Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Bitdefender: Passwortgeschützte Objekte sind nicht zu finden

Bitdefender: Passwortgeschützte Objekte sind nicht zu finden


Log-Analyse und Auswertung: Bitdefender: Passwortgeschützte Objekte sind nicht zu finden

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Seite 2 von 4 1 2 34
Alt 02.02.2013, 15:02   #16
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bitdefender: Passwortgeschützte Objekte sind nicht zu finden - Standard

Bitdefender: Passwortgeschützte Objekte sind nicht zu finden


Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.


Erstmal eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in CODE-Tags in den Thread.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 02.02.2013, 15:31   #17
duddl
 
Bitdefender: Passwortgeschützte Objekte sind nicht zu finden - Standard

Bitdefender: Passwortgeschützte Objekte sind nicht zu finden


OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 02.02.2013 15:12:34 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Info\Downloads
 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,61 Gb Total Physical Memory | 0,88 Gb Available Physical Memory | 33,74% Memory free
5,21 Gb Paging File | 2,38 Gb Available in Paging File | 45,75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 596,07 Gb Total Space | 523,02 Gb Free Space | 87,75% Space Free | Partition Type: NTFS
 
Computer Name: ALEXANDER-HP630 | User Name: Info | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Info\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Bitdefender\Bitdefender 2013\vsserv.exe (Bitdefender)
PRC - C:\Programme\Bitdefender\Bitdefender 2013\bdagent.exe (Bitdefender)
PRC - C:\Programme\Origin\Origin.exe (Electronic Arts)
PRC - C:\Programme\Google\Update\1.3.21.124\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (Freemake)
PRC - C:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe ()
PRC - C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe (1und1 Mail und Media GmbH)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\System32\IntelCpHeciSvc.exe (Intel Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Bitdefender\Bitdefender 2013\updatesrv.exe (Bitdefender)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Programme\program\soffice.exe (OpenOffice.org)
PRC - C:\Programme\program\soffice.bin (OpenOffice.org)
PRC - C:\Programme\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Programme\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Programme\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
PRC - C:\Programme\Bluetooth Suite\BtvStack.exe (Atheros Communications)
PRC - C:\Programme\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
PRC - C:\Programme\Bluetooth Suite\AdminService.exe (Atheros Commnucations)
PRC - C:\Programme\ArcSoft\TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc.)
PRC - C:\Programme\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\Info\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.138\pepflashplayer.dll ()
MOD - C:\Users\Info\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\Info\AppData\Local\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll ()
MOD - C:\Users\Info\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll ()
MOD - C:\Users\Info\AppData\Local\Google\Chrome\Application\24.0.1312.57\libglesv2.dll ()
MOD - C:\Users\Info\AppData\Local\Google\Chrome\Application\24.0.1312.57\libegl.dll ()
MOD - C:\Users\Info\AppData\Local\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll ()
MOD - C:\Programme\Origin\tufao.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\346a7a67978cead8e2ff52c6d80bbeb7\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\500a8ae2a5d27132d87ccac9f97b0069\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\0ac577a8ad6528ff03b50db5eeeac8be\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1a66b44c4780c039576eaf18f4cd8dc\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe ()
MOD - c:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
MOD - C:\Programme\Bitdefender\Bitdefender 2013\txmlutil.dll ()
MOD - C:\Windows\System32\IccLibDll.dll ()
MOD - C:\Programme\program\libxml2.dll ()
MOD - C:\Programme\program\libxslt.dll ()
MOD - C:\Programme\Bitdefender\Bitdefender 2013\bdmetrics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\System32\msjetoledb40.dll ()
MOD - C:\Programme\ArcSoft\TotalMedia 3.5\AbilisWinUsb.dll ()
MOD - C:\Programme\ArcSoft\TotalMedia 3.5\VendorCmdRW.dll ()
MOD - C:\Programme\ArcSoft\TotalMedia 3.5\uPiApi.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (BdDesktopParental) -- C:\Programme\Bitdefender\Bitdefender 2013\bdparentalservice.exe (Bitdefender)
SRV - (VSSERV) -- C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe (Bitdefender)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (Freemake Improver) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (Freemake)
SRV - (BrowserProtect) -- C:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe ()
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (cphs) -- C:\Windows\System32\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (UPDATESRV) -- C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe (Bitdefender)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (HPWMISVC) -- C:\Programme\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.)
SRV - (IAStorDataMgrSvc) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (Atheros Bt&Wlan Coex Agent) -- C:\Programme\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
SRV - (AtherosSvc) -- C:\Programme\Bluetooth Suite\AdminService.exe (Atheros Commnucations)
SRV - (IconMan_R) -- C:\Programme\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (ZTEusbser6k) -- system32\DRIVERS\ZTEusbser6k.sys File not found
DRV - (ZTEusbnmea) -- system32\DRIVERS\ZTEusbnmea.sys File not found
DRV - (ZTEusbmdm6k) -- system32\DRIVERS\ZTEusbmdm6k.sys File not found
DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found
DRV - (tsusbhub) -- system32\drivers\tsusbhub.sys File not found
DRV - (Synth3dVsc) -- System32\drivers\synth3dvsc.sys File not found
DRV - (massfilter) -- system32\drivers\massfilter.sys File not found
DRV - (AVFSFilter) -- system32\DRIVERS\avfsfilter.sys File not found
DRV - (avckf) -- C:\Windows\System32\drivers\avckf.sys (BitDefender)
DRV - (avc3) -- C:\Windows\System32\drivers\avc3.sys (BitDefender)
DRV - (BDSandBox) -- C:\Windows\System32\drivers\bdsandbox.sys (BitDefender SRL)
DRV - (avchv) -- C:\Windows\System32\drivers\avchv.sys (BitDefender)
DRV - (trufos) -- C:\Windows\System32\drivers\trufos.sys (BitDefender S.R.L.)
DRV - (bdselfpr) -- C:\Programme\Bitdefender\Bitdefender 2013\bdselfpr.sys (BitDefender LLC)
DRV - (gzflt) -- C:\Windows\System32\drivers\gzflt.sys (BitDefender LLC)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (BdfNdisf) -- c:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys (BitDefender LLC)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Qualcomm Atheros Communications, Inc.)
DRV - (IntcDAud) -- C:\Windows\System32\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV - (bdfwfpf) -- C:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys (BitDefender LLC)
DRV - (RTL2832U_IRHID) -- C:\Windows\System32\drivers\RTL2832U_IRHID.sys (Realtek)
DRV - (RTL2832UBDA) -- C:\Windows\System32\drivers\RTL2832UBDA.sys (REALTEK SEMICONDUCTOR Corp.)
DRV - (RTL2832UUSB) -- C:\Windows\System32\drivers\RTL2832UUSB.sys (REALTEK SEMICONDUCTOR Corp.)
DRV - (BtFilter) -- C:\Windows\System32\drivers\btfilter.sys (Atheros)
DRV - (BTATH_RCP) -- C:\Windows\System32\drivers\btath_rcp.sys (Atheros)
DRV - (BTATH_A2DP) -- C:\Windows\System32\drivers\btath_a2dp.sys (Atheros)
DRV - (BTATH_HCRP) -- C:\Windows\System32\drivers\btath_hcrp.sys (Atheros)
DRV - (BTATH_LWFLT) -- C:\Windows\System32\drivers\btath_lwflt.sys (Atheros)
DRV - (AthBTPort) -- C:\Windows\System32\drivers\btath_flt.sys (Atheros)
DRV - (BTATH_BUS) -- C:\Windows\System32\drivers\btath_bus.sys (Atheros)
DRV - (RSPCIESTOR) -- C:\Windows\System32\drivers\RtsPStor.sys (Realtek Semiconductor Corp.)
DRV - (npf) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (MEI) -- C:\Windows\System32\drivers\HECI.sys (Intel Corporation)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=cd92cf51-342e-492a-8fab-a7200a248b0b&searchtype=ds&q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=484&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=0727329469794586&q={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = WEB.DE Suche - die Suchmaschine
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = SearchCompletion Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=cd92cf51-342e-492a-8fab-a7200a248b0b&searchtype=ds&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=cd92cf51-342e-492a-8fab-a7200a248b0b&searchtype=ds&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = SearchCompletion Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=cd92cf51-342e-492a-8fab-a7200a248b0b&searchtype=ds&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = SearchCompletion Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=cd92cf51-342e-492a-8fab-a7200a248b0b&searchtype=ds&q={searchTerms}
IE - HKCU\..\URLSearchHook: {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - No CLSID value found
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=cd92cf51-342e-492a-8fab-a7200a248b0b&searchtype=ds&q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&r=
IE - HKCU\..\SearchScopes\{09038620-190C-402B-A92F-18864E6AB22F}: "URL" = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.claro-search.com/?q={searchTerms}&affID=114506&tt=0113_6&babsrc=SP_clro&mntrId=2ab28cb800000000000026de2ba841cd
IE - HKCU\..\SearchScopes\{5A817CF6-92D5-4DE5-AC38-82DF8A73EF28}: "URL" = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\..\SearchScopes\{649041DE-18B4-47FD-86BD-87083B1A78B7}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2625848
IE - HKCU\..\SearchScopes\{6B1D1FB7-7233-4F7C-802C-21A1DDB12754}: "URL" = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\..\SearchScopes\{81CE708B-5104-4C62-B333-94B417473B29}: "URL" = hxxp://go.mail.com/br/ie8_search_web/?su={searchTerms}
IE - HKCU\..\SearchScopes\{86AEB91E-A7FB-4FE6-9B06-55574E9AF728}: "URL" = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
IE - HKCU\..\SearchScopes\{9961BF31-9CCC-4D28-88B7-BB30137CE397}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=33AEA8D2-0C95-4F29-9D70-B3155A83F187&apn_sauid=E46F4EB1-1B8C-45C9-ACE4-A4DEA1A35778
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=484&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=0727329469794586&q={searchTerms}
IE - HKCU\..\SearchScopes\{B0E0A740-E869-436E-8FD7-58BEA90AF721}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-flv
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin:  File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Info\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Info\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2012.12.18 16:27:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.01.26 09:58:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013.01.28 17:59:27 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{58bd07eb-0ee0-4df0-8121-dc9b693373df}: C:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension [2013.01.06 17:36:04 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.01.26 09:58:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2012.12.29 13:41:45 | 000,000,000 | ---D | M] (No name found) -- \mozilla\Firefox\extensions
[2012.12.29 13:41:45 | 000,000,000 | ---D | M] (No name found) -- \mozilla\Firefox\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}
[2013.01.10 16:51:41 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.11.17 15:23:28 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.01.10 16:51:41 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\distribution\extensions
[2013.01.10 16:51:41 | 000,000,000 | ---D | M] (WEB.DE MailCheck) -- C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de
[2013.01.26 09:58:30 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013.01.05 16:11:17 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.01.05 16:11:17 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.12.18 14:54:52 | 000,003,195 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Complitly.xml
[2013.01.05 16:11:17 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2013.01.05 16:11:17 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.01.05 15:41:40 | 000,002,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2013.01.05 16:11:17 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.01.05 16:11:17 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: Google
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: Google
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Info\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Info\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Info\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Info\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: Red Ball Jump = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkigbfemaalcamljnhhpidckcenneai\1.3_0\
CHR - Extension: Angry Birds = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: YouTube = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Angry birds = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjdhpighfhhhjpkjehlcpamdmpckhnll\1.2_0\
CHR - Extension: Google-Suche = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Bad Piggies HD = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\gokpccjacnihibhbdgjeglpgiodeolpm\3.2.4_0\
CHR - Extension: Google Mail-Checker = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Minecraft = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpgoledhpdldmmhcgfcaecodnkmoiea\0.0.0.8_0\
CHR - Extension: Doodle Jump = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\nojaabckpfdijgbnlhdlhjheiappijbp\2.3.1_0\
CHR - Extension: BrowserProtect = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\
CHR - Extension: Google Mail = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2013.01.15 15:49:14 | 000,445,034 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	全讯网,åšå½©ä¼˜æƒ*,皇å†*æ*£ç½‘cr67com,皇å†*比分,皇å†*å³æ—¶æŒ‡æ•°,太阳城代ç†112scg,tt娱ä¹åŸŽ8bc8,网上真钱娱
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	²©²Êͨ,²©²ÊÍø,½ð±¦²©188,²©²ÊͨÆÀ¼¶,°Ù¼ÒÀÖ,°ÂÃî°Ù¼ÒÀÖ
O1 - Hosts: 127.0.0.1	100sexlinks.com - Informationen zum Thema Sex links. Diese Website steht zum Verkauf!
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	1-2005-search.com
O1 - Hosts: 127.0.0.1	1-2005-search.com
O1 - Hosts: 127.0.0.1	www.123fporn.info
O1 - Hosts: 15284 more lines...
O2 - BHO: (WEB.DE Konfiguration) - {17166733-40EA-4432-A85C-AE672FF0E236} - C:\ProgramData\1und1InternetExplorerAddon\BHOXML.dll (1&1 Mail & Media GmbH)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Programme\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (WEB.DE MailCheck BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (WEB.DE MailCheck) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (WEB.DE MailCheck) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [AthBtTray] C:\Program Files\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4 - HKLM..\Run: [AtherosBtStack] C:\Program Files\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4 - HKLM..\Run: [Bdagent] C:\Programme\Bitdefender\Bitdefender 2013\bdagent.exe (Bitdefender)
O4 - HKLM..\Run: [HP Quick Launch] C:\Programme\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IAStorIcon] C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [MailCheck IE Broker] C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe (1und1 Mail und Media GmbH)
O4 - HKLM..\Run: [WEB.DE MailCheck Broker] C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe (1und1 Mail und Media GmbH)
O4 - HKCU..\Run: [EADM] C:\Program Files\Origin\Origin.exe (Electronic Arts)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Info\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - Startup: C:\Users\Info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Programme\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O8 - Extra context menu item: Free YouTube Download - C:\Users\Info\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Programme\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455}  (ExentInf Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1442A48A-A5DF-411E-9A01-E478F1A8202E}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4E70BA11-C8F2-4E5A-AE19-2A1638EC9218}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O20 - AppInit_DLLs: (c:\progra~2\browse~2\261040~1.25\{c16c1~1\browse~1.dll) - c:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a59db7fb-088d-11e2-a4a2-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a59db7fb-088d-11e2-a4a2-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.02 12:31:21 | 000,000,000 | -H-D | C] -- C:\Users\Info\Documents\Freemake_do_not_remove_this_folder634954050811576309
[2013.01.31 17:44:42 | 000,000,000 | ---D | C] -- C:\Users\Info\Documents\100_FUJI
[2013.01.31 16:32:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Dumps
[2013.01.30 18:22:34 | 000,000,000 | ---D | C] -- C:\Windows\System32\Extensions
[2013.01.30 18:22:12 | 000,000,000 | ---D | C] -- C:\Intel
[2013.01.30 18:22:12 | 000,000,000 | ---D | C] -- \Intel
[2013.01.30 17:22:13 | 000,000,000 | ---D | C] -- C:\Windows\System32\searchplugins
[2013.01.30 16:59:10 | 000,482,928 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avckf.sys
[2013.01.30 16:58:59 | 000,625,128 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avc3.sys
[2013.01.29 14:16:06 | 000,072,704 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\bdvedisk.sys
[2013.01.28 17:59:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2013
[2013.01.28 17:59:36 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging
[2013.01.28 17:59:00 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\capicom.dll
[2013.01.28 17:59:00 | 000,077,192 | ---- | C] (BitDefender LLC) -- C:\Windows\System32\drivers\BdfNdisf6.sys
[2013.01.28 17:59:00 | 000,066,392 | ---- | C] (BitDefender SRL) -- C:\Windows\System32\drivers\bdsandbox.sys
[2013.01.28 17:58:55 | 000,242,504 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avchv.sys
[2013.01.28 17:39:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Bitdefender
[2013.01.28 17:31:31 | 000,161,312 | ---- | C] (BitDefender LLC) -- C:\Windows\System32\drivers\gzflt.sys
[2013.01.28 17:31:29 | 000,343,456 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\trufos.sys
[2013.01.28 17:31:29 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2013.01.28 17:22:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2013.01.28 17:11:04 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedMaxPc
[2013.01.27 19:20:17 | 000,000,000 | -H-D | C] -- C:\Users\Info\Documents\Freemake_do_not_remove_this_folder634949112175897653
[2013.01.27 19:15:41 | 000,000,000 | ---D | C] -- C:\Users\Info\Documents\Freemake
[2013.01.26 22:05:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.01.22 15:50:57 | 000,000,000 | ---D | C] -- C:\Users\Info\Documents\FOLDER01
[2013.01.21 19:23:03 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2013.01.21 19:19:38 | 000,000,000 | ---D | C] -- C:\Users\Info\Documents\FIFA 12
[2013.01.21 17:35:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 12
[2013.01.21 16:23:40 | 000,000,000 | ---D | C] -- C:\Program Files\Origin Games
[2013.01.21 16:23:28 | 000,000,000 | ---D | C] -- C:\Users\Info\AppData\Local\Origin
[2013.01.21 16:22:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2013.01.21 16:22:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2013.01.21 16:22:34 | 000,000,000 | ---D | C] -- C:\Program Files\Origin
[2013.01.21 14:18:26 | 000,000,000 | ---D | C] -- C:\Users\Info\AppData\Local\Facebook
[2013.01.18 19:19:35 | 000,000,000 | ---D | C] -- C:\Users\Info\AppData\Local\360Amigo
[2013.01.15 14:35:06 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2013.01.14 18:21:34 | 000,000,000 | ---D | C] -- C:\ProgramData\clp
[2013.01.12 08:14:11 | 000,000,000 | -H-D | C] -- C:\Program Files\Common Files\EAInstaller
[2013.01.12 08:14:09 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2013.01.12 08:14:09 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2013.01.12 08:14:08 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2013.01.12 08:14:08 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2013.01.12 08:14:08 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2013.01.12 08:14:08 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2013.01.12 08:14:07 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2013.01.12 08:14:07 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2013.01.12 08:14:06 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2013.01.12 08:14:06 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2013.01.12 08:14:06 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2013.01.12 08:14:05 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2013.01.12 08:14:05 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2013.01.12 08:14:05 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2013.01.12 08:14:04 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2013.01.12 08:14:04 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2013.01.12 08:14:04 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2013.01.12 08:14:04 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2013.01.12 08:14:04 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2013.01.12 08:14:03 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2013.01.12 08:14:03 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2013.01.12 08:14:03 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2013.01.12 08:14:03 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2013.01.12 08:14:03 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2013.01.12 08:14:02 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2013.01.12 08:14:02 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2013.01.12 08:14:02 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2013.01.12 08:14:02 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2013.01.12 08:14:02 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2013.01.12 08:14:01 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2013.01.12 08:14:01 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2013.01.12 08:14:01 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2013.01.12 08:14:01 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2013.01.12 08:14:00 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2013.01.12 08:14:00 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2013.01.12 08:14:00 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2013.01.12 08:14:00 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2013.01.12 08:14:00 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2013.01.12 08:14:00 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2013.01.12 08:13:59 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2013.01.12 08:13:59 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2013.01.12 08:13:59 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2013.01.12 08:13:59 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2013.01.12 08:13:59 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2013.01.12 08:13:59 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2013.01.12 08:13:58 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2013.01.12 08:13:58 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2013.01.12 08:13:58 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2013.01.12 08:13:57 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2013.01.12 08:13:57 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2013.01.12 08:13:57 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2013.01.12 08:13:57 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2013.01.12 08:13:56 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2013.01.11 15:32:07 | 000,000,000 | ---D | C] -- C:\Program Files\Vodafone-Sicherheitspaket
[2013.01.11 15:31:15 | 000,000,000 | ---D | C] -- C:\ProgramData\fssg
[2013.01.11 15:29:10 | 000,000,000 | ---D | C] -- C:\ProgramData\f-secure
[2013.01.10 18:36:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
[2013.01.09 21:06:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013.01.09 18:20:18 | 000,000,000 | ---D | C] -- C:\Users\Info\AppData\Local\Electronic_Arts_Inc
[2013.01.09 15:27:51 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.01.09 15:23:42 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2013.01.09 15:23:41 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
[2013.01.08 17:11:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2013.01.06 17:36:05 | 000,000,000 | ---D | C] -- C:\Users\Info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
[2013.01.06 16:10:36 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserProtect
[2013.01.06 16:07:32 | 000,017,464 | ---- | C] (PerformerSoft LLC) -- C:\Windows\System32\roboot.exe
[2013.01.06 15:59:56 | 000,000,000 | ---D | C] -- C:\Users\Info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013.01.05 21:30:37 | 000,000,000 | ---D | C] -- C:\Macromedia
[2013.01.05 21:30:37 | 000,000,000 | ---D | C] -- \Macromedia
[2013.01.05 19:40:22 | 000,000,000 | ---D | C] -- C:\Users\Info\AppData\Local\Windows Live Writer
[2013.01.05 19:35:51 | 000,000,000 | ---D | C] -- C:\Users\Info\Tracing
[2013.01.05 19:30:56 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2013.01.05 19:30:56 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2013.01.05 19:30:56 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2013.01.05 19:30:55 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2013.01.05 19:30:22 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2013.01.05 19:28:27 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2013.01.05 19:27:44 | 000,000,000 | R--D | C] -- C:\Users\Info\SkyDrive
[2013.01.05 19:27:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SkyDrive
[2013.01.05 19:27:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive
[2013.01.05 19:25:51 | 000,000,000 | ---D | C] -- C:\Users\Info\AppData\Local\Windows Live
[2013.01.05 19:25:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2013.01.05 16:01:01 | 000,000,000 | ---D | C] -- C:\Program Files\Two Worlds Pinball
[2013.01.05 15:42:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Wincert
[2013.01.05 15:41:40 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2013.01.04 21:08:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WEB.DE MailCheck
[2013.01.04 21:07:15 | 000,000,000 | ---D | C] -- C:\ProgramData\1&1 Mail & Media GmbH
[2013.01.04 21:05:42 | 000,000,000 | ---D | C] -- C:\ProgramData\UUdb
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.02 15:07:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.02 14:51:17 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.02 14:40:46 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3437191235-2556486254-1160177188-1000UA.job
[2013.02.02 14:36:21 | 000,662,014 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.02.02 14:36:21 | 000,623,856 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.02.02 14:36:21 | 000,133,648 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.02.02 14:36:21 | 000,110,030 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.02.02 14:34:03 | 000,009,904 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.02 14:34:03 | 000,009,904 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.02 13:26:32 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3437191235-2556486254-1160177188-1000UA.job
[2013.02.02 12:40:31 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3437191235-2556486254-1160177188-1000Core.job
[2013.02.02 08:33:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.01 21:16:18 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.01 19:42:52 | 000,002,370 | ---- | M] () -- C:\Users\Info\Desktop\Google Chrome.lnk
[2013.02.01 18:42:54 | 000,107,093 | ---- | M] () -- C:\Users\Info\Documents\1359727427_1_01.xml
[2013.02.01 18:17:20 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3437191235-2556486254-1160177188-1000Core.job
[2013.01.30 20:15:23 | 000,028,507 | ---- | M] () -- C:\Users\Info\Documents\41434262.pdf
[2013.01.30 18:24:06 | 2099,662,848 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.30 16:59:10 | 000,482,928 | ---- | M] (BitDefender) -- C:\Windows\System32\drivers\avckf.sys
[2013.01.30 16:58:59 | 000,625,128 | ---- | M] (BitDefender) -- C:\Windows\System32\drivers\avc3.sys
[2013.01.30 16:56:16 | 000,066,392 | ---- | M] (BitDefender SRL) -- C:\Windows\System32\drivers\bdsandbox.sys
[2013.01.29 17:38:37 | 000,000,385 | ---- | M] () -- C:\Windows\System32\user_gensett.xml
[2013.01.29 17:16:58 | 000,000,648 | ---- | M] () -- C:\Users\Info\Desktop\Scanner and Camera Wizard.lnk
[2013.01.29 15:59:56 | 001,652,485 | ---- | M] () -- C:\Users\Info\Documents\userguide.pdf
[2013.01.29 14:16:06 | 000,072,704 | ---- | M] (BitDefender) -- C:\Windows\System32\drivers\bdvedisk.sys
[2013.01.28 18:07:16 | 001,553,496 | ---- | M] () -- C:\ProgramData\1359390656.bdinstall.bin
[2013.01.28 18:00:07 | 000,253,404 | -H-- | M] () -- C:\bdr-ld01
[2013.01.28 18:00:07 | 000,009,216 | -H-- | M] () -- C:\bdr-ld01.mbr
[2013.01.28 18:00:07 | 000,000,308 | -H-- | M] () -- C:\bdr-cf01
[2013.01.28 17:59:52 | 000,002,126 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Internet Security 2013.lnk
[2013.01.28 17:59:52 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_avchv_01009.Wdf
[2013.01.21 17:35:06 | 000,001,196 | ---- | M] () -- C:\Users\Public\Desktop\FIFA 12.lnk
[2013.01.21 16:22:37 | 000,000,941 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2013.01.20 10:48:30 | 000,009,892 | ---- | M] () -- C:\Users\Info\Documents\vodafone-codes.odt
[2013.01.19 13:57:53 | 000,000,455 | ---- | M] () -- C:\Users\Info\Documents\Dokument.rtf
[2013.01.15 18:24:57 | 000,001,264 | ---- | M] () -- C:\Users\Info\Desktop\Free YouTube Download.lnk
[2013.01.15 15:49:14 | 000,445,034 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20130116-173755.backup
[2013.01.15 15:49:14 | 000,445,034 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013.01.14 15:49:25 | 000,059,392 | R--- | M] () -- C:\Windows\System32\streamhlp.dll
[2013.01.13 12:56:09 | 000,000,017 | ---- | M] () -- C:\Users\Info\AppData\Local\resmon.resmoncfg
[2013.01.13 10:14:00 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.01.13 10:14:00 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.01.12 11:59:28 | 000,000,820 | ---- | M] () -- C:\Windows\wininit.ini
[2013.01.10 18:30:58 | 000,002,324 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013.01.10 16:52:21 | 000,001,109 | ---- | M] () -- C:\Users\Info\Desktop\Mozilla Firefox.lnk
[2013.01.09 21:06:08 | 000,002,170 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013.01.09 15:40:12 | 000,320,432 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.01.09 15:37:39 | 000,008,489 | ---- | M] () -- C:\Users\Info\Documents\Noch zu erledigen.odt
[2013.01.06 16:12:59 | 000,001,133 | ---- | M] () -- C:\Users\Info\Desktop\Pinball.lnk
[2013.01.05 19:32:40 | 000,000,020 | ---- | M] () -- C:\Windows\¤óœ
 
========== Files Created - No Company Name ==========
 
[2013.02.01 18:45:06 | 000,107,093 | ---- | C] () -- C:\Users\Info\Documents\1359727427_1_01.xml
[2013.01.30 20:15:20 | 000,028,507 | ---- | C] () -- C:\Users\Info\Documents\41434262.pdf
[2013.01.29 17:38:37 | 000,000,385 | ---- | C] () -- C:\Windows\System32\user_gensett.xml
[2013.01.29 17:17:59 | 000,000,648 | ---- | C] () -- C:\Users\Info\Desktop\Scanner and Camera Wizard.lnk
[2013.01.29 15:59:53 | 001,652,485 | ---- | C] () -- C:\Users\Info\Documents\userguide.pdf
[2013.01.28 18:07:16 | 001,553,496 | ---- | C] () -- C:\ProgramData\1359390656.bdinstall.bin
[2013.01.28 18:00:07 | 000,000,308 | -H-- | C] () -- C:\bdr-cf01
[2013.01.28 18:00:07 | 000,000,308 | -H-- | C] () -- \bdr-cf01
[2013.01.28 17:59:52 | 000,002,126 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Internet Security 2013.lnk
[2013.01.28 17:59:52 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_avchv_01009.Wdf
[2013.01.28 17:39:30 | 035,184,777 | -H-- | C] () -- C:\bdr-im01.gz
[2013.01.28 17:39:30 | 035,184,777 | -H-- | C] () -- \bdr-im01.gz
[2013.01.28 17:39:30 | 002,294,848 | -H-- | C] () -- C:\bdr-bz01
[2013.01.28 17:39:30 | 002,294,848 | -H-- | C] () -- \bdr-bz01
[2013.01.28 17:39:30 | 000,253,404 | -H-- | C] () -- C:\bdr-ld01
[2013.01.28 17:39:30 | 000,253,404 | -H-- | C] () -- \bdr-ld01
[2013.01.28 17:39:30 | 000,009,216 | -H-- | C] () -- C:\bdr-ld01.mbr
[2013.01.28 17:39:30 | 000,009,216 | -H-- | C] () -- \bdr-ld01.mbr
[2013.01.21 17:35:06 | 000,001,196 | ---- | C] () -- C:\Users\Public\Desktop\FIFA 12.lnk
[2013.01.21 16:22:37 | 000,000,941 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2013.01.20 10:48:26 | 000,009,892 | ---- | C] () -- C:\Users\Info\Documents\vodafone-codes.odt
[2013.01.19 13:57:53 | 000,000,455 | ---- | C] () -- C:\Users\Info\Documents\Dokument.rtf
[2013.01.15 18:24:57 | 000,001,264 | ---- | C] () -- C:\Users\Info\Desktop\Free YouTube Download.lnk
[2013.01.14 15:49:03 | 000,059,392 | R--- | C] () -- C:\Windows\System32\streamhlp.dll
[2013.01.13 12:56:09 | 000,000,017 | ---- | C] () -- C:\Users\Info\AppData\Local\resmon.resmoncfg
[2013.01.10 18:30:58 | 000,002,324 | ---- | C] () -- C:\Windows\epplauncher.mif
[2013.01.10 16:51:58 | 000,001,109 | ---- | C] () -- C:\Users\Info\Desktop\Mozilla Firefox.lnk
[2013.01.10 16:51:52 | 000,001,121 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.01.09 21:06:08 | 000,002,170 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013.01.09 20:46:10 | 000,001,094 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.09 20:46:10 | 000,001,090 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.06 15:59:56 | 000,001,133 | ---- | C] () -- C:\Users\Info\Desktop\Pinball.lnk
[2013.01.05 19:32:39 | 000,000,020 | ---- | C] () -- C:\Windows\¤óœ
[2013.01.01 14:37:00 | 005,746,780 | ---- | C] ( ) -- C:\Windows\System32\RTKISDBT.dll
[2012.12.29 19:05:53 | 000,000,820 | ---- | C] () -- C:\Windows\wininit.ini
[2012.12.18 14:54:52 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS
[2012.12.18 14:54:52 | 000,000,000 | RHS- | C] () -- \IO.SYS
[2012.12.14 02:02:20 | 000,064,512 | ---- | C] () -- C:\Windows\System32\igdde32.dll
[2012.12.14 02:02:20 | 000,009,728 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2012.12.14 02:02:20 | 000,000,268 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2012.11.17 16:39:51 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2012.10.22 17:40:04 | 000,272,928 | ---- | C] () -- C:\Windows\System32\igvpkrng600.bin
[2012.10.22 17:39:46 | 000,963,452 | ---- | C] () -- C:\Windows\System32\igcodeckrng600.bin
[2012.10.22 17:39:44 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll
[2012.10.03 17:15:43 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2012.10.03 17:14:43 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012.09.29 10:40:45 | 000,000,557 | ---- | C] () -- \NetworkCfg.xml
[2012.09.27 11:25:26 | 2099,662,848 | -HS- | C] () -- \hiberfil.sys
[2012.08.13 10:08:08 | 000,014,217 | ---- | C] () -- C:\Program Files\readme.html
[2012.07.27 21:47:36 | 000,159,232 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2012.05.08 13:15:36 | 000,000,005 | ---- | C] () -- C:\Program Files\basis-link
[2011.09.15 02:11:16 | 001,048,576 | ---- | C] () -- C:\Windows\System32\syndata.bin
[2011.08.17 06:48:34 | 000,262,080 | ---- | C] () -- C:\Windows\System32\SynPS2.bin
[2011.05.09 17:19:48 | 000,246,804 | ---- | C] () -- C:\Windows\System32\drivers\AtherosBt.bin
[2011.02.11 22:23:34 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2009.07.14 03:04:04 | 000,000,024 | ---- | C] () -- \autoexec.bat
[2009.07.14 03:04:04 | 000,000,010 | ---- | C] () -- \config.sys
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
--- --- ---


Code:
ATTFilter
OTL Extras logfile created on: 02.02.2013 15:35:44 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Info\Downloads
 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,61 Gb Total Physical Memory | 0,97 Gb Available Physical Memory | 37,13% Memory free
5,21 Gb Paging File | 2,60 Gb Available in Paging File | 49,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 596,07 Gb Total Space | 523,02 Gb Free Space | 87,75% Space Free | Partition Type: NTFS
 
Computer Name: ALEXANDER-HP630 | User Name: Info | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found
.js [@ = JSFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1"
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistApplianMP] -- "C:\Program Files\Applian Technologies\Applian FLV and Media Player\amp.exe" -I skins2 --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithApplianMP] -- "C:\Program Files\Applian Technologies\Applian FLV and Media Player\amp.exe" -I skins2 --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01DBE142-27E9-4773-A0CD-B304003A5DF7}" = lport=137 | protocol=17 | dir=in | app=system | 
"{12F58715-4624-4FD1-B010-BDBB1E7B080E}" = rport=137 | protocol=17 | dir=out | app=system | 
"{1D2089B8-89D0-4BA7-A5B4-8F155E15D214}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{32A2271E-7150-4DA8-8C6D-BEE0170453F2}" = lport=138 | protocol=17 | dir=in | app=system | 
"{37CFFEA8-E16F-43E4-BF1A-F88551A92DE4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{39748B89-9815-4550-B841-532E2154ACF6}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{3D59763D-1ED3-4C74-BDFA-8A8FCC9FC525}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{3EB7CAEB-87BB-4EA0-B067-ACC73089BC53}" = rport=139 | protocol=6 | dir=out | app=system | 
"{4361BAA7-7834-412A-9E44-1BA065BD74E0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{4839B456-FDA6-4BEB-8D20-3376989267D7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{49BABFCE-DC11-4F95-ACBC-9C8BE5EDC36D}" = lport=139 | protocol=6 | dir=in | app=system | 
"{4DE142EE-3AC5-4683-A93D-73C964D0A799}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{56A0396B-6F40-4055-A5C3-5063299FB17E}" = rport=138 | protocol=17 | dir=out | app=system | 
"{66F5B08D-0A57-46B4-AA17-F10C3C22F759}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{8C8F29E3-63A1-4816-81E5-EE4150655CFB}" = lport=445 | protocol=6 | dir=in | app=system | 
"{90695147-1B32-4BF1-929C-80FA22015799}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{A86F6B4F-9E54-4DB3-AA76-A0A683C3E610}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{AFC82FD5-38F0-4F3E-9E7D-057741979768}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{C4066647-0930-4F92-AED6-7BFA6D998905}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{EAB4A630-A4D2-4BD4-8678-B51E957BE3FC}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{EFE6FD3C-175A-4490-963E-25D99B7C8EA2}" = rport=445 | protocol=6 | dir=out | app=system | 
"{F5167275-B910-4332-8B20-73F7A0B8BBCF}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{FFA4C39C-5201-4494-9C67-A43E86E58075}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06D07C9B-2AD0-4369-AB48-298D5D18296B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{0AF7B335-6CF4-4D3E-8667-438F4A4EADDA}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{0EF11821-6B20-4B64-B16D-78286893BD9C}" = protocol=6 | dir=in | app=c:\program files\origin games\fifa 12\game\fifa.exe | 
"{1253855C-B82A-4533-A923-299F385CEE73}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{15EA55BC-0D82-4443-B1D0-D1D174C8B98A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{22426AD1-EBC0-4797-9212-938F2CC1C28B}" = protocol=17 | dir=in | app=c:\program files\origin games\fifa 12\game\fifa.exe | 
"{3367344A-00FA-45DB-846E-477E214F9D96}" = protocol=17 | dir=in | app=c:\program files\arcsoft\totalmedia 3.5\totalmedia.exe | 
"{36C659E4-9313-4E22-A9CA-B5B3FE55F6F6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{47A7770A-CDF0-42BE-B810-BC82EC215190}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{4CF43D84-0084-43ED-B110-3D63EDF671BC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{4E9C997D-58B2-4974-9A3B-5B3FBC9FBDDD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{56C412F1-E835-4D39-900E-6D379181359B}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{5E76D313-567F-495F-8B8C-24A65DD02DA5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{6156A7B9-18E4-4FF5-AF53-F97D16C2D1AF}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{664CA150-E671-4567-90EC-299E6D3B4035}" = protocol=6 | dir=out | app=system | 
"{80C8EE46-FD19-483A-B00E-A9CCE3000760}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{8CC52C5F-AA3B-41D7-A1B7-203AA9B2C047}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{94D74F6B-79F1-46DB-A69A-A8B39BE3639D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{AB6B0AAB-C44F-418A-969C-D4712E88839F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{ACE84729-F7CE-40F2-BBFE-1E21659DB267}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{C748BC4C-7AC6-484E-BB5E-5A0AB2B16430}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C95F78A8-49C0-44EC-99C4-940067C828E7}" = protocol=6 | dir=in | app=c:\program files\arcsoft\totalmedia 3.5\totalmedia.exe | 
"{DAD0094F-D544-4CED-A3C4-ECC5FD4C9F36}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{E72A7411-CB21-440F-B894-74A43100BFD3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{E9182B6C-9065-48DF-8991-4E7BE3001FE6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{101A497C-7EF6-4001-834D-E5FA1C70FEFA}" = Bluetooth Win7 Suite
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = BrowserProtect
"{1B6C0E95-182C-48E0-9C4B-4F916308249C}" = iTunes
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{2C26B97F-698E-4E04-B398-8203B147859B}_is1" = TOPP Vorlagen-Druckstudio (5156)
"{33FFD86B-569C-9E8D-6659-A1F84D07CAD0}" = AMD Catalyst Install Manager
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53B17A98-5BF0-40BC-AAFF-850A357975AC}" = HP Quick Launch
"{6F545E5E-4595-11E2-93B6-B8AC6F97B88E}" = Google Earth
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74292F90-895A-4FC6-A692-9641532B1B63}" = ArcSoft TotalMedia 3.5
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Deutsch
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BBBA20E0-D9F3-4C6F-83AC-D66EFC0BFA93}" = Silicon Laboratories CP210x VCP Drivers for Windows 2000/XP/2003 Server/Vista
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{DDBB7C89-1A09-441E-AA0F-6AA465755C17}" = REALTEK DTV USB DEVICE
"{E2E7A0E8-77C4-495F-8FA3-63DAEDAA2DB3}" = F-Secure PSC Prerequisites
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}" = FIFA 12
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"1&1 Mail & Media GmbH 1und1InternetExplorerAddon" = WEB.DE Internet Explorer Addon
"1&1 Mail & Media GmbH 1und1Softwareaktualisierung" = WEB.DE Softwareaktualisierung
"1&1 Mail & Media GmbH Toolbar FF" = WEB.DE MailCheck für Mozilla Firefox
"1&1 Mail & Media GmbH Toolbar IE8" = WEB.DE MailCheck für Internet Explorer
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Applian FLV and Media Player" = Applian FLV and Media Player 3.1.1.12
"Bitdefender" = Bitdefender Internet Security 2013
"Complitly_is1" = Complitly
"Finale NotePad 2012" = Finale NotePad 2012
"Free YouTube Download_is1" = Free YouTube Download version 3.1.42.1212
"Freemake Video Converter_is1" = Freemake Video Converter Version 3.2.0
"freeocr_is1" = FreeOCR v4.2
"LOGO!Soft Comfort V6.1" = LOGO!Soft Comfort V6.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 18.0.1 (x86 de)" = Mozilla Firefox 18.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Origin" = Origin
"SLABCOMM&10C4&EA60" = Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
"SynTPDeinstKey" = Synaptics TouchPad Driver
"Two Worlds Pinball" = Two Worlds Pinball
"WinPcapInst" = WinPcap 4.1.2
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3437191235-2556486254-1160177188-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 27.01.2013 05:09:14 | Computer Name = Alexander-HP630 | Source = Winlogon | ID = 4103
Description = Fehler bei der Windows-Lizenzaktivierung. Fehler 0x00000000.
 
Error - 28.01.2013 09:10:26 | Computer Name = Alexander-HP630 | Source = Windows Backup | ID = 4104
Description = 
 
Error - 28.01.2013 12:28:15 | Computer Name = Alexander-HP630 | Source = Winlogon | ID = 4103
Description = Fehler bei der Windows-Lizenzaktivierung. Fehler 0x00000000.
 
Error - 28.01.2013 12:57:40 | Computer Name = Alexander-HP630 | Source = Software Protection Platform Service | ID = 8193
Description = Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005
 
Error - 29.01.2013 11:29:17 | Computer Name = Alexander-HP630 | Source = Google Update | ID = 20
Description = 
 
Error - 29.01.2013 12:38:50 | Computer Name = Alexander-HP630 | Source = Winlogon | ID = 4103
Description = Fehler bei der Windows-Lizenzaktivierung. Fehler 0x00000000.
 
Error - 30.01.2013 11:24:07 | Computer Name = Alexander-HP630 | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Die Anwendung oder der Dienst "Windows-Explorer" konnte nicht heruntergefahren
 werden.
 
Error - 30.01.2013 12:24:04 | Computer Name = Alexander-HP630 | Source = Winlogon | ID = 4103
Description = Fehler bei der Windows-Lizenzaktivierung. Fehler 0x00000000.
 
Error - 30.01.2013 12:25:24 | Computer Name = Alexander-HP630 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: HPWMISVC.exe, Version: 2.7.1.0, Zeitstempel:
 0x4f544fe9  Name des fehlerhaften Moduls: OLEAUT32.dll, Version: 6.1.7601.17676, 
Zeitstempel: 0x4e58702a  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00004660  ID des fehlerhaften
 Prozesses: 0xa04  Startzeit der fehlerhaften Anwendung: 0x01cdff063bd5a110  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\system32\OLEAUT32.dll  Berichtskennung: a5876286-6af9-11e2-9238-e4115bf9b2f0
 
Error - 30.01.2013 13:24:41 | Computer Name = Alexander-HP630 | Source = Winlogon | ID = 4103
Description = Fehler bei der Windows-Lizenzaktivierung. Fehler 0x00000000.
 
[ Media Center Events ]
Error - 03.12.2012 14:10:35 | Computer Name = Alexander-PC | Source = MCUpdate | ID = 0
Description = 19:10:35 - Fehler beim Herstellen der Internetverbindung.  19:10:35 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 03.12.2012 14:10:44 | Computer Name = Alexander-PC | Source = MCUpdate | ID = 0
Description = 19:10:40 - Fehler beim Herstellen der Internetverbindung.  19:10:40 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 04.12.2012 09:37:39 | Computer Name = Alexander-PC | Source = MCUpdate | ID = 0
Description = 14:37:39 - Fehler beim Herstellen der Internetverbindung.  14:37:39 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 04.12.2012 09:37:47 | Computer Name = Alexander-PC | Source = MCUpdate | ID = 0
Description = 14:37:44 - Fehler beim Herstellen der Internetverbindung.  14:37:44 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 05.12.2012 12:09:49 | Computer Name = Alexander-PC | Source = MCUpdate | ID = 0
Description = 17:09:49 - Directory konnte nicht abgerufen werden (Fehler: Timeout
 für Vorgang überschritten)  
 
Error - 06.12.2012 11:54:39 | Computer Name = Alexander-PC | Source = MCUpdate | ID = 0
Description = 16:54:39 - Fehler beim Herstellen der Internetverbindung.  16:54:39 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 06.12.2012 11:54:48 | Computer Name = Alexander-PC | Source = MCUpdate | ID = 0
Description = 16:54:44 - Fehler beim Herstellen der Internetverbindung.  16:54:44 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 14.12.2012 10:40:37 | Computer Name = Alexander-PC | Source = MCUpdate | ID = 0
Description = 15:40:37 - Fehler beim Herstellen der Internetverbindung.  15:40:37 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 14.12.2012 10:40:47 | Computer Name = Alexander-PC | Source = MCUpdate | ID = 0
Description = 15:40:43 - Fehler beim Herstellen der Internetverbindung.  15:40:43 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 15.12.2012 15:52:47 | Computer Name = Alexander-PC | Source = MCUpdate | ID = 0
Description = 20:52:47 - Fehler beim Herstellen der Internetverbindung.  20:52:47 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ System Events ]
Error - 29.01.2013 13:24:44 | Computer Name = Alexander-HP630 | Source = DCOM | ID = 10010
Description = 
 
Error - 30.01.2013 09:40:27 | Computer Name = Alexander-HP630 | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst lmhosts erreicht.
 
Error - 30.01.2013 09:40:27 | Computer Name = Alexander-HP630 | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst IPBusEnum erreicht.
 
Error - 30.01.2013 09:41:37 | Computer Name = Alexander-HP630 | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
 und wird nicht verwendet. Der Treiber wurde entladen.
 
Error - 30.01.2013 10:17:43 | Computer Name = Alexander-HP630 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "TuneUp Designerweiterung" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1083
 
Error - 30.01.2013 12:24:44 | Computer Name = Alexander-HP630 | Source = bowser | ID = 8003
Description = 
 
Error - 30.01.2013 12:24:56 | Computer Name = Alexander-HP630 | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst HPWMISVC erreicht.
 
Error - 30.01.2013 12:25:47 | Computer Name = Alexander-HP630 | Source = WMPNetworkSvc | ID = 866306
Description = 
 
Error - 30.01.2013 12:25:48 | Computer Name = Alexander-HP630 | Source = WMPNetworkSvc | ID = 866306
Description = 
 
Error - 30.01.2013 12:25:47 | Computer Name = Alexander-HP630 | Source = Service Control Manager | ID = 7034
Description = Dienst "HPWMISVC" wurde unerwartet beendet. Dies ist bereits 1 Mal
 passiert.
 
 
< End of report >
__________________
Alt 02.02.2013, 15:48   #18
duddl
 
Bitdefender: Passwortgeschützte Objekte sind nicht zu finden - Standard

Bitdefender: Passwortgeschützte Objekte sind nicht zu finden


Code:
ATTFilter
OTL logfile created on: 02.02.2013 15:35:44 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Info\Downloads
 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,61 Gb Total Physical Memory | 0,97 Gb Available Physical Memory | 37,13% Memory free
5,21 Gb Paging File | 2,60 Gb Available in Paging File | 49,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 596,07 Gb Total Space | 523,02 Gb Free Space | 87,75% Space Free | Partition Type: NTFS
 
Computer Name: ALEXANDER-HP630 | User Name: Info | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.02.02 15:10:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Info\Downloads\OTL.exe
PRC - [2013.01.30 16:58:47 | 001,343,472 | ---- | M] (Bitdefender) -- C:\Programme\Bitdefender\Bitdefender 2013\vsserv.exe
PRC - [2013.01.30 16:57:44 | 001,615,368 | ---- | M] (Bitdefender) -- C:\Programme\Bitdefender\Bitdefender 2013\bdagent.exe
PRC - [2013.01.25 19:57:46 | 003,494,992 | ---- | M] (Electronic Arts) -- C:\Programme\Origin\Origin.exe
PRC - [2013.01.09 20:46:08 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Programme\Google\Update\1.3.21.124\GoogleCrashHandler.exe
PRC - [2012.12.28 11:40:08 | 000,101,376 | ---- | M] (Freemake) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
PRC - [2012.12.25 09:53:30 | 002,547,816 | ---- | M] () -- C:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
PRC - [2012.12.21 10:15:42 | 001,463,000 | ---- | M] (1und1 Mail und Media GmbH) -- C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe
PRC - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.12.14 02:02:14 | 000,277,616 | ---- | M] (Intel Corporation) -- C:\Windows\System32\IntelCpHeciSvc.exe
PRC - [2012.11.23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012.11.13 19:32:27 | 000,055,544 | ---- | M] (Bitdefender) -- C:\Programme\Bitdefender\Bitdefender 2013\updatesrv.exe
PRC - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.08.13 10:08:08 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Programme\program\soffice.exe
PRC - [2012.08.13 10:08:08 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Programme\program\soffice.bin
PRC - [2012.03.05 12:38:38 | 000,578,944 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Programme\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2012.03.05 12:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Programme\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2011.05.20 09:10:26 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.05.20 09:10:12 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011.05.09 17:28:38 | 000,146,592 | ---- | M] (Atheros) -- C:\Programme\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011.05.09 17:27:12 | 000,498,848 | ---- | M] (Atheros Communications) -- C:\Programme\Bluetooth Suite\BtvStack.exe
PRC - [2011.05.09 17:27:08 | 000,302,240 | ---- | M] (Atheros Commnucations) -- C:\Programme\Bluetooth Suite\AthBtTray.exe
PRC - [2011.05.09 17:27:06 | 000,076,960 | ---- | M] (Atheros Commnucations) -- C:\Programme\Bluetooth Suite\AdminService.exe
PRC - [2011.04.19 15:03:52 | 000,268,864 | ---- | M] (ArcSoft, Inc.) -- C:\Programme\ArcSoft\TotalMedia 3.5\TMMonitor.exe
PRC - [2010.12.27 15:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Programme\Realtek\Realtek PCIE Card Reader\RIconMan.exe
PRC - [2010.11.20 13:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 13:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.03.18 11:19:26 | 000,207,360 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.02.02 09:46:09 | 012,459,888 | ---- | M] () -- C:\Users\Info\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.138\pepflashplayer.dll
MOD - [2013.01.26 03:35:06 | 000,460,240 | ---- | M] () -- C:\Users\Info\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
MOD - [2013.01.26 03:35:05 | 012,459,472 | ---- | M] () -- C:\Users\Info\AppData\Local\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll
MOD - [2013.01.26 03:35:04 | 004,012,496 | ---- | M] () -- C:\Users\Info\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll
MOD - [2013.01.26 03:34:19 | 000,597,968 | ---- | M] () -- C:\Users\Info\AppData\Local\Google\Chrome\Application\24.0.1312.57\libglesv2.dll
MOD - [2013.01.26 03:34:18 | 000,124,368 | ---- | M] () -- C:\Users\Info\AppData\Local\Google\Chrome\Application\24.0.1312.57\libegl.dll
MOD - [2013.01.26 03:34:16 | 001,552,848 | ---- | M] () -- C:\Users\Info\AppData\Local\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll
MOD - [2013.01.25 19:57:56 | 000,062,976 | ---- | M] () -- C:\Programme\Origin\tufao.dll
MOD - [2013.01.09 16:06:10 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\346a7a67978cead8e2ff52c6d80bbeb7\IAStorUtil.ni.dll
MOD - [2013.01.09 16:06:10 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\500a8ae2a5d27132d87ccac9f97b0069\IAStorCommon.ni.dll
MOD - [2013.01.09 15:45:05 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\0ac577a8ad6528ff03b50db5eeeac8be\System.Web.ni.dll
MOD - [2013.01.09 15:44:49 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013.01.09 15:43:57 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll
MOD - [2013.01.09 15:43:44 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.01.09 15:43:16 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013.01.09 15:43:03 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1a66b44c4780c039576eaf18f4cd8dc\System.Xml.ni.dll
MOD - [2013.01.09 15:42:54 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013.01.09 15:42:52 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.01.09 15:42:04 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012.12.25 09:53:30 | 002,547,816 | ---- | M] () -- C:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
MOD - [2012.12.25 09:51:45 | 002,202,728 | ---- | M] () -- c:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll
MOD - [2012.11.13 19:13:19 | 000,203,840 | ---- | M] () -- C:\Programme\Bitdefender\Bitdefender 2013\txmlutil.dll
MOD - [2012.10.22 17:39:44 | 000,094,208 | ---- | M] () -- C:\Windows\System32\IccLibDll.dll
MOD - [2012.08.10 15:51:32 | 000,985,088 | ---- | M] () -- C:\Programme\program\libxml2.dll
MOD - [2012.08.10 15:50:56 | 000,170,496 | ---- | M] () -- C:\Programme\program\libxslt.dll
MOD - [2012.04.27 15:08:08 | 000,092,600 | ---- | M] () -- C:\Programme\Bitdefender\Bitdefender 2013\bdmetrics.dll
MOD - [2010.11.13 01:02:21 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.07.14 02:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\System32\msjetoledb40.dll
MOD - [2008.11.26 16:59:32 | 000,131,584 | ---- | M] () -- C:\Programme\ArcSoft\TotalMedia 3.5\AbilisWinUsb.dll
MOD - [2008.10.22 16:01:00 | 000,200,704 | ---- | M] () -- C:\Programme\ArcSoft\TotalMedia 3.5\VendorCmdRW.dll
MOD - [2007.04.19 09:33:00 | 000,035,584 | ---- | M] () -- C:\Programme\ArcSoft\TotalMedia 3.5\uPiApi.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2013.01.30 16:59:25 | 000,062,688 | ---- | M] (Bitdefender) [Disabled | Stopped] -- C:\Programme\Bitdefender\Bitdefender 2013\bdparentalservice.exe -- (BdDesktopParental)
SRV - [2013.01.30 16:58:47 | 001,343,472 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe -- (VSSERV)
SRV - [2013.01.26 09:58:29 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.01.13 10:14:03 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.01.10 18:36:17 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012.12.28 11:40:08 | 000,101,376 | ---- | M] (Freemake) [Auto | Running] -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver)
SRV - [2012.12.25 09:53:30 | 002,547,816 | ---- | M] () [Auto | Running] -- C:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -- (BrowserProtect)
SRV - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.12.14 02:02:14 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Windows\System32\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.11.13 19:32:27 | 000,055,544 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe -- (UPDATESRV)
SRV - [2012.11.09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.03.05 12:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2011.05.20 09:10:26 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011.05.09 17:28:38 | 000,146,592 | ---- | M] (Atheros) [Auto | Running] -- C:\Programme\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011.05.09 17:27:06 | 000,076,960 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Programme\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2010.12.27 15:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Programme\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2010.11.20 13:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\massfilter.sys -- (massfilter)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\avfsfilter.sys -- (AVFSFilter)
DRV - [2013.01.30 16:59:10 | 000,482,928 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\avckf.sys -- (avckf)
DRV - [2013.01.30 16:58:59 | 000,625,128 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avc3.sys -- (avc3)
DRV - [2013.01.30 16:56:16 | 000,066,392 | ---- | M] (BitDefender SRL) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\bdsandbox.sys -- (BDSandBox)
DRV - [2012.11.02 13:17:14 | 000,242,504 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avchv.sys -- (avchv)
DRV - [2012.10.31 12:13:10 | 000,343,456 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\trufos.sys -- (trufos)
DRV - [2012.10.02 11:31:18 | 000,134,136 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Programme\Bitdefender\Bitdefender 2013\bdselfpr.sys -- (bdselfpr)
DRV - [2012.08.29 17:24:08 | 000,161,312 | ---- | M] (BitDefender LLC) [File_System | Boot | Running] -- C:\Windows\System32\drivers\gzflt.sys -- (gzflt)
DRV - [2012.08.27 14:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2012.07.06 14:13:12 | 000,077,192 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- c:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys -- (BdfNdisf)
DRV - [2012.06.20 09:43:02 | 002,957,312 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2012.06.19 07:39:10 | 000,289,792 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud)
DRV - [2011.11.14 19:16:27 | 000,090,704 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV - [2011.06.13 13:06:10 | 000,042,728 | ---- | M] (Realtek) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTL2832U_IRHID.sys -- (RTL2832U_IRHID)
DRV - [2011.05.17 14:48:22 | 000,188,520 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTL2832UBDA.sys -- (RTL2832UBDA)
DRV - [2011.05.17 14:48:22 | 000,032,872 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTL2832UUSB.sys -- (RTL2832UUSB)
DRV - [2011.05.09 17:27:18 | 000,243,872 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btfilter.sys -- (BtFilter)
DRV - [2011.05.09 17:27:18 | 000,141,088 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV - [2011.05.09 17:27:16 | 000,259,232 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV - [2011.05.09 17:27:16 | 000,175,776 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV - [2011.05.09 17:27:16 | 000,049,312 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV - [2011.05.09 17:27:16 | 000,034,976 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btath_flt.sys -- (AthBTPort)
DRV - [2011.05.09 17:27:16 | 000,024,736 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btath_bus.sys -- (BTATH_BUS)
DRV - [2011.02.15 10:37:10 | 000,251,496 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV - [2011.02.11 22:23:34 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (npf)
DRV - [2010.11.20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.10.19 22:33:40 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (MEI)
DRV - [2009.07.14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2005.02.23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)
 
 
========== Standard Registry (All) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=cd92cf51-342e-492a-8fab-a7200a248b0b&searchtype=ds&q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=484&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=0727329469794586&q={searchTerms}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
 
IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
 
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://google.com/
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.web.de/br/ie9_startpage
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.searchcompletion.com/?si=10195&home=1
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=cd92cf51-342e-492a-8fab-a7200a248b0b&searchtype=ds&q={searchTerms}
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=cd92cf51-342e-492a-8fab-a7200a248b0b&searchtype=ds&q={searchTerms}
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.searchcompletion.com/?si=10195&home=1
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=cd92cf51-342e-492a-8fab-a7200a248b0b&searchtype=ds&q={searchTerms}
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = hxxp://search.searchcompletion.com/?si=10195&home=1
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=cd92cf51-342e-492a-8fab-a7200a248b0b&searchtype=ds&q={searchTerms}
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\URLSearchHook: {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - No CLSID value found
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=cd92cf51-342e-492a-8fab-a7200a248b0b&searchtype=ds&q={searchTerms}
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&r=
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\SearchScopes\{09038620-190C-402B-A92F-18864E6AB22F}: "URL" = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.claro-search.com/?q={searchTerms}&affID=114506&tt=0113_6&babsrc=SP_clro&mntrId=2ab28cb800000000000026de2ba841cd
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\SearchScopes\{5A817CF6-92D5-4DE5-AC38-82DF8A73EF28}: "URL" = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\SearchScopes\{649041DE-18B4-47FD-86BD-87083B1A78B7}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2625848
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\SearchScopes\{6B1D1FB7-7233-4F7C-802C-21A1DDB12754}: "URL" = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\SearchScopes\{81CE708B-5104-4C62-B333-94B417473B29}: "URL" = hxxp://go.mail.com/br/ie8_search_web/?su={searchTerms}
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\SearchScopes\{86AEB91E-A7FB-4FE6-9B06-55574E9AF728}: "URL" = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\SearchScopes\{9961BF31-9CCC-4D28-88B7-BB30137CE397}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=33AEA8D2-0C95-4F29-9D70-B3155A83F187&apn_sauid=E46F4EB1-1B8C-45C9-ACE4-A4DEA1A35778
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=484&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=0727329469794586&q={searchTerms}
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\SearchScopes\{B0E0A740-E869-436E-8FD7-58BEA90AF721}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-flv
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin:  File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Info\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Info\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2012.12.18 16:27:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.01.26 09:58:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013.01.28 17:59:27 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{58bd07eb-0ee0-4df0-8121-dc9b693373df}: C:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension [2013.01.06 17:36:04 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.01.26 09:58:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2012.12.29 13:41:45 | 000,000,000 | ---D | M] (No name found) -- \mozilla\Firefox\extensions
[2012.12.29 13:41:45 | 000,000,000 | ---D | M] (No name found) -- \mozilla\Firefox\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}
[2013.01.10 16:51:41 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.11.17 15:23:28 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.01.26 09:58:30 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.01.10 16:51:41 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\distribution\extensions
[2013.01.10 16:51:41 | 000,000,000 | ---D | M] (WEB.DE MailCheck) -- C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de
[2013.01.26 09:58:30 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013.01.05 16:11:17 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.01.05 16:11:17 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.12.18 14:54:52 | 000,003,195 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Complitly.xml
[2013.01.05 16:11:17 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2013.01.05 16:11:17 | 000,002,669 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2013.01.05 16:11:17 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.01.05 15:41:40 | 000,002,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2013.01.05 16:11:17 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.01.05 16:11:17 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
[2012.12.16 12:20:16 | 000,000,894 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Info\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Info\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Info\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Info\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: Red Ball Jump = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkigbfemaalcamljnhhpidckcenneai\1.3_0\
CHR - Extension: Angry Birds = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: YouTube = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Angry birds = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjdhpighfhhhjpkjehlcpamdmpckhnll\1.2_0\
CHR - Extension: Google-Suche = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Bad Piggies HD = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\gokpccjacnihibhbdgjeglpgiodeolpm\3.2.4_0\
CHR - Extension: Google Mail-Checker = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Minecraft = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpgoledhpdldmmhcgfcaecodnkmoiea\0.0.0.8_0\
CHR - Extension: Doodle Jump = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\nojaabckpfdijgbnlhdlhjheiappijbp\2.3.1_0\
CHR - Extension: BrowserProtect = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\
CHR - Extension: Google Mail = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2013.01.15 15:49:14 | 000,445,034 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 127.0.0.1	1-2005-search.com
O1 - Hosts: 127.0.0.1	www.123fporn.info
O1 - Hosts: 15284 more lines...
O2 - BHO: (WEB.DE Konfiguration) - {17166733-40EA-4432-A85C-AE672FF0E236} - C:\ProgramData\1und1InternetExplorerAddon\BHOXML.dll (1&1 Mail & Media GmbH)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Programme\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (WEB.DE MailCheck BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (WEB.DE MailCheck) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\Toolbar\WebBrowser: (no name) - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - No CLSID value found.
O3 - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\Toolbar\WebBrowser: (WEB.DE MailCheck) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [AthBtTray] C:\Program Files\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4 - HKLM..\Run: [AtherosBtStack] C:\Program Files\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4 - HKLM..\Run: [Bdagent] C:\Programme\Bitdefender\Bitdefender 2013\bdagent.exe (Bitdefender)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HP Quick Launch] C:\Programme\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IAStorIcon] C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [MailCheck IE Broker] C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe (1und1 Mail und Media GmbH)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4 - HKLM..\Run: [WEB.DE MailCheck Broker] C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe (1und1 Mail und Media GmbH)
O4 - HKU\.DEFAULT..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000..\Run: [EADM] C:\Program Files\Origin\Origin.exe (Electronic Arts)
O4 - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000..\Run: [Facebook Update] C:\Users\Info\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Programme\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\Software\Policies\Microsoft\Internet Explorer\Recovery present
O8 - Extra context menu item: Free YouTube Download - C:\Users\Info\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Programme\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455}  (ExentInf Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1442A48A-A5DF-411E-9A01-E478F1A8202E}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4E70BA11-C8F2-4E5A-AE19-2A1638EC9218}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~2\browse~2\261040~1.25\{c16c1~1\browse~1.dll) - c:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a59db7fb-088d-11e2-a4a2-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a59db7fb-088d-11e2-a4a2-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.02 12:31:21 | 000,000,000 | -H-D | C] -- C:\Users\Info\Documents\Freemake_do_not_remove_this_folder634954050811576309
[2013.01.31 17:44:42 | 000,000,000 | ---D | C] -- C:\Users\Info\Documents\100_FUJI
[2013.01.31 16:32:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Dumps
[2013.01.30 18:22:34 | 000,000,000 | ---D | C] -- C:\Windows\System32\Extensions
[2013.01.30 18:22:12 | 000,000,000 | ---D | C] -- C:\Intel
[2013.01.30 18:22:12 | 000,000,000 | ---D | C] -- \Intel
[2013.01.30 17:22:13 | 000,000,000 | ---D | C] -- C:\Windows\System32\searchplugins
[2013.01.30 16:59:10 | 000,482,928 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avckf.sys
[2013.01.30 16:58:59 | 000,625,128 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avc3.sys
[2013.01.29 14:16:06 | 000,072,704 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\bdvedisk.sys
[2013.01.28 17:59:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2013
[2013.01.28 17:59:36 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging
[2013.01.28 17:59:00 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\capicom.dll
[2013.01.28 17:59:00 | 000,077,192 | ---- | C] (BitDefender LLC) -- C:\Windows\System32\drivers\BdfNdisf6.sys
[2013.01.28 17:59:00 | 000,066,392 | ---- | C] (BitDefender SRL) -- C:\Windows\System32\drivers\bdsandbox.sys
[2013.01.28 17:58:55 | 000,242,504 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avchv.sys
[2013.01.28 17:39:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Bitdefender
[2013.01.28 17:31:31 | 000,161,312 | ---- | C] (BitDefender LLC) -- C:\Windows\System32\drivers\gzflt.sys
[2013.01.28 17:31:29 | 000,343,456 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\trufos.sys
[2013.01.28 17:31:29 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2013.01.28 17:22:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2013.01.28 17:11:04 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedMaxPc
[2013.01.27 19:20:17 | 000,000,000 | -H-D | C] -- C:\Users\Info\Documents\Freemake_do_not_remove_this_folder634949112175897653
[2013.01.27 19:15:41 | 000,000,000 | ---D | C] -- C:\Users\Info\Documents\Freemake
[2013.01.26 22:05:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.01.22 15:50:57 | 000,000,000 | ---D | C] -- C:\Users\Info\Documents\FOLDER01
[2013.01.21 19:23:03 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2013.01.21 19:19:38 | 000,000,000 | ---D | C] -- C:\Users\Info\Documents\FIFA 12
[2013.01.21 17:35:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 12
[2013.01.21 16:23:40 | 000,000,000 | ---D | C] -- C:\Program Files\Origin Games
[2013.01.21 16:23:28 | 000,000,000 | ---D | C] -- C:\Users\Info\AppData\Local\Origin
[2013.01.21 16:22:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2013.01.21 16:22:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2013.01.21 16:22:34 | 000,000,000 | ---D | C] -- C:\Program Files\Origin
[2013.01.21 14:18:26 | 000,000,000 | ---D | C] -- C:\Users\Info\AppData\Local\Facebook
[2013.01.18 19:19:35 | 000,000,000 | ---D | C] -- C:\Users\Info\AppData\Local\360Amigo
[2013.01.15 14:35:06 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2013.01.14 18:21:34 | 000,000,000 | ---D | C] -- C:\ProgramData\clp
[2013.01.12 08:14:11 | 000,000,000 | -H-D | C] -- C:\Program Files\Common Files\EAInstaller
[2013.01.12 08:14:09 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2013.01.12 08:14:09 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2013.01.12 08:14:08 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2013.01.12 08:14:08 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2013.01.12 08:14:08 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2013.01.12 08:14:08 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2013.01.12 08:14:07 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2013.01.12 08:14:07 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2013.01.12 08:14:06 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2013.01.12 08:14:06 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2013.01.12 08:14:06 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2013.01.12 08:14:05 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2013.01.12 08:14:05 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2013.01.12 08:14:05 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2013.01.12 08:14:04 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2013.01.12 08:14:04 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2013.01.12 08:14:04 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2013.01.12 08:14:04 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2013.01.12 08:14:04 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2013.01.12 08:14:03 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2013.01.12 08:14:03 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2013.01.12 08:14:03 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2013.01.12 08:14:03 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2013.01.12 08:14:03 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2013.01.12 08:14:02 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2013.01.12 08:14:02 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2013.01.12 08:14:02 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2013.01.12 08:14:02 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2013.01.12 08:14:02 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2013.01.12 08:14:01 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2013.01.12 08:14:01 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2013.01.12 08:14:01 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2013.01.12 08:14:01 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2013.01.12 08:14:00 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2013.01.12 08:14:00 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2013.01.12 08:14:00 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2013.01.12 08:14:00 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2013.01.12 08:14:00 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2013.01.12 08:14:00 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2013.01.12 08:13:59 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2013.01.12 08:13:59 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2013.01.12 08:13:59 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2013.01.12 08:13:59 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2013.01.12 08:13:59 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2013.01.12 08:13:59 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2013.01.12 08:13:58 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2013.01.12 08:13:58 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2013.01.12 08:13:58 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2013.01.12 08:13:57 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2013.01.12 08:13:57 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2013.01.12 08:13:57 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2013.01.12 08:13:57 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2013.01.12 08:13:56 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2013.01.11 15:32:07 | 000,000,000 | ---D | C] -- C:\Program Files\Vodafone-Sicherheitspaket
[2013.01.11 15:31:15 | 000,000,000 | ---D | C] -- C:\ProgramData\fssg
[2013.01.11 15:29:10 | 000,000,000 | ---D | C] -- C:\ProgramData\f-secure
[2013.01.10 18:36:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
[2013.01.09 21:06:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013.01.09 18:20:18 | 000,000,000 | ---D | C] -- C:\Users\Info\AppData\Local\Electronic_Arts_Inc
[2013.01.09 15:27:51 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.01.09 15:23:42 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2013.01.09 15:23:41 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
[2013.01.08 17:11:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2013.01.06 17:36:05 | 000,000,000 | ---D | C] -- C:\Users\Info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
[2013.01.06 16:10:36 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserProtect
[2013.01.06 16:07:32 | 000,017,464 | ---- | C] (PerformerSoft LLC) -- C:\Windows\System32\roboot.exe
[2013.01.06 15:59:56 | 000,000,000 | ---D | C] -- C:\Users\Info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013.01.05 21:30:37 | 000,000,000 | ---D | C] -- C:\Macromedia
[2013.01.05 21:30:37 | 000,000,000 | ---D | C] -- \Macromedia
[2013.01.05 19:40:22 | 000,000,000 | ---D | C] -- C:\Users\Info\AppData\Local\Windows Live Writer
[2013.01.05 19:35:51 | 000,000,000 | ---D | C] -- C:\Users\Info\Tracing
[2013.01.05 19:30:56 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2013.01.05 19:30:56 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2013.01.05 19:30:56 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2013.01.05 19:30:55 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2013.01.05 19:30:22 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2013.01.05 19:28:27 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2013.01.05 19:27:44 | 000,000,000 | R--D | C] -- C:\Users\Info\SkyDrive
[2013.01.05 19:27:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SkyDrive
[2013.01.05 19:27:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive
[2013.01.05 19:25:51 | 000,000,000 | ---D | C] -- C:\Users\Info\AppData\Local\Windows Live
[2013.01.05 19:25:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2013.01.05 16:01:01 | 000,000,000 | ---D | C] -- C:\Program Files\Two Worlds Pinball
[2013.01.05 15:42:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Wincert
[2013.01.05 15:41:40 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2013.01.04 21:08:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WEB.DE MailCheck
[2013.01.04 21:07:15 | 000,000,000 | ---D | C] -- C:\ProgramData\1&1 Mail & Media GmbH
[2013.01.04 21:05:42 | 000,000,000 | ---D | C] -- C:\ProgramData\UUdb
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.02 15:07:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.02 14:51:17 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.02 14:40:46 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3437191235-2556486254-1160177188-1000UA.job
[2013.02.02 14:36:21 | 000,662,014 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.02.02 14:36:21 | 000,623,856 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.02.02 14:36:21 | 000,133,648 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.02.02 14:36:21 | 000,110,030 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.02.02 14:34:03 | 000,009,904 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.02 14:34:03 | 000,009,904 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.02 13:26:32 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3437191235-2556486254-1160177188-1000UA.job
[2013.02.02 12:40:31 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3437191235-2556486254-1160177188-1000Core.job
[2013.02.02 08:33:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.01 21:16:18 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.01 19:42:52 | 000,002,370 | ---- | M] () -- C:\Users\Info\Desktop\Google Chrome.lnk
[2013.02.01 18:42:54 | 000,107,093 | ---- | M] () -- C:\Users\Info\Documents\1359727427_1_01.xml
[2013.02.01 18:17:20 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3437191235-2556486254-1160177188-1000Core.job
[2013.01.30 20:15:23 | 000,028,507 | ---- | M] () -- C:\Users\Info\Documents\41434262.pdf
[2013.01.30 18:24:06 | 2099,662,848 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.30 16:59:10 | 000,482,928 | ---- | M] (BitDefender) -- C:\Windows\System32\drivers\avckf.sys
[2013.01.30 16:58:59 | 000,625,128 | ---- | M] (BitDefender) -- C:\Windows\System32\drivers\avc3.sys
[2013.01.30 16:56:16 | 000,066,392 | ---- | M] (BitDefender SRL) -- C:\Windows\System32\drivers\bdsandbox.sys
[2013.01.29 17:38:37 | 000,000,385 | ---- | M] () -- C:\Windows\System32\user_gensett.xml
[2013.01.29 17:16:58 | 000,000,648 | ---- | M] () -- C:\Users\Info\Desktop\Scanner and Camera Wizard.lnk
[2013.01.29 15:59:56 | 001,652,485 | ---- | M] () -- C:\Users\Info\Documents\userguide.pdf
[2013.01.29 14:16:06 | 000,072,704 | ---- | M] (BitDefender) -- C:\Windows\System32\drivers\bdvedisk.sys
[2013.01.28 18:07:16 | 001,553,496 | ---- | M] () -- C:\ProgramData\1359390656.bdinstall.bin
[2013.01.28 18:00:07 | 000,253,404 | -H-- | M] () -- C:\bdr-ld01
[2013.01.28 18:00:07 | 000,009,216 | -H-- | M] () -- C:\bdr-ld01.mbr
[2013.01.28 18:00:07 | 000,000,308 | -H-- | M] () -- C:\bdr-cf01
[2013.01.28 17:59:52 | 000,002,126 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Internet Security 2013.lnk
[2013.01.28 17:59:52 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_avchv_01009.Wdf
[2013.01.21 17:35:06 | 000,001,196 | ---- | M] () -- C:\Users\Public\Desktop\FIFA 12.lnk
[2013.01.21 16:22:37 | 000,000,941 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2013.01.20 10:48:30 | 000,009,892 | ---- | M] () -- C:\Users\Info\Documents\vodafone-codes.odt
[2013.01.19 13:57:53 | 000,000,455 | ---- | M] () -- C:\Users\Info\Documents\Dokument.rtf
[2013.01.15 18:24:57 | 000,001,264 | ---- | M] () -- C:\Users\Info\Desktop\Free YouTube Download.lnk
[2013.01.15 15:49:14 | 000,445,034 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20130116-173755.backup
[2013.01.15 15:49:14 | 000,445,034 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013.01.14 15:49:25 | 000,059,392 | R--- | M] () -- C:\Windows\System32\streamhlp.dll
[2013.01.13 12:56:09 | 000,000,017 | ---- | M] () -- C:\Users\Info\AppData\Local\resmon.resmoncfg
[2013.01.13 10:14:00 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.01.13 10:14:00 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.01.12 11:59:28 | 000,000,820 | ---- | M] () -- C:\Windows\wininit.ini
[2013.01.10 18:30:58 | 000,002,324 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013.01.10 16:52:21 | 000,001,109 | ---- | M] () -- C:\Users\Info\Desktop\Mozilla Firefox.lnk
[2013.01.09 21:06:08 | 000,002,170 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013.01.09 15:40:12 | 000,320,432 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.01.09 15:37:39 | 000,008,489 | ---- | M] () -- C:\Users\Info\Documents\Noch zu erledigen.odt
[2013.01.06 16:12:59 | 000,001,133 | ---- | M] () -- C:\Users\Info\Desktop\Pinball.lnk
[2013.01.05 19:32:40 | 000,000,020 | ---- | M] () -- C:\Windows\¤óœ
 
========== Files Created - No Company Name ==========
 
[2013.02.01 18:45:06 | 000,107,093 | ---- | C] () -- C:\Users\Info\Documents\1359727427_1_01.xml
[2013.01.30 20:15:20 | 000,028,507 | ---- | C] () -- C:\Users\Info\Documents\41434262.pdf
[2013.01.29 17:38:37 | 000,000,385 | ---- | C] () -- C:\Windows\System32\user_gensett.xml
[2013.01.29 17:17:59 | 000,000,648 | ---- | C] () -- C:\Users\Info\Desktop\Scanner and Camera Wizard.lnk
[2013.01.29 15:59:53 | 001,652,485 | ---- | C] () -- C:\Users\Info\Documents\userguide.pdf
[2013.01.28 18:07:16 | 001,553,496 | ---- | C] () -- C:\ProgramData\1359390656.bdinstall.bin
[2013.01.28 18:00:07 | 000,000,308 | -H-- | C] () -- C:\bdr-cf01
[2013.01.28 18:00:07 | 000,000,308 | -H-- | C] () -- \bdr-cf01
[2013.01.28 17:59:52 | 000,002,126 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Internet Security 2013.lnk
[2013.01.28 17:59:52 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_avchv_01009.Wdf
[2013.01.28 17:39:30 | 035,184,777 | -H-- | C] () -- C:\bdr-im01.gz
[2013.01.28 17:39:30 | 035,184,777 | -H-- | C] () -- \bdr-im01.gz
[2013.01.28 17:39:30 | 002,294,848 | -H-- | C] () -- C:\bdr-bz01
[2013.01.28 17:39:30 | 002,294,848 | -H-- | C] () -- \bdr-bz01
[2013.01.28 17:39:30 | 000,253,404 | -H-- | C] () -- C:\bdr-ld01
[2013.01.28 17:39:30 | 000,253,404 | -H-- | C] () -- \bdr-ld01
[2013.01.28 17:39:30 | 000,009,216 | -H-- | C] () -- C:\bdr-ld01.mbr
[2013.01.28 17:39:30 | 000,009,216 | -H-- | C] () -- \bdr-ld01.mbr
[2013.01.21 17:35:06 | 000,001,196 | ---- | C] () -- C:\Users\Public\Desktop\FIFA 12.lnk
[2013.01.21 16:22:37 | 000,000,941 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2013.01.20 10:48:26 | 000,009,892 | ---- | C] () -- C:\Users\Info\Documents\vodafone-codes.odt
[2013.01.19 13:57:53 | 000,000,455 | ---- | C] () -- C:\Users\Info\Documents\Dokument.rtf
[2013.01.15 18:24:57 | 000,001,264 | ---- | C] () -- C:\Users\Info\Desktop\Free YouTube Download.lnk
[2013.01.14 15:49:03 | 000,059,392 | R--- | C] () -- C:\Windows\System32\streamhlp.dll
[2013.01.13 12:56:09 | 000,000,017 | ---- | C] () -- C:\Users\Info\AppData\Local\resmon.resmoncfg
[2013.01.10 18:30:58 | 000,002,324 | ---- | C] () -- C:\Windows\epplauncher.mif
[2013.01.10 16:51:58 | 000,001,109 | ---- | C] () -- C:\Users\Info\Desktop\Mozilla Firefox.lnk
[2013.01.10 16:51:52 | 000,001,121 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.01.09 21:06:08 | 000,002,170 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013.01.09 20:46:10 | 000,001,094 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.09 20:46:10 | 000,001,090 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.06 15:59:56 | 000,001,133 | ---- | C] () -- C:\Users\Info\Desktop\Pinball.lnk
[2013.01.05 19:32:39 | 000,000,020 | ---- | C] () -- C:\Windows\¤óœ
[2013.01.01 14:37:00 | 005,746,780 | ---- | C] ( ) -- C:\Windows\System32\RTKISDBT.dll
[2012.12.29 19:05:53 | 000,000,820 | ---- | C] () -- C:\Windows\wininit.ini
[2012.12.18 14:54:52 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS
[2012.12.18 14:54:52 | 000,000,000 | RHS- | C] () -- \IO.SYS
[2012.12.14 02:02:20 | 000,064,512 | ---- | C] () -- C:\Windows\System32\igdde32.dll
[2012.12.14 02:02:20 | 000,009,728 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2012.12.14 02:02:20 | 000,000,268 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2012.11.17 16:39:51 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2012.10.22 17:40:04 | 000,272,928 | ---- | C] () -- C:\Windows\System32\igvpkrng600.bin
[2012.10.22 17:39:46 | 000,963,452 | ---- | C] () -- C:\Windows\System32\igcodeckrng600.bin
[2012.10.22 17:39:44 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll
[2012.10.03 17:15:43 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2012.10.03 17:14:43 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012.09.29 10:40:45 | 000,000,557 | ---- | C] () -- \NetworkCfg.xml
[2012.09.27 11:25:26 | 2099,662,848 | -HS- | C] () -- \hiberfil.sys
[2012.08.13 10:08:08 | 000,014,217 | ---- | C] () -- C:\Program Files\readme.html
[2012.07.27 21:47:36 | 000,159,232 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2012.05.08 13:15:36 | 000,000,005 | ---- | C] () -- C:\Program Files\basis-link
[2011.09.15 02:11:16 | 001,048,576 | ---- | C] () -- C:\Windows\System32\syndata.bin
[2011.08.17 06:48:34 | 000,262,080 | ---- | C] () -- C:\Windows\System32\SynPS2.bin
[2011.05.09 17:19:48 | 000,246,804 | ---- | C] () -- C:\Windows\System32\drivers\AtherosBt.bin
[2011.02.11 22:23:34 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2009.07.14 03:04:04 | 000,000,024 | ---- | C] () -- \autoexec.bat
[2009.07.14 03:04:04 | 000,000,010 | ---- | C] () -- \config.sys
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013.01.04 21:07:15 | 000,000,000 | ---D | M] -- C:\Users\All Users\1&1 Mail & Media GmbH
[2012.12.01 14:09:40 | 000,000,000 | ---D | M] -- C:\Users\All Users\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013.01.04 11:30:14 | 000,000,000 | ---D | M] -- C:\Users\All Users\1und1InternetExplorerAddon
[2012.09.27 11:32:36 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Anwendungsdaten
[2012.11.17 16:05:17 | 000,000,000 | ---D | M] -- C:\Users\All Users\Ask
[2013.01.31 16:34:47 | 000,000,000 | ---D | M] -- C:\Users\All Users\BDLogging
[2013.01.28 18:00:38 | 000,000,000 | ---D | M] -- C:\Users\All Users\Bitdefender
[2013.01.05 15:41:40 | 000,000,000 | ---D | M] -- C:\Users\All Users\boost_interprocess
[2013.01.06 16:10:36 | 000,000,000 | ---D | M] -- C:\Users\All Users\BrowserProtect
[2013.01.14 18:51:40 | 000,000,000 | ---D | M] -- C:\Users\All Users\clp
[2012.12.18 16:34:38 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Common Files
[2012.09.27 11:32:36 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Desktop
[2013.01.04 11:30:12 | 000,000,000 | ---D | M] -- C:\Users\All Users\DesktopIcons
[2012.09.27 11:32:36 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Dokumente
[2013.01.31 16:39:30 | 000,000,000 | ---D | M] -- C:\Users\All Users\Dumps
[2013.01.21 19:23:03 | 000,000,000 | ---D | M] -- C:\Users\All Users\EA Core
[2013.01.21 19:23:26 | 000,000,000 | ---D | M] -- C:\Users\All Users\Electronic Arts
[2013.01.14 19:16:39 | 000,000,000 | ---D | M] -- C:\Users\All Users\f-secure
[2012.09.27 11:32:36 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Favoriten
[2012.12.28 22:58:50 | 000,000,000 | ---D | M] -- C:\Users\All Users\Freemake
[2013.01.13 11:01:55 | 000,000,000 | ---D | M] -- C:\Users\All Users\fssg
[2012.10.20 13:20:59 | 000,000,000 | ---D | M] -- C:\Users\All Users\MakeMusic
[2013.01.21 16:24:28 | 000,000,000 | ---D | M] -- C:\Users\All Users\Origin
[2012.12.28 21:13:22 | 000,000,000 | ---D | M] -- C:\Users\All Users\PC Drivers HeadQuarters
[2013.01.28 17:14:52 | 000,000,000 | ---D | M] -- C:\Users\All Users\SpeedMaxPc
[2012.09.27 11:32:36 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Startmenü
[2012.09.27 20:04:57 | 000,000,000 | ---D | M] -- C:\Users\All Users\Synaptics
[2012.12.18 17:54:13 | 000,000,000 | ---D | M] -- C:\Users\All Users\TEMP
[2012.12.18 16:34:56 | 000,000,000 | ---D | M] -- C:\Users\All Users\TuneUp Software
[2013.01.04 21:05:42 | 000,000,000 | ---D | M] -- C:\Users\All Users\UUdb
[2012.09.27 11:32:36 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Vorlagen
[2013.01.06 17:36:04 | 000,000,000 | ---D | M] -- C:\Users\All Users\Wincert
[2013.01.06 16:26:41 | 000,000,000 | -HSD | M] -- C:\Users\All Users\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2012.09.27 11:32:36 | 000,000,000 | -HSD | M] -- C:\Users\Default\Anwendungsdaten
[2009.07.14 03:37:05 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2012.09.27 11:32:36 | 000,000,000 | -HSD | M] -- C:\Users\Default\Cookies
[2009.07.14 03:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Desktop
[2012.09.27 11:32:36 | 000,000,000 | R--D | M] -- C:\Users\Default\Documents
[2009.07.14 03:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Downloads
[2012.09.27 11:32:36 | 000,000,000 | -HSD | M] -- C:\Users\Default\Druckumgebung
[2012.09.27 11:32:36 | 000,000,000 | -HSD | M] -- C:\Users\Default\Eigene Dateien
[2009.07.14 03:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Favorites
[2013.01.12 21:29:16 | 000,000,000 | R--D | M] -- C:\Users\Default\Links
[2012.09.27 11:32:36 | 000,000,000 | -HSD | M] -- C:\Users\Default\Lokale Einstellungen
[2009.07.14 03:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Music
[2012.09.27 11:32:36 | 000,000,000 | -HSD | M] -- C:\Users\Default\Netzwerkumgebung
[2009.07.14 03:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Pictures
[2012.09.27 11:32:36 | 000,000,000 | -HSD | M] -- C:\Users\Default\Recent
[2009.07.14 03:04:25 | 000,000,000 | ---D | M] -- C:\Users\Default\Saved Games
[2012.09.27 11:32:36 | 000,000,000 | -HSD | M] -- C:\Users\Default\SendTo
[2012.09.27 11:32:36 | 000,000,000 | -HSD | M] -- C:\Users\Default\Startmenü
[2009.07.14 03:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Videos
[2012.09.27 11:32:36 | 000,000,000 | -HSD | M] -- C:\Users\Default\Vorlagen
[2012.09.29 08:41:30 | 000,000,000 | ---D | M] -- C:\Users\Info\.LOGOComfort6.1
[2012.09.27 11:34:16 | 000,000,000 | -HSD | M] -- C:\Users\Info\Anwendungsdaten
[2013.01.30 18:12:08 | 000,000,000 | -H-D | M] -- C:\Users\Info\AppData
[2012.10.03 17:47:55 | 000,000,000 | R--D | M] -- C:\Users\Info\Contacts
[2012.09.27 11:34:16 | 000,000,000 | -HSD | M] -- C:\Users\Info\Cookies
[2013.01.31 16:39:30 | 000,000,000 | R--D | M] -- C:\Users\Info\Desktop
[2013.02.02 12:32:46 | 000,000,000 | R--D | M] -- C:\Users\Info\Documents
[2013.02.02 15:27:02 | 000,000,000 | R--D | M] -- C:\Users\Info\Downloads
[2012.09.27 11:34:16 | 000,000,000 | -HSD | M] -- C:\Users\Info\Druckumgebung
[2012.09.27 11:34:15 | 000,000,000 | -HSD | M] -- C:\Users\Info\Eigene Dateien
[2013.02.01 18:52:18 | 000,000,000 | R--D | M] -- C:\Users\Info\Favorites
[2012.09.29 08:38:24 | 000,000,000 | -H-D | M] -- C:\Users\Info\InstallAnywhere
[2013.01.05 19:27:44 | 000,000,000 | R--D | M] -- C:\Users\Info\Links
[2012.09.27 11:34:16 | 000,000,000 | -HSD | M] -- C:\Users\Info\Lokale Einstellungen
[2013.01.09 17:20:50 | 000,000,000 | R--D | M] -- C:\Users\Info\Music
[2012.09.27 11:34:16 | 000,000,000 | -HSD | M] -- C:\Users\Info\Netzwerkumgebung
[2013.02.01 19:11:14 | 000,000,000 | R--D | M] -- C:\Users\Info\Pictures
[2012.09.27 11:34:16 | 000,000,000 | -HSD | M] -- C:\Users\Info\Recent
[2012.10.03 17:47:55 | 000,000,000 | R--D | M] -- C:\Users\Info\Saved Games
[2012.10.07 10:03:30 | 000,000,000 | R--D | M] -- C:\Users\Info\Searches
[2012.09.27 11:34:16 | 000,000,000 | -HSD | M] -- C:\Users\Info\SendTo
[2013.01.12 21:29:22 | 000,000,000 | R--D | M] -- C:\Users\Info\SkyDrive
[2012.09.27 11:34:16 | 000,000,000 | -HSD | M] -- C:\Users\Info\Startmenü
[2013.01.19 10:08:21 | 000,000,000 | ---D | M] -- C:\Users\Info\Tracing
[2013.01.27 19:23:39 | 000,000,000 | R--D | M] -- C:\Users\Info\Videos
[2012.09.27 11:34:16 | 000,000,000 | -HSD | M] -- C:\Users\Info\Vorlagen
[2012.11.17 16:39:29 | 000,000,000 | ---D | M] -- C:\Users\Malisa\Desktop
[2013.01.30 19:51:57 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2012.10.20 15:03:02 | 000,000,000 | R--D | M] -- C:\Users\Public\Documents
[2009.07.14 05:41:57 | 000,000,000 | R--D | M] -- C:\Users\Public\Downloads
[2009.07.14 03:04:25 | 000,000,000 | RH-D | M] -- C:\Users\Public\Favorites
[2012.09.27 11:54:46 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2012.10.01 13:20:41 | 000,000,000 | R--D | M] -- C:\Users\Public\Music
[2009.07.14 05:41:57 | 000,000,000 | R--D | M] -- C:\Users\Public\Pictures
[2012.10.02 13:02:43 | 000,000,000 | R--D | M] -- C:\Users\Public\Recorded TV
[2009.07.14 05:41:57 | 000,000,000 | R--D | M] -- C:\Users\Public\Videos
 
========== Purity Check ==========
 
 

< End of report >
__________________
Alt 02.02.2013, 16:32   #19
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bitdefender: Passwortgeschützte Objekte sind nicht zu finden - Standard

Bitdefender: Passwortgeschützte Objekte sind nicht zu finden


Malwarebytes Anti-Rootkit

Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Entpacke das Archiv auf deinem Desktop.
  • Im neu erstellten Ordner starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 02.02.2013, 16:48   #20
duddl
 
Bitdefender: Passwortgeschützte Objekte sind nicht zu finden - Standard

Bitdefender: Passwortgeschützte Objekte sind nicht zu finden


Ich kann die heruntergeladene Datei nicht öffnen.
Welches Programm soll ich dazu verwenden?


Alt 02.02.2013, 16:53   #21
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bitdefender: Passwortgeschützte Objekte sind nicht zu finden - Standard

Bitdefender: Passwortgeschützte Objekte sind nicht zu finden


Das ist ein ZIP-Archiv, logischerweise mit sowas wie 7zip, WinRAR oder einem anderen Packer
__________________
--> Bitdefender: Passwortgeschützte Objekte sind nicht zu finden

Alt 02.02.2013, 19:49   #22
duddl
 
Bitdefender: Passwortgeschützte Objekte sind nicht zu finden - Standard

Bitdefender: Passwortgeschützte Objekte sind nicht zu finden


Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.01.0.1017
www.malwarebytes.org

Database version: v2013.02.02.07

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Info :: ALEXANDER-HP630 [administrator]

02.02.2013 19:24:47
mbar-log-2013-02-02 (19-24-47).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 28452
Time elapsed: 17 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 2
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} (PUP.Datamngr) -> Delete on reboot.
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{F34C9277-6577-4DFF-B2D7-7D58092F272F} (PUP.Datamngr) -> Delete on reboot.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
Der findet ständig diese Registry-Fehler, sonst aber nichts.
Die hat er nach dem Neustart und dem 2. Scan aber nicht behoben.

ich kaufe mir sowieso tuneup utilities. vielleicht kann der die Probleme beheben?!

Alt 03.02.2013, 01:33   #23
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bitdefender: Passwortgeschützte Objekte sind nicht zu finden - Standard

Bitdefender: Passwortgeschützte Objekte sind nicht zu finden


Bitte nun Logs mit GMER (<<< klick für Anleitung) und aswMBR (Anleitung etwas weiter unten) erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim zweiten Mal nicht will, lass es einfach weg und führ nur aswMBR aus.

aswMBR-Download => aswMBR.exe - speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe Vista und Win7 User mit Rechtsklick "als Admininstartor starten"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 03.02.2013, 09:22   #24
duddl
 
Bitdefender: Passwortgeschützte Objekte sind nicht zu finden - Standard

Bitdefender: Passwortgeschützte Objekte sind nicht zu finden


Gmer findet rootkit, ich weiß aber nicht, wie man es entfernen kann:

ich kann GMER auch im anhang nicht hochladen, da es viel zu groß ist.
Das ist das rot-markierte Objekt, das er findet:

Module (noname) (***hidden***) 85E2C000-860DF000 (2830336 bytes)

Das ist von aswMBR:

Code:
ATTFilter
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-03 09:40:32
-----------------------------
09:40:32.795    OS Version: Windows 6.1.7601 Service Pack 1
09:40:32.795    Number of processors: 2 586 0x2A07
09:40:32.799    ComputerName: ALEXANDER-HP630  UserName: Info
09:40:35.031    Initialize success
09:41:55.996    AVAST engine defs: 13020201
09:42:20.866    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
09:42:20.869    Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3
09:42:21.177    Disk 0 MBR read successfully
09:42:21.181    Disk 0 MBR scan
09:42:21.312    Disk 0 Windows 7 default MBR code
09:42:21.322    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
09:42:21.372    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       610379 MB offset 206848
09:42:21.515    Disk 0 scanning sectors +1250263040
09:42:21.974    Disk 0 scanning C:\Windows\system32\drivers
09:43:45.411    Service scanning
09:43:49.787    Service BdfNdisf c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys **LOCKED** 5
09:43:49.859    Service bdfwfpf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys **LOCKED** 5
09:43:50.225    Service bdselfpr C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys **LOCKED** 5
09:44:20.641    Modules scanning
09:46:51.622    Disk 0 trace - called modules:
09:46:51.682    ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll 
09:46:52.287    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x88104440]
09:46:52.337    3 CLASSPNP.SYS[8b27659e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85e06028]
09:46:54.340    AVAST engine scan C:\Windows
09:51:45.593    AVAST engine scan C:\Windows\system32
09:51:55.961    Disk 0 MBR has been saved successfully to "C:\Users\Info\Documents\MBR.dat"
09:51:56.303    The log file has been saved successfully to "C:\Users\Info\Documents\aswMBR.txt"


aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-03 09:40:32
-----------------------------
09:40:32.795    OS Version: Windows 6.1.7601 Service Pack 1
09:40:32.795    Number of processors: 2 586 0x2A07
09:40:32.799    ComputerName: ALEXANDER-HP630  UserName: Info
09:40:35.031    Initialize success
09:41:55.996    AVAST engine defs: 13020201
09:42:20.866    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
09:42:20.869    Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3
09:42:21.177    Disk 0 MBR read successfully
09:42:21.181    Disk 0 MBR scan
09:42:21.312    Disk 0 Windows 7 default MBR code
09:42:21.322    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
09:42:21.372    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       610379 MB offset 206848
09:42:21.515    Disk 0 scanning sectors +1250263040
09:42:21.974    Disk 0 scanning C:\Windows\system32\drivers
09:43:45.411    Service scanning
09:43:49.787    Service BdfNdisf c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys **LOCKED** 5
09:43:49.859    Service bdfwfpf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys **LOCKED** 5
09:43:50.225    Service bdselfpr C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys **LOCKED** 5
09:44:20.641    Modules scanning
09:46:51.622    Disk 0 trace - called modules:
09:46:51.682    ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll 
09:46:52.287    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x88104440]
09:46:52.337    3 CLASSPNP.SYS[8b27659e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85e06028]
09:46:54.340    AVAST engine scan C:\Windows
09:51:45.593    AVAST engine scan C:\Windows\system32
09:51:55.961    Disk 0 MBR has been saved successfully to "C:\Users\Info\Documents\MBR.dat"
09:51:56.303    The log file has been saved successfully to "C:\Users\Info\Documents\aswMBR.txt"
10:04:45.288    AVAST engine scan C:\Windows\system32\drivers
10:05:34.716    AVAST engine scan C:\Users\Info
10:22:18.009    AVAST engine scan C:\ProgramData
10:23:44.445    Scan finished successfully
10:56:33.185    Disk 0 MBR has been saved successfully to "C:\Users\Info\Documents\MBR.dat"
10:56:33.340    The log file has been saved successfully to "C:\Users\Info\Documents\aswMBR.txt"

Alt 03.02.2013, 22:21   #25
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bitdefender: Passwortgeschützte Objekte sind nicht zu finden - Standard

Bitdefender: Passwortgeschützte Objekte sind nicht zu finden


Das GMER-Log bitte zippen und anhängen, aber nur als Ausnahme da es ja zu groß ist. Ansonsten die Logs immer direkt und in CODE-Tags posten
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 04.02.2013, 14:12   #26
duddl
 
Bitdefender: Passwortgeschützte Objekte sind nicht zu finden - Standard

Bitdefender: Passwortgeschützte Objekte sind nicht zu finden


Ich kann aber diese Zip-Öffner nciht installieren oder verwenden, da es zu unsicher ist und viren beinhalten könnte.

Alt 04.02.2013, 14:44   #27
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bitdefender: Passwortgeschützte Objekte sind nicht zu finden - Standard

Bitdefender: Passwortgeschützte Objekte sind nicht zu finden


Zitat:
Ich kann aber diese Zip-Öffner nciht installieren oder verwenden, da es zu unsicher ist und viren beinhalten könnte.
Sry wer behauptet das?
Einfach 7zip installieren und weitermachen....

Bitte auch mal (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehlalarm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 04.02.2013, 16:35   #28
duddl
 
Bitdefender: Passwortgeschützte Objekte sind nicht zu finden - Standard

Bitdefender: Passwortgeschützte Objekte sind nicht zu finden


Code:
ATTFilter
16:30:12.0180 5916	TDSS rootkit removing tool 2.7.42.0 Jun 25 2012 21:18:44
16:30:14.0183 5916	============================================================
16:30:14.0183 5916	Current date / time: 2013/02/04 16:30:14.0183
16:30:14.0183 5916	SystemInfo:
16:30:14.0183 5916	
16:30:14.0183 5916	OS Version: 6.1.7601 ServicePack: 1.0
16:30:14.0183 5916	Product type: Workstation
16:30:14.0183 5916	ComputerName: ALEXANDER-HP630
16:30:14.0184 5916	UserName: Info
16:30:14.0184 5916	Windows directory: C:\Windows
16:30:14.0184 5916	System windows directory: C:\Windows
16:30:14.0184 5916	Processor architecture: Intel x86
16:30:14.0184 5916	Number of processors: 2
16:30:14.0184 5916	Page size: 0x1000
16:30:14.0184 5916	Boot type: Normal boot
16:30:14.0184 5916	============================================================
16:30:15.0394 5916	Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:30:15.0398 5916	============================================================
16:30:15.0398 5916	\Device\Harddisk0\DR0:
16:30:15.0398 5916	MBR partitions:
16:30:15.0398 5916	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:30:15.0398 5916	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x4A825800
16:30:15.0398 5916	============================================================
16:30:15.0509 5916	C: <-> \Device\Harddisk0\DR0\Partition1
16:30:15.0509 5916	============================================================
16:30:15.0509 5916	Initialize success
16:30:15.0509 5916	============================================================
16:31:03.0188 6580	============================================================
16:31:03.0188 6580	Scan started
16:31:03.0188 6580	Mode: Manual; SigCheck; TDLFS; 
16:31:03.0188 6580	============================================================
16:31:12.0098 6580	1394ohci        (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
16:31:13.0761 6580	1394ohci - ok
16:31:14.0348 6580	ACDaemon        (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
16:31:14.0484 6580	ACDaemon - ok
16:31:14.0663 6580	ACPI            (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
16:31:14.0812 6580	ACPI - ok
16:31:14.0932 6580	AcpiPmi         (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
16:31:15.0023 6580	AcpiPmi - ok
16:31:15.0171 6580	AdobeARMservice (3927397ac60d943daf8808affed582b7) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
16:31:15.0200 6580	AdobeARMservice - ok
16:31:15.0306 6580	AdobeFlashPlayerUpdateSvc (424877cb9d5517f980ff7baca2eb379d) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:31:15.0415 6580	AdobeFlashPlayerUpdateSvc - ok
16:31:15.0521 6580	adp94xx         (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
16:31:15.0567 6580	adp94xx - ok
16:31:15.0805 6580	adpahci         (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
16:31:15.0853 6580	adpahci - ok
16:31:15.0926 6580	adpu320         (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
16:31:15.0969 6580	adpu320 - ok
16:31:16.0016 6580	AeLookupSvc     (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
16:31:16.0076 6580	AeLookupSvc - ok
16:31:16.0140 6580	Afc             (a7b8a3a79d35215d798a300df49ed23f) C:\Windows\system32\drivers\Afc.sys
16:31:16.0189 6580	Afc ( UnsignedFile.Multi.Generic ) - warning
16:31:16.0189 6580	Afc - detected UnsignedFile.Multi.Generic (1)
16:31:16.0321 6580	AFD             (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
16:31:16.0481 6580	AFD - ok
16:31:16.0699 6580	agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
16:31:16.0739 6580	agp440 - ok
16:31:16.0997 6580	aic78xx         (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
16:31:17.0061 6580	aic78xx - ok
16:31:17.0279 6580	ALG             (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
16:31:17.0463 6580	ALG - ok
16:31:17.0501 6580	aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
16:31:17.0537 6580	aliide - ok
16:31:17.0608 6580	amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
16:31:17.0645 6580	amdagp - ok
16:31:17.0724 6580	amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
16:31:17.0782 6580	amdide - ok
16:31:17.0851 6580	AmdK8           (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
16:31:17.0923 6580	AmdK8 - ok
16:31:17.0956 6580	AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
16:31:17.0993 6580	AmdPPM - ok
16:31:18.0028 6580	amdsata         (e7f4d42d8076ec60e21715cd11743a0d) C:\Windows\system32\drivers\amdsata.sys
16:31:18.0121 6580	amdsata - ok
16:31:18.0302 6580	amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
16:31:18.0379 6580	amdsbs - ok
16:31:18.0444 6580	amdxata         (146459d2b08bfdcbfa856d9947043c81) C:\Windows\system32\drivers\amdxata.sys
16:31:18.0486 6580	amdxata - ok
16:31:18.0616 6580	AppID           (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
16:31:18.0951 6580	AppID - ok
16:31:18.0978 6580	AppIDSvc        (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
16:31:19.0054 6580	AppIDSvc - ok
16:31:19.0262 6580	Appinfo         (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
16:31:19.0334 6580	Appinfo - ok
16:31:19.0448 6580	AppMgmt         (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
16:31:19.0545 6580	AppMgmt - ok
16:31:19.0591 6580	arc             (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
16:31:19.0674 6580	arc - ok
16:31:19.0704 6580	arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
16:31:19.0753 6580	arcsas - ok
16:31:19.0794 6580	AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
16:31:19.0933 6580	AsyncMac - ok
16:31:20.0002 6580	atapi           (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
16:31:20.0154 6580	atapi - ok
16:31:20.0189 6580	AthBTPort       (882edbafcc227852c9dca23ea48d2e78) C:\Windows\system32\DRIVERS\btath_flt.sys
16:31:20.0229 6580	AthBTPort - ok
16:31:20.0477 6580	Atheros Bt&Wlan Coex Agent (650f111d5cda64c10ae4b9d1ba9d4fff) C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe
16:31:20.0562 6580	Atheros Bt&Wlan Coex Agent - ok
16:31:20.0647 6580	AtherosSvc      (3d850acded547319ecb0aa98b79d5770) C:\Program Files\Bluetooth Suite\adminservice.exe
16:31:20.0721 6580	AtherosSvc - ok
16:31:21.0083 6580	athr            (cfe432e8eeacbcea3dbf53ea76978a65) C:\Windows\system32\DRIVERS\athr.sys
16:31:21.0423 6580	athr - ok
16:31:21.0893 6580	AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
16:31:21.0989 6580	AudioEndpointBuilder - ok
16:31:21.0996 6580	Audiosrv        (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
16:31:22.0074 6580	Audiosrv - ok
16:31:22.0239 6580	avc3            (f3d3b0affd227aa2bfc80c1a4536baa0) C:\Windows\system32\DRIVERS\avc3.sys
16:31:22.0564 6580	avc3 - ok
16:31:22.0633 6580	avchv           (7f9b99b564e7c9fbb6729ed95b5bbb24) C:\Windows\system32\DRIVERS\avchv.sys
16:31:22.0702 6580	avchv - ok
16:31:22.0849 6580	avckf           (c7be750843a8a39167187fd28634a25e) C:\Windows\system32\DRIVERS\avckf.sys
16:31:22.0938 6580	avckf - ok
16:31:22.0951 6580	AVFSFilter - ok
16:31:23.0165 6580	AxInstSV        (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
16:31:23.0584 6580	AxInstSV - ok
16:31:23.0761 6580	b06bdrv         (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
16:31:23.0908 6580	b06bdrv - ok
16:31:24.0125 6580	b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
16:31:24.0211 6580	b57nd60x - ok
16:31:24.0563 6580	BdDesktopParental (7f68862a3a4be1a032b5bf3a992423e1) C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe
16:31:24.0647 6580	BdDesktopParental - ok
16:31:24.0824 6580	BDESVC          (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
16:31:24.0962 6580	BDESVC - ok
16:31:25.0300 6580	BdfNdisf        (2c8f82dc54215b2fe064eff996f39d9b) c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
16:31:25.0355 6580	BdfNdisf - ok
16:31:25.0411 6580	bdfwfpf         (2f66c9df34134419928bac00e21e2679) C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
16:31:25.0534 6580	bdfwfpf - ok
16:31:25.0685 6580	BDSandBox       (b6cbfc9d825bb2d955620cd4d8ef07f9) C:\Windows\system32\drivers\bdsandbox.sys
16:31:25.0723 6580	BDSandBox - ok
16:31:26.0040 6580	bdselfpr        (a7478f77584f8db6ad74b2bbe1144886) C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys
16:31:26.0281 6580	bdselfpr - ok
16:31:26.0355 6580	Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
16:31:26.0480 6580	Beep - ok
16:31:26.0863 6580	BFE             (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
16:31:26.0985 6580	BFE - ok
16:31:27.0119 6580	BITS            (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
16:31:27.0216 6580	BITS - ok
16:31:27.0263 6580	blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
16:31:27.0407 6580	blbdrive - ok
16:31:27.0850 6580	Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
16:31:27.0943 6580	Bonjour Service - ok
16:31:28.0029 6580	bowser          (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
16:31:28.0091 6580	bowser - ok
16:31:28.0140 6580	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:31:28.0254 6580	BrFiltLo - ok
16:31:28.0263 6580	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:31:28.0297 6580	BrFiltUp - ok
16:31:28.0464 6580	Browser         (3daa727b5b0a45039b0e1c9a211b8400) C:\Windows\System32\browser.dll
16:31:28.0549 6580	Browser - ok
16:31:28.0894 6580	Brserid         (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
16:31:29.0090 6580	Brserid - ok
16:31:29.0207 6580	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
16:31:29.0273 6580	BrSerWdm - ok
16:31:29.0361 6580	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:31:29.0441 6580	BrUsbMdm - ok
16:31:29.0453 6580	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
16:31:29.0527 6580	BrUsbSer - ok
16:31:30.0311 6580	BTATH_A2DP      (e5b321f18a1d8b6b8dd397d92ba5946a) C:\Windows\system32\drivers\btath_a2dp.sys
16:31:30.0399 6580	BTATH_A2DP - ok
16:31:30.0481 6580	BTATH_BUS       (429a2013b16a38496d2c5459f382636e) C:\Windows\system32\DRIVERS\btath_bus.sys
16:31:30.0511 6580	BTATH_BUS - ok
16:31:31.0061 6580	BTATH_HCRP      (f31e369db8258b28e3dcf66705aea9e9) C:\Windows\system32\DRIVERS\btath_hcrp.sys
16:31:31.0237 6580	BTATH_HCRP - ok
16:31:31.0411 6580	BTATH_LWFLT     (6651798266fde23159d961463a63a77d) C:\Windows\system32\DRIVERS\btath_lwflt.sys
16:31:31.0442 6580	BTATH_LWFLT - ok
16:31:31.0994 6580	BTATH_RCP       (08ef5298df80bc136523bcd2ed8b9c37) C:\Windows\system32\DRIVERS\btath_rcp.sys
16:31:32.0092 6580	BTATH_RCP - ok
16:31:32.0572 6580	BtFilter        (fee4e106761695da368c1855d58a4fd5) C:\Windows\system32\DRIVERS\btfilter.sys
16:31:32.0683 6580	BtFilter - ok
16:31:32.0889 6580	BthEnum         (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
16:31:32.0981 6580	BthEnum - ok
16:31:33.0170 6580	BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
16:31:33.0227 6580	BTHMODEM - ok
16:31:33.0379 6580	BthPan          (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
16:31:33.0421 6580	BthPan - ok
16:31:34.0284 6580	BTHPORT         (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys
16:31:34.0570 6580	BTHPORT - ok
16:31:34.0694 6580	bthserv         (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
16:31:34.0793 6580	bthserv - ok
16:31:34.0845 6580	BTHUSB          (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys
16:31:34.0890 6580	BTHUSB - ok
16:31:35.0041 6580	cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
16:31:35.0123 6580	cdfs - ok
16:31:35.0439 6580	cdrom           (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
16:31:35.0587 6580	cdrom - ok
16:31:35.0831 6580	CertPropSvc     (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
16:31:36.0153 6580	CertPropSvc - ok
16:31:36.0322 6580	circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
16:31:36.0367 6580	circlass - ok
16:31:36.0489 6580	CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
16:31:36.0561 6580	CLFS - ok
16:31:36.0850 6580	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:31:36.0984 6580	clr_optimization_v2.0.50727_32 - ok
16:31:37.0446 6580	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:31:37.0503 6580	clr_optimization_v4.0.30319_32 - ok
16:31:37.0567 6580	CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
16:31:37.0603 6580	CmBatt - ok
16:31:37.0688 6580	cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
16:31:37.0720 6580	cmdide - ok
16:31:37.0855 6580	CNG             (247b4ce2dab1160cd422d532d5241e1f) C:\Windows\system32\Drivers\cng.sys
16:31:37.0980 6580	CNG - ok
16:31:38.0070 6580	Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
16:31:38.0104 6580	Compbatt - ok
16:31:38.0173 6580	CompositeBus    (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
16:31:38.0211 6580	CompositeBus - ok
16:31:38.0215 6580	COMSysApp - ok
16:31:38.0456 6580	cphs            (2155d9c6f9ef97e149bb5a75d608524d) C:\Windows\system32\IntelCpHeciSvc.exe
16:31:38.0555 6580	cphs - ok
16:31:38.0718 6580	crcdisk         (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
16:31:38.0752 6580	crcdisk - ok
16:31:39.0162 6580	CryptSvc        (96c0e38905cfd788313be8e11dae3f2f) C:\Windows\system32\cryptsvc.dll
16:31:39.0361 6580	CryptSvc - ok
16:31:39.0887 6580	CSC             (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
16:31:40.0223 6580	CSC - ok
16:31:40.0632 6580	CscService      (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
16:31:40.0741 6580	CscService - ok
16:31:40.0947 6580	DcomLaunch      (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
16:31:41.0002 6580	DcomLaunch - ok
16:31:41.0095 6580	defragsvc       (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
16:31:41.0154 6580	defragsvc - ok
16:31:41.0339 6580	DfsC            (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
16:31:41.0546 6580	DfsC - ok
16:31:41.0597 6580	Dhcp            (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
16:31:41.0743 6580	Dhcp - ok
16:31:41.0840 6580	discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
16:31:41.0897 6580	discache - ok
16:31:41.0977 6580	Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
16:31:42.0018 6580	Disk - ok
16:31:42.0165 6580	Dnscache        (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
16:31:42.0220 6580	Dnscache - ok
16:31:42.0374 6580	dot3svc         (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
16:31:42.0427 6580	dot3svc - ok
16:31:42.0725 6580	DPS             (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
16:31:42.0796 6580	DPS - ok
16:31:42.0840 6580	drmkaud         (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
16:31:42.0877 6580	drmkaud - ok
16:31:43.0471 6580	DXGKrnl         (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
16:31:43.0717 6580	DXGKrnl - ok
16:31:43.0778 6580	E1G60           (22ef8965101685add128f03a2b03ce16) C:\Windows\system32\DRIVERS\E1G60I32.sys
16:31:43.0818 6580	E1G60 - ok
16:31:44.0261 6580	EapHost         (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
16:31:44.0356 6580	EapHost - ok
16:31:44.0972 6580	ebdrv           (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
16:31:45.0283 6580	ebdrv - ok
16:31:47.0046 6580	EFS             (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
16:31:47.0131 6580	EFS - ok
16:31:47.0761 6580	ehRecvr         (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
16:31:48.0242 6580	ehRecvr - ok
16:31:48.0608 6580	ehSched         (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
16:31:49.0007 6580	ehSched - ok
16:31:49.0511 6580	elxstor         (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
16:31:49.0739 6580	elxstor - ok
16:31:49.0831 6580	ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
16:31:49.0866 6580	ErrDev - ok
16:31:50.0644 6580	EventSystem     (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
16:31:50.0727 6580	EventSystem - ok
16:31:50.0825 6580	exfat           (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
16:31:51.0104 6580	exfat - ok
16:31:51.0232 6580	fastfat         (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
16:31:51.0298 6580	fastfat - ok
16:31:51.0525 6580	Fax             (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
16:31:51.0711 6580	Fax - ok
16:31:51.0781 6580	fdc             (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
16:31:51.0822 6580	fdc - ok
16:31:51.0875 6580	fdPHost         (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
16:31:52.0025 6580	fdPHost - ok
16:31:52.0200 6580	FDResPub        (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
16:31:52.0392 6580	FDResPub - ok
16:31:52.0431 6580	FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
16:31:52.0470 6580	FileInfo - ok
16:31:52.0508 6580	Filetrace       (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
16:31:52.0579 6580	Filetrace - ok
16:31:52.0637 6580	flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
16:31:52.0772 6580	flpydisk - ok
16:31:52.0819 6580	FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
16:31:52.0853 6580	FltMgr - ok
16:31:52.0981 6580	FontCache       (fa6c66e4364d7da57aade5dcc03bb999) C:\Windows\system32\FntCache.dll
16:31:53.0062 6580	FontCache - ok
16:31:53.0185 6580	FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:31:53.0249 6580	FontCache3.0.0.0 - ok
16:31:53.0379 6580	Freemake Improver (f386bb621dd0f7ea2781f67c1c728771) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
16:31:53.0586 6580	Freemake Improver ( UnsignedFile.Multi.Generic ) - warning
16:31:53.0586 6580	Freemake Improver - detected UnsignedFile.Multi.Generic (1)
16:31:53.0670 6580	FsDepends       (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
16:31:53.0719 6580	FsDepends - ok
16:31:53.0787 6580	Fs_Rec          (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
16:31:53.0863 6580	Fs_Rec - ok
16:31:53.0969 6580	fvevol          (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
16:31:54.0019 6580	fvevol - ok
16:31:54.0089 6580	gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:31:54.0153 6580	gagp30kx - ok
16:31:54.0202 6580	GEARAspiWDM     (185ada973b5020655cee342059a86cbb) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:31:54.0256 6580	GEARAspiWDM - ok
16:31:54.0356 6580	gpsvc           (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
16:31:54.0446 6580	gpsvc - ok
16:31:54.0579 6580	gupdate         (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files\Google\Update\GoogleUpdate.exe
16:31:54.0750 6580	gupdate - ok
16:31:54.0754 6580	gupdatem        (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files\Google\Update\GoogleUpdate.exe
16:31:54.0835 6580	gupdatem - ok
16:31:54.0914 6580	gzflt           (479664fa3e1bd3e0b828971a0d500d4e) C:\Windows\system32\DRIVERS\gzflt.sys
16:31:55.0118 6580	gzflt - ok
16:31:55.0187 6580	hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
16:31:55.0314 6580	hcw85cir - ok
16:31:55.0493 6580	HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
16:31:55.0582 6580	HdAudAddService - ok
16:31:55.0636 6580	HDAudBus        (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
16:31:55.0726 6580	HDAudBus - ok
16:31:55.0809 6580	HidBatt         (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
16:31:55.0872 6580	HidBatt - ok
16:31:55.0906 6580	HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
16:31:55.0958 6580	HidBth - ok
16:31:55.0985 6580	HidIr           (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
16:31:56.0074 6580	HidIr - ok
16:31:56.0118 6580	hidserv         (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
16:31:56.0253 6580	hidserv - ok
16:31:56.0328 6580	HidUsb          (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
16:31:56.0464 6580	HidUsb - ok
16:31:56.0505 6580	hkmsvc          (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
16:31:56.0572 6580	hkmsvc - ok
16:31:56.0613 6580	HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
16:31:56.0672 6580	HomeGroupListener - ok
16:31:56.0896 6580	HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
16:31:57.0042 6580	HomeGroupProvider - ok
16:31:57.0110 6580	HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
16:31:57.0154 6580	HpSAMD - ok
16:31:57.0272 6580	HPWMISVC        (2bec76bdcd1bc080210325e7b5094834) C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
16:31:57.0414 6580	HPWMISVC - ok
16:31:57.0531 6580	HTTP            (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
16:31:57.0650 6580	HTTP - ok
16:31:57.0692 6580	hwpolicy        (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
16:31:57.0783 6580	hwpolicy - ok
16:31:57.0838 6580	i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
16:31:57.0990 6580	i8042prt - ok
16:31:58.0063 6580	iaStor          (db81f413fa4e3f328cad7b5d59ef3f21) C:\Windows\system32\DRIVERS\iaStor.sys
16:31:58.0182 6580	iaStor - ok
16:31:58.0258 6580	IAStorDataMgrSvc (d41861e56e7552c13674d7f147a02464) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:31:58.0301 6580	IAStorDataMgrSvc - ok
16:31:58.0362 6580	iaStorV         (a3cae5d281db4cff7cff8233507ee5ad) C:\Windows\system32\drivers\iaStorV.sys
16:31:58.0482 6580	iaStorV - ok
16:31:58.0687 6580	IconMan_R       (e4693409d06785477a49fb34afae1b92) C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
16:31:58.0856 6580	IconMan_R ( UnsignedFile.Multi.Generic ) - warning
16:31:58.0856 6580	IconMan_R - detected UnsignedFile.Multi.Generic (1)
16:31:59.0746 6580	idsvc           (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:32:00.0248 6580	idsvc - ok
16:32:00.0933 6580	igfx            (8cc51204bce551b90b45e97be446c48b) C:\Windows\system32\DRIVERS\igdkmd32.sys
16:32:01.0418 6580	igfx - ok
16:32:02.0155 6580	iirsp           (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
16:32:02.0201 6580	iirsp - ok
16:32:02.0369 6580	IKEEXT          (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
16:32:02.0477 6580	IKEEXT - ok
16:32:02.0568 6580	IntcDAud        (6a6e1b319a47fa7af2ae6b6815ae9854) C:\Windows\system32\DRIVERS\IntcDAud.sys
16:32:02.0677 6580	IntcDAud - ok
16:32:02.0807 6580	intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
16:32:02.0863 6580	intelide - ok
16:32:02.0938 6580	intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
16:32:02.0999 6580	intelppm - ok
16:32:03.0108 6580	IPBusEnum       (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
16:32:03.0177 6580	IPBusEnum - ok
16:32:03.0216 6580	IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:32:03.0302 6580	IpFilterDriver - ok
16:32:03.0441 6580	iphlpsvc        (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
16:32:03.0634 6580	iphlpsvc - ok
16:32:03.0681 6580	IPMIDRV         (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
16:32:03.0729 6580	IPMIDRV - ok
16:32:03.0791 6580	IPNAT           (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
16:32:03.0865 6580	IPNAT - ok
16:32:03.0976 6580	iPod Service    (ef1c51222117b37afbff8f4642ea8c62) C:\Program Files\iPod\bin\iPodService.exe
16:32:04.0055 6580	iPod Service - ok
16:32:04.0079 6580	IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
16:32:04.0173 6580	IRENUM - ok
16:32:04.0217 6580	isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
16:32:04.0282 6580	isapnp - ok
16:32:04.0336 6580	iScsiPrt        (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
16:32:04.0388 6580	iScsiPrt - ok
16:32:04.0422 6580	kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
16:32:04.0475 6580	kbdclass - ok
16:32:04.0533 6580	kbdhid          (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
16:32:04.0587 6580	kbdhid - ok
16:32:04.0628 6580	KeyIso          (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
16:32:04.0652 6580	KeyIso - ok
16:32:04.0682 6580	KSecDD          (b7895b4182c0d16f6efadeb8081e8d36) C:\Windows\system32\Drivers\ksecdd.sys
16:32:04.0725 6580	KSecDD - ok
16:32:04.0753 6580	KSecPkg         (d30159ac9237519fbc62c6ec247d2d46) C:\Windows\system32\Drivers\ksecpkg.sys
16:32:04.0817 6580	KSecPkg - ok
16:32:04.0880 6580	KtmRm           (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
16:32:04.0987 6580	KtmRm - ok
16:32:05.0054 6580	LanmanServer    (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
16:32:05.0163 6580	LanmanServer - ok
16:32:05.0215 6580	LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
16:32:05.0301 6580	LanmanWorkstation - ok
16:32:05.0351 6580	lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
16:32:05.0409 6580	lltdio - ok
16:32:05.0498 6580	lltdsvc         (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
16:32:05.0593 6580	lltdsvc - ok
16:32:05.0606 6580	lmhosts         (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
16:32:05.0658 6580	lmhosts - ok
16:32:05.0692 6580	LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:32:05.0741 6580	LSI_FC - ok
16:32:05.0918 6580	LSI_SAS         (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:32:06.0045 6580	LSI_SAS - ok
16:32:06.0083 6580	LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:32:06.0123 6580	LSI_SAS2 - ok
16:32:06.0179 6580	LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:32:06.0231 6580	LSI_SCSI - ok
16:32:06.0256 6580	luafv           (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
16:32:06.0352 6580	luafv - ok
16:32:06.0364 6580	massfilter - ok
16:32:06.0404 6580	Mcx2Svc         (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
16:32:06.0434 6580	Mcx2Svc - ok
16:32:06.0467 6580	megasas         (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
16:32:06.0545 6580	megasas - ok
16:32:06.0581 6580	MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
16:32:06.0704 6580	MegaSR - ok
16:32:06.0750 6580	MEI             (d86ac00883b9c98b570e7643aaf8e554) C:\Windows\system32\DRIVERS\HECI.sys
16:32:06.0802 6580	MEI - ok
16:32:06.0855 6580	MEMSWEEP2 - ok
16:32:06.0908 6580	MMCSS           (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
16:32:07.0000 6580	MMCSS - ok
16:32:07.0060 6580	Modem           (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
16:32:07.0117 6580	Modem - ok
16:32:07.0169 6580	monitor         (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
16:32:07.0231 6580	monitor - ok
16:32:07.0279 6580	mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
16:32:07.0316 6580	mouclass - ok
16:32:07.0358 6580	mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
16:32:07.0393 6580	mouhid - ok
16:32:07.0442 6580	mountmgr        (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
16:32:07.0559 6580	mountmgr - ok
16:32:07.0643 6580	MozillaMaintenance (9c3758018ded02f4ae53cca1c5f084a2) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:32:07.0695 6580	MozillaMaintenance - ok
16:32:07.0753 6580	mpio            (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
16:32:07.0868 6580	mpio - ok
16:32:07.0938 6580	mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
16:32:08.0045 6580	mpsdrv - ok
16:32:08.0125 6580	MpsSvc          (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
16:32:08.0223 6580	MpsSvc - ok
16:32:08.0271 6580	MRxDAV          (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
16:32:08.0327 6580	MRxDAV - ok
16:32:08.0385 6580	mrxsmb          (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:32:08.0453 6580	mrxsmb - ok
16:32:08.0493 6580	mrxsmb10        (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:32:08.0604 6580	mrxsmb10 - ok
16:32:08.0628 6580	mrxsmb20        (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:32:08.0703 6580	mrxsmb20 - ok
16:32:08.0756 6580	msahci          (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
16:32:08.0798 6580	msahci - ok
16:32:08.0843 6580	msdsm           (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
16:32:08.0900 6580	msdsm - ok
16:32:08.0939 6580	MSDTC           (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
16:32:09.0055 6580	MSDTC - ok
16:32:09.0103 6580	Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
16:32:09.0158 6580	Msfs - ok
16:32:09.0216 6580	mshidkmdf       (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
16:32:09.0265 6580	mshidkmdf - ok
16:32:09.0309 6580	msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
16:32:09.0384 6580	msisadrv - ok
16:32:09.0445 6580	MSiSCSI         (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
16:32:09.0510 6580	MSiSCSI - ok
16:32:09.0521 6580	msiserver - ok
16:32:09.0573 6580	MSKSSRV         (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
16:32:09.0649 6580	MSKSSRV - ok
16:32:09.0669 6580	MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
16:32:09.0745 6580	MSPCLOCK - ok
16:32:09.0756 6580	MSPQM           (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
16:32:09.0810 6580	MSPQM - ok
16:32:09.0845 6580	MsRPC           (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
16:32:09.0914 6580	MsRPC - ok
16:32:09.0963 6580	mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
16:32:10.0035 6580	mssmbios - ok
16:32:10.0088 6580	MSTEE           (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
16:32:10.0151 6580	MSTEE - ok
16:32:10.0190 6580	MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
16:32:10.0249 6580	MTConfig - ok
16:32:10.0274 6580	Mup             (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
16:32:10.0330 6580	Mup - ok
16:32:10.0409 6580	napagent        (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
16:32:10.0483 6580	napagent - ok
16:32:10.0525 6580	NativeWifiP     (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
16:32:10.0649 6580	NativeWifiP - ok
16:32:11.0008 6580	NDIS            (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
16:32:11.0226 6580	NDIS - ok
16:32:11.0303 6580	NdisCap         (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
16:32:11.0358 6580	NdisCap - ok
16:32:11.0378 6580	NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
16:32:11.0431 6580	NdisTapi - ok
16:32:11.0626 6580	Ndisuio         (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
16:32:11.0680 6580	Ndisuio - ok
16:32:11.0872 6580	NdisWan         (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
16:32:11.0967 6580	NdisWan - ok
16:32:12.0070 6580	NDProxy         (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
16:32:12.0129 6580	NDProxy - ok
16:32:12.0215 6580	NetBIOS         (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
16:32:12.0278 6580	NetBIOS - ok
16:32:12.0417 6580	NetBT           (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
16:32:12.0626 6580	NetBT - ok
16:32:12.0722 6580	Netlogon        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
16:32:12.0745 6580	Netlogon - ok
16:32:12.0902 6580	Netman          (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
16:32:12.0962 6580	Netman - ok
16:32:13.0051 6580	netprofm        (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
16:32:13.0170 6580	netprofm - ok
16:32:13.0373 6580	NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:32:13.0407 6580	NetTcpPortSharing - ok
16:32:13.0474 6580	nfrd960         (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
16:32:13.0513 6580	nfrd960 - ok
16:32:13.0764 6580	NlaSvc          (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
16:32:13.0848 6580	NlaSvc - ok
16:32:13.0954 6580	npf             (b48dc6abcd3aeff8618350ccbdc6b09a) C:\Windows\system32\drivers\npf.sys
16:32:13.0993 6580	npf - ok
16:32:14.0146 6580	Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
16:32:14.0202 6580	Npfs - ok
16:32:14.0360 6580	nsi             (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
16:32:14.0410 6580	nsi - ok
16:32:14.0489 6580	nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
16:32:14.0564 6580	nsiproxy - ok
16:32:14.0716 6580	Ntfs            (33c3093d09017cfe2e219f2472bff6eb) C:\Windows\system32\drivers\Ntfs.sys
16:32:14.0843 6580	Ntfs - ok
16:32:17.0467 6580	Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
16:32:17.0528 6580	Null - ok
16:32:17.0633 6580	nvraid          (af2eec9580c1d32fb7eaf105d9784061) C:\Windows\system32\drivers\nvraid.sys
16:32:17.0749 6580	nvraid - ok
16:32:17.0810 6580	nvstor          (9283c58ebaa2618f93482eb5dabcec82) C:\Windows\system32\drivers\nvstor.sys
16:32:17.0899 6580	nvstor - ok
16:32:17.0937 6580	nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
16:32:18.0004 6580	nv_agp - ok
16:32:18.0062 6580	ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
16:32:18.0099 6580	ohci1394 - ok
16:32:18.0171 6580	p2pimsvc        (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
16:32:18.0248 6580	p2pimsvc - ok
16:32:18.0300 6580	p2psvc          (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
16:32:18.0353 6580	p2psvc - ok
16:32:18.0397 6580	Parport         (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
16:32:18.0435 6580	Parport - ok
16:32:18.0510 6580	partmgr         (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
16:32:18.0548 6580	partmgr - ok
16:32:18.0574 6580	Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
16:32:18.0642 6580	Parvdm - ok
16:32:18.0679 6580	PcaSvc          (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
16:32:18.0727 6580	PcaSvc - ok
16:32:18.0776 6580	pci             (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
16:32:18.0827 6580	pci - ok
16:32:18.0845 6580	pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
16:32:18.0930 6580	pciide - ok
16:32:18.0973 6580	pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
16:32:19.0061 6580	pcmcia - ok
16:32:19.0088 6580	pcw             (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
16:32:19.0137 6580	pcw - ok
16:32:19.0250 6580	PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
16:32:19.0343 6580	PEAUTH - ok
16:32:19.0473 6580	PeerDistSvc     (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
16:32:19.0559 6580	PeerDistSvc - ok
16:32:19.0776 6580	pla             (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
16:32:19.0912 6580	pla - ok
16:32:20.0837 6580	PlugPlay        (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
16:32:20.0955 6580	PlugPlay - ok
16:32:21.0009 6580	PNRPAutoReg     (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
16:32:21.0057 6580	PNRPAutoReg - ok
16:32:21.0229 6580	PNRPsvc         (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
16:32:21.0286 6580	PNRPsvc - ok
16:32:21.0372 6580	PolicyAgent     (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
16:32:21.0465 6580	PolicyAgent - ok
16:32:21.0556 6580	Power           (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
16:32:21.0686 6580	Power - ok
16:32:21.0801 6580	PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
16:32:21.0868 6580	PptpMiniport - ok
16:32:21.0897 6580	Processor       (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
16:32:21.0957 6580	Processor - ok
16:32:22.0027 6580	ProfSvc         (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
16:32:22.0141 6580	ProfSvc - ok
16:32:22.0175 6580	ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
16:32:22.0203 6580	ProtectedStorage - ok
16:32:22.0301 6580	Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
16:32:22.0431 6580	Psched - ok
16:32:22.0575 6580	ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
16:32:22.0760 6580	ql2300 - ok
16:32:23.0188 6580	ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
16:32:23.0256 6580	ql40xx - ok
16:32:23.0362 6580	QWAVE           (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
16:32:23.0429 6580	QWAVE - ok
16:32:23.0460 6580	QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
16:32:23.0528 6580	QWAVEdrv - ok
16:32:23.0566 6580	RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
16:32:23.0643 6580	RasAcd - ok
16:32:23.0796 6580	RasAgileVpn     (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:32:23.0866 6580	RasAgileVpn - ok
16:32:24.0383 6580	RasAuto         (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
16:32:24.0441 6580	RasAuto - ok
16:32:24.0726 6580	Rasl2tp         (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:32:24.0797 6580	Rasl2tp - ok
16:32:25.0485 6580	RasMan          (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
16:32:25.0600 6580	RasMan - ok
16:32:25.0920 6580	RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
16:32:26.0019 6580	RasPppoe - ok
16:32:26.0066 6580	RasSstp         (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
16:32:26.0152 6580	RasSstp - ok
16:32:26.0383 6580	rdbss           (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
16:32:26.0508 6580	rdbss - ok
16:32:26.0600 6580	rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
16:32:26.0703 6580	rdpbus - ok
16:32:26.0770 6580	RDPCDD          (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:32:26.0844 6580	RDPCDD - ok
16:32:26.0899 6580	RDPDR           (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
16:32:26.0981 6580	RDPDR - ok
16:32:27.0029 6580	RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
16:32:27.0150 6580	RDPENCDD - ok
16:32:27.0202 6580	RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
16:32:27.0251 6580	RDPREFMP - ok
16:32:27.0318 6580	RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys
16:32:27.0377 6580	RdpVideoMiniport - ok
16:32:27.0467 6580	RDPWD           (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
16:32:27.0555 6580	RDPWD - ok
16:32:27.0672 6580	rdyboost        (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
16:32:27.0721 6580	rdyboost - ok
16:32:27.0784 6580	RemoteAccess    (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
16:32:27.0854 6580	RemoteAccess - ok
16:32:27.0892 6580	RemoteRegistry  (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
16:32:27.0992 6580	RemoteRegistry - ok
16:32:28.0542 6580	RFCOMM          (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
16:32:28.0692 6580	RFCOMM - ok
16:32:28.0915 6580	RpcEptMapper    (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
16:32:29.0045 6580	RpcEptMapper - ok
16:32:29.0161 6580	RpcLocator      (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
16:32:29.0193 6580	RpcLocator - ok
16:32:29.0865 6580	RpcSs           (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
16:32:29.0921 6580	RpcSs - ok
16:32:30.0218 6580	RSPCIESTOR      (4ada96cdedca3ca8dd70f51575f6a7af) C:\Windows\system32\DRIVERS\RtsPStor.sys
16:32:30.0310 6580	RSPCIESTOR - ok
16:32:30.0359 6580	rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
16:32:30.0436 6580	rspndr - ok
16:32:30.0683 6580	RTL2832UBDA     (0085adfe591291b219badf2d3ebd0beb) C:\Windows\system32\drivers\RTL2832UBDA.sys
16:32:30.0751 6580	RTL2832UBDA - ok
16:32:30.0786 6580	RTL2832UUSB     (653347dbf9ce61b104f237d7b2b33ccf) C:\Windows\system32\Drivers\RTL2832UUSB.sys
16:32:30.0827 6580	RTL2832UUSB - ok
16:32:30.0857 6580	RTL2832U_IRHID  (13ab7ec17c94acfe93f96ec96bd6b05d) C:\Windows\system32\DRIVERS\RTL2832U_IRHID.sys
16:32:30.0921 6580	RTL2832U_IRHID - ok
16:32:30.0988 6580	RTL8167         (fb3ca58c5447432b8e10c0df3d4d2a1b) C:\Windows\system32\DRIVERS\Rt86win7.sys
16:32:31.0065 6580	RTL8167 - ok
16:32:31.0098 6580	s3cap           (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
16:32:31.0222 6580	s3cap - ok
16:32:31.0280 6580	SamSs           (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
16:32:31.0312 6580	SamSs - ok
16:32:31.0366 6580	sbp2port        (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
16:32:31.0442 6580	sbp2port - ok
16:32:31.0476 6580	SCardSvr        (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
16:32:31.0566 6580	SCardSvr - ok
16:32:31.0630 6580	scfilter        (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
16:32:31.0696 6580	scfilter - ok
16:32:31.0782 6580	Schedule        (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
16:32:31.0866 6580	Schedule - ok
16:32:31.0901 6580	SCPolicySvc     (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
16:32:31.0952 6580	SCPolicySvc - ok
16:32:32.0051 6580	SDRSVC          (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
16:32:32.0116 6580	SDRSVC - ok
16:32:32.0191 6580	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
16:32:32.0282 6580	secdrv - ok
16:32:32.0350 6580	seclogon        (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
16:32:32.0396 6580	seclogon - ok
16:32:32.0485 6580	SENS            (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
16:32:32.0533 6580	SENS - ok
16:32:32.0615 6580	SensrSvc        (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
16:32:32.0676 6580	SensrSvc - ok
16:32:32.0698 6580	Serenum         (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
16:32:32.0743 6580	Serenum - ok
16:32:32.0785 6580	Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
16:32:33.0035 6580	Serial - ok
16:32:33.0160 6580	sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
16:32:33.0198 6580	sermouse - ok
16:32:33.0267 6580	SessionEnv      (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
16:32:33.0333 6580	SessionEnv - ok
16:32:33.0391 6580	sffdisk         (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
16:32:33.0426 6580	sffdisk - ok
16:32:33.0460 6580	sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
16:32:33.0496 6580	sffp_mmc - ok
16:32:33.0530 6580	sffp_sd         (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
16:32:33.0567 6580	sffp_sd - ok
16:32:33.0629 6580	sfloppy         (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
16:32:33.0684 6580	sfloppy - ok
16:32:34.0013 6580	SharedAccess    (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
16:32:34.0152 6580	SharedAccess - ok
16:32:34.0307 6580	ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
16:32:34.0378 6580	ShellHWDetection - ok
16:32:34.0513 6580	sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
16:32:34.0554 6580	sisagp - ok
16:32:34.0595 6580	SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:32:34.0631 6580	SiSRaid2 - ok
16:32:34.0699 6580	SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
16:32:34.0760 6580	SiSRaid4 - ok
16:32:35.0376 6580	Skype C2C Service (388ae59fe75f1b959dfa0900923c61bb) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
16:32:35.0568 6580	Skype C2C Service - ok
16:32:35.0814 6580	SkypeUpdate     (a4fab5f7818a69da6e740943cb8f7ca9) C:\Program Files\Skype\Updater\Updater.exe
16:32:35.0947 6580	SkypeUpdate - ok
16:32:36.0370 6580	Smb             (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
16:32:36.0429 6580	Smb - ok
16:32:36.0554 6580	SNMPTRAP        (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
16:32:36.0614 6580	SNMPTRAP - ok
16:32:36.0728 6580	spldr           (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
16:32:36.0761 6580	spldr - ok
16:32:37.0005 6580	Spooler         (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
16:32:37.0130 6580	Spooler - ok
16:32:37.0661 6580	sppsvc          (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
16:32:37.0908 6580	sppsvc - ok
16:32:38.0382 6580	sppuinotify     (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
16:32:38.0439 6580	sppuinotify - ok
16:32:39.0082 6580	srv             (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
16:32:39.0264 6580	srv - ok
16:32:39.0659 6580	srv2            (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
16:32:39.0750 6580	srv2 - ok
16:32:40.0198 6580	srvnet          (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
16:32:40.0303 6580	srvnet - ok
16:32:40.0789 6580	SSDPSRV         (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
16:32:40.0862 6580	SSDPSRV - ok
16:32:40.0975 6580	ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
16:32:41.0010 6580	ssmdrv - ok
16:32:41.0454 6580	SstpSvc         (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
16:32:41.0559 6580	SstpSvc - ok
16:32:41.0696 6580	stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
16:32:41.0729 6580	stexstor - ok
16:32:42.0005 6580	StiSvc          (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
16:32:42.0083 6580	StiSvc - ok
16:32:42.0176 6580	storflt         (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
16:32:42.0214 6580	storflt - ok
16:32:42.0403 6580	storvsc         (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
16:32:42.0438 6580	storvsc - ok
16:32:42.0483 6580	swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
16:32:42.0517 6580	swenum - ok
16:32:42.0631 6580	swprv           (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
16:32:42.0782 6580	swprv - ok
16:32:42.0819 6580	Synth3dVsc - ok
16:32:43.0224 6580	SynTP           (6dd49e1a5fa0f01824652f1a0a8866fb) C:\Windows\system32\DRIVERS\SynTP.sys
16:32:43.0386 6580	SynTP - ok
16:32:43.0755 6580	SysMain         (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
16:32:43.0886 6580	SysMain - ok
16:32:43.0986 6580	TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
16:32:44.0031 6580	TabletInputService - ok
16:32:44.0157 6580	TapiSrv         (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
16:32:44.0215 6580	TapiSrv - ok
16:32:44.0285 6580	TBS             (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
16:32:44.0340 6580	TBS - ok
16:32:44.0563 6580	Tcpip           (a5ebb8f648000e88b7d9390b514976bf) C:\Windows\system32\drivers\tcpip.sys
16:32:45.0138 6580	Tcpip - ok
16:32:45.0849 6580	TCPIP6          (a5ebb8f648000e88b7d9390b514976bf) C:\Windows\system32\DRIVERS\tcpip.sys
16:32:45.0950 6580	TCPIP6 - ok
16:32:46.0989 6580	tcpipreg        (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
16:32:47.0058 6580	tcpipreg - ok
16:32:47.0178 6580	TDPIPE          (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
16:32:47.0286 6580	TDPIPE - ok
16:32:47.0392 6580	TDTCP           (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
16:32:47.0446 6580	TDTCP - ok
16:32:47.0729 6580	tdx             (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
16:32:47.0864 6580	tdx - ok
16:32:48.0012 6580	TermDD          (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
16:32:48.0062 6580	TermDD - ok
16:32:48.0711 6580	TermService     (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
16:32:48.0809 6580	TermService - ok
16:32:49.0029 6580	Themes          (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
16:32:49.0071 6580	Themes - ok
16:32:49.0146 6580	THREADORDER     (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
16:32:49.0190 6580	THREADORDER - ok
16:32:49.0294 6580	TrkWks          (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
16:32:49.0342 6580	TrkWks - ok
16:32:49.0500 6580	trufos          (f2aee22231046cad8d2f94d2c0f9befb) C:\Windows\system32\DRIVERS\trufos.sys
16:32:49.0560 6580	trufos - ok
16:32:50.0118 6580	TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
16:32:50.0238 6580	TrustedInstaller - ok
16:32:50.0301 6580	tssecsrv        (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:32:50.0353 6580	tssecsrv - ok
16:32:50.0680 6580	TsUsbFlt        (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
16:32:50.0777 6580	TsUsbFlt - ok
16:32:50.0785 6580	tsusbhub - ok
16:32:51.0198 6580	tunnel          (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
16:32:51.0271 6580	tunnel - ok
16:32:51.0358 6580	uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
16:32:51.0394 6580	uagp35 - ok
16:32:52.0035 6580	udfs            (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
16:32:52.0153 6580	udfs - ok
16:32:52.0303 6580	UI0Detect       (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
16:32:52.0623 6580	UI0Detect - ok
16:32:52.0845 6580	uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
16:32:52.0905 6580	uliagpkx - ok
16:32:53.0019 6580	umbus           (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
16:32:53.0071 6580	umbus - ok
16:32:53.0178 6580	UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
16:32:53.0210 6580	UmPass - ok
16:32:53.0341 6580	UmRdpService    (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
16:32:53.0373 6580	UmRdpService - ok
16:32:53.0659 6580	UPDATESRV       (32be9dff9a8dfe2eaca30e0a63c523ae) C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
16:32:53.0701 6580	UPDATESRV - ok
16:32:54.0205 6580	upnphost        (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
16:32:54.0295 6580	upnphost - ok
16:32:54.0756 6580	usbccgp         (7e72e7d7e0757d59481d530fd2b0bfae) C:\Windows\system32\DRIVERS\usbccgp.sys
16:32:54.0868 6580	usbccgp - ok
16:32:55.0077 6580	usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
16:32:55.0118 6580	usbcir - ok
16:32:55.0324 6580	usbehci         (cfbce999c057d78979a181c9c60f208e) C:\Windows\system32\drivers\usbehci.sys
16:32:55.0359 6580	usbehci - ok
16:32:55.0415 6580	usbhub          (9d22aad9ac6a07c691a1113e5f860868) C:\Windows\system32\drivers\usbhub.sys
16:32:55.0576 6580	usbhub - ok
16:32:55.0692 6580	usbohci         (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\drivers\usbohci.sys
16:32:55.0784 6580	usbohci - ok
16:32:55.0883 6580	usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
16:32:55.0941 6580	usbprint - ok
16:32:56.0022 6580	usbscan         (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
16:32:56.0060 6580	usbscan - ok
16:32:56.0199 6580	USBSTOR         (bf63ebfc6979fefb2bc03df7989a0c1a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:32:56.0242 6580	USBSTOR - ok
16:32:56.0278 6580	usbuhci         (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\drivers\usbuhci.sys
16:32:56.0309 6580	usbuhci - ok
16:32:56.0350 6580	usbvideo        (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
16:32:56.0392 6580	usbvideo - ok
16:32:56.0577 6580	UxSms           (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
16:32:56.0639 6580	UxSms - ok
16:32:56.0754 6580	VaultSvc        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
16:32:56.0778 6580	VaultSvc - ok
16:32:56.0921 6580	vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
16:32:56.0980 6580	vdrvroot - ok
16:32:57.0682 6580	vds             (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
16:32:57.0857 6580	vds - ok
16:32:57.0953 6580	vga             (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
16:32:58.0003 6580	vga - ok
16:32:58.0056 6580	VgaSave         (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
16:32:58.0110 6580	VgaSave - ok
16:32:58.0123 6580	VGPU - ok
16:32:58.0394 6580	vhdmp           (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
16:32:58.0544 6580	vhdmp - ok
16:32:58.0732 6580	viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
16:32:58.0776 6580	viaagp - ok
16:32:58.0841 6580	ViaC7           (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
16:32:59.0008 6580	ViaC7 - ok
16:32:59.0146 6580	viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
16:32:59.0187 6580	viaide - ok
16:32:59.0348 6580	vmbus           (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
16:32:59.0449 6580	vmbus - ok
16:32:59.0513 6580	VMBusHID        (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
16:32:59.0547 6580	VMBusHID - ok
16:32:59.0655 6580	volmgr          (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
16:32:59.0701 6580	volmgr - ok
16:32:59.0827 6580	volmgrx         (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
16:32:59.0915 6580	volmgrx - ok
16:33:00.0341 6580	volsnap         (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
16:33:00.0483 6580	volsnap - ok
16:33:00.0761 6580	vsmraid         (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
16:33:00.0840 6580	vsmraid - ok
16:33:01.0197 6580	VSS             (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
16:33:01.0509 6580	VSS - ok
16:33:02.0207 6580	VSSERV          (9e4307e413fe90098ac21cc7b9de4146) C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
16:33:02.0318 6580	VSSERV - ok
16:33:02.0625 6580	vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
16:33:02.0664 6580	vwifibus - ok
16:33:02.0855 6580	vwififlt        (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
16:33:03.0085 6580	vwififlt - ok
16:33:03.0189 6580	vwifimp         (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
16:33:03.0261 6580	vwifimp - ok
16:33:03.0466 6580	W32Time         (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
16:33:03.0566 6580	W32Time - ok
16:33:03.0597 6580	WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
16:33:03.0767 6580	WacomPen - ok
16:33:04.0070 6580	WANARP          (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
16:33:04.0191 6580	WANARP - ok
16:33:04.0202 6580	Wanarpv6        (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
16:33:04.0275 6580	Wanarpv6 - ok
16:33:04.0414 6580	WatAdminSvc - ok
16:33:04.0986 6580	wbengine        (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
16:33:05.0290 6580	wbengine - ok
16:33:05.0545 6580	WbioSrvc        (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
16:33:05.0586 6580	WbioSrvc - ok
16:33:06.0857 6580	wcncsvc         (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
16:33:06.0949 6580	wcncsvc - ok
16:33:07.0052 6580	WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
16:33:07.0107 6580	WcsPlugInService - ok
16:33:07.0476 6580	Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
16:33:07.0510 6580	Wd - ok
16:33:08.0561 6580	Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
16:33:08.0891 6580	Wdf01000 - ok
16:33:09.0204 6580	WdiServiceHost  (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
16:33:10.0052 6580	WdiServiceHost - ok
16:33:10.0060 6580	WdiSystemHost   (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
16:33:10.0090 6580	WdiSystemHost - ok
16:33:10.0252 6580	WebClient       (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
16:33:10.0319 6580	WebClient - ok
16:33:10.0690 6580	Wecsvc          (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
16:33:10.0763 6580	Wecsvc - ok
16:33:11.0052 6580	wercplsupport   (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
16:33:11.0176 6580	wercplsupport - ok
16:33:11.0395 6580	WerSvc          (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
16:33:11.0499 6580	WerSvc - ok
16:33:11.0538 6580	WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
16:33:11.0593 6580	WfpLwf - ok
16:33:11.0672 6580	WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
16:33:11.0709 6580	WIMMount - ok
16:33:12.0104 6580	WinDefend       (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
16:33:12.0156 6580	WinDefend - ok
16:33:12.0170 6580	WinHttpAutoProxySvc - ok
16:33:13.0192 6580	Winmgmt         (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
16:33:13.0287 6580	Winmgmt - ok
16:33:14.0818 6580	WinRM           (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
16:33:14.0925 6580	WinRM - ok
16:33:15.0479 6580	WinUsb          (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
16:33:15.0552 6580	WinUsb - ok
16:33:15.0678 6580	Wlansvc         (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
16:33:15.0909 6580	Wlansvc - ok
16:33:16.0021 6580	WmiAcpi         (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
16:33:16.0055 6580	WmiAcpi - ok
16:33:16.0502 6580	wmiApSrv        (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
16:33:16.0824 6580	wmiApSrv - ok
16:33:17.0195 6580	WMPNetworkSvc   (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
16:33:17.0714 6580	WMPNetworkSvc - ok
16:33:18.0172 6580	WPCSvc          (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
16:33:18.0368 6580	WPCSvc - ok
16:33:18.0556 6580	WPDBusEnum      (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
16:33:18.0829 6580	WPDBusEnum - ok
16:33:19.0181 6580	ws2ifsl         (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
16:33:19.0265 6580	ws2ifsl - ok
16:33:19.0419 6580	wscsvc          (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
16:33:19.0778 6580	wscsvc - ok
16:33:19.0885 6580	WSearch - ok
16:33:20.0303 6580	wuauserv        (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
16:33:20.0422 6580	wuauserv - ok
16:33:21.0153 6580	WudfPf          (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
16:33:21.0230 6580	WudfPf - ok
16:33:21.0323 6580	WUDFRd          (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:33:21.0394 6580	WUDFRd - ok
16:33:21.0650 6580	wudfsvc         (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
16:33:21.0769 6580	wudfsvc - ok
16:33:21.0973 6580	WwanSvc         (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
16:33:22.0023 6580	WwanSvc - ok
16:33:22.0048 6580	ZTEusbmdm6k - ok
16:33:22.0062 6580	ZTEusbnmea - ok
16:33:22.0073 6580	ZTEusbser6k - ok
16:33:22.0153 6580	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:33:34.0077 6580	\Device\Harddisk0\DR0 - ok
16:33:34.0139 6580	Boot (0x1200)   (54ba4c37d203c2b279e01a9f91269268) \Device\Harddisk0\DR0\Partition0
16:33:34.0142 6580	\Device\Harddisk0\DR0\Partition0 - ok
16:33:34.0198 6580	Boot (0x1200)   (ec5907c4c3860910eb67263b34c7422c) \Device\Harddisk0\DR0\Partition1
16:33:34.0200 6580	\Device\Harddisk0\DR0\Partition1 - ok
16:33:34.0200 6580	============================================================
16:33:34.0200 6580	Scan finished
16:33:34.0200 6580	============================================================
16:33:34.0220 3908	Detected object count: 3
16:33:34.0220 3908	Actual detected object count: 3
16:34:31.0968 3908	Afc ( UnsignedFile.Multi.Generic ) - skipped by user
16:34:31.0968 3908	Afc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:34:31.0970 3908	Freemake Improver ( UnsignedFile.Multi.Generic ) - skipped by user
16:34:31.0970 3908	Freemake Improver ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:34:31.0973 3908	IconMan_R ( UnsignedFile.Multi.Generic ) - skipped by user
16:34:31.0973 3908	IconMan_R ( UnsignedFile.Multi.Generic ) - User select action: Skip

Alt 04.02.2013, 16:43   #29
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bitdefender: Passwortgeschützte Objekte sind nicht zu finden - Standard

Bitdefender: Passwortgeschützte Objekte sind nicht zu finden


Unauffällig

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 04.02.2013, 17:05   #30
duddl
 
Bitdefender: Passwortgeschützte Objekte sind nicht zu finden - Standard

Bitdefender: Passwortgeschützte Objekte sind nicht zu finden


Code:
ATTFilter
# AdwCleaner v2.110 - Datei am 04/02/2013 um 16:55:58 erstellt
# Aktualisiert am 03/02/2013 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (32 bits)
# Benutzer : Info - ALEXANDER-HP630
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Info\Downloads\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
Datei Gelöscht : C:\Program Files\Mozilla FireFox\searchplugins\Search_Results.xml
Datei Gelöscht : C:\Users\Info\AppData\Roaming\Mozilla\Firefox\Profiles\pqp2dpcc.default\searchplugins\BrowserProtect.xml
Ordner Gelöscht : C:\Program Files\Conduit
Ordner Gelöscht : C:\Program Files\DomaIQ Uninstaller
Ordner Gelöscht : C:\Program Files\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\Users\Info\AppData\Local\APN
Ordner Gelöscht : C:\Users\Info\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Info\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\Users\Info\AppData\LocalLow\Claro LTD
Ordner Gelöscht : C:\Users\Info\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Info\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Info\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Info\AppData\Roaming\DataMgr
Ordner Gelöscht : C:\Users\Info\AppData\Roaming\fbDownloader
Ordner Gelöscht : C:\Users\Info\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Info\AppData\Roaming\PerformerSoft

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\59578cdbbc6fbe49
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\BabylonToolbar
Schlüssel Gelöscht : HKCU\Software\Complitly
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\bhphemoobgnikcoofkgackkaimpfmenm
Schlüssel Gelöscht : HKCU\Software\ilivid
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\SOFTWARE\59578cdbbc6fbe49
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bhphemoobgnikcoofkgackkaimpfmenm
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\defdhglnppeioeflggkmglipcecffkhk
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Complitly_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar
Schlüssel Gelöscht : HKLM\Software\PIP
Schlüssel Gelöscht : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [DataMgr]
Wert Gelöscht : HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel [Homepage]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16457

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=cd92cf51-342e-492a-8fab-a7200a248b0b&searchtype=ds&q={searchTerms} --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.yhs.delta-search.com/?affID=119586&tt=030213_yh&babsrc=HP_ss&mntrId=2ab28cb800000000000026de2ba841cd --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.searchcompletion.com/?si=10195&home=1 --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=cd92cf51-342e-492a-8fab-a7200a248b0b&searchtype=ds&q={searchTerms} --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.searchcompletion.com/?si=10195&home=1 --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=cd92cf51-342e-492a-8fab-a7200a248b0b&searchtype=ds&q={searchTerms} --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.searchcompletion.com/?si=10195&home=1 --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=cd92cf51-342e-492a-8fab-a7200a248b0b&searchtype=ds&q={searchTerms} --> hxxp://www.google.com

-\\ Mozilla Firefox v18.0.1 (de)

Datei : C:\Users\Info\AppData\Roaming\Mozilla\Firefox\Profiles\pqp2dpcc.default\prefs.js

C:\Users\Info\AppData\Roaming\Mozilla\Firefox\Profiles\pqp2dpcc.default\user.js ... Gelöscht !

Gelöscht : user_pref("extensions.BabylonToolbar_i.newTab", true);
Gelöscht : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.yhs.delta-search.com/?affID=119586&tt[...]

-\\ Google Chrome v24.0.1312.57

Datei : C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [336 octets] - [04/02/2013 16:54:40]
AdwCleaner[S2].txt - [9197 octets] - [04/02/2013 16:55:58]

########## EOF - C:\AdwCleaner[S2].txt - [9257 octets] ##########

Antwort
Seite 2 von 4 1 2 34

Themen zu Bitdefender: Passwortgeschützte Objekte sind nicht zu finden
angezeigt, bitdefender, datei, defender, deinstalliert, empfohlen, erstell, erstellt, folge, folgendes, gescannt, geschützte, konnte, lange, malware, objekte, passwortgeschützte, rechtsklick, scan, scanne, scans, spybot, überhaupt, öfters


« Trojaner Bebloh eingefangen oder nicht? | Windows System 32 *.dll Error Virus »


Ähnliche Themen: Bitdefender: Passwortgeschützte Objekte sind nicht zu finden


  1. Passwortgeschützte Archive von Bitfender gefunden
    Log-Analyse und Auswertung - 11.10.2015 (1)
  2. avast erkennt bgbutton finished.png-passwortgeschützte Archive
    Log-Analyse und Auswertung - 01.07.2015 (11)
  3. Kaspersky lässt anfangs Untersuchung nicht starten, untersucht 300 Objekte nicht..
    Antiviren-, Firewall- und andere Schutzprogramme - 23.04.2015 (1)
  4. Kaspersky 241 nicht bearbeitete Objekte
    Log-Analyse und Auswertung - 24.11.2014 (7)
  5. Comodo Firewall +Bitdefender internet oder Bitdefender antivir ?
    Antiviren-, Firewall- und andere Schutzprogramme - 22.08.2014 (6)
  6. Gestern (11.5.) Trojaner über Facebook eingefangen, antimaleware hat 41 Objekte gefunden. Sind in Quarantäne. Wie geht es weiter? Log folgt
    Log-Analyse und Auswertung - 19.05.2014 (11)
  7. WinXP: Saving Bulls mit CCleaner löschen geht nicht - es erscheint Error2: Das System kann die Datei nicht finden
    Plagegeister aller Art und deren Bekämpfung - 29.03.2014 (21)
  8. USB-Sticks zeigen nur Verknüpfungen, Malwarebytes fand Objekte, die mit "PUP optional A(...)" infiziert sind
    Plagegeister aller Art und deren Bekämpfung - 10.03.2014 (9)
  9. Snap Do Suchemaschine/Toolbar nicht zu deinstallieren und in Systemsteuerung unter Programmen nicht zu finden
    Plagegeister aller Art und deren Bekämpfung - 02.09.2013 (34)
  10. Problem mit avira zeigt versteckte befallen objekte an aber kann sie nicht finden!
    Log-Analyse und Auswertung - 22.04.2012 (5)
  11. Bitdefender findet was, Malwarebytes nicht
    Plagegeister aller Art und deren Bekämpfung - 17.05.2010 (1)
  12. BitDefender deinstalliert - BitDefender evtl. nicht installiert/nicht mehr aktuell
    Antiviren-, Firewall- und andere Schutzprogramme - 07.10.2009 (16)
  13. BitDefender scant nicht!!
    Antiviren-, Firewall- und andere Schutzprogramme - 17.05.2009 (0)
  14. GData - Bitdefender finden Trojan.Generic.1607990 in nssutil3.dll
    Plagegeister aller Art und deren Bekämpfung - 17.04.2009 (2)
  15. Firewall, Updates & Bitdefender sind deaktiviert & AntiVir-Installation unmöglich!!!
    Alles rund um Windows - 21.02.2006 (5)
  16. Kaspersky + Passwortgeschützte viren?
    Plagegeister aller Art und deren Bekämpfung - 09.04.2005 (1)
  17. KAV scannt passwortgeschützte ZIP-Archive!?!
    Antiviren-, Firewall- und andere Schutzprogramme - 03.03.2004 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Bitdefender: Passwortgeschützte Objekte sind nicht zu finden - Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen. Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten - Bitdefender: Passwortgeschützte Objekte sind nicht zu finden...
Archiv
Du betrachtest: Bitdefender: Passwortgeschützte Objekte sind nicht zu finden auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55