Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Ich weiß nicht mehr weiter ...

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 17.01.2013, 16:03   #1
spaetzchen
 
Ich weiß nicht mehr weiter ... - Frage

Ich weiß nicht mehr weiter ...



Hallo liebe User,

was immer ich mir eingefangen habe es geht fast nichts mehr. Vermutlich einen Trojaner oder ein Virus lt. Meinung anderer Experten.
Leider kann ich zu meinem Sytem momentan überhaupt keine konkreten Angaben machen außer das ich jetzt Windows 7 drauf habe welches kürzlich nach einem Crash mit Vista von Jemandem neu aufgesetzt wurde, ich weiß nicht einmal ob die 32 oder 64 bit Version.

Mein Rechner lief noch an dem einem Standort und dann @home am anderen "nicht mehr".

Nachdem ich mich nun erfolglos durch ein par Boards und Seiten las, hoffe ich ihr könnt mir helfen!

Grundsätzlich von mir so eingestellt, daß er als 1. fragt ob er von einer CD/ DVD booten soll. Zu diesem Zeitpunkt funktioneren F8 etc. pp. noch.
PC bootet hoch, Willkommensbildshirm, Passi eingeben, danach erscheint Registry Booster über dessen Kaufoption ich noch in meinen Explorer Firefox komme.
Der Rest ist weg, Monitor zwar sichtbar aktiv aber dunkel, keine Programme zu sehen und dem entsprechend auch nicht zu aktivieren um einen Virenscan durch zu führen.
Selbst die Funktionstasten F1 - F12 sowie die Windows- Taste funktionieren nicht.

Auf Empfehlung erstellte ich mir eine bootfähige CD mit Kaspersky drauf, welche aber nicht wie beschrieben funktioniert. Es erscheint die grüne Seite wo ich noch die Sprache einstellen kann aber danach dann für mich böhmische Dörfer, vermutlich Linux. Nun hatte ich mir etwas über Linux im Net gesucht aber nach irgendwelchen englischen Kauderwelsch und am Ende dracut:/ kennt er nichts mehr und sagt not found, was ich mit meinem Wissen von anno Dutt noch herausfinden konnte, so meine ich zumindest, befindet sich dann an der Root.

Vielen lieben Dank für eure Hilfe

spaetzchen

P. S. Ich war jetzt mutig, wie ich auch verzweifelt bin und habe mir da mein Browser ja noch funktioniert Trojan Hunter herunter geladen, und meine grauen Zellen wußten auch noch das ich mit Alt + Tab zum nächsten Programm komme.

! Found trojan file: C\Programm Files\WinRar\Default.SFX (Chifrax.387(226))
! Found trojan file: C:\Programm Files (x86)\VideoLan\VLC\uninstall.exe (TDSS.3633(196))

Alt 17.01.2013, 16:14   #2
markusg
/// Malware-holic
 
Ich weiß nicht mehr weiter ... - Standard

Ich weiß nicht mehr weiter ...



Hi
da hst du dir ja den schrottigsten Scanner geladen den man finden kann :-)
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 17.01.2013, 16:33   #3
spaetzchen
 
Ich weiß nicht mehr weiter ... - Standard

Ich weiß nicht mehr weiter ...



Hallo Markus,

danke erst einmal.
Auch Schrott nimmt man eben wenn man nicht besseres weiß.OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 17.01.2013 16:26:17 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\spaetzchen.spaetzchen-PC\Downloads
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 0,98 Gb Available Physical Memory | 49,05% Memory free
4,00 Gb Paging File | 2,41 Gb Available in Paging File | 60,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 263,02 Gb Free Space | 88,26% Space Free | Partition Type: NTFS
Drive E: | 97,65 Gb Total Space | 10,84 Gb Free Space | 11,10% Space Free | Partition Type: NTFS
Drive F: | 97,65 Gb Total Space | 13,83 Gb Free Space | 14,16% Space Free | Partition Type: NTFS
Drive G: | 97,65 Gb Total Space | 18,74 Gb Free Space | 19,19% Space Free | Partition Type: NTFS
Drive H: | 172,80 Gb Total Space | 17,76 Gb Free Space | 10,28% Space Free | Partition Type: NTFS
Drive I: | 100,00 Mb Total Space | 71,66 Mb Free Space | 71,67% Space Free | Partition Type: NTFS
Drive J: | 147,46 Gb Total Space | 22,38 Gb Free Space | 15,18% Space Free | Partition Type: NTFS
Drive K: | 448,71 Gb Total Space | 37,81 Gb Free Space | 8,43% Space Free | Partition Type: NTFS
 
Computer Name: SPAETZCHEN-PC | User Name: spaetzchen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.01.17 16:24:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\spaetzchen.spaetzchen-PC\Downloads\OTL.exe
PRC - [2013.01.11 10:47:03 | 001,808,392 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
PRC - [2012.12.05 08:32:44 | 000,056,720 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files (x86)\Uniblue\RegistryBooster\registrybooster.exe
PRC - [2012.12.05 08:32:44 | 000,026,016 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe
PRC - [2012.11.29 09:26:08 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.11.22 16:58:14 | 001,522,312 | ---- | M] (pdfforge GbR) -- C:\Program Files (x86)\PDF Architect\HelperService.exe
PRC - [2012.10.10 21:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.04.25 19:53:38 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
PRC - [2012.04.05 15:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe
PRC - [2011.10.04 19:28:28 | 004,470,552 | ---- | M] (Mischel Internet Security) -- C:\Program Files (x86)\TrojanHunter 5.5\TrojanHunter.exe
PRC - [2011.10.04 19:28:28 | 001,088,280 | ---- | M] (Mischel Internet Security) -- C:\Program Files (x86)\TrojanHunter 5.5\THGuard.exe
PRC - [2009.07.14 02:14:47 | 000,254,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.01.17 15:37:06 | 000,521,728 | ---- | M] () -- C:\Program Files (x86)\TrojanHunter 5.5\RuleFiles\Gen.dll
MOD - [2013.01.17 15:34:58 | 000,059,392 | R--- | M] () -- C:\Windows\SysWOW64\streamhlp.dll
MOD - [2013.01.11 10:47:02 | 014,586,888 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
MOD - [2012.12.05 08:32:36 | 000,136,592 | ---- | M] () -- C:\Program Files (x86)\Uniblue\RegistryBooster\locale\de\de.dll
MOD - [2012.12.05 08:32:26 | 000,114,064 | ---- | M] () -- C:\Program Files (x86)\Uniblue\RegistryBooster\InstallerExtensions.dll
MOD - [2012.12.05 08:32:26 | 000,018,832 | ---- | M] () -- C:\Program Files (x86)\Uniblue\RegistryBooster\cwebpage.dll
MOD - [2012.11.29 09:26:21 | 002,397,152 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2002.11.10 17:51:00 | 000,152,064 | ---- | M] () -- C:\Program Files (x86)\TrojanHunter 5.5\unrar.dll
MOD - [2002.08.09 11:18:36 | 000,122,368 | ---- | M] () -- C:\Program Files (x86)\TrojanHunter 5.5\UNZDLL.DLL
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012.11.29 16:06:08 | 000,037,216 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.12.21 11:00:52 | 000,031,744 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe -- (SrvUpdater)
SRV - [2012.11.29 16:06:12 | 002,401,632 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.11.29 16:06:08 | 000,029,536 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2012.11.22 16:58:14 | 001,522,312 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\HelperService.exe -- (PDF Architect Helper Service)
SRV - [2012.11.22 16:56:10 | 000,905,864 | ---- | M] (pdfforge GbR) [Auto | Stopped] -- C:\Program Files (x86)\PDF Architect\ConversionService.exe -- (PDF Architect Service)
SRV - [2012.11.17 00:10:37 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.10 21:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.09.07 21:06:26 | 002,464,400 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2012.04.25 19:53:38 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe -- (KSS)
SRV - [2012.04.05 15:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe -- (Live Updater Service)
SRV - [2010.01.21 01:53:42 | 000,496,232 | ---- | M] () [Auto | Running] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)
SRV - [2010.01.21 01:53:42 | 000,209,000 | ---- | M] () [Auto | Running] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.08.29 17:48:16 | 000,243,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.03.04 18:26:58 | 000,349,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012.09.19 10:50:50 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=115284&tt=0113_4&babsrc=HP_ss&mntrId=2820a377000000000000001fe2574cf3
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 80 33 FA 27 46 E7 CD 01  [binary data]
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=115284&tt=0113_4&babsrc=SP_ss&mntrId=2820a377000000000000001fe2574cf3
IE - HKCU\..\SearchScopes\{88DD5CA1-DF9E-421A-AB57-523C31FCC15F}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=crm&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=AB342F38-0A2F-4304-8E27-166D62B487E0&apn_sauid=94F772CD-E42F-4C40-90E6-CBA9E8CE993B
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013.01.07 20:56:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.12 10:01:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.01.06 17:19:35 | 000,000,000 | ---D | M]
 
[2013.01.11 10:41:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.11.29 09:26:57 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.11.29 10:19:31 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.01.06 15:12:37 | 000,002,349 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.11.29 10:19:31 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.11.29 10:19:31 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.11.29 10:19:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.11.29 10:19:31 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.11.29 10:19:31 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (PDF Architect Toolbar) - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [THGuard] C:\Program Files (x86)\TrojanHunter 5.5\THGuard.exe (Mischel Internet Security)
O4 - HKCU..\Run: [KSS] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
O4:64bit: - HKLM..\RunOnce: [*Restore] C:\Windows\SysNative\rstrui.exe ()
O4 - HKCU..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 193.189.244.194 193.189.244.202
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{27A93F6A-9B39-4097-9FBC-43C380B1D8A6}: DhcpNameServer = 192.168.1.1 193.189.244.194 193.189.244.202
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261040~1.25\{c16c1~1\browse~1.dll) -  File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.03.18 10:08:44 | 000,000,000 | RH-D | M] - G:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002.10.17 03:56:50 | 000,000,036 | RH-- | M] () - G:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.01.17 15:34:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrojanHunter
[2013.01.17 15:34:57 | 000,000,000 | ---D | C] -- C:\ProgramData\TrojanHunter
[2013.01.17 15:34:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TrojanHunter 5.5
[2013.01.11 13:15:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2013.01.11 12:11:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2013.01.11 11:25:27 | 947,070,088 | ---- | C] (Microsoft Corporation) -- C:\Users\spaetzchen.spaetzchen-PC\windows6.1-KB976932-X64.exe
[2013.01.11 10:47:17 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Local\Macromedia
[2013.01.11 10:44:34 | 563,934,504 | ---- | C] (Microsoft Corporation) -- C:\Users\spaetzchen.spaetzchen-PC\windows6.1-KB976932-X86.exe
[2013.01.10 14:45:22 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
[2013.01.10 14:44:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013.01.10 14:44:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2013.01.10 14:17:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2013.01.07 20:56:38 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\Documents\PDF Architect Files
[2013.01.07 20:56:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect
[2013.01.07 20:56:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDF Architect
[2013.01.07 20:56:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2013.01.07 20:56:05 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCT2.OCX
[2013.01.07 20:56:05 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMAPI32.OCX
[2013.01.07 20:56:05 | 000,103,936 | ---- | C] (pdfforge GbR) -- C:\Windows\SysNative\pdfcmon.dll
[2013.01.07 20:56:04 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCMCDE.DLL
[2013.01.07 20:56:04 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6DE.DLL
[2013.01.07 20:56:04 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCC2DE.DLL
[2013.01.07 20:56:04 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPIDE.DLL
[2013.01.07 20:56:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator
[2013.01.07 20:54:25 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Local\Programs
[2013.01.07 11:06:52 | 011,137,024 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\libmfxsw32.dll
[2013.01.07 11:06:47 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2013.01.07 11:06:42 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2013.01.07 11:06:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2013.01.07 11:05:48 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc70.dll
[2013.01.07 11:05:48 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp70.dll
[2013.01.07 11:05:48 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr70.dll
[2013.01.07 11:05:47 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\GdiPlus.dll
[2013.01.07 11:05:47 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2013.01.07 11:05:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVSMedia
[2013.01.07 11:05:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVS4YOU
[2013.01.07 10:49:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2013.01.06 17:19:43 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Local\Thunderbird
[2013.01.06 17:19:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013.01.06 17:19:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013.01.06 17:19:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013.01.06 15:19:24 | 000,000,000 | ---D | C] -- C:\My Pictures
[2013.01.06 15:19:24 | 000,000,000 | ---D | C] -- \My Pictures
[2013.01.06 15:18:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Picture It!
[2013.01.06 15:17:05 | 000,000,000 | ---D | C] -- C:\Program Files\Picture it 2.0
[2013.01.06 15:14:55 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\Documents\227180-659357-microsoft-picture-it.zip
[2013.01.06 15:13:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoftwareUpdater
[2013.01.06 15:12:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2013.01.06 11:22:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2013.01.06 11:00:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2013.01.06 11:00:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uniblue
[2013.01.05 23:45:28 | 001,528,184 | ---- | C] (Microsoft Corporation) -- C:\Users\spaetzchen.spaetzchen-PC\GenuineCheck.exe
[2013.01.05 23:42:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoulseekNSNeu
[2013.01.05 23:38:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Soulseek
[2013.01.05 23:38:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoulseekNS
[2013.01.05 23:38:28 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Soulseek NS
[2013.01.05 23:38:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soulseek NS
[2013.01.05 23:35:50 | 000,000,000 | ---D | C] -- C:\Program Files\SoulseekNS neu
[2013.01.05 23:33:53 | 000,000,000 | ---D | C] -- C:\Program Files\Picture it 7
[2013.01.05 21:59:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Magical Jelly Bean
[2013.01.05 21:59:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder
[2013.01.05 18:18:34 | 000,237,568 | ---- | C] (Microsoft Corporation) -- C:\Users\spaetzchen.spaetzchen-PC\Desktop\Pip.exe
[2013.01.05 17:45:27 | 000,037,216 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2013.01.05 17:45:26 | 000,029,536 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2013.01.05 17:39:41 | 000,034,656 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2013.01.05 17:39:41 | 000,025,952 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2013.01.05 17:39:40 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2013.01.05 17:39:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
[2013.01.05 17:39:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2013
[2013.01.05 17:39:25 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2013.01.05 17:39:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013.01.05 17:39:21 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013.01.05 17:38:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2013.01.05 17:38:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDBurnerXP
[2013.01.05 17:21:38 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Local\Microsoft Games
[2013.01.05 17:20:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2013.01.05 17:20:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2013.01.05 17:06:39 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Local\Mozilla
[2013.01.05 17:06:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.12.31 13:28:13 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Local\Adobe
[2012.12.31 13:18:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Acer
[2012.12.31 13:17:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Packard Bell
[2012.12.31 13:17:47 | 000,000,000 | ---D | C] -- C:\OEM
[2012.12.31 13:17:47 | 000,000,000 | ---D | C] -- \OEM
[2012.12.31 13:17:46 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security & Support
[2012.12.31 13:17:46 | 000,000,000 | ---D | C] -- C:\Program Files\Packard Bell
[2012.12.31 13:14:08 | 000,697,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.12.31 13:14:08 | 000,074,248 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.12.31 13:14:08 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012.12.31 13:14:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012.12.31 13:03:19 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.12.31 13:03:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.12.31 13:03:17 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012.12.31 13:02:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012.12.31 13:02:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2012.12.31 13:01:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012.12.31 12:59:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012.12.31 12:55:56 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2012.12.31 12:55:56 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012.12.31 12:55:36 | 002,080,120 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2012.12.31 12:55:35 | 001,361,336 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tosade.dll
[2012.12.31 12:55:35 | 000,836,544 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo264.dll
[2012.12.31 12:55:35 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2012.12.31 12:55:35 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2012.12.31 12:55:35 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2012.12.31 12:55:35 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2012.12.31 12:55:35 | 000,148,416 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo.dll
[2012.12.31 12:55:35 | 000,065,944 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\SysNative\tepeqapo64.dll
[2012.12.31 12:55:34 | 003,673,232 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2012.12.31 12:55:34 | 002,743,440 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2012.12.31 12:55:34 | 001,561,744 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2012.12.31 12:55:34 | 000,881,808 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2012.12.31 12:55:34 | 000,772,224 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll
[2012.12.31 12:55:34 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2012.12.31 12:55:34 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2012.12.31 12:55:34 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2012.12.31 12:55:34 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2012.12.31 12:55:34 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2012.12.31 12:55:34 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2012.12.31 12:55:34 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2012.12.31 12:55:34 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2012.12.31 12:55:34 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2012.12.31 12:55:34 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2012.12.31 12:55:34 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
[2012.12.31 12:55:33 | 010,612,736 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2012.12.31 12:55:33 | 001,269,904 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2012.12.31 12:55:33 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2012.12.31 12:55:33 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2012.12.31 12:55:33 | 000,118,928 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2012.12.31 12:55:32 | 009,546,616 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek64.dll
[2012.12.31 12:55:32 | 007,164,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2012.12.31 12:55:32 | 002,028,920 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2012.12.31 12:55:32 | 001,460,600 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll
[2012.12.31 12:55:32 | 000,869,752 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2012.12.31 12:55:32 | 000,434,960 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2012.12.31 12:55:32 | 000,394,616 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2012.12.31 12:55:32 | 000,394,616 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2012.12.31 12:55:32 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2012.12.31 12:55:32 | 000,141,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2012.12.31 12:55:32 | 000,124,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2012.12.31 12:55:32 | 000,075,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2012.12.31 12:55:31 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2012.12.31 12:55:30 | 002,714,720 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012.12.31 12:55:30 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2012.12.31 12:55:30 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2012.12.31 12:55:30 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2012.12.31 12:55:30 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2012.12.31 12:55:30 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2012.12.31 12:55:30 | 000,501,192 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll
[2012.12.31 12:55:30 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2012.12.31 12:55:30 | 000,487,368 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll
[2012.12.31 12:55:30 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2012.12.31 12:55:30 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2012.12.31 12:55:30 | 000,415,688 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll
[2012.12.31 12:55:30 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2012.12.31 12:55:30 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2012.12.31 12:55:30 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2012.12.31 12:55:29 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2012.12.31 12:55:29 | 000,202,336 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2012.12.31 12:55:29 | 000,110,592 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2012.12.31 12:55:29 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2012.12.31 12:55:26 | 001,706,640 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2012.12.31 12:55:26 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2012.12.31 12:55:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012.12.31 12:54:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sda
[2012.12.31 12:54:13 | 009,882,112 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysWow64\RtsUStoricon.dll
[2012.12.31 12:54:13 | 000,422,504 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtsUStor.dll
[2012.12.31 12:54:13 | 000,243,712 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtsUStor.sys
[2012.12.31 12:54:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2012.12.31 12:53:41 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012.12.31 12:52:48 | 000,758,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\cohelper.dll
[2012.12.31 12:20:35 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DriverGenius
[2012.12.31 12:20:01 | 000,000,000 | ---D | C] -- C:\ProgramData\DriverGenius
[2012.12.31 12:18:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver-Soft
[2012.12.31 12:18:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Genius Professional Edition
[2012.12.31 12:17:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012.12.31 12:05:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012.12.31 12:05:12 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012.12.31 12:05:06 | 006,200,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2012.12.31 12:05:06 | 003,293,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2012.12.31 12:05:06 | 002,557,800 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2012.12.31 12:05:06 | 000,118,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2012.12.31 12:05:06 | 000,063,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2012.12.31 12:04:47 | 000,060,776 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012.12.31 12:04:47 | 000,052,584 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012.12.31 12:04:21 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012.12.31 12:04:12 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012.12.31 11:59:38 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Local\ashampoo
[2012.12.31 11:59:38 | 000,000,000 | ---D | C] -- C:\ProgramData\ashampoo
[2012.12.31 11:59:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2012.12.31 11:59:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ashampoo
[2012.12.31 11:55:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012.12.31 11:54:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2012.12.31 11:54:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2012.12.31 11:54:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012.12.31 11:53:55 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012.12.31 11:53:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012.12.31 11:52:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012.12.31 11:52:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2012.12.31 11:51:44 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Local\Microsoft Help
[2012.12.31 11:51:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012.12.31 11:51:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012.12.31 11:51:39 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012.12.31 11:51:26 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012.12.31 11:51:26 | 000,000,000 | RH-D | C] -- \MSOCache
[2012.12.31 11:45:39 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012.12.31 11:45:39 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012.12.31 11:43:01 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012.12.31 11:43:01 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.12.31 11:43:00 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.12.31 11:42:51 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012.12.31 11:42:51 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012.12.31 11:42:51 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012.12.31 11:42:46 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012.12.31 11:42:46 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012.12.31 11:38:21 | 000,000,000 | R--D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.12.31 11:38:21 | 000,000,000 | R--D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.12.31 11:38:20 | 000,000,000 | R--D | C] -- C:\Users\spaetzchen.spaetzchen-PC\Searches
[2012.12.31 11:38:08 | 000,000,000 | R--D | C] -- C:\Users\spaetzchen.spaetzchen-PC\Contacts
[2012.12.31 11:38:07 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Local\VirtualStore
[2012.12.31 11:37:56 | 000,000,000 | -HSD | C] -- C:\Users\spaetzchen.spaetzchen-PC\Vorlagen
[2012.12.31 11:37:56 | 000,000,000 | -HSD | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Local\Verlauf
[2012.12.31 11:37:56 | 000,000,000 | -HSD | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Local\Temporary Internet Files
[2012.12.31 11:37:56 | 000,000,000 | -HSD | C] -- C:\Users\spaetzchen.spaetzchen-PC\Startmenü
[2012.12.31 11:37:56 | 000,000,000 | -HSD | C] -- C:\Users\spaetzchen.spaetzchen-PC\SendTo
[2012.12.31 11:37:56 | 000,000,000 | -HSD | C] -- C:\Users\spaetzchen.spaetzchen-PC\Recent
[2012.12.31 11:37:56 | 000,000,000 | -HSD | C] -- C:\Users\spaetzchen.spaetzchen-PC\Netzwerkumgebung
[2012.12.31 11:37:56 | 000,000,000 | -HSD | C] -- C:\Users\spaetzchen.spaetzchen-PC\Lokale Einstellungen
[2012.12.31 11:37:56 | 000,000,000 | -HSD | C] -- C:\Users\spaetzchen.spaetzchen-PC\Documents\Eigene Videos
[2012.12.31 11:37:56 | 000,000,000 | -HSD | C] -- C:\Users\spaetzchen.spaetzchen-PC\Documents\Eigene Musik
[2012.12.31 11:37:56 | 000,000,000 | -HSD | C] -- C:\Users\spaetzchen.spaetzchen-PC\Eigene Dateien
[2012.12.31 11:37:56 | 000,000,000 | -HSD | C] -- C:\Users\spaetzchen.spaetzchen-PC\Documents\Eigene Bilder
[2012.12.31 11:37:56 | 000,000,000 | -HSD | C] -- C:\Users\spaetzchen.spaetzchen-PC\Druckumgebung
[2012.12.31 11:37:56 | 000,000,000 | -HSD | C] -- C:\Users\spaetzchen.spaetzchen-PC\Cookies
[2012.12.31 11:37:56 | 000,000,000 | -HSD | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Local\Anwendungsdaten
[2012.12.31 11:37:56 | 000,000,000 | -HSD | C] -- C:\Users\spaetzchen.spaetzchen-PC\Anwendungsdaten
[2012.12.31 11:37:55 | 000,000,000 | R--D | C] -- C:\Users\spaetzchen.spaetzchen-PC\Videos
[2012.12.31 11:37:55 | 000,000,000 | R--D | C] -- C:\Users\spaetzchen.spaetzchen-PC\Saved Games
[2012.12.31 11:37:55 | 000,000,000 | R--D | C] -- C:\Users\spaetzchen.spaetzchen-PC\Pictures
[2012.12.31 11:37:55 | 000,000,000 | R--D | C] -- C:\Users\spaetzchen.spaetzchen-PC\Music
[2012.12.31 11:37:55 | 000,000,000 | R--D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.12.31 11:37:55 | 000,000,000 | R--D | C] -- C:\Users\spaetzchen.spaetzchen-PC\Links
[2012.12.31 11:37:55 | 000,000,000 | R--D | C] -- C:\Users\spaetzchen.spaetzchen-PC\Favorites
[2012.12.31 11:37:55 | 000,000,000 | R--D | C] -- C:\Users\spaetzchen.spaetzchen-PC\Downloads
[2012.12.31 11:37:55 | 000,000,000 | R--D | C] -- C:\Users\spaetzchen.spaetzchen-PC\Documents
[2012.12.31 11:37:55 | 000,000,000 | R--D | C] -- C:\Users\spaetzchen.spaetzchen-PC\Desktop
[2012.12.31 11:37:55 | 000,000,000 | R--D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.12.31 11:37:55 | 000,000,000 | -H-D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData
[2012.12.31 11:37:55 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Local\Temp
[2012.12.31 11:37:55 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Local\Microsoft
[2012.12.31 11:35:48 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012.12.31 11:35:48 | 000,000,000 | -HSD | C] -- \Recovery
[2012.12.31 11:35:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2012.12.31 11:35:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2012.12.31 11:35:47 | 000,000,000 | -HSD | C] -- C:\Programme
[2012.12.31 11:35:47 | 000,000,000 | -HSD | C] -- \Programme
[2012.12.31 11:35:47 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2012.12.31 11:35:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2012.12.31 11:35:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2012.12.31 11:35:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2012.12.31 11:35:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2012.12.31 11:35:47 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2012.12.31 11:35:47 | 000,000,000 | -HSD | C] -- \Dokumente und Einstellungen
[2012.12.31 11:35:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2012.12.31 11:35:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2012.12.31 11:30:53 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.12.31 11:28:47 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012.12.31 11:28:07 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012.12.31 11:28:07 | 000,000,000 | -HSD | C] -- \System Volume Information
[2012.12.31 11:27:12 | 000,000,000 | ---D | C] -- C:\Windows\Panther
 
========== Files - Modified Within 30 Days ==========
 
[2013.01.17 15:36:06 | 000,017,168 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.17 15:36:06 | 000,017,168 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.17 15:34:58 | 000,059,392 | R--- | M] () -- C:\Windows\SysWow64\streamhlp.dll
[2013.01.17 15:34:58 | 000,001,011 | ---- | M] () -- C:\Users\spaetzchen.spaetzchen-PC\Desktop\TrojanHunter.lnk
[2013.01.17 15:34:51 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.01.17 15:34:51 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.01.17 15:34:51 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.01.17 15:34:51 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.01.17 15:34:51 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.01.17 15:28:53 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\rbmonitor.job
[2013.01.17 15:28:53 | 000,000,298 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job
[2013.01.17 15:28:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.17 15:28:38 | 1609,224,192 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.11 11:37:35 | 947,070,088 | ---- | M] (Microsoft Corporation) -- C:\Users\spaetzchen.spaetzchen-PC\windows6.1-KB976932-X64.exe
[2013.01.11 10:52:01 | 563,934,504 | ---- | M] (Microsoft Corporation) -- C:\Users\spaetzchen.spaetzchen-PC\windows6.1-KB976932-X86.exe
[2013.01.11 10:47:03 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.01.11 10:47:03 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.01.10 14:45:21 | 000,001,083 | ---- | M] () -- C:\Users\spaetzchen.spaetzchen-PC\Desktop\Kaspersky Security Scan.lnk
[2013.01.07 20:56:43 | 000,000,999 | ---- | M] () -- C:\Users\spaetzchen.spaetzchen-PC\Desktop\PDF Architect.lnk
[2013.01.07 20:56:08 | 000,001,037 | ---- | M] () -- C:\Users\Public\Desktop\PDFCreator.lnk
[2013.01.07 20:54:12 | 000,002,697 | ---- | M] () -- C:\Users\spaetzchen.spaetzchen-PC\Desktop\Microsoft Office Word 2007.lnk
[2013.01.07 11:06:59 | 000,001,243 | ---- | M] () -- C:\Users\spaetzchen.spaetzchen-PC\Desktop\AVS Video Converter.lnk
[2013.01.07 11:06:24 | 000,001,207 | ---- | M] () -- C:\Users\spaetzchen.spaetzchen-PC\Desktop\AVS Media Player.lnk
[2013.01.07 10:49:21 | 000,002,025 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013.01.06 17:19:39 | 000,002,092 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2013.01.06 16:50:29 | 000,417,200 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.01.06 15:19:24 | 000,001,097 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Picture It! 2.0.lnk
[2013.01.06 11:00:58 | 000,001,219 | ---- | M] () -- C:\Users\Public\Desktop\RegistryBooster.lnk
[2013.01.05 23:56:03 | 000,001,107 | ---- | M] () -- C:\Users\spaetzchen.spaetzchen-PC\Desktop\W- Lan Schlüssel.lnk
[2013.01.05 23:45:29 | 001,528,184 | ---- | M] (Microsoft Corporation) -- C:\Users\spaetzchen.spaetzchen-PC\GenuineCheck.exe
[2013.01.05 23:40:29 | 000,001,410 | ---- | M] () -- C:\Users\spaetzchen.spaetzchen-PC\Desktop\slsk - Verknüpfung.lnk
[2013.01.05 23:37:47 | 001,028,938 | ---- | M] () -- C:\Users\spaetzchen.spaetzchen-PC\slsk156c.exe
[2013.01.05 21:59:02 | 000,001,088 | ---- | M] () -- C:\Users\Public\Desktop\KeyFinder.lnk
[2013.01.05 17:39:39 | 000,002,215 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2013.01.05 17:39:39 | 000,002,195 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
[2013.01.05 17:38:38 | 000,001,955 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2013.01.05 17:06:33 | 000,001,153 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.12.31 13:02:35 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.12.31 11:59:37 | 000,001,166 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 7.lnk
[2012.12.31 11:36:31 | 000,000,009 | RHS- | M] () -- C:\Windows\installed
[2012.12.31 11:31:30 | 000,057,050 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012.12.31 11:31:30 | 000,057,050 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012.12.31 11:29:56 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
 
========== Files Created - No Company Name ==========
 
[2013.01.17 15:34:58 | 000,001,011 | ---- | C] () -- C:\Users\spaetzchen.spaetzchen-PC\Desktop\TrojanHunter.lnk
[2013.01.17 15:34:50 | 000,059,392 | R--- | C] () -- C:\Windows\SysWow64\streamhlp.dll
[2013.01.10 14:45:22 | 000,001,083 | ---- | C] () -- C:\Users\spaetzchen.spaetzchen-PC\Desktop\Kaspersky Security Scan.lnk
[2013.01.07 20:56:43 | 000,000,999 | ---- | C] () -- C:\Users\spaetzchen.spaetzchen-PC\Desktop\PDF Architect.lnk
[2013.01.07 20:56:08 | 000,001,037 | ---- | C] () -- C:\Users\Public\Desktop\PDFCreator.lnk
[2013.01.07 20:54:12 | 000,002,697 | ---- | C] () -- C:\Users\spaetzchen.spaetzchen-PC\Desktop\Microsoft Office Word 2007.lnk
[2013.01.07 11:06:59 | 000,001,243 | ---- | C] () -- C:\Users\spaetzchen.spaetzchen-PC\Desktop\AVS Video Converter.lnk
[2013.01.07 11:06:24 | 000,001,207 | ---- | C] () -- C:\Users\spaetzchen.spaetzchen-PC\Desktop\AVS Media Player.lnk
[2013.01.07 10:49:21 | 000,002,025 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013.01.07 10:49:20 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013.01.06 17:19:39 | 000,002,104 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2013.01.06 17:19:39 | 000,002,092 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2013.01.06 15:19:24 | 000,001,109 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Picture It! 2.0.lnk
[2013.01.06 15:19:24 | 000,001,097 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Picture It! 2.0.lnk
[2013.01.06 11:01:04 | 000,000,298 | ---- | C] () -- C:\Windows\tasks\RegistryBooster.job
[2013.01.06 11:01:00 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\rbmonitor.job
[2013.01.06 11:00:58 | 000,001,219 | ---- | C] () -- C:\Users\Public\Desktop\RegistryBooster.lnk
[2013.01.05 23:55:06 | 000,001,107 | ---- | C] () -- C:\Users\spaetzchen.spaetzchen-PC\Desktop\W- Lan Schlüssel.lnk
[2013.01.05 23:40:29 | 000,001,410 | ---- | C] () -- C:\Users\spaetzchen.spaetzchen-PC\Desktop\slsk - Verknüpfung.lnk
[2013.01.05 23:37:46 | 001,028,938 | ---- | C] () -- C:\Users\spaetzchen.spaetzchen-PC\slsk156c.exe
[2013.01.05 21:59:02 | 000,001,088 | ---- | C] () -- C:\Users\Public\Desktop\KeyFinder.lnk
[2013.01.05 17:39:39 | 000,002,215 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2013.01.05 17:39:39 | 000,002,207 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
[2013.01.05 17:39:39 | 000,002,195 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
[2013.01.05 17:38:38 | 000,001,955 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2013.01.05 17:38:38 | 000,001,905 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
[2013.01.05 17:06:33 | 000,001,153 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.12.31 13:02:35 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.12.31 12:55:33 | 000,381,365 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2012.12.31 12:52:48 | 000,010,084 | ---- | C] () -- C:\Windows\SysNative\drivers\nvphy.bin
[2012.12.31 11:59:37 | 000,001,166 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 7.lnk
[2012.12.31 11:36:31 | 000,000,009 | RHS- | C] () -- C:\Windows\installed
[2012.12.31 11:31:16 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012.12.31 11:31:07 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012.12.31 11:29:56 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.12.31 11:28:07 | 1609,224,192 | -HS- | C] () -- C:\hiberfil.sys
[2012.12.31 11:28:07 | 1609,224,192 | -HS- | C] () -- \hiberfil.sys
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010.08.11 16:06:39 | 014,162,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010.08.11 16:06:39 | 012,867,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]


< End of report >
         
--- --- ---

*seufz* Na da bin ich aber gespannt!

Danke und Gruß

spaetzchen
__________________

Geändert von spaetzchen (17.01.2013 um 16:35 Uhr) Grund: vertippt

Alt 17.01.2013, 16:55   #4
markusg
/// Malware-holic
 
Ich weiß nicht mehr weiter ... - Standard

Ich weiß nicht mehr weiter ...



hi
sollte man aber nicht, denn solche Programme haben viele fehlalarme, löscht man die, sind andere Programme dann evtl nicht mehr lauffähig
deinstaliere Registry Booster , solte software ist nutzlos und an der Registry sollte ma nicht rum spielen.


dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.


• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.



Code:
ATTFilter
:OTL
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261040~1.25\{c16c1~1\browse~1.dll) -  File not found
 :Files
:Commands
[EMPTYFLASH] 
[emptytemp]
         


• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 17.01.2013, 17:15   #5
spaetzchen
 
Ich weiß nicht mehr weiter ... - Standard

Ich weiß nicht mehr weiter ...



Ich kann es, regisrty booster nicht deinstallieren weil ich nicht rankomme Markus. Weder über den normalen Start noch im abgesicherten Modus egal ob mit oder ohne Treiber oder Eingabeaufforderung. No! Es ist der gleiche Effekt wie beim normalen Start, in den Ecken steht angesicherter Modus, oben in der Mitte irgendwas uns sonst NIX., nada, niente funktioniert oder ist zu sehen außer diesem dämlichen booster.

Wie ich bereits schrieb seh ich keine Proramme und auch keine Taskleiste, es funktioniert keine Windows Taste und auch in die Sysremsteuerung oder den taskmanager komme ich nicht rein/ nicht ran sonst hätte ich das Teil längst deinsatlliert. Habe ich noch nie gebraucht und werde es nie brauchen, weiß auch nicht woher ich es hab und werd den Teufel tun in der Registry irgend etwas zu ändern da ich einfach das Wissen nicht besitze, und um dieses Wissen weiß.
Bin vielleicht bischen verrückt aber nicht größenwahnsinnig.

Neustart erzwungen, Mauszeiger auf dem Monitor und beweglich, sonst nichts. Wie lange sollte ich jetzt warten ob noch etwas passiert? Hatte ich auch schon alles stundenlang.


Geändert von spaetzchen (17.01.2013 um 17:32 Uhr) Grund: Änderung

Alt 17.01.2013, 17:38   #6
markusg
/// Malware-holic
 
Ich weiß nicht mehr weiter ... - Standard

Ich weiß nicht mehr weiter ...



dann mal reset drücken, schau mal, ob du den CCleaner zum laufen bekommst:
lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
--> Ich weiß nicht mehr weiter ...

Alt 17.01.2013, 18:13   #7
spaetzchen
 
Ich weiß nicht mehr weiter ... - Standard

Ich weiß nicht mehr weiter ...



Kenne ich, hab ich auch auf meinem Compi. Nichts desto Trotz da der Link nicht funktionierte über Chip runtergeladen und funktioniert.

Booster via Cleaner deinstalliert und auch VLC wo mir vorhin dies andere Proggi sagte es wäre ein Trojaner in der uninstall drin, ich es eh nie benutzt habe.

Tune Up 2013 welches danach eigenständig aktiv wurde bestätigte die nicht vorhandene Verknüpfung zu Booster und VLC, und ich hab sie bereinigen lassen.

Worüber ich exorbitant erstaunt bin, er zeigt mir unter Systemwiederherstellung Windows Updates vom 12. und 16.01. die ich nicht autorisiert habe, da ich die Funktion Updates automatisch instalieren auf "nie" gesetzt habe.

Monitor dunkel aber aktiv, Mauszeiger ebenso und erst einmal sichtbar nichts passiert. Zwangsweise neu gestartet im abgesichterten Modus, gleiche Bild in "grün".

Geändert von spaetzchen (17.01.2013 um 18:35 Uhr) Grund: Änderung

Alt 17.01.2013, 18:17   #8
markusg
/// Malware-holic
 
Ich weiß nicht mehr weiter ... - Standard

Ich weiß nicht mehr weiter ...



Hi
warum stellst du die windows updates aus, die benötigt dein PC!
was zeigt er denn zu dem Datum an, bzw hast du was instaliert an den Tagen?
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
c: öffnen, tdsskiller-datum-version.txt öffnen, Inhalt posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 17.01.2013, 18:40   #9
spaetzchen
 
Ich weiß nicht mehr weiter ... - Standard

Ich weiß nicht mehr weiter ...



Zitat:
Zitat von markusg Beitrag anzeigen
Hi
warum stellst du die windows updates aus, die benötigt dein PC!
was zeigt er denn zu dem Datum an, bzw hast du was instaliert an den Tagen?
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
c: öffnen, tdsskiller-datum-version.txt öffnen, Inhalt posten
Wie bitte?

Ich habe mein Avira deinstalliert und Kaspersky installiert.

Geändert von spaetzchen (17.01.2013 um 18:44 Uhr) Grund: Änderung

Alt 17.01.2013, 18:41   #10
markusg
/// Malware-holic
 
Ich weiß nicht mehr weiter ... - Standard

Ich weiß nicht mehr weiter ...



du schreibst:
Worüber ich exorbitant erstaunt bin, er zeigt mir unter Systemwiederherstellung Windows Updates vom 12. und 16.01. die ich nicht autorisiert habe, da ich
die Funktion Updates automatisch instalieren auf "nie" gesetzt habe.
warum hast du die updates auf nie gesetzt, die sind nötig und müssen auf automatisch instalieren stehen.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 17.01.2013, 18:58   #11
spaetzchen
 
Ich weiß nicht mehr weiter ... - Standard

Ich weiß nicht mehr weiter ...



Das kann ich Dir ganz genau erklären.

Bei Vista war es so eingestellt, wonach nach einem Update nichts mehr funktionierte. Mein Bildbearbeitungsprogramm Picture it 7 fing plötzlich an einzufrieren, startete laufend neu unter der Prämisse es funktioniere nicht mehr und danach wie beschrieben gleiche in grün. Tasmanager ließ sich nicht starten es fehle eine Datei.'
Danach wie gehabt und beschrieben.

Bei meinen PC habe ich nun einen vorhandenen Bildschirm und eine bewegliche Maus, und sonst Dunkeltuten, und auch keinen Browser mehr. Ergo TDDS auch nicht.

Ich hab Heute noch nichts gegessen, mir tut ganz böse mein Rücken weh und eine Lösung ist nicht abzusehen.

Vielen Dank und vielleicht findet sich ja doch noch was ...

spaetzchen

Nach dem Start mit kaspersky:
dracut warning: Can't mount root filesystem

Geändert von spaetzchen (17.01.2013 um 19:51 Uhr) Grund: Änderung

Alt 17.01.2013, 22:01   #12
markusg
/// Malware-holic
 
Ich weiß nicht mehr weiter ... - Standard

Ich weiß nicht mehr weiter ...



hi
na ich hindere dich nicht am Essen. mach bitte immer mit der Ruhe, und arbeite dann, wenns dir gut geht, sonst bringts ja auch nichts.
wie alt ist die Festplatte ungefähr?
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 18.01.2013, 10:39   #13
spaetzchen
 
Ich weiß nicht mehr weiter ... - Standard

Ich weiß nicht mehr weiter ...



Guten Morgen,

nun sehe ich nach dem Anmeldebildschirm gar nichts mehr und es tut sich auch nichts.

Die Festplatten weiß ich im Einzelnen nicht wie alt sie sind, die C Platte war drin beim Kauf vor ca. 10 Jahren, vorausgesetzt sie wurde nicht zwischendurch ausgetauscht was ich aber nicht mit Sicherheit weiß, die Samsung müßte ungefähr 4 oder 5 Jahre alt sein hab ich selbst eingebaut/ angestöpselt und die WD 0 Plan.

Gruß

spaetzchen

Ich hatte Gestern übersehen das ich alle Benutzer anklicken muß für den Scan, vielleicht steht nun mehr info zur Verfügung damit mir geholfen werden kann.OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 18.01.2013 11:51:15 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\spaetzchen.spaetzchen-PC\Downloads
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,13 Gb Available Physical Memory | 56,67% Memory free
4,00 Gb Paging File | 2,85 Gb Available in Paging File | 71,27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 263,41 Gb Free Space | 88,39% Space Free | Partition Type: NTFS
Drive E: | 97,65 Gb Total Space | 10,84 Gb Free Space | 11,10% Space Free | Partition Type: NTFS
Drive F: | 97,65 Gb Total Space | 13,83 Gb Free Space | 14,16% Space Free | Partition Type: NTFS
Drive G: | 97,65 Gb Total Space | 18,74 Gb Free Space | 19,19% Space Free | Partition Type: NTFS
Drive H: | 172,80 Gb Total Space | 17,76 Gb Free Space | 10,28% Space Free | Partition Type: NTFS
Drive I: | 100,00 Mb Total Space | 71,66 Mb Free Space | 71,67% Space Free | Partition Type: NTFS
Drive J: | 147,46 Gb Total Space | 22,38 Gb Free Space | 15,18% Space Free | Partition Type: NTFS
Drive K: | 448,71 Gb Total Space | 37,81 Gb Free Space | 8,43% Space Free | Partition Type: NTFS
 
Computer Name: SPAETZCHEN-PC | User Name: spaetzchen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.01.18 11:50:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\spaetzchen.spaetzchen-PC\Downloads\OTL 01.exe
PRC - [2013.01.11 10:47:03 | 001,808,392 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
PRC - [2012.11.29 09:26:08 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.11.22 16:58:14 | 001,522,312 | ---- | M] (pdfforge GbR) -- C:\Program Files (x86)\PDF Architect\HelperService.exe
PRC - [2012.10.10 21:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.04.25 19:53:38 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
PRC - [2012.04.05 15:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.01.11 10:47:02 | 014,586,888 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
MOD - [2012.11.29 09:26:21 | 002,397,152 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012.11.29 16:06:08 | 000,037,216 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.12.21 11:00:52 | 000,031,744 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe -- (SrvUpdater)
SRV - [2012.11.29 16:06:12 | 002,401,632 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.11.29 16:06:08 | 000,029,536 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2012.11.22 16:58:14 | 001,522,312 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\HelperService.exe -- (PDF Architect Helper Service)
SRV - [2012.11.22 16:56:10 | 000,905,864 | ---- | M] (pdfforge GbR) [Auto | Stopped] -- C:\Program Files (x86)\PDF Architect\ConversionService.exe -- (PDF Architect Service)
SRV - [2012.11.17 00:10:37 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.10 21:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.09.07 21:06:26 | 002,464,400 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2012.04.25 19:53:38 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe -- (KSS)
SRV - [2012.04.05 15:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe -- (Live Updater Service)
SRV - [2010.01.21 01:53:42 | 000,496,232 | ---- | M] () [Auto | Running] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)
SRV - [2010.01.21 01:53:42 | 000,209,000 | ---- | M] () [Auto | Running] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.08.29 17:48:16 | 000,243,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.03.04 18:26:58 | 000,349,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012.09.19 10:50:50 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-78767351-3704573841-1543014883-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Babylon Search
IE - HKU\S-1-5-21-78767351-3704573841-1543014883-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKU\S-1-5-21-78767351-3704573841-1543014883-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-78767351-3704573841-1543014883-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 80 33 FA 27 46 E7 CD 01  [binary data]
IE - HKU\S-1-5-21-78767351-3704573841-1543014883-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-78767351-3704573841-1543014883-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-78767351-3704573841-1543014883-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-78767351-3704573841-1543014883-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-78767351-3704573841-1543014883-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=115284&tt=0113_4&babsrc=SP_ss&mntrId=2820a377000000000000001fe2574cf3
IE - HKU\S-1-5-21-78767351-3704573841-1543014883-1000\..\SearchScopes\{88DD5CA1-DF9E-421A-AB57-523C31FCC15F}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=crm&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=AB342F38-0A2F-4304-8E27-166D62B487E0&apn_sauid=94F772CD-E42F-4C40-90E6-CBA9E8CE993B
IE - HKU\S-1-5-21-78767351-3704573841-1543014883-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-78767351-3704573841-1543014883-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKU\S-1-5-21-78767351-3704573841-1543014883-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKU\S-1-5-21-78767351-3704573841-1543014883-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-78767351-3704573841-1543014883-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 80 33 FA 27 46 E7 CD 01  [binary data]
IE - HKU\S-1-5-21-78767351-3704573841-1543014883-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-78767351-3704573841-1543014883-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-78767351-3704573841-1543014883-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013.01.07 20:56:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.12 10:01:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.01.06 17:19:35 | 000,000,000 | ---D | M]
 
[2013.01.11 10:41:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.11.29 09:26:57 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.11.29 10:19:31 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.01.06 15:12:37 | 000,002,349 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.11.29 10:19:31 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.11.29 10:19:31 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.11.29 10:19:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.11.29 10:19:31 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.11.29 10:19:31 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (PDF Architect Toolbar) - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-78767351-3704573841-1543014883-1000..\Run: [KSS] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
O4 - HKU\S-1-5-21-78767351-3704573841-1543014883-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4:64bit: - HKLM..\RunOnce: [*Restore] C:\Windows\SysNative\rstrui.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-78767351-3704573841-1543014883-1000..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-21-78767351-3704573841-1543014883-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 193.189.244.194 193.189.244.202
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{27A93F6A-9B39-4097-9FBC-43C380B1D8A6}: DhcpNameServer = 192.168.1.1 193.189.244.194 193.189.244.202
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261040~1.25\{c16c1~1\browse~1.dll) -  File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.03.18 10:08:44 | 000,000,000 | RH-D | M] - G:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002.10.17 03:56:50 | 000,000,036 | RH-- | M] () - G:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.01.17 17:53:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.01.17 17:53:26 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.01.17 15:34:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TrojanHunter 5.5
[2013.01.11 13:15:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2013.01.11 12:11:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2013.01.11 11:25:27 | 947,070,088 | ---- | C] (Microsoft Corporation) -- C:\Users\spaetzchen.spaetzchen-PC\windows6.1-KB976932-X64.exe
[2013.01.11 10:47:17 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Local\Macromedia
[2013.01.11 10:44:34 | 563,934,504 | ---- | C] (Microsoft Corporation) -- C:\Users\spaetzchen.spaetzchen-PC\windows6.1-KB976932-X86.exe
[2013.01.10 14:45:22 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
[2013.01.10 14:44:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013.01.10 14:44:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2013.01.10 14:17:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2013.01.07 20:56:38 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\Documents\PDF Architect Files
[2013.01.07 20:56:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect
[2013.01.07 20:56:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDF Architect
[2013.01.07 20:56:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2013.01.07 20:56:05 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCT2.OCX
[2013.01.07 20:56:05 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMAPI32.OCX
[2013.01.07 20:56:05 | 000,103,936 | ---- | C] (pdfforge GbR) -- C:\Windows\SysNative\pdfcmon.dll
[2013.01.07 20:56:04 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCMCDE.DLL
[2013.01.07 20:56:04 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6DE.DLL
[2013.01.07 20:56:04 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCC2DE.DLL
[2013.01.07 20:56:04 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPIDE.DLL
[2013.01.07 20:56:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator
[2013.01.07 20:54:25 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Local\Programs
[2013.01.07 11:06:52 | 011,137,024 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\libmfxsw32.dll
[2013.01.07 11:06:47 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2013.01.07 11:06:42 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2013.01.07 11:06:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2013.01.07 11:05:48 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc70.dll
[2013.01.07 11:05:48 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp70.dll
[2013.01.07 11:05:48 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr70.dll
[2013.01.07 11:05:47 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\GdiPlus.dll
[2013.01.07 11:05:47 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2013.01.07 11:05:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVSMedia
[2013.01.07 11:05:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVS4YOU
[2013.01.07 10:49:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2013.01.06 17:19:43 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Local\Thunderbird
[2013.01.06 17:19:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013.01.06 17:19:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013.01.06 17:19:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013.01.06 15:19:24 | 000,000,000 | ---D | C] -- C:\My Pictures
[2013.01.06 15:19:24 | 000,000,000 | ---D | C] -- \My Pictures
[2013.01.06 15:18:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Picture It!
[2013.01.06 15:17:05 | 000,000,000 | ---D | C] -- C:\Program Files\Picture it 2.0
[2013.01.06 15:14:55 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\Documents\227180-659357-microsoft-picture-it.zip
[2013.01.06 15:13:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoftwareUpdater
[2013.01.06 15:12:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2013.01.06 11:22:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2013.01.05 23:45:28 | 001,528,184 | ---- | C] (Microsoft Corporation) -- C:\Users\spaetzchen.spaetzchen-PC\GenuineCheck.exe
[2013.01.05 23:42:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoulseekNSNeu
[2013.01.05 23:38:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Soulseek
[2013.01.05 23:38:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoulseekNS
[2013.01.05 23:38:28 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Soulseek NS
[2013.01.05 23:38:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soulseek NS
[2013.01.05 23:35:50 | 000,000,000 | ---D | C] -- C:\Program Files\SoulseekNS neu
[2013.01.05 23:33:53 | 000,000,000 | ---D | C] -- C:\Program Files\Picture it 7
[2013.01.05 21:59:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Magical Jelly Bean
[2013.01.05 21:59:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder
[2013.01.05 18:18:34 | 000,237,568 | ---- | C] (Microsoft Corporation) -- C:\Users\spaetzchen.spaetzchen-PC\Desktop\Pip.exe
[2013.01.05 17:45:27 | 000,037,216 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2013.01.05 17:45:26 | 000,029,536 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2013.01.05 17:39:41 | 000,034,656 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2013.01.05 17:39:41 | 000,025,952 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2013.01.05 17:39:40 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2013.01.05 17:39:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
[2013.01.05 17:39:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2013
[2013.01.05 17:39:25 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2013.01.05 17:39:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013.01.05 17:39:21 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013.01.05 17:38:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2013.01.05 17:38:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDBurnerXP
[2013.01.05 17:21:38 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Local\Microsoft Games
[2013.01.05 17:20:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2013.01.05 17:20:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2013.01.05 17:06:39 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Local\Mozilla
[2013.01.05 17:06:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.12.31 13:28:13 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Local\Adobe
[2012.12.31 13:18:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Acer
[2012.12.31 13:17:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Packard Bell
[2012.12.31 13:17:47 | 000,000,000 | ---D | C] -- C:\OEM
[2012.12.31 13:17:47 | 000,000,000 | ---D | C] -- \OEM
[2012.12.31 13:17:46 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security & Support
[2012.12.31 13:17:46 | 000,000,000 | ---D | C] -- C:\Program Files\Packard Bell
[2012.12.31 13:14:08 | 000,697,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.12.31 13:14:08 | 000,074,248 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.12.31 13:14:08 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012.12.31 13:14:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012.12.31 13:03:19 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.12.31 13:03:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.12.31 13:03:17 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012.12.31 13:02:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2012.12.31 13:01:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012.12.31 12:59:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012.12.31 12:55:56 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2012.12.31 12:55:56 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012.12.31 12:55:36 | 002,080,120 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2012.12.31 12:55:35 | 001,361,336 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tosade.dll
[2012.12.31 12:55:35 | 000,836,544 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo264.dll
[2012.12.31 12:55:35 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2012.12.31 12:55:35 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2012.12.31 12:55:35 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2012.12.31 12:55:35 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2012.12.31 12:55:35 | 000,148,416 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo.dll
[2012.12.31 12:55:35 | 000,065,944 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\SysNative\tepeqapo64.dll
[2012.12.31 12:55:34 | 003,673,232 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2012.12.31 12:55:34 | 002,743,440 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2012.12.31 12:55:34 | 001,561,744 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2012.12.31 12:55:34 | 000,881,808 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2012.12.31 12:55:34 | 000,772,224 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll
[2012.12.31 12:55:34 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2012.12.31 12:55:34 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2012.12.31 12:55:34 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2012.12.31 12:55:34 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2012.12.31 12:55:34 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2012.12.31 12:55:34 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2012.12.31 12:55:34 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2012.12.31 12:55:34 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2012.12.31 12:55:34 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2012.12.31 12:55:34 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2012.12.31 12:55:34 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
[2012.12.31 12:55:33 | 010,612,736 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2012.12.31 12:55:33 | 001,269,904 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2012.12.31 12:55:33 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2012.12.31 12:55:33 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2012.12.31 12:55:33 | 000,118,928 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2012.12.31 12:55:32 | 009,546,616 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek64.dll
[2012.12.31 12:55:32 | 007,164,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2012.12.31 12:55:32 | 002,028,920 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2012.12.31 12:55:32 | 001,460,600 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll
[2012.12.31 12:55:32 | 000,869,752 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2012.12.31 12:55:32 | 000,434,960 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2012.12.31 12:55:32 | 000,394,616 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2012.12.31 12:55:32 | 000,394,616 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2012.12.31 12:55:32 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2012.12.31 12:55:32 | 000,141,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2012.12.31 12:55:32 | 000,124,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2012.12.31 12:55:32 | 000,075,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2012.12.31 12:55:31 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2012.12.31 12:55:30 | 002,714,720 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012.12.31 12:55:30 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2012.12.31 12:55:30 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2012.12.31 12:55:30 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2012.12.31 12:55:30 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2012.12.31 12:55:30 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2012.12.31 12:55:30 | 000,501,192 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll
[2012.12.31 12:55:30 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2012.12.31 12:55:30 | 000,487,368 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll
[2012.12.31 12:55:30 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2012.12.31 12:55:30 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2012.12.31 12:55:30 | 000,415,688 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll
[2012.12.31 12:55:30 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2012.12.31 12:55:30 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2012.12.31 12:55:30 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2012.12.31 12:55:29 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2012.12.31 12:55:29 | 000,202,336 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2012.12.31 12:55:29 | 000,110,592 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2012.12.31 12:55:29 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2012.12.31 12:55:26 | 001,706,640 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2012.12.31 12:55:26 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2012.12.31 12:55:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012.12.31 12:54:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sda
[2012.12.31 12:54:13 | 009,882,112 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysWow64\RtsUStoricon.dll
[2012.12.31 12:54:13 | 000,422,504 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtsUStor.dll
[2012.12.31 12:54:13 | 000,243,712 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtsUStor.sys
[2012.12.31 12:54:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2012.12.31 12:53:41 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012.12.31 12:52:48 | 000,758,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\cohelper.dll
[2012.12.31 12:20:35 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DriverGenius
[2012.12.31 12:20:01 | 000,000,000 | ---D | C] -- C:\ProgramData\DriverGenius
[2012.12.31 12:18:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver-Soft
[2012.12.31 12:18:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Genius Professional Edition
[2012.12.31 12:17:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012.12.31 12:05:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012.12.31 12:05:12 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012.12.31 12:05:06 | 006,200,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2012.12.31 12:05:06 | 003,293,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2012.12.31 12:05:06 | 002,557,800 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2012.12.31 12:05:06 | 000,118,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2012.12.31 12:05:06 | 000,063,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2012.12.31 12:04:47 | 000,060,776 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012.12.31 12:04:47 | 000,052,584 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012.12.31 12:04:21 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012.12.31 12:04:12 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012.12.31 11:59:38 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Local\ashampoo
[2012.12.31 11:59:38 | 000,000,000 | ---D | C] -- C:\ProgramData\ashampoo
[2012.12.31 11:59:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2012.12.31 11:59:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ashampoo
[2012.12.31 11:55:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012.12.31 11:54:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2012.12.31 11:54:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2012.12.31 11:54:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012.12.31 11:53:55 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012.12.31 11:53:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012.12.31 11:52:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012.12.31 11:52:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2012.12.31 11:51:44 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Local\Microsoft Help
[2012.12.31 11:51:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012.12.31 11:51:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012.12.31 11:51:39 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012.12.31 11:51:26 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012.12.31 11:51:26 | 000,000,000 | RH-D | C] -- \MSOCache
[2012.12.31 11:45:39 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012.12.31 11:45:39 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012.12.31 11:43:01 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012.12.31 11:43:01 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.12.31 11:43:00 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.12.31 11:42:51 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012.12.31 11:42:51 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012.12.31 11:42:51 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012.12.31 11:42:46 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012.12.31 11:42:46 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012.12.31 11:38:21 | 000,000,000 | R--D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.12.31 11:38:21 | 000,000,000 | R--D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.12.31 11:38:20 | 000,000,000 | R--D | C] -- C:\Users\spaetzchen.spaetzchen-PC\Searches
[2012.12.31 11:38:08 | 000,000,000 | R--D | C] -- C:\Users\spaetzchen.spaetzchen-PC\Contacts
[2012.12.31 11:38:07 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Local\VirtualStore
[2012.12.31 11:37:56 | 000,000,000 | -HSD | C] -- C:\Users\spaetzchen.spaetzchen-PC\Vorlagen
[2012.12.31 11:37:56 | 000,000,000 | -HSD | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Local\Verlauf
[2012.12.31 11:37:56 | 000,000,000 | -HSD | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Local\Temporary Internet Files
[2012.12.31 11:37:56 | 000,000,000 | -HSD | C] -- C:\Users\spaetzchen.spaetzchen-PC\Startmenü
[2012.12.31 11:37:56 | 000,000,000 | -HSD | C] -- C:\Users\spaetzchen.spaetzchen-PC\SendTo
[2012.12.31 11:37:56 | 000,000,000 | -HSD | C] -- C:\Users\spaetzchen.spaetzchen-PC\Recent
[2012.12.31 11:37:56 | 000,000,000 | -HSD | C] -- C:\Users\spaetzchen.spaetzchen-PC\Netzwerkumgebung
[2012.12.31 11:37:56 | 000,000,000 | -HSD | C] -- C:\Users\spaetzchen.spaetzchen-PC\Lokale Einstellungen
[2012.12.31 11:37:56 | 000,000,000 | -HSD | C] -- C:\Users\spaetzchen.spaetzchen-PC\Documents\Eigene Videos
[2012.12.31 11:37:56 | 000,000,000 | -HSD | C] -- C:\Users\spaetzchen.spaetzchen-PC\Documents\Eigene Musik
[2012.12.31 11:37:56 | 000,000,000 | -HSD | C] -- C:\Users\spaetzchen.spaetzchen-PC\Eigene Dateien
[2012.12.31 11:37:56 | 000,000,000 | -HSD | C] -- C:\Users\spaetzchen.spaetzchen-PC\Documents\Eigene Bilder
[2012.12.31 11:37:56 | 000,000,000 | -HSD | C] -- C:\Users\spaetzchen.spaetzchen-PC\Druckumgebung
[2012.12.31 11:37:56 | 000,000,000 | -HSD | C] -- C:\Users\spaetzchen.spaetzchen-PC\Cookies
[2012.12.31 11:37:56 | 000,000,000 | -HSD | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Local\Anwendungsdaten
[2012.12.31 11:37:56 | 000,000,000 | -HSD | C] -- C:\Users\spaetzchen.spaetzchen-PC\Anwendungsdaten
[2012.12.31 11:37:55 | 000,000,000 | R--D | C] -- C:\Users\spaetzchen.spaetzchen-PC\Videos
[2012.12.31 11:37:55 | 000,000,000 | R--D | C] -- C:\Users\spaetzchen.spaetzchen-PC\Saved Games
[2012.12.31 11:37:55 | 000,000,000 | R--D | C] -- C:\Users\spaetzchen.spaetzchen-PC\Pictures
[2012.12.31 11:37:55 | 000,000,000 | R--D | C] -- C:\Users\spaetzchen.spaetzchen-PC\Music
[2012.12.31 11:37:55 | 000,000,000 | R--D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.12.31 11:37:55 | 000,000,000 | R--D | C] -- C:\Users\spaetzchen.spaetzchen-PC\Links
[2012.12.31 11:37:55 | 000,000,000 | R--D | C] -- C:\Users\spaetzchen.spaetzchen-PC\Favorites
[2012.12.31 11:37:55 | 000,000,000 | R--D | C] -- C:\Users\spaetzchen.spaetzchen-PC\Downloads
[2012.12.31 11:37:55 | 000,000,000 | R--D | C] -- C:\Users\spaetzchen.spaetzchen-PC\Documents
[2012.12.31 11:37:55 | 000,000,000 | R--D | C] -- C:\Users\spaetzchen.spaetzchen-PC\Desktop
[2012.12.31 11:37:55 | 000,000,000 | R--D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.12.31 11:37:55 | 000,000,000 | -H-D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData
[2012.12.31 11:37:55 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Local\Temp
[2012.12.31 11:37:55 | 000,000,000 | ---D | C] -- C:\Users\spaetzchen.spaetzchen-PC\AppData\Local\Microsoft
[2012.12.31 11:35:48 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012.12.31 11:35:48 | 000,000,000 | -HSD | C] -- \Recovery
[2012.12.31 11:35:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2012.12.31 11:35:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2012.12.31 11:35:47 | 000,000,000 | -HSD | C] -- C:\Programme
[2012.12.31 11:35:47 | 000,000,000 | -HSD | C] -- \Programme
[2012.12.31 11:35:47 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2012.12.31 11:35:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2012.12.31 11:35:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2012.12.31 11:35:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2012.12.31 11:35:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2012.12.31 11:35:47 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2012.12.31 11:35:47 | 000,000,000 | -HSD | C] -- \Dokumente und Einstellungen
[2012.12.31 11:35:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2012.12.31 11:35:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2012.12.31 11:30:53 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.12.31 11:28:47 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012.12.31 11:28:07 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012.12.31 11:28:07 | 000,000,000 | -HSD | C] -- \System Volume Information
[2012.12.31 11:27:12 | 000,000,000 | ---D | C] -- C:\Windows\Panther
 
========== Files - Modified Within 30 Days ==========
 
[2013.01.18 11:52:41 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\spaetzchen.spaetzchen-PC\Desktop\tdsskiller.exe
[2013.01.18 11:43:04 | 000,017,168 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.18 11:43:04 | 000,017,168 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.18 11:40:08 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.01.18 11:40:08 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.01.18 11:40:08 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.01.18 11:40:08 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.01.18 11:40:08 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.01.18 11:35:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.18 11:35:49 | 1609,224,192 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.17 18:10:35 | 000,002,658 | ---- | M] () -- C:\Users\spaetzchen.spaetzchen-PC\Documents\cc_20130117_180959.reg
[2013.01.17 17:53:26 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.01.17 15:34:58 | 000,059,392 | R--- | M] () -- C:\Windows\SysWow64\streamhlp.dll
[2013.01.11 11:37:35 | 947,070,088 | ---- | M] (Microsoft Corporation) -- C:\Users\spaetzchen.spaetzchen-PC\windows6.1-KB976932-X64.exe
[2013.01.11 10:52:01 | 563,934,504 | ---- | M] (Microsoft Corporation) -- C:\Users\spaetzchen.spaetzchen-PC\windows6.1-KB976932-X86.exe
[2013.01.11 10:47:03 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.01.11 10:47:03 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.01.10 14:45:21 | 000,001,083 | ---- | M] () -- C:\Users\spaetzchen.spaetzchen-PC\Desktop\Kaspersky Security Scan.lnk
[2013.01.07 20:56:43 | 000,000,999 | ---- | M] () -- C:\Users\spaetzchen.spaetzchen-PC\Desktop\PDF Architect.lnk
[2013.01.07 20:56:08 | 000,001,037 | ---- | M] () -- C:\Users\Public\Desktop\PDFCreator.lnk
[2013.01.07 20:54:12 | 000,002,697 | ---- | M] () -- C:\Users\spaetzchen.spaetzchen-PC\Desktop\Microsoft Office Word 2007.lnk
[2013.01.07 11:06:59 | 000,001,243 | ---- | M] () -- C:\Users\spaetzchen.spaetzchen-PC\Desktop\AVS Video Converter.lnk
[2013.01.07 11:06:24 | 000,001,207 | ---- | M] () -- C:\Users\spaetzchen.spaetzchen-PC\Desktop\AVS Media Player.lnk
[2013.01.07 10:49:21 | 000,002,025 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013.01.06 17:19:39 | 000,002,092 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2013.01.06 16:50:29 | 000,417,200 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.01.06 15:19:24 | 000,001,097 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Picture It! 2.0.lnk
[2013.01.05 23:56:03 | 000,001,107 | ---- | M] () -- C:\Users\spaetzchen.spaetzchen-PC\Desktop\W- Lan Schlüssel.lnk
[2013.01.05 23:45:29 | 001,528,184 | ---- | M] (Microsoft Corporation) -- C:\Users\spaetzchen.spaetzchen-PC\GenuineCheck.exe
[2013.01.05 23:40:29 | 000,001,410 | ---- | M] () -- C:\Users\spaetzchen.spaetzchen-PC\Desktop\slsk - Verknüpfung.lnk
[2013.01.05 23:37:47 | 001,028,938 | ---- | M] () -- C:\Users\spaetzchen.spaetzchen-PC\slsk156c.exe
[2013.01.05 21:59:02 | 000,001,088 | ---- | M] () -- C:\Users\Public\Desktop\KeyFinder.lnk
[2013.01.05 17:39:39 | 000,002,215 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2013.01.05 17:39:39 | 000,002,195 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
[2013.01.05 17:38:38 | 000,001,955 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2013.01.05 17:06:33 | 000,001,153 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.12.31 11:59:37 | 000,001,166 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 7.lnk
[2012.12.31 11:36:31 | 000,000,009 | RHS- | M] () -- C:\Windows\installed
[2012.12.31 11:31:30 | 000,057,050 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012.12.31 11:31:30 | 000,057,050 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012.12.31 11:29:56 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
 
========== Files Created - No Company Name ==========
 
[2013.01.17 18:10:10 | 000,002,658 | ---- | C] () -- C:\Users\spaetzchen.spaetzchen-PC\Documents\cc_20130117_180959.reg
[2013.01.17 17:53:26 | 000,000,828 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.01.17 15:34:50 | 000,059,392 | R--- | C] () -- C:\Windows\SysWow64\streamhlp.dll
[2013.01.10 14:45:22 | 000,001,083 | ---- | C] () -- C:\Users\spaetzchen.spaetzchen-PC\Desktop\Kaspersky Security Scan.lnk
[2013.01.07 20:56:43 | 000,000,999 | ---- | C] () -- C:\Users\spaetzchen.spaetzchen-PC\Desktop\PDF Architect.lnk
[2013.01.07 20:56:08 | 000,001,037 | ---- | C] () -- C:\Users\Public\Desktop\PDFCreator.lnk
[2013.01.07 20:54:12 | 000,002,697 | ---- | C] () -- C:\Users\spaetzchen.spaetzchen-PC\Desktop\Microsoft Office Word 2007.lnk
[2013.01.07 11:06:59 | 000,001,243 | ---- | C] () -- C:\Users\spaetzchen.spaetzchen-PC\Desktop\AVS Video Converter.lnk
[2013.01.07 11:06:24 | 000,001,207 | ---- | C] () -- C:\Users\spaetzchen.spaetzchen-PC\Desktop\AVS Media Player.lnk
[2013.01.07 10:49:21 | 000,002,025 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013.01.07 10:49:20 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013.01.06 17:19:39 | 000,002,104 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2013.01.06 17:19:39 | 000,002,092 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2013.01.06 15:19:24 | 000,001,109 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Picture It! 2.0.lnk
[2013.01.06 15:19:24 | 000,001,097 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Picture It! 2.0.lnk
[2013.01.05 23:55:06 | 000,001,107 | ---- | C] () -- C:\Users\spaetzchen.spaetzchen-PC\Desktop\W- Lan Schlüssel.lnk
[2013.01.05 23:40:29 | 000,001,410 | ---- | C] () -- C:\Users\spaetzchen.spaetzchen-PC\Desktop\slsk - Verknüpfung.lnk
[2013.01.05 23:37:46 | 001,028,938 | ---- | C] () -- C:\Users\spaetzchen.spaetzchen-PC\slsk156c.exe
[2013.01.05 21:59:02 | 000,001,088 | ---- | C] () -- C:\Users\Public\Desktop\KeyFinder.lnk
[2013.01.05 17:39:39 | 000,002,215 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2013.01.05 17:39:39 | 000,002,207 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
[2013.01.05 17:39:39 | 000,002,195 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
[2013.01.05 17:38:38 | 000,001,955 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2013.01.05 17:38:38 | 000,001,905 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
[2013.01.05 17:06:33 | 000,001,153 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.12.31 12:55:33 | 000,381,365 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2012.12.31 12:52:48 | 000,010,084 | ---- | C] () -- C:\Windows\SysNative\drivers\nvphy.bin
[2012.12.31 11:59:37 | 000,001,166 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 7.lnk
[2012.12.31 11:36:31 | 000,000,009 | RHS- | C] () -- C:\Windows\installed
[2012.12.31 11:31:16 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012.12.31 11:31:07 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012.12.31 11:29:56 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.12.31 11:28:07 | 1609,224,192 | -HS- | C] () -- C:\hiberfil.sys
[2012.12.31 11:28:07 | 1609,224,192 | -HS- | C] () -- \hiberfil.sys
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010.08.11 16:06:39 | 014,162,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010.08.11 16:06:39 | 012,867,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.12.31 13:18:13 | 000,000,000 | ---D | M] -- C:\Users\All Users\Acer
[2012.12.31 11:35:47 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Anwendungsdaten
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Application Data
[2012.12.31 11:59:38 | 000,000,000 | ---D | M] -- C:\Users\All Users\ashampoo
[2013.01.06 15:12:30 | 000,000,000 | ---D | M] -- C:\Users\All Users\Babylon
[2013.01.05 17:38:48 | 000,000,000 | ---D | M] -- C:\Users\All Users\Canneverbe Limited
[2013.01.05 17:39:21 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Common Files
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Desktop
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Documents
[2012.12.31 11:35:47 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Dokumente
[2013.01.05 17:51:11 | 000,000,000 | ---D | M] -- C:\Users\All Users\DriverGenius
[2012.12.31 11:35:47 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Favoriten
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Favorites
[2012.12.31 13:17:47 | 000,000,000 | ---D | M] -- C:\Users\All Users\Packard Bell
[2013.01.05 23:38:55 | 000,000,000 | ---D | M] -- C:\Users\All Users\Soulseek
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Start Menu
[2012.12.31 11:35:47 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Startmenü
[2013.01.06 11:22:24 | 000,000,000 | ---D | M] -- C:\Users\All Users\Tarma Installer
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Templates
[2013.01.05 17:39:30 | 000,000,000 | ---D | M] -- C:\Users\All Users\TuneUp Software
[2012.12.31 11:35:47 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Vorlagen
[2013.01.05 17:51:11 | 000,000,000 | -HSD | M] -- C:\Users\All Users\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2012.12.31 11:35:47 | 000,000,000 | -HSD | M] -- C:\Users\Default\Anwendungsdaten
[2009.07.14 04:20:08 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Users\Default\Application Data
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Users\Default\Cookies
[2009.07.14 03:34:59 | 000,000,000 | R--D | M] -- C:\Users\Default\Desktop
[2012.12.31 11:35:47 | 000,000,000 | R--D | M] -- C:\Users\Default\Documents
[2009.07.14 03:34:59 | 000,000,000 | R--D | M] -- C:\Users\Default\Downloads
[2012.12.31 11:35:47 | 000,000,000 | -HSD | M] -- C:\Users\Default\Druckumgebung
[2012.12.31 11:35:47 | 000,000,000 | -HSD | M] -- C:\Users\Default\Eigene Dateien
[2009.07.14 03:34:59 | 000,000,000 | R--D | M] -- C:\Users\Default\Favorites
[2009.07.14 03:34:59 | 000,000,000 | R--D | M] -- C:\Users\Default\Links
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Users\Default\Local Settings
[2012.12.31 11:35:47 | 000,000,000 | -HSD | M] -- C:\Users\Default\Lokale Einstellungen
[2009.07.14 03:34:59 | 000,000,000 | R--D | M] -- C:\Users\Default\Music
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Users\Default\My Documents
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Users\Default\NetHood
[2012.12.31 11:35:47 | 000,000,000 | -HSD | M] -- C:\Users\Default\Netzwerkumgebung
[2009.07.14 03:34:59 | 000,000,000 | R--D | M] -- C:\Users\Default\Pictures
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Users\Default\PrintHood
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Users\Default\Recent
[2009.07.14 03:34:59 | 000,000,000 | ---D | M] -- C:\Users\Default\Saved Games
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Users\Default\SendTo
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Users\Default\Start Menu
[2012.12.31 11:35:47 | 000,000,000 | -HSD | M] -- C:\Users\Default\Startmenü
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Users\Default\Templates
[2009.07.14 03:34:59 | 000,000,000 | R--D | M] -- C:\Users\Default\Videos
[2012.12.31 11:35:47 | 000,000,000 | -HSD | M] -- C:\Users\Default\Vorlagen
[2013.01.17 17:59:27 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2012.12.31 12:20:35 | 000,000,000 | R--D | M] -- C:\Users\Public\Documents
[2009.07.14 05:54:24 | 000,000,000 | R--D | M] -- C:\Users\Public\Downloads
[2009.07.14 03:34:59 | 000,000,000 | RH-D | M] -- C:\Users\Public\Favorites
[2009.07.14 05:54:24 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2009.07.14 05:54:24 | 000,000,000 | R--D | M] -- C:\Users\Public\Music
[2012.12.31 12:05:24 | 000,000,000 | R--D | M] -- C:\Users\Public\Pictures
[2009.07.14 19:18:19 | 000,000,000 | R--D | M] -- C:\Users\Public\Recorded TV
[2009.07.14 05:54:24 | 000,000,000 | R--D | M] -- C:\Users\Public\Videos
[2012.12.31 11:37:56 | 000,000,000 | -HSD | M] -- C:\Users\spaetzchen.spaetzchen-PC\Anwendungsdaten
[2012.12.31 11:37:56 | 000,000,000 | -H-D | M] -- C:\Users\spaetzchen.spaetzchen-PC\AppData
[2012.12.31 11:38:27 | 000,000,000 | R--D | M] -- C:\Users\spaetzchen.spaetzchen-PC\Contacts
[2012.12.31 11:37:56 | 000,000,000 | -HSD | M] -- C:\Users\spaetzchen.spaetzchen-PC\Cookies
[2013.01.18 11:52:39 | 000,000,000 | R--D | M] -- C:\Users\spaetzchen.spaetzchen-PC\Desktop
[2013.01.17 18:10:10 | 000,000,000 | R--D | M] -- C:\Users\spaetzchen.spaetzchen-PC\Documents
[2013.01.18 11:50:15 | 000,000,000 | R--D | M] -- C:\Users\spaetzchen.spaetzchen-PC\Downloads
[2012.12.31 11:37:56 | 000,000,000 | -HSD | M] -- C:\Users\spaetzchen.spaetzchen-PC\Druckumgebung
[2012.12.31 11:37:56 | 000,000,000 | -HSD | M] -- C:\Users\spaetzchen.spaetzchen-PC\Eigene Dateien
[2012.12.31 11:38:27 | 000,000,000 | R--D | M] -- C:\Users\spaetzchen.spaetzchen-PC\Favorites
[2012.12.31 11:38:27 | 000,000,000 | R--D | M] -- C:\Users\spaetzchen.spaetzchen-PC\Links
[2012.12.31 11:37:56 | 000,000,000 | -HSD | M] -- C:\Users\spaetzchen.spaetzchen-PC\Lokale Einstellungen
[2012.12.31 11:38:27 | 000,000,000 | R--D | M] -- C:\Users\spaetzchen.spaetzchen-PC\Music
[2012.12.31 11:37:56 | 000,000,000 | -HSD | M] -- C:\Users\spaetzchen.spaetzchen-PC\Netzwerkumgebung
[2013.01.05 17:29:47 | 000,000,000 | R--D | M] -- C:\Users\spaetzchen.spaetzchen-PC\Pictures
[2012.12.31 11:37:56 | 000,000,000 | -HSD | M] -- C:\Users\spaetzchen.spaetzchen-PC\Recent
[2013.01.05 17:21:40 | 000,000,000 | R--D | M] -- C:\Users\spaetzchen.spaetzchen-PC\Saved Games
[2012.12.31 11:38:27 | 000,000,000 | R--D | M] -- C:\Users\spaetzchen.spaetzchen-PC\Searches
[2012.12.31 11:37:56 | 000,000,000 | -HSD | M] -- C:\Users\spaetzchen.spaetzchen-PC\SendTo
[2012.12.31 11:37:56 | 000,000,000 | -HSD | M] -- C:\Users\spaetzchen.spaetzchen-PC\Startmenü
[2012.12.31 11:38:27 | 000,000,000 | R--D | M] -- C:\Users\spaetzchen.spaetzchen-PC\Videos
[2012.12.31 11:37:56 | 000,000,000 | -HSD | M] -- C:\Users\spaetzchen.spaetzchen-PC\Vorlagen
[2012.12.31 12:05:43 | 000,000,000 | -HSD | M] -- C:\Users\UpdatusUser\Anwendungsdaten
[2012.12.31 12:05:43 | 000,000,000 | -H-D | M] -- C:\Users\UpdatusUser\AppData
[2012.12.31 12:05:44 | 000,000,000 | ---D | M] -- C:\Users\UpdatusUser\Contacts
[2012.12.31 12:05:43 | 000,000,000 | -HSD | M] -- C:\Users\UpdatusUser\Cookies
[2009.07.14 03:34:59 | 000,000,000 | R--D | M] -- C:\Users\UpdatusUser\Desktop
[2012.12.31 12:05:43 | 000,000,000 | R--D | M] -- C:\Users\UpdatusUser\Documents
[2009.07.14 03:34:59 | 000,000,000 | R--D | M] -- C:\Users\UpdatusUser\Downloads
[2012.12.31 12:05:43 | 000,000,000 | -HSD | M] -- C:\Users\UpdatusUser\Druckumgebung
[2012.12.31 12:05:43 | 000,000,000 | -HSD | M] -- C:\Users\UpdatusUser\Eigene Dateien
[2009.07.14 03:34:59 | 000,000,000 | R--D | M] -- C:\Users\UpdatusUser\Favorites
[2009.07.14 03:34:59 | 000,000,000 | R--D | M] -- C:\Users\UpdatusUser\Links
[2012.12.31 12:05:43 | 000,000,000 | -HSD | M] -- C:\Users\UpdatusUser\Lokale Einstellungen
[2009.07.14 03:34:59 | 000,000,000 | R--D | M] -- C:\Users\UpdatusUser\Music
[2012.12.31 12:05:43 | 000,000,000 | -HSD | M] -- C:\Users\UpdatusUser\Netzwerkumgebung
[2009.07.14 03:34:59 | 000,000,000 | R--D | M] -- C:\Users\UpdatusUser\Pictures
[2012.12.31 12:05:43 | 000,000,000 | -HSD | M] -- C:\Users\UpdatusUser\Recent
[2009.07.14 03:34:59 | 000,000,000 | ---D | M] -- C:\Users\UpdatusUser\Saved Games
[2012.12.31 12:05:44 | 000,000,000 | ---D | M] -- C:\Users\UpdatusUser\Searches
[2012.12.31 12:05:43 | 000,000,000 | -HSD | M] -- C:\Users\UpdatusUser\SendTo
[2012.12.31 12:05:43 | 000,000,000 | -HSD | M] -- C:\Users\UpdatusUser\Startmenü
[2009.07.14 03:34:59 | 000,000,000 | R--D | M] -- C:\Users\UpdatusUser\Videos
[2012.12.31 12:05:43 | 000,000,000 | -HSD | M] -- C:\Users\UpdatusUser\Vorlagen
 
========== Purity Check ==========
 
 

< End of report >
         
--- --- ---

Geändert von spaetzchen (18.01.2013 um 10:41 Uhr) Grund: Änderung

Alt 18.01.2013, 12:04   #14
spaetzchen
 
Ich weiß nicht mehr weiter ... - Standard

Ich weiß nicht mehr weiter ...



Das Ergebnis von Kaspersky TDSS Killer

11:54:01.0125 4004 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:54:01.0375 4004 ============================================================
11:54:01.0375 4004 Current date / time: 2013/01/18 11:54:01.0375
11:54:01.0375 4004 SystemInfo:
11:54:01.0375 4004
11:54:01.0375 4004 OS Version: 6.1.7600 ServicePack: 0.0
11:54:01.0375 4004 Product type: Workstation
11:54:01.0375 4004 ComputerName: SPAETZCHEN-PC
11:54:01.0375 4004 UserName: spaetzchen
11:54:01.0375 4004 Windows directory: C:\Windows
11:54:01.0375 4004 System windows directory: C:\Windows
11:54:01.0375 4004 Running under WOW64
11:54:01.0375 4004 Processor architecture: Intel x64
11:54:01.0375 4004 Number of processors: 4
11:54:01.0375 4004 Page size: 0x1000
11:54:01.0375 4004 Boot type: Normal boot
11:54:01.0375 4004 ============================================================
11:54:02.0235 4004 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:54:02.0705 4004 Drive \Device\Harddisk1\DR1 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:54:02.0745 4004 Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:54:02.0755 4004 ============================================================
11:54:02.0755 4004 \Device\Harddisk0\DR0:
11:54:02.0765 4004 MBR partitions:
11:54:02.0765 4004 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:54:02.0765 4004 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB800
11:54:02.0765 4004 \Device\Harddisk1\DR1:
11:54:02.0765 4004 MBR partitions:
11:54:02.0765 4004 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x126EB800
11:54:02.0765 4004 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x126EC800, BlocksNum 0x3816A800
11:54:02.0765 4004 \Device\Harddisk2\DR2:
11:54:02.0765 4004 MBR partitions:
11:54:02.0765 4004 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
11:54:02.0765 4004 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0xC34F2CC, BlocksNum 0xC34F2CC
11:54:02.0765 4004 \Device\Harddisk2\DR2\Partition3: MBR, Type 0x7, StartLBA 0x1869E598, BlocksNum 0xC34F2CC
11:54:02.0765 4004 \Device\Harddisk2\DR2\Partition4: MBR, Type 0x7, StartLBA 0x249ED864, BlocksNum 0x159973DD
11:54:02.0765 4004 ============================================================
11:54:02.0775 4004 C: <-> \Device\Harddisk0\DR0\Partition2
11:54:02.0805 4004 E: <-> \Device\Harddisk2\DR2\Partition1
11:54:02.0835 4004 F: <-> \Device\Harddisk2\DR2\Partition2
11:54:02.0855 4004 G: <-> \Device\Harddisk2\DR2\Partition3
11:54:02.0885 4004 H: <-> \Device\Harddisk2\DR2\Partition4
11:54:02.0905 4004 I: <-> \Device\Harddisk0\DR0\Partition1
11:54:02.0935 4004 J: <-> \Device\Harddisk1\DR1\Partition1
11:54:02.0995 4004 K: <-> \Device\Harddisk1\DR1\Partition2
11:54:02.0995 4004 ============================================================
11:54:02.0995 4004 Initialize success
11:54:02.0995 4004 ============================================================
11:58:08.0549 3724 ============================================================
11:58:08.0549 3724 Scan started
11:58:08.0549 3724 Mode: Manual; SigCheck; TDLFS;
11:58:08.0549 3724 ============================================================
11:58:09.0376 3724 ================ Scan system memory ========================
11:58:09.0376 3724 System memory - ok
11:58:09.0376 3724 ================ Scan services =============================
11:58:09.0485 3724 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
11:58:09.0532 3724 1394ohci - ok
11:58:09.0547 3724 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
11:58:09.0563 3724 ACPI - ok
11:58:09.0579 3724 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
11:58:09.0641 3724 AcpiPmi - ok
11:58:09.0719 3724 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:58:09.0719 3724 AdobeARMservice - ok
11:58:09.0750 3724 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
11:58:09.0766 3724 adp94xx - ok
11:58:09.0797 3724 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
11:58:09.0813 3724 adpahci - ok
11:58:09.0828 3724 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
11:58:09.0844 3724 adpu320 - ok
11:58:09.0859 3724 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:58:10.0000 3724 AeLookupSvc - ok
11:58:10.0015 3724 [ B9384E03479D2506BC924C16A3DB87BC ] AFD C:\Windows\system32\drivers\afd.sys
11:58:10.0093 3724 AFD - ok
11:58:10.0109 3724 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
11:58:10.0125 3724 agp440 - ok
11:58:10.0156 3724 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
11:58:10.0187 3724 ALG - ok
11:58:10.0234 3724 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
11:58:10.0249 3724 aliide - ok
11:58:10.0249 3724 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
11:58:10.0265 3724 amdide - ok
11:58:10.0281 3724 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
11:58:10.0312 3724 AmdK8 - ok
11:58:10.0327 3724 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
11:58:10.0343 3724 AmdPPM - ok
11:58:10.0374 3724 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
11:58:10.0390 3724 amdsata - ok
11:58:10.0421 3724 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
11:58:10.0437 3724 amdsbs - ok
11:58:10.0452 3724 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
11:58:10.0452 3724 amdxata - ok
11:58:10.0468 3724 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
11:58:10.0553 3724 AppID - ok
11:58:10.0583 3724 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:58:10.0633 3724 AppIDSvc - ok
11:58:10.0653 3724 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
11:58:10.0693 3724 Appinfo - ok
11:58:10.0743 3724 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
11:58:10.0773 3724 AppMgmt - ok
11:58:10.0823 3724 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
11:58:10.0833 3724 arc - ok
11:58:10.0843 3724 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
11:58:10.0853 3724 arcsas - ok
11:58:10.0883 3724 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:58:10.0943 3724 AsyncMac - ok
11:58:10.0963 3724 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
11:58:10.0973 3724 atapi - ok
11:58:11.0013 3724 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:58:11.0063 3724 AudioEndpointBuilder - ok
11:58:11.0083 3724 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:58:11.0123 3724 AudioSrv - ok
11:58:11.0143 3724 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:58:11.0183 3724 AxInstSV - ok
11:58:11.0233 3724 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
11:58:11.0273 3724 b06bdrv - ok
11:58:11.0313 3724 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:58:11.0353 3724 b57nd60a - ok
11:58:11.0383 3724 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
11:58:11.0413 3724 BDESVC - ok
11:58:11.0453 3724 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
11:58:11.0513 3724 Beep - ok
11:58:11.0563 3724 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
11:58:11.0633 3724 BFE - ok
11:58:11.0683 3724 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
11:58:11.0753 3724 BITS - ok
11:58:11.0813 3724 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:58:11.0843 3724 blbdrive - ok
11:58:11.0863 3724 [ 91CE0D3DC57DD377E690A2D324022B08 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:58:11.0913 3724 bowser - ok
11:58:11.0943 3724 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:58:11.0973 3724 BrFiltLo - ok
11:58:11.0983 3724 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:58:11.0993 3724 BrFiltUp - ok
11:58:12.0033 3724 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\Windows\System32\browser.dll
11:58:12.0083 3724 Browser - ok
11:58:12.0103 3724 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:58:12.0143 3724 Brserid - ok
11:58:12.0153 3724 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:58:12.0173 3724 BrSerWdm - ok
11:58:12.0183 3724 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:58:12.0193 3724 BrUsbMdm - ok
11:58:12.0203 3724 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:58:12.0223 3724 BrUsbSer - ok
11:58:12.0243 3724 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
11:58:12.0273 3724 BTHMODEM - ok
11:58:12.0323 3724 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
11:58:12.0373 3724 bthserv - ok
11:58:12.0413 3724 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:58:12.0443 3724 cdfs - ok
11:58:12.0473 3724 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:58:12.0503 3724 cdrom - ok
11:58:12.0533 3724 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
11:58:12.0583 3724 CertPropSvc - ok
11:58:12.0633 3724 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:58:12.0673 3724 circlass - ok
11:58:12.0703 3724 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
11:58:12.0713 3724 CLFS - ok
11:58:12.0773 3724 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:58:12.0783 3724 clr_optimization_v2.0.50727_32 - ok
11:58:12.0823 3724 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:58:12.0833 3724 clr_optimization_v2.0.50727_64 - ok
11:58:12.0863 3724 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:58:12.0883 3724 CmBatt - ok
11:58:12.0913 3724 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
11:58:12.0923 3724 cmdide - ok
11:58:12.0943 3724 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG C:\Windows\system32\Drivers\cng.sys
11:58:12.0983 3724 CNG - ok
11:58:12.0993 3724 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:58:13.0003 3724 Compbatt - ok
11:58:13.0013 3724 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
11:58:13.0053 3724 CompositeBus - ok
11:58:13.0073 3724 COMSysApp - ok
11:58:13.0093 3724 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
11:58:13.0103 3724 crcdisk - ok
11:58:13.0133 3724 [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:58:13.0183 3724 CryptSvc - ok
11:58:13.0223 3724 [ 4A6173C2279B498CD8F57CAE504564CB ] CSC C:\Windows\system32\drivers\csc.sys
11:58:13.0283 3724 CSC - ok
11:58:13.0313 3724 [ 873FBF927C06E5CEE04DEC617502F8FD ] CscService C:\Windows\System32\cscsvc.dll
11:58:13.0373 3724 CscService - ok
11:58:13.0413 3724 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:58:13.0483 3724 DcomLaunch - ok
11:58:13.0533 3724 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
11:58:13.0593 3724 defragsvc - ok
11:58:13.0633 3724 [ 3F1DC527070ACB87E40AFE46EF6DA749 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:58:13.0683 3724 DfsC - ok
11:58:13.0713 3724 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
11:58:13.0803 3724 Dhcp - ok
11:58:13.0813 3724 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
11:58:13.0873 3724 discache - ok
11:58:13.0923 3724 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
11:58:13.0933 3724 Disk - ok
11:58:13.0953 3724 [ 676108C4E3AA6F6B34633748BD0BEBD9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:58:14.0003 3724 Dnscache - ok
11:58:14.0003 3724 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
11:58:14.0053 3724 dot3svc - ok
11:58:14.0053 3724 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
11:58:14.0103 3724 DPS - ok
11:58:14.0133 3724 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:58:14.0153 3724 drmkaud - ok
11:58:14.0193 3724 [ EBCE0B0924835F635F620D19F0529DCE ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:58:14.0223 3724 DXGKrnl - ok
11:58:14.0253 3724 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
11:58:14.0303 3724 EapHost - ok
11:58:14.0393 3724 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
11:58:14.0483 3724 ebdrv - ok
11:58:14.0523 3724 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\Windows\System32\lsass.exe
11:58:14.0553 3724 EFS - ok
11:58:14.0613 3724 [ 3D69FAE60EDE442E004611A4EE4DB44C ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:58:14.0643 3724 ehRecvr - ok
11:58:14.0663 3724 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
11:58:14.0703 3724 ehSched - ok
11:58:14.0753 3724 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
11:58:14.0773 3724 elxstor - ok
11:58:14.0793 3724 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
11:58:14.0813 3724 ErrDev - ok
11:58:14.0863 3724 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
11:58:14.0903 3724 EventSystem - ok
11:58:14.0923 3724 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
11:58:14.0983 3724 exfat - ok
11:58:14.0993 3724 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:58:15.0033 3724 fastfat - ok
11:58:15.0073 3724 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
11:58:15.0123 3724 Fax - ok
11:58:15.0123 3724 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:58:15.0143 3724 fdc - ok
11:58:15.0163 3724 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
11:58:15.0223 3724 fdPHost - ok
11:58:15.0243 3724 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
11:58:15.0293 3724 FDResPub - ok
11:58:15.0323 3724 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:58:15.0333 3724 FileInfo - ok
11:58:15.0343 3724 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:58:15.0393 3724 Filetrace - ok
11:58:15.0413 3724 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:58:15.0423 3724 flpydisk - ok
11:58:15.0443 3724 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:58:15.0463 3724 FltMgr - ok
11:58:15.0493 3724 [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A ] FontCache C:\Windows\system32\FntCache.dll
11:58:15.0553 3724 FontCache - ok
11:58:15.0593 3724 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:58:15.0603 3724 FontCache3.0.0.0 - ok
11:58:15.0703 3724 [ 76FCBFD0C78DE110468B356F85EC6DB3 ] ForceWare Intelligent Application Manager (IAM) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
11:58:15.0743 3724 ForceWare Intelligent Application Manager (IAM) - ok
11:58:15.0763 3724 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:58:15.0773 3724 FsDepends - ok
11:58:15.0783 3724 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:58:15.0793 3724 Fs_Rec - ok
11:58:15.0833 3724 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:58:15.0843 3724 fvevol - ok
11:58:15.0873 3724 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
11:58:15.0883 3724 gagp30kx - ok
11:58:15.0913 3724 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
11:58:15.0973 3724 gpsvc - ok
11:58:15.0973 3724 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:58:15.0993 3724 hcw85cir - ok
11:58:16.0043 3724 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:58:16.0083 3724 HdAudAddService - ok
11:58:16.0113 3724 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:58:16.0153 3724 HDAudBus - ok
11:58:16.0153 3724 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
11:58:16.0173 3724 HidBatt - ok
11:58:16.0203 3724 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
11:58:16.0233 3724 HidBth - ok
11:58:16.0233 3724 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:58:16.0263 3724 HidIr - ok
11:58:16.0293 3724 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
11:58:16.0343 3724 hidserv - ok
11:58:16.0383 3724 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:58:16.0413 3724 HidUsb - ok
11:58:16.0443 3724 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:58:16.0493 3724 hkmsvc - ok
11:58:16.0503 3724 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:58:16.0523 3724 HomeGroupListener - ok
11:58:16.0553 3724 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:58:16.0583 3724 HomeGroupProvider - ok
11:58:16.0613 3724 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
11:58:16.0623 3724 HpSAMD - ok
11:58:16.0653 3724 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:58:16.0723 3724 HTTP - ok
11:58:16.0753 3724 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:58:16.0753 3724 hwpolicy - ok
11:58:16.0773 3724 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:58:16.0783 3724 i8042prt - ok
11:58:16.0803 3724 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
11:58:16.0813 3724 iaStorV - ok
11:58:16.0903 3724 [ 829EA5ECCAA623279D94EAEE3B5AD140 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
11:58:16.0973 3724 IconMan_R - ok
11:58:17.0023 3724 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:58:17.0053 3724 idsvc - ok
11:58:17.0073 3724 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
11:58:17.0083 3724 iirsp - ok
11:58:17.0109 3724 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
11:58:17.0187 3724 IKEEXT - ok
11:58:17.0312 3724 [ 5C0BBE779BA3D6F84EB5AE3CB8793E11 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:58:17.0421 3724 IntcAzAudAddService - ok
11:58:17.0437 3724 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
11:58:17.0452 3724 intelide - ok
11:58:17.0468 3724 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:58:17.0499 3724 intelppm - ok
11:58:17.0530 3724 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:58:17.0561 3724 IPBusEnum - ok
11:58:17.0577 3724 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:58:17.0624 3724 IpFilterDriver - ok
11:58:17.0655 3724 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:58:17.0717 3724 iphlpsvc - ok
11:58:17.0749 3724 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
11:58:17.0774 3724 IPMIDRV - ok
11:58:17.0784 3724 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:58:17.0814 3724 IPNAT - ok
11:58:17.0854 3724 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:58:17.0864 3724 IRENUM - ok
11:58:17.0884 3724 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
11:58:17.0894 3724 isapnp - ok
11:58:17.0914 3724 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
11:58:17.0924 3724 iScsiPrt - ok
11:58:17.0934 3724 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:58:17.0944 3724 kbdclass - ok
11:58:17.0964 3724 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:58:17.0994 3724 kbdhid - ok
11:58:18.0024 3724 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\Windows\system32\lsass.exe
11:58:18.0034 3724 KeyIso - ok
11:58:18.0044 3724 [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:58:18.0054 3724 KSecDD - ok
11:58:18.0084 3724 [ A8C63880EF6F4D3FEC7B616B9C060215 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:58:18.0094 3724 KSecPkg - ok
11:58:18.0174 3724 [ E47FFCA0909871AC1BFF0D446FF63CA9 ] KSS C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
11:58:18.0184 3724 KSS - ok
11:58:18.0194 3724 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:58:18.0244 3724 ksthunk - ok
11:58:18.0284 3724 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
11:58:18.0344 3724 KtmRm - ok
11:58:18.0384 3724 [ C926920B8978DE6ACFE9E15C709E9B57 ] LanmanServer C:\Windows\system32\srvsvc.dll
11:58:18.0434 3724 LanmanServer - ok
11:58:18.0474 3724 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:58:18.0524 3724 LanmanWorkstation - ok
11:58:18.0594 3724 [ 93B73DED2BC688F140C6AE2FBAD45789 ] Live Updater Service C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
11:58:18.0604 3724 Live Updater Service - ok
11:58:18.0634 3724 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:58:18.0664 3724 lltdio - ok
11:58:18.0684 3724 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:58:18.0734 3724 lltdsvc - ok
11:58:18.0754 3724 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:58:18.0784 3724 lmhosts - ok
11:58:18.0824 3724 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
11:58:18.0834 3724 LSI_FC - ok
11:58:18.0854 3724 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
11:58:18.0864 3724 LSI_SAS - ok
11:58:18.0874 3724 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:58:18.0884 3724 LSI_SAS2 - ok
11:58:18.0904 3724 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:58:18.0914 3724 LSI_SCSI - ok
11:58:18.0914 3724 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
11:58:18.0974 3724 luafv - ok
11:58:19.0004 3724 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:58:19.0034 3724 Mcx2Svc - ok
11:58:19.0064 3724 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
11:58:19.0074 3724 megasas - ok
11:58:19.0084 3724 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
11:58:19.0094 3724 MegaSR - ok
11:58:19.0154 3724 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
11:58:19.0154 3724 Microsoft Office Groove Audit Service - ok
11:58:19.0184 3724 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
11:58:19.0224 3724 MMCSS - ok
11:58:19.0244 3724 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
11:58:19.0294 3724 Modem - ok
11:58:19.0334 3724 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:58:19.0364 3724 monitor - ok
11:58:19.0394 3724 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:58:19.0404 3724 mouclass - ok
11:58:19.0424 3724 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:58:19.0444 3724 mouhid - ok
11:58:19.0474 3724 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:58:19.0484 3724 mountmgr - ok
11:58:19.0564 3724 [ 8121C6DD654970FEDDBC195596D9706E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:58:19.0574 3724 MozillaMaintenance - ok
11:58:19.0584 3724 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
11:58:19.0594 3724 mpio - ok
11:58:19.0614 3724 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:58:19.0644 3724 mpsdrv - ok
11:58:19.0694 3724 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:58:19.0764 3724 MpsSvc - ok
11:58:19.0784 3724 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:58:19.0824 3724 MRxDAV - ok
11:58:19.0854 3724 [ 767A4C3BCF9410C286CED15A2DB17108 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:58:19.0874 3724 mrxsmb - ok
11:58:19.0884 3724 [ 920EE0FF995FCFDEB08C41605A959E1C ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:58:19.0914 3724 mrxsmb10 - ok
11:58:19.0944 3724 [ 740D7EA9D72C981510A5292CF6ADC941 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:58:19.0974 3724 mrxsmb20 - ok
11:58:19.0994 3724 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
11:58:20.0004 3724 msahci - ok
11:58:20.0034 3724 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
11:58:20.0044 3724 msdsm - ok
11:58:20.0064 3724 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
11:58:20.0094 3724 MSDTC - ok
11:58:20.0124 3724 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:58:20.0164 3724 Msfs - ok
11:58:20.0174 3724 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:58:20.0234 3724 mshidkmdf - ok
11:58:20.0254 3724 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
11:58:20.0264 3724 msisadrv - ok
11:58:20.0294 3724 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:58:20.0354 3724 MSiSCSI - ok
11:58:20.0354 3724 msiserver - ok
11:58:20.0384 3724 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:58:20.0434 3724 MSKSSRV - ok
11:58:20.0454 3724 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:58:20.0504 3724 MSPCLOCK - ok
11:58:20.0524 3724 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:58:20.0574 3724 MSPQM - ok
11:58:20.0614 3724 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:58:20.0624 3724 MsRPC - ok
11:58:20.0644 3724 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
11:58:20.0654 3724 mssmbios - ok
11:58:20.0664 3724 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:58:20.0714 3724 MSTEE - ok
11:58:20.0744 3724 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
11:58:20.0774 3724 MTConfig - ok
11:58:20.0804 3724 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
11:58:20.0814 3724 Mup - ok
11:58:20.0844 3724 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
11:58:20.0894 3724 napagent - ok
11:58:20.0914 3724 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:58:20.0954 3724 NativeWifiP - ok
11:58:20.0994 3724 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
11:58:21.0034 3724 NDIS - ok
11:58:21.0044 3724 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:58:21.0074 3724 NdisCap - ok
11:58:21.0104 3724 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:58:21.0154 3724 NdisTapi - ok
11:58:21.0174 3724 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:58:21.0224 3724 Ndisuio - ok
11:58:21.0254 3724 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:58:21.0284 3724 NdisWan - ok
11:58:21.0304 3724 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:58:21.0354 3724 NDProxy - ok
11:58:21.0384 3724 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:58:21.0414 3724 NetBIOS - ok
11:58:21.0424 3724 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:58:21.0464 3724 NetBT - ok
11:58:21.0474 3724 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\Windows\system32\lsass.exe
11:58:21.0494 3724 Netlogon - ok
11:58:21.0524 3724 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
11:58:21.0584 3724 Netman - ok
11:58:21.0614 3724 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
11:58:21.0684 3724 netprofm - ok
11:58:21.0714 3724 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:58:21.0724 3724 NetTcpPortSharing - ok
11:58:21.0754 3724 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
11:58:21.0764 3724 nfrd960 - ok
11:58:21.0794 3724 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:58:21.0854 3724 NlaSvc - ok
11:58:21.0884 3724 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:58:21.0914 3724 Npfs - ok
11:58:21.0924 3724 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
11:58:21.0974 3724 nsi - ok
11:58:22.0004 3724 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:58:22.0054 3724 nsiproxy - ok
11:58:22.0094 3724 [ 13C0D9CBA38FFA6D0C9E721B5E7212A0 ] nSvcIp C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
11:58:22.0104 3724 nSvcIp - ok
11:58:22.0144 3724 [ 356698A13C4630D5B31C37378D469196 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:58:22.0204 3724 Ntfs - ok
11:58:22.0214 3724 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
11:58:22.0254 3724 Null - ok
11:58:22.0284 3724 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
11:58:22.0324 3724 NVENETFD - ok
11:58:22.0594 3724 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:58:22.0934 3724 nvlddmkm - ok
11:58:22.0974 3724 [ BD25E03EAD63AC3365F25175B4DBD56A ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
11:58:22.0984 3724 NVNET - ok
11:58:23.0024 3724 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
11:58:23.0034 3724 nvraid - ok
11:58:23.0054 3724 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
11:58:23.0064 3724 nvstor - ok
11:58:23.0094 3724 [ 71B6ECD3C56FBF12FB1968DA3953B703 ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
11:58:23.0104 3724 nvstor64 - ok
11:58:23.0144 3724 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
11:58:23.0174 3724 nvsvc - ok
11:58:23.0214 3724 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:58:23.0264 3724 nvUpdatusService - ok
11:58:23.0284 3724 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
11:58:23.0294 3724 nv_agp - ok
11:58:23.0354 3724 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:58:23.0364 3724 odserv - ok
11:58:23.0374 3724 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
11:58:23.0404 3724 ohci1394 - ok
11:58:23.0454 3724 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:58:23.0464 3724 ose - ok
11:58:23.0494 3724 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:58:23.0524 3724 p2pimsvc - ok
11:58:23.0564 3724 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
11:58:23.0594 3724 p2psvc - ok
11:58:23.0614 3724 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
11:58:23.0634 3724 Parport - ok
11:58:23.0644 3724 [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:58:23.0654 3724 partmgr - ok
11:58:23.0664 3724 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:58:23.0694 3724 PcaSvc - ok
11:58:23.0734 3724 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
11:58:23.0744 3724 pci - ok
11:58:23.0754 3724 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
11:58:23.0764 3724 pciide - ok
11:58:23.0784 3724 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
11:58:23.0804 3724 pcmcia - ok
11:58:23.0824 3724 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
11:58:23.0834 3724 pcw - ok
11:58:23.0934 3724 [ 98655F862BB07CFB1CCC9262DA621AE1 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
11:58:23.0974 3724 PDF Architect Helper Service - ok
11:58:24.0024 3724 [ 73406F96E946F2B38615375269EF286F ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
11:58:24.0054 3724 PDF Architect Service - ok
11:58:24.0074 3724 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:58:24.0144 3724 PEAUTH - ok
11:58:24.0194 3724 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
11:58:24.0254 3724 PeerDistSvc - ok
11:58:24.0314 3724 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:58:24.0344 3724 PerfHost - ok
11:58:24.0414 3724 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
11:58:24.0504 3724 pla - ok
11:58:24.0544 3724 [ 23157D583244400E1D7FBAEE2E4B31B7 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:58:24.0604 3724 PlugPlay - ok
11:58:24.0624 3724 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:58:24.0654 3724 PNRPAutoReg - ok
11:58:24.0694 3724 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:58:24.0704 3724 PNRPsvc - ok
11:58:24.0744 3724 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:58:24.0814 3724 PolicyAgent - ok
11:58:24.0824 3724 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
11:58:24.0864 3724 Power - ok
11:58:24.0924 3724 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:58:24.0954 3724 PptpMiniport - ok
11:58:24.0974 3724 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
11:58:25.0004 3724 Processor - ok
11:58:25.0044 3724 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\Windows\system32\profsvc.dll
11:58:25.0104 3724 ProfSvc - ok
11:58:25.0124 3724 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
11:58:25.0144 3724 ProtectedStorage - ok
11:58:25.0154 3724 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:58:25.0204 3724 Psched - ok
11:58:25.0264 3724 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
11:58:25.0314 3724 ql2300 - ok
11:58:25.0334 3724 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
11:58:25.0344 3724 ql40xx - ok
11:58:25.0364 3724 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
11:58:25.0404 3724 QWAVE - ok
11:58:25.0434 3724 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:58:25.0464 3724 QWAVEdrv - ok
11:58:25.0484 3724 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:58:25.0534 3724 RasAcd - ok
11:58:25.0574 3724 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:58:25.0614 3724 RasAgileVpn - ok
11:58:25.0624 3724 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
11:58:25.0674 3724 RasAuto - ok
11:58:25.0704 3724 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:58:25.0754 3724 Rasl2tp - ok
11:58:25.0784 3724 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
11:58:25.0844 3724 RasMan - ok
11:58:25.0864 3724 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:58:25.0914 3724 RasPppoe - ok
11:58:25.0954 3724 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:58:26.0004 3724 RasSstp - ok
11:58:26.0034 3724 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:58:26.0084 3724 rdbss - ok
11:58:26.0114 3724 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:58:26.0124 3724 rdpbus - ok
11:58:26.0134 3724 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:58:26.0164 3724 RDPCDD - ok
11:58:26.0194 3724 [ 9706B84DBABFC4B4CA46C5A82B14DFA3 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
11:58:26.0224 3724 RDPDR - ok
11:58:26.0244 3724 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:58:26.0304 3724 RDPENCDD - ok
11:58:26.0324 3724 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:58:26.0374 3724 RDPREFMP - ok
11:58:26.0414 3724 [ 074AC702D8B8B660B0E1371555995386 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:58:26.0434 3724 RDPWD - ok
11:58:26.0464 3724 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:58:26.0484 3724 rdyboost - ok
11:58:26.0504 3724 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:58:26.0554 3724 RemoteAccess - ok
11:58:26.0594 3724 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:58:26.0644 3724 RemoteRegistry - ok
11:58:26.0684 3724 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:58:26.0734 3724 RpcEptMapper - ok
11:58:26.0764 3724 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
11:58:26.0794 3724 RpcLocator - ok
11:58:26.0834 3724 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
11:58:26.0874 3724 RpcSs - ok
11:58:26.0904 3724 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:58:26.0964 3724 rspndr - ok
11:58:26.0994 3724 [ FC009873CBC12CC6D7045D803D8E8CD3 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
11:58:27.0044 3724 RSUSBSTOR - ok
11:58:27.0074 3724 [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
11:58:27.0094 3724 s3cap - ok
11:58:27.0124 3724 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\Windows\system32\lsass.exe
11:58:27.0134 3724 SamSs - ok
11:58:27.0154 3724 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
11:58:27.0164 3724 sbp2port - ok
11:58:27.0184 3724 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:58:27.0244 3724 SCardSvr - ok
11:58:27.0264 3724 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:58:27.0324 3724 scfilter - ok
11:58:27.0364 3724 [ EC56B171F85C7E855E7B0588AC503EEA ] Schedule C:\Windows\system32\schedsvc.dll
11:58:27.0424 3724 Schedule - ok
11:58:27.0444 3724 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:58:27.0484 3724 SCPolicySvc - ok
11:58:27.0504 3724 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:58:27.0534 3724 SDRSVC - ok
11:58:27.0574 3724 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:58:27.0634 3724 secdrv - ok
11:58:27.0654 3724 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
11:58:27.0694 3724 seclogon - ok
11:58:27.0724 3724 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
11:58:27.0774 3724 SENS - ok
11:58:27.0804 3724 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:58:27.0824 3724 SensrSvc - ok
11:58:27.0864 3724 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:58:27.0894 3724 Serenum - ok
11:58:27.0914 3724 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:58:27.0944 3724 Serial - ok
11:58:27.0954 3724 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
11:58:27.0964 3724 sermouse - ok
11:58:28.0004 3724 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
11:58:28.0054 3724 SessionEnv - ok
11:58:28.0084 3724 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
11:58:28.0114 3724 sffdisk - ok
11:58:28.0114 3724 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
11:58:28.0134 3724 sffp_mmc - ok
11:58:28.0144 3724 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
11:58:28.0154 3724 sffp_sd - ok
11:58:28.0164 3724 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:58:28.0174 3724 sfloppy - ok
11:58:28.0204 3724 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:58:28.0264 3724 SharedAccess - ok
11:58:28.0294 3724 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:58:28.0344 3724 ShellHWDetection - ok
11:58:28.0374 3724 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:58:28.0384 3724 SiSRaid2 - ok
11:58:28.0404 3724 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
11:58:28.0414 3724 SiSRaid4 - ok
11:58:28.0434 3724 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:58:28.0484 3724 Smb - ok
11:58:28.0524 3724 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:58:28.0554 3724 SNMPTRAP - ok
11:58:28.0574 3724 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
11:58:28.0584 3724 spldr - ok
11:58:28.0614 3724 [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler C:\Windows\System32\spoolsv.exe
11:58:28.0664 3724 Spooler - ok
11:58:28.0764 3724 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
11:58:28.0874 3724 sppsvc - ok
11:58:28.0884 3724 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:58:28.0924 3724 sppuinotify - ok
11:58:28.0964 3724 [ 43067A65522EAEC33D31A12D6FA8E3F4 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:58:29.0004 3724 srv - ok
11:58:29.0024 3724 [ 03715CF9C30B563DA35FC5F2B8F7B8E0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:58:29.0064 3724 srv2 - ok
11:58:29.0094 3724 [ FBD09635227A8026C0F7790F604343C6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:58:29.0104 3724 srvnet - ok
11:58:29.0154 3724 [ 4C26CD40C0CE9B443E9D35401B2154BA ] SrvUpdater C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe
11:58:29.0174 3724 SrvUpdater ( UnsignedFile.Multi.Generic ) - warning
11:58:29.0174 3724 SrvUpdater - detected UnsignedFile.Multi.Generic (1)
11:58:29.0214 3724 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:58:29.0264 3724 SSDPSRV - ok
11:58:29.0274 3724 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:58:29.0304 3724 SstpSvc - ok
11:58:29.0334 3724 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
11:58:29.0344 3724 stexstor - ok
11:58:29.0374 3724 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
11:58:29.0404 3724 stisvc - ok
11:58:29.0424 3724 [ FFD7A6F15B14234B5B0E5D49E7961895 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
11:58:29.0434 3724 storflt - ok
11:58:29.0454 3724 [ 8FCCBEFC5C440B3C23454656E551B09A ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
11:58:29.0464 3724 storvsc - ok
11:58:29.0474 3724 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
11:58:29.0484 3724 swenum - ok
11:58:29.0504 3724 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
11:58:29.0554 3724 swprv - ok
11:58:29.0594 3724 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
11:58:29.0674 3724 SysMain - ok
11:58:29.0684 3724 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:58:29.0714 3724 TabletInputService - ok
11:58:29.0744 3724 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
11:58:29.0794 3724 TapiSrv - ok
11:58:29.0814 3724 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
11:58:29.0874 3724 TBS - ok
11:58:29.0924 3724 [ 90A2D722CF64D911879D6C4A4F802A4D ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:58:29.0984 3724 Tcpip - ok
11:58:30.0034 3724 [ 90A2D722CF64D911879D6C4A4F802A4D ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:58:30.0074 3724 TCPIP6 - ok
11:58:30.0094 3724 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:58:30.0124 3724 tcpipreg - ok
11:58:30.0154 3724 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:58:30.0184 3724 TDPIPE - ok
11:58:30.0224 3724 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:58:30.0244 3724 TDTCP - ok
11:58:30.0284 3724 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:58:30.0334 3724 tdx - ok
11:58:30.0364 3724 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
11:58:30.0364 3724 TermDD - ok
11:58:30.0404 3724 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
11:58:30.0474 3724 TermService - ok
11:58:30.0494 3724 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
11:58:30.0514 3724 Themes - ok
11:58:30.0524 3724 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
11:58:30.0554 3724 THREADORDER - ok
11:58:30.0574 3724 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
11:58:30.0624 3724 TrkWks - ok
11:58:30.0674 3724 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:58:30.0714 3724 TrustedInstaller - ok
11:58:30.0754 3724 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:58:30.0784 3724 tssecsrv - ok
11:58:30.0874 3724 [ E8985332F611F56ADBCFF987E7D67D51 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
11:58:30.0934 3724 TuneUp.UtilitiesSvc - ok
11:58:30.0964 3724 [ 7BC3381C0713F613B31ACDE38B71CB53 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys
11:58:30.0964 3724 TuneUpUtilitiesDrv - ok
11:58:31.0004 3724 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:58:31.0054 3724 tunnel - ok
11:58:31.0084 3724 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
11:58:31.0094 3724 uagp35 - ok
11:58:31.0114 3724 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:58:31.0174 3724 udfs - ok
11:58:31.0214 3724 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:58:31.0234 3724 UI0Detect - ok
11:58:31.0254 3724 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
11:58:31.0264 3724 uliagpkx - ok
11:58:31.0284 3724 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:58:31.0314 3724 umbus - ok
11:58:31.0314 3724 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
11:58:31.0344 3724 UmPass - ok
11:58:31.0374 3724 [ AF0AC98EE5077EB844413EB54287FDE3 ] UmRdpService C:\Windows\System32\umrdp.dll
11:58:31.0394 3724 UmRdpService - ok
11:58:31.0414 3724 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
11:58:31.0474 3724 upnphost - ok
11:58:31.0504 3724 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:58:31.0544 3724 usbccgp - ok
11:58:31.0564 3724 [ C3D1D402FD39EE517E2CEEE0A937FCBA ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
11:58:31.0574 3724 usbcir - ok
11:58:31.0584 3724 [ DF9F9AFC9AAABD8ED47975D44E38169A ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:58:31.0594 3724 usbehci - ok
11:58:31.0624 3724 [ 372A91BC3C6603080A793880B0873785 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:58:31.0634 3724 usbhub - ok
11:58:31.0654 3724 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
11:58:31.0674 3724 usbohci - ok
11:58:31.0684 3724 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:58:31.0724 3724 usbprint - ok
11:58:31.0744 3724 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:58:31.0754 3724 USBSTOR - ok
11:58:31.0774 3724 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
11:58:31.0794 3724 usbuhci - ok
11:58:31.0834 3724 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
11:58:31.0864 3724 UxSms - ok
11:58:31.0904 3724 [ 0089C14DFBBEB6B3A22BE14A44A4CE1F ] UxTuneUp C:\Windows\System32\uxtuneup.dll
11:58:31.0914 3724 UxTuneUp - ok
11:58:31.0934 3724 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\Windows\system32\lsass.exe
11:58:31.0944 3724 VaultSvc - ok
11:58:31.0974 3724 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
11:58:31.0984 3724 vdrvroot - ok
11:58:32.0004 3724 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
11:58:32.0034 3724 vds - ok
11:58:32.0054 3724 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:58:32.0064 3724 vga - ok
11:58:32.0074 3724 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
11:58:32.0124 3724 VgaSave - ok
11:58:32.0134 3724 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
11:58:32.0144 3724 vhdmp - ok
11:58:32.0174 3724 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
11:58:32.0184 3724 viaide - ok
11:58:32.0194 3724 [ 1501699D7EDA984ABC4155A7DA5738D1 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
11:58:32.0214 3724 vmbus - ok
11:58:32.0234 3724 [ AE10C35761889E65A6F7176937C5592C ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
11:58:32.0264 3724 VMBusHID - ok
11:58:32.0294 3724 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
11:58:32.0304 3724 volmgr - ok
11:58:32.0314 3724 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:58:32.0334 3724 volmgrx - ok
11:58:32.0354 3724 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
11:58:32.0364 3724 volsnap - ok
11:58:32.0384 3724 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
11:58:32.0394 3724 vsmraid - ok
11:58:32.0454 3724 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
11:58:32.0514 3724 VSS - ok
11:58:32.0544 3724 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
11:58:32.0554 3724 vwifibus - ok
11:58:32.0564 3724 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
11:58:32.0604 3724 W32Time - ok
11:58:32.0624 3724 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
11:58:32.0654 3724 WacomPen - ok
11:58:32.0684 3724 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:58:32.0744 3724 WANARP - ok
11:58:32.0764 3724 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:58:32.0794 3724 Wanarpv6 - ok
11:58:32.0844 3724 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:58:32.0884 3724 WatAdminSvc - ok
11:58:32.0944 3724 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
11:58:33.0014 3724 wbengine - ok
11:58:33.0024 3724 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:58:33.0044 3724 WbioSrvc - ok
11:58:33.0054 3724 [ 8321C2CA3B62B61B293CDA3451984468 ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:58:33.0074 3724 wcncsvc - ok
11:58:33.0104 3724 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:58:33.0114 3724 WcsPlugInService - ok
11:58:33.0134 3724 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
11:58:33.0134 3724 Wd - ok
11:58:33.0164 3724 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:58:33.0194 3724 Wdf01000 - ok
11:58:33.0214 3724 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:58:33.0234 3724 WdiServiceHost - ok
11:58:33.0234 3724 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:58:33.0254 3724 WdiSystemHost - ok
11:58:33.0274 3724 [ 8A438CBB8C032A0C798B0C642FFBE572 ] WebClient C:\Windows\System32\webclnt.dll
11:58:33.0304 3724 WebClient - ok
11:58:33.0334 3724 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:58:33.0394 3724 Wecsvc - ok
11:58:33.0414 3724 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:58:33.0454 3724 wercplsupport - ok
11:58:33.0474 3724 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
11:58:33.0514 3724 WerSvc - ok
11:58:33.0534 3724 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:58:33.0574 3724 WfpLwf - ok
11:58:33.0584 3724 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:58:33.0594 3724 WIMMount - ok
11:58:33.0604 3724 WinDefend - ok
11:58:33.0614 3724 WinHttpAutoProxySvc - ok
11:58:33.0654 3724 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:58:33.0714 3724 Winmgmt - ok
11:58:33.0774 3724 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
11:58:33.0864 3724 WinRM - ok
11:58:33.0914 3724 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
11:58:33.0974 3724 Wlansvc - ok
11:58:34.0014 3724 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
11:58:34.0044 3724 WmiAcpi - ok
11:58:34.0094 3724 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:58:34.0124 3724 wmiApSrv - ok
11:58:34.0154 3724 WMPNetworkSvc - ok
11:58:34.0184 3724 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:58:34.0204 3724 WPCSvc - ok
11:58:34.0224 3724 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:58:34.0284 3724 WPDBusEnum - ok
11:58:34.0314 3724 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:58:34.0364 3724 ws2ifsl - ok
11:58:34.0394 3724 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
11:58:34.0424 3724 wscsvc - ok
11:58:34.0434 3724 WSearch - ok
11:58:34.0514 3724 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
11:58:34.0584 3724 wuauserv - ok
11:58:34.0604 3724 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:58:34.0634 3724 WudfPf - ok
11:58:34.0664 3724 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:58:34.0714 3724 WUDFRd - ok
11:58:34.0754 3724 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:58:34.0804 3724 wudfsvc - ok
11:58:34.0834 3724 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
11:58:34.0874 3724 WwanSvc - ok
11:58:34.0894 3724 ================ Scan global ===============================
11:58:34.0914 3724 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:58:34.0954 3724 [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
11:58:34.0974 3724 [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
11:58:34.0994 3724 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:58:35.0024 3724 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:58:35.0024 3724 [Global] - ok
11:58:35.0024 3724 ================ Scan MBR ==================================
11:58:35.0034 3724 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:58:35.0424 3724 \Device\Harddisk0\DR0 - ok
11:58:35.0894 3724 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk1\DR1
11:58:35.0964 3724 \Device\Harddisk1\DR1 - ok
11:58:35.0964 3724 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
11:58:36.0014 3724 \Device\Harddisk2\DR2 - ok
11:58:36.0014 3724 ================ Scan VBR ==================================
11:58:36.0014 3724 [ E8261D0D460BCC2DF790450816D4B412 ] \Device\Harddisk0\DR0\Partition1
11:58:36.0014 3724 \Device\Harddisk0\DR0\Partition1 - ok
11:58:36.0045 3724 [ 1B740B21EF491082A25858E9312537F4 ] \Device\Harddisk0\DR0\Partition2
11:58:36.0061 3724 \Device\Harddisk0\DR0\Partition2 - ok
11:58:36.0077 3724 [ 5BFEFC91B16713BF0D80FDDE6C144DDB ] \Device\Harddisk1\DR1\Partition1
11:58:36.0077 3724 \Device\Harddisk1\DR1\Partition1 - ok
11:58:36.0092 3724 [ FB743C1D5EDC0C69F06C323D613D2F16 ] \Device\Harddisk1\DR1\Partition2
11:58:36.0092 3724 \Device\Harddisk1\DR1\Partition2 - ok
11:58:36.0108 3724 [ 44D2CF768860A8B3B22F6C09762B784D ] \Device\Harddisk2\DR2\Partition1
11:58:36.0108 3724 \Device\Harddisk2\DR2\Partition1 - ok
11:58:36.0108 3724 [ DBC6A2974D61650F2724B939D19A82E7 ] \Device\Harddisk2\DR2\Partition2
11:58:36.0108 3724 \Device\Harddisk2\DR2\Partition2 - ok
11:58:36.0123 3724 [ 5919179D086E555FA089D9BE8ECB4839 ] \Device\Harddisk2\DR2\Partition3
11:58:36.0123 3724 \Device\Harddisk2\DR2\Partition3 - ok
11:58:36.0123 3724 [ 455FD7150170B6EB262D1BCA8BF43313 ] \Device\Harddisk2\DR2\Partition4
11:58:36.0123 3724 \Device\Harddisk2\DR2\Partition4 - ok
11:58:36.0123 3724 ============================================================
11:58:36.0123 3724 Scan finished
11:58:36.0123 3724 ============================================================
11:58:36.0139 3736 Detected object count: 1
11:58:36.0139 3736 Actual detected object count: 1
11:59:32.0451 3736 SrvUpdater ( UnsignedFile.Multi.Generic ) - skipped by user
11:59:32.0451 3736 SrvUpdater ( UnsignedFile.Multi.Generic ) - User select action: Skip

P.S. Frage!

Ich lese bei dem obigen Log System32 aber meine Windows7 Version ist eine 64 bit, passt denn das überhaupt zusammen/ spielt das eine Rolle?

Danke und Gruß

spaetzchen

Alt 18.01.2013, 18:12   #15
markusg
/// Malware-holic
 
Ich weiß nicht mehr weiter ... - Standard

Ich weiß nicht mehr weiter ...



hi
Frage. hat derjenige dir eine legale Windows kopie instaliert? bzw hast du die windows 7 cd vor liegen?
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Ich weiß nicht mehr weiter ...
aktiv, booten, browser, dvd, explorer, file, firefox, home, install.exe, kaspersky, monitor, neu, nicht mehr, nichts geht mehr, programme, rechner, registry, registry booster, scan, seite, seiten, tab, trojaner, virus, vista, windows, windows 7, winrar




Ähnliche Themen: Ich weiß nicht mehr weiter ...


  1. Ich weiß nicht mehr weiter :-(
    Plagegeister aller Art und deren Bekämpfung - 06.05.2014 (26)
  2. Virus? Ich weiß nicht mehr weiter
    Plagegeister aller Art und deren Bekämpfung - 04.04.2012 (30)
  3. Trojaner, ich weiß nicht mehr weiter...
    Log-Analyse und Auswertung - 30.11.2010 (7)
  4. Hilfe, ich weiß nicht mehr weiter
    Mülltonne - 08.12.2008 (3)
  5. ich weiß nicht mehr weiter =(
    Log-Analyse und Auswertung - 23.06.2008 (9)
  6. Weiß nicht mehr weiter ... Spybot `???
    Plagegeister aller Art und deren Bekämpfung - 07.02.2008 (7)
  7. Weiß nicht mehr weiter.....
    Log-Analyse und Auswertung - 11.07.2007 (5)
  8. Weiß nicht mehr weiter ...
    Log-Analyse und Auswertung - 30.04.2006 (5)
  9. Hilfe... weiß nicht mehr weiter
    Log-Analyse und Auswertung - 24.04.2006 (21)
  10. AW: Hilfe... weiß nicht mehr weiter
    Mülltonne - 24.04.2006 (0)
  11. Also ich weiß nicht mehr weiter...
    Log-Analyse und Auswertung - 12.09.2005 (18)
  12. Weiß nicht mehr weiter...
    Log-Analyse und Auswertung - 01.06.2005 (1)
  13. Weiß nicht mehr weiter
    Plagegeister aller Art und deren Bekämpfung - 23.01.2005 (5)
  14. 100% Cpu Auslastung,weiß nicht mehr weiter......!?!
    Log-Analyse und Auswertung - 23.01.2005 (12)
  15. Ich weiß doch auch nicht mehr weiter
    Plagegeister aller Art und deren Bekämpfung - 17.01.2005 (1)
  16. hilfe ich weiß nicht mehr weiter
    Plagegeister aller Art und deren Bekämpfung - 16.12.2004 (5)
  17. Ich weiß nicht mehr weiter ...
    Plagegeister aller Art und deren Bekämpfung - 21.09.2004 (7)

Zum Thema Ich weiß nicht mehr weiter ... - Hallo liebe User, was immer ich mir eingefangen habe es geht fast nichts mehr. Vermutlich einen Trojaner oder ein Virus lt. Meinung anderer Experten. Leider kann ich zu meinem Sytem - Ich weiß nicht mehr weiter ......
Archiv
Du betrachtest: Ich weiß nicht mehr weiter ... auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.