2012  10:54:14.2.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.4046.1660 [GMT 1:00]
ausgeführt von:: c:\users\AE\Desktop\Sicherheit\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-11-12 bis 2012-12-12  ))))))))))))))))))))))))))))))
.
.
2012-12-12 10:00 . 2012-12-12 10:00	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-12-12 09:36 . 2012-11-08 17:24	9125352	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{58625426-1A35-4DAD-82DF-3DF9FEABAF02}\mpengine.dll
2012-12-10 16:02 . 2012-12-10 16:02	--------	d-----w-	c:\users\AE\AppData\Roaming\Malwarebytes
2012-12-10 16:02 . 2012-12-10 16:02	--------	d-----w-	c:\programdata\Malwarebytes
2012-12-10 16:02 . 2012-12-10 16:02	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2012-12-10 16:02 . 2012-09-29 18:54	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-12-10 15:04 . 2012-12-10 15:04	834544	----a-w-	c:\windows\system32\drivers\sptd.sys
2012-12-10 15:04 . 2012-12-10 15:04	--------	d-----w-	c:\program files (x86)\LSoft Technologies
2012-12-09 11:11 . 2012-12-10 16:40	--------	d-----w-	c:\programdata\Kaspersky Lab
2012-12-09 11:10 . 2009-10-22 12:54	40464	----a-w-	c:\windows\system32\drivers\20491752.sys
2012-12-09 11:10 . 2009-10-09 22:30	352784	----a-w-	c:\windows\system32\drivers\2049175.sys
2012-12-09 11:10 . 2009-09-25 16:59	157712	----a-w-	c:\windows\system32\drivers\20491751.sys
2012-11-30 10:43 . 2012-11-30 10:43	--------	d-----w-	c:\users\AE\AppData\Local\touchbyte_GmbH
2012-11-30 10:43 . 2012-11-30 10:43	--------	d-----w-	c:\users\AE\AppData\Roaming\PhotoSync
2012-11-30 10:43 . 2012-11-30 10:43	--------	d-----w-	c:\program files (x86)\PhotoSync
2012-11-26 15:12 . 2012-11-26 15:12	--------	d-----w-	c:\program files (x86)\ePaperPress
2012-11-19 09:31 . 2012-07-26 07:46	2560	----a-w-	c:\windows\system32\drivers\de-DE\wdf01000.sys.mui
2012-11-19 09:31 . 2012-07-26 04:55	785512	----a-w-	c:\windows\system32\drivers\Wdf01000.sys
2012-11-19 09:31 . 2012-07-26 04:55	54376	----a-w-	c:\windows\system32\drivers\WdfLdr.sys
2012-11-19 09:31 . 2012-07-26 02:36	9728	----a-w-	c:\windows\system32\Wdfres.dll
2012-11-19 09:18 . 2012-07-26 03:08	84992	----a-w-	c:\windows\system32\WUDFSvc.dll
2012-11-19 09:18 . 2012-07-26 03:08	194048	----a-w-	c:\windows\system32\WUDFPlatform.dll
2012-11-19 09:18 . 2012-07-26 02:26	87040	----a-w-	c:\windows\system32\drivers\WUDFPf.sys
2012-11-19 09:18 . 2012-07-26 02:26	198656	----a-w-	c:\windows\system32\drivers\WUDFRd.sys
2012-11-19 09:18 . 2012-07-26 03:08	229888	----a-w-	c:\windows\system32\WUDFHost.exe
2012-11-19 09:18 . 2012-07-26 03:08	744448	----a-w-	c:\windows\system32\WUDFx.dll
2012-11-19 09:18 . 2012-07-26 03:08	45056	----a-w-	c:\windows\system32\WUDFCoinstaller.dll
2012-11-13 14:54 . 2012-11-13 14:54	--------	d-----w-	c:\users\AE\AppData\Roaming\PDAppFlex
2012-11-12 12:43 . 2012-11-13 11:07	--------	d-----w-	c:\users\AE\AppData\Local\OXSTORE2
2012-11-12 12:37 . 2012-11-12 12:37	--------	d-----w-	c:\users\AE\AppData\Local\Open-Xchange
2012-11-12 12:36 . 2012-11-15 14:11	--------	d-----w-	c:\users\AE\AppData\Local\1&1
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-28 12:05 . 2012-04-13 10:49	697272	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-28 12:05 . 2012-02-10 19:35	73656	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-19 09:19 . 2012-02-17 13:58	66395536	----a-w-	c:\windows\system32\MRT.exe
2012-10-16 08:38 . 2012-11-28 12:09	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 12:09	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 12:09	561664	----a-w-	c:\windows\apppatch\AcLayers.dll
2012-09-14 19:19 . 2012-10-10 13:02	2048	----a-w-	c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 13:02	2048	----a-w-	c:\windows\SysWow64\tzres.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ContourCameraFinder"="c:\program files (x86)\ContourStoryteller\ContourAutoplay.exe" [2012-02-21 101048]
"DymoQuickPrint"="c:\program files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe" [2011-01-28 1825360]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2010-07-29 222496]
"Copernic Desktop Search - Home"="c:\program files (x86)\Copernic Desktop Search - Home\DesktopSearchService.exe" [2012-09-28 1691240]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2012-08-29 59280]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-02-06 336384]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2011-01-28 299576]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2011-01-03 112152]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-11-20 106496]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-02-15 94264]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-01-13 895512]
"IFXSPMGT"="c:\program files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" [2011-01-20 1125728]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2011-02-07 12274688]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2011-01-12 514544]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-04 348664]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2012-07-27 36800]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2012-07-27 823224]
"DNS7reminder"="c:\program files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe" [2007-04-16 259624]
"CLX3180_Scan2Pc"="c:\windows\Twain_32\Samsung\CLX3180\Scan2pc.exe" [2011-04-29 1990144]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2011-07-06 688128]
"3180 Scan2PC"="c:\windows\twain_32\Samsung\CLX3180\Scan2Pc.exe" [2011-04-29 1990144]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"AirPort Base Station Agent"="c:\program files (x86)\AirPort\APAgent.exe" [2009-11-11 771360]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Z1"="c:\users\AE\Desktop\mbar-1.01.0.1011\mbar\mbar.exe" [2012-12-12 1342312]
.
c:\users\AE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712]
setup_9.0.0.722_09.12.2012_06-10.lnk - c:\users\AE\Desktop\Sicherheit\DE-Cleaner powered by Kaspersky\setup_9.0.0.722_09.12.2012_06-10\startup.exe [N/A]
_uninst_.lnk - c:\users\AE\AppData\Local\Temp\_uninst_.bat [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2011-02-03 14:09	75360	----a-w-	c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages	REG_MULTI_SZ   	DPPassFilter scecli
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys [2011-02-07 63336]
R3 FLCDLOCK;HP ProtectTools Gerätesperre/Überwachung;c:\windows\SysWOW64\flcdlock.exe [2011-02-03 464480]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2011-01-15 1116656]
R3 Spyder3;Datacolor Spyder3;c:\windows\system32\DRIVERS\Spyder3.sys [2008-09-08 15360]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2012-12-10 834544]
S0 20491752;20491752 Boot Guard Driver;c:\windows\system32\DRIVERS\20491752.sys [2009-10-22 40464]
S0 johci;JMicron 1394 Filter Driver;c:\windows\system32\DRIVERS\johci.sys [2011-01-18 26712]
S0 MfeEpePc;MfeEpePc; [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S1 20491751;20491751;c:\windows\system32\DRIVERS\20491751.sys [2009-09-25 157712]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-10-11 27760]
S1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\System32\drivers\psd.sys [2010-01-26 44576]
S1 setup_9.0.0.722_09.12.2012_06-10drv;setup_9.0.0.722_09.12.2012_06-10drv;c:\windows\system32\DRIVERS\2049175.sys [2009-10-09 352784]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-02-06 203776]
S2 AntiVirMailService;Avira Email Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avmailc.exe [2012-05-14 375760]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-14 86224]
S2 AntiVirWebService;Avira Browser Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-05-14 465360]
S2 DragonSvc;Dragon Service;c:\program files (x86)\Common Files\Nuance\dgnsvc.exe [2010-07-29 296808]
S2 DymoPnpService;DYMO PnP Service;c:\program files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [2011-01-28 32336]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-01-26 131128]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
S2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-01-28 133688]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-02-07 320000]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2011-01-28 281656]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2012-02-28 31000]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2010-11-29 210896]
S2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2011-02-09 1318912]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2011-01-13 1126936]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-01-18 113264]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2009-07-13 11576]
S2 uArcCapture;ArcCapture;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-03 2656280]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2011-01-21 3154224]
S2 WMCoreService;Mobile Broadband Service;c:\program files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe servicemode [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
S3 ecnssndis; Mobile Broadband Driver;c:\windows\system32\Drivers\wwuss64.sys [2010-02-23 26664]
S3 ecnssndisfltr; Mobile Broadband Driver Filter;c:\windows\system32\Drivers\wwussf64.sys [2010-02-23 30248]
S3 h36wgps;HP  Mobile Broadband Module NMEA;c:\windows\system32\DRIVERS\h36wgps64.sys [2010-12-01 101416]
S3 HP ProtectTools Service;HP ProtectTools Service;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2011-01-12 36864]
S3 hpCMSrv;HP Connection Manager 4.0 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-02-15 1071160]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2010-12-28 173656]
S3 Mbm3CBus;HP hs2340 HSPA+ Mobile Broadband Module USB Device (WDM);c:\windows\system32\DRIVERS\Mbm3CBus.sys [2010-10-31 411208]
S3 Mbm3DevMt;HP  Mobile Broadband Module Device Management Driver (WDM);c:\windows\system32\DRIVERS\Mbm3DevMt.sys [2010-10-31 419912]
S3 Mbm3mdfl;HP  Mobile Broadband Module Modem Filter;c:\windows\system32\DRIVERS\Mbm3mdfl.sys [2010-10-31 19528]
S3 Mbm3Mdm;HP  Mobile Broadband Module Modem Driver;c:\windows\system32\DRIVERS\Mbm3Mdm.sys [2010-10-31 472648]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
S3 WwanUsbServ;Mobile Broadband Driver;c:\windows\system32\DRIVERS\WwanUsbMp64.sys [2011-02-08 276520]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - aswMBR
.
Inhalt des "geplante Tasks" Ordners
.
2012-12-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 12:05]
.
2012-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-04 15:27]
.
2012-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-04 15:27]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-01-27 835072]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe" [2011-01-26 13880]
"MfeEpePcMonitor"="c:\program files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe" [2011-02-09 200704]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~3\MICROS~2\Office14\ONBttnIE.dll/105
IE: An vorhandene PDF-Datei anfügen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Nach Microsoft &Excel exportieren - c:\progra~3\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Nach Microsoft E&xcel exportieren - c:\progra~3\MICROS~2\Office14\EXCEL.EXE/3000
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
TCP: Interfaces\{66508EA9-D585-4AFD-B594-A214B73459E5}: NameServer = 139.7.30.125,139.7.30.126
DPF: {3A5EF8E2-34B2-4B01-962B-FF430245CCA4} - hxxp://192.168.2.109/IPCamPluginDM.cab
FF - ProfilePath - c:\users\AE\AppData\Roaming\Mozilla\Firefox\Profiles\zz0vbmeo.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-YadeRD - c:\windows\ISUN0407.EXE
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-12-12  11:03:16
ComboFix-quarantined-files.txt  2012-12-12 10:03
ComboFix2.txt  2012-12-11 16:45
.
Vor Suchlauf: 16 Verzeichnis(se), 510.790.361.088 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 510.424.305.664 Bytes frei
.
- - End Of File - - A46BA2EB0D5802B4C7345ED3AA57A6B3
--- --- ---

Wenn jetzt alles ok ist wäre die Frage wie wir uns in ZUkunft besser schützen können?

Alt 12.12.2012, 18:39   #13
ryder
/// TB-Ausbilder
 
Telekom Nachricht: Port 25 geschlossen nach Spam Versand - Standard

Telekom Nachricht: Port 25 geschlossen nach Spam Versand


Gut!

Soweit ich das sehe haben wir damit alles Schädliche entfernt. Um sicher sein zu können müssen jetzt noch ein paar Kontrollen machen. Da diese sehr lange dauern können bitte ich dich mir erst wieder zu schreiben, wenn du auch wirklich alles erledigt hast oder Probleme auftreten sollten.

Schritt 1:
Quick-Scan mit Malwarebytes

Downloade Dir bitte Malwarebytes
  • Installiere das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere Quickscan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
Schritt 2:
ESET Online Scanner

Zitat:
Wichtig:
Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten!
Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten.
  • Bitte hier klicken --->
    • Firefox-User: Bitte esetsmartinstaller_enu.exe downloaden, installieren und starten.
    • IE-User müssen das Installieren eines ActiveX Elements erlauben.
  • Setze den einen Haken bei Yes, i accept the Terms of Use/Ja, ich stimme ... zu und drücke den Button.
  • Warte bis die Komponenten herunter geladen wurden.
  • Setze einen Haken bei "Scan archives/Archive prüfen" und entferne den Haken bei Remove Found Threads/Entdeckte Bedrohungen entfernen.
  • drücken. Die Signaturen werden herunter geladen und der Scan beginnt automatisch und kann sehr lange (einige Stunden) dauern!
Wenn der Scan beendet wurde
  • Klicke und dann
  • Speichere das Logfile als ESET.txt auf dem Desktop.
  • Klicke Back und Finish
Bitte poste die ESET.txt hier oder teile mir mit, dass nichts gefunden wurde.
Schritt 3:
Scan mit SecurityCheck
Downloade Dir bitte SecurityCheck: LINK1 LINK2
  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS- Box.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.
__________________
Digitale Freibeuter gegen Malware!
Keine Hilfe per PM!
Alt 14.12.2012, 17:12   #14
ryder
/// TB-Ausbilder
 
Telekom Nachricht: Port 25 geschlossen nach Spam Versand - Standard

Telekom Nachricht: Port 25 geschlossen nach Spam Versand


Hallo, benötigst Du noch weiterhin Hilfe ?

Sollte ich innerhalb der nächsten 24 Stunden keine Antwort von dir erhalten, werde ich dein Thema aus meinen Abos nehmen und bekomme dadurch keine Nachricht über neue Antworten.

Das Verschwinden der Symptome bedeutet nicht, dass dein System schon sauber ist
__________________
Digitale Freibeuter gegen Malware!
Keine Hilfe per PM!
Alt 16.12.2012, 13:50   #15
ryder
/// TB-Ausbilder
 
Telekom Nachricht: Port 25 geschlossen nach Spam Versand - Standard

Telekom Nachricht: Port 25 geschlossen nach Spam Versand


Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomm ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen
__________________
Digitale Freibeuter gegen Malware!
Keine Hilfe per PM!
Antwort

Themen zu Telekom Nachricht: Port 25 geschlossen nach Spam Versand
antivir, autorun, bho, bonjour, browser, canon, computer, error, erste mal, excel, firefox, flash player, format, helper, home, hängen, kaspersky, logfile, mozilla, object, plug-in, port 25, programm, registry, scan, security, software, telekom abuse team, usb, usb 3.0, windows


« Chatzumsearch eingefangen! | System Progressive Protection (Virus/Wurm) »


Ähnliche Themen: Telekom Nachricht: Port 25 geschlossen nach Spam Versand


  1. Nach Mailbox-Einbruch massiver Spam-Versand über gefakte Mails
    Überwachung, Datenschutz und Spam - 09.11.2015 (0)
  2. Nachricht der Telekom, dass von meinem Anschluss Spam-mails verschickt werden
    Plagegeister aller Art und deren Bekämpfung - 06.10.2014 (17)
  3. Windows 7: Telekom schickt Mahnung wegen Spam Versand
    Log-Analyse und Auswertung - 12.09.2014 (14)
  4. Spam Versand über Outlook (AOL)
    Plagegeister aller Art und deren Bekämpfung - 25.02.2014 (5)
  5. Telekom Deutschland GmbH Spam: Ihre Telekom Mobilfunk RechnungOnline für Geschäftskunden
    Diskussionsforum - 17.01.2014 (15)
  6. Schreiben von Telekom, dass Port 25 wegen Verdacht auf SPAM Mails eingeschränkt wurde
    Log-Analyse und Auswertung - 13.01.2014 (9)
  7. Windows Live Mail - Spam versand ?
    Plagegeister aller Art und deren Bekämpfung - 10.07.2013 (7)
  8. Spam-Versand von Gmail-Konto
    Log-Analyse und Auswertung - 14.01.2013 (9)
  9. Telekom Brief Port 25 gesperrt auf Grund von Spam-Mails
    Log-Analyse und Auswertung - 16.07.2012 (6)
  10. Spam-Versand über gehackte GMX-Konten
    Nachrichten - 10.07.2012 (0)
  11. Hotmail Konto gesperrt nach Spam Mail Versand / Trojaner Verdacht!
    Plagegeister aller Art und deren Bekämpfung - 11.06.2012 (4)
  12. Telekom-Brief: Port 25 gesperrt, da PC zum Verand von Massen-E-Mails (SPAM) missbraucht würde
    Log-Analyse und Auswertung - 22.01.2012 (11)
  13. Port 25 durch die Telekom geschlossen - hoher ausgehender Spam
    Log-Analyse und Auswertung - 24.09.2011 (5)
  14. Spam-Versand von GMail-Account
    Log-Analyse und Auswertung - 13.05.2011 (21)
  15. Nachricht wenn Prozess geschlossen wird und resultierende Probleme
    Plagegeister aller Art und deren Bekämpfung - 07.04.2011 (6)
  16. Spam-Versand durch services.exe
    Plagegeister aller Art und deren Bekämpfung - 07.07.2009 (3)
  17. ungewollter Versand von SPAM
    Plagegeister aller Art und deren Bekämpfung - 23.01.2006 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Telekom Nachricht: Port 25 geschlossen nach Spam Versand - Hallo, ich poste hier das erste Mal, deshalb bitte ich um Nachsicht. Leider sind meine Kenntnisse auch nur oberflächlich. Ich betreibe in unserer Firma 2 Rechner und eine Laptop an - Telekom Nachricht: Port 25 geschlossen nach Spam Versand...
Archiv
Du betrachtest: Telekom Nachricht: Port 25 geschlossen nach Spam Versand auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55