Gen:Variant.Adware.VidSaver.1 [EngineA]

spartaner007 · 03.03.2013, 09:29

Hallo ...,
ich habe o.g. Schädling auf meinem PC mit der Bitte um Unterstützung.
Mit Malwarebytes (Vers. 1.62) erhielt ich folgendes Ergebnis:

Code:

ATTFilter

 
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.03.02.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
USER :: PC01

02.03.2013 14:17:36
mbam-log-2013-03-02 (14-17-36).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 2070052
Laufzeit: 10 Stunde(n), 23 Minute(n), 11 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKCU\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\215 APPS (PUP.CrossFire.SA) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 1
HKCU\Software\InstalledBrowserExtensions\215 Apps|4479 (PUP.CrossFire.SA) -> Daten: Giant Savings -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

t'john · 03.03.2013, 11:55

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

dann:

Systemscan mit OTL (bebilderte Anleitung)

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden)- Doppelklick auf die OTL.exe

Vista und Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Wähle Scanne Alle Benuzer
Oben findest Du ein Kästchen mit Ausgabe. Wähle bitte Minimale Ausgabe
Unter Extra Registrierung, wähle bitte Benutze SafeList
Klicke nun auf Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles hier in den Thread.

spartaner007 · 10.03.2013, 19:39

Hallo T´John,
der Malwarebytes-Anti-Rootkit-Scan läuft nun schon einige Tage durch.
Kann das sein, dass das so lang dauert?
Im Pfad Windows befinden sich 90.265 Dateien mit 25 GB.
Wie ist dein Hinweis: „Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers“
Kann ich während des Scans den PC benutzen?
Ggf. was darf ich nicht verwenden?
Vielen Dank schon vorab.
MfG Maddin
Hallo T´John,
der Malwarebytes-Anti-Rootkit-Scan läuft nun schon einige Tage durch.
Kann das sein, dass das so lang dauert?
Im Pfad Windows befinden sich 90.265 Dateien mit 25 GB.
Wie ist dein Hinweis: „Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers“
Kann ich während des Scans den PC benutzen?
Ggf. was darf ich nicht verwenden?
Vielen Dank schon vorab.
MfG Maddin

t'john · 12.03.2013, 11:50

Nein, so lange sollte das ncht dauern. Max 10 Minuten.

Bitte mit OTL weitermachen.

spartaner007 · 13.03.2013, 00:11

Hallo t´john,
Hier die Ergebnisse (Teil 1):

Code:

ATTFilter

 
OTL logfile created on: 12.03.2013 12:06:22 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\ALT\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,96 Gb Total Physical Memory | 0,96 Gb Available Physical Memory | 24,37% Memory free
8,08 Gb Paging File | 2,49 Gb Available in Paging File | 30,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 458,50 Gb Total Space | 282,11 Gb Free Space | 61,53% Space Free | Partition Type: NTFS
Drive D: | 7,17 Gb Total Space | 0,92 Gb Free Space | 12,80% Space Free | Partition Type: NTFS
Drive K: | 55,85 Gb Total Space | 6,00 Gb Free Space | 10,74% Space Free | Partition Type: NTFS
Drive L: | 55,85 Gb Total Space | 6,00 Gb Free Space | 10,74% Space Free | Partition Type: NTFS
Drive P: | 55,85 Gb Total Space | 6,00 Gb Free Space | 10,74% Space Free | Partition Type: NTFS
Drive Q: | 55,85 Gb Total Space | 6,00 Gb Free Space | 10,74% Space Free | Partition Type: NTFS
 
Computer Name: PC01 | User Name: ALT | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days
 
========== Processes (SafeList) ==========
 
PRC -  File not found
PRC - C:\Users\ALT\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\ALT\Desktop\mbar-1.01.0.1021\mbar\mbar.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\PhraseExpress\phraseexpress.exe (Bartels Media GmbH)
PRC - C:\Program Files (x86)\Efuah\iDesk\iDeskService\iDeskService.exe ()
PRC - C:\Program Files (x86)\Efuah\iDesk\iDeskService\ideskpython.exe (Efuah Mediengruppe)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe (DATA BECKER GmbH & Co KG)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Vetad\PROGRAMM\K0005032\Vetad.Bop.Base.Cso.Service.Mediator.exe (Vetad eG)
PRC - C:\Vetad\PROGRAMM\K0005032\Vetad.Bop.Base.Cso.UI.Host.exe (Vetad eG)
PRC - C:\Vetad\PROGRAMM\K0005064\Vetad.Bop.Sso.ServiceHost.exe (Vetad eG)
PRC - C:\Vetad\PROGRAMM\K0005064\Vetad.Bop.Base.Sso.ServiceHost.exe (Vetad eG)
PRC - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
PRC - C:\Vetad\PROGRAMM\K0005002\Vetad.Sdd.Ui.EditHost.StartupService.exe (Vetad eG)
PRC - C:\Program Files (x86)\Biet-O-Matic\Biet-O-Matic.exe (www.bid-o-matic.org)
PRC - C:\Vetad\SYSTEM\Vetad.Framework.RemoteServiceModel.GenericService2010.exe (Vetad eG)
PRC - C:\Program Files (x86)\Opera\opera.exe (Opera Software)
PRC - C:\Vetad\SYSTEM\Nuko\NKWLOGIN.exe (Vetad eG)
PRC - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
PRC - C:\Vetad\PROGRAMM\B0000150\ScServer\DVckService.exe (Vetad eG)
PRC - C:\Vetad\PROGRAMM\B0000150\ScServer\DV_WOW64_Server.exe (Vetad eG)
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe ()
PRC - C:\Vetad\PROGRAMM\B0000398\SiPaHost.exe (Vetad eG)
PRC - C:\Vetad\PROGRAMM\B0000000\DFUEMNGR\DfueMan.exe (Vetad eG)
PRC - C:\Vetad\PROGRAMM\D0100000\Vetad.Framework.RemoteServiceModel.GenericService2010.exe (Vetad eG)
PRC - C:\Vetad\PROGRAMM\Install\DvInesASDSvc.Exe (Vetad eG)
PRC - C:\Vetad\PROGRAMM\B0000398\SiPaHostService.exe (Vetad eG)
PRC - C:\Vetad\PROGRAMM\B0001442\PSNTServ.exe (Vetad eG)
PRC - C:\Vetad\PROGRAMM\B0000000\DFUEMNGR\DcManag.exe (Vetad eG)
PRC - C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe (G Data Software AG)
PRC - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\AVKClient\AVKCl.exe (G Data Software AG)
PRC - C:\Program Files (x86)\AGFEO\Tk-Suite\tools\ctimon.exe (AGFEO      )
PRC - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe (HP)
PRC - C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe (HP)
PRC - C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe (HP)
PRC - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis)
PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
PRC - C:\Vetad\PROGRAMM\B0000404\msdisrv.exe (KOBIL Systems GmbH)
PRC - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe (Nuance Communications, Inc.)
PRC - C:\Program Files (x86)\Nuance\PDF Professional 7\PDFProFiltSrv.exe (Nuance Communications, Inc.)
PRC - C:\Program Files (x86)\Ashampoo\Ashampoo Snap 3\ashsnap.exe (ashampoo GmbH & Co. KG)
PRC - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Program Files (x86)\klickTel\klickTel OEM Frühjahr 2010\KSTART32.EXE (telegate MEDIA AG)
PRC - C:\Vetad\PROGRAMM\A0000007\DHNC.exe ()
PRC - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
PRC - C:\Vetad\SYSTEM\RzpjWtch.exe (Vetad eG)
PRC - C:\lotus\organize\easyclip6.exe (Lotus Development Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\766ccafdc4a09b964aa9286a15bca48a\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\ce70182f0348fc21a07409afd4a922f5\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Infragistics2.Win.v#\9cac989c464da69fb3a18b58e469c384\Infragistics2.Win.v10.2.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Infragistics2.Win.U#\4e1e9c2be1eeb7589ce44da4956e2515\Infragistics2.Win.UltraWinTree.v10.2.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Infragistics2.Win.U#\9aac81ed5d3e52e6aa61f24860d349cd\Infragistics2.Win.UltraWinToolbars.v10.2.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Infragistics2.Win.U#\cfc5670a23d6a33f87bc443397d6ff17\Infragistics2.Win.UltraWinTabControl.v10.2.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Infragistics2.Win.U#\e6bf6acd1aede8f5047768ad3cbcb59d\Infragistics2.Win.UltraWinTabbedMdi.v10.2.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Infragistics2.Win.U#\fc8c9bc8b937117615a565d06e0e8d04\Infragistics2.Win.UltraWinPrintPreviewDialog.v10.2.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Infragistics2.Win.U#\e884ead48a1ab70cbc32f912e0427507\Infragistics2.Win.UltraWinGrid.v10.2.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Infragistics2.Win.U#\6d87756c7097bc7ab08acdcf99193890\Infragistics2.Win.UltraWinExplorerBar.v10.2.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Infragistics2.Win.U#\219a3c34eec4eb696e2a7d2d40b6c6f6\Infragistics2.Win.UltraWinDock.v10.2.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Infragistics2.Win.U#\d586fe2ae46eee391d79c865fad918eb\Infragistics2.Win.UltraWinCalcManager.v10.2.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Infragistics2.Win.M#\0ae414b58afe755cc58cb2ad38909822\Infragistics2.Win.Misc.v10.2.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Infragistics2.Share#\4c3ce4bcba868259d5ba5861981ff64a\Infragistics2.Shared.v10.2.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.IrwBasis.Syst#\5a95e2043731f5ec0bf67b96a336b3ea\Vetad.IrwBasis.SystemComponents.AppFrame.Workflow.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.IrwBasis.Syst#\619465d4bca08feaf98d0d19d89d65fd\Vetad.IrwBasis.SystemComponents.AppFrame.Interface.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.IrwBasis.Kern#\fd766e9c09e03e0d893180655e5c843c\Vetad.IrwBasis.Kernel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Win#\c8d4decaba26c101c7168a5595b8505c\Vetad.Framework.Windows.StatusBars.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Win#\b9cd6c8f25fc0ab2098db19e4f784294\Vetad.Framework.Windows.ToolWindows.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Win#\893c064f9365bd80089a9919f604aa7d\Vetad.Framework.Windows.SkinBuilder.ExtendedControls.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Win#\fab34327c0c41d704d7605dbf2fddb78\Vetad.Framework.Windows.Skinning.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Win#\2643bc4400c9db5db3ef96ef2bcdc38d\Vetad.Framework.Windows.SkinBuilder.CommonControls.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Win#\95d6b8e034945a50596479e0827eb6c8\Vetad.Framework.Windows.Shell.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Win#\e8deece91915a394d81fc9c3074f97d6\Vetad.Framework.Windows.ObjectExplorer.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Win#\e9d08e97e056c50bfb1c4e1673d1b993\Vetad.Framework.Windows.Help.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Win#\e0ff4cc7651d5c1ae5b9d928c625d86e\Vetad.Framework.Windows.MessageListeners.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Win#\d772fa79e965d5d6f319141c04212e5f\Vetad.Framework.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Win#\179805049a7118ba4937f9bbea4c54ed\Vetad.Framework.Windows.Controls.Interface.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Win#\1abd18b244433e1006496db1a6f8405a\Vetad.Framework.Windows.Controls.UIAutomation.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Win#\ddb0498c72b6798cc001976fc172da1c\Vetad.Framework.Windows.Controls.ExtenderProviders.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Win#\d706915b5ff0a7c6783314f4b1078692\Vetad.Framework.Windows.Controls.ExtendedGrid.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Win#\c5a9c86869b162b172a1b8021d48f5ad\Vetad.Framework.Windows.Controls.ExtendedControls.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Win#\8bb346c17d68551bd96a0743c5b97bab\Vetad.Framework.Windows.Controls.ExtendedChart.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Win#\ca948663b0d5e65720d27df188c90f4f\Vetad.Framework.Windows.Controls.ComplexControls.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Win#\061d8b87b9c1df686d99d0de97c0ab2c\Vetad.Framework.Windows.Controls.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Win#\c68775ffcc6041f6d0752195e206159a\Vetad.Framework.Windows.Controls.Common.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Win#\f6fe624daf47b6f90aa865537be78460\Vetad.Framework.Windows.CommandBars.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Rem#\3b815c2c27ffedfcdab494fe1031ad22\Vetad.Framework.RemoteServiceModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Mic#\312893ed0ac8f2bb4ccd1ecfe46e9946\Vetad.Framework.MicroParts.Presentation.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Int#\b028b02eb428f4504f4604ee0a2f3aff\Vetad.Framework.Interop.OfficeObjectModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Int#\3c7f015e9b611147c33b144af4038e49\Vetad.Framework.Interop.Office.Word14.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Int#\983d42f3c42040402e8edf06cc3e516d\Vetad.Framework.Interop.Office.MSOffice14.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Int#\8c52b03b4e763554377afe3aa9b0db01\Vetad.Framework.Interop.Office.Goal.Common.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Int#\ca2c4b3f4042225705b4c3d17c08f156\Vetad.Framework.Interop.Office.Goal.MSOTypes.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Int#\50696978dcd85e49041572bc74971039\Vetad.Framework.Interop.Office.Goal.BSOffice.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Int#\9def93c94de5d2119e806ff8d69fdcdc\Vetad.Framework.Interop.Office.Goal.Basics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Int#\34135d13d816ab82952543285a05e647\Vetad.Framework.Interop.Office.Extensions.OfficeUI.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Int#\2acab206aa47f62a676b8788195c2767\Vetad.Framework.Interop.Office.Extensions.DDMA.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Int#\13d5c41073aa5280979eec7f44d3ce4a\Vetad.Framework.Interop.Office.Extensions.Base.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Sdd.Ui.Editho#\6fbb317da1ff900d1db1a55b5b885f1f\Vetad.Sdd.Ui.Edithost.Workflow.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Sdd.Ui.EditHo#\687a0637cdcd6b590964f340a048b039\Vetad.Sdd.Ui.EditHost.StartupService.Business.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Sdd.Ui.Editho#\9a4b1f1dc195fe593d2e305dd13fb6fb\Vetad.Sdd.Ui.Edithost.Presentation.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Sdd.Ui.Editho#\0f36994a5946402dc850b90c2440e23e\Vetad.Sdd.Ui.Edithost.Business.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\39f4c7717661667c68f9af8c4f6402b9\System.Windows.Forms.ni.dll ()
MOD - C:\Program Files (x86)\PhraseExpress\pexlang.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Sdd.UI.Client#\7b75561a02fe103419d0a046e382e455\Vetad.Sdd.UI.ClientInterfaces.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Sdd.UI.PlugIn#\769afe20263aa70c05e9c3ebdf04bc3d\Vetad.Sdd.UI.PlugInInterfaces.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Sdd.BusinessC#\5b6a11ed1d12a2aedc55627928f794ca\Vetad.Sdd.BusinessCore.Interfaces.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.IrwBasis.Syst#\b2369b53043b41a2aec59b3d61065949\Vetad.IrwBasis.SystemComponents.Data.Interface.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.IrwBasis.Syst#\2c930b6959dec51efea9275dd9e5c029\Vetad.IrwBasis.SystemComponents.Data.DataAccess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.IrwBasis.Syst#\e7169a9fe0c5dc95a8319c9701b506e3\Vetad.IrwBasis.SystemComponents.Common.DataAccessDependent.Interface.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.IrwBasis.Syst#\9de15a7ee18fa4fe66b25ae988948c7d\Vetad.IrwBasis.SystemComponents.Common.DataAccessDependent.Business.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.IrwBasis.Syst#\9e97e62d50b839b5c225522eb8003c08\Vetad.IrwBasis.SystemComponents.AppFrame.PlugIn.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.IrwBasis.Reso#\005bdfc1b1a285ec2e22752a5f1cbf0d\Vetad.IrwBasis.ResourceData.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.IrwBasis.Kern#\6d74cffc95cdfd02188316b1896292c4\Vetad.IrwBasis.Kernel.ProgramLink.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Sdd.Ui.EditHo#\7bf87871fdac54f470b13a0ebbb9b26c\Vetad.Sdd.Ui.EditHost.StartupService.Interface.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Sdd.Ui.EditHo#\0639715e212ed7a758a07f7ec752a577\Vetad.Sdd.Ui.EditHost.StartupService.Resources.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Sdd.Ui.Editho#\0c345a4398893c5fc613a9605bc2b805\Vetad.Sdd.Ui.Edithost.Resources.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Sdd.Ui.Editho#\8c7569b98f5a247d89df7fa350f7dab4\Vetad.Sdd.Ui.Edithost.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Sdd.Ui.Editho#\f6c2caaf95e65bfe025e5aa30fe7e781\Vetad.Sdd.Ui.Edithost.Interfaces.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Sdd.Transport#\556bb7bcfff08e75b2b856aab9f2bbf7\Vetad.Sdd.TransportInterfaces.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Lexinform.Ser#\8fba1c3463a73361124255eb561b3077\Vetad.Lexinform.Services.LexinformBase.LicenceRetriever.Business.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Vetad.Deo.Basis\6.7.0.0__cbc631f1c682336b\Vetad.Deo.Basis.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Vetad.Interop.KonfigDBAX\1.0.0.0__cbc631f1c682336b\Vetad.Interop.KonfigDBAX.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Vetad.Deo.Meta\6.7.0.0__cbc631f1c682336b\Vetad.Deo.Meta.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Vetad.Deo.Connect\6.7.0.0__cbc631f1c682336b\Vetad.Deo.Connect.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Vetad.Deo.Utilities\6.7.0.0__cbc631f1c682336b\Vetad.Deo.Utilities.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Vetad.Deo.Interface\6.7.0.0__cbc631f1c682336b\Vetad.Deo.Interface.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Security.Iden#\2b77dd95ae115fd7dd4965ceff40f70f\Vetad.Security.IdentityManagement.IamClaimService.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Security.Iden#\4b66190dec76f5932c6c8759314ec638\Vetad.Security.IdentityManagement.Database.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Network.Inter#\342205de858a50dcdf1416afb5c2adbd\Vetad.Network.Interfaces.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Network.PlugIn\b33f822de731535158dc6ec3d7a988ac\Vetad.Network.PlugIn.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Network\1b02d0ec7854cf6abda2bf8062aae29b\Vetad.Network.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Win#\d73ed3a453a36cde94f1a12320f00a23\Vetad.Framework.Windows.AdditionalLocalization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Val#\be30a43e37f07f4aa7084e1477c6af30\Vetad.Framework.Validation.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Und#\dd5ad100ecaed0c5f1b19b7f50f12174\Vetad.Framework.UndoRedo.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Ser#\e13301521a3d8088f2d3eb442a564d8a\Vetad.Framework.ServiceBus.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Res#\6c69a312252d49cddc988749dd4fbc21\Vetad.Framework.ResourceData.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Mic#\45cbc39f5780153b7ac5f9135c2503ce\Vetad.Framework.MicroParts.Workflow.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Mes#\7955b7c205b54e90f194b9e7d23d37a3\Vetad.Framework.Messages.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Mic#\4162f606c021e55f575f0ba7f782ce41\Vetad.Framework.MicroParts.Interface.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Mic#\1c3443630a1879c0bb32a4e6b38efaed\Vetad.Framework.MicroParts.Business.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Lic#\f4ee7a528aaab01e903da9cfe1c2f6a9\Vetad.Framework.Licensing.PlugIn.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Lic#\3d1a2bed3f87831ba208858a0f1df344\Vetad.Framework.LicenseManagement.PlugIn.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Int#\fd29ba5f2f4d68e25966e42689fd28e9\Vetad.Framework.Interface.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Int#\ec8616a9831a45facb15c9724bf986eb\Vetad.Framework.Interop.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Fil#\86540c8f8fbde2d4d647ed8a012b3b07\Vetad.Framework.Filter.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Env#\5cd800ecdc7df7c8e2202d2f713acb48\Vetad.Framework.Environment.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Dat#\db844d972a2a77189ba97e885938a937\Vetad.Framework.Dataelements.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Dat#\e2139fe0a1d781257b231abf5a2b8ec1\Vetad.Framework.Data.PlugIn.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Dat#\b6b6bac58a712ef64c285a6267f4f8ad\Vetad.Framework.Data.Daly.DataObjects.Interface.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Act#\1606857c8dfbf50910155b3c34238754\Vetad.Framework.Actions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Bus#\0ca819f8233cceb6eab342ff1ddbfbb9\Vetad.Framework.BusinessParts.Interface.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Database.Publ#\ab89e7b4cd898e0df79a24956453b396\Vetad.Database.PublicInterfaces.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Database.Cons#\ab3157a29cb4f83221539eca0b14558e\Vetad.Database.ConserveManager.PlugIn.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Database.Comm#\39393f7433dfdbaa57bcbad23d5c56a2\Vetad.Database.Common.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.ConfigDB.Stor#\78feaae28fc5ed268623a98b850072f9\Vetad.ConfigDB.StorageProvider.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.ConfigDB.Inte#\a5474eb3845f503eead6363d5a34a318\Vetad.ConfigDB.Interfaces.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.ConfigDB.Plug#\af473a4535e1fba3528063821be23a40\Vetad.ConfigDB.PlugIn.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.ConfigDB\49ec49d5635cedcf702c3c040f903d7b\Vetad.ConfigDB.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Lexinform.Ser#\15987b5ebe2a9653537a3d8be7b0bd4b\Vetad.Lexinform.Services.SemanticRecognition.Interface.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Lexinform.Ser#\bad87390df683fcc3abc61126010d2af\Vetad.Lexinform.Services.SemanticRecognition.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Lexinform.Ser#\474005e4f22288d30811831341a75f3e\Vetad.Lexinform.Services.LexinformSearch.Business.LocalSearch.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Lexinform.Ser#\7dfcec0862676f980fe836a41995bdf4\Vetad.Lexinform.Services.Search.Interface.Server.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Lexinform.Ser#\bd48e9857ed3fcd1947778962378edbf\Vetad.Lexinform.Services.LexinformSearch.Business.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Lexinform.Ser#\16c4159d164af65d95d5edcc996e7396\Vetad.Lexinform.Services.LexinformBase.ServiceContracts.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Lexinform.Ser#\41fbba89171246486146a7c5257355e6\Vetad.Lexinform.Services.LexinformBase.Interface.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Lexinform.Ser#\961edd41d4bece76ad98c69e5516aa27\Vetad.Lexinform.Services.LexinformBase.Business.Server.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Lexinform.Ser#\93ce6e805355bf29f5e821aa4603d017\Vetad.Lexinform.Services.LexinformBase.Business.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Lexinform.Ser#\a15b8fbec033174ed6a43106228ad76d\Vetad.Lexinform.Services.Document.Strategies.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Lexinform.Ser#\9ef4eec843e9978f222935d8d4f664e8\Vetad.Lexinform.Services.Document.ServiceContracts.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Lexinform.Ser#\c9768ddec77db1b0c621039c62c95845\Vetad.Lexinform.Services.Document.Business.Server.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Lexinform.Ser#\01e36a77d28bdb204e7692e842c87108\Vetad.Lexinform.Services.Document.Interface.ni.dll ()
MOD - C:\Windows\assembly\GAC_32\Vetad.Framework.Licensing.Wrapper\4.0.0.0__cbc631f1c682336b\Vetad.Framework.Licensing.Wrapper.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Rem#\f022aa3886b58f2020b1c87e9b89b17b\Vetad.Framework.RemoteServiceModel.GenericServiceBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Hos#\440507bee2a67350090e535b1172a36a\Vetad.Framework.Hosting.Interface.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Dia#\f6a1f5e9f8fb3b284e7355c3715760ae\Vetad.Framework.Diagnostics.RealTimeTracing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Mic#\6bcfa3a5b15d2ec1983d02e7f792462c\Vetad.Framework.MicroKernel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\c1b67737c13c99776cde5989ec2885c8\System.IdentityModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\a0445401f2473a1aa4b66c9c0791c7f6\System.ServiceModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\41c8b10b4eee399c4abfa970b73ecd74\System.Data.DataSetExtensions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\a1b65a602c75409c0c1ce7fa1f2a0983\UIAutomationProvider.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Cach#\2fa72afe543bb02b4f728efc2166d58c\System.Runtime.Caching.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\5ea93652e4752c75bc6fbb195b4eb864\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\1d254fbc811d0de6c54a9d9c428c4497\System.EnterpriseServices.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\1d254fbc811d0de6c54a9d9c428c4497\System.EnterpriseServices.Wrapper.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\e7b4706dfe18f29486dbaf5d35e01765\System.Runtime.DurableInstancing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\dcb0e7d56ffca14d7c483103235b11ad\System.Transactions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\910fe53ec2122cf3a2ad11c2b2f5cbfd\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\ef7642a4f2724135d445e2ea36582e78\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Int#\cf0222541a24e6bcde2f37e6ccb74fd2\Vetad.Framework.Interop.Office.Goal.Text.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Int#\295d066c19aaa9b78bd865f7ad50121d\Vetad.Framework.Interop.Office.Goal.ObjectFactory.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Int#\951b7a20c020be96cd83390945d06d4e\Vetad.Framework.Interop.Office.Goal.Component.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Int#\0886925ba9a0661cd4d9c0f105cbe907\Vetad.Framework.Interop.Office.Goal.Business.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Int#\351e30c8c77c74ae8995133e7454b0a4\Vetad.Framework.Interop.Office.Goal.Calc.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Int#\3923c778f6c38048959ece8b02cec629\Vetad.Framework.Interop.Office.Goal.Base.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Int#\86e38d6a89308c85304d8076072f768f\Vetad.Framework.Interop.Office.Goal.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Int#\9e43f4b02639050339063da838e8bd37\Vetad.Framework.Interop.Office.Extensions.BSOfficeMenu.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vetad.Framework.Int#\a3f883f5132cd35f088c6139ad57b82a\Vetad.Framework.Interop.Office.Extensions.Compatibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\14850aef08b8af036fd6f1e5b38a3719\CustomMarshalers.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\866894ebe5258bf9f45d6b063229e990\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Accessibility\e290208a6d4ea4451ac118f1e0c3b488\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\bd5f32f9081b6307cadda7422145553e\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\01c6cb58745f397c9b7ccf3ab7bfc9cd\System.EnterpriseServices.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\536d704e93ffec9b54e4a0312fb5b996\System.Transactions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\01c6cb58745f397c9b7ccf3ab7bfc9cd\System.EnterpriseServices.Wrapper.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\9071f089ab65d518d1bd7e8fa857a95f\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\e6f1669a51fbf73520ae79dca19f005e\Microsoft.CSharp.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\ebd8e7de507b634d15b3e16614270f06\System.Dynamic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\27dcf04ed7a3506045597c02a5a1fc31\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5de5d8c1c02e33789e3cf7e3f54c0ec9\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\c300c8ca0910bbffb16a244b56be6d05\System.Numerics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll ()
MOD - C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll ()
MOD - C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Vetad.Interop.DVPCDBCOMServer711\1.0.10.0__cbc631f1c682336b\Vetad.Interop.DVPCDBCOMServer711.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll ()
MOD - C:\Vetad\SYSTEM\DVCCSASCMtf001.dll ()
MOD - C:\Vetad\SYSTEM\DVCCDBNETCONVAPIAX300.DLL ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - C:\Program Files (x86)\AGFEO\Tk-Suite\tools\imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\AGFEO\Tk-Suite\tools\imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\AGFEO\Tk-Suite\tools\sqldrivers\qsqlite4.dll ()
MOD - C:\Program Files (x86)\AGFEO\Tk-Suite\tools\QtWebKit4.dll ()
MOD - C:\Program Files (x86)\AGFEO\Tk-Suite\tools\QtScript4.dll ()
MOD - C:\Program Files (x86)\AGFEO\Tk-Suite\tools\phonon4.dll ()
MOD - C:\Program Files (x86)\AGFEO\Tk-Suite\tools\QtGui4.dll ()
MOD - C:\Program Files (x86)\AGFEO\Tk-Suite\tools\QtSql4.dll ()
MOD - C:\Program Files (x86)\AGFEO\Tk-Suite\tools\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\AGFEO\Tk-Suite\tools\QtCore4.dll ()
MOD - C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf ()
MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\Nuance\PDF Professional 7\PDFCOffice2007Addin.dll ()
MOD - C:\Program Files (x86)\Ashampoo\Ashampoo Snap 3\MouseHook.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()
MOD - C:\Vetad\PROGRAMM\A0000007\DHNC.exe ()
MOD - C:\Vetad\SYSTEM\DvDfvkBas002.dll ()
MOD - C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll ()
MOD - C:\Vetad\SYSTEM\DVBSKNFOMT109.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (hasplms) -- C:\Windows\SysNative\hasplms.exe (SafeNet Inc.)
SRV:64bit: - (Intel(R) -- C:\Windows\SysNative\IPROSetMonitor.exe (Intel Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (HRService) -- C:\Program Files (x86)\Efuah\iDesk\iDeskService\iDeskService.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (DBService) -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe (DATA BECKER GmbH & Co KG)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (afcdpsrv) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
SRV - (DVckService) -- C:\Vetad\PROGRAMM\B0000150\ScServer\DVckService.exe (Vetad eG)
SRV - (vToolbarUpdater12.2.0) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe ()
SRV - (Vetad Update-Service) -- C:\Vetad\PROGRAMM\Install\DvInesASDSvc.Exe (Vetad eG)
SRV - (Sicherheitspaket-Dienst) -- C:\Vetad\PROGRAMM\B0000398\SiPaHostService.exe (Vetad eG)
SRV - (VetadPrintService) -- C:\Vetad\PROGRAMM\B0001442\PSNTServ.exe (Vetad eG)
SRV - (Dcmanag) -- C:\Vetad\PROGRAMM\B0000000\DFUEMNGR\DcManag.exe (Vetad eG)
SRV - (GDScan) -- C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe (G Data Software AG)
SRV - (AVKProxy) -- C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe (G Data Software AG)
SRV - (AntiVirusKit Client) -- C:\Program Files (x86)\G Data\AVKClient\AVKCl.exe (G Data Software AG)
SRV - (AVKWCtl) -- C:\Program Files (x86)\G Data\AVKClient\AVKWCtlX64.exe (G Data Software AG)
SRV - (GDBackupSvc) -- C:\Program Files (x86)\G Data\AVKClient\AVKBackupService.exe (G Data Software AG)
SRV - (FPLService) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe (HP)
SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Hewlett-Packard Company)
SRV - (syncagentsrv) -- C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis)
SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
SRV - (KOBIL_MSDI) -- C:\Vetad\PROGRAMM\B0000404\msdisrv.exe (KOBIL Systems GmbH)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe (Intel Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (PDFProFiltSrv) -- C:\Program Files (x86)\Nuance\PDF Professional 7\PDFProFiltSrv.exe (Nuance Communications, Inc.)
SRV - (IviRegMgr) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (PSI_SVC_2) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (mbamswissarmy) -- C:\Windows\SysNative\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV:64bit: - (mbamchameleon) -- C:\Windows\SysNative\drivers\mbamchameleon.sys ()
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (HookCentre) -- C:\Windows\SysNative\drivers\HookCentre.sys (G Data Software AG)
DRV:64bit: - (GDMnIcpt) -- C:\Windows\SysNative\drivers\MiniIcpt.sys (G Data Software AG)
DRV:64bit: - (GDBehave) -- C:\Windows\SysNative\drivers\GDBehave.sys (G Data Software AG)
DRV:64bit: - (gdwfpcd) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys (G Data Software AG)
DRV:64bit: - (GRD) -- C:\Windows\SysNative\drivers\GRD.sys (G Data Software)
DRV:64bit: - (KOBCCID) -- C:\Windows\SysNative\drivers\KOBCCID.sys (KOBIL Systems GmbH)
DRV:64bit: - (vidsflt58) -- C:\Windows\SysNative\drivers\vsflt58.sys (Acronis)
DRV:64bit: - (afcdp) -- C:\Windows\SysNative\drivers\afcdp.sys (Acronis)
DRV:64bit: - (tdrpman) -- C:\Windows\SysNative\drivers\tdrpman.sys (Acronis)
DRV:64bit: - (timounter) -- C:\Windows\SysNative\drivers\timntr.sys (Acronis)
DRV:64bit: - (vididr) -- C:\Windows\SysNative\drivers\vididr.sys (Acronis)
DRV:64bit: - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis)
DRV:64bit: - (fltsrv) -- C:\Windows\SysNative\drivers\fltsrv.sys (Acronis)
DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
DRV:64bit: - (SC_SERV3D) -- C:\Windows\SysNative\drivers\d3_kafm.sys (Vetad eG)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (KOBCCEX) -- C:\Windows\SysNative\drivers\KOBCCEX.sys (KOBIL Systems GmbH)
DRV:64bit: - (pmxdrv) -- C:\Windows\SysNative\drivers\pmxdrv.sys ()
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (aksfridge) -- C:\Windows\SysNative\drivers\aksfridge.sys (SafeNet Inc.)
DRV:64bit: - (aksdf) -- C:\Windows\SysNative\drivers\aksdf.sys (SafeNet Inc.)
DRV:64bit: - (hardlock) -- C:\Windows\SysNative\drivers\hardlock.sys (SafeNet Inc.)
DRV:64bit: - (e1cexpress) -- C:\Windows\SysNative\drivers\e1c62x64.sys (Intel Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (IFCoEVB) -- C:\Windows\SysNative\drivers\ifP52x64.sys (Intel(R) Corporation)
DRV:64bit: - (IFCoEMP) -- C:\Windows\SysNative\drivers\ifM52x64.sys (Intel(R) Corporation)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (acedrv11) -- C:\Windows\SysNative\drivers\acedrv11.sys (Protect Software GmbH)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/28
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMDTDF&pc=CMDTDF&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=110&systemid=102&sr=0&q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMDTDF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/28
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/28
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMDTDF&pc=CMDTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=110&systemid=102&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMDTDF
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-3819896947-3942532061-1754202372-1137\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
IE - HKU\S-1-5-21-3819896947-3942532061-1754202372-1137\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
IE - HKU\S-1-5-21-3819896947-3942532061-1754202372-1137\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMDTDF&pc=CMDTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-3819896947-3942532061-1754202372-1137\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=110&systemid=102&sr=0&q={searchTerms}
IE - HKU\S-1-5-21-3819896947-3942532061-1754202372-1137\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMDTDF
IE - HKU\S-1-5-21-3819896947-3942532061-1754202372-1137\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: crossriderapp4479%40crossrider.com:0.88.83
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@Vetad.de/Vetad_BestellManager,version=1.7: C:\Vetad\PROGRAMM\A0000015\npdvbm.dll ( Vetad eG)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll (Zeon Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.11 09:51:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2008.02.22 16:24:06 | 000,095,832 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.12.16 10:34:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2008.02.22 16:24:06 | 000,095,832 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.12.16 10:34:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2008.02.22 16:24:06 | 000,095,832 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.12.16 10:34:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2008.02.22 16:24:06 | 000,095,832 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.12.16 10:34:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2008.02.22 16:24:06 | 000,095,832 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.12.16 10:34:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2008.02.22 16:24:06 | 000,095,832 | ---- | M] ()
 
[2012.11.22 00:23:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ALT\AppData\Roaming\mozilla\Extensions
[2012.01.04 19:20:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ALT\AppData\Roaming\mozilla\Extensions\ideskbrowser@Efuah.de
[2013.02.11 09:19:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ALT\AppData\Roaming\mozilla\Firefox\Profiles\rd42lxr8.default\Extensions
[2013.02.11 09:19:32 | 000,000,000 | ---D | M] ("Giant Savings") -- C:\Users\ALT\AppData\Roaming\mozilla\Firefox\Profiles\rd42lxr8.default\Extensions\crossriderapp4479@crossrider.com
[2013.02.11 09:19:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ALT\AppData\Roaming\mozilla\Firefox\Profiles\rd42lxr8.default\Extensions\crossriderapp4479@crossrider.com\chrome\content\extensionCode
[2013.02.11 09:51:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.02.11 09:51:49 | 000,000,000 | ---D | M] (TrueSuite Website Logon) -- C:\Program Files (x86)\mozilla firefox\extensions\websitelogon@truesuite.com
[2013.02.11 09:51:51 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.03.22 18:14:48 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.02 11:00:35 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.03.22 18:14:48 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.03.22 18:14:48 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.22 18:14:48 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.22 18:14:48 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.11.10 22:41:43 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
O2:64bit: - BHO: (SCardBHOEvent Class) - {AF8CD625-E04A-4A8F-A90A-0C74846C2E30} - C:\Vetad\SYSTEM\DVCCSASCardBHO64002.dll (Vetad eG)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Giant Savings) - {11111111-1111-1111-1111-110011441179} - C:\Program Files (x86)\Giant Savings\Giant Savings.dll (215 Apps)
O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll (Zeon Corporation)
O2 - BHO: (DtvIePwdSafeBHO Class) - {6EF6B546-25FB-455B-801F-FDB3B3D39F9E} - C:\Vetad\PROGRAMM\B0000397\DtvIePwdSafe.dll (Vetad eG)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
O2 - BHO: (SCardBHOEvent Class) - {AF8CD625-E04A-4A8F-A90A-0C74846C2E30} - C:\Vetad\SYSTEM\DVCCSASCardBHO002.dll (Vetad eG)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (ZeonIEEventHelper Class) - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (Nuance PDF) - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AVK Client] C:\Program Files (x86)\G Data\AVKClient\AVKCl.exe (G Data Software AG)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [Vetad_SCardMan]  File not found
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [Nuance PDF Converter Professional 7-reminder] C:\Program Files (x86)\Nuance\PDF Professional 7\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDF7 Registry Controller] C:\Program Files (x86)\Nuance\PDF Professional 7\RegistryController.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SiPaHost] C:\Vetad\PROGRAMM\B0000398\SiPaHost.exe (Vetad eG)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-3819896947-3942532061-1754202372-1137..\Run: [AshSnap] C:\Program Files (x86)\Ashampoo\Ashampoo Snap 6\ashsnap.exe File not found
O4 - HKU\S-1-5-21-3819896947-3942532061-1754202372-1137..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKLM..\RunOnce: [Z1] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Users\ALT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\klickTel OEM Frühjahr 2010 - Schnellstarter.lnk = C:\Program Files (x86)\klickTel\klickTel OEM Frühjahr 2010\KSTART32.EXE (telegate MEDIA AG)
O4 - Startup: C:\Users\ALT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lotus Organizer EasyClip.lnk = C:\lotus\organize\easyclip6.exe (Lotus Development Corporation)
O4 - Startup: C:\Users\ALT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PhraseExpress Diagnose-Modus.lnk = C:\Program Files (x86)\PhraseExpress\phraseexpress.exe (Bartels Media GmbH)
O4 - Startup: C:\Users\ALT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TK-Suite Client.lnk = C:\Program Files (x86)\AGFEO\Tk-Suite\tools\ctimon.exe (AGFEO      )
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3819896947-3942532061-1754202372-1137\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3819896947-3942532061-1754202372-1137\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3819896947-3942532061-1754202372-1137\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8:64bit: - Extra context menu item: Inhalt der ausgewählten Links an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8:64bit: - Extra context menu item: Linkinhalt an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8:64bit: - Extra context menu item: Mit Nuance PDF Converter 7.0 öffnen - C:\Program Files (x86)\Nuance\PDF Professional 7\cnvres_ger.dll (Nuance Communications, Inc.)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: PDF-Datei aus Linkinhalt erstellen - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8:64bit: - Extra context menu item: PDF-Datei erstellen - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8:64bit: - Extra context menu item: PDF-Dateien aus den ausgewählten Links erstellen - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: An vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: Inhalt der ausgewählten Links an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: Linkinhalt an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: Mit Nuance PDF Converter 7.0 öffnen - C:\Program Files (x86)\Nuance\PDF Professional 7\cnvres_ger.dll (Nuance Communications, Inc.)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: PDF-Datei aus Linkinhalt erstellen - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: PDF-Datei erstellen - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: PDF-Dateien aus den ausgewählten Links erstellen - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O9 - Extra Button: Web-Eintrag - {B4E30F61-16D9-11D3-85D1-005004229569} - c:\lotus\organize\bandobjs.dll ()
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3819896947-3942532061-1754202372-1137\..Trusted Domains: Vetad.com ([]http is out of zone range - 5)
O15 - HKU\S-1-5-21-3819896947-3942532061-1754202372-1137\..Trusted Domains: Vetad.com ([]https is out of zone range - 5)
O15 - HKU\S-1-5-21-3819896947-3942532061-1754202372-1137\..Trusted Domains: Vetad.de ([]http is out of zone range - 5)
O15 - HKU\S-1-5-21-3819896947-3942532061-1754202372-1137\..Trusted Domains: Vetad.de ([]https is out of zone range - 5)
O15 - HKU\S-1-5-21-3819896947-3942532061-1754202372-1137\..Trusted Domains: Vetad.de ([www] http is out of zone range -  5)
O15 - HKU\S-1-5-21-3819896947-3942532061-1754202372-1137\..Trusted Domains: Vetad.de ([www] https is out of zone range -  5)
O15 - HKU\S-1-5-21-3819896947-3942532061-1754202372-1137\..Trusted Domains: Vetadnet.de ([*.services] http is out of zone range -  5)
O15 - HKU\S-1-5-21-3819896947-3942532061-1754202372-1137\..Trusted Domains: Vetadnet.de ([*.services] https is out of zone range -  5)
O15 - HKU\S-1-5-21-3819896947-3942532061-1754202372-1137\..Trusted Domains: Vetadstadt.de ([]http is out of zone range - 5)
O15 - HKU\S-1-5-21-3819896947-3942532061-1754202372-1137\..Trusted Domains: Vetadstadt.de ([]https is out of zone range - 5)
O16:64bit: - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex64-2.2.6.0.cab (DLM Control)
O16 - DPF: {15BE8BEE-4105-4A79-B385-25068AA967DB} hxxp://de1.iradiopop.com/IRD/pages/VBIMDPlayer.CAB (VBIRDPlayer.Player)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 1.7.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 10.13.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.199.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Home.local
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D3BA4BEC-0264-43CF-B7B3-57C797E79215}: DhcpNameServer = 192.168.199.10
O18:64bit: - Protocol\Handler\Efuahreader - No CLSID value found
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\Efuahreader - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 360 Days ==========
 
[2013.03.12 12:00:07 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\ALT\Desktop\OTL.exe
[2013.03.06 00:10:06 | 000,157,000 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamswissarmy.sys
[2013.03.06 00:09:44 | 000,000,000 | ---D | C] -- C:\Users\ALT\Desktop\mbar-1.01.0.1021
[2013.03.02 14:13:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.03.02 14:13:36 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.03.02 14:13:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.02.28 17:08:59 | 000,000,000 | ---D | C] -- C:\Users\ALT\AppData\Roaming\elsterformular
[2013.02.28 03:01:06 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013.02.28 03:01:06 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013.02.28 03:01:06 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013.02.28 03:01:06 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013.02.28 03:00:58 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013.02.28 03:00:58 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013.02.28 03:00:51 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013.02.28 03:00:51 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013.02.28 03:00:51 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013.02.28 03:00:51 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.02.28 03:00:51 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.02.28 03:00:51 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.02.28 03:00:51 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.02.28 03:00:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.02.28 03:00:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.02.28 03:00:51 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.02.28 03:00:51 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.02.28 03:00:50 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.02.28 03:00:50 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013.02.28 03:00:50 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.02.28 03:00:50 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013.02.28 03:00:50 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013.02.28 03:00:50 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013.02.28 03:00:50 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013.02.28 03:00:50 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013.02.28 03:00:50 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013.02.28 03:00:50 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013.02.28 03:00:50 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.02.28 03:00:50 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.02.28 03:00:50 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.02.28 03:00:50 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.02.28 03:00:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.02.28 03:00:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.02.28 03:00:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013.02.28 03:00:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013.02.28 03:00:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.02.28 03:00:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.02.28 03:00:49 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013.02.28 03:00:49 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.02.28 03:00:49 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.02.28 03:00:49 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013.02.17 08:07:20 | 000,000,000 | ---D | C] -- C:\Users\ALT\Documents\NWB
[2013.02.13 23:54:53 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.02.13 23:54:53 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.02.13 23:54:52 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.02.13 23:54:52 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.02.13 23:54:52 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.02.13 23:54:52 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.02.13 23:54:52 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.02.13 23:54:52 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.02.13 23:54:51 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.02.13 23:54:51 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.02.13 23:54:51 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.02.13 23:54:51 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.02.13 23:54:50 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.02.13 23:54:50 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.02.13 23:54:50 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.02.13 08:35:26 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.02.13 08:35:26 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.02.13 08:35:26 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.02.13 08:35:15 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.02.13 08:35:15 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.02.13 08:35:15 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.02.13 08:35:15 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.02.13 08:35:15 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.02.13 08:35:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.02.13 08:35:09 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013.02.11 09:51:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.02.08 08:55:19 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.02.08 08:55:14 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.02.08 08:55:14 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.02.08 08:55:14 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.02.08 08:55:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013.02.08 08:54:00 | 000,310,688 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.02.08 08:53:53 | 000,188,832 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.02.08 08:53:53 | 000,108,448 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013.02.08 08:53:52 | 000,188,320 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.02.08 08:53:49 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.01.27 16:33:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\test und FINANZtest Archiv CD-Rom 2011
[2013.01.27 16:22:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\test und FINANZtest Archiv CD-Rom 2012
[2013.01.17 14:03:15 | 001,085,344 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2013.01.17 14:03:15 | 000,963,488 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2013.01.17 14:02:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.01.09 09:14:51 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013.01.09 09:14:50 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013.01.09 09:10:20 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013.01.09 09:10:19 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013.01.09 09:10:14 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013.01.09 09:10:14 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013.01.09 09:10:14 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013.01.09 09:10:14 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013.01.09 09:10:14 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013.01.09 09:10:14 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013.01.09 09:10:14 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013.01.09 09:10:14 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013.01.09 09:10:14 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013.01.09 09:10:14 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013.01.09 09:10:14 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013.01.09 09:10:14 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013.01.09 09:10:14 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013.01.09 09:10:14 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013.01.09 09:10:14 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013.01.09 09:10:14 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013.01.09 09:10:14 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013.01.09 09:10:14 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013.01.09 09:10:14 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013.01.09 09:10:14 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013.01.09 09:10:13 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013.01.09 09:10:13 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013.01.09 09:10:13 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013.01.09 09:10:12 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013.01.09 09:10:12 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013.01.09 09:10:12 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013.01.09 09:10:12 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013.01.09 09:10:12 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013.01.09 09:10:12 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013.01.09 09:10:12 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013.01.09 09:10:12 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013.01.09 09:10:12 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013.01.09 09:09:16 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013.01.09 09:09:15 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013.01.09 09:09:15 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013.01.09 09:09:15 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013.01.09 09:09:15 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013.01.09 09:09:15 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013.01.09 09:09:15 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013.01.09 09:09:15 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013.01.09 09:09:15 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013.01.09 09:09:15 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013.01.09 09:09:15 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013.01.09 09:09:15 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.09 09:09:15 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.09 09:09:15 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.09 09:09:15 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.09 09:09:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.09 09:09:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.09 09:09:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013.01.09 09:09:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013.01.09 09:09:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013.01.09 09:09:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.09 09:09:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.09 09:09:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013.01.09 09:09:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013.01.09 09:09:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013.01.09 09:08:25 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2012.12.21 17:46:38 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012.12.21 17:46:38 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012.12.21 17:46:36 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012.12.21 17:46:34 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012.12.16 13:14:24 | 000,000,000 | ---D | C] -- C:\Users\ALT\AppData\Local\DATA BECKER
[2012.12.16 12:48:30 | 000,000,000 | ---D | C] -- C:\Users\ALT\AppData\Roaming\ProtectDISC
[2012.12.16 12:36:26 | 000,000,000 | ---D | C] -- C:\Users\ALT\Documents\Erzeugte Websites
[2012.12.16 12:36:23 | 000,000,000 | ---D | C] -- C:\Users\ALT\Documents\video to date
[2012.12.16 12:35:54 | 000,000,000 | ---D | C] -- C:\Users\ALT\Documents\web to date Projekte
[2012.12.16 12:35:52 | 000,000,000 | ---D | C] -- C:\Users\ALT\Documents\shop to date Projekte
[2012.12.16 10:35:14 | 000,000,000 | ---D | C] -- C:\ProgramData\DATA BECKER Downloads
[2012.12.16 10:34:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ProtectDisc
[2012.12.16 10:34:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ProtectDisc Driver Installer
[2012.12.16 10:34:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DATA BECKER Shared
[2012.12.16 10:33:54 | 000,151,552 | ---- | C] (Info-ZIP) -- C:\Windows\SysWow64\w2dzip32.dll
[2012.12.16 10:32:28 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\flxgdde.dll
[2012.12.13 07:41:17 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2012.12.13 07:41:17 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2012.12.06 00:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeCommander
[2012.12.06 00:05:36 | 000,000,000 | ---D | C] -- C:\Users\ALT\AppData\Roaming\FreeCommander
[2012.12.06 00:05:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeCommander
[2012.12.05 21:20:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2012.12.05 19:20:12 | 000,000,000 | ---D | C] -- C:\Users\ALT\AppData\Roaming\JDownloaderDownloadManagerPackages
[2012.12.05 19:19:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DownloadManager
[2012.12.05 19:17:58 | 000,000,000 | ---D | C] -- C:\Users\ALT\AppData\Local\Google
[2012.12.05 19:17:58 | 000,000,000 | ---D | C] -- C:\Users\ALT\AppData\Local\Giant Savings
[2012.12.05 19:17:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Giant Savings
[2012.12.05 12:05:47 | 000,000,000 | ---D | C] -- C:\Program Files\FreeCommanderPortable
[2012.12.05 10:58:21 | 000,000,000 | R--D | C] -- C:\Users\ALT\Desktop\_Pruefungsberichte
[2012.12.03 17:15:54 | 000,106,648 | ---- | C] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys
[2012.11.22 13:34:58 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2012.11.22 02:15:42 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.11.22 00:23:12 | 000,000,000 | ---D | C] -- C:\Users\ALT\AppData\Local\jZip
[2012.11.22 00:22:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\jZip
[2012.11.17 00:55:17 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2012.11.17 00:55:17 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2012.11.17 00:48:55 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012.11.17 00:48:53 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012.11.17 00:48:53 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012.11.17 00:48:53 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012.11.16 12:14:16 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012.11.16 12:14:16 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012.11.16 12:14:16 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012.11.16 12:14:13 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll

spartaner007 · 13.03.2013, 00:16

Hier die Ergebnisse (Teil 2):

Code:

ATTFilter

 
[2012.11.16 12:14:13 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012.11.16 12:14:13 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012.11.16 12:14:13 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012.11.16 12:14:13 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012.11.16 12:14:13 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012.11.16 12:13:13 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012.11.16 12:13:13 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2012.11.14 14:15:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012.11.14 14:15:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012.11.14 13:59:25 | 000,691,568 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.11.14 13:59:25 | 000,071,024 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.11.12 00:24:40 | 000,000,000 | ---D | C] -- C:\Icons
[2012.11.12 00:09:11 | 000,000,000 | ---D | C] -- C:\ebay_teilausgelagert
[2012.11.11 23:46:35 | 000,000,000 | ---D | C] -- C:\Vetad_Tabellen
[2012.11.11 23:23:17 | 000,000,000 | ---D | C] -- C:\Bilder1
[2012.11.11 10:45:30 | 000,116,864 | ---- | C] (KOBIL Systems GmbH) -- C:\Windows\SysNative\drivers\KOBCCID.sys
[2012.11.11 10:04:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SPR532 Tools
[2012.11.11 10:03:39 | 000,346,456 | ---- | C] (SCM Microsystems Inc.) -- C:\Windows\SysNative\MCSCM.dll
[2012.11.11 10:03:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SCM Microsystems
[2012.11.11 10:03:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SCM Microsystems
[2012.11.11 10:02:47 | 000,172,032 | ---- | C] (Vetad eG) -- C:\Windows\SysNative\WTSKomNTClient.dll
[2012.11.11 09:59:46 | 000,018,264 | ---- | C] (SKYCOM Co.,Ltd.) -- C:\Windows\SysNative\skyasyncnotify.dll
[2012.11.11 09:49:45 | 000,000,000 | ---D | C] -- C:\Users\ALT\AppData\Roaming\DVASSV
[2012.11.11 09:45:49 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.11.10 21:17:08 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.11.08 11:29:12 | 001,402,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4.dll
[2012.11.06 09:41:25 | 000,000,000 | ---D | C] -- C:\Users\ALT\Desktop\Debug_PhraseExpress
[2012.11.05 14:01:53 | 000,000,000 | ---D | C] -- C:\Users\ALT\AppData\Local\Programs
[2012.10.18 14:45:39 | 000,110,592 | ---- | C] (TechSmith Corporation) -- C:\Windows\SysWow64\tsccvid.dll
[2012.10.18 14:45:37 | 000,369,152 | ---- | C] (DATA BECKER) -- C:\Windows\DBREG.dll
[2012.10.18 14:45:37 | 000,131,072 | ---- | C] (DATA BECKER) -- C:\Windows\DBReg.exe
[2012.10.18 14:38:22 | 001,466,368 | ---- | C] (aprisoft GmbH) -- C:\Windows\SysWow64\DBInternetControl.ocx
[2012.10.18 13:27:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DATA BECKER
[2012.10.18 13:26:59 | 000,628,736 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltocx12n.ocx
[2012.10.18 13:26:59 | 000,406,016 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltkrn12n.dll
[2012.10.18 13:26:59 | 000,328,704 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LFCMP12n.DLL
[2012.10.18 13:26:59 | 000,327,680 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\txobj32.dll
[2012.10.18 13:26:59 | 000,323,584 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx_word.dll
[2012.10.18 13:26:59 | 000,290,816 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\Tx4ole.ocx
[2012.10.18 13:26:59 | 000,259,072 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTDIS12n.dll
[2012.10.18 13:26:59 | 000,207,872 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltefx12n.dll
[2012.10.18 13:26:59 | 000,164,864 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltimg12n.dll
[2012.10.18 13:26:59 | 000,135,168 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx_htm32.dll
[2012.10.18 13:26:59 | 000,131,072 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx_rtf32.dll
[2012.10.18 13:26:59 | 000,131,072 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltfil12n.DLL
[2012.10.18 13:26:59 | 000,081,920 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\txtls32.dll
[2012.10.18 13:26:59 | 000,069,632 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\ic32.dll
[2012.10.18 13:26:59 | 000,061,440 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\wndtls32.dll
[2012.10.18 13:26:59 | 000,045,056 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx_tif32.flt
[2012.10.18 13:26:59 | 000,035,840 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lttwn12n.dll
[2012.10.18 13:26:59 | 000,035,328 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfgif12n.dll
[2012.10.18 13:26:59 | 000,032,768 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx_wmf32.flt
[2012.10.18 13:26:59 | 000,032,768 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx_bmp32.flt
[2012.10.18 13:26:59 | 000,030,720 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfbmp12n.dll
[2012.10.18 13:26:55 | 000,279,800 | ---- | C] (Mabry Software, Inc.) -- C:\Windows\SysWow64\FtpX.DLL
[2012.10.18 13:26:55 | 000,173,304 | ---- | C] (Mabry Software, Inc.) -- C:\Windows\SysWow64\MimeX.dll
[2012.10.18 13:26:55 | 000,152,824 | ---- | C] (Mabry Software, Inc.) -- C:\Windows\SysWow64\EncodeX.dll
[2012.10.18 13:26:55 | 000,148,736 | ---- | C] (Mabry Software, Inc.) -- C:\Windows\SysWow64\FtpX.OCX
[2012.10.18 13:26:55 | 000,144,640 | ---- | C] (Mabry Software, Inc.) -- C:\Windows\SysWow64\PopX.OCX
[2012.10.18 13:26:55 | 000,132,360 | ---- | C] (Mabry Software, Inc.) -- C:\Windows\SysWow64\EncodeX.OCX
[2012.10.18 13:26:55 | 000,132,344 | ---- | C] (Mabry Software, Inc.) -- C:\Windows\SysWow64\PopX.dll
[2012.10.18 13:26:55 | 000,099,576 | ---- | C] (Mabry Software, Inc.) -- C:\Windows\SysWow64\MabryObj.dll
[2012.10.18 13:26:55 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCC2DE.DLL
[2012.10.18 13:26:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DATA BECKER
[2012.10.18 00:42:34 | 000,142,944 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\vsflt58.sys
[2012.10.10 22:53:17 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.10.10 22:53:04 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.10.10 22:53:04 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.10.02 12:09:42 | 000,315,904 | ---- | C] (Vetad eG) -- C:\Windows\SysWow64\DVCCSAP11003.dll
[2012.10.02 12:08:28 | 000,315,904 | ---- | C] (Vetad eG) -- C:\Windows\SysWow64\DVCCSAP11002.dll
[2012.09.26 07:48:08 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2012.09.24 14:41:41 | 000,000,000 | ---D | C] -- C:\Users\ALT\AppData\Roaming\Thunderbird
[2012.09.24 13:47:47 | 000,000,000 | ---D | C] -- C:\Users\ALT\AppData\Local\Thunderbird
[2012.09.13 10:27:31 | 000,000,000 | ---D | C] -- C:\Users\ALT\Desktop\Weinzierl Informationsdateien
[2012.09.12 13:24:42 | 000,707,168 | ---- | C] (Vetad eG) -- C:\Windows\SysWow64\DtvCredentialProvider.dll
[2012.09.12 09:52:29 | 000,000,000 | ---D | C] -- C:\Bildung_privat
[2012.09.12 09:49:20 | 000,000,000 | ---D | C] -- C:\Bildung_geschaeftlich
[2012.09.12 07:14:52 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012.09.12 07:14:51 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012.09.08 14:51:18 | 000,367,200 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\afcdp.sys
[2012.09.08 14:51:17 | 001,284,192 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\tdrpman.sys
[2012.09.08 14:51:16 | 000,986,208 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\timntr.sys
[2012.09.08 14:51:12 | 000,210,528 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\vididr.sys
[2012.09.08 14:51:11 | 000,310,368 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\snapman.sys
[2012.09.08 14:51:10 | 000,132,704 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\fltsrv.sys
[2012.09.08 14:50:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
[2012.09.08 14:50:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Acronis
[2012.09.08 14:50:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acronis
[2012.09.08 14:50:33 | 000,000,000 | ---D | C] -- C:\Users\ALT\AppData\Roaming\Acronis
[2012.09.08 14:50:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Acronis
[2012.09.05 13:21:53 | 003,927,560 | ---- | C] (Piriform Ltd) -- C:\Users\ALT\Desktop\ccsetup322.exe
[2012.09.03 22:31:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012.09.03 22:11:26 | 000,861,088 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012.09.02 10:42:18 | 000,000,000 | ---D | C] -- C:\Users\ALT\Desktop\Download Programme
[2012.09.02 07:19:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012.09.02 07:19:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.09.01 09:32:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware
[2012.09.01 09:32:34 | 000,000,000 | ---D | C] -- C:\Users\ALT\Documents\Anti-Malware
[2012.08.31 09:57:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Biet-O-Matic
[2012.08.31 09:57:22 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mscmcde.dll
[2012.08.31 09:57:22 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winskde.dll
[2012.08.31 09:57:21 | 000,000,000 | ---D | C] -- C:\Users\ALT\AppData\Roaming\BOM
[2012.08.31 09:57:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Biet-O-Matic
[2012.08.30 22:53:15 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012.08.30 16:24:26 | 000,163,840 | ---- | C] (Vetad eG) -- C:\Windows\SysWow64\DVCCSAnotify002.dll
[2012.08.30 16:24:26 | 000,139,264 | ---- | C] (Vetad eG) -- C:\Windows\SysWow64\WTSKomNTClient.dll
[2012.08.29 23:18:18 | 000,000,000 | ---D | C] -- C:\Users\ALT\AppData\Roaming\PhraseExpress
[2012.08.29 23:18:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhraseExpress
[2012.08.29 23:18:10 | 000,000,000 | ---D | C] -- C:\Users\ALT\Documents\PhraseExpress
[2012.08.29 23:18:09 | 000,000,000 | ---D | C] -- C:\ProgramData\PhraseExpress
[2012.08.29 23:18:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhraseExpress
[2012.08.27 08:46:23 | 000,000,000 | ---D | C] -- C:\Users\ALT\AppData\Roaming\Thunderbird_Test_loeschen
[2012.08.26 16:29:55 | 000,000,000 | ---D | C] -- C:\Users\ALT\Documents\PersBackup
[2012.08.26 16:29:54 | 000,000,000 | ---D | C] -- C:\Users\ALT\AppData\Roaming\PersBackup5
[2012.08.26 16:28:24 | 000,000,000 | ---D | C] -- C:\Program Files\PersonalBackup
[2012.08.26 16:00:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
[2012.08.26 15:59:29 | 000,073,728 | ---- | C] (Brother Industories Ltd. P&S Company) -- C:\Windows\SysWow64\BRCrypt.dll
[2012.08.26 15:59:29 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\BrFaxRx
[2012.08.26 15:59:25 | 000,179,712 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysNative\BrfxDA5b.dll
[2012.08.26 15:59:25 | 000,118,784 | ---- | C] (Brother Industries,LTD.) -- C:\Windows\SysWow64\BrMfNt.dll
[2012.08.26 15:59:24 | 000,207,872 | ---- | C] (brother) -- C:\Windows\SysNative\NSSRH64.dll
[2012.08.26 15:59:24 | 000,082,944 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysNative\BrNetSti.dll
[2012.08.26 15:59:24 | 000,073,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2.dll
[2012.08.26 15:59:24 | 000,058,368 | ---- | C] (Brother Industries,Ltd.) -- C:\Windows\SysNative\BrWiaNCp.dll
[2012.08.26 15:59:24 | 000,047,616 | ---- | C] (Brother Industries,Ltd) -- C:\Windows\SysNative\Brnsplg.dll
[2012.08.26 15:59:24 | 000,005,632 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2L.dll
[2012.08.26 15:59:24 | 000,003,072 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2S.dll
[2012.08.26 15:59:23 | 001,560,064 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysNative\BrWia09b.dll
[2012.08.26 15:59:22 | 000,111,928 | ---- | C] (Brother Industries Ltd) -- C:\Windows\SysWow64\BRRBTOOL.EXE
[2012.08.26 15:59:22 | 000,077,824 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysWow64\BRLMW03A.DLL
[2012.08.26 15:59:21 | 000,176,128 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysWow64\BROSNMP.DLL
[2012.08.26 15:59:19 | 000,167,936 | ---- | C] (brother) -- C:\Windows\SysWow64\NSSearch.dll
[2012.08.26 15:59:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Brother
[2012.08.26 15:59:15 | 000,024,223 | ---- | C] (Brother Industries, Ltd) -- C:\Windows\SysWow64\BRLM03A.DLL
[2012.08.26 15:58:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother
[2012.08.26 15:58:25 | 000,000,000 | ---D | C] -- C:\Users\ALT\AppData\Roaming\InstallShield
[2012.08.25 14:35:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iLinc
[2012.08.25 14:35:34 | 000,000,000 | ---D | C] -- C:\Users\ALT\AppData\Local\iLinc
[2012.08.25 13:50:56 | 002,087,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2012.08.23 00:00:00 | 000,683,104 | ---- | C] (Vetad eG) -- C:\Windows\DVINIT.EXE
[2012.08.21 11:10:00 | 000,667,648 | ---- | C] (Vetad eG) -- C:\Windows\SysWow64\DVPCDB_ODBCTrace711.dll
[2012.08.15 07:30:26 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012.08.15 07:30:21 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012.08.15 07:21:40 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.08.15 07:21:40 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.08.15 07:21:40 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012.08.15 07:21:39 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012.08.11 12:10:26 | 000,031,080 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2012.08.11 12:10:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2012.08.11 12:08:21 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.08.11 12:08:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft
[2012.07.27 05:40:00 | 000,522,752 | ---- | C] (Vetad eG) -- C:\Windows\SysWow64\NUKORDEU.dll
[2012.07.27 05:40:00 | 000,399,872 | ---- | C] (Vetad eG) -- C:\Windows\SysWow64\NukoInst.dll
[2012.07.25 14:34:43 | 000,000,000 | R--D | C] -- C:\Users\ALT\Desktop\_erledigen
[2012.07.24 08:32:22 | 000,000,000 | ---D | C] -- C:\Users\ALT\AppData\Local\Zeon
[2012.07.16 14:29:18 | 000,000,000 | ---D | C] -- C:\Users\ALT\AppData\Local\Macromedia
[2012.07.11 15:54:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012.07.11 15:54:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012.07.11 15:53:53 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012.07.11 15:53:52 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012.07.11 13:01:47 | 000,000,000 | R--D | C] -- C:\Users\ALT\Desktop\Telefonlisten
[2012.07.11 12:49:48 | 004,066,816 | ---- | C] (J. Rathlev, IEAP, Uni-Kiel) -- C:\Users\ALT\Desktop\Persbackup.exe
[2012.07.07 15:06:45 | 000,000,000 | ---D | C] -- C:\Users\ALT\AppData\Roaming\Canneverbe Limited
[2012.07.07 15:06:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2012.07.07 15:06:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDBurnerXP
[2012.07.05 23:21:35 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2012.07.05 23:17:05 | 000,000,000 | ---D | C] -- C:\Users\ALT\Documents\Any Video Converter Professional
[2012.06.22 06:52:54 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.06.22 06:52:54 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012.06.22 06:52:54 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.06.22 06:52:43 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012.06.22 06:52:43 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012.06.22 06:52:43 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012.06.22 06:52:34 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012.06.22 06:52:34 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012.06.16 18:01:43 | 000,000,000 | ---D | C] -- C:\Users\ALT\Desktop\Virenschutz
[2012.06.16 16:39:08 | 000,000,000 | ---D | C] -- C:\Test_von_P
[2012.06.15 21:05:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Recovery
[2012.06.15 08:40:13 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.06.15 08:40:13 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.06.15 08:39:40 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012.06.15 08:39:39 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012.06.15 08:39:39 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012.06.15 08:39:39 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012.06.15 08:36:08 | 000,000,000 | ---D | C] -- C:\6d5d014e0ac79cc9f8547251adfe
[2012.06.12 23:39:22 | 000,000,000 | ---D | C] -- C:\Users\ALT\AppData\Roaming\Malwarebytes
[2012.06.12 23:37:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.06.12 22:32:37 | 000,000,000 | ---D | C] -- C:\ProgramData\wqpzacjsrypnbbd
[2012.06.09 22:08:40 | 000,000,000 | ---D | C] -- C:\Users\ALT\Documents\StreamTransport
[2012.06.09 12:01:33 | 000,000,000 | R--D | C] -- C:\Users\ALT\Desktop\Video_Bearbeitungsprogramme
[2012.06.09 11:32:27 | 000,000,000 | ---D | C] -- C:\Users\ALT\Documents\Any Video Converter
[2012.06.09 11:32:25 | 000,000,000 | ---D | C] -- C:\Users\ALT\AppData\Roaming\AnvSoft
[2012.06.09 11:31:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AnvSoft
[2012.06.09 10:44:13 | 003,982,240 | ---- | C] (Adobe Systems, Inc.) -- C:\Windows\SysWow64\Flash10d.ocx
[2012.06.09 10:44:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamTransport
[2012.06.09 10:44:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StreamTransport
[2012.06.06 07:49:52 | 001,070,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCTL.OCX
[2012.05.26 18:01:39 | 000,163,840 | ---- | C] (Igor Pavlov) -- C:\Users\ALT\Desktop\7z.exe
[2012.05.26 17:58:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012.05.26 17:58:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2012.05.02 12:17:12 | 000,617,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comctl32.ocx
[2012.04.22 13:30:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2012.04.15 20:31:33 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012.04.15 20:31:32 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2012.04.15 20:31:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2012.04.15 20:31:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012.04.15 20:31:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2012.04.15 20:28:07 | 000,000,000 | ---D | C] -- C:\AMD
[2012.04.11 23:23:10 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012.04.11 23:23:10 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012.04.10 13:19:28 | 000,000,000 | ---D | C] -- C:\Users\ALT\AppData\Roaming\Help
[2012.03.21 18:39:06 | 000,000,000 | ---D | C] -- C:\Users\ALT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Convar
[2012.03.21 18:39:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Convar
[2012.03.18 09:34:48 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012.03.18 09:34:48 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
 
========== Files - Modified Within 360 Days ==========
 
[2013.03.12 12:16:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.12 12:00:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ALT\Desktop\OTL.exe
[2013.03.10 21:11:46 | 000,027,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.10 21:11:46 | 000,027,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.10 12:28:09 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.03.10 12:28:09 | 000,696,620 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.03.10 12:28:09 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.03.10 12:28:09 | 000,147,916 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.03.10 12:28:09 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.03.08 22:18:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.07 11:37:41 | 000,005,703 | ---- | M] () -- C:\Users\ALT\AppData\Local\EmptySettings.xml
[2013.03.06 00:10:06 | 000,157,000 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamswissarmy.sys
[2013.03.06 00:10:06 | 000,036,680 | ---- | M] () -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2013.03.05 22:30:09 | 013,786,977 | ---- | M] () -- C:\Users\ALT\Desktop\mbar-1.01.0.1021.zip
[2013.03.05 18:39:31 | 3188,219,904 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.03 20:51:27 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForPC01$.job
[2013.03.02 14:13:37 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.27 01:17:12 | 000,002,323 | ---- | M] () -- C:\Users\Public\Desktop\Efuah Steuer Office aufrufen.lnk
[2013.02.27 00:58:56 | 000,002,875 | ---- | M] () -- C:\Users\Public\Desktop\Efuah Formular-Manager.lnk
[2013.02.26 23:18:22 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.02.26 23:18:22 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.02.20 08:30:23 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForALT.job
[2013.02.14 07:29:21 | 000,457,784 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.02.13 00:52:07 | 000,001,091 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PhraseExpress.lnk
[2013.02.08 08:55:11 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.02.08 08:55:11 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.02.08 08:55:11 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.02.08 08:55:11 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.02.08 08:55:11 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.02.08 08:55:11 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.02.08 08:53:50 | 001,085,344 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2013.02.08 08:53:50 | 000,963,488 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2013.02.08 08:53:50 | 000,310,688 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.02.08 08:53:50 | 000,188,832 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.02.08 08:53:50 | 000,188,320 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.02.08 08:53:50 | 000,108,448 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013.02.04 10:11:03 | 000,000,526 | ---- | M] () -- C:\Windows\ODBC.INI
[2013.01.27 16:34:55 | 000,002,082 | ---- | M] () -- C:\Users\ALT\Desktop\test und FINANZtest Archiv CD-Rom 2011.lnk
[2013.01.27 16:27:12 | 000,002,022 | ---- | M] () -- C:\Users\ALT\Desktop\test und FINANZtest Archiv CD-Rom 2012.lnk
[2013.01.27 14:37:31 | 000,000,227 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2013.01.24 19:08:50 | 000,002,327 | ---- | M] () -- C:\Users\Public\Desktop\Efuah Personal Office Standard.lnk
[2013.01.19 16:24:28 | 000,000,021 | ---- | M] () -- C:\Windows\DvInesKurusOleServer003.INI
[2013.01.19 16:01:40 | 000,000,941 | ---- | M] () -- C:\Users\Public\Desktop\Vetad Arbeitsplatz pro V.3.1.lnk
[2013.01.19 15:51:08 | 000,000,096 | ---- | M] () -- C:\Windows\dvinesinstalllocation001.INI
[2013.01.13 22:17:03 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.01.13 22:17:02 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.01.13 22:16:42 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.01.13 22:12:46 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.01.13 22:11:21 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.01.13 22:11:08 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.01.13 22:11:07 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.01.13 22:11:07 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013.01.13 22:11:07 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.01.13 21:35:31 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.01.13 21:35:31 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.01.13 21:35:18 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.01.13 21:32:07 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.01.13 21:31:48 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.01.13 21:31:41 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.01.13 21:31:40 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.01.13 21:31:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013.01.13 21:31:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.01.13 21:08:35 | 001,504,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.01.13 20:59:04 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.01.13 20:53:14 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013.01.13 20:51:30 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013.01.13 20:49:17 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013.01.13 20:38:39 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013.01.13 20:38:32 | 001,887,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.01.13 20:38:21 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013.01.13 20:25:04 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013.01.13 20:24:33 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013.01.13 20:24:30 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013.01.13 20:20:42 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013.01.13 20:20:04 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013.01.13 20:15:40 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.01.13 20:10:36 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013.01.13 20:02:06 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013.01.13 19:34:58 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013.01.13 19:32:43 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013.01.13 19:09:52 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013.01.13 18:26:42 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013.01.13 18:05:09 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013.01.10 00:34:20 | 001,589,442 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.01.09 02:19:09 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.01.09 02:11:06 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.01.09 02:10:26 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.01.09 02:07:51 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.01.09 02:07:50 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.01.09 02:07:47 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.01.09 02:06:39 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.01.09 02:04:58 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.01.09 02:00:48 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.01.08 23:03:12 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.01.08 23:01:48 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.01.08 22:59:02 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.01.08 22:58:43 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.01.08 22:56:37 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.01.08 22:53:13 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.01.05 06:53:43 | 005,553,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.01.05 06:00:15 | 003,967,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.01.05 06:00:11 | 003,913,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.01.04 07:11:21 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013.01.04 07:11:13 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013.01.04 06:46:09 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.01.04 05:51:16 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.01.04 03:47:35 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.01.04 03:47:34 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.01.04 03:47:34 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.01.04 03:47:33 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.01.03 07:00:42 | 000,288,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013.01.02 19:18:53 | 000,004,096 | -H-- | M] () -- C:\Users\ALT\AppData\Local\keyfile3.drm
[2012.12.16 18:11:22 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012.12.16 15:45:03 | 000,367,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012.12.16 15:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012.12.16 15:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012.12.16 13:14:23 | 000,004,096 | ---- | M] () -- C:\Users\Public\Documents\00000F38.LCS
[2012.12.16 10:34:03 | 000,002,178 | ---- | M] () -- C:\Users\Public\Desktop\web to date 6.0.lnk
[2012.12.14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.12.10 12:18:02 | 000,001,387 | ---- | M] () -- C:\Users\ALT\Desktop\Jahresrundschreiben 2012.lnk
[2012.12.09 18:18:02 | 000,001,294 | ---- | M] () -- C:\Users\ALT\Desktop\Computer Management (2).lnk
[2012.12.08 10:55:09 | 000,001,417 | ---- | M] () -- C:\Users\ALT\Desktop\Dateien Suche.lnk
[2012.12.07 14:20:16 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2012.12.07 14:15:31 | 002,746,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2012.12.07 13:26:17 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2012.12.07 13:20:43 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2012.12.07 12:20:04 | 000,030,720 | ---- | M] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2012.12.07 12:20:03 | 000,043,520 | ---- | M] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2012.12.07 12:20:03 | 000,023,552 | ---- | M] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2012.12.07 12:20:01 | 000,045,568 | ---- | M] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2012.12.07 12:20:01 | 000,044,544 | ---- | M] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2012.12.07 12:20:01 | 000,020,480 | ---- | M] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2012.12.07 12:20:00 | 000,020,480 | ---- | M] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2012.12.07 12:19:59 | 000,020,480 | ---- | M] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2012.12.07 12:19:58 | 000,046,592 | ---- | M] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2012.12.07 12:19:57 | 000,040,960 | ---- | M] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2012.12.07 12:19:57 | 000,021,504 | ---- | M] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2012.12.07 12:19:57 | 000,015,360 | ---- | M] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2012.12.07 12:19:56 | 000,055,296 | ---- | M] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2012.12.07 12:19:55 | 000,051,712 | ---- | M] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2012.12.07 11:46:42 | 000,043,520 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2012.12.07 11:46:42 | 000,030,720 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2012.12.07 11:46:41 | 000,045,568 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2012.12.07 11:46:41 | 000,044,544 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2012.12.07 11:46:41 | 000,023,552 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2012.12.07 11:46:41 | 000,020,480 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2012.12.07 11:46:40 | 000,020,480 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2012.12.07 11:46:39 | 000,046,592 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2012.12.07 11:46:39 | 000,020,480 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2012.12.07 11:46:38 | 000,021,504 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2012.12.07 11:46:37 | 000,040,960 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2012.12.07 11:46:37 | 000,015,360 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2012.12.07 11:46:36 | 000,055,296 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2012.12.07 11:46:36 | 000,051,712 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2012.12.06 00:05:37 | 000,000,999 | ---- | M] () -- C:\Users\ALT\Desktop\FreeCommander.lnk
[2012.12.05 19:20:10 | 000,002,079 | ---- | M] () -- C:\Users\ALT\Desktop\JDownloader.lnk
[2012.12.04 16:19:28 | 000,900,963 | ---- | M] () -- C:\Windows\SysWow64\sig.bin
[2012.12.04 16:19:28 | 000,047,230 | ---- | M] () -- C:\Windows\SysWow64\nmp.map
[2012.12.04 15:09:56 | 000,004,876 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012.12.03 17:16:19 | 000,053,112 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\HookCentre.sys
[2012.12.03 17:15:58 | 000,111,992 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\MiniIcpt.sys
[2012.12.03 17:15:58 | 000,050,552 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDBehave.sys
[2012.12.03 17:15:57 | 000,065,912 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys
[2012.12.03 17:15:54 | 000,106,648 | ---- | M] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys
[2012.11.30 06:45:35 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012.11.30 06:45:35 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012.11.30 06:45:35 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012.11.30 06:43:12 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012.11.30 06:41:07 | 001,161,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012.11.30 06:41:07 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012.11.30 06:38:45 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012.11.30 06:38:45 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012.11.30 06:38:45 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012.11.30 06:38:45 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.11.30 06:38:45 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012.11.30 06:38:45 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.11.30 06:38:45 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.11.30 06:38:45 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.11.30 06:38:45 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012.11.30 06:38:45 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012.11.30 06:38:45 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012.11.30 06:38:45 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012.11.30 06:38:45 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012.11.30 06:38:44 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012.11.30 06:38:44 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012.11.30 06:38:44 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012.11.30 05:45:15 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012.11.30 05:45:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.11.30 05:45:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012.11.30 05:45:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012.11.30 05:45:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012.11.30 05:45:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012.11.30 05:45:14 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012.11.30 05:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012.11.30 05:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012.11.30 05:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.11.30 05:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012.11.30 05:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012.11.30 05:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012.11.30 05:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012.11.30 04:23:48 | 000,338,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012.11.30 03:38:59 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012.11.30 03:38:59 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012.11.30 03:38:59 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012.11.30 03:38:59 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012.11.23 04:13:57 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2012.11.22 06:44:23 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2012.11.22 00:23:55 | 000,000,977 | ---- | M] () -- C:\Users\ALT\Desktop\jZip.lnk
[2012.11.20 06:48:49 | 000,307,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.11.14 14:15:47 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2012.11.12 15:11:11 | 000,007,605 | ---- | M] () -- C:\Users\ALT\AppData\Local\Resmon.ResmonCfg
[2012.11.11 10:45:30 | 000,116,864 | ---- | M] (KOBIL Systems GmbH) -- C:\Windows\SysNative\drivers\KOBCCID.sys
[2012.11.11 10:07:54 | 000,001,029 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Basisschnittstelle Office Initialisierung.lnk
[2012.11.11 10:05:20 | 000,001,011 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DFÜ-Manager.lnk
[2012.11.11 10:04:03 | 000,001,505 | ---- | M] () -- C:\Windows\HBCIKRNL.INI
[2012.11.11 09:59:51 | 000,001,821 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CleanupPrintJobs.lnk
[2012.11.11 09:59:51 | 000,001,810 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SkyUserDevmode-Update.lnk
[2012.11.11 09:50:05 | 000,000,097 | ---- | M] () -- C:\Windows\Startup.INI
[2012.11.10 22:41:43 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.11.09 06:45:32 | 000,750,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012.11.09 05:43:04 | 000,492,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012.11.08 11:29:12 | 001,402,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4.dll
[2012.11.02 06:59:11 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2012.11.02 06:11:31 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2012.10.25 15:37:45 | 000,001,871 | ---- | M] () -- C:\Users\ALT\Desktop\WeinzierlM Fibubeanstandungen Musterbrief.lnk
[2012.10.21 11:46:44 | 000,010,595 | ---- | M] () -- C:\Windows\SysWow64\UpdateAction_30032012.exe.dmp
[2012.10.18 14:45:37 | 000,001,291 | ---- | M] () -- C:\Users\ALT\Desktop\3D Traumhaus Designer 7 Pro.lnk
[2012.10.18 13:27:17 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\shop to date.lnk
[2012.10.18 13:22:09 | 000,004,096 | ---- | M] () -- C:\Users\Public\Documents\PCD1054.L!C
[2012.10.18 00:42:34 | 000,142,944 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\vsflt58.sys
[2012.10.09 19:17:13 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012.10.09 19:17:13 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012.10.09 18:40:31 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012.10.04 17:47:40 | 001,868,868 | ---- | M] () -- C:\Users\Public\Documents\mstrust.dll
[2012.10.03 18:44:17 | 000,246,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012.10.03 18:44:17 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012.10.03 18:44:16 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012.10.03 17:42:24 | 000,175,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012.10.03 17:42:24 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012.10.03 17:42:23 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012.10.02 12:09:42 | 000,315,904 | ---- | M] (Vetad eG) -- C:\Windows\SysWow64\DVCCSAP11003.dll
[2012.10.02 12:08:44 | 000,366,080 | ---- | M] (Vetad eG) -- C:\Windows\SysNative\DVCCSAP11003.dll
[2012.10.02 12:08:44 | 000,366,080 | ---- | M] (Vetad eG) -- C:\Windows\SysNative\DVCCSAP11002.dll
[2012.10.02 12:08:28 | 000,315,904 | ---- | M] (Vetad eG) -- C:\Windows\SysWow64\DVCCSAP11002.dll
[2012.09.25 23:47:43 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2012.09.25 23:46:17 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012.09.25 14:50:35 | 000,001,200 | ---- | M] () -- C:\Users\ALT\Desktop\sichern Mails nach c.lnk
[2012.09.25 13:57:21 | 000,001,278 | ---- | M] () -- C:\Users\ALT\Desktop\sichern Mails nach externer Sicherungsplatte f.lnk
[2012.09.24 14:33:40 | 000,002,092 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2012.09.12 13:24:46 | 000,890,464 | ---- | M] (Vetad eG) -- C:\Windows\SysNative\DtvCredentialProvider.dll
[2012.09.12 13:24:42 | 000,707,168 | ---- | M] (Vetad eG) -- C:\Windows\SysWow64\DtvCredentialProvider.dll
[2012.09.09 13:59:31 | 000,001,249 | ---- | M] () -- C:\Users\ALT\Desktop\Temporaere Dateien loeschen PC01.lnk
[2012.09.08 14:51:18 | 000,367,200 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\afcdp.sys
[2012.09.08 14:51:17 | 001,284,192 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\tdrpman.sys
[2012.09.08 14:51:16 | 000,986,208 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\timntr.sys
[2012.09.08 14:51:12 | 000,210,528 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\vididr.sys
[2012.09.08 14:51:11 | 000,310,368 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\snapman.sys
[2012.09.08 14:51:10 | 000,132,704 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\fltsrv.sys
[2012.09.08 14:50:59 | 000,001,291 | ---- | M] () -- C:\Users\ALT\Desktop\Acronis*True*Image*Home.lnk
[2012.09.06 16:36:22 | 000,001,805 | ---- | M] () -- C:\Users\ALT\Desktop\WeinzierlM ABCrahmen Lieferanten.lnk
[2012.09.06 15:23:35 | 000,001,385 | ---- | M] () -- C:\Users\ALT\Desktop\ZMSD Besonderheiten.lnk
[2012.09.06 15:13:16 | 000,001,175 | ---- | M] () -- C:\Users\ALT\Desktop\sonstiges Erledigen.lnk
[2012.09.05 13:22:12 | 003,927,560 | ---- | M] (Piriform Ltd) -- C:\Users\ALT\Desktop\ccsetup322.exe
[2012.08.31 09:57:49 | 000,001,031 | ---- | M] () -- C:\Users\Public\Desktop\Biet-O-Matic.lnk
[2012.08.30 16:24:26 | 000,163,840 | ---- | M] (Vetad eG) -- C:\Windows\SysWow64\DVCCSAnotify002.dll
[2012.08.30 16:24:26 | 000,139,264 | ---- | M] (Vetad eG) -- C:\Windows\SysWow64\WTSKomNTClient.dll
[2012.08.30 16:22:36 | 000,172,032 | ---- | M] (Vetad eG) -- C:\Windows\SysNative\WTSKomNTClient.dll
[2012.08.30 16:19:52 | 000,173,568 | ---- | M] (Vetad eG) -- C:\Windows\SysNative\DVCCSAnotify64002.dll
[2012.08.30 14:19:43 | 000,001,151 | ---- | M] () -- C:\Users\ALT\Desktop\Excel 2010 Homeformat.lnk
[2012.08.29 23:18:11 | 000,001,105 | ---- | M] () -- C:\Users\ALT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PhraseExpress Diagnose-Modus.lnk
[2012.08.29 23:18:11 | 000,001,091 | ---- | M] () -- C:\Users\ALT\Desktop\PhraseExpress starten.lnk
[2012.08.26 16:00:42 | 000,002,151 | ---- | M] () -- C:\Users\ALT\Desktop\ControlCenter3.lnk
[2012.08.26 16:00:31 | 000,000,256 | ---- | M] () -- C:\Windows\Brpfx04a.ini
[2012.08.26 16:00:31 | 000,000,093 | ---- | M] () -- C:\Windows\brpcfx.ini
[2012.08.26 16:00:14 | 000,000,416 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2012.08.26 16:00:13 | 000,000,034 | ---- | M] () -- C:\Windows\SysWow64\BD8860DN.DAT
[2012.08.26 15:59:29 | 000,000,066 | ---- | M] () -- C:\Windows\Brfaxrx.ini
[2012.08.26 15:59:29 | 000,000,050 | ---- | M] () -- C:\Windows\SysNative\bd8860dn.dat
[2012.08.26 12:47:03 | 046,404,496 | ---- | M] () -- C:\Users\ALT\Documents\videos_68.flv
[2012.08.26 12:21:59 | 091,667,889 | ---- | M] () -- C:\Users\ALT\Documents\videos_67.flv
[2012.08.26 11:50:59 | 074,495,981 | ---- | M] () -- C:\Users\ALT\Documents\videos_66.flv
[2012.08.26 11:08:41 | 073,212,401 | ---- | M] () -- C:\Users\ALT\Documents\videos_65.flv
[2012.08.26 10:44:27 | 055,779,947 | ---- | M] () -- C:\Users\ALT\Documents\videos_64.flv
[2012.08.26 10:30:46 | 001,001,586 | ---- | M] () -- C:\Users\ALT\Documents\Banner_MBUY-Facial_01rahmenB-770-265_0.flv
[2012.08.26 10:03:22 | 001,001,586 | ---- | M] () -- C:\Users\ALT\Documents\Banner_MBUY-Facial_01rahmenB-770-265.flv
[2012.08.24 19:05:07 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.08.23 20:43:53 | 019,341,096 | ---- | M] () -- C:\Users\ALT\Documents\videos_63.flv
[2012.08.23 00:00:00 | 000,683,104 | ---- | M] (Vetad eG) -- C:\Windows\DVINIT.EXE
[2012.08.22 19:12:40 | 000,376,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012.08.22 00:13:00 | 088,486,554 | ---- | M] () -- C:\Users\ALT\Documents\videos_62.flv
[2012.08.21 22:27:07 | 075,713,292 | ---- | M] () -- C:\Users\ALT\Documents\videos_61.flv
[2012.08.21 22:01:00 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2012.08.21 21:12:22 | 060,606,134 | ---- | M] () -- C:\Users\ALT\Documents\videos_60.flv
[2012.08.21 20:03:28 | 019,132,661 | ---- | M] () -- C:\Users\ALT\Documents\videos_59.flv
[2012.08.21 18:55:34 | 106,281,442 | ---- | M] () -- C:\Users\ALT\Documents\videos_58.flv
[2012.08.21 18:13:02 | 006,362,545 | ---- | M] () -- C:\Users\ALT\Documents\videos_57.flv
[2012.08.21 17:43:12 | 066,596,239 | ---- | M] () -- C:\Users\ALT\Documents\videos_56.flv
[2012.08.21 17:05:22 | 004,698,327 | ---- | M] () -- C:\Users\ALT\Documents\videos_55.flv
[2012.08.21 16:36:59 | 062,456,628 | ---- | M] () -- C:\Users\ALT\Documents\videos_54.flv
[2012.08.21 11:10:00 | 000,667,648 | ---- | M] (Vetad eG) -- C:\Windows\SysWow64\DVPCDB_ODBCTrace711.dll
[2012.08.20 00:27:44 | 080,959,300 | ---- | M] () -- C:\Users\ALT\Documents\videos_53.flv
[2012.08.19 23:26:43 | 091,909,044 | ---- | M] () -- C:\Users\ALT\Documents\videos_52.flv
[2012.08.19 22:39:31 | 069,508,762 | ---- | M] () -- C:\Users\ALT\Documents\videos_51.flv
[2012.08.19 22:09:28 | 001,355,887 | ---- | M] () -- C:\Users\ALT\Documents\videos_50.flv
[2012.08.19 22:05:47 | 076,347,020 | ---- | M] () -- C:\Users\ALT\Documents\videos_49.flv
[2012.08.19 21:28:53 | 087,174,512 | ---- | M] () -- C:\Users\ALT\Documents\videos_48.flv
[2012.08.19 20:58:42 | 046,708,616 | ---- | M] () -- C:\Users\ALT\Documents\videos_47.flv
[2012.08.19 20:45:32 | 008,040,020 | ---- | M] () -- C:\Users\ALT\Documents\videos_46.flv
[2012.08.15 22:34:01 | 041,591,245 | ---- | M] () -- C:\Users\ALT\Documents\videos_45.flv
[2012.08.15 18:48:52 | 121,739,096 | ---- | M] () -- C:\Users\ALT\Documents\videos_44.flv
[2012.08.15 16:57:11 | 000,772,199 | ---- | M] () -- C:\Users\ALT\Documents\tease_cut_Greentube_mya.flv
[2012.08.15 16:45:08 | 063,832,286 | ---- | M] () -- C:\Users\ALT\Documents\videos_43.flv
[2012.08.15 16:04:16 | 060,955,282 | ---- | M] () -- C:\Users\ALT\Documents\videos_42.flv
[2012.08.15 14:46:10 | 003,634,347 | ---- | M] () -- C:\Users\ALT\Documents\Banner_MBUY-02-770-265.flv
[2012.08.15 13:28:59 | 093,972,940 | ---- | M] () -- C:\Users\ALT\Documents\videos_41.flv
[2012.08.15 12:14:07 | 022,926,494 | ---- | M] () -- C:\Users\ALT\Documents\videos_40.flv
[2012.08.15 11:10:43 | 050,241,384 | ---- | M] () -- C:\Users\ALT\Documents\videos_39.flv
[2012.08.15 10:52:25 | 033,998,235 | ---- | M] () -- C:\Users\ALT\Documents\videos_38.flv
[2012.08.15 10:35:36 | 000,924,587 | ---- | M] () -- C:\Users\ALT\Documents\videos_37.flv
[2012.08.15 10:33:55 | 101,331,862 | ---- | M] () -- C:\Users\ALT\Documents\videos_36.flv
[2012.08.15 10:33:55 | 000,775,801 | ---- | M] () -- C:\Users\ALT\Documents\j_fl_160x160_8.flv
[2012.08.15 09:19:00 | 076,601,884 | ---- | M] () -- C:\Users\ALT\Documents\videos_35.flv
[2012.08.15 07:18:54 | 092,115,125 | ---- | M] () -- C:\Users\ALT\Documents\videos_34.flv
[2012.08.12 23:28:23 | 091,738,995 | ---- | M] () -- C:\Users\ALT\Documents\videos_33.flv
[2012.08.12 22:37:56 | 029,058,789 | ---- | M] () -- C:\Users\ALT\Documents\videos_32.flv
[2012.08.12 21:52:42 | 081,613,592 | ---- | M] () -- C:\Users\ALT\Documents\videos_31.flv
[2012.08.12 20:54:52 | 077,425,480 | ---- | M] () -- C:\Users\ALT\Documents\videos_30.flv
[2012.08.12 20:18:59 | 016,077,670 | ---- | M] () -- C:\Users\ALT\Documents\videos_29.flv
[2012.08.12 20:07:12 | 057,892,346 | ---- | M] () -- C:\Users\ALT\Documents\videos_28.flv
[2012.08.12 19:00:45 | 016,608,213 | ---- | M] () -- C:\Users\ALT\Documents\videos_27.flv
[2012.08.12 18:33:21 | 085,905,801 | ---- | M] () -- C:\Users\ALT\Documents\videos_26.flv
[2012.08.12 17:48:35 | 053,584,977 | ---- | M] () -- C:\Users\ALT\Documents\videos_25.flv
[2012.08.11 12:10:26 | 000,031,080 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2012.08.11 11:16:54 | 000,438,672 | ---- | M] () -- C:\Users\ALT\Documents\56.flv
[2012.08.11 11:11:44 | 060,319,581 | ---- | M] () -- C:\Users\ALT\Documents\videos_24.flv
[2012.08.11 10:35:37 | 039,706,047 | ---- | M] () -- C:\Users\ALT\Documents\videos_23.flv
[2012.08.11 10:05:33 | 017,239,303 | ---- | M] () -- C:\Users\ALT\Documents\videos_22.flv
[2012.08.11 09:04:46 | 016,742,865 | ---- | M] () -- C:\Users\ALT\Documents\videos_21.flv
[2012.08.11 08:58:12 | 022,238,487 | ---- | M] () -- C:\Users\ALT\Documents\videos_20.flv
[2012.08.07 17:27:18 | 000,001,508 | ---- | M] () -- C:\Users\ALT\Desktop\Vetad-.lnk
[2012.07.27 05:40:00 | 000,522,752 | ---- | M] (Vetad eG) -- C:\Windows\SysWow64\NUKORDEU.dll
[2012.07.27 05:40:00 | 000,399,872 | ---- | M] (Vetad eG) -- C:\Windows\SysWow64\NukoInst.dll
[2012.07.26 08:46:05 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wdf01000.sys.mui
[2012.07.26 05:55:47 | 000,054,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2012.07.26 04:08:53 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012.07.26 04:08:14 | 000,744,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012.07.26 04:08:14 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012.07.26 04:08:14 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012.07.26 03:36:08 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2012.07.23 16:12:19 | 000,001,229 | ---- | M] () -- C:\Users\ALT\Desktop\Musterrechendatei Excel.lnk
[2012.07.12 15:27:15 | 000,001,662 | ---- | M] () -- C:\Users\ALT\Desktop\WeinzierlM ABCrahmen.lnk
[2012.07.11 12:49:48 | 004,066,816 | ---- | M] (J. Rathlev, IEAP, Uni-Kiel) -- C:\Users\ALT\Desktop\Persbackup.exe
[2012.07.05 22:01:42 | 016,077,670 | ---- | M] () -- C:\Users\ALT\Documents\videos_19.flv
[2012.07.04 23:16:43 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.07.04 23:13:27 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.07.04 22:14:34 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012.07.04 21:26:03 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012.07.04 20:45:49 | 018,974,312 | ---- | M] () -- C:\Users\ALT\Documents\videos_18.flv
[2012.07.04 19:26:05 | 105,224,731 | ---- | M] () -- C:\Users\ALT\Documents\This One is drink.flv
[2012.07.04 18:55:45 | 006,772,161 | ---- | M] () -- C:\Users\ALT\Documents\with nice girls 3.flv
[2012.07.04 18:45:02 | 011,095,337 | ---- | M] () -- C:\Users\ALT\Documents\Best sqtcompilation.flv
[2012.07.03 19:03:03 | 100,709,626 | ---- | M] () -- C:\Users\ALT\Documents\videos_17.flv
[2012.07.03 18:18:03 | 084,774,420 | ---- | M] () -- C:\Users\ALT\Documents\videos_16.flv
[2012.07.03 14:45:10 | 000,075,000 | ---- | M] (Vetad eG) -- C:\Windows\SysNative\drivers\kblscryp.sys
[2012.07.03 14:45:06 | 000,084,728 | ---- | M] (Vetad eG) -- C:\Windows\SysNative\drivers\d3_kafm.sys
[2012.07.03 03:00:00 | 000,139,360 | ---- | M] (Vetad eG) -- C:\Windows\SysNative\DvInesCredentialProviderX64.Dll
[2012.07.02 23:21:28 | 000,018,264 | ---- | M] (SKYCOM Co.,Ltd.) -- C:\Windows\SysNative\skyasyncnotify.dll
[2012.07.02 19:12:20 | 065,051,306 | ---- | M] () -- C:\Users\ALT\Documents\videos_15.flv
[2012.07.02 17:54:34 | 000,018,264 | ---- | M] (SKYCOM Co.,Ltd.) -- C:\Windows\SysNative\skypdfmonuipro.dll
[2012.07.02 17:54:32 | 000,022,872 | ---- | M] (SKYCOM Co.,Ltd.) -- C:\Windows\SysNative\skypdfmonpro.dll
[2012.06.30 11:47:05 | 097,996,979 | ---- | M] () -- C:\Users\ALT\Documents\videos_14.flv
[2012.06.30 10:48:18 | 076,286,678 | ---- | M] () -- C:\Users\ALT\Documents\videos_13.flv
[2012.06.30 09:12:54 | 030,302,097 | ---- | M] () -- C:\Users\ALT\Documents\videos_12.flv
[2012.06.30 09:00:20 | 022,133,951 | ---- | M] () -- C:\Users\ALT\Documents\videos_11.flv
[2012.06.30 08:47:13 | 100,860,195 | ---- | M] () -- C:\Users\ALT\Documents\videos_10.flv
[2012.06.30 08:01:04 | 077,179,761 | ---- | M] () -- C:\Users\ALT\Documents\videos_9.flv
[2012.06.28 19:23:55 | 090,943,109 | ---- | M] () -- C:\Users\ALT\Documents\videos_8.flv
[2012.06.28 18:43:54 | 090,943,109 | ---- | M] () -- C:\Users\ALT\Documents\videos_7.flv
[2012.06.28 17:55:31 | 001,184,487 | ---- | M] () -- C:\Users\ALT\Documents\videos_6.flv
[2012.06.28 17:35:16 | 079,058,471 | ---- | M] () -- C:\Users\ALT\Documents\videos_5.flv
[2012.06.28 00:30:06 | 045,229,206 | ---- | M] () -- C:\Users\ALT\Documents\videos_4.flv
[2012.06.27 23:56:17 | 016,778,353 | ---- | M] () -- C:\Users\ALT\Documents\videos_3.flv
[2012.06.27 23:31:59 | 079,667,140 | ---- | M] () -- C:\Users\ALT\Documents\videos_2.flv
[2012.06.27 23:26:58 | 000,609,495 | ---- | M] () -- C:\Users\ALT\Documents\videos_0.flv
[2012.06.27 19:25:52 | 097,067,637 | ---- | M] () -- C:\Users\ALT\Documents\videos_1.flv
[2012.06.27 18:40:49 | 105,078,099 | ---- | M] () -- C:\Users\ALT\Documents\videos.flv
[2012.06.13 16:37:51 | 000,000,000 | ---- | M] () -- C:\Users\ALT\defogger_reenable
[2012.06.12 22:33:35 | 000,000,052 | ---- | M] () -- C:\ProgramData\ckpgxccjdmbsnlv
[2012.06.10 18:26:48 | 000,001,358 | ---- | M] () -- C:\Users\ALT\Desktop\Vetad Suche in Info-Datenbank.lnk
[2012.06.06 07:49:52 | 001,070,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCTL.OCX
[2012.06.06 07:02:54 | 001,133,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012.06.06 06:03:06 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012.06.02 23:19:46 | 000,038,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012.06.02 23:19:42 | 000,057,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012.06.02 23:19:42 | 000,044,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.06.02 23:19:23 | 000,701,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012.06.02 23:15:31 | 002,622,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.06.02 23:15:08 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012.06.02 15:57:51 | 000,000,003 | ---- | M] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.06.02 15:35:15 | 000,000,003 | ---- | M] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.06.02 14:19:42 | 000,186,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012.06.02 14:15:12 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012.06.02 06:41:28 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.06.02 06:41:27 | 001,464,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.05.16 09:44:04 | 000,001,248 | ---- | M] () -- C:\Users\ALT\Desktop\Sonderzeichen.lnk
[2012.05.14 06:26:34 | 000,956,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012.05.05 09:36:55 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012.05.04 12:00:43 | 000,366,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.05.04 10:59:54 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.05.02 12:17:12 | 000,617,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\comctl32.ocx
[2012.04.27 09:54:28 | 000,001,179 | ---- | M] () -- C:\Users\ALT\Desktop\SRK03 2012.lnk
[2012.04.26 11:06:22 | 000,000,759 | ---- | M] () -- C:\Users\ALT\Desktop\RKS93 Citroen 2012.lnk
[2012.04.26 06:41:56 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012.04.26 06:41:55 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012.04.26 06:34:27 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012.04.07 13:31:40 | 003,216,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012.03.26 20:57:08 | 000,001,398 | ---- | M] () -- C:\Users\ALT\Desktop\Windows7 Besonderheiten.lnk
 
========== Files Created - No Company Name ==========
 
[2013.03.06 00:10:06 | 000,036,680 | ---- | C] () -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2013.03.05 22:28:45 | 013,786,977 | ---- | C] () -- C:\Users\ALT\Desktop\mbar-1.01.0.1021.zip
[2013.03.02 14:13:37 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.27 01:17:12 | 000,002,323 | ---- | C] () -- C:\Users\Public\Desktop\Efuah Steuer Office aufrufen.lnk
[2013.02.27 00:58:56 | 000,002,875 | ---- | C] () -- C:\Users\Public\Desktop\Efuah Formular-Manager.lnk
[2013.01.27 16:34:55 | 000,002,082 | ---- | C] () -- C:\Users\ALT\Desktop\test und FINANZtest Archiv CD-Rom 2011.lnk
[2013.01.27 16:23:56 | 000,002,022 | ---- | C] () -- C:\Users\ALT\Desktop\test und FINANZtest Archiv CD-Rom 2012.lnk
[2013.01.24 19:08:50 | 000,002,327 | ---- | C] () -- C:\Users\Public\Desktop\Efuah Personal Office Standard.lnk
[2013.01.19 16:01:43 | 000,000,941 | ---- | C] () -- C:\Users\Public\Desktop\Vetad Arbeitsplatz pro V.3.1.lnk
[2013.01.02 19:18:53 | 000,004,096 | -H-- | C] () -- C:\Users\ALT\AppData\Local\keyfile3.drm
[2012.12.16 13:54:18 | 000,001,387 | ---- | C] () -- C:\Users\ALT\Desktop\Jahresrundschreiben 2012.lnk
[2012.12.16 12:48:32 | 000,004,096 | ---- | C] () -- C:\Users\Public\Documents\00000F38.LCS
[2012.12.16 10:34:03 | 000,002,178 | ---- | C] () -- C:\Users\Public\Desktop\web to date 6.0.lnk
[2012.12.13 07:41:27 | 001,868,868 | ---- | C] () -- C:\Users\Public\Documents\mstrust.dll
[2012.12.11 21:56:34 | 000,000,328 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForALT.job
[2012.12.09 18:18:02 | 000,001,294 | ---- | C] () -- C:\Users\ALT\Desktop\Computer Management (2).lnk
[2012.12.08 11:48:27 | 000,001,091 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PhraseExpress.lnk
[2012.12.06 00:05:37 | 000,000,999 | ---- | C] () -- C:\Users\ALT\Desktop\FreeCommander.lnk
[2012.12.05 19:20:10 | 000,002,079 | ---- | C] () -- C:\Users\ALT\Desktop\JDownloader.lnk
[2012.12.05 19:20:07 | 000,002,043 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2012.12.05 19:20:07 | 000,001,987 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2012.12.05 19:20:07 | 000,001,966 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2012.11.22 00:23:55 | 000,001,007 | ---- | C] () -- C:\Users\ALT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jZip.lnk
[2012.11.22 00:23:55 | 000,000,977 | ---- | C] () -- C:\Users\ALT\Desktop\jZip.lnk
[2012.11.17 00:55:21 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.11.17 00:48:53 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.11.14 14:15:47 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2012.11.14 14:15:47 | 000,002,021 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2012.11.14 13:59:26 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.12 15:11:11 | 000,007,605 | ---- | C] () -- C:\Users\ALT\AppData\Local\Resmon.ResmonCfg
[2012.11.11 10:07:54 | 000,001,029 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Basisschnittstelle Office Initialisierung.lnk
[2012.11.11 10:03:42 | 000,001,505 | ---- | C] () -- C:\Windows\HBCIKRNL.INI
[2012.11.11 09:59:51 | 000,001,821 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CleanupPrintJobs.lnk
[2012.11.11 09:55:20 | 000,000,227 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2012.11.06 09:42:51 | 000,001,105 | ---- | C] () -- C:\Users\ALT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PhraseExpress Diagnose-Modus.lnk
[2012.11.01 09:38:03 | 000,900,963 | ---- | C] () -- C:\Windows\SysWow64\sig.bin
[2012.11.01 09:38:03 | 000,047,230 | ---- | C] () -- C:\Windows\SysWow64\nmp.map
[2012.10.25 15:19:10 | 000,001,871 | ---- | C] () -- C:\Users\ALT\Desktop\WeinzierlM Fibubeanstandungen Musterbrief.lnk
[2012.10.18 14:45:37 | 000,016,387 | ---- | C] () -- C:\Windows\German.ini
[2012.10.18 14:45:37 | 000,001,291 | ---- | C] () -- C:\Users\ALT\Desktop\3D Traumhaus Designer 7 Pro.lnk
[2012.10.18 13:27:17 | 000,001,102 | ---- | C] () -- C:\Users\Public\Desktop\shop to date.lnk
[2012.10.18 13:26:59 | 000,446,464 | ---- | C] () -- C:\Windows\SysWow64\Tx32.dll
[2012.10.18 13:26:59 | 000,000,151 | ---- | C] () -- C:\Windows\SysWow64\ic32.ini
[2012.10.18 13:20:06 | 000,004,096 | ---- | C] () -- C:\Users\Public\Documents\PCD1054.L!C
[2012.09.25 09:37:05 | 000,001,278 | ---- | C] () -- C:\Users\ALT\Desktop\sichern Mails nach externer Sicherungsplatte f.lnk
[2012.09.25 08:12:00 | 000,001,200 | ---- | C] () -- C:\Users\ALT\Desktop\sichern Mails nach c.lnk
[2012.09.24 14:33:40 | 000,002,104 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2012.09.24 14:33:40 | 000,002,092 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2012.09.09 13:49:49 | 000,001,249 | ---- | C] () -- C:\Users\ALT\Desktop\Temporaere Dateien loeschen PC01.lnk
[2012.09.08 20:33:57 | 000,001,291 | ---- | C] () -- C:\Users\ALT\Desktop\Acronis*True*Image*Home.lnk
[2012.09.06 15:22:54 | 000,001,385 | ---- | C] () -- C:\Users\ALT\Desktop\ZMSD Besonderheiten.lnk
[2012.09.06 15:13:16 | 000,001,175 | ---- | C] () -- C:\Users\ALT\Desktop\sonstiges Erledigen.lnk
[2012.09.06 15:12:42 | 000,001,543 | ---- | C] () -- C:\Users\ALT\Desktop\Jahresrundschreiben 2011.lnk
[2012.09.06 14:44:50 | 000,001,229 | ---- | C] () -- C:\Users\ALT\Desktop\Musterrechendatei Excel.lnk
[2012.09.06 14:44:32 | 000,001,805 | ---- | C] () -- C:\Users\ALT\Desktop\WeinzierlM ABCrahmen Lieferanten.lnk
[2012.09.06 14:40:50 | 000,001,662 | ---- | C] () -- C:\Users\ALT\Desktop\WeinzierlM ABCrahmen.lnk
[2012.09.06 14:40:50 | 000,001,508 | ---- | C] () -- C:\Users\ALT\Desktop\Vetad-Vorsteuerschluessel EG-Job.lnk
[2012.09.06 14:40:50 | 000,001,358 | ---- | C] () -- C:\Users\ALT\Desktop\Vetad Suche in Info-Datenbank.lnk
[2012.09.06 14:40:50 | 000,001,179 | ---- | C] () -- C:\Users\ALT\Desktop\SRK03 2012.lnk
[2012.09.06 14:40:49 | 000,000,759 | ---- | C] () -- C:\Users\ALT\Desktop\RKS93 Citroen 2012.lnk
[2012.09.06 14:40:21 | 000,001,436 | ---- | C] () -- C:\Users\ALT\Desktop\Word2010 Besonderheiten.lnk
[2012.09.06 14:40:21 | 000,001,417 | ---- | C] () -- C:\Users\ALT\Desktop\Dateien Suche.lnk
[2012.09.06 14:40:21 | 000,001,398 | ---- | C] () -- C:\Users\ALT\Desktop\Windows7 Besonderheiten.lnk
[2012.09.06 14:40:21 | 000,001,385 | ---- | C] () -- C:\Users\ALT\Desktop\Excel2010 Besonderheiten.lnk
[2012.09.06 14:40:21 | 000,001,308 | ---- | C] () -- C:\Users\ALT\Desktop\Vetad0 PRO Seminare Online.lnk
[2012.09.06 14:39:10 | 000,001,200 | ---- | C] () -- C:\Users\ALT\Desktop\Auf Desktops erledigen.lnk
[2012.09.06 14:39:10 | 000,001,175 | ---- | C] () -- C:\Users\ALT\Desktop\Programme erledigen.lnk
[2012.09.06 14:39:10 | 000,001,172 | ---- | C] () -- C:\Users\ALT\Desktop\Internet erledigen.lnk
[2012.09.06 14:39:10 | 000,001,161 | ---- | C] () -- C:\Users\ALT\Desktop\aktuell erledigen.lnk
[2012.08.31 09:57:49 | 000,001,031 | ---- | C] () -- C:\Users\Public\Desktop\Biet-O-Matic.lnk
[2012.08.31 09:57:22 | 000,015,873 | ---- | C] () -- C:\Windows\SysWow64\Inetde.dll
[2012.08.30 14:18:50 | 000,001,151 | ---- | C] () -- C:\Users\ALT\Desktop\Excel 2010 Homeformat.lnk
[2012.08.29 23:35:14 | 000,001,091 | ---- | C] () -- C:\Users\ALT\Desktop\PhraseExpress starten.lnk
[2012.08.26 16:06:44 | 000,002,151 | ---- | C] () -- C:\Users\ALT\Desktop\ControlCenter3.lnk
[2012.08.26 16:00:31 | 000,000,256 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2012.08.26 16:00:31 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini
[2012.08.26 16:00:14 | 000,000,416 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012.08.26 16:00:13 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD8860DN.DAT
[2012.08.26 15:59:29 | 000,000,050 | ---- | C] () -- C:\Windows\SysNative\bd8860dn.dat
[2012.08.26 15:59:25 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\BrMuSNMP.dll
[2012.08.26 15:59:25 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2012.08.26 15:59:25 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2012.08.26 15:59:24 | 000,143,360 | ---- | C] () -- C:\Windows\SysNative\BrSNMP64.dll
[2012.08.26 15:59:22 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL
[2012.08.26 15:59:15 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI
[2012.08.26 12:27:54 | 046,404,496 | ---- | C] () -- C:\Users\ALT\Documents\videos_68.flv
[2012.08.26 11:58:35 | 091,667,889 | ---- | C] () -- C:\Users\ALT\Documents\videos_67.flv
[2012.08.26 11:32:40 | 074,495,981 | ---- | C] () -- C:\Users\ALT\Documents\videos_66.flv
[2012.08.26 10:49:42 | 073,212,401 | ---- | C] () -- C:\Users\ALT\Documents\videos_65.flv
[2012.08.26 10:32:41 | 055,779,947 | ---- | C] () -- C:\Users\ALT\Documents\videos_64.flv
[2012.08.26 10:29:45 | 001,001,586 | ---- | C] () -- C:\Users\ALT\Documents\Banner_MBUY-Facial_01rahmenB-770-265_0.flv
[2012.08.26 10:02:15 | 001,001,586 | ---- | C] () -- C:\Users\ALT\Documents\Banner_MBUY-Facial_01rahmenB-770-265.flv
[2012.08.23 20:32:31 | 019,341,096 | ---- | C] () -- C:\Users\ALT\Documents\videos_63.flv
[2012.08.21 22:37:15 | 088,486,554 | ---- | C] () -- C:\Users\ALT\Documents\videos_62.flv
[2012.08.21 21:13:31 | 075,713,292 | ---- | C] () -- C:\Users\ALT\Documents\videos_61.flv
[2012.08.21 20:37:24 | 060,606,134 | ---- | C] () -- C:\Users\ALT\Documents\videos_60.flv
[2012.08.21 19:57:35 | 019,132,661 | ---- | C] () -- C:\Users\ALT\Documents\videos_59.flv
[2012.08.21 18:23:28 | 106,281,442 | ---- | C] () -- C:\Users\ALT\Documents\videos_58.flv
[2012.08.21 18:10:29 | 006,362,545 | ---- | C] () -- C:\Users\ALT\Documents\videos_57.flv
[2012.08.21 17:05:58 | 066,596,239 | ---- | C] () -- C:\Users\ALT\Documents\videos_56.flv
[2012.08.21 17:03:28 | 004,698,327 | ---- | C] () -- C:\Users\ALT\Documents\videos_55.flv
[2012.08.21 16:17:13 | 062,456,628 | ---- | C] () -- C:\Users\ALT\Documents\videos_54.flv
[2012.08.19 23:36:53 | 080,959,300 | ---- | C] () -- C:\Users\ALT\Documents\videos_53.flv
[2012.08.19 22:44:38 | 091,909,044 | ---- | C] () -- C:\Users\ALT\Documents\videos_52.flv
[2012.08.19 22:10:29 | 069,508,762 | ---- | C] () -- C:\Users\ALT\Documents\videos_51.flv
[2012.08.19 22:08:30 | 001,355,887 | ---- | C] () -- C:\Users\ALT\Documents\videos_50.flv
[2012.08.19 21:31:18 | 076,347,020 | ---- | C] () -- C:\Users\ALT\Documents\videos_49.flv
[2012.08.19 21:02:59 | 087,174,512 | ---- | C] () -- C:\Users\ALT\Documents\videos_48.flv
[2012.08.19 20:46:10 | 046,708,616 | ---- | C] () -- C:\Users\ALT\Documents\videos_47.flv
[2012.08.19 20:44:14 | 008,040,020 | ---- | C] () -- C:\Users\ALT\Documents\videos_46.flv
[2012.08.15 22:04:26 | 041,591,245 | ---- | C] () -- C:\Users\ALT\Documents\videos_45.flv
[2012.08.15 17:31:23 | 121,739,096 | ---- | C] () -- C:\Users\ALT\Documents\videos_44.flv
[2012.08.15 16:56:09 | 000,772,199 | ---- | C] () -- C:\Users\ALT\Documents\tease_cut_Greentube_mya.flv
[2012.08.15 16:10:49 | 063,832,286 | ---- | C] () -- C:\Users\ALT\Documents\videos_43.flv
[2012.08.15 15:44:41 | 060,955,282 | ---- | C] () -- C:\Users\ALT\Documents\videos_42.flv
[2012.08.15 14:41:53 | 003,634,347 | ---- | C] () -- C:\Users\ALT\Documents\Banner_MBUY-Facial_02-770-265.flv
[2012.08.15 12:57:51 | 093,972,940 | ---- | C] () -- C:\Users\ALT\Documents\videos_41.flv
[2012.08.15 12:07:01 | 022,926,494 | ---- | C] () -- C:\Users\ALT\Documents\videos_40.flv
[2012.08.15 10:53:27 | 050,241,384 | ---- | C] () -- C:\Users\ALT\Documents\videos_39.flv
[2012.08.15 10:36:52 | 033,998,235 | ---- | C] () -- C:\Users\ALT\Documents\videos_38.flv
[2012.08.15 10:35:07 | 000,924,587 | ---- | C] () -- C:\Users\ALT\Documents\videos_37.flv
[2012.08.15 10:32:45 | 000,775,801 | ---- | C] () -- C:\Users\ALT\Documents\j_fl_160x160_8.flv
[2012.08.15 09:37:50 | 101,331,862 | ---- | C] () -- C:\Users\ALT\Documents\videos_36.flv
[2012.08.15 08:59:49 | 076,601,884 | ---- | C] () -- C:\Users\ALT\Documents\videos_35.flv
[2012.08.15 06:53:50 | 092,115,125 | ---- | C] () -- C:\Users\ALT\Documents\videos_34.flv
[2012.08.12 22:48:51 | 091,738,995 | ---- | C] () -- C:\Users\ALT\Documents\videos_33.flv
[2012.08.12 22:24:58 | 029,058,789 | ---- | C] () -- C:\Users\ALT\Documents\videos_32.flv
[2012.08.12 21:09:38 | 081,613,592 | ---- | C] () -- C:\Users\ALT\Documents\videos_31.flv
[2012.08.12 20:23:48 | 077,425,480 | ---- | C] () -- C:\Users\ALT\Documents\videos_30.flv
[2012.08.12 20:10:43 | 016,077,670 | ---- | C] () -- C:\Users\ALT\Documents\videos_29.flv
[2012.08.12 19:47:44 | 057,892,346 | ---- | C] () -- C:\Users\ALT\Documents\videos_28.flv
[2012.08.12 18:52:48 | 016,608,213 | ---- | C] () -- C:\Users\ALT\Documents\videos_27.flv
[2012.08.12 17:55:23 | 085,905,801 | ---- | C] () -- C:\Users\ALT\Documents\videos_26.flv
[2012.08.12 17:28:31 | 053,584,977 | ---- | C] () -- C:\Users\ALT\Documents\videos_25.flv
[2012.08.11 11:16:37 | 000,438,672 | ---- | C] () -- C:\Users\ALT\Documents\56.flv
[2012.08.11 10:37:20 | 060,319,581 | ---- | C] () -- C:\Users\ALT\Documents\videos_24.flv
[2012.08.11 10:22:13 | 039,706,047 | ---- | C] () -- C:\Users\ALT\Documents\videos_23.flv
[2012.08.11 10:01:24 | 017,239,303 | ---- | C] () -- C:\Users\ALT\Documents\videos_22.flv
[2012.08.11 09:00:26 | 016,742,865 | ---- | C] () -- C:\Users\ALT\Documents\videos_21.flv
[2012.08.11 08:52:02 | 022,238,487 | ---- | C] () -- C:\Users\ALT\Documents\videos_20.flv
[2012.07.07 15:06:37 | 000,001,905 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
[2012.07.05 21:57:29 | 016,077,670 | ---- | C] () -- C:\Users\ALT\Documents\videos_19.flv
[2012.07.04 20:42:36 | 018,974,312 | ---- | C] () -- C:\Users\ALT\Documents\videos_18.flv
[2012.07.04 18:58:34 | 105,224,731 | ---- | C] () -- C:\Users\ALT\Documents\This One is drink.flv
[2012.07.04 18:53:04 | 006,772,161 | ---- | C] () -- C:\Users\ALT\Documents\Threesome with nice mans 3.flv
[2012.07.04 18:42:21 | 011,095,337 | ---- | C] () -- C:\Users\ALT\Documents\Best sqt compilation.flv
[2012.07.03 18:24:10 | 100,709,626 | ---- | C] () -- C:\Users\ALT\Documents\videos_17.flv
[2012.07.03 17:35:44 | 084,774,420 | ---- | C] () -- C:\Users\ALT\Documents\videos_16.flv
[2012.07.02 18:53:46 | 065,051,306 | ---- | C] () -- C:\Users\ALT\Documents\videos_15.flv
[2012.06.30 11:03:40 | 097,996,979 | ---- | C] () -- C:\Users\ALT\Documents\videos_14.flv
[2012.06.30 09:42:02 | 076,286,678 | ---- | C] () -- C:\Users\ALT\Documents\videos_13.flv
[2012.06.30 09:01:22 | 030,302,097 | ---- | C] () -- C:\Users\ALT\Documents\videos_12.flv
[2012.06.30 08:49:18 | 022,133,951 | ---- | C] () -- C:\Users\ALT\Documents\videos_11.flv
[2012.06.30 08:13:05 | 100,860,195 | ---- | C] () -- C:\Users\ALT\Documents\videos_10.flv
[2012.06.30 06:57:18 | 077,179,761 | ---- | C] () -- C:\Users\ALT\Documents\videos_9.flv
[2012.06.28 18:47:34 | 090,943,109 | ---- | C] () -- C:\Users\ALT\Documents\videos_8.flv
[2012.06.28 17:58:39 | 090,943,109 | ---- | C] () -- C:\Users\ALT\Documents\videos_7.flv
[2012.06.28 17:54:41 | 001,184,487 | ---- | C] () -- C:\Users\ALT\Documents\videos_6.flv
[2012.06.28 16:40:44 | 079,058,471 | ---- | C] () -- C:\Users\ALT\Documents\videos_5.flv
[2012.06.28 00:08:05 | 045,229,206 | ---- | C] () -- C:\Users\ALT\Documents\videos_4.flv
[2012.06.27 23:49:59 | 016,778,353 | ---- | C] () -- C:\Users\ALT\Documents\videos_3.flv
[2012.06.27 23:26:25 | 000,609,495 | ---- | C] () -- C:\Users\ALT\Documents\videos_0.flv
[2012.06.27 23:09:33 | 079,667,140 | ---- | C] () -- C:\Users\ALT\Documents\videos_2.flv
[2012.06.27 19:00:14 | 097,067,637 | ---- | C] () -- C:\Users\ALT\Documents\videos_1.flv
[2012.06.27 18:12:45 | 105,078,099 | ---- | C] () -- C:\Users\ALT\Documents\videos.flv
[2012.06.13 16:37:51 | 000,000,000 | ---- | C] () -- C:\Users\ALT\defogger_reenable
[2012.06.12 22:32:35 | 000,000,052 | ---- | C] () -- C:\ProgramData\ckpgxccjdmbsnlv
[2012.05.17 10:12:51 | 000,002,637 | ---- | C] () -- C:\Users\ALT\Desktop\Corel PHOTO-PAINT 12.lnk
[2012.05.16 09:44:04 | 000,001,248 | ---- | C] () -- C:\Users\ALT\Desktop\Sonderzeichen.lnk
[2012.05.14 06:27:49 | 000,010,595 | ---- | C] () -- C:\Windows\SysWow64\UpdateAction_30032012.exe.dmp
[2012.03.28 16:20:35 | 000,001,231 | ---- | C] () -- C:\Users\ALT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TK-Suite Client.lnk
[2012.03.09 05:31:26 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.03.09 05:31:26 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.03.09 00:26:20 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2012.03.07 18:32:57 | 001,335,296 | ---- | C] () -- C:\Windows\SysWow64\p2pfilter.dll
[2012.03.07 18:32:57 | 000,253,952 | ---- | C] () -- C:\Windows\SysWow64\DSPlayer.dll
[2012.02.07 09:47:33 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2012.02.07 09:47:33 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\advd.dll
[2012.02.07 09:47:33 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\auth.dll
[2012.01.31 06:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.01.23 18:44:25 | 000,005,703 | ---- | C] () -- C:\Users\ALT\AppData\Local\EmptySettings.xml
[2012.01.14 12:36:51 | 000,035,328 | ---- | C] () -- C:\Windows\SysWow64\INETWH32.DLL
[2012.01.14 12:36:51 | 000,009,136 | ---- | C] () -- C:\Windows\SysWow64\INETWH16.DLL
[2012.01.14 11:39:58 | 000,000,196 | ---- | C] () -- C:\Windows\ktel.ini
[2012.01.03 14:47:17 | 000,001,471 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2012.01.03 14:42:58 | 000,000,046 | ---- | C] () -- C:\Windows\BRUNVPC.INI
[2012.01.03 12:42:36 | 000,000,526 | ---- | C] () -- C:\Windows\ODBC.INI
[2012.01.03 12:21:37 | 000,000,021 | ---- | C] () -- C:\Windows\DvInesKurusOleServer003.INI
[2012.01.03 12:19:42 | 000,000,096 | ---- | C] () -- C:\Windows\dvinesinstalllocation001.INI
[2012.01.03 12:12:14 | 000,000,097 | ---- | C] () -- C:\Windows\Startup.INI
[2012.01.03 11:48:38 | 000,004,876 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012.01.03 08:28:19 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.12.09 00:10:23 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.12.09 00:10:23 | 000,206,952 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.12.09 00:10:22 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 255 bytes -> C:\ProgramData\TEMP:0574215C
@Alternate Data Stream - 247 bytes -> C:\ProgramData\TEMP:D95ACC7D

< End of report >

spartaner007 · 13.03.2013, 00:19

Hier OTL Extra:
OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 12.03.2013 12:06:22 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\ALT\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,96 Gb Total Physical Memory | 0,96 Gb Available Physical Memory | 24,37% Memory free
8,08 Gb Paging File | 2,49 Gb Available in Paging File | 30,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 458,50 Gb Total Space | 282,11 Gb Free Space | 61,53% Space Free | Partition Type: NTFS
Drive D: | 7,17 Gb Total Space | 0,92 Gb Free Space | 12,80% Space Free | Partition Type: NTFS
Drive K: | 55,85 Gb Total Space | 6,00 Gb Free Space | 10,74% Space Free | Partition Type: NTFS
Drive L: | 55,85 Gb Total Space | 6,00 Gb Free Space | 10,74% Space Free | Partition Type: NTFS
Drive P: | 55,85 Gb Total Space | 6,00 Gb Free Space | 10,74% Space Free | Partition Type: NTFS
Drive Q: | 55,85 Gb Total Space | 6,00 Gb Free Space | 10,74% Space Free | Partition Type: NTFS
 
Computer Name: PC01 | User Name: ALT | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
 
[HKEY_USERS\S-1-5-21-3819896947-3942532061-1754202372-1137\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Vetad\PROGRAMM\Numzus\NumZus.exe" = C:\Vetad\PROGRAMM\NUMZUS\NumZus.exe:*:Enabled:NumZus.exe -- (Vetad eG)
"C:\Vetad\SYSTEM\DvpExe.exe" = C:\Vetad\SYSTEM\DvpExe.exe:*:Enabled:DvpExe.exe -- (Vetad eG)
"C:\Vetad\SYSTEM\DcomSrv.exe" = C:\Vetad\SYSTEM\DcomSrv.exe:*:Enabled:DcomSrv.exe -- (Vetad eG)
"C:\Vetad\PROGRAMM\RWApplic\Vetad.Irw.Managed.ServiceProvider.exe" = C:\Vetad\PROGRAMM\RWAPPLIC\Vetad.Irw.Managed.ServiceProvider.exe:*:Enabled:Vetad IRW ServiceProvider -- (Vetad eG)
"C:\Vetad\PROGRAMM\Mandant\Mandant.exe" = C:\Vetad\PROGRAMM\MANDANT\Mandant.exe:*:Enabled:Mandant.exe -- (Vetad eG)
"C:\Vetad\PROGRAMM\Numzus\NumZus.exe" = C:\Vetad\PROGRAMM\NUMZUS\NumZus.exe:*:Enabled:NumZus.exe -- (Vetad eG)
"C:\Vetad\SYSTEM\DvpExe.exe" = C:\Vetad\SYSTEM\DvpExe.exe:*:Enabled:DvpExe.exe -- (Vetad eG)
"C:\Vetad\SYSTEM\DcomSrv.exe" = C:\Vetad\SYSTEM\DcomSrv.exe:*:Enabled:DcomSrv.exe -- (Vetad eG)
"C:\Vetad\PROGRAMM\RWApplic\Vetad.Irw.Managed.ServiceProvider.exe" = C:\Vetad\PROGRAMM\RWAPPLIC\Vetad.Irw.Managed.ServiceProvider.exe:*:Enabled:Vetad IRW ServiceProvider -- (Vetad eG)
"C:\Vetad\PROGRAMM\Mandant\Mandant.exe" = C:\Vetad\PROGRAMM\MANDANT\Mandant.exe:*:Enabled:Mandant.exe -- (Vetad eG)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Vetad\PROGRAMM\Numzus\NumZus.exe" = C:\Vetad\PROGRAMM\NUMZUS\NumZus.exe:*:Enabled:NumZus.exe -- (Vetad eG)
"C:\Vetad\SYSTEM\DvpExe.exe" = C:\Vetad\SYSTEM\DvpExe.exe:*:Enabled:DvpExe.exe -- (Vetad eG)
"C:\Vetad\SYSTEM\DcomSrv.exe" = C:\Vetad\SYSTEM\DcomSrv.exe:*:Enabled:DcomSrv.exe -- (Vetad eG)
"C:\Vetad\PROGRAMM\RWApplic\Vetad.Irw.Managed.ServiceProvider.exe" = C:\Vetad\PROGRAMM\RWAPPLIC\Vetad.Irw.Managed.ServiceProvider.exe:*:Enabled:Vetad IRW ServiceProvider -- (Vetad eG)
"C:\Vetad\PROGRAMM\Mandant\Mandant.exe" = C:\Vetad\PROGRAMM\MANDANT\Mandant.exe:*:Enabled:Mandant.exe -- (Vetad eG)
"C:\Vetad\PROGRAMM\Numzus\NumZus.exe" = C:\Vetad\PROGRAMM\NUMZUS\NumZus.exe:*:Enabled:NumZus.exe -- (Vetad eG)
"C:\Vetad\SYSTEM\DvpExe.exe" = C:\Vetad\SYSTEM\DvpExe.exe:*:Enabled:DvpExe.exe -- (Vetad eG)
"C:\Vetad\SYSTEM\DcomSrv.exe" = C:\Vetad\SYSTEM\DcomSrv.exe:*:Enabled:DcomSrv.exe -- (Vetad eG)
"C:\Vetad\PROGRAMM\RWApplic\Vetad.Irw.Managed.ServiceProvider.exe" = C:\Vetad\PROGRAMM\RWAPPLIC\Vetad.Irw.Managed.ServiceProvider.exe:*:Enabled:Vetad IRW ServiceProvider -- (Vetad eG)
"C:\Vetad\PROGRAMM\Mandant\Mandant.exe" = C:\Vetad\PROGRAMM\MANDANT\Mandant.exe:*:Enabled:Mandant.exe -- (Vetad eG)
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10C4A4DC-DC10-4D70-8DEE-4B5D2B3B2248}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | 
"{2385222C-BFB6-465B-BCF4-9C90A174FB77}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{8ED5ED28-E9CA-48AF-9CE8-DC98A0EC921F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | 
"{937163CE-ACE4-42F6-806C-6559F8AEAF6F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{D5D2FE1F-7D32-4E8D-8EB1-0246E90EECC4}" = lport=1947 | protocol=17 | dir=in | name=hasp srm  | 
"{E912A675-D7AD-4B1F-B6C9-B589B1646E1C}" = lport=1947 | protocol=6 | dir=in | name=hasp srm  | 
"{EF9CDC5C-1F9F-4F3E-963C-7E7AAC7FF6B9}" = lport=58432 | protocol=6 | dir=in | app=c:\Vetad\programm\sws\limaservice.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A774F85-049F-4009-A669-51F6513D0F2D}" = dir=in | app=c:\program files (x86)\phraseexpress\phraseexpress.exe | 
"{0C29C4AF-2379-476E-A769-29B22F27DAAB}" = protocol=6 | dir=in | app=c:\Vetad\programm\b0000195\addman\Vetadaddman.exe | 
"{138A363D-C706-436A-8D20-19CFBB07B55B}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\acronis\syncagent\syncagentsrv.exe | 
"{145BE8C9-20FA-48F5-AD71-EEBB06E97CC7}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
"{163EDC05-D6CE-414F-AB80-95473ADA63F2}" = protocol=6 | dir=in | app=c:\Vetad\system\ccsrv3.exe | 
"{1662B3D3-6A16-4304-9CF0-B708284371B0}" = protocol=6 | dir=in | app=c:\Vetad\programm\rwapplic\Vetad.irw.managed.serviceprovider.exe | 
"{1EC65555-8DB3-45BA-80EA-311E829A6B8C}" = protocol=6 | dir=in | app=c:\program files (x86)\searchqu toolbar\datamngr\toolbar\dtuser.exe | 
"{22546E69-EA1A-4762-BD0E-059D53A08911}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\acronis\syncagent\syncagentsrv.exe | 
"{37853316-8405-4D28-A25C-8D478CC96B46}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 
"{37D3C626-0E82-4F46-BB07-CF8D64978D4B}" = protocol=6 | dir=in | app=c:\Vetad\programm\b0000391\Vetad.security.dokumentenschutz.exe | 
"{3D9B21EB-2E06-49F0-A639-800B73DB3A2D}" = protocol=6 | dir=in | app=c:\Vetad\programm\b0000000\dfuemngr\dfueman.exe | 
"{433CAD54-798E-4C3F-8C54-5BCD39463810}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
"{46D73661-4D30-44F4-930A-88A8764A96FC}" = protocol=6 | dir=in | app=c:\Vetad\programm\dfueisdn\sslclt\sslclt.exe | 
"{74442853-BAD6-4C65-A083-DDAEBF40FC4D}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe | 
"{74BB54F9-E6EC-4B4D-BD36-8F58C1A28DCC}" = protocol=6 | dir=in | app=c:\Vetad\programm\dfuews\mntbna\mntbna.exe | 
"{82B24634-B99E-479D-A000-F6F96F508B46}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{8A6B822F-7368-4AC2-9043-3769A8BF205F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 
"{8E0BDC2A-E338-4FEB-809A-F44B0AF3FDA1}" = protocol=6 | dir=in | app=c:\Vetad\programm\b0000000\dfuemngr\dcmanag.exe | 
"{93E338CA-D75E-4AF6-B309-593E5424E936}" = protocol=6 | dir=in | app=c:\program files (x86)\g data\avkclient\avkcl.exe | 
"{9F2CB48E-0684-4A11-9852-3663B50426E1}" = protocol=6 | dir=in | app=c:\Vetad\programm\rzkomm\dfuesammlerdienst.exe | 
"{BD07B00C-D5C3-45CF-AEA0-5E33457E96B0}" = protocol=17 | dir=in | app=c:\program files (x86)\searchqu toolbar\datamngr\toolbar\dtuser.exe | 
"{CEE6D5F1-4F6B-4D1B-BDB6-00F7A065FB3E}" = protocol=6 | dir=in | app=c:\Vetad\programm\rzkomm\funkt_fv.exe | 
"{D962534B-16F6-4F17-AC8F-208D61DE2299}" = dir=in | app=c:\windows\system32\hasplms.exe | 
"{DE4CBA35-641B-4F89-9D59-0FC100571761}" = protocol=6 | dir=in | app=c:\Vetad\programm\b0000398\sipahost.exe | 
"{E046DFB2-F083-473B-AD57-ED7E637112EF}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe | 
"{E1872177-5C4C-48B7-9B52-81AF886E767E}" = protocol=6 | dir=in | app=c:\Vetad\programm\k0005000\arbeitsplatz.exe | 
"{E8F9144E-2C44-47F0-A8D2-01945C002780}" = protocol=17 | dir=in | app=c:\program files (x86)\g data\avkclient\avkcl.exe | 
"{EBA9312D-1198-4AE2-B475-5854A8A613E9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{EF66A39B-C95C-42F1-8572-76719324EEA1}" = dir=in | app=c:\program files (x86)\phraseexpress\phraseexpress.exe | 
"{F71AB79D-F997-4A28-8197-BEA2299ECC96}" = dir=in | app=c:\program files (x86)\phraseexpress\phraseexpress.exe | 
"TCP Query User{2CD8E70E-6CBD-4C25-BFDF-F8A0E140B050}C:\users\ALT\appdata\local\data becker\web to date 6.0\apache\apache.exe" = protocol=6 | dir=in | app=c:\users\ALT\appdata\local\data becker\web to date 6.0\apache\apache.exe | 
"TCP Query User{2DE4F6D0-E676-4B10-A585-357516B63CC3}C:\program files (x86)\g data\avkclient\avkcl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\g data\avkclient\avkcl.exe | 
"TCP Query User{46041A11-F91C-4003-89EF-FF3321388378}C:\program files (x86)\acronis\trueimagehome\trueimage.exe" = protocol=6 | dir=in | app=c:\program files (x86)\acronis\trueimagehome\trueimage.exe | 
"TCP Query User{58BEF8A0-A005-4777-BC57-295BB38CCD85}C:\Vetad\programm\dfueisdn\sslclt\sslclt.exe" = protocol=6 | dir=in | app=c:\Vetad\programm\dfueisdn\sslclt\sslclt.exe | 
"TCP Query User{D1629DD7-28E6-4EF7-821B-F603739249C3}C:\program files (x86)\g data\avkclient\avkcl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\g data\avkclient\avkcl.exe | 
"TCP Query User{F8BAC537-545E-49AA-A628-0E017D445F69}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"UDP Query User{1DA03D52-7559-4F7C-B2CB-A263D5BBFBA5}C:\program files (x86)\g data\avkclient\avkcl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\g data\avkclient\avkcl.exe | 
"UDP Query User{1E6B0306-CFC4-4A6F-B774-E1BB6C677DB0}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"UDP Query User{44B8ED4F-BB55-4CCE-83A0-E9516688A66C}C:\Vetad\programm\dfueisdn\sslclt\sslclt.exe" = protocol=17 | dir=in | app=c:\Vetad\programm\dfueisdn\sslclt\sslclt.exe | 
"UDP Query User{C059E750-6156-4010-84C0-5CFBF97EDB94}C:\program files (x86)\acronis\trueimagehome\trueimage.exe" = protocol=17 | dir=in | app=c:\program files (x86)\acronis\trueimagehome\trueimage.exe | 
"UDP Query User{CD30E9B5-C078-4449-8780-D294E4866F95}C:\program files (x86)\g data\avkclient\avkcl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\g data\avkclient\avkcl.exe | 
"UDP Query User{D1D5FBEC-B73C-4D8B-B5AA-7468E14D716E}C:\users\ALT\appdata\local\data becker\web to date 6.0\apache\apache.exe" = protocol=17 | dir=in | app=c:\users\ALT\appdata\local\data becker\web to date 6.0\apache\apache.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{054EF02F-95D8-48F4-9EEB-2F9CE3072ED8}" = AuthenTec TrueAPI
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{13815D81-44B6-7ADA-2A41-FFFC64DD6FAB}" = ccc-utility64
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417013FF}" = Java 7 Update 13 (64-bit)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{36B72E6E-E433-45FC-A929-C416FF63415A}" = Microsoft SQL Server 2005-Abwärtskompatibilität
"{3987279A-3504-2916-D063-741B910F0747}" = AMD Accelerated Video Transcoding
"{4D533F05-A3F6-F8A9-F1F6-FA6812089D36}" = AMD Drag and Drop Transcoding
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7C39E0D1-E138-42B1-B083-213EC2CF7692}" = Microsoft SQL Server Native Client
"{7C5CAFD6-F51C-0011-410B-001EF3E342A7}" = AMD Media Foundation Decoders
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C9B6B1F-0A8E-402A-A60C-110BBB38D67E}" = Intel(R) Network Connections 15.7.176.0
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{90CB2C55-426D-0752-968D-9B0F1110202A}" = AMD Catalyst Install Manager
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B625EA74-59BE-4F69-9400-357F453368FD}" = Nuance PDF Converter Professional 7
"{BFBF33B5-AEFE-454B-A189-DF5013028535}" = SQLXML4
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"PROSetDX" = Intel(R) Network Connections 15.7.176.0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03046EBB-CB7C-4B98-BEFB-690EB955DA22}" = HP Setup
"{063368C4-1F03-46C7-92A8-9066AF67B372}" = SPR532 SmartCard Reader V1.87
"{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}" = Scansoft PDF Professional
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0881ECE5-DCA1-462D-B515-F1732875EC74}" = Vetad Infragistics Runtime V.3.2
"{0A590981-75A9-B968-4A29-718E5A8E1416}" = CCC Help Dutch
"{0E6B8EA7-4FDF-F730-8F28-05720874BE71}" = CCC Help Chinese Traditional
"{1003E625-BE5B-390B-7B60-D483D0B75A26}" = CCC Help Russian
"{1690611F-D4EA-A00D-DAAD-91D216869679}" = CCC Help Polish
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{26A24AE4-039D-4CA4-87B4-2F83217013FF}" = Java 7 Update 13
"{26EED5E6-EC40-35A9-602A-C3CF03A9C1E6}" = CCC Help Portuguese
"{2C33E65D-9187-8F2E-40D8-BD9E24E341FB}" = CCC Help Italian
"{36B6FF8B-38E3-E64C-F840-75F6AAEBE3EA}" = Catalyst Control Center Graphics Previews Common
"{38F6C932-2274-4897-479D-03AA6BA5B567}" = CCC Help Turkish
"{3AB00888-CA03-0BFD-3F3C-C877767192B0}" = CCC Help Swedish
"{3ACA2563-E786-BDD4-C87B-09909BB3F61C}" = CCC Help Thai
"{3BC2C64B-0DA0-974B-6311-AED4F3711DCE}" = CCC Help Danish
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{505AFDC0-5E72-4928-8368-5DEA385E3647}" = CorelDRAW Graphics Suite 12
"{5BAC4DE5-4062-EE34-3337-5F92FE5D5032}" = CCC Help Spanish
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{5C9AA073-814D-4EB3-BE9C-4C1BACBC974C}" = Efuah Formular-Manager
"{5FCFEBE0-EBDA-42A5-BC6E-67B94A47D6F0}" = kobdfu x64x86 driver installation
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B9C00-DAD4-411D-A4A7-D02B50E50C78}" = DFL2010 Microkernel
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.2.0
"{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}" = HP Support Assistant
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{735DEB9C-61BD-4D31-994B-92395BBB4E45}" = Microsoft XML Parser
"{7ADCABE0-E651-6EA5-5128-26E203DAA5E1}" = CCC Help Korean
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F26BC94-9AAA-4FD2-A38A-F13B3ECA3426}" = Crystal Reports Runtime XI
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8815F011-43AF-4F50-BBD8-D78ED3D6F5B9}" = VR-NetWorld
"{8A261769-9640-4DB4-B877-3E00C61967F3}_is1" = SAD onlineTV 5
"{8F80DAA3-8A1D-09E9-57E6-DB0223CF2CE4}" = CCC Help French
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2010 Primary Interop Assemblies
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9211CCBB-BEFE-4A0C-9199-D7A535DBFE5F}" = Brother MFL-Pro Suite MFC-8860DN
"{9298B925-57BA-4169-8C58-1A4BAE757DD7}" = DFL2010 ConfigDB
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A5509EE-5579-46C1-B566-5065545547F9}" = Media Add-ons für Acronis True Image Home 2012
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C411EF9-6EBA-46E3-8132-EDADF1CC0B16}" = SCR3xxx Smart Card Reader
"{9FECD1F1-4B1E-499D-BAF4-B9BDE655554D}" = HP SimplePass PE 2011
"{AC172E9C-D9E6-4853-BEDB-FB6D72042F42}" = klickTel OEM Frühjahr 2010
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{AFC71277-DE19-6505-8CBC-71D29163F44A}" = CCC Help German
"{B2B7B1C8-7C8B-476C-BE2C-049731C55992}" = HP Support Information
"{B3406262-5701-E9CC-D6B3-BA38C34125A9}" = CCC Help English
"{B625EA74-59BE-4F69-9400-357F453368FD}" = Nuance PDF Converter Professional 7
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{BA3EECE9-86A8-44B2-B655-CB3FCFE7EDF3}" = Efuah iDesk-Service
"{BB3085D5-7D88-4AF2-B08E-226E26E2A169}" = Efuah iDesk-Browser
"{BBC2068D-CE9C-48F5-A6EA-4B44B9DB14A5}" = Catalyst Control Center - Branding
"{BC043228-2668-408D-9B48-10B5B988B7B4}" = Efuah Personal Office Standard
"{BD136CE7-6666-4273-A056-8D92F8625AAB}" = Sun ODF Plugin for Microsoft Office 3.2
"{C01A86F5-56E7-101F-9BC9-E3F1025EB779}" = Intel(R) Identity Protection Technology 1.1.2.0
"{C5B6078F-5D37-A122-2E6E-EDC623E8C787}" = CCC Help Czech
"{C5CBEBFF-3DB4-4271-A706-757BBE3BD5AE}" = KOBIL CCID driver x64x86
"{C7068E1F-22C6-9408-7B24-584F32F66D70}" = CCC Help Finnish
"{C8439116-685C-4B25-B294-14F1C7BC4A68}" = Efuah Steuer Office
"{C87B855D-DD8F-E419-C640-34936E813EA9}" = CCC Help Greek
"{CC2BAF9A-926F-791D-772C-F582CD8A47B0}" = Catalyst Control Center InstallProxy
"{CE1CA06F-0AD8-CA2A-3A3A-872E8191C198}" = CCC Help Norwegian
"{CECECCED-B7F3-B1A3-3241-0C5D775F8E70}" = CCC Help Chinese Standard
"{D3CEF909-78DC-9D3D-37BD-52F5324C01DA}" = CCC Help Hungarian
"{D3D88E2B-0853-4C17-8FAF-962D0A93D776}" = COLLEGA Home
"{D496F7BC-6AE5-4A3E-85E6-605BDF92AFD8}" = Acronis*True*Image*Home 2012
"{D496F7BC-6AE5-4A3E-85E6-605BDF92AFD8}Visible" = Acronis*True*Image*Home 2012
"{DD4CEACE-8B19-4B1C-AE82-DE0FC5787D4C}" = Iminent
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E5135084-32A5-497A-B4CD-80A502C40A90}" = Plus Pack für Acronis True Image Home 2012
"{E71AFF36-199E-4013-0001-8DB5FD1561EC}" = audio converter 2.0
"{E7A679C2-2A9C-4008-9CF9-178A6C13D923}" = Dialogseminar online V.3.02
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1EA61A2-B88F-44AD-3143-419ECB6C7E9A}" = CCC Help Japanese
"{F6567C5A-C3EA-2E05-E89E-C8C52E33150D}" = Catalyst Control Center
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F8AEA743-A9CB-453C-9B3C-53D7F1D0CC22}" = B1315AppGuid
"{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1" = StreamTransport version: 1.0.2.2171
"{FB3FA4C6-98A3-41C0-8713-6BADBBCB4FBC}" = ADAC Gebrauchtwagen 2010-2011
"{FE54AF33-9364-7053-670F-A15AD658214C}" = Catalyst Control Center Localization All
"{FF50CC0F-0759-418A-0001-8C8AF87A60AC}" = Notifier
"3D Traumhaus Designer 7 Pro_is1" = DATA BECKER 3D Traumhaus Designer 7 Pro
"5513-1208-7298-9440" = JDownloader 0.9
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Any Video Converter_is1" = Any Video Converter 3.4.2
"Ashampoo Snap 3_is1" = Ashampoo Snap 3.50
"Biet-O-Matic v2.14.8" = Biet-O-Matic v2.14.8
"VetadB00000482.0" = Vetad Installation V.3.0
"ElsterFormular 12.4.1.7699k" = ElsterFormular
"FreeCommander_is1" = FreeCommander 2009.02b
"Giant Savings" = Giant Savings
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Mozilla Firefox 18.0.2 (x86 de)" = Mozilla Firefox 18.0.2 (x86 de)
"Mozilla Thunderbird 17.0 (x86 de)" = Mozilla Thunderbird 17.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Opera 12.10.1652" = Opera 12.10
"Organizer V99.1" = Lotus Organizer 6.0
"PhraseExpress_is1" = PhraseExpress v9.0.167
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"shop2date" = shop to date
"test und FINANZtest Archiv CD-Rom 2010" = test und FINANZtest Archiv CD-Rom 2010
"test und FINANZtest Archiv CD-Rom 2011" = test und FINANZtest Archiv CD-Rom 2011
"test und FINANZtest Archiv CD-Rom 2012" = test und FINANZtest Archiv CD-Rom 2012
"tksuite_tksuite_client" = AGFEO TK-Suite Client
"VIP Access SDK" = VIP Access SDK (1.0.1.4) 
"web to date 6.0_is1" = DATA BECKER web to date 6.0
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Protect Disc License Helper" = Protect Disc License Helper 1.0.125 (IE)
 
[color=#E5671 = Microsoft .NET Framework 4 Extended
7]========== HKEY_USERS Uninstall List ==========[/color]
 
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Protect Disc License Helper" = Protect Disc License Helper 1.0.125 (IE)
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3819896947-3942532061-1754202372-1137\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Betriebspr&uuml;fungs-Kartei" = Betriebsprüfungs-Kartei
"JDownloader Download Manager Packages" = JDownloader Download Manager Packages
"jZip" = jZip
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 14.12.2012 11:26:52 | Computer Name = PC01.Home.local | Source = Brother BrLog | ID = 1001
Description = TWN BrtTWN: [2012/12/14 16:26:52.360]: [00004492]:   Read S-Key information
 failed!  
 
Error - 14.12.2012 19:09:53 | Computer Name = PC01.Home.local | Source = DFÜ-Manager | ID = 2
Description = Das DFÜ-System ist inkonsistent.
 
Error - 15.12.2012 02:16:51 | Computer Name = PC01.Home.local | Source = AVKWCtl | ID = 0
Description = Thread konnte nicht gestartet werden
 
Error - 15.12.2012 02:31:51 | Computer Name = PC01.Home.local | Source = AVKWCtl | ID = 0
Description = Thread konnte nicht gestartet werden
 
Error - 15.12.2012 03:00:04 | Computer Name = PC01.Home.local | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Acronis\TrueImageHome\BartPE\Files\TrueImage.exe".  Die abhängige Assemblierung
 "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 15.12.2012 03:00:04 | Computer Name = PC01.Home.local | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Acronis\Media Add-ons\BartPE\Files\TrueImage.exe".  Die abhängige Assemblierung
 "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 15.12.2012 03:36:41 | Computer Name = PC01.Home.local | Source = DFÜ-Manager | ID = 2
Description = Das DFÜ-System ist inkonsistent.
 
Error - 15.12.2012 03:42:51 | Computer Name = PC01.Home.local | Source = AVKWCtl | ID = 0
Description = Thread konnte nicht gestartet werden
 
Error - 15.12.2012 03:48:24 | Computer Name = PC01.Home.local | Source = AVKWCtl | ID = 0
Description = Thread konnte nicht gestartet werden
 
Error - 15.12.2012 03:53:54 | Computer Name = PC01.Home.local | Source = AVKWCtl | ID = 0
Description = Thread konnte nicht gestartet werden
 
[ Hewlett-Packard Events ]
Error - 20.11.2012 17:10:02 | Computer Name = PC01.Home.local | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 20.11.2012 17:10:52 | Computer Name = PC01.Home.local | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 20.11.2012 17:11:42 | Computer Name = PC01.Home.local | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 20.11.2012 17:12:32 | Computer Name = PC01.Home.local | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 20.11.2012 17:13:22 | Computer Name = PC01.Home.local | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 20.11.2012 17:14:12 | Computer Name = PC01.Home.local | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 20.11.2012 17:15:02 | Computer Name = PC01.Home.local | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 20.11.2012 17:15:52 | Computer Name = PC01.Home.local | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 20.11.2012 17:17:17 | Computer Name = PC01.Home.local | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 20.11.2012 17:17:32 | Computer Name = PC01.Home.local | Source = HPSF.exe | ID = 4000
Description = 
 
[ System Events ]
Error - 03.03.2013 11:08:17 | Computer Name = PC01.Home.local | Source = DCOM | ID = 10010
Description = 
 
Error - 03.03.2013 11:07:17 | Computer Name = PC01.Home.local | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Windows Search" wurde nicht richtig gestartet.
 
Error - 04.03.2013 04:04:31 | Computer Name = PC01.Home.local | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620
Description = Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf
 "" können nicht gelesen werden.
 
Error - 05.03.2013 13:39:34 | Computer Name = PC01.Home.local | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?05.?03.?2013 um 18:37:48 unerwartet heruntergefahren.
 
Error - 05.03.2013 13:47:44 | Computer Name = PC01.Home.local | Source = DCOM | ID = 10010
Description = 
 
Error - 05.03.2013 13:51:15 | Computer Name = PC01.Home.local | Source = DCOM | ID = 10010
Description = 
 
Error - 05.03.2013 14:11:11 | Computer Name = PC01.Home.local | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 05.03.2013 16:57:48 | Computer Name = PC01.Home.local | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 07.03.2013 08:58:55 | Computer Name = PC01.Home.local | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620
Description = Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf
 "" können nicht gelesen werden.
 
Error - 08.03.2013 06:27:25 | Computer Name = PC01.Home.local | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR6 gefunden.
 
 
< End of report >

--- --- ---

MfG Maddin

t'john · 13.03.2013, 09:02

Weiter mit:

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

spartaner007 · 16.03.2013, 13:05

Hallo t´john,
den GData-Virenscanner hatte ich, soweit das möglich war deaktiviert.
Nicht deaktivieren ließen sich:
* GData-AntiVirus Proxy
* GData Scanner
Der Scan dauerte statt, wie im Programm angezeigt nicht 10 Minuten, sondern ca. 45 Minuten.
Bei „Fertiggestellt Stufe_50“ änderte sich nichts mehr.
Die Combofix.txt wurde nicht erstellt.
Auf C: habe ich einen Dateiordner „ComboFix“. Wenn ich darauf klicke, erscheinen meine PC-Laufwerke.
Im Taskmanager habe ich geringe Aktivitäten bei swxcads.3XE *32
Runter und neu hochgefahren habe ich den PC sicherheitshalber mal nicht.
Wie soll ich weiter vorgehen?
MfG Maddin

Hallo t´john,
habe den PC ohne Neustart weiterlaufen lassen. Heute früh war der PC neu gestartet.
Die ComboFix.txt war auf C: generiert.
Aufgefallen ist mir, dass ich
a) die comboFix.exe in Windows7 nicht als Administrator gestartet hatte.
b) meine Sicherungsplatte noch dran hängen hatte (Laufwerk F

, als ComboFix.exe gestartet wurde.
In der ComboFix.txt wird angezeigt:
Weitere Löschungen ... F:\Autorun.inf
Kann ich das ignorieren?
Nachfolgend die ComboFix.txt
Combofix Logfile:

Code:

ATTFilter

ComboFix 13-03-16.02 - ALT 16.03.2013  10:55:43.3.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.4054.2085 [GMT 1:00]
ausgeführt von:: c:\users\ALT\Desktop\ComboFix.exe
AV: G Data AntiVirus *Enabled/Outdated* {39B780B4-63C2-05B0-3B40-8F7A21E4F496}
SP: G Data AntiVirus *Enabled/Outdated* {82D66150-45F8-0A3E-01F0-B4085A63BE2B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
F:\Autorun.inf
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-02-16 bis 2013-03-16  ))))))))))))))))))))))))))))))
.
.
2013-03-02 13:13 . 2013-03-02 13:13	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2013-03-02 13:13 . 2012-12-14 15:49	24176	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-02-28 16:08 . 2013-02-28 16:09	--------	d-----w-	c:\users\ALT\AppData\Roaming\elsterformular
2013-02-28 02:01 . 2013-01-13 19:53	187392	----a-w-	c:\windows\SysWow64\UIAnimation.dll
2013-02-28 02:01 . 2013-01-13 19:24	221184	----a-w-	c:\windows\system32\UIAnimation.dll
2013-02-28 02:01 . 2013-01-04 06:11	2284544	----a-w-	c:\windows\SysWow64\msmpeg2vdec.dll
2013-02-28 02:01 . 2013-01-04 06:11	2776576	----a-w-	c:\windows\system32\msmpeg2vdec.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-14 00:44 . 2012-01-02 14:39	72013344	----a-w-	c:\windows\system32\MRT.exe
2013-03-13 12:18 . 2012-11-14 12:59	73432	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-13 12:18 . 2012-11-14 12:59	693976	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-12 05:45 . 2013-03-13 19:54	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-13 19:54	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-13 19:54	308736	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-13 19:54	111104	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-13 19:54	474112	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 19:54	2176512	----a-w-	c:\windows\apppatch\AcGenral.dll
2013-02-08 07:55 . 2013-02-08 07:55	95648	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-02-08 07:55 . 2012-09-03 21:11	861088	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2013-02-08 07:55 . 2012-01-04 18:11	782240	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-02-08 07:53 . 2013-02-08 07:54	310688	----a-w-	c:\windows\system32\javaws.exe
2013-02-08 07:53 . 2013-02-08 07:53	188832	----a-w-	c:\windows\system32\javaw.exe
2013-02-08 07:53 . 2013-02-08 07:53	108448	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2013-02-08 07:53 . 2013-02-08 07:53	188320	----a-w-	c:\windows\system32\java.exe
2013-02-08 07:53 . 2013-01-17 13:03	963488	----a-w-	c:\windows\system32\deployJava1.dll
2013-02-08 07:53 . 2013-01-17 13:03	1085344	----a-w-	c:\windows\system32\npDeployJava1.dll
2013-01-05 05:53 . 2013-02-13 07:35	5553512	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-01-05 05:00 . 2013-02-13 07:35	3967848	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:00 . 2013-02-13 07:35	3913064	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-01-04 05:46 . 2013-02-13 07:35	215040	----a-w-	c:\windows\system32\winsrv.dll
2013-01-04 04:51 . 2013-02-13 07:35	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2013-01-04 04:43 . 2013-02-13 07:35	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2013-01-04 03:26 . 2013-02-13 07:35	3153408	----a-w-	c:\windows\system32\win32k.sys
2013-01-04 02:47 . 2013-02-13 07:35	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2013-01-04 02:47 . 2013-02-13 07:35	7680	----a-w-	c:\windows\SysWow64\instnm.exe
2013-01-04 02:47 . 2013-02-13 07:35	2048	----a-w-	c:\windows\SysWow64\user.exe
2013-01-04 02:47 . 2013-02-13 07:35	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2013-01-03 06:00 . 2013-02-13 07:35	1913192	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-01-03 06:00 . 2013-02-13 07:35	288088	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110011441179}]
2012-12-05 18:17	616832	----a-w-	c:\program files (x86)\Giant Savings\Giant Savings.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{6EF6B546-25FB-455B-801F-FDB3B3D39F9E}]
2012-09-13 08:48	536672	------w-	c:\Vetad\PROGRAMM\B0000397\DtvIePwdSafe.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2011-01-17 112152]
"AVK Client"="c:\program files (x86)\G Data\AVKClient\AVKCl.exe" [2012-02-28 1800696]
"Nuance PDF Converter Professional 7-reminder"="c:\program files (x86)\Nuance\PDF Professional 7\Ereg\Ereg.exe" [2010-07-05 333088]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"PDFHook"="c:\program files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe" [2010-10-16 1275168]
"PDF7 Registry Controller"="c:\program files (x86)\Nuance\PDF Professional 7\RegistryController.exe" [2010-10-16 121120]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-03-09 636032]
"BrMfcWnd"="c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168]
"ControlCenter3"="c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"SiPaHost"="c:\Vetad\PROGRAMM\B0000398\SiPaHost.exe" [2012-08-07 535136]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\users\ALT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
klickTel OEM Frühjahr 2010 - Schnellstarter.lnk - c:\program files (x86)\klickTel\klickTel OEM Frühjahr 2010\KSTART32.EXE [2012-1-14 464384]
Lotus Organizer EasyClip.lnk - c:\lotus\organize\easyclip6.exe [1999-9-15 229432]
PhraseExpress Diagnose-Modus.lnk - c:\program files (x86)\PhraseExpress\phraseexpress.exe [2012-8-29 14124752]
TK-Suite Client.lnk - c:\program files (x86)\AGFEO\Tk-Suite\tools\ctimon.exe [2011-10-10 7101952]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Basisschnittstelle Office Initialisierung.lnk - c:\Vetad\PROGRAMM\BSoffice\service\OfficeDiag.exe [2012-8-30 42592]
CleanupPrintJobs.lnk - c:\Vetad\PROGRAMM\B0001401\CleanupPrintJobs.exe [2012-6-13 22624]
Vetad-Hinweis Mitteilungsdienst.lnk - c:\Vetad\PROGRAMM\A0000007\DHNC.exe [2009-5-27 45056]
DFÜ-Manager.lnk - c:\Vetad\PROGRAMM\B0000000\DFUEMNGR\DfueMan.exe [2012-7-27 358048]
PhraseExpress.lnk - c:\program files (x86)\PhraseExpress\phraseexpress.exe [2012-8-29 14124752]
AZ-Druckertreiber V.2.3.lnk - c:\Vetad\SYSTEM\rzpjwtch.exe [2008-6-18 36448]
SkyUserDevmode-Update.lnk - c:\Vetad\PROGRAMM\B0001401\UpdateDevmode.exe [2012-6-13 22624]
TK-Suite Client.lnk - c:\program files (x86)\AGFEO\Tk-Suite\tools\ctimon.exe [2011-10-10 7101952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoWelcomeScreen"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
@=""
.
R2 AntiVirusKit Client;G DATA AntiVirus Client;c:\program files (x86)\G Data\AVKClient\AVKCl.exe [2012-02-28 1800696]
R2 AVKWCtl;G Data Dateisystem Wächter;c:\program files (x86)\G Data\AVKClient\AVKWCtlX64.exe [2012-02-28 2192320]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 GDBackupSvc;G Data Backup Service;c:\program files (x86)\G Data\AVKClient\AVKBackupService.exe [2012-02-28 1498616]
R3 IFCoEMP;IFCoEMP;c:\windows\system32\drivers\ifM52x64.sys [2010-08-13 339728]
R3 IFCoEVB;IFCoEVB;c:\windows\system32\drivers\ifP52X64.sys [2010-08-13 65808]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-26 158976]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 KOBCCEX;KOBCCEX;c:\windows\system32\drivers\KOBCCEX.sys [2012-01-03 25344]
R3 pmxdrv;pmxdrv;c:\windows\system32\drivers\pmxdrv.sys [2011-12-08 31152]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-10 1255736]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys [2012-09-08 132704]
S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [2012-12-03 50552]
S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys [2012-09-08 210528]
S0 vidsflt58;Acronis Disk Storage Filter (58);c:\windows\system32\DRIVERS\vsflt58.sys [2012-10-17 142944]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-08-11 31080]
S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [2012-12-03 111992]
S1 gdwfpcd;G Data WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys [2012-12-03 65912]
S1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys [2012-12-03 106648]
S1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [2012-12-03 53112]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2010-02-24 191616]
S2 afcdpsrv;Acronis Nonstop Backup-Dienst;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2012-09-08 3442640]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [2011-11-22 78208]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-03-09 235520]
S2 AVKProxy;G Data AntiVirus Proxy;c:\program files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe [2012-02-29 1501192]
S2 Vetad Update-Service;Vetad Update-Service;c:\Vetad\PROGRAMM\INSTALL\DvInesASDSvc.Exe [2012-07-03 157792]
S2 Vetad.Framework.RemoteServiceModel.EnablerService;Vetad DFL-Service-Manager;c:\Vetad\SYSTEM\Vetad.Framework.RemoteServiceModel.GenericService2010.exe Vetad.Framework.RemoteServiceModel.EnablerService -SvcRunLevel=9999 -Single [x]
S2 VetadPrintService;Vetad Druckservice;c:\Vetad\PROGRAMM\B0001442\PSNTSERV.EXE [2012-06-14 87040]
S2 DBService;DATA BECKER Update Service;c:\program files (x86)\Common Files\DATA BECKER Shared\DBService.exe [2012-12-16 187456]
S2 Dcmanag;Vetad DFÜ-System Dienst;c:\Vetad\PROGRAMM\B0000000\DFUEMNGR\DcManag.exe [2012-06-05 177760]
S2 DVckService;DVckService;c:\Vetad\PROGRAMM\B0000150\ScServer\DVckService.exe [2012-08-30 2635872]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-09-26 260424]
S2 hasplms;Sentinel Local License Manager;c:\windows\system32\hasplms.exe  -run [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-10 86072]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-29 94264]
S2 HRService;Efuah iDesk-Service in c:\program files (x86)\Efuah\iDesk\iDeskService\Zope;c:\program files (x86)\Efuah\iDesk\iDeskService\iDeskService.exe [2013-01-12 71504]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2010-09-22 165032]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
S2 KOBIL_MSDI;KOBIL_MSDI;c:\Vetad\PROGRAMM\B0000404\msdisrv.exe [2011-03-03 192512]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 PDFProFiltSrv;PDFProFiltSrv;c:\program files (x86)\Nuance\PDF Professional 7\PDFProFiltSrv.exe [2010-10-16 134944]
S2 SC_SERV3D;SC_SERV3D;c:\windows\system32\drivers\d3_kafm.sys [2012-07-03 84728]
S2 Sicherheitspaket-Dienst;Sicherheitspaket-Dienst;c:\Vetad\PROGRAMM\B0000398\SiPaHostService.exe [2012-07-02 188000]
S2 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2011-08-05 6495504]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-17 2656280]
S2 vToolbarUpdater12.2.0;vToolbarUpdater12.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe [2012-08-11 927840]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2012-09-08 367200]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-12-05 95248]
S3 Vetad.Framework.RemoteServices;Vetad DFL Infrastruktur-Dienst;c:\Vetad\SYSTEM\Vetad.Framework.RemoteServiceModel.GenericService2010.exe Vetad.Framework.RemoteServices -SvcRunLevel=1000 -Single [x]
S3 GDScan;G Data Scanner;c:\program files (x86)\Common Files\G DATA\GDScan\GDScan.exe [2012-02-29 459784]
S3 KOBCCID;KOBCCID;c:\windows\system32\drivers\KOBCCID.sys [2012-11-11 116864]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-03-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-14 12:18]
.
2013-03-14 c:\windows\Tasks\HPCeeScheduleForALT.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
2013-03-03 c:\windows\Tasks\HPCeeScheduleForPC01$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-11 167960]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-11 417304]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-30 11660904]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: An vorhandene PDF-Datei anhängen - c:\program files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Inhalt der ausgewählten Links an vorhandene PDF-Datei anhängen - c:\program files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
IE: Linkinhalt an vorhandene PDF-Datei anhängen - c:\program files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Mit Nuance PDF Converter 7.0 öffnen - c:\program files (x86)\Nuance\PDF Professional 7\cnvres_ger.dll /100
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: PDF-Datei aus Linkinhalt erstellen - c:\program files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: PDF-Datei erstellen - c:\program files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: PDF-Dateien aus den ausgewählten Links erstellen - c:\program files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
IE: {{B4E30F61-16D9-11D3-85D1-005004229569} - {85E0B172-04FA-11D1-B7DA-00A0C90348D6} - c:\lotus\organize\bandobjs.dll
TCP: DhcpNameServer = 192.168.199.10
DPF: {15BE8BEE-4105-4A79-B385-25068AA967DB} - hxxp://de1.iradiopop.com/IRD/pages/VBIMDPlayer.CAB
FF - ProfilePath - c:\users\ALT\AppData\Roaming\Mozilla\Firefox\Profiles\rd42lxr8.default\
FF - ExtSQL: 2013-01-25 11:35; websitelogon@truesuite.com; c:\program files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-AshSnap - c:\program files (x86)\Ashampoo\Ashampoo Snap 6\ashsnap.exe
Wow6432Node-HKLM-Run-Vetad_SCardMan - (no file)
Toolbar-10 - (no file)
ShellIconOverlayIdentifiers- - (no file)
ShellIconOverlayIdentifiers- - (no file)
ShellIconOverlayIdentifiers- - (no file)
AddRemove-shop2date - c:\windows\IsUn0407.exe
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3819896947-3942532061-1754202372-1137\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*! ]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-3819896947-3942532061-1754202372-1137\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*! \OpenWithList]
@Class="Shell"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-03-17  00:28:17
ComboFix-quarantined-files.txt  2013-03-16 23:28
.
Vor Suchlauf: 60 Verzeichnis(se), 302.626.508.800 Bytes frei
Nach Suchlauf: 61 Verzeichnis(se), 356.925.018.112 Bytes frei
.
- - End Of File - - A70E9044674673FFA3E97542D0A33984

--- --- ---

[code]

t'john · 17.03.2013, 10:25

Jetzt:

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

spartaner007 · 17.03.2013, 13:40

Hallo t´john,
Nachfolgend die TDSSKille.txt
MfG Maddin

Code:

ATTFilter

13:25:39.0031 1180  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:25:39.0292 1180  ============================================================
13:25:39.0292 1180  Current date / time: 2013/03/17 13:25:39.0292
13:25:39.0292 1180  SystemInfo:
13:25:39.0292 1180  
13:25:39.0292 1180  OS Version: 6.1.7601 ServicePack: 1.0
13:25:39.0292 1180  Product type: Workstation
13:25:39.0292 1180  ComputerName: PC01
13:25:39.0292 1180  UserName: ALT
13:25:39.0292 1180  Windows directory: C:\Windows
13:25:39.0292 1180  System windows directory: C:\Windows
13:25:39.0292 1180  Running under WOW64
13:25:39.0292 1180  Processor architecture: Intel x64
13:25:39.0292 1180  Number of processors: 4
13:25:39.0292 1180  Page size: 0x1000
13:25:39.0292 1180  Boot type: Normal boot
13:25:39.0292 1180  ============================================================
13:25:39.0983 1180  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:25:39.0983 1180  ============================================================
13:25:39.0983 1180  \Device\Harddisk0\DR0:
13:25:39.0983 1180  MBR partitions:
13:25:39.0983 1180  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:25:39.0983 1180  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x394FE000
13:25:39.0983 1180  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x39530800, BlocksNum 0xE55000
13:25:39.0983 1180  ============================================================
13:25:40.0006 1180  C: <-> \Device\Harddisk0\DR0\Partition2
13:25:40.0050 1180  D: <-> \Device\Harddisk0\DR0\Partition3
13:25:40.0050 1180  ============================================================
13:25:40.0050 1180  Initialize success
13:25:40.0050 1180  ============================================================
13:26:11.0280 6284  ============================================================
13:26:11.0280 6284  Scan started
13:26:11.0280 6284  Mode: Manual; 
13:26:11.0280 6284  ============================================================
13:26:18.0331 6284  ================ Scan system memory ========================
13:26:18.0331 6284  System memory - ok
13:26:18.0331 6284  ================ Scan services =============================
13:26:18.0534 6284  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
13:26:18.0534 6284  1394ohci - ok
13:26:18.0627 6284  [ A3769020F7E8A70FD3E824C050F33306 ] acedrv11        C:\Windows\system32\drivers\acedrv11.sys
13:26:18.0690 6284  acedrv11 - ok
13:26:18.0705 6284  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:26:18.0705 6284  ACPI - ok
13:26:18.0736 6284  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
13:26:18.0736 6284  AcpiPmi - ok
13:26:18.0846 6284  [ 879EB855B4C2A5E6C8D58C441B218187 ] AcrSch2Svc      C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
13:26:18.0924 6284  AcrSch2Svc - ok
13:26:18.0986 6284  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:26:19.0126 6284  AdobeARMservice - ok
13:26:19.0189 6284  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:26:19.0189 6284  AdobeFlashPlayerUpdateSvc - ok
13:26:19.0236 6284  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
13:26:19.0251 6284  adp94xx - ok
13:26:19.0283 6284  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
13:26:19.0283 6284  adpahci - ok
13:26:19.0314 6284  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
13:26:19.0314 6284  adpu320 - ok
13:26:19.0329 6284  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:26:19.0329 6284  AeLookupSvc - ok
13:26:19.0392 6284  [ B794DD8ACC5CC76177156463DAB4BEBB ] afcdp           C:\Windows\system32\DRIVERS\afcdp.sys
13:26:19.0423 6284  afcdp - ok
13:26:19.0501 6284  [ F92906DB7562D606674D5CBF2019D1CF ] afcdpsrv        C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
13:26:19.0719 6284  afcdpsrv - ok
13:26:19.0782 6284  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
13:26:19.0797 6284  AFD - ok
13:26:19.0813 6284  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
13:26:19.0829 6284  agp440 - ok
13:26:19.0844 6284  [ 44F360B65C37A42EB5B71C2E5179FDD5 ] aksdf           C:\Windows\system32\drivers\aksdf.sys
13:26:19.0891 6284  aksdf - ok
13:26:19.0922 6284  [ 43415AF4F20E9867974623840A22FE98 ] aksfridge       C:\Windows\system32\drivers\aksfridge.sys
13:26:19.0953 6284  aksfridge - ok
13:26:19.0969 6284  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
13:26:19.0985 6284  ALG - ok
13:26:20.0016 6284  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:26:20.0016 6284  aliide - ok
13:26:20.0063 6284  [ 2AED9A422EA1574C7D7EF9359A417718 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:26:20.0078 6284  AMD External Events Utility - ok
13:26:20.0094 6284  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
13:26:20.0109 6284  amdide - ok
13:26:20.0125 6284  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
13:26:20.0125 6284  AmdK8 - ok
13:26:20.0281 6284  [ BFA5E854959D5546D8834CA61F4AD075 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
13:26:20.0421 6284  amdkmdag - ok
13:26:20.0468 6284  [ 92D664FFFCD9E742FB25254F7F458D88 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
13:26:20.0484 6284  amdkmdap - ok
13:26:20.0499 6284  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
13:26:20.0499 6284  AmdPPM - ok
13:26:20.0515 6284  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:26:20.0515 6284  amdsata - ok
13:26:20.0546 6284  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
13:26:20.0546 6284  amdsbs - ok
13:26:20.0562 6284  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:26:20.0562 6284  amdxata - ok
13:26:20.0640 6284  [ 0C7DCBAED28D8957A6375CD5C23FD788 ] AntiVirusKit Client C:\Program Files (x86)\G Data\AVKClient\AVKCl.exe
13:26:20.0671 6284  AntiVirusKit Client - ok
13:26:20.0718 6284  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
13:26:20.0718 6284  AppID - ok
13:26:20.0733 6284  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:26:20.0733 6284  AppIDSvc - ok
13:26:20.0749 6284  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
13:26:20.0749 6284  Appinfo - ok
13:26:20.0796 6284  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
13:26:20.0796 6284  AppMgmt - ok
13:26:20.0827 6284  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
13:26:20.0827 6284  arc - ok
13:26:20.0827 6284  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:26:20.0843 6284  arcsas - ok
13:26:20.0905 6284  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:26:20.0952 6284  aspnet_state - ok
13:26:20.0967 6284  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:26:20.0967 6284  AsyncMac - ok
13:26:20.0999 6284  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
13:26:20.0999 6284  atapi - ok
13:26:21.0014 6284  [ 2B3B05C0A7768BF033217EB8F33F9C35 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
13:26:21.0014 6284  AtiHDAudioService - ok
13:26:21.0045 6284  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:26:21.0061 6284  AudioEndpointBuilder - ok
13:26:21.0061 6284  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:26:21.0077 6284  AudioSrv - ok
13:26:21.0123 6284  [ E964EA70249DDE1343C8F694B52575EE ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
13:26:21.0155 6284  avgtp - ok
13:26:21.0217 6284  [ E9DCCF332E7A6DAE33857E07EDAA1599 ] AVKProxy        C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe
13:26:21.0498 6284  AVKProxy - ok
13:26:21.0560 6284  [ 1E97643FA02EB77D0EEABF4A8561BCFF ] AVKWCtl         C:\Program Files (x86)\G Data\AVKClient\AVKWCtlX64.exe
13:26:21.0591 6284  AVKWCtl - ok
13:26:21.0623 6284  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:26:21.0623 6284  AxInstSV - ok
13:26:21.0654 6284  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
13:26:21.0669 6284  b06bdrv - ok
13:26:21.0701 6284  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
13:26:21.0701 6284  b57nd60a - ok
13:26:21.0732 6284  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:26:21.0732 6284  BDESVC - ok
13:26:21.0747 6284  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:26:21.0747 6284  Beep - ok
13:26:21.0779 6284  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
13:26:21.0794 6284  BFE - ok
13:26:21.0825 6284  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
13:26:21.0888 6284  BITS - ok
13:26:21.0919 6284  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
13:26:21.0919 6284  blbdrive - ok
13:26:21.0935 6284  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:26:21.0950 6284  bowser - ok
13:26:21.0966 6284  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
13:26:21.0966 6284  BrFiltLo - ok
13:26:21.0981 6284  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
13:26:21.0981 6284  BrFiltUp - ok
13:26:22.0028 6284  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
13:26:22.0028 6284  BridgeMP - ok
13:26:22.0059 6284  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
13:26:22.0091 6284  Browser - ok
13:26:22.0106 6284  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\system32\DRIVERS\BrSerId.sys
13:26:22.0106 6284  Brserid - ok
13:26:22.0137 6284  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:26:22.0137 6284  BrSerWdm - ok
13:26:22.0137 6284  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:26:22.0153 6284  BrUsbMdm - ok
13:26:22.0153 6284  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\system32\DRIVERS\BrUsbSer.sys
13:26:22.0153 6284  BrUsbSer - ok
13:26:22.0169 6284  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
13:26:22.0184 6284  BTHMODEM - ok
13:26:22.0215 6284  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
13:26:22.0215 6284  bthserv - ok
13:26:22.0247 6284  catchme - ok
13:26:22.0262 6284  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:26:22.0262 6284  cdfs - ok
13:26:22.0278 6284  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:26:22.0278 6284  cdrom - ok
13:26:22.0309 6284  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
13:26:22.0309 6284  CertPropSvc - ok
13:26:22.0325 6284  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
13:26:22.0325 6284  circlass - ok
13:26:22.0340 6284  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
13:26:22.0340 6284  CLFS - ok
13:26:22.0387 6284  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:26:22.0403 6284  clr_optimization_v2.0.50727_32 - ok
13:26:22.0434 6284  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:26:22.0434 6284  clr_optimization_v2.0.50727_64 - ok
13:26:22.0496 6284  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:26:22.0527 6284  clr_optimization_v4.0.30319_32 - ok
13:26:22.0543 6284  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:26:22.0543 6284  clr_optimization_v4.0.30319_64 - ok
13:26:22.0590 6284  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
13:26:22.0590 6284  CmBatt - ok
13:26:22.0605 6284  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:26:22.0605 6284  cmdide - ok
13:26:22.0668 6284  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
13:26:22.0730 6284  CNG - ok
13:26:22.0761 6284  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
13:26:22.0761 6284  Compbatt - ok
13:26:22.0793 6284  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
13:26:22.0793 6284  CompositeBus - ok
13:26:22.0808 6284  COMSysApp - ok
13:26:22.0824 6284  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
13:26:22.0824 6284  crcdisk - ok
13:26:22.0871 6284  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:26:22.0902 6284  CryptSvc - ok
13:26:22.0933 6284  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
13:26:22.0949 6284  CSC - ok
13:26:22.0964 6284  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
13:26:22.0980 6284  CscService - ok
13:26:23.0027 6284  [ F886378CC9FFA09FE9A9D7CB4CF32934 ] Vetad Update-Service C:\Vetad\PROGRAMM\INSTALL\DvInesASDSvc.Exe
13:26:23.0136 6284  Vetad Update-Service - ok
13:26:23.0151 6284  Vetad.Framework.RemoteServiceModel.EnablerService - ok
13:26:23.0167 6284  Vetad.Framework.RemoteServices - ok
13:26:23.0198 6284  [ 7D7D3E30813284B4F996286B90C8257D ] VetadPrintService C:\Vetad\PROGRAMM\B0001442\PSNTSERV.EXE
13:26:23.0276 6284  VetadPrintService - ok
13:26:23.0370 6284  [ 48297BF3339BC56DD7D7524D7A1740AA ] DBService       C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
13:26:23.0526 6284  DBService - ok
13:26:23.0604 6284  [ CA48969C67568A2C87730CE5F55C369C ] Dcmanag         C:\Vetad\PROGRAMM\B0000000\DFUEMNGR\DcManag.exe
13:26:23.0697 6284  Dcmanag - ok
13:26:23.0729 6284  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:26:23.0729 6284  DcomLaunch - ok
13:26:23.0760 6284  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
13:26:23.0775 6284  defragsvc - ok
13:26:23.0791 6284  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:26:23.0791 6284  DfsC - ok
13:26:23.0807 6284  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:26:23.0822 6284  Dhcp - ok
13:26:23.0838 6284  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
13:26:23.0838 6284  discache - ok
13:26:23.0853 6284  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
13:26:23.0853 6284  Disk - ok
13:26:23.0885 6284  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
13:26:23.0885 6284  dmvsc - ok
13:26:23.0916 6284  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:26:23.0916 6284  Dnscache - ok
13:26:23.0947 6284  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:26:23.0963 6284  dot3svc - ok
13:26:23.0963 6284  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
13:26:23.0978 6284  DPS - ok
13:26:23.0994 6284  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:26:23.0994 6284  drmkaud - ok
13:26:24.0072 6284  [ 00B0FAA44957D887CE540D297AA405A1 ] DVckService     C:\Vetad\PROGRAMM\B0000150\ScServer\DVckService.exe
13:26:24.0228 6284  DVckService - ok
13:26:24.0243 6284  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:26:24.0259 6284  DXGKrnl - ok
13:26:24.0290 6284  [ EAFCB4551836FF44EE775CEDDFA7A77E ] e1cexpress      C:\Windows\system32\DRIVERS\e1c62x64.sys
13:26:24.0290 6284  e1cexpress - ok
13:26:24.0306 6284  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
13:26:24.0306 6284  EapHost - ok
13:26:24.0384 6284  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
13:26:24.0446 6284  ebdrv - ok
13:26:24.0509 6284  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
13:26:24.0509 6284  EFS - ok
13:26:24.0540 6284  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:26:24.0555 6284  ehRecvr - ok
13:26:24.0555 6284  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
13:26:24.0571 6284  ehSched - ok
13:26:24.0587 6284  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
13:26:24.0602 6284  elxstor - ok
13:26:24.0618 6284  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:26:24.0618 6284  ErrDev - ok
13:26:24.0649 6284  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
13:26:24.0649 6284  EventSystem - ok
13:26:24.0680 6284  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
13:26:24.0680 6284  exfat - ok
13:26:24.0696 6284  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:26:24.0696 6284  fastfat - ok
13:26:24.0743 6284  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
13:26:24.0743 6284  Fax - ok
13:26:24.0774 6284  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
13:26:24.0774 6284  fdc - ok
13:26:24.0774 6284  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
13:26:24.0789 6284  fdPHost - ok
13:26:24.0789 6284  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:26:24.0805 6284  FDResPub - ok
13:26:24.0805 6284  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:26:24.0821 6284  FileInfo - ok
13:26:24.0821 6284  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:26:24.0821 6284  Filetrace - ok
13:26:24.0836 6284  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
13:26:24.0836 6284  flpydisk - ok
13:26:24.0852 6284  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:26:24.0867 6284  FltMgr - ok
13:26:24.0930 6284  [ B8AFE7A30D34C0E9FDBA81632294547C ] fltsrv          C:\Windows\system32\DRIVERS\fltsrv.sys
13:26:24.0961 6284  fltsrv - ok
13:26:25.0023 6284  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
13:26:25.0101 6284  FontCache - ok
13:26:25.0133 6284  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:26:25.0133 6284  FontCache3.0.0.0 - ok
13:26:25.0179 6284  [ C902AE091D15962DE76E455C970D416B ] FPLService      C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
13:26:25.0179 6284  FPLService - ok
13:26:25.0195 6284  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:26:25.0195 6284  FsDepends - ok
13:26:25.0242 6284  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:26:25.0273 6284  Fs_Rec - ok
13:26:25.0289 6284  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:26:25.0304 6284  fvevol - ok
13:26:25.0320 6284  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:26:25.0320 6284  gagp30kx - ok
13:26:25.0382 6284  [ D4839BA2790E3B740BD740B62D2D7870 ] GDBackupSvc     C:\Program Files (x86)\G Data\AVKClient\AVKBackupService.exe
13:26:25.0523 6284  GDBackupSvc - ok
13:26:25.0585 6284  [ 36512199AC54546179907B4FA73AE18A ] GDBehave        C:\Windows\system32\drivers\GDBehave.sys
13:26:25.0616 6284  GDBehave - ok
13:26:25.0647 6284  [ ACCF5DBD53594ED67F16FB74541469AC ] GDMnIcpt        C:\Windows\system32\drivers\MiniIcpt.sys
13:26:25.0694 6284  GDMnIcpt - ok
13:26:25.0757 6284  [ B4474E91254D6DBCA0F40C0D9B2A087A ] GDScan          C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe
13:26:25.0835 6284  GDScan - ok
13:26:25.0866 6284  [ 1488296E7A0ECDF3EFF1A90D2B0B6E4B ] gdwfpcd         C:\Windows\system32\drivers\gdwfpcd64.sys
13:26:25.0913 6284  gdwfpcd - ok
13:26:25.0944 6284  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
13:26:25.0959 6284  gpsvc - ok
13:26:26.0006 6284  [ 4450DE64DE330E99466D440ADC6DF8AD ] GRD             C:\Windows\system32\drivers\GRD.sys
13:26:26.0037 6284  GRD - ok
13:26:26.0084 6284  [ D619BA1712B83D14149850E758B835AD ] hardlock        C:\Windows\system32\drivers\hardlock.sys
13:26:26.0115 6284  hardlock - ok
13:26:26.0115 6284  hasplms - ok
13:26:26.0147 6284  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:26:26.0162 6284  hcw85cir - ok
13:26:26.0178 6284  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:26:26.0178 6284  HdAudAddService - ok
13:26:26.0209 6284  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:26:26.0225 6284  HDAudBus - ok
13:26:26.0225 6284  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
13:26:26.0240 6284  HidBatt - ok
13:26:26.0256 6284  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
13:26:26.0256 6284  HidBth - ok
13:26:26.0256 6284  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
13:26:26.0271 6284  HidIr - ok
13:26:26.0287 6284  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
13:26:26.0287 6284  hidserv - ok
13:26:26.0303 6284  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:26:26.0303 6284  HidUsb - ok
13:26:26.0318 6284  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:26:26.0318 6284  hkmsvc - ok
13:26:26.0334 6284  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:26:26.0334 6284  HomeGroupListener - ok
13:26:26.0365 6284  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:26:26.0365 6284  HomeGroupProvider - ok
13:26:26.0396 6284  [ 0020E7C6BC890B4E0AD92C6FE7A74F42 ] HookCentre      C:\Windows\system32\drivers\HookCentre.sys
13:26:26.0443 6284  HookCentre - ok
13:26:26.0505 6284  [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
13:26:26.0505 6284  HP Support Assistant Service - ok
13:26:26.0521 6284  [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
13:26:26.0521 6284  HPDrvMntSvc.exe - ok
13:26:26.0552 6284  [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
13:26:26.0568 6284  hpqwmiex - ok
13:26:26.0599 6284  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:26:26.0599 6284  HpSAMD - ok
13:26:26.0724 6284  [ F624E93AD16E11BD0004EB4475F009A8 ] HRService       C:\Program Files (x86)\Efuah\iDesk\iDeskService\iDeskService.exe
13:26:26.0786 6284  HRService - ok
13:26:26.0817 6284  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:26:26.0833 6284  HTTP - ok
13:26:26.0833 6284  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:26:26.0833 6284  hwpolicy - ok
13:26:26.0880 6284  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
13:26:26.0880 6284  i8042prt - ok
13:26:26.0911 6284  [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor          C:\Windows\system32\drivers\iaStor.sys
13:26:26.0927 6284  iaStor - ok
13:26:26.0942 6284  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:26:26.0942 6284  iaStorV - ok
13:26:27.0036 6284  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
13:26:27.0036 6284  IDriverT - ok
13:26:27.0098 6284  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:26:27.0098 6284  idsvc - ok
13:26:27.0129 6284  [ 2DCEA6E19134AEA8BF9B68110732A880 ] IFCoEMP         C:\Windows\system32\drivers\ifM52x64.sys
13:26:27.0129 6284  IFCoEMP - ok
13:26:27.0145 6284  [ 3A58E368FBF1CCF9E89F922EB76405C0 ] IFCoEVB         C:\Windows\system32\drivers\ifP52X64.sys
13:26:27.0145 6284  IFCoEVB - ok
13:26:27.0363 6284  [ 0AC9E321D604BE48A0D72B69BA484BDC ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
13:26:27.0644 6284  igfx - ok
13:26:27.0675 6284  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
13:26:27.0675 6284  iirsp - ok
13:26:27.0707 6284  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
13:26:27.0722 6284  IKEEXT - ok
13:26:27.0738 6284  [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd           C:\Windows\system32\drivers\Impcd.sys
13:26:27.0738 6284  Impcd - ok
13:26:27.0816 6284  [ A0C2C3D4C03C4FB896CFC53873784178 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:26:27.0863 6284  IntcAzAudAddService - ok
13:26:27.0894 6284  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
13:26:27.0894 6284  IntcDAud - ok
13:26:27.0925 6284  [ 28D387EEFAD7CC3A0BEB9C3262E83ADD ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
13:26:27.0941 6284  Intel(R) PROSet Monitoring Service - ok
13:26:27.0972 6284  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
13:26:27.0972 6284  intelide - ok
13:26:27.0987 6284  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
13:26:28.0003 6284  intelppm - ok
13:26:28.0019 6284  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:26:28.0019 6284  IPBusEnum - ok
13:26:28.0050 6284  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:26:28.0050 6284  IpFilterDriver - ok
13:26:28.0065 6284  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:26:28.0143 6284  iphlpsvc - ok
13:26:28.0159 6284  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
13:26:28.0159 6284  IPMIDRV - ok
13:26:28.0175 6284  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:26:28.0175 6284  IPNAT - ok
13:26:28.0206 6284  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:26:28.0206 6284  IRENUM - ok
13:26:28.0237 6284  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:26:28.0237 6284  isapnp - ok
13:26:28.0253 6284  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
13:26:28.0253 6284  iScsiPrt - ok
13:26:28.0284 6284  [ F415A88162D23977B5EDAE4F0410E903 ] IviRegMgr       C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
13:26:28.0299 6284  IviRegMgr - ok
13:26:28.0346 6284  [ 6C85719A21B3F62C2C76280F4BD36C7B ] jhi_service     C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
13:26:28.0362 6284  jhi_service - ok
13:26:28.0377 6284  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:26:28.0377 6284  kbdclass - ok
13:26:28.0409 6284  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:26:28.0409 6284  kbdhid - ok
13:26:28.0424 6284  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
13:26:28.0424 6284  KeyIso - ok
13:26:28.0455 6284  [ 322CD7A01A961D94C6EAB640D6427504 ] KOBCCEX         C:\Windows\system32\drivers\KOBCCEX.sys
13:26:28.0455 6284  KOBCCEX - ok
13:26:28.0502 6284  [ 3209D40399078C1091398F43215EDD1A ] KOBCCID         C:\Windows\system32\drivers\KOBCCID.sys
13:26:28.0502 6284  KOBCCID - ok
13:26:28.0518 6284  [ 34508E0E3A7DB08CDC4B969DB90163BD ] KOBIL_MSDI      C:\Vetad\PROGRAMM\B0000404\msdisrv.exe
13:26:28.0611 6284  KOBIL_MSDI - ok
13:26:28.0643 6284  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:26:28.0658 6284  KSecDD - ok
13:26:28.0674 6284  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:26:28.0721 6284  KSecPkg - ok
13:26:28.0752 6284  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:26:28.0752 6284  ksthunk - ok
13:26:28.0767 6284  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:26:28.0767 6284  KtmRm - ok
13:26:28.0799 6284  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
13:26:28.0799 6284  LanmanServer - ok
13:26:28.0814 6284  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:26:28.0830 6284  LanmanWorkstation - ok
13:26:28.0845 6284  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:26:28.0845 6284  lltdio - ok
13:26:28.0877 6284  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:26:28.0877 6284  lltdsvc - ok
13:26:28.0908 6284  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:26:28.0908 6284  lmhosts - ok
13:26:28.0939 6284  [ 97F9EAAC985A663394CD8F54DCD3E73A ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:26:28.0939 6284  LMS - ok
13:26:28.0970 6284  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
13:26:28.0970 6284  LSI_FC - ok
13:26:28.0986 6284  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:26:28.0986 6284  LSI_SAS - ok
13:26:29.0001 6284  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
13:26:29.0017 6284  LSI_SAS2 - ok
13:26:29.0017 6284  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
13:26:29.0017 6284  LSI_SCSI - ok
13:26:29.0033 6284  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
13:26:29.0033 6284  luafv - ok
13:26:29.0064 6284  [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
13:26:29.0095 6284  MBAMProtector - ok
13:26:29.0157 6284  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
13:26:29.0220 6284  MBAMScheduler - ok
13:26:29.0251 6284  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
13:26:29.0345 6284  MBAMService - ok
13:26:29.0360 6284  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:26:29.0376 6284  Mcx2Svc - ok
13:26:29.0391 6284  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
13:26:29.0391 6284  megasas - ok
13:26:29.0423 6284  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
13:26:29.0438 6284  MegaSR - ok
13:26:29.0454 6284  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\drivers\HECIx64.sys
13:26:29.0454 6284  MEIx64 - ok
13:26:29.0516 6284  Microsoft SharePoint Workspace Audit Service - ok
13:26:29.0547 6284  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
13:26:29.0547 6284  MMCSS - ok
13:26:29.0547 6284  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
13:26:29.0563 6284  Modem - ok
13:26:29.0579 6284  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:26:29.0579 6284  monitor - ok
13:26:29.0594 6284  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:26:29.0610 6284  mouclass - ok
13:26:29.0625 6284  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:26:29.0625 6284  mouhid - ok
13:26:29.0641 6284  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:26:29.0641 6284  mountmgr - ok
13:26:29.0703 6284  [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:26:29.0750 6284  MozillaMaintenance - ok
13:26:29.0766 6284  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:26:29.0766 6284  mpio - ok
13:26:29.0781 6284  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:26:29.0781 6284  mpsdrv - ok
13:26:29.0813 6284  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:26:29.0828 6284  MpsSvc - ok
13:26:29.0828 6284  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:26:29.0828 6284  MRxDAV - ok
13:26:29.0859 6284  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:26:29.0891 6284  mrxsmb - ok
13:26:29.0906 6284  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:26:29.0906 6284  mrxsmb10 - ok
13:26:29.0906 6284  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:26:29.0922 6284  mrxsmb20 - ok
13:26:29.0937 6284  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
13:26:29.0937 6284  msahci - ok
13:26:29.0969 6284  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:26:29.0969 6284  msdsm - ok
13:26:30.0000 6284  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
13:26:30.0000 6284  MSDTC - ok
13:26:30.0031 6284  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:26:30.0031 6284  Msfs - ok
13:26:30.0047 6284  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:26:30.0047 6284  mshidkmdf - ok
13:26:30.0047 6284  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:26:30.0062 6284  msisadrv - ok
13:26:30.0078 6284  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:26:30.0078 6284  MSiSCSI - ok
13:26:30.0093 6284  msiserver - ok
13:26:30.0109 6284  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:26:30.0125 6284  MSKSSRV - ok
13:26:30.0156 6284  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:26:30.0156 6284  MSPCLOCK - ok
13:26:30.0171 6284  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:26:30.0171 6284  MSPQM - ok
13:26:30.0203 6284  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:26:30.0218 6284  MsRPC - ok
13:26:30.0234 6284  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
13:26:30.0234 6284  mssmbios - ok
13:26:30.0249 6284  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:26:30.0249 6284  MSTEE - ok
13:26:30.0265 6284  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
13:26:30.0265 6284  MTConfig - ok
13:26:30.0281 6284  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
13:26:30.0281 6284  Mup - ok
13:26:30.0312 6284  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
13:26:30.0312 6284  napagent - ok
13:26:30.0343 6284  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:26:30.0359 6284  NativeWifiP - ok
13:26:30.0421 6284  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:26:30.0421 6284  NDIS - ok
13:26:30.0437 6284  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:26:30.0437 6284  NdisCap - ok
13:26:30.0468 6284  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:26:30.0468 6284  NdisTapi - ok
13:26:30.0483 6284  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:26:30.0483 6284  Ndisuio - ok
13:26:30.0499 6284  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:26:30.0499 6284  NdisWan - ok
13:26:30.0530 6284  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:26:30.0530 6284  NDProxy - ok
13:26:30.0530 6284  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:26:30.0546 6284  NetBIOS - ok
13:26:30.0561 6284  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:26:30.0561 6284  NetBT - ok
13:26:30.0577 6284  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
13:26:30.0577 6284  Netlogon - ok
13:26:30.0593 6284  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
13:26:30.0608 6284  Netman - ok
13:26:30.0639 6284  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:26:30.0655 6284  NetMsmqActivator - ok
13:26:30.0671 6284  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:26:30.0671 6284  NetPipeActivator - ok
13:26:30.0686 6284  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
13:26:30.0702 6284  netprofm - ok
13:26:30.0702 6284  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:26:30.0702 6284  NetTcpActivator - ok
13:26:30.0702 6284  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:26:30.0702 6284  NetTcpPortSharing - ok
13:26:30.0749 6284  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
13:26:30.0749 6284  nfrd960 - ok
13:26:30.0764 6284  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:26:30.0811 6284  NlaSvc - ok
13:26:30.0842 6284  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:26:30.0858 6284  Npfs - ok
13:26:30.0873 6284  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
13:26:30.0873 6284  nsi - ok
13:26:30.0889 6284  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:26:30.0889 6284  nsiproxy - ok
13:26:30.0951 6284  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:26:31.0029 6284  Ntfs - ok
13:26:31.0045 6284  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
13:26:31.0045 6284  Null - ok
13:26:31.0076 6284  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:26:31.0076 6284  nvraid - ok
13:26:31.0092 6284  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:26:31.0092 6284  nvstor - ok
13:26:31.0123 6284  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:26:31.0123 6284  nv_agp - ok
13:26:31.0154 6284  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
13:26:31.0154 6284  ohci1394 - ok
13:26:31.0248 6284  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:26:31.0248 6284  ose - ok
13:26:31.0404 6284  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:26:31.0482 6284  osppsvc - ok
13:26:31.0497 6284  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:26:31.0513 6284  p2pimsvc - ok
13:26:31.0544 6284  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
13:26:31.0544 6284  p2psvc - ok
13:26:31.0575 6284  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
13:26:31.0575 6284  Parport - ok
13:26:31.0607 6284  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:26:31.0638 6284  partmgr - ok
13:26:31.0653 6284  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:26:31.0669 6284  PcaSvc - ok
13:26:31.0669 6284  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
13:26:31.0685 6284  pci - ok
13:26:31.0700 6284  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
13:26:31.0700 6284  pciide - ok
13:26:31.0731 6284  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
13:26:31.0747 6284  pcmcia - ok
13:26:31.0747 6284  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:26:31.0763 6284  pcw - ok
13:26:31.0825 6284  [ B0C25EA5278579EC685E32E16BBFF24F ] PDFProFiltSrv   C:\Program Files (x86)\Nuance\PDF Professional 7\PDFProFiltSrv.exe
13:26:31.0841 6284  PDFProFiltSrv - ok
13:26:31.0872 6284  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:26:31.0872 6284  PEAUTH - ok
13:26:31.0919 6284  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
13:26:31.0950 6284  PeerDistSvc - ok
13:26:31.0997 6284  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:26:31.0997 6284  PerfHost - ok
13:26:32.0043 6284  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
13:26:32.0059 6284  pla - ok
13:26:32.0090 6284  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:26:32.0106 6284  PlugPlay - ok
13:26:32.0137 6284  [ 0BEE791C7C7ACE453C134E73633C497D ] pmxdrv          C:\Windows\system32\drivers\pmxdrv.sys
13:26:32.0137 6284  pmxdrv - ok
13:26:32.0153 6284  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:26:32.0153 6284  PNRPAutoReg - ok
13:26:32.0168 6284  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:26:32.0168 6284  PNRPsvc - ok
13:26:32.0184 6284  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:26:32.0199 6284  PolicyAgent - ok
13:26:32.0231 6284  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
13:26:32.0231 6284  Power - ok
13:26:32.0262 6284  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:26:32.0277 6284  PptpMiniport - ok
13:26:32.0293 6284  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
13:26:32.0293 6284  Processor - ok
13:26:32.0340 6284  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
13:26:32.0340 6284  ProfSvc - ok
13:26:32.0340 6284  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:26:32.0340 6284  ProtectedStorage - ok
13:26:32.0355 6284  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:26:32.0371 6284  Psched - ok
13:26:32.0387 6284  [ F036CFB275D0C55F4E45FBBF5F98B3C8 ] PSI_SVC_2       C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
13:26:32.0402 6284  PSI_SVC_2 - ok
13:26:32.0449 6284  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
13:26:32.0465 6284  ql2300 - ok
13:26:32.0480 6284  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
13:26:32.0496 6284  ql40xx - ok
13:26:32.0511 6284  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
13:26:32.0511 6284  QWAVE - ok
13:26:32.0527 6284  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:26:32.0527 6284  QWAVEdrv - ok
13:26:32.0543 6284  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:26:32.0543 6284  RasAcd - ok
13:26:32.0558 6284  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:26:32.0574 6284  RasAgileVpn - ok
13:26:32.0589 6284  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
13:26:32.0589 6284  RasAuto - ok
13:26:32.0605 6284  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:26:32.0605 6284  Rasl2tp - ok
13:26:32.0621 6284  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
13:26:32.0621 6284  RasMan - ok
13:26:32.0636 6284  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:26:32.0636 6284  RasPppoe - ok
13:26:32.0652 6284  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:26:32.0652 6284  RasSstp - ok
13:26:32.0667 6284  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:26:32.0667 6284  rdbss - ok
13:26:32.0683 6284  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
13:26:32.0683 6284  rdpbus - ok
13:26:32.0699 6284  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:26:32.0699 6284  RDPCDD - ok
13:26:32.0714 6284  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
13:26:32.0714 6284  RDPDR - ok
13:26:32.0745 6284  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:26:32.0745 6284  RDPENCDD - ok
13:26:32.0761 6284  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:26:32.0761 6284  RDPREFMP - ok
13:26:32.0792 6284  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:26:32.0855 6284  RDPWD - ok
13:26:32.0870 6284  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:26:32.0886 6284  rdyboost - ok
13:26:32.0901 6284  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:26:32.0901 6284  RemoteAccess - ok
13:26:32.0933 6284  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:26:32.0933 6284  RemoteRegistry - ok
13:26:32.0948 6284  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:26:32.0948 6284  RpcEptMapper - ok
13:26:32.0964 6284  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
13:26:32.0964 6284  RpcLocator - ok
13:26:32.0979 6284  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
13:26:32.0995 6284  RpcSs - ok
13:26:33.0011 6284  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:26:33.0026 6284  rspndr - ok
13:26:33.0042 6284  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
13:26:33.0042 6284  s3cap - ok
13:26:33.0057 6284  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
13:26:33.0057 6284  SamSs - ok
13:26:33.0073 6284  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:26:33.0073 6284  sbp2port - ok
13:26:33.0089 6284  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:26:33.0104 6284  SCardSvr - ok
13:26:33.0104 6284  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:26:33.0120 6284  scfilter - ok
13:26:33.0135 6284  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
13:26:33.0167 6284  Schedule - ok
13:26:33.0182 6284  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:26:33.0182 6284  SCPolicySvc - ok
13:26:33.0213 6284  [ F15D43EABE907048F5FECC068792A0AE ] SC_SERV3D       C:\Windows\system32\drivers\d3_kafm.sys
13:26:33.0245 6284  SC_SERV3D - ok
13:26:33.0260 6284  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:26:33.0260 6284  SDRSVC - ok
13:26:33.0276 6284  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:26:33.0291 6284  secdrv - ok
13:26:33.0291 6284  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
13:26:33.0307 6284  seclogon - ok
13:26:33.0323 6284  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
13:26:33.0323 6284  SENS - ok
13:26:33.0338 6284  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:26:33.0338 6284  SensrSvc - ok
13:26:33.0354 6284  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
13:26:33.0354 6284  Serenum - ok
13:26:33.0369 6284  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
13:26:33.0369 6284  Serial - ok
13:26:33.0401 6284  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
13:26:33.0401 6284  sermouse - ok
13:26:33.0416 6284  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
13:26:33.0416 6284  SessionEnv - ok
13:26:33.0432 6284  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:26:33.0432 6284  sffdisk - ok
13:26:33.0447 6284  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:26:33.0447 6284  sffp_mmc - ok
13:26:33.0447 6284  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:26:33.0447 6284  sffp_sd - ok
13:26:33.0463 6284  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
13:26:33.0463 6284  sfloppy - ok
13:26:33.0479 6284  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:26:33.0494 6284  SharedAccess - ok
13:26:33.0510 6284  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:26:33.0510 6284  ShellHWDetection - ok
13:26:33.0557 6284  Sicherheitspaket-Dienst - ok
13:26:33.0572 6284  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
13:26:33.0572 6284  SiSRaid2 - ok
13:26:33.0603 6284  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:26:33.0603 6284  SiSRaid4 - ok
13:26:33.0650 6284  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:26:33.0650 6284  Smb - ok
13:26:33.0713 6284  [ ED46EC5DC276570908FC4D9DE0628C71 ] snapman         C:\Windows\system32\DRIVERS\snapman.sys
13:26:33.0744 6284  snapman - ok
13:26:33.0759 6284  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:26:33.0759 6284  SNMPTRAP - ok
13:26:33.0775 6284  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:26:33.0775 6284  spldr - ok
13:26:33.0822 6284  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
13:26:33.0869 6284  Spooler - ok
13:26:33.0931 6284  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
13:26:33.0993 6284  sppsvc - ok
13:26:34.0009 6284  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:26:34.0009 6284  sppuinotify - ok
13:26:34.0040 6284  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:26:34.0040 6284  srv - ok
13:26:34.0056 6284  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:26:34.0071 6284  srv2 - ok
13:26:34.0071 6284  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:26:34.0087 6284  srvnet - ok
13:26:34.0103 6284  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:26:34.0103 6284  SSDPSRV - ok
13:26:34.0118 6284  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:26:34.0134 6284  SstpSvc - ok
13:26:34.0149 6284  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
13:26:34.0149 6284  stexstor - ok
13:26:34.0181 6284  [ DECACB6921DED1A38642642685D77DAC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
13:26:34.0181 6284  StillCam - ok
13:26:34.0212 6284  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
13:26:34.0227 6284  stisvc - ok
13:26:34.0243 6284  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
13:26:34.0259 6284  storflt - ok
13:26:34.0259 6284  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll
13:26:34.0259 6284  StorSvc - ok
13:26:34.0290 6284  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
13:26:34.0290 6284  storvsc - ok
13:26:34.0305 6284  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
13:26:34.0305 6284  swenum - ok
13:26:34.0321 6284  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
13:26:34.0337 6284  swprv - ok
13:26:34.0477 6284  [ F23C9F6010586F4634EE8330A3F19969 ] syncagentsrv    C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
13:26:34.0711 6284  syncagentsrv - ok
13:26:34.0758 6284  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
13:26:34.0773 6284  SysMain - ok
13:26:34.0773 6284  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:26:34.0789 6284  TabletInputService - ok
13:26:34.0789 6284  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:26:34.0805 6284  TapiSrv - ok
13:26:34.0805 6284  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
13:26:34.0805 6284  TBS - ok
13:26:34.0867 6284  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:26:34.0976 6284  Tcpip - ok
13:26:35.0023 6284  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:26:35.0039 6284  TCPIP6 - ok
13:26:35.0054 6284  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:26:35.0086 6284  tcpipreg - ok
13:26:35.0101 6284  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:26:35.0101 6284  TDPIPE - ok
13:26:35.0164 6284  [ 969BAD6A9A5B6DE983A8B2B84276CEB0 ] tdrpman         C:\Windows\system32\DRIVERS\tdrpman.sys
13:26:35.0242 6284  tdrpman - ok
13:26:35.0257 6284  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:26:35.0273 6284  TDTCP - ok
13:26:35.0288 6284  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:26:35.0288 6284  tdx - ok
13:26:35.0320 6284  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
13:26:35.0320 6284  TermDD - ok
13:26:35.0351 6284  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
13:26:35.0351 6284  TermService - ok
13:26:35.0366 6284  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
13:26:35.0366 6284  Themes - ok
13:26:35.0398 6284  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
13:26:35.0398 6284  THREADORDER - ok
13:26:35.0444 6284  [ 990447334615A0DB84F620E1426DCFE0 ] timounter       C:\Windows\system32\DRIVERS\timntr.sys
13:26:35.0491 6284  timounter - ok
13:26:35.0538 6284  [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM             C:\Windows\system32\drivers\tpm.sys
13:26:35.0538 6284  TPM - ok
13:26:35.0554 6284  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
13:26:35.0569 6284  TrkWks - ok
13:26:35.0600 6284  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:26:35.0600 6284  TrustedInstaller - ok
13:26:35.0600 6284  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:26:35.0616 6284  tssecsrv - ok
13:26:35.0632 6284  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:26:35.0632 6284  TsUsbFlt - ok
13:26:35.0647 6284  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
13:26:35.0647 6284  TsUsbGD - ok
13:26:35.0663 6284  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:26:35.0663 6284  tunnel - ok
13:26:35.0678 6284  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:26:35.0678 6284  uagp35 - ok
13:26:35.0694 6284  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:26:35.0710 6284  udfs - ok
13:26:35.0725 6284  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:26:35.0725 6284  UI0Detect - ok
13:26:35.0756 6284  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:26:35.0756 6284  uliagpkx - ok
13:26:35.0772 6284  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:26:35.0772 6284  umbus - ok
13:26:35.0788 6284  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
13:26:35.0788 6284  UmPass - ok
13:26:35.0803 6284  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
13:26:35.0819 6284  UmRdpService - ok
13:26:35.0912 6284  [ A69CD6BDB82872999D2E46F9324ADA83 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
13:26:35.0959 6284  UNS - ok
13:26:35.0975 6284  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
13:26:35.0990 6284  upnphost - ok
13:26:36.0006 6284  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:26:36.0037 6284  usbccgp - ok
13:26:36.0053 6284  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:26:36.0053 6284  usbcir - ok
13:26:36.0084 6284  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
13:26:36.0084 6284  usbehci - ok
13:26:36.0100 6284  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
13:26:36.0115 6284  usbhub - ok
13:26:36.0115 6284  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
13:26:36.0131 6284  usbohci - ok
13:26:36.0146 6284  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:26:36.0146 6284  usbprint - ok
13:26:36.0178 6284  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
13:26:36.0178 6284  usbscan - ok
13:26:36.0193 6284  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:26:36.0224 6284  USBSTOR - ok
13:26:36.0240 6284  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
13:26:36.0240 6284  usbuhci - ok
13:26:36.0256 6284  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
13:26:36.0256 6284  UxSms - ok
13:26:36.0287 6284  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
13:26:36.0287 6284  VaultSvc - ok
13:26:36.0318 6284  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:26:36.0318 6284  vdrvroot - ok
13:26:36.0334 6284  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
13:26:36.0349 6284  vds - ok
13:26:36.0349 6284  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:26:36.0365 6284  vga - ok
13:26:36.0365 6284  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:26:36.0365 6284  VgaSave - ok
13:26:36.0396 6284  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
13:26:36.0396 6284  vhdmp - ok
13:26:36.0412 6284  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:26:36.0412 6284  viaide - ok
13:26:36.0458 6284  [ 4065EC01AE001C4DB4A9A85CC1767D99 ] vididr          C:\Windows\system32\DRIVERS\vididr.sys
13:26:36.0490 6284  vididr - ok
13:26:36.0536 6284  [ 6DC5D9A5BBA6A858D06B7ABEFBA1A1E6 ] vidsflt58       C:\Windows\system32\DRIVERS\vsflt58.sys
13:26:36.0583 6284  vidsflt58 - ok
13:26:36.0614 6284  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
13:26:36.0614 6284  vmbus - ok
13:26:36.0630 6284  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
13:26:36.0630 6284  VMBusHID - ok
13:26:36.0646 6284  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:26:36.0661 6284  volmgr - ok
13:26:36.0677 6284  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:26:36.0677 6284  volmgrx - ok
13:26:36.0692 6284  [ DF8126BD41180351A093A3AD2FC8903B ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:26:36.0724 6284  volsnap - ok
13:26:36.0739 6284  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:26:36.0739 6284  vsmraid - ok
13:26:36.0786 6284  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
13:26:36.0833 6284  VSS - ok
13:26:36.0895 6284  [ EF51747440486C23BD466311048BD924 ] vToolbarUpdater12.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe
13:26:36.0973 6284  vToolbarUpdater12.2.0 - ok
13:26:36.0989 6284  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
13:26:37.0004 6284  vwifibus - ok
13:26:37.0020 6284  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
13:26:37.0036 6284  W32Time - ok
13:26:37.0051 6284  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
13:26:37.0051 6284  WacomPen - ok
13:26:37.0082 6284  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:26:37.0082 6284  WANARP - ok
13:26:37.0082 6284  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:26:37.0098 6284  Wanarpv6 - ok
13:26:37.0160 6284  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
13:26:37.0192 6284  WatAdminSvc - ok
13:26:37.0223 6284  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
13:26:37.0254 6284  wbengine - ok
13:26:37.0270 6284  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:26:37.0270 6284  WbioSrvc - ok
13:26:37.0285 6284  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:26:37.0301 6284  wcncsvc - ok
13:26:37.0301 6284  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:26:37.0316 6284  WcsPlugInService - ok
13:26:37.0332 6284  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
13:26:37.0332 6284  Wd - ok
13:26:37.0363 6284  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:26:37.0441 6284  Wdf01000 - ok
13:26:37.0457 6284  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:26:37.0457 6284  WdiServiceHost - ok
13:26:37.0457 6284  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:26:37.0457 6284  WdiSystemHost - ok
13:26:37.0472 6284  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
13:26:37.0472 6284  WebClient - ok
13:26:37.0488 6284  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:26:37.0504 6284  Wecsvc - ok
13:26:37.0519 6284  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:26:37.0519 6284  wercplsupport - ok
13:26:37.0535 6284  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:26:37.0550 6284  WerSvc - ok
13:26:37.0566 6284  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:26:37.0566 6284  WfpLwf - ok
13:26:37.0582 6284  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:26:37.0582 6284  WIMMount - ok
13:26:37.0613 6284  WinDefend - ok
13:26:37.0613 6284  WinHttpAutoProxySvc - ok
13:26:37.0660 6284  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:26:37.0660 6284  Winmgmt - ok
13:26:37.0706 6284  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
13:26:37.0738 6284  WinRM - ok
13:26:37.0784 6284  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUSB.sys
13:26:37.0784 6284  WinUsb - ok
13:26:37.0816 6284  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:26:37.0831 6284  Wlansvc - ok
13:26:37.0847 6284  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
13:26:37.0847 6284  WmiAcpi - ok
13:26:37.0862 6284  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:26:37.0878 6284  wmiApSrv - ok
13:26:37.0894 6284  WMPNetworkSvc - ok
13:26:37.0909 6284  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:26:37.0909 6284  WPCSvc - ok
13:26:37.0925 6284  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:26:37.0925 6284  WPDBusEnum - ok
13:26:37.0940 6284  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:26:37.0940 6284  ws2ifsl - ok
13:26:37.0956 6284  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
13:26:37.0956 6284  wscsvc - ok
13:26:37.0972 6284  WSearch - ok
13:26:38.0034 6284  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:26:38.0081 6284  wuauserv - ok
13:26:38.0112 6284  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:26:38.0143 6284  WudfPf - ok
13:26:38.0174 6284  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:26:38.0206 6284  WUDFRd - ok
13:26:38.0221 6284  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:26:38.0252 6284  wudfsvc - ok
13:26:38.0284 6284  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:26:38.0299 6284  WwanSvc - ok
13:26:38.0299 6284  ================ Scan global ===============================
13:26:38.0315 6284  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:26:38.0362 6284  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
13:26:38.0393 6284  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
13:26:38.0408 6284  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:26:38.0424 6284  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:26:38.0440 6284  [Global] - ok
13:26:38.0440 6284  ================ Scan MBR ==================================
13:26:38.0440 6284  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:26:38.0564 6284  \Device\Harddisk0\DR0 - ok
13:26:38.0564 6284  ================ Scan VBR ==================================
13:26:38.0564 6284  [ 8BF83DC6AC8C31EC88F5656C018DB23D ] \Device\Harddisk0\DR0\Partition1
13:26:38.0564 6284  \Device\Harddisk0\DR0\Partition1 - ok
13:26:38.0580 6284  [ ECC4D5AD5377A15258F4A731113361CB ] \Device\Harddisk0\DR0\Partition2
13:26:38.0580 6284  \Device\Harddisk0\DR0\Partition2 - ok
13:26:38.0611 6284  [ 54054DAB5BB4A1CA320785CF52FBD82A ] \Device\Harddisk0\DR0\Partition3
13:26:38.0611 6284  \Device\Harddisk0\DR0\Partition3 - ok
13:26:38.0611 6284  ============================================================
13:26:38.0611 6284  Scan finished
13:26:38.0611 6284  ============================================================
13:26:38.0627 8276  Detected object count: 0
13:26:38.0627 8276  Actual detected object count: 0
13:31:21.0118 8648  Deinitialize success

t'john · 17.03.2013, 20:34

Bitte nach Anleitung vorgehen und TDSSKiller richtig einstellen.

spartaner007 · 17.03.2013, 21:50

Hallo t´john,
nachfolgend die TDSSKiller.txt
MfG Maddin

Code:

ATTFilter

21:29:59.0568 16352  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:29:59.0800 16352  ============================================================
21:29:59.0800 16352  Current date / time: 2013/03/17 21:29:59.0800
21:29:59.0800 16352  SystemInfo:
21:29:59.0800 16352  
21:29:59.0800 16352  OS Version: 6.1.7601 ServicePack: 1.0
21:29:59.0800 16352  Product type: Workstation
21:29:59.0800 16352  ComputerName: PC01
21:29:59.0800 16352  UserName: ALT
21:29:59.0800 16352  Windows directory: C:\Windows
21:29:59.0800 16352  System windows directory: C:\Windows
21:29:59.0800 16352  Running under WOW64
21:29:59.0800 16352  Processor architecture: Intel x64
21:29:59.0800 16352  Number of processors: 4
21:29:59.0800 16352  Page size: 0x1000
21:29:59.0800 16352  Boot type: Normal boot
21:29:59.0800 16352  ============================================================
21:30:00.0328 16352  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:30:00.0330 16352  ============================================================
21:30:00.0330 16352  \Device\Harddisk0\DR0:
21:30:00.0330 16352  MBR partitions:
21:30:00.0330 16352  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:30:00.0330 16352  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x394FE000
21:30:00.0330 16352  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x39530800, BlocksNum 0xE55000
21:30:00.0330 16352  ============================================================
21:30:00.0353 16352  C: <-> \Device\Harddisk0\DR0\Partition2
21:30:00.0393 16352  D: <-> \Device\Harddisk0\DR0\Partition3
21:30:00.0393 16352  ============================================================
21:30:00.0393 16352  Initialize success
21:30:00.0393 16352  ============================================================
21:36:08.0460 8356  ============================================================
21:36:08.0460 8356  Scan started
21:36:08.0460 8356  Mode: Manual; SigCheck; TDLFS; 
21:36:08.0460 8356  ============================================================
21:36:10.0909 8356  ================ Scan system memory ========================
21:36:10.0909 8356  System memory - ok
21:36:10.0909 8356  ================ Scan services =============================
21:36:11.0143 8356  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:36:11.0315 8356  1394ohci - ok
21:36:11.0393 8356  [ A3769020F7E8A70FD3E824C050F33306 ] acedrv11        C:\Windows\system32\drivers\acedrv11.sys
21:36:11.0455 8356  acedrv11 - ok
21:36:11.0471 8356  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:36:11.0502 8356  ACPI - ok
21:36:11.0517 8356  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:36:11.0595 8356  AcpiPmi - ok
21:36:11.0689 8356  [ 879EB855B4C2A5E6C8D58C441B218187 ] AcrSch2Svc      C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
21:36:11.0720 8356  AcrSch2Svc - ok
21:36:11.0798 8356  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:36:11.0814 8356  AdobeARMservice - ok
21:36:11.0876 8356  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:36:11.0923 8356  AdobeFlashPlayerUpdateSvc - ok
21:36:11.0970 8356  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:36:12.0001 8356  adp94xx - ok
21:36:12.0032 8356  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:36:12.0063 8356  adpahci - ok
21:36:12.0079 8356  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:36:12.0095 8356  adpu320 - ok
21:36:12.0126 8356  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:36:12.0266 8356  AeLookupSvc - ok
21:36:12.0313 8356  [ B794DD8ACC5CC76177156463DAB4BEBB ] afcdp           C:\Windows\system32\DRIVERS\afcdp.sys
21:36:12.0344 8356  afcdp - ok
21:36:12.0453 8356  [ F92906DB7562D606674D5CBF2019D1CF ] afcdpsrv        C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
21:36:12.0500 8356  afcdpsrv - ok
21:36:12.0547 8356  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
21:36:12.0625 8356  AFD - ok
21:36:12.0656 8356  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
21:36:12.0687 8356  agp440 - ok
21:36:12.0719 8356  [ 44F360B65C37A42EB5B71C2E5179FDD5 ] aksdf           C:\Windows\system32\drivers\aksdf.sys
21:36:12.0797 8356  aksdf - ok
21:36:12.0812 8356  [ 43415AF4F20E9867974623840A22FE98 ] aksfridge       C:\Windows\system32\drivers\aksfridge.sys
21:36:12.0828 8356  aksfridge - ok
21:36:12.0843 8356  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
21:36:12.0875 8356  ALG - ok
21:36:12.0906 8356  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:36:12.0937 8356  aliide - ok
21:36:12.0999 8356  [ 2AED9A422EA1574C7D7EF9359A417718 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:36:13.0077 8356  AMD External Events Utility - ok
21:36:13.0093 8356  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
21:36:13.0109 8356  amdide - ok
21:36:13.0140 8356  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
21:36:13.0155 8356  AmdK8 - ok
21:36:13.0327 8356  [ BFA5E854959D5546D8834CA61F4AD075 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
21:36:13.0421 8356  amdkmdag - ok
21:36:13.0467 8356  [ 92D664FFFCD9E742FB25254F7F458D88 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
21:36:13.0530 8356  amdkmdap - ok
21:36:13.0530 8356  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
21:36:13.0577 8356  AmdPPM - ok
21:36:13.0608 8356  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:36:13.0639 8356  amdsata - ok
21:36:13.0670 8356  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
21:36:13.0717 8356  amdsbs - ok
21:36:13.0733 8356  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:36:13.0748 8356  amdxata - ok
21:36:13.0826 8356  [ 0C7DCBAED28D8957A6375CD5C23FD788 ] AntiVirusKit Client C:\Program Files (x86)\G Data\AVKClient\AVKCl.exe
21:36:13.0873 8356  AntiVirusKit Client - ok
21:36:13.0904 8356  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
21:36:13.0951 8356  AppID - ok
21:36:13.0982 8356  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:36:14.0013 8356  AppIDSvc - ok
21:36:14.0029 8356  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
21:36:14.0091 8356  Appinfo - ok
21:36:14.0123 8356  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
21:36:14.0169 8356  AppMgmt - ok
21:36:14.0185 8356  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
21:36:14.0216 8356  arc - ok
21:36:14.0216 8356  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:36:14.0247 8356  arcsas - ok
21:36:14.0310 8356  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:36:14.0341 8356  aspnet_state - ok
21:36:14.0372 8356  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:36:14.0419 8356  AsyncMac - ok
21:36:14.0435 8356  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
21:36:14.0450 8356  atapi - ok
21:36:14.0466 8356  [ 2B3B05C0A7768BF033217EB8F33F9C35 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
21:36:14.0481 8356  AtiHDAudioService - ok
21:36:14.0513 8356  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:36:14.0575 8356  AudioEndpointBuilder - ok
21:36:14.0591 8356  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:36:14.0622 8356  AudioSrv - ok
21:36:14.0684 8356  [ E964EA70249DDE1343C8F694B52575EE ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
21:36:14.0715 8356  avgtp - ok
21:36:14.0778 8356  [ E9DCCF332E7A6DAE33857E07EDAA1599 ] AVKProxy        C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe
21:36:14.0825 8356  AVKProxy - ok
21:36:14.0856 8356  [ 1E97643FA02EB77D0EEABF4A8561BCFF ] AVKWCtl         C:\Program Files (x86)\G Data\AVKClient\AVKWCtlX64.exe
21:36:14.0903 8356  AVKWCtl - ok
21:36:14.0918 8356  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:36:14.0965 8356  AxInstSV - ok
21:36:15.0012 8356  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
21:36:15.0059 8356  b06bdrv - ok
21:36:15.0090 8356  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:36:15.0137 8356  b57nd60a - ok
21:36:15.0168 8356  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:36:15.0230 8356  BDESVC - ok
21:36:15.0230 8356  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:36:15.0293 8356  Beep - ok
21:36:15.0324 8356  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
21:36:15.0371 8356  BFE - ok
21:36:15.0402 8356  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
21:36:15.0449 8356  BITS - ok
21:36:15.0464 8356  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
21:36:15.0495 8356  blbdrive - ok
21:36:15.0527 8356  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:36:15.0573 8356  bowser - ok
21:36:15.0605 8356  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
21:36:15.0651 8356  BrFiltLo - ok
21:36:15.0651 8356  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
21:36:15.0683 8356  BrFiltUp - ok
21:36:15.0729 8356  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
21:36:15.0776 8356  BridgeMP - ok
21:36:15.0823 8356  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
21:36:15.0885 8356  Browser - ok
21:36:15.0901 8356  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\system32\DRIVERS\BrSerId.sys
21:36:15.0963 8356  Brserid - ok
21:36:15.0979 8356  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:36:16.0026 8356  BrSerWdm - ok
21:36:16.0026 8356  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:36:16.0073 8356  BrUsbMdm - ok
21:36:16.0073 8356  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\system32\DRIVERS\BrUsbSer.sys
21:36:16.0104 8356  BrUsbSer - ok
21:36:16.0119 8356  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:36:16.0166 8356  BTHMODEM - ok
21:36:16.0182 8356  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
21:36:16.0229 8356  bthserv - ok
21:36:16.0244 8356  catchme - ok
21:36:16.0260 8356  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:36:16.0322 8356  cdfs - ok
21:36:16.0338 8356  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:36:16.0369 8356  cdrom - ok
21:36:16.0400 8356  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
21:36:16.0447 8356  CertPropSvc - ok
21:36:16.0463 8356  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
21:36:16.0478 8356  circlass - ok
21:36:16.0509 8356  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
21:36:16.0525 8356  CLFS - ok
21:36:16.0572 8356  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:36:16.0603 8356  clr_optimization_v2.0.50727_32 - ok
21:36:16.0634 8356  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:36:16.0665 8356  clr_optimization_v2.0.50727_64 - ok
21:36:16.0728 8356  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:36:16.0743 8356  clr_optimization_v4.0.30319_32 - ok
21:36:16.0775 8356  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:36:16.0790 8356  clr_optimization_v4.0.30319_64 - ok
21:36:16.0806 8356  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
21:36:16.0837 8356  CmBatt - ok
21:36:16.0853 8356  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:36:16.0868 8356  cmdide - ok
21:36:16.0931 8356  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
21:36:16.0993 8356  CNG - ok
21:36:17.0024 8356  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
21:36:17.0055 8356  Compbatt - ok
21:36:17.0087 8356  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
21:36:17.0133 8356  CompositeBus - ok
21:36:17.0133 8356  COMSysApp - ok
21:36:17.0149 8356  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:36:17.0180 8356  crcdisk - ok
21:36:17.0211 8356  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:36:17.0274 8356  CryptSvc - ok
21:36:17.0289 8356  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
21:36:17.0352 8356  CSC - ok
21:36:17.0383 8356  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
21:36:17.0430 8356  CscService - ok
21:36:17.0492 8356  [ F886378CC9FFA09FE9A9D7CB4CF32934 ] Vetad Update-Service C:\Vetad\PROGRAMM\INSTALL\DvInesASDSvc.Exe
21:36:17.0508 8356  Vetad Update-Service - ok
21:36:17.0539 8356  Vetad.Framework.RemoteServiceModel.EnablerService - ok
21:36:17.0539 8356  Vetad.Framework.RemoteServices - ok
21:36:17.0555 8356  [ 7D7D3E30813284B4F996286B90C8257D ] VetadPrintService C:\Vetad\PROGRAMM\B0001442\PSNTSERV.EXE
21:36:17.0586 8356  VetadPrintService ( UnsignedFile.Multi.Generic ) - warning
21:36:17.0586 8356  VetadPrintService - detected UnsignedFile.Multi.Generic (1)
21:36:17.0664 8356  [ 48297BF3339BC56DD7D7524D7A1740AA ] DBService       C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
21:36:17.0695 8356  DBService ( UnsignedFile.Multi.Generic ) - warning
21:36:17.0695 8356  DBService - detected UnsignedFile.Multi.Generic (1)
21:36:17.0773 8356  [ CA48969C67568A2C87730CE5F55C369C ] Dcmanag         C:\Vetad\PROGRAMM\B0000000\DFUEMNGR\DcManag.exe
21:36:17.0804 8356  Dcmanag - ok
21:36:17.0835 8356  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:36:17.0898 8356  DcomLaunch - ok
21:36:17.0929 8356  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
21:36:17.0991 8356  defragsvc - ok
21:36:18.0023 8356  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:36:18.0085 8356  DfsC - ok
21:36:18.0101 8356  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:36:18.0147 8356  Dhcp - ok
21:36:18.0147 8356  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
21:36:18.0210 8356  discache - ok
21:36:18.0257 8356  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
21:36:18.0272 8356  Disk - ok
21:36:18.0303 8356  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
21:36:18.0350 8356  dmvsc - ok
21:36:18.0381 8356  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:36:18.0428 8356  Dnscache - ok
21:36:18.0428 8356  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:36:18.0475 8356  dot3svc - ok
21:36:18.0491 8356  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
21:36:18.0522 8356  DPS - ok
21:36:18.0553 8356  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:36:18.0600 8356  drmkaud - ok
21:36:18.0662 8356  [ 00B0FAA44957D887CE540D297AA405A1 ] DVckService     C:\Vetad\PROGRAMM\B0000150\ScServer\DVckService.exe
21:36:18.0709 8356  DVckService - ok
21:36:18.0725 8356  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:36:18.0740 8356  DXGKrnl - ok
21:36:18.0771 8356  [ EAFCB4551836FF44EE775CEDDFA7A77E ] e1cexpress      C:\Windows\system32\DRIVERS\e1c62x64.sys
21:36:18.0787 8356  e1cexpress - ok
21:36:18.0818 8356  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
21:36:18.0865 8356  EapHost - ok
21:36:18.0943 8356  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
21:36:19.0005 8356  ebdrv - ok
21:36:19.0052 8356  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
21:36:19.0115 8356  EFS - ok
21:36:19.0161 8356  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:36:19.0208 8356  ehRecvr - ok
21:36:19.0208 8356  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
21:36:19.0239 8356  ehSched - ok
21:36:19.0271 8356  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:36:19.0286 8356  elxstor - ok
21:36:19.0302 8356  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:36:19.0333 8356  ErrDev - ok
21:36:19.0364 8356  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
21:36:19.0411 8356  EventSystem - ok
21:36:19.0442 8356  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
21:36:19.0473 8356  exfat - ok
21:36:19.0489 8356  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:36:19.0536 8356  fastfat - ok
21:36:19.0567 8356  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
21:36:19.0629 8356  Fax - ok
21:36:19.0661 8356  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
21:36:19.0692 8356  fdc - ok
21:36:19.0707 8356  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
21:36:19.0754 8356  fdPHost - ok
21:36:19.0754 8356  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:36:19.0801 8356  FDResPub - ok
21:36:19.0817 8356  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:36:19.0832 8356  FileInfo - ok
21:36:19.0848 8356  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:36:19.0879 8356  Filetrace - ok
21:36:19.0879 8356  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
21:36:19.0910 8356  flpydisk - ok
21:36:19.0926 8356  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:36:19.0941 8356  FltMgr - ok
21:36:20.0004 8356  [ B8AFE7A30D34C0E9FDBA81632294547C ] fltsrv          C:\Windows\system32\DRIVERS\fltsrv.sys
21:36:20.0035 8356  fltsrv - ok
21:36:20.0082 8356  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
21:36:20.0144 8356  FontCache - ok
21:36:20.0191 8356  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:36:20.0207 8356  FontCache3.0.0.0 - ok
21:36:20.0238 8356  [ C902AE091D15962DE76E455C970D416B ] FPLService      C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
21:36:20.0269 8356  FPLService - ok
21:36:20.0285 8356  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:36:20.0300 8356  FsDepends - ok
21:36:20.0347 8356  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:36:20.0363 8356  Fs_Rec - ok
21:36:20.0378 8356  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:36:20.0394 8356  fvevol - ok
21:36:20.0409 8356  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:36:20.0409 8356  gagp30kx - ok
21:36:20.0487 8356  [ D4839BA2790E3B740BD740B62D2D7870 ] GDBackupSvc     C:\Program Files (x86)\G Data\AVKClient\AVKBackupService.exe
21:36:20.0534 8356  GDBackupSvc - ok
21:36:20.0581 8356  [ 36512199AC54546179907B4FA73AE18A ] GDBehave        C:\Windows\system32\drivers\GDBehave.sys
21:36:20.0612 8356  GDBehave - ok
21:36:20.0643 8356  [ ACCF5DBD53594ED67F16FB74541469AC ] GDMnIcpt        C:\Windows\system32\drivers\MiniIcpt.sys
21:36:20.0675 8356  GDMnIcpt - ok
21:36:20.0721 8356  [ B4474E91254D6DBCA0F40C0D9B2A087A ] GDScan          C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe
21:36:20.0753 8356  GDScan - ok
21:36:20.0753 8356  [ 1488296E7A0ECDF3EFF1A90D2B0B6E4B ] gdwfpcd         C:\Windows\system32\drivers\gdwfpcd64.sys
21:36:20.0768 8356  gdwfpcd - ok
21:36:20.0815 8356  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
21:36:20.0862 8356  gpsvc - ok
21:36:20.0893 8356  [ 4450DE64DE330E99466D440ADC6DF8AD ] GRD             C:\Windows\system32\drivers\GRD.sys
21:36:20.0924 8356  GRD - ok
21:36:20.0955 8356  [ D619BA1712B83D14149850E758B835AD ] hardlock        C:\Windows\system32\drivers\hardlock.sys
21:36:21.0018 8356  hardlock - ok
21:36:21.0018 8356  hasplms - ok
21:36:21.0049 8356  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:36:21.0096 8356  hcw85cir - ok
21:36:21.0127 8356  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:36:21.0158 8356  HdAudAddService - ok
21:36:21.0189 8356  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:36:21.0221 8356  HDAudBus - ok
21:36:21.0236 8356  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
21:36:21.0283 8356  HidBatt - ok
21:36:21.0283 8356  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:36:21.0330 8356  HidBth - ok
21:36:21.0345 8356  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
21:36:21.0392 8356  HidIr - ok
21:36:21.0408 8356  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
21:36:21.0470 8356  hidserv - ok
21:36:21.0501 8356  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:36:21.0517 8356  HidUsb - ok
21:36:21.0533 8356  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:36:21.0579 8356  hkmsvc - ok
21:36:21.0626 8356  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:36:21.0735 8356  HomeGroupListener - ok
21:36:21.0751 8356  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:36:21.0798 8356  HomeGroupProvider - ok
21:36:21.0829 8356  [ 0020E7C6BC890B4E0AD92C6FE7A74F42 ] HookCentre      C:\Windows\system32\drivers\HookCentre.sys
21:36:21.0860 8356  HookCentre - ok
21:36:21.0907 8356  [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
21:36:21.0938 8356  HP Support Assistant Service - ok
21:36:21.0954 8356  [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
21:36:21.0969 8356  HPDrvMntSvc.exe - ok
21:36:21.0985 8356  [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
21:36:22.0016 8356  hpqwmiex - ok
21:36:22.0047 8356  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:36:22.0079 8356  HpSAMD - ok
21:36:22.0203 8356  [ F624E93AD16E11BD0004EB4475F009A8 ] HRService       C:\Program Files (x86)\Efuah\iDesk\iDeskService\iDeskService.exe
21:36:22.0235 8356  HRService - ok
21:36:22.0266 8356  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:36:22.0313 8356  HTTP - ok
21:36:22.0328 8356  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:36:22.0344 8356  hwpolicy - ok
21:36:22.0375 8356  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
21:36:22.0406 8356  i8042prt - ok
21:36:22.0453 8356  [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor          C:\Windows\system32\drivers\iaStor.sys
21:36:22.0484 8356  iaStor - ok
21:36:22.0500 8356  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:36:22.0531 8356  iaStorV - ok
21:36:22.0609 8356  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
21:36:22.0640 8356  IDriverT ( UnsignedFile.Multi.Generic ) - warning
21:36:22.0640 8356  IDriverT - detected UnsignedFile.Multi.Generic (1)
21:36:22.0703 8356  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:36:22.0734 8356  idsvc - ok
21:36:22.0765 8356  [ 2DCEA6E19134AEA8BF9B68110732A880 ] IFCoEMP         C:\Windows\system32\drivers\ifM52x64.sys
21:36:22.0796 8356  IFCoEMP - ok
21:36:22.0812 8356  [ 3A58E368FBF1CCF9E89F922EB76405C0 ] IFCoEVB         C:\Windows\system32\drivers\ifP52X64.sys
21:36:22.0827 8356  IFCoEVB - ok
21:36:23.0030 8356  [ 0AC9E321D604BE48A0D72B69BA484BDC ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
21:36:23.0155 8356  igfx - ok
21:36:23.0186 8356  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:36:23.0202 8356  iirsp - ok
21:36:23.0217 8356  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
21:36:23.0264 8356  IKEEXT - ok
21:36:23.0280 8356  [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd           C:\Windows\system32\drivers\Impcd.sys
21:36:23.0327 8356  Impcd - ok
21:36:23.0405 8356  [ A0C2C3D4C03C4FB896CFC53873784178 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:36:23.0451 8356  IntcAzAudAddService - ok
21:36:23.0467 8356  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
21:36:23.0498 8356  IntcDAud - ok
21:36:23.0530 8356  [ 28D387EEFAD7CC3A0BEB9C3262E83ADD ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
21:36:23.0545 8356  Intel(R) PROSet Monitoring Service - ok
21:36:23.0561 8356  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
21:36:23.0576 8356  intelide - ok
21:36:23.0592 8356  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
21:36:23.0639 8356  intelppm - ok
21:36:23.0670 8356  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:36:23.0717 8356  IPBusEnum - ok
21:36:23.0748 8356  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:36:23.0810 8356  IpFilterDriver - ok
21:36:23.0826 8356  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:36:23.0873 8356  iphlpsvc - ok
21:36:23.0904 8356  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:36:23.0920 8356  IPMIDRV - ok
21:36:23.0935 8356  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:36:23.0998 8356  IPNAT - ok
21:36:24.0013 8356  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:36:24.0029 8356  IRENUM - ok
21:36:24.0060 8356  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:36:24.0076 8356  isapnp - ok
21:36:24.0091 8356  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:36:24.0107 8356  iScsiPrt - ok
21:36:24.0138 8356  [ F415A88162D23977B5EDAE4F0410E903 ] IviRegMgr       C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
21:36:24.0169 8356  IviRegMgr - ok
21:36:24.0200 8356  [ 6C85719A21B3F62C2C76280F4BD36C7B ] jhi_service     C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
21:36:24.0232 8356  jhi_service - ok
21:36:24.0247 8356  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:36:24.0278 8356  kbdclass - ok
21:36:24.0278 8356  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:36:24.0310 8356  kbdhid - ok
21:36:24.0341 8356  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
21:36:24.0372 8356  KeyIso - ok
21:36:24.0388 8356  [ 322CD7A01A961D94C6EAB640D6427504 ] KOBCCEX         C:\Windows\system32\drivers\KOBCCEX.sys
21:36:24.0419 8356  KOBCCEX ( UnsignedFile.Multi.Generic ) - warning
21:36:24.0419 8356  KOBCCEX - detected UnsignedFile.Multi.Generic (1)
21:36:24.0466 8356  [ 3209D40399078C1091398F43215EDD1A ] KOBCCID         C:\Windows\system32\drivers\KOBCCID.sys
21:36:24.0512 8356  KOBCCID - ok
21:36:24.0528 8356  [ 34508E0E3A7DB08CDC4B969DB90163BD ] KOBIL_MSDI      C:\Vetad\PROGRAMM\B0000404\msdisrv.exe
21:36:24.0559 8356  KOBIL_MSDI ( UnsignedFile.Multi.Generic ) - warning
21:36:24.0559 8356  KOBIL_MSDI - detected UnsignedFile.Multi.Generic (1)
21:36:24.0590 8356  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:36:24.0622 8356  KSecDD - ok
21:36:24.0622 8356  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:36:24.0637 8356  KSecPkg - ok
21:36:24.0653 8356  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:36:24.0684 8356  ksthunk - ok
21:36:24.0715 8356  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:36:24.0762 8356  KtmRm - ok
21:36:24.0793 8356  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
21:36:24.0840 8356  LanmanServer - ok
21:36:24.0871 8356  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:36:24.0902 8356  LanmanWorkstation - ok
21:36:24.0934 8356  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:36:24.0996 8356  lltdio - ok
21:36:25.0012 8356  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:36:25.0043 8356  lltdsvc - ok
21:36:25.0058 8356  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:36:25.0090 8356  lmhosts - ok
21:36:25.0121 8356  [ 97F9EAAC985A663394CD8F54DCD3E73A ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:36:25.0136 8356  LMS - ok
21:36:25.0168 8356  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:36:25.0183 8356  LSI_FC - ok
21:36:25.0199 8356  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:36:25.0214 8356  LSI_SAS - ok
21:36:25.0230 8356  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
21:36:25.0246 8356  LSI_SAS2 - ok
21:36:25.0261 8356  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:36:25.0277 8356  LSI_SCSI - ok
21:36:25.0292 8356  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
21:36:25.0324 8356  luafv - ok
21:36:25.0355 8356  [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
21:36:25.0370 8356  MBAMProtector - ok
21:36:25.0417 8356  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:36:25.0433 8356  MBAMScheduler - ok
21:36:25.0464 8356  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
21:36:25.0480 8356  MBAMService - ok
21:36:25.0495 8356  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:36:25.0542 8356  Mcx2Svc - ok
21:36:25.0542 8356  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
21:36:25.0573 8356  megasas - ok
21:36:25.0604 8356  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
21:36:25.0620 8356  MegaSR - ok
21:36:25.0636 8356  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\drivers\HECIx64.sys
21:36:25.0651 8356  MEIx64 - ok
21:36:25.0714 8356  Microsoft SharePoint Workspace Audit Service - ok
21:36:25.0729 8356  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
21:36:25.0792 8356  MMCSS - ok
21:36:25.0807 8356  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
21:36:25.0823 8356  Modem - ok
21:36:25.0838 8356  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:36:25.0870 8356  monitor - ok
21:36:25.0885 8356  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:36:25.0901 8356  mouclass - ok
21:36:25.0932 8356  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:36:25.0948 8356  mouhid - ok
21:36:25.0979 8356  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:36:25.0994 8356  mountmgr - ok
21:36:26.0057 8356  [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:36:26.0072 8356  MozillaMaintenance - ok
21:36:26.0104 8356  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:36:26.0119 8356  mpio - ok
21:36:26.0135 8356  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:36:26.0182 8356  mpsdrv - ok
21:36:26.0197 8356  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:36:26.0244 8356  MpsSvc - ok
21:36:26.0260 8356  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:36:26.0275 8356  MRxDAV - ok
21:36:26.0306 8356  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:36:26.0338 8356  mrxsmb - ok
21:36:26.0353 8356  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:36:26.0369 8356  mrxsmb10 - ok
21:36:26.0369 8356  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:36:26.0384 8356  mrxsmb20 - ok
21:36:26.0416 8356  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:36:26.0431 8356  msahci - ok
21:36:26.0462 8356  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:36:26.0478 8356  msdsm - ok
21:36:26.0509 8356  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
21:36:26.0540 8356  MSDTC - ok
21:36:26.0556 8356  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:36:26.0587 8356  Msfs - ok
21:36:26.0587 8356  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:36:26.0634 8356  mshidkmdf - ok
21:36:26.0634 8356  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:36:26.0650 8356  msisadrv - ok
21:36:26.0681 8356  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:36:26.0728 8356  MSiSCSI - ok
21:36:26.0728 8356  msiserver - ok
21:36:26.0774 8356  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:36:26.0790 8356  MSKSSRV - ok
21:36:26.0806 8356  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:36:26.0837 8356  MSPCLOCK - ok
21:36:26.0852 8356  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:36:26.0899 8356  MSPQM - ok
21:36:26.0915 8356  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:36:26.0930 8356  MsRPC - ok
21:36:26.0962 8356  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
21:36:26.0962 8356  mssmbios - ok
21:36:26.0977 8356  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:36:27.0008 8356  MSTEE - ok
21:36:27.0024 8356  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
21:36:27.0055 8356  MTConfig - ok
21:36:27.0071 8356  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
21:36:27.0071 8356  Mup - ok
21:36:27.0102 8356  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
21:36:27.0149 8356  napagent - ok
21:36:27.0180 8356  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:36:27.0211 8356  NativeWifiP - ok
21:36:27.0274 8356  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:36:27.0320 8356  NDIS - ok
21:36:27.0336 8356  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:36:27.0367 8356  NdisCap - ok
21:36:27.0383 8356  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:36:27.0414 8356  NdisTapi - ok
21:36:27.0430 8356  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:36:27.0476 8356  Ndisuio - ok
21:36:27.0492 8356  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:36:27.0539 8356  NdisWan - ok
21:36:27.0554 8356  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:36:27.0601 8356  NDProxy - ok
21:36:27.0617 8356  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:36:27.0679 8356  NetBIOS - ok
21:36:27.0695 8356  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:36:27.0726 8356  NetBT - ok
21:36:27.0742 8356  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
21:36:27.0757 8356  Netlogon - ok
21:36:27.0788 8356  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
21:36:27.0835 8356  Netman - ok
21:36:27.0882 8356  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:36:27.0913 8356  NetMsmqActivator - ok
21:36:27.0929 8356  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:36:27.0960 8356  NetPipeActivator - ok
21:36:27.0976 8356  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
21:36:28.0022 8356  netprofm - ok
21:36:28.0022 8356  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:36:28.0038 8356  NetTcpActivator - ok
21:36:28.0038 8356  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:36:28.0054 8356  NetTcpPortSharing - ok
21:36:28.0069 8356  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:36:28.0085 8356  nfrd960 - ok
21:36:28.0100 8356  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:36:28.0132 8356  NlaSvc - ok
21:36:28.0163 8356  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:36:28.0194 8356  Npfs - ok
21:36:28.0210 8356  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
21:36:28.0241 8356  nsi - ok
21:36:28.0241 8356  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:36:28.0272 8356  nsiproxy - ok
21:36:28.0334 8356  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:36:28.0381 8356  Ntfs - ok
21:36:28.0397 8356  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
21:36:28.0428 8356  Null - ok
21:36:28.0444 8356  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:36:28.0459 8356  nvraid - ok
21:36:28.0459 8356  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:36:28.0475 8356  nvstor - ok
21:36:28.0506 8356  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:36:28.0522 8356  nv_agp - ok
21:36:28.0553 8356  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:36:28.0568 8356  ohci1394 - ok
21:36:28.0646 8356  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:36:28.0678 8356  ose - ok
21:36:28.0818 8356  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:36:28.0912 8356  osppsvc - ok
21:36:28.0943 8356  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:36:28.0958 8356  p2pimsvc - ok
21:36:28.0974 8356  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:36:29.0005 8356  p2psvc - ok
21:36:29.0021 8356  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
21:36:29.0068 8356  Parport - ok
21:36:29.0099 8356  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:36:29.0130 8356  partmgr - ok
21:36:29.0130 8356  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:36:29.0161 8356  PcaSvc - ok
21:36:29.0192 8356  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
21:36:29.0208 8356  pci - ok
21:36:29.0224 8356  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
21:36:29.0239 8356  pciide - ok
21:36:29.0270 8356  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:36:29.0302 8356  pcmcia - ok
21:36:29.0317 8356  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:36:29.0348 8356  pcw - ok
21:36:29.0411 8356  [ B0C25EA5278579EC685E32E16BBFF24F ] PDFProFiltSrv   C:\Program Files (x86)\Nuance\PDF Professional 7\PDFProFiltSrv.exe
21:36:29.0442 8356  PDFProFiltSrv - ok
21:36:29.0458 8356  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:36:29.0504 8356  PEAUTH - ok
21:36:29.0536 8356  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
21:36:29.0582 8356  PeerDistSvc - ok
21:36:29.0645 8356  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:36:29.0692 8356  PerfHost - ok
21:36:29.0738 8356  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
21:36:29.0801 8356  pla - ok
21:36:29.0832 8356  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:36:29.0879 8356  PlugPlay - ok
21:36:29.0894 8356  [ 0BEE791C7C7ACE453C134E73633C497D ] pmxdrv          C:\Windows\system32\drivers\pmxdrv.sys
21:36:29.0910 8356  pmxdrv - ok
21:36:29.0926 8356  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:36:29.0957 8356  PNRPAutoReg - ok
21:36:29.0972 8356  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:36:29.0988 8356  PNRPsvc - ok
21:36:30.0004 8356  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:36:30.0050 8356  PolicyAgent - ok
21:36:30.0082 8356  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
21:36:30.0128 8356  Power - ok
21:36:30.0160 8356  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:36:30.0206 8356  PptpMiniport - ok
21:36:30.0222 8356  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
21:36:30.0238 8356  Processor - ok
21:36:30.0284 8356  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:36:30.0331 8356  ProfSvc - ok
21:36:30.0347 8356  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:36:30.0378 8356  ProtectedStorage - ok
21:36:30.0394 8356  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:36:30.0440 8356  Psched - ok
21:36:30.0456 8356  [ F036CFB275D0C55F4E45FBBF5F98B3C8 ] PSI_SVC_2       C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
21:36:30.0487 8356  PSI_SVC_2 - ok
21:36:30.0534 8356  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:36:30.0581 8356  ql2300 - ok
21:36:30.0581 8356  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:36:30.0596 8356  ql40xx - ok
21:36:30.0628 8356  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
21:36:30.0659 8356  QWAVE - ok
21:36:30.0659 8356  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:36:30.0690 8356  QWAVEdrv - ok
21:36:30.0706 8356  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:36:30.0752 8356  RasAcd - ok
21:36:30.0768 8356  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:36:30.0799 8356  RasAgileVpn - ok
21:36:30.0830 8356  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
21:36:30.0862 8356  RasAuto - ok
21:36:30.0877 8356  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:36:30.0924 8356  Rasl2tp - ok
21:36:30.0940 8356  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
21:36:30.0971 8356  RasMan - ok
21:36:30.0986 8356  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:36:31.0018 8356  RasPppoe - ok
21:36:31.0033 8356  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:36:31.0080 8356  RasSstp - ok
21:36:31.0096 8356  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:36:31.0127 8356  rdbss - ok
21:36:31.0142 8356  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
21:36:31.0158 8356  rdpbus - ok
21:36:31.0174 8356  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:36:31.0189 8356  RDPCDD - ok
21:36:31.0205 8356  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
21:36:31.0236 8356  RDPDR - ok
21:36:31.0252 8356  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:36:31.0267 8356  RDPENCDD - ok
21:36:31.0298 8356  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:36:31.0314 8356  RDPREFMP - ok
21:36:31.0361 8356  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:36:31.0392 8356  RDPWD - ok
21:36:31.0423 8356  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:36:31.0439 8356  rdyboost - ok
21:36:31.0454 8356  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:36:31.0501 8356  RemoteAccess - ok
21:36:31.0517 8356  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:36:31.0564 8356  RemoteRegistry - ok
21:36:31.0579 8356  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:36:31.0657 8356  RpcEptMapper - ok
21:36:31.0688 8356  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
21:36:31.0735 8356  RpcLocator - ok
21:36:31.0751 8356  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
21:36:31.0813 8356  RpcSs - ok
21:36:31.0844 8356  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:36:31.0907 8356  rspndr - ok
21:36:31.0922 8356  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
21:36:31.0954 8356  s3cap - ok
21:36:31.0969 8356  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
21:36:32.0000 8356  SamSs - ok
21:36:32.0016 8356  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:36:32.0032 8356  sbp2port - ok
21:36:32.0047 8356  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:36:32.0094 8356  SCardSvr - ok
21:36:32.0110 8356  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:36:32.0156 8356  scfilter - ok
21:36:32.0188 8356  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
21:36:32.0234 8356  Schedule - ok
21:36:32.0250 8356  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:36:32.0281 8356  SCPolicySvc - ok
21:36:32.0312 8356  [ F15D43EABE907048F5FECC068792A0AE ] SC_SERV3D       C:\Windows\system32\drivers\d3_kafm.sys
21:36:32.0328 8356  SC_SERV3D - ok
21:36:32.0344 8356  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:36:32.0359 8356  SDRSVC - ok
21:36:32.0390 8356  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:36:32.0406 8356  secdrv - ok
21:36:32.0422 8356  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
21:36:32.0453 8356  seclogon - ok
21:36:32.0468 8356  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
21:36:32.0500 8356  SENS - ok
21:36:32.0515 8356  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:36:32.0562 8356  SensrSvc - ok
21:36:32.0578 8356  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:36:32.0609 8356  Serenum - ok
21:36:32.0624 8356  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:36:32.0656 8356  Serial - ok
21:36:32.0687 8356  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:36:32.0702 8356  sermouse - ok
21:36:32.0718 8356  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:36:32.0749 8356  SessionEnv - ok
21:36:32.0765 8356  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:36:32.0796 8356  sffdisk - ok
21:36:32.0796 8356  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:36:32.0827 8356  sffp_mmc - ok
21:36:32.0843 8356  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:36:32.0858 8356  sffp_sd - ok
21:36:32.0890 8356  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
21:36:32.0905 8356  sfloppy - ok
21:36:32.0921 8356  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:36:32.0968 8356  SharedAccess - ok
21:36:32.0983 8356  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:36:33.0030 8356  ShellHWDetection - ok
21:36:33.0077 8356  Sicherheitspaket-Dienst - ok
21:36:33.0108 8356  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
21:36:33.0124 8356  SiSRaid2 - ok
21:36:33.0139 8356  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:36:33.0170 8356  SiSRaid4 - ok
21:36:33.0202 8356  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:36:33.0264 8356  Smb - ok
21:36:33.0326 8356  [ ED46EC5DC276570908FC4D9DE0628C71 ] snapman         C:\Windows\system32\DRIVERS\snapman.sys
21:36:33.0358 8356  snapman - ok
21:36:33.0373 8356  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:36:33.0389 8356  SNMPTRAP - ok
21:36:33.0404 8356  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:36:33.0420 8356  spldr - ok
21:36:33.0467 8356  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
21:36:33.0482 8356  Spooler - ok
21:36:33.0545 8356  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
21:36:33.0623 8356  sppsvc - ok
21:36:33.0638 8356  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:36:33.0654 8356  sppuinotify - ok
21:36:33.0685 8356  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:36:33.0716 8356  srv - ok
21:36:33.0748 8356  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:36:33.0763 8356  srv2 - ok
21:36:33.0779 8356  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:36:33.0794 8356  srvnet - ok
21:36:33.0826 8356  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:36:33.0872 8356  SSDPSRV - ok
21:36:33.0888 8356  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:36:33.0950 8356  SstpSvc - ok
21:36:33.0966 8356  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
21:36:33.0982 8356  stexstor - ok
21:36:34.0028 8356  [ DECACB6921DED1A38642642685D77DAC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
21:36:34.0075 8356  StillCam - ok
21:36:34.0091 8356  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
21:36:34.0138 8356  stisvc - ok
21:36:34.0153 8356  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
21:36:34.0184 8356  storflt - ok
21:36:34.0184 8356  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll
21:36:34.0247 8356  StorSvc - ok
21:36:34.0262 8356  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
21:36:34.0294 8356  storvsc - ok
21:36:34.0309 8356  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
21:36:34.0325 8356  swenum - ok
21:36:34.0340 8356  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
21:36:34.0387 8356  swprv - ok
21:36:34.0528 8356  [ F23C9F6010586F4634EE8330A3F19969 ] syncagentsrv    C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
21:36:34.0606 8356  syncagentsrv - ok
21:36:34.0652 8356  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
21:36:34.0715 8356  SysMain - ok
21:36:34.0746 8356  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:36:34.0762 8356  TabletInputService - ok
21:36:34.0777 8356  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:36:34.0808 8356  TapiSrv - ok
21:36:34.0808 8356  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
21:36:34.0840 8356  TBS - ok
21:36:34.0918 8356  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:36:34.0980 8356  Tcpip - ok
21:36:35.0011 8356  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:36:35.0042 8356  TCPIP6 - ok
21:36:35.0074 8356  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:36:35.0089 8356  tcpipreg - ok
21:36:35.0105 8356  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:36:35.0152 8356  TDPIPE - ok
21:36:35.0214 8356  [ 969BAD6A9A5B6DE983A8B2B84276CEB0 ] tdrpman         C:\Windows\system32\DRIVERS\tdrpman.sys
21:36:35.0261 8356  tdrpman - ok
21:36:35.0292 8356  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:36:35.0308 8356  TDTCP - ok
21:36:35.0323 8356  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:36:35.0370 8356  tdx - ok
21:36:35.0386 8356  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
21:36:35.0401 8356  TermDD - ok
21:36:35.0417 8356  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
21:36:35.0479 8356  TermService - ok
21:36:35.0495 8356  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
21:36:35.0510 8356  Themes - ok
21:36:35.0542 8356  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
21:36:35.0573 8356  THREADORDER - ok
21:36:35.0620 8356  [ 990447334615A0DB84F620E1426DCFE0 ] timounter       C:\Windows\system32\DRIVERS\timntr.sys
21:36:35.0651 8356  timounter - ok
21:36:35.0682 8356  [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM             C:\Windows\system32\drivers\tpm.sys
21:36:35.0698 8356  TPM - ok
21:36:35.0713 8356  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
21:36:35.0760 8356  TrkWks - ok
21:36:35.0791 8356  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:36:35.0838 8356  TrustedInstaller - ok
21:36:35.0838 8356  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:36:35.0885 8356  tssecsrv - ok
21:36:35.0900 8356  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:36:35.0932 8356  TsUsbFlt - ok
21:36:35.0932 8356  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
21:36:35.0947 8356  TsUsbGD - ok
21:36:35.0978 8356  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:36:36.0025 8356  tunnel - ok
21:36:36.0041 8356  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:36:36.0056 8356  uagp35 - ok
21:36:36.0072 8356  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:36:36.0119 8356  udfs - ok
21:36:36.0134 8356  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:36:36.0150 8356  UI0Detect - ok
21:36:36.0181 8356  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:36:36.0197 8356  uliagpkx - ok
21:36:36.0212 8356  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:36:36.0259 8356  umbus - ok
21:36:36.0275 8356  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
21:36:36.0306 8356  UmPass - ok
21:36:36.0322 8356  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
21:36:36.0353 8356  UmRdpService - ok
21:36:36.0446 8356  [ A69CD6BDB82872999D2E46F9324ADA83 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:36:36.0493 8356  UNS - ok
21:36:36.0509 8356  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
21:36:36.0587 8356  upnphost - ok
21:36:36.0618 8356  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:36:36.0649 8356  usbccgp - ok
21:36:36.0665 8356  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:36:36.0680 8356  usbcir - ok
21:36:36.0696 8356  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
21:36:36.0727 8356  usbehci - ok
21:36:36.0758 8356  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
21:36:36.0790 8356  usbhub - ok
21:36:36.0790 8356  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:36:36.0821 8356  usbohci - ok
21:36:36.0868 8356  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:36:36.0914 8356  usbprint - ok
21:36:36.0946 8356  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
21:36:36.0977 8356  usbscan - ok
21:36:36.0992 8356  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:36:37.0039 8356  USBSTOR - ok
21:36:37.0055 8356  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:36:37.0102 8356  usbuhci - ok
21:36:37.0117 8356  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
21:36:37.0164 8356  UxSms - ok
21:36:37.0180 8356  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
21:36:37.0195 8356  VaultSvc - ok
21:36:37.0211 8356  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:36:37.0226 8356  vdrvroot - ok
21:36:37.0242 8356  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
21:36:37.0289 8356  vds - ok
21:36:37.0320 8356  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:36:37.0351 8356  vga - ok
21:36:37.0367 8356  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:36:37.0398 8356  VgaSave - ok
21:36:37.0429 8356  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:36:37.0445 8356  vhdmp - ok
21:36:37.0460 8356  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:36:37.0476 8356  viaide - ok
21:36:37.0523 8356  [ 4065EC01AE001C4DB4A9A85CC1767D99 ] vididr          C:\Windows\system32\DRIVERS\vididr.sys
21:36:37.0554 8356  vididr - ok
21:36:37.0616 8356  [ 6DC5D9A5BBA6A858D06B7ABEFBA1A1E6 ] vidsflt58       C:\Windows\system32\DRIVERS\vsflt58.sys
21:36:37.0632 8356  vidsflt58 - ok
21:36:37.0663 8356  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
21:36:37.0679 8356  vmbus - ok
21:36:37.0694 8356  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
21:36:37.0726 8356  VMBusHID - ok
21:36:37.0741 8356  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:36:37.0757 8356  volmgr - ok
21:36:37.0788 8356  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:36:37.0819 8356  volmgrx - ok
21:36:37.0819 8356  [ DF8126BD41180351A093A3AD2FC8903B ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:36:37.0850 8356  volsnap - ok
21:36:37.0866 8356  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:36:37.0882 8356  vsmraid - ok
21:36:37.0913 8356  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
21:36:37.0960 8356  VSS - ok
21:36:38.0053 8356  [ EF51747440486C23BD466311048BD924 ] vToolbarUpdater12.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe
21:36:38.0084 8356  vToolbarUpdater12.2.0 - ok
21:36:38.0100 8356  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
21:36:38.0131 8356  vwifibus - ok
21:36:38.0162 8356  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
21:36:38.0194 8356  W32Time - ok
21:36:38.0209 8356  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:36:38.0240 8356  WacomPen - ok
21:36:38.0272 8356  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:36:38.0334 8356  WANARP - ok
21:36:38.0350 8356  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:36:38.0365 8356  Wanarpv6 - ok
21:36:38.0443 8356  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:36:38.0474 8356  WatAdminSvc - ok
21:36:38.0537 8356  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
21:36:38.0599 8356  wbengine - ok
21:36:38.0599 8356  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:36:38.0630 8356  WbioSrvc - ok
21:36:38.0630 8356  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:36:38.0677 8356  wcncsvc - ok
21:36:38.0693 8356  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:36:38.0708 8356  WcsPlugInService - ok
21:36:38.0724 8356  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
21:36:38.0740 8356  Wd - ok
21:36:38.0771 8356  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:36:38.0786 8356  Wdf01000 - ok
21:36:38.0786 8356  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:36:38.0880 8356  WdiServiceHost - ok
21:36:38.0880 8356  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:36:38.0896 8356  WdiSystemHost - ok
21:36:38.0911 8356  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
21:36:38.0942 8356  WebClient - ok
21:36:38.0958 8356  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:36:38.0989 8356  Wecsvc - ok
21:36:39.0005 8356  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:36:39.0036 8356  wercplsupport - ok
21:36:39.0052 8356  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:36:39.0083 8356  WerSvc - ok
21:36:39.0098 8356  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:36:39.0130 8356  WfpLwf - ok
21:36:39.0145 8356  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:36:39.0145 8356  WIMMount - ok
21:36:39.0176 8356  WinDefend - ok
21:36:39.0176 8356  WinHttpAutoProxySvc - ok
21:36:39.0208 8356  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:36:39.0286 8356  Winmgmt - ok
21:36:39.0332 8356  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
21:36:39.0379 8356  WinRM - ok
21:36:39.0426 8356  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUSB.sys
21:36:39.0442 8356  WinUsb - ok
21:36:39.0457 8356  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:36:39.0504 8356  Wlansvc - ok
21:36:39.0520 8356  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:36:39.0566 8356  WmiAcpi - ok
21:36:39.0582 8356  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:36:39.0629 8356  wmiApSrv - ok
21:36:39.0644 8356  WMPNetworkSvc - ok
21:36:39.0660 8356  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:36:39.0691 8356  WPCSvc - ok
21:36:39.0707 8356  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:36:39.0754 8356  WPDBusEnum - ok
21:36:39.0769 8356  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:36:39.0800 8356  ws2ifsl - ok
21:36:39.0816 8356  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
21:36:39.0847 8356  wscsvc - ok
21:36:39.0847 8356  WSearch - ok
21:36:39.0910 8356  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:36:39.0972 8356  wuauserv - ok
21:36:39.0988 8356  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:36:40.0034 8356  WudfPf - ok
21:36:40.0050 8356  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:36:40.0081 8356  WUDFRd - ok
21:36:40.0097 8356  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:36:40.0112 8356  wudfsvc - ok
21:36:40.0144 8356  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:36:40.0190 8356  WwanSvc - ok
21:36:40.0190 8356  ================ Scan global ===============================
21:36:40.0206 8356  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:36:40.0237 8356  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:36:40.0237 8356  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:36:40.0253 8356  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:36:40.0284 8356  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:36:40.0284 8356  [Global] - ok
21:36:40.0284 8356  ================ Scan MBR ==================================
21:36:40.0284 8356  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:36:40.0487 8356  \Device\Harddisk0\DR0 - ok
21:36:40.0487 8356  ================ Scan VBR ==================================
21:36:40.0487 8356  [ 8BF83DC6AC8C31EC88F5656C018DB23D ] \Device\Harddisk0\DR0\Partition1
21:36:40.0487 8356  \Device\Harddisk0\DR0\Partition1 - ok
21:36:40.0518 8356  [ ECC4D5AD5377A15258F4A731113361CB ] \Device\Harddisk0\DR0\Partition2
21:36:40.0518 8356  \Device\Harddisk0\DR0\Partition2 - ok
21:36:40.0549 8356  [ 54054DAB5BB4A1CA320785CF52FBD82A ] \Device\Harddisk0\DR0\Partition3
21:36:40.0549 8356  \Device\Harddisk0\DR0\Partition3 - ok
21:36:40.0549 8356  ============================================================
21:36:40.0549 8356  Scan finished
21:36:40.0549 8356  ============================================================
21:36:40.0549 14572  Detected object count: 5
21:36:40.0549 14572  Actual detected object count: 5
21:39:19.0680 14572  VetadPrintService ( UnsignedFile.Multi.Generic ) - skipped by user
21:39:19.0680 14572  VetadPrintService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:39:19.0680 14572  DBService ( UnsignedFile.Multi.Generic ) - skipped by user
21:39:19.0680 14572  DBService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:39:19.0680 14572  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
21:39:19.0680 14572  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:39:19.0680 14572  KOBCCEX ( UnsignedFile.Multi.Generic ) - skipped by user
21:39:19.0680 14572  KOBCCEX ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:39:19.0680 14572  KOBIL_MSDI ( UnsignedFile.Multi.Generic ) - skipped by user
21:39:19.0680 14572  KOBIL_MSDI ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:41:00.0672 6264  Deinitialize success

t'john · 18.03.2013, 00:18

Sehr gut!

Downloade dir bitte

aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe - (aswMBR.exe Anleitung)
Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS-Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

danach:

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

danach:

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

spartaner007 · 20.03.2013, 00:20

Hallo t´john,
von aswMBR.exe erhielt ich nach zweimaligem Versuch (PC runter- und hochgefahren) die Meldung:
„Das Programm wird aufgrund eines Problems nicht richtig ausgeführt. Das Programm wird geschlossen und Sie werden benachrichtigt, wenn eine Lösung verfügbar ist.“
Im Programmbild ist erkennbar, dass folgende Programmzeile in Arbeit oder beendet wurde:
Scanning: C:\windows\assembly\GAC_MSIL\Microsoft.visualStudio.Tools.Applications. …
Folgendes hatte ich vor dem Start mit der rechten Maustaste als administrator erledigt:
* G Data-Wächter ausgeschaltet (auf 8 Stunden).
* Windows7/Dienste, die ich nicht beenden konnte:
- AVKProxy (Status: wird ausgeführt)
- G Data Dateisystem Wächter (Status: Wird ausgeführt)
- GDScan / G Data Scanner (Status: Wird ausgeführt)
MfG Maddin

12.03.2013, 11:50	#4
t'john /// Helfer-Team	Gen:Variant.Adware.VidSaver.1 [EngineA] Nein, so lange sollte das ncht dauern. Max 10 Minuten. Bitte mit OTL weitermachen. __________________ Mfg, t'john Das TB unterstützen

17.03.2013, 20:34	#12
t'john /// Helfer-Team	Gen:Variant.Adware.VidSaver.1 [EngineA] Bitte nach Anleitung vorgehen und TDSSKiller richtig einstellen. __________________ Mfg, t'john Das TB unterstützen

Gen:Variant.Adware.VidSaver.1 [EngineA]

Plagegeister aller Art und deren Bekämpfung: Gen:Variant.Adware.VidSaver.1 [EngineA]