| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: nach Avast! Update bleibt Rechner beim Booten hängenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
09.03.2013, 17:25
| #1 |
 |  nach Avast! Update bleibt Rechner beim Booten hängen Hallo Board, nach schwerer Infektion habe ich nach Neuinstallation auf meinem System (Vista 64Bit, SP2) Avast! als Antivirenprogramm installiert. Bis vor kurzem ist es auch gelaufen, nun nach einem Update (auf Version 8.0.1483) bleibt der Rechner beim Hochfahren hängen (noch vor der Benutzeranmeldung, bei dem animierten Bildschirm mit WinLogo und Laufbalken). wenn ich Windows im abgesicherten Modus starte funktioniert alles. Im "normalen" Modus habe ich Windows nur mit F9 und F8 (Bootmanager und dann Auswahl "letzte als funktionierend bekannte Version laden" hochfahren können. Komische Effekte: - die o.g. Version wird angezeigt, ich kann aber trotzdem ein Update starten, danach wieder der Effekt des Hängenbleibens beim booten. - Avast kann nicht in msconfig "Systemstart" angehakt werden, bzw. nach klicken auf "übernehmen" oder "OK" ist der Haken wieder weg. (ich hatte Avast mal weggehakt, bei dem Versuch ob dann der Rechner normal hochfährt) - es läuft immer die "AvastSvc.exe *32" als Systemprozess, nach starten von Avast über alle Programme dann auch die "AvastUI.exe *32" Im Internet habe ich nichts passendes dazu gefunden, zumindes nicht mit Lösung. Ist das eine erneute Infektion? Läuft Avast bei mir nicht stabil und ich soll lieber eine alternative AntivirenSW nutzen? Bitte um Hilfe, Grüße jareb |
|
10.03.2013, 20:59
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | nach Avast! Update bleibt Rechner beim Booten hängen Hallo,
__________________versuch mal im abgesicherten Modus Avast zu deinstallieren. Versuch dann Windows normal zu starten. Bitte rückmelden ob das klappt oder nicht, dann sehen wir weiter
__________________ |
|
15.03.2013, 22:38
| #3 |
| | nach Avast! Update bleibt Rechner beim Booten hängen Hallo Cosinus,
__________________man möcht es ja nicht glauben. Ich habe - Avast Update angeworfen --> Rechner sollte beim booten wieder hängen bleiben, tut er aber nicht, ist 3x anstandslos hochgefahren  - habe dann probiert in msconfig "Systemstart" Avast anzuhaken --> gleicher Effekt wie zuvor, kann nicht angehakt werden - dann avast deinstalliert und Rechnerneustart - avast wieder installiert, neustart, avast läuft - probiert in msconfig "Systemstart" Avast anzuhaken --> klappt wieder nicht - andere Programme (z.B. Acrobat Reader den ich auch mal weggehakt hatte) kann ich problemlos wieder anhaken Woran kann das liegen? Malware? Oder soll ich mal ein anderes Antivirusprogramm ausprobieren? Grüße jareb |
|
15.03.2013, 22:44
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | nach Avast! Update bleibt Rechner beim Booten hängen Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Erstmal eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
15.03.2013, 23:08
| #5 |
| | nach Avast! Update bleibt Rechner beim Booten hängen Hallo cosinus, ich habe den scan mit und ohne die Haken LOP und Purity Prüfung gestartet, wusste nicht was richtig ist, Dateien als Anhang da Text zu groß... Viele Grüße jareb Geändert von jareb (15.03.2013 um 23:49 Uhr) |
|
15.03.2013, 23:45
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | nach Avast! Update bleibt Rechner beim Booten hängen Ich seh leider nichts im Anhang..LOP und Purity schaden nicht, das Log wird nur etwas länger
__________________ --> nach Avast! Update bleibt Rechner beim Booten hängen |
|
15.03.2013, 23:49
| #7 |
| | nach Avast! Update bleibt Rechner beim Booten hängen so jetzt in der vorigen Antwort... |
|
15.03.2013, 23:55
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | nach Avast! Update bleibt Rechner beim Booten hängen Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.03.2013, 00:07
| #9 |
| | nach Avast! Update bleibt Rechner beim Booten hängen Hallo cosinus, hatte ich gelesen und versucht; da kam dann die Aufforderung (Pop up) die Dateien mit 7z zu zippen und anzuhängen. Ich versuche es aber gerne nochmal mit Code Tags... OTL Code:
ATTFilter OTL logfile created on: 15.03.2013 23:32:44 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Benutzer10\Downloads 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,33 Gb Available Physical Memory | 58,34% Memory free 8,17 Gb Paging File | 6,30 Gb Available in Paging File | 77,13% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 596,17 Gb Total Space | 177,44 Gb Free Space | 29,76% Space Free | Partition Type: NTFS Drive D: | 654,81 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: PC | User Name: Benutzer10 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Benutzer10\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Program Files (x86)\PDF Architect\ConversionService.exe (pdfforge GbR) PRC - C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GbR) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia) PRC - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia) PRC - C:\Program Files (x86)\7-Zip\7zFM.exe (Igor Pavlov) PRC - C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe (Panda Security) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf () ========== Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (PDF Architect Service) -- C:\Program Files (x86)\PDF Architect\ConversionService.exe (pdfforge GbR) SRV - (PDF Architect Helper Service) -- C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GbR) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia) SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (GEST Service) -- C:\Program Files (x86)\GIGABYTE\GEST\GSvr.exe () SRV - (FDTvCISvc) -- C:\Programme\FireDTV\FireDTV MCE Plugin\FDTvCISvc.exe (Digital Everywhere) ========== Driver Services (SafeList) ========== DRV:64bit: - (Firesat_Dvbc) -- C:\Windows\SysNative\DRIVERS\FireDTV_BDA_DVBC_MCE_x64.sys (digital everywhere) DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software) DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software) DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys () DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software) DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys () DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software) DRV:64bit: - (AswRdr) -- C:\Windows\SysNative\drivers\aswRdr.sys (AVAST Software) DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software) DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\DRIVERS\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek ) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdLH6.sys (Advanced Micro Devices) DRV:64bit: - (PSI) -- C:\Windows\SysNative\DRIVERS\psi_mf.sys (Secunia) DRV:64bit: - (Avc) -- C:\Windows\SysNative\DRIVERS\avc.sys (Microsoft Corporation) DRV:64bit: - (AVCSTRM) -- C:\Windows\SysNative\DRIVERS\avcstrm.sys (Microsoft Corporation) DRV:64bit: - (61883) -- C:\Windows\SysNative\DRIVERS\61883.sys (Microsoft Corporation) DRV:64bit: - (TEAM) -- C:\Windows\SysNative\DRIVERS\RtTeam60.sys (Realtek Corporation) DRV:64bit: - (RTTEAMPT) -- C:\Windows\SysNative\DRIVERS\RtTeam60.sys (Realtek Corporation) DRV:64bit: - (RTVLANPT) -- C:\Windows\SysNative\DRIVERS\RtVlan60.sys (Windows (R) Codename Longhorn DDK provider) DRV:64bit: - (JRAID) -- C:\Windows\SysNative\DRIVERS\jraid.sys (JMicron Technology Corp.) DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider) DRV - (ET5Drv) -- C:\Windows\ET5Drv.sys (Windows (R) Codename Longhorn DDK provider) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-373005886-4246134713-437058552-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-373005886-4246134713-437058552-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-373005886-4246134713-437058552-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130129 FF - prefs.js..extensions.enabledAddons: FFPDFArchitectConverter%40pdfarchitect.com:1.0 FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.5.8 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013.02.17 09:37:45 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.03.15 22:19:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.09 09:31:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.13 23:49:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benutzer10\AppData\Roaming\mozilla\Extensions [2013.03.15 22:03:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benutzer10\AppData\Roaming\mozilla\Firefox\Profiles\mlda8zbf.default\extensions [2013.02.14 00:28:50 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Benutzer10\AppData\Roaming\mozilla\Firefox\Profiles\mlda8zbf.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013.03.15 22:03:11 | 000,531,283 | ---- | M] () (No name found) -- C:\Users\Benutzer10\AppData\Roaming\mozilla\firefox\profiles\mlda8zbf.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013.03.15 21:50:43 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Benutzer10\AppData\Roaming\mozilla\firefox\profiles\mlda8zbf.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.03.09 09:31:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.02.17 09:37:45 | 000,000,000 | ---D | M] (PDF Architect Converter For Firefox) -- C:\PROGRAM FILES (X86)\PDF ARCHITECT\FFPDFARCHITECTEXT [2013.03.07 15:30:04 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2013.03.07 16:45:15 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.03.07 16:45:15 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013.03.07 16:45:15 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2013.03.07 16:45:15 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2013.03.07 16:45:15 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2013.03.07 16:45:15 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 22:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (PDF Architect Toolbar) - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GbR) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-373005886-4246134713-437058552-1000..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{35849468-187B-4E4E-9101-CD33D6B91EE6}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{825C3320-2358-44B7-887A-66968ED3E892}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2002.05.07 19:46:54 | 000,000,048 | R--- | M] () - D:\autorun.inf -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.03.15 23:18:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2013.03.15 23:18:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip [2013.03.15 22:42:33 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\MCE Logs [2013.03.15 22:20:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2013.03.15 22:20:51 | 000,377,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2013.03.15 22:20:51 | 000,033,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2013.03.15 22:20:50 | 000,059,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2013.03.15 22:20:49 | 000,068,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2013.03.15 22:20:44 | 001,025,808 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2013.03.15 22:20:09 | 000,080,816 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2013.03.15 22:19:47 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2013.03.15 22:08:17 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft [2013.03.15 21:14:14 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.03.15 21:14:13 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.03.15 21:14:13 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.03.15 21:14:13 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.03.15 21:14:13 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.03.15 21:14:12 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.03.15 21:14:12 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.03.15 21:14:12 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.03.15 21:14:11 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.03.15 21:14:11 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.03.15 21:14:11 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.03.15 21:14:10 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.03.15 21:14:09 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.03.15 21:14:09 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.03.15 21:14:09 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.03.15 21:12:13 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys [2013.03.10 16:12:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FireDTV [2013.03.10 16:12:31 | 000,000,000 | ---D | C] -- C:\Program Files\FireDTV [2013.03.10 16:12:31 | 000,000,000 | ---D | C] -- C:\ProgramData\CMUV [2013.03.08 22:02:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OFPS_FotoVideoSauter [2013.02.20 15:58:56 | 000,000,000 | ---D | C] -- C:\Users\Benutzer10\restore [2013.02.20 15:52:46 | 000,000,000 | ---D | C] -- C:\ProgramData\tmp [2013.02.20 15:52:45 | 000,000,000 | ---D | C] -- C:\ProgramData\hps [2013.02.20 15:39:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\dm [2013.02.19 17:34:36 | 000,000,000 | ---D | C] -- C:\Users\Benutzer10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Age of Wonders II [2013.02.19 17:34:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Wonders II [2013.02.19 17:32:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Age of Wonders II [2013.02.18 13:56:59 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll [2013.02.18 13:56:59 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll [2013.02.18 13:56:59 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll [2013.02.18 13:56:59 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll [2013.02.18 13:56:59 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll [2013.02.18 13:56:59 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll [2013.02.18 13:56:58 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll [2013.02.18 13:56:58 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll [2013.02.18 13:56:57 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll [2013.02.18 13:56:57 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll [2013.02.18 13:56:57 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll [2013.02.18 13:56:57 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll [2013.02.18 13:56:56 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll [2013.02.18 13:56:56 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll [2013.02.18 13:56:55 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll [2013.02.18 13:56:55 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll [2013.02.18 13:56:53 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll [2013.02.18 13:56:53 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll [2013.02.18 13:56:53 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll [2013.02.18 13:56:53 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll [2013.02.18 13:56:45 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll [2013.02.18 13:56:45 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll [2013.02.18 13:56:31 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll [2013.02.18 13:56:31 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll [2013.02.18 13:56:31 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll [2013.02.18 13:56:31 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll [2013.02.18 13:56:30 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll [2013.02.18 13:56:30 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll [2013.02.18 13:56:29 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll [2013.02.18 13:56:29 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll [2013.02.18 13:56:29 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll [2013.02.18 13:56:29 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll [2013.02.18 13:56:29 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll [2013.02.18 13:56:29 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll [2013.02.18 13:56:28 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll [2013.02.18 13:56:28 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll [2013.02.18 13:56:26 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll [2013.02.18 13:56:26 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll [2013.02.18 13:56:26 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll [2013.02.18 13:56:26 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll [2013.02.18 13:56:25 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll [2013.02.18 13:56:25 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll [2013.02.18 13:56:14 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll [2013.02.18 13:56:14 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll [2013.02.18 13:56:14 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll [2013.02.18 13:56:14 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll [2013.02.18 13:56:13 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll [2013.02.18 13:56:13 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll [2013.02.18 13:56:12 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll [2013.02.18 13:56:12 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll [2013.02.18 13:56:11 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll [2013.02.18 13:56:11 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll [2013.02.18 13:56:11 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll [2013.02.18 13:56:11 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll [2013.02.18 13:56:04 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll [2013.02.18 13:56:04 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll [2013.02.18 13:55:51 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll [2013.02.18 13:55:51 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll [2013.02.18 13:55:51 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll [2013.02.18 13:55:51 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll [2013.02.18 13:55:51 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll [2013.02.18 13:55:51 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll [2013.02.18 13:55:50 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll [2013.02.18 13:55:50 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll [2013.02.18 13:55:50 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll [2013.02.18 13:55:50 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll [2013.02.18 13:55:49 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll [2013.02.18 13:55:49 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll [2013.02.18 13:55:48 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll [2013.02.18 13:55:48 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll [2013.02.18 13:55:44 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll [2013.02.18 13:55:44 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll [2013.02.18 13:55:44 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll [2013.02.18 13:55:44 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll [2013.02.18 13:55:14 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll [2013.02.18 13:55:14 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll [2013.02.18 13:55:13 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll [2013.02.18 13:55:13 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll [2013.02.18 13:55:13 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll [2013.02.18 13:55:13 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll [2013.02.18 13:55:12 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll [2013.02.18 13:55:12 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll [2013.02.18 13:55:12 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll [2013.02.18 13:55:12 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll [2013.02.18 13:55:12 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll [2013.02.18 13:55:12 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll [2013.02.18 13:55:11 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll [2013.02.18 13:55:11 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll [2013.02.18 13:55:10 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll [2013.02.18 13:55:10 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll [2013.02.18 13:55:09 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll [2013.02.18 13:55:09 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll [2013.02.18 13:55:09 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll [2013.02.18 13:55:09 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll [2013.02.18 13:55:08 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll [2013.02.18 13:55:08 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll [2013.02.18 13:55:07 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll [2013.02.18 13:55:07 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll [2013.02.18 13:55:07 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll [2013.02.18 13:55:07 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll [2013.02.18 13:55:07 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll [2013.02.18 13:55:07 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll [2013.02.18 13:55:06 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll [2013.02.18 13:55:06 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll [2013.02.18 13:55:05 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll [2013.02.18 13:55:05 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll [2013.02.18 13:55:05 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll [2013.02.18 13:55:05 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll [2013.02.18 13:55:05 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll [2013.02.18 13:55:05 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll [2013.02.18 13:55:05 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll [2013.02.18 13:55:05 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll [2013.02.18 13:55:03 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll [2013.02.18 13:55:03 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll [2013.02.18 13:55:03 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll [2013.02.18 13:55:03 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll [2013.02.18 13:55:02 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll [2013.02.18 13:55:02 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll [2013.02.18 13:55:02 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll [2013.02.18 13:55:02 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll [2013.02.18 13:55:02 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll [2013.02.18 13:55:02 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll [2013.02.18 13:55:01 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll [2013.02.18 13:55:01 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll [2013.02.18 13:55:00 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll [2013.02.18 13:55:00 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll [2013.02.18 13:54:59 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll [2013.02.18 13:54:59 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll [2013.02.18 13:54:59 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll [2013.02.18 13:54:59 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll [2013.02.18 13:54:58 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll [2013.02.18 13:54:58 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll [2013.02.18 13:54:57 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll [2013.02.18 13:54:57 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll [2013.02.18 13:54:57 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll [2013.02.18 13:54:57 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll [2013.02.18 13:54:57 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll [2013.02.18 13:54:57 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll [2013.02.18 13:54:56 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll [2013.02.18 13:54:56 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll [2013.02.18 13:54:55 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll [2013.02.18 13:54:55 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll [2013.02.18 13:54:53 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll [2013.02.18 13:54:53 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll [2013.02.18 13:54:04 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll [2013.02.18 13:54:04 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll [2013.02.18 13:54:02 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll [2013.02.18 13:54:02 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll [2013.02.18 13:53:54 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll [2013.02.18 13:53:54 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll [2013.02.18 13:53:53 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll [2013.02.18 13:53:53 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll [2013.02.18 13:53:52 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll [2013.02.18 13:53:52 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll [2013.02.18 13:53:52 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll [2013.02.18 13:53:52 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll [2013.02.18 13:53:51 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll [2013.02.18 13:53:51 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll [2013.02.18 13:53:50 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll [2013.02.18 13:53:50 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll [2013.02.18 13:53:49 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll [2013.02.18 13:53:49 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll [2013.02.18 13:53:48 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll [2013.02.18 13:53:48 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll [2013.02.18 13:53:48 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll [2013.02.18 13:53:48 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll [2013.02.17 18:24:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2013.02.17 18:24:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2013.02.17 18:24:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam [2013.02.17 09:37:53 | 000,000,000 | ---D | C] -- C:\Users\Benutzer10\Documents\PDF Architect Files [2013.02.17 09:37:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect [2013.02.17 09:37:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDF Architect [2013.02.17 09:37:12 | 000,000,000 | ---D | C] -- C:\Users\Benutzer10\AppData\Roaming\pdfforge [2013.02.17 09:37:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator [2013.02.17 09:37:10 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCT2.OCX [2013.02.17 09:37:10 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMAPI32.OCX [2013.02.17 09:37:10 | 000,103,936 | ---- | C] (pdfforge GbR) -- C:\Windows\SysNative\pdfcmon.dll [2013.02.17 09:37:09 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCMCDE.DLL [2013.02.17 09:37:09 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6DE.DLL [2013.02.17 09:37:09 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCC2DE.DLL [2013.02.17 09:37:09 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPIDE.DLL [2013.02.17 09:37:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator [2013.02.17 09:19:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint [2013.02.17 09:19:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2013.02.17 09:17:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services [2013.02.17 09:17:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2013.02.17 09:17:04 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2013.02.17 09:17:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework [2013.02.17 09:17:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition [2013.02.17 09:14:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8 [2013.02.17 09:13:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2013.02.17 09:12:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2013.02.17 09:11:11 | 000,000,000 | ---D | C] -- C:\Users\Benutzer10\AppData\Local\Microsoft Help [2013.02.17 09:10:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2013.02.17 09:10:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2013.02.17 09:10:26 | 000,000,000 | RH-D | C] -- C:\MSOCache [2013.02.17 09:01:18 | 000,000,000 | ---D | C] -- C:\temp [2013.02.16 15:48:56 | 000,000,000 | ---D | C] -- C:\Users\Benutzer10\AppData\Roaming\Opera [2013.02.16 15:48:56 | 000,000,000 | ---D | C] -- C:\Users\Benutzer10\AppData\Local\Opera [2013.02.16 15:48:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera [2013.02.16 15:11:42 | 000,464,384 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\SysNative\esxw2ud.dll [2013.02.16 15:11:42 | 000,128,392 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\SysNative\esdevapp.exe [2013.02.16 15:11:42 | 000,017,408 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\esxcdev.dll [2013.02.16 15:11:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\epson [2013.02.16 15:04:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EPSON [2013.02.16 15:04:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON [2013.02.16 13:57:14 | 000,010,752 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\E_GCINST.DLL [2013.02.16 13:57:13 | 000,118,784 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_ILMGAU.DLL [2013.02.16 13:57:13 | 000,088,064 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_IBCBGAU.DLL [2013.02.16 13:56:45 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON [2013.02.16 11:09:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2013.02.14 20:41:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2013.02.14 20:41:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2013.02.14 19:03:18 | 001,556,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2013.02.14 19:03:17 | 002,002,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2013.02.14 19:03:17 | 000,834,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2013.02.14 19:03:17 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2013.02.14 19:03:17 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2013.02.14 19:03:15 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll [2013.02.14 19:03:15 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll [2013.02.14 19:03:15 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sscore.dll [2013.02.14 19:03:15 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll [2013.02.14 19:03:10 | 001,653,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2013.02.14 19:03:10 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2013.02.14 18:59:36 | 000,000,000 | ---D | C] -- C:\Users\Benutzer10\AppData\Local\WindowsUpdate [2013.02.14 18:55:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileHippo.com [2013.02.14 01:07:01 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices [2013.02.14 01:07:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Portable Devices [2013.02.14 01:06:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool [2013.02.14 01:06:41 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WindowsPowerShell [2013.02.14 01:06:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WindowsPowerShell [2013.02.14 00:40:04 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDShextAutoplay.exe [2013.02.14 00:40:04 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WPDShextAutoplay.exe [2013.02.14 00:40:03 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BthMtpContextHandler.dll [2013.02.14 00:39:57 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceConnectApi.dll [2013.02.14 00:39:56 | 002,727,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdshext.dll [2013.02.14 00:39:56 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpd_ci.dll [2013.02.14 00:39:56 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceApi.dll [2013.02.14 00:39:56 | 000,433,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDSp.dll [2013.02.14 00:39:56 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceWMDRM.dll [2013.02.14 00:39:56 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceTypes.dll [2013.02.14 00:39:56 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceWMDRM.dll [2013.02.14 00:39:56 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceClassExtension.dll [2013.02.14 00:39:56 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDShServiceObj.dll [2013.02.14 00:39:56 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceClassExtension.dll [2013.02.14 00:39:56 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceConnectApi.dll [2013.02.14 00:39:55 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WPDSp.dll [2013.02.14 00:12:36 | 000,000,000 | ---D | C] -- C:\Users\Benutzer10\AppData\Local\Macromedia [2013.02.14 00:11:59 | 000,693,976 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.02.14 00:11:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2013.02.14 00:02:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.02.14 00:02:15 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys [2013.02.14 00:02:14 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll [2013.02.14 00:02:12 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winusb.dll [2013.02.14 00:02:11 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll [2013.02.14 00:02:10 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll [2013.02.14 00:02:09 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll [2013.02.14 00:02:09 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe [2013.02.13 23:59:20 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll [2013.02.13 23:59:20 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll [2013.02.13 23:59:20 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe [2013.02.13 23:59:20 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe [2013.02.13 23:59:20 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll [2013.02.13 23:59:20 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll [2013.02.13 23:59:20 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll [2013.02.13 23:59:20 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll [2013.02.13 23:57:34 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe [2013.02.13 23:57:31 | 000,000,000 | ---D | C] -- C:\Users\Benutzer10\AppData\Local\Adobe [2013.02.13 23:54:27 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013.02.13 23:54:27 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013.02.13 23:54:27 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013.02.13 23:54:27 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013.02.13 23:54:27 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013.02.13 23:54:27 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013.02.13 23:54:27 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.02.13 23:54:27 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013.02.13 23:54:27 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013.02.13 23:54:27 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.02.13 23:54:27 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.02.13 23:54:27 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2013.02.13 23:54:27 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013.02.13 23:54:27 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013.02.13 23:54:27 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013.02.13 23:54:27 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.02.13 23:54:27 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013.02.13 23:54:26 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2013.02.13 23:54:26 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013.02.13 23:54:26 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013.02.13 23:54:26 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2013.02.13 23:54:26 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2013.02.13 23:54:26 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013.02.13 23:54:26 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013.02.13 23:54:26 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\advpack.dll [2013.02.13 23:54:26 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013.02.13 23:54:26 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2013.02.13 23:54:26 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013.02.13 23:54:26 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013.02.13 23:54:25 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013.02.13 23:54:25 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013.02.13 23:54:25 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013.02.13 23:54:25 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013.02.13 23:54:25 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013.02.13 23:54:25 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2013.02.13 23:54:25 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2013.02.13 23:54:25 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2013.02.13 23:54:25 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013.02.13 23:54:25 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advpack.dll [2013.02.13 23:54:25 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013.02.13 23:54:25 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2013.02.13 23:54:25 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.02.13 23:54:25 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013.02.13 23:54:25 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013.02.13 23:54:25 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.02.13 23:54:25 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.02.13 23:54:25 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.02.13 23:54:25 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013.02.13 23:54:25 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013.02.13 23:54:25 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013.02.13 23:54:25 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013.02.13 23:54:25 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.02.13 23:54:25 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013.02.13 23:54:25 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013.02.13 23:54:25 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013.02.13 23:54:24 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013.02.13 23:54:24 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013.02.13 23:54:24 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013.02.13 23:54:24 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013.02.13 23:53:13 | 003,548,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll [2013.02.13 23:53:13 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll [2013.02.13 23:53:13 | 001,257,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFH264Dec.dll [2013.02.13 23:53:13 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFH264Dec.dll [2013.02.13 23:53:13 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFHEAACdec.dll [2013.02.13 23:53:13 | 000,377,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfmp4src.dll [2013.02.13 23:53:13 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFHEAACdec.dll [2013.02.13 23:53:13 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll [2013.02.13 23:53:13 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfmp4src.dll [2013.02.13 23:53:13 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll [2013.02.13 23:53:13 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll [2013.02.13 23:53:13 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfps.dll [2013.02.13 23:53:13 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfpmp.exe [2013.02.13 23:53:12 | 001,204,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll [2013.02.13 23:53:12 | 000,748,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\stobject.dll [2013.02.13 23:53:12 | 000,278,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll [2013.02.13 23:53:12 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll [2013.02.13 23:53:11 | 000,566,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2013.02.13 23:53:11 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll [2013.02.13 23:53:10 | 001,268,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll [2013.02.13 23:53:10 | 001,032,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printfilterpipelinesvc.exe [2013.02.13 23:53:10 | 000,625,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll [2013.02.13 23:53:10 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winspool.drv [2013.02.13 23:53:10 | 000,287,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll [2013.02.13 23:53:10 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2013.02.13 23:53:10 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printfilterpipelineprxy.dll [2013.02.13 23:53:09 | 003,068,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xpsservices.dll [2013.02.13 23:53:09 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xpsservices.dll [2013.02.13 23:53:09 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OpcServices.dll [2013.02.13 23:53:09 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OpcServices.dll [2013.02.13 23:53:09 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll [2013.02.13 23:52:15 | 001,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013.02.13 23:52:15 | 000,792,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll [2013.02.13 23:52:15 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll [2013.02.13 23:52:15 | 000,449,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2013.02.13 23:52:15 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PhotoMetadataHandler.dll [2013.02.13 23:52:15 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll [2013.02.13 23:52:15 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxdiag.exe [2013.02.13 23:52:15 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoMetadataHandler.dll [2013.02.13 23:52:15 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxdiagn.dll [2013.02.13 23:52:15 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxdiag.exe [2013.02.13 23:52:15 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll [2013.02.13 23:52:15 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxdiagn.dll [2013.02.13 23:49:24 | 000,000,000 | ---D | C] -- C:\Users\Benutzer10\AppData\Roaming\Mozilla [2013.02.13 23:49:24 | 000,000,000 | ---D | C] -- C:\Users\Benutzer10\AppData\Local\Mozilla [2013.02.13 23:47:11 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshhttp.dll [2013.02.13 23:47:11 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshhttp.dll [2013.02.13 23:47:09 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpapi.dll [2013.02.13 23:47:08 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\httpapi.dll [2013.02.13 23:38:21 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrsmgr.dll [2013.02.13 23:38:21 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrsmgr.dll [2013.02.13 23:38:20 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsmplpxy.dll [2013.02.13 23:38:20 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrssrv.dll [2013.02.13 23:38:17 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsmplpxy.dll [2013.02.13 23:38:17 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrssrv.dll [2013.02.13 23:38:13 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pwrshplugin.dll [2013.02.13 23:38:13 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pwrshplugin.dll [2013.02.13 23:38:12 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrs.exe [2013.02.13 23:38:12 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrshost.exe [2013.02.13 23:38:12 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsmprovhost.exe [2013.02.13 23:38:09 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmRes.dll [2013.02.13 23:38:09 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmRes.dll [2013.02.13 23:38:08 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wevtfwd.dll [2013.02.13 23:38:08 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wecutil.exe [2013.02.13 23:38:08 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wecapi.dll [2013.02.13 23:38:08 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wevtfwd.dll [2013.02.13 23:38:08 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wecutil.exe [2013.02.13 23:38:08 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wecapi.dll [2013.02.13 23:38:08 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrs.exe [2013.02.13 23:38:08 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrshost.exe [2013.02.13 23:38:08 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsmprovhost.exe [2013.02.13 23:38:02 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmWmiPl.dll [2013.02.13 23:38:02 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManMigrationPlugin.dll [2013.02.13 23:38:02 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManHTTPConfig.exe [2013.02.13 23:38:02 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrscmd.dll [2013.02.13 23:38:02 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmWmiPl.dll [2013.02.13 23:38:02 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmAuto.dll [2013.02.13 23:38:02 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmAuto.dll [2013.02.13 23:38:01 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrscmd.dll [2013.02.13 23:38:01 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSManMigrationPlugin.dll [2013.02.13 23:38:01 | 000,348,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSManHTTPConfig.exe ========== Files - Modified Within 30 Days ========== [2013.03.15 23:29:25 | 001,445,310 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.03.15 23:29:25 | 000,628,504 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.03.15 23:29:25 | 000,595,798 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.03.15 23:29:25 | 000,126,248 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.03.15 23:29:25 | 000,103,872 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.03.15 23:22:07 | 000,004,112 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013.03.15 23:22:07 | 000,004,112 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013.03.15 23:22:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.03.15 23:08:15 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.03.15 22:20:09 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2013.03.14 18:08:18 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.03.14 18:08:18 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.03.10 16:12:38 | 000,000,726 | ---- | M] () -- C:\Users\Public\Desktop\FireDTV Viewer.lnk [2013.03.10 16:06:35 | 000,040,320 | ---- | M] (digital everywhere) -- C:\Windows\SysNative\drivers\FireDTV_BDA_DVBC_MCE_x64.sys [2013.03.07 00:33:21 | 001,025,808 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2013.03.07 00:33:21 | 000,377,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2013.03.07 00:33:21 | 000,178,624 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys [2013.03.07 00:33:21 | 000,068,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2013.03.07 00:33:21 | 000,065,336 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys [2013.03.07 00:33:20 | 000,080,816 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2013.03.07 00:33:20 | 000,059,144 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2013.03.07 00:33:20 | 000,033,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2013.03.07 00:32:51 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2013.03.07 00:32:22 | 000,287,840 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2013.03.02 16:08:44 | 000,000,680 | ---- | M] () -- C:\Users\Benutzer10\AppData\Local\d3d9caps.dat [2013.03.01 22:57:21 | 000,020,544 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys [2013.03.01 22:57:07 | 000,000,010 | ---- | M] () -- C:\Windows\GSetup.ini [2013.02.19 17:34:36 | 000,001,811 | ---- | M] () -- C:\Users\Benutzer10\Desktop\Age of Wonders II.lnk [2013.02.17 09:46:25 | 000,378,680 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.02.14 01:06:25 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_07_00.Wdf [2013.02.13 23:54:43 | 000,008,798 | ---- | M] () -- C:\Windows\SysWow64\icrav03.rat [2013.02.13 23:54:43 | 000,008,798 | ---- | M] () -- C:\Windows\SysNative\icrav03.rat [2013.02.13 23:54:43 | 000,001,988 | ---- | M] () -- C:\Windows\SysWow64\ticrf.rat [2013.02.13 23:54:43 | 000,001,988 | ---- | M] () -- C:\Windows\SysNative\ticrf.rat [2013.02.13 23:54:27 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013.02.13 23:54:27 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013.02.13 23:54:27 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013.02.13 23:54:27 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013.02.13 23:54:27 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013.02.13 23:54:27 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013.02.13 23:54:27 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.02.13 23:54:27 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013.02.13 23:54:27 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013.02.13 23:54:27 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.02.13 23:54:27 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.02.13 23:54:27 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2013.02.13 23:54:27 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2013.02.13 23:54:27 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013.02.13 23:54:27 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013.02.13 23:54:27 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013.02.13 23:54:27 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.02.13 23:54:27 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013.02.13 23:54:26 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2013.02.13 23:54:26 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013.02.13 23:54:26 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013.02.13 23:54:26 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2013.02.13 23:54:26 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2013.02.13 23:54:26 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013.02.13 23:54:26 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013.02.13 23:54:26 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\advpack.dll [2013.02.13 23:54:26 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013.02.13 23:54:26 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2013.02.13 23:54:26 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.02.13 23:54:26 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013.02.13 23:54:26 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013.02.13 23:54:25 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013.02.13 23:54:25 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013.02.13 23:54:25 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013.02.13 23:54:25 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013.02.13 23:54:25 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013.02.13 23:54:25 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2013.02.13 23:54:25 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2013.02.13 23:54:25 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2013.02.13 23:54:25 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013.02.13 23:54:25 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\advpack.dll [2013.02.13 23:54:25 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013.02.13 23:54:25 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2013.02.13 23:54:25 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.02.13 23:54:25 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013.02.13 23:54:25 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013.02.13 23:54:25 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.02.13 23:54:25 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.02.13 23:54:25 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013.02.13 23:54:25 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013.02.13 23:54:25 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2013.02.13 23:54:25 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013.02.13 23:54:25 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013.02.13 23:54:25 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.02.13 23:54:25 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013.02.13 23:54:25 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013.02.13 23:54:25 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013.02.13 23:54:24 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013.02.13 23:54:24 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013.02.13 23:54:24 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013.02.13 23:54:24 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013.02.13 23:53:13 | 003,548,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll [2013.02.13 23:53:13 | 002,873,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll [2013.02.13 23:53:13 | 001,257,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MFH264Dec.dll [2013.02.13 23:53:13 | 000,979,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MFH264Dec.dll [2013.02.13 23:53:13 | 000,428,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MFHEAACdec.dll [2013.02.13 23:53:13 | 000,377,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfmp4src.dll [2013.02.13 23:53:13 | 000,357,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MFHEAACdec.dll [2013.02.13 23:53:13 | 000,345,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll [2013.02.13 23:53:13 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfmp4src.dll [2013.02.13 23:53:13 | 000,261,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll [2013.02.13 23:53:13 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll [2013.02.13 23:53:13 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfps.dll [2013.02.13 23:53:13 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfpmp.exe [2013.02.13 23:53:12 | 001,204,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll [2013.02.13 23:53:12 | 000,748,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\stobject.dll [2013.02.13 23:53:12 | 000,278,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll [2013.02.13 23:53:12 | 000,209,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll [2013.02.13 23:53:11 | 000,566,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2013.02.13 23:53:11 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll [2013.02.13 23:53:10 | 001,268,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll [2013.02.13 23:53:10 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\printfilterpipelinesvc.exe [2013.02.13 23:53:10 | 000,625,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll [2013.02.13 23:53:10 | 000,366,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winspool.drv [2013.02.13 23:53:10 | 000,287,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll [2013.02.13 23:53:10 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2013.02.13 23:53:10 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\printfilterpipelineprxy.dll [2013.02.13 23:53:09 | 003,068,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\xpsservices.dll [2013.02.13 23:53:09 | 001,554,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\xpsservices.dll [2013.02.13 23:53:09 | 001,461,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\OpcServices.dll [2013.02.13 23:53:09 | 000,847,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\OpcServices.dll [2013.02.13 23:53:09 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll [2013.02.13 23:52:16 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\dxgkrnl.sys.mui [2013.02.13 23:52:15 | 001,209,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013.02.13 23:52:15 | 000,792,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll [2013.02.13 23:52:15 | 000,519,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll [2013.02.13 23:52:15 | 000,449,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2013.02.13 23:52:15 | 000,411,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\PhotoMetadataHandler.dll [2013.02.13 23:52:15 | 000,369,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll [2013.02.13 23:52:15 | 000,328,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxdiag.exe [2013.02.13 23:52:15 | 000,321,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoMetadataHandler.dll [2013.02.13 23:52:15 | 000,262,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxdiagn.dll [2013.02.13 23:52:15 | 000,252,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxdiag.exe [2013.02.13 23:52:15 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll [2013.02.13 23:52:15 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxdiagn.dll [2013.02.13 23:44:16 | 000,004,608 | ---- | M] () -- C:\Users\Benutzer10\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== Files Created - No Company Name ========== [2013.03.15 22:20:43 | 000,178,624 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys [2013.03.15 22:20:10 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys [2013.03.10 16:12:38 | 000,000,726 | ---- | C] () -- C:\Users\Public\Desktop\FireDTV Viewer.lnk [2013.03.08 22:02:25 | 000,001,812 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OFPS Foto-Video-Sauter.lnk [2013.02.19 17:34:36 | 000,001,811 | ---- | C] () -- C:\Users\Benutzer10\Desktop\Age of Wonders II.lnk [2013.02.14 18:55:50 | 000,001,838 | ---- | C] () -- C:\Users\Benutzer10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk [2013.02.14 01:06:25 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_07_00.Wdf [2013.02.14 00:12:00 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.02.14 00:02:17 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2013.02.14 00:02:17 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2013.02.13 23:54:27 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2013.02.13 23:54:25 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2013.02.13 23:38:03 | 000,201,184 | ---- | C] () -- C:\Windows\SysWow64\winrm.vbs [2013.02.13 23:38:03 | 000,201,184 | ---- | C] () -- C:\Windows\SysNative\winrm.vbs [2013.02.13 23:38:03 | 000,004,675 | ---- | C] () -- C:\Windows\SysWow64\wsmanconfig_schema.xml [2013.02.13 23:38:03 | 000,004,675 | ---- | C] () -- C:\Windows\SysNative\wsmanconfig_schema.xml [2013.02.13 23:38:03 | 000,002,426 | ---- | C] () -- C:\Windows\SysWow64\WsmTxt.xsl [2013.02.13 23:38:03 | 000,002,426 | ---- | C] () -- C:\Windows\SysNative\WsmTxt.xsl [2013.02.13 18:18:34 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2013.02.13 18:12:59 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [2013.02.13 18:04:07 | 003,107,788 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.dat [2013.02.13 14:50:43 | 000,004,608 | ---- | C] () -- C:\Users\Benutzer10\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013.02.13 11:51:11 | 000,000,680 | ---- | C] () -- C:\Users\Benutzer10\AppData\Local\d3d9caps.dat [2013.02.13 11:51:10 | 000,000,552 | ---- | C] () -- C:\Users\Benutzer10\AppData\Local\d3d8caps.dat [2013.02.11 22:34:05 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2013.02.11 22:34:00 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll [2013.02.11 22:33:53 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin [2013.02.11 22:33:53 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin [2013.02.11 21:50:03 | 000,000,732 | ---- | C] () -- C:\Users\Benutzer10\AppData\Local\d3d9caps64.dat [2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat ========== ZeroAccess Check ========== [2006.11.02 16:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.08 18:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.04.11 00:11:16 | 000,891,392 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.10 23:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008.01.21 03:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.02.16 16:05:51 | 000,000,000 | ---D | M] -- C:\Users\Benutzer1\AppData\Roaming\Opera [2013.02.16 15:48:56 | 000,000,000 | ---D | M] -- C:\Users\Benutzer10\AppData\Roaming\Opera [2013.02.17 09:37:12 | 000,000,000 | ---D | M] -- C:\Users\Benutzer10\AppData\Roaming\pdfforge ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 15.03.2013 23:32:44 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Benutzer10\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,33 Gb Available Physical Memory | 58,34% Memory free
8,17 Gb Paging File | 6,30 Gb Available in Paging File | 77,13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 596,17 Gb Total Space | 177,44 Gb Free Space | 29,76% Space Free | Partition Type: NTFS
Drive D: | 654,81 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: PC | User Name: Benutzer10 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-373005886-4246134713-437058552-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 1F BF 85 69 A1 08 CE 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{41EC680D-FB13-4156-81FA-7CA9BD1D299B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{296ABE3B-55BC-4D3C-BF4D-8614FF06D0AC}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{2975BD20-521E-4204-9371-6671A3DBB89E}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{520903E2-A176-4981-BCF4-0499D855090E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{5DEE1E62-A0E6-4358-95B9-30B3F2616057}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{7D56CB5C-9504-4AD0-AAEC-2602E18DFD5B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{C57673F2-E223-42B9-AB72-C493BBBE41A9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{D37A9D36-D4E8-4D7D-AD45-FCF722F9727D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{D50A13BA-4918-497A-AF87-1A3D531CE2D9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{D814F510-5A75-4A2F-B724-3E4B30A4E4DC}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{EF6EA546-84DE-4312-BFFE-328115A37618}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{59783762-B637-4319-A79D-BA9453123C09}" = FireDTV MCE Plugin
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{AB58402A-43DE-551C-2B40-DD1CF0E21240}" = ccc-utility64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{CE05598E-280C-46B8-B34F-57A12118A0DE}_is1" = FireDTV Setup 5.7 N
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1EF69B7-7A97-40FC-9AF1-6D6656FF874F}" = ATI AVIVO64 Codecs
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FAF03106-1653-15E1-3C0C-E7AE4FAE6EBF}" = AMD Catalyst Install Manager
"EPSON BX525WD Series" = Druckerdeinstallation für EPSON BX525WD Series
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{09327F13-B337-9F40-6976-EC993BEC1695}" = HydraVision
"{0B03071A-C96E-34CA-E5A3-4D8DA8ACCB3D}" = CCC Help Polish
"{1472627A-6E9F-DCB1-8894-E2BD249FD5E4}" = CCC Help Thai
"{1A2C316B-F842-6FB3-3C87-6FE02861F396}" = Catalyst Control Center
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{218BE476-B206-2879-B912-971E6E89E44D}" = CCC Help Finnish
"{2DFFE333-1B60-4CAA-F836-3CF0C99777CA}" = CCC Help Norwegian
"{364374D2-FE10-2170-2397-5B01F9D00093}" = CCC Help Spanish
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Configurer
"{40786C7F-7078-5147-444E-D45DE808B684}" = CCC Help Portuguese
"{43D3EA3E-2B72-57F3-40E0-318A614D0FDD}" = CCC Help Czech
"{4F7823C4-BB28-A63E-CE08-1B463D4682DE}" = CCC Help Dutch
"{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1" = Panda USB Vaccine 1.0.1.4
"{5869CE1E-BC0B-4648-B1AE-6EF4A985590C}" = Dynamic Energy Saver 1.0 B8.0128.1
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D7B8E2C-4356-619D-134F-FB36B0809958}" = CCC Help German
"{6F173E00-2766-E174-C2E0-AD88F24685BD}" = CCC Help Swedish
"{6FAEC41D-0654-12C1-0068-770D19FC2446}" = CCC Help Italian
"{73D239CC-D6B1-ADEC-A7BE-E100C7112004}" = CCC Help Korean
"{7551720A-7CB0-456F-9CE1-4E154432DD9E}" = ATI Catalyst Survey
"{80A07844-CA64-4DE4-AB61-D37DDBE8074F}" = PDF Architect
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D3D92F0-852F-D832-FD8B-029C8C231C13}" = CCC Help Russian
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{963FFEAB-16E5-EB69-4E64-338B3D319FB4}" = CCC Help Chinese Standard
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F7E9D7B-3291-96CE-A27F-DD4F6EB230EA}" = CCC Help Chinese Traditional
"{A11E24AD-A7EB-78C9-F792-AD9CDDB8B651}" = Catalyst Control Center InstallProxy
"{A5154441-DAF4-49A6-BFEE-DE9B1928DEF0}" = Realtek Ethernet Teaming and VLAN Utility for Windows Vista
"{A6FDE264-C48D-36CE-CFA7-ABBEB861AC10}" = Catalyst Control Center Localization All
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{B31A9284-632D-683E-3BD0-F6926D445A7B}" = CCC Help Danish
"{B7A75523-3D7F-CF23-12F7-999EAF6C7167}" = CCC Help Japanese
"{C821D689-95BE-0D60-255E-D9B89CB3019F}" = Catalyst Control Center Graphics Previews Common
"{CE1458AA-23A7-332D-68D9-86B799898DA6}" = CCC Help Greek
"{E0655E94-1D4D-8484-64C6-E6F847B7BE92}" = CCC Help Turkish
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E555950B-1496-C37C-CA2C-2DF8745A5BE9}" = CCC Help English
"{EE229D0E-3D9E-636C-6E75-9436A87C7E49}" = CCC Help French
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F536CCF1-C4C1-5FB9-6B17-F883DFFAE569}" = CCC Help Hungarian
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Age of Wonders II" = Age of Wonders II
"avast" = avast! Free Antivirus
"EPSON Scanner" = EPSON Scan
"FileHippo.com" = FileHippo.com Update Checker
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Online Foto Print System (fvsauter)" = Online Foto Print System ( OFPS Foto-Video-Sauter )
"Opera 12.14.1738" = Opera 12.14
"Secunia PSI" = Secunia PSI (3.0.0.4001)
"Steam App 72850" = The Elder Scrolls V: Skyrim
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 10.03.2013 10:07:58 | Computer Name = PC | Source = WinMgmt | ID = 10
Description =
Error - 11.03.2013 19:55:43 | Computer Name = PC | Source = | ID = 0
Description =
Error - 11.03.2013 19:55:43 | Computer Name = PC | Source = | ID = 0
Description =
Error - 14.03.2013 11:37:26 | Computer Name = PC | Source = WinMgmt | ID = 10
Description =
Error - 15.03.2013 16:04:37 | Computer Name = PC | Source = WinMgmt | ID = 10
Description =
Error - 15.03.2013 16:32:32 | Computer Name = PC | Source = WinMgmt | ID = 10
Description =
Error - 15.03.2013 16:44:58 | Computer Name = PC | Source = WinMgmt | ID = 10
Description =
Error - 15.03.2013 16:57:11 | Computer Name = PC | Source = WinMgmt | ID = 10
Description =
Error - 15.03.2013 17:13:11 | Computer Name = PC | Source = WinMgmt | ID = 10
Description =
Error - 15.03.2013 18:23:41 | Computer Name = PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 15.03.2013 18:20:30 | Computer Name = PC | Source = Service Control Manager | ID = 7001
Description =
Error - 15.03.2013 18:20:31 | Computer Name = PC | Source = Service Control Manager | ID = 7001
Description =
Error - 15.03.2013 18:23:29 | Computer Name = PC | Source = DCOM | ID = 10005
Description =
Error - 15.03.2013 18:23:43 | Computer Name = PC | Source = Service Control Manager | ID = 7001
Description =
Error - 15.03.2013 18:23:43 | Computer Name = PC | Source = Service Control Manager | ID = 7001
Description =
Error - 15.03.2013 18:23:43 | Computer Name = PC | Source = Service Control Manager | ID = 7001
Description =
Error - 15.03.2013 18:23:43 | Computer Name = PC | Source = Service Control Manager | ID = 7001
Description =
Error - 15.03.2013 18:23:43 | Computer Name = PC | Source = Service Control Manager | ID = 7001
Description =
Error - 15.03.2013 18:23:43 | Computer Name = PC | Source = Service Control Manager | ID = 7001
Description =
Error - 15.03.2013 18:23:43 | Computer Name = PC | Source = Service Control Manager | ID = 7001
Description =
< End of report >
|
|
16.03.2013, 01:59
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | nach Avast! Update bleibt Rechner beim Booten hängen Kein Problem, so ist das gut in der Form!  Rootkitscan mit GMER Bitte lade dir  GMER herunter: (Dateiname zufällig)
Tauchen Probleme auf?
Anschließend bitte MBAR ausführen: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.03.2013, 23:08
| #11 |
| | nach Avast! Update bleibt Rechner beim Booten hängen Hallo cosinus, hier die Ergebnisse: gmer Code:
ATTFilter GMER 2.1.19155 - hxxp://www.gmer.net
Rootkit scan 2013-03-16 22:41:45
Windows 6.0.6002 Service Pack 2 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_HD642JJ rev.1AA01112 596,17GB
Running: gmer_2.1.19155.exe; Driver: C:\Users\BENUTZ~1\AppData\Local\Temp\pxldapow.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe suspicious modification
.text C:\Windows\System32\win32k.sys!W32pServiceTable fffff9600013f600 3 bytes [80, 82, 02]
.text C:\Windows\System32\win32k.sys!W32pServiceTable + 4 fffff9600013f604 3 bytes [81, C1, FA]
.text ... * 128
.text C:\Windows\System32\win32k.sys!EngGetProcessHandle + 452 fffff960001e86cc 6 bytes {JMP QWORD [RIP-0xb1956]}
---- User code sections - GMER 2.1 ----
.text C:\Windows\system32\wininit.exe[640] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c12c52 1 byte [62]
.text C:\Windows\system32\winlogon.exe[820] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c12c52 1 byte [62]
.text C:\Windows\System32\svchost.exe[276] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c12c52 1 byte [62]
.text C:\Windows\system32\atiesrxx.exe[528] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c12c52 1 byte [62]
.text C:\Windows\System32\svchost.exe[12] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c12c52 1 byte [62]
.text C:\Windows\System32\svchost.exe[904] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c12c52 1 byte [62]
.text C:\Windows\system32\svchost.exe[792] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c12c52 1 byte [62]
.text C:\Windows\system32\svchost.exe[1232] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c12c52 1 byte [62]
.text C:\Windows\System32\spoolsv.exe[1660] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c12c52 1 byte [62]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1784] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 130 0000000075d94228 1 byte [62]
.text C:\Windows\system32\svchost.exe[1836] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c12c52 1 byte [62]
.text C:\Program Files\FireDTV\FireDTV MCE Plugin\FDTvCISvc.exe[1864] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c12c52 1 byte [62]
.text C:\Program Files (x86)\PDF Architect\HelperService.exe[1892] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 130 0000000075d94228 1 byte [62]
.text C:\Program Files (x86)\PDF Architect\ConversionService.exe[2032] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 130 0000000075d94228 1 byte [62]
.text C:\Program Files (x86)\Secunia\PSI\PSIA.exe[1396] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 130 0000000075d94228 1 byte [62]
.text C:\Windows\system32\SearchIndexer.exe[2268] C:\Windows\system32\ntdll.dll!LdrUnloadDll 0000000076ef6d20 5 bytes JMP 000000010016075c
.text C:\Windows\system32\SearchIndexer.exe[2268] C:\Windows\system32\ntdll.dll!LdrLoadDll 0000000076f13bd0 5 bytes JMP 00000001001603a4
.text C:\Windows\system32\SearchIndexer.exe[2268] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory 0000000076f26ff0 5 bytes JMP 0000000100160b14
.text C:\Windows\system32\SearchIndexer.exe[2268] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory 0000000076f27050 5 bytes JMP 0000000100160ecc
.text C:\Windows\system32\SearchIndexer.exe[2268] C:\Windows\system32\ntdll.dll!NtTerminateProcess 0000000076f27130 5 bytes JMP 000000010016163c
.text C:\Windows\system32\SearchIndexer.exe[2268] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory 0000000076f27370 5 bytes JMP 0000000100161284
.text C:\Windows\system32\SearchIndexer.exe[2268] C:\Windows\system32\ntdll.dll!NtSetContextThread 0000000076f28330 5 bytes JMP 00000001001619f4
.text C:\Windows\system32\SearchIndexer.exe[2268] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 194 0000000076c12c52 1 byte [62]
.text C:\Windows\system32\taskeng.exe[2864] C:\Windows\system32\ntdll.dll!LdrUnloadDll 0000000076ef6d20 5 bytes JMP 000000010079075c
.text C:\Windows\system32\taskeng.exe[2864] C:\Windows\system32\ntdll.dll!LdrLoadDll 0000000076f13bd0 5 bytes JMP 00000001007903a4
.text C:\Windows\system32\taskeng.exe[2864] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory 0000000076f26ff0 5 bytes JMP 0000000100790b14
.text C:\Windows\system32\taskeng.exe[2864] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory 0000000076f27050 5 bytes JMP 0000000100790ecc
.text C:\Windows\system32\taskeng.exe[2864] C:\Windows\system32\ntdll.dll!NtTerminateProcess 0000000076f27130 5 bytes JMP 000000010079163c
.text C:\Windows\system32\taskeng.exe[2864] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory 0000000076f27370 5 bytes JMP 0000000100791284
.text C:\Windows\system32\taskeng.exe[2864] C:\Windows\system32\ntdll.dll!NtSetContextThread 0000000076f28330 5 bytes JMP 00000001007919f4
.text C:\Windows\system32\Dwm.exe[3044] C:\Windows\system32\ntdll.dll!LdrUnloadDll 0000000076ef6d20 5 bytes JMP 00000001000a075c
.text C:\Windows\system32\Dwm.exe[3044] C:\Windows\system32\ntdll.dll!LdrLoadDll 0000000076f13bd0 5 bytes JMP 00000001000a03a4
.text C:\Windows\system32\Dwm.exe[3044] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory 0000000076f26ff0 5 bytes JMP 00000001000a0b14
.text C:\Windows\system32\Dwm.exe[3044] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory 0000000076f27050 5 bytes JMP 00000001000a0ecc
.text C:\Windows\system32\Dwm.exe[3044] C:\Windows\system32\ntdll.dll!NtTerminateProcess 0000000076f27130 5 bytes JMP 00000001000a163c
.text C:\Windows\system32\Dwm.exe[3044] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory 0000000076f27370 5 bytes JMP 00000001000a1284
.text C:\Windows\system32\Dwm.exe[3044] C:\Windows\system32\ntdll.dll!NtSetContextThread 0000000076f28330 5 bytes JMP 00000001000a19f4
.text C:\Windows\Explorer.EXE[168] C:\Windows\system32\ntdll.dll!LdrUnloadDll 0000000076ef6d20 5 bytes JMP 000000010070075c
.text C:\Windows\Explorer.EXE[168] C:\Windows\system32\ntdll.dll!LdrLoadDll 0000000076f13bd0 5 bytes JMP 00000001007003a4
.text C:\Windows\Explorer.EXE[168] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory 0000000076f26ff0 5 bytes JMP 0000000100700b14
.text C:\Windows\Explorer.EXE[168] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory 0000000076f27050 5 bytes JMP 0000000100700ecc
.text C:\Windows\Explorer.EXE[168] C:\Windows\system32\ntdll.dll!NtTerminateProcess 0000000076f27130 5 bytes JMP 000000010070163c
.text C:\Windows\Explorer.EXE[168] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory 0000000076f27370 5 bytes JMP 0000000100701284
.text C:\Windows\Explorer.EXE[168] C:\Windows\system32\ntdll.dll!NtSetContextThread 0000000076f28330 5 bytes JMP 00000001007019f4
.text C:\Windows\Explorer.EXE[168] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 194 0000000076c12c52 1 byte [62]
.text C:\Windows\Explorer.EXE[168] C:\Windows\system32\USER32.dll!SetWindowsHookExA 0000000076ad20f4 5 bytes JMP 0000000100800b14
.text C:\Windows\Explorer.EXE[168] C:\Windows\system32\USER32.dll!SetWindowsHookExW 0000000076ad86b0 5 bytes JMP 0000000100800ecc
.text C:\Windows\Explorer.EXE[168] C:\Windows\system32\USER32.dll!SetWinEventHook 0000000076ada308 5 bytes JMP 00000001008003a4
.text C:\Windows\Explorer.EXE[168] C:\Windows\system32\USER32.dll!UnhookWinEvent 0000000076adf4c0 5 bytes JMP 000000010080075c
.text C:\Windows\Explorer.EXE[168] C:\Windows\system32\USER32.dll!UnhookWindowsHookEx 0000000076af4700 5 bytes JMP 0000000100801284
.text C:\Program Files\Windows Defender\MSASCui.exe[3220] C:\Windows\system32\ntdll.dll!LdrUnloadDll 0000000076ef6d20 5 bytes JMP 000000010087075c
.text C:\Program Files\Windows Defender\MSASCui.exe[3220] C:\Windows\system32\ntdll.dll!LdrLoadDll 0000000076f13bd0 5 bytes JMP 00000001008703a4
.text C:\Program Files\Windows Defender\MSASCui.exe[3220] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory 0000000076f26ff0 5 bytes JMP 0000000100870b14
.text C:\Program Files\Windows Defender\MSASCui.exe[3220] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory 0000000076f27050 5 bytes JMP 0000000100870ecc
.text C:\Program Files\Windows Defender\MSASCui.exe[3220] C:\Windows\system32\ntdll.dll!NtTerminateProcess 0000000076f27130 5 bytes JMP 000000010087163c
.text C:\Program Files\Windows Defender\MSASCui.exe[3220] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory 0000000076f27370 5 bytes JMP 0000000100871284
.text C:\Program Files\Windows Defender\MSASCui.exe[3220] C:\Windows\system32\ntdll.dll!NtSetContextThread 0000000076f28330 5 bytes JMP 00000001008719f4
.text C:\Program Files\Windows Defender\MSASCui.exe[3220] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 194 0000000076c12c52 1 byte [62]
.text C:\Windows\RAVCpl64.exe[3304] C:\Windows\system32\ntdll.dll!LdrUnloadDll 0000000076ef6d20 5 bytes JMP 000000010026075c
.text C:\Windows\RAVCpl64.exe[3304] C:\Windows\system32\ntdll.dll!LdrLoadDll 0000000076f13bd0 5 bytes JMP 00000001002603a4
.text C:\Windows\RAVCpl64.exe[3304] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory 0000000076f26ff0 5 bytes JMP 0000000100260b14
.text C:\Windows\RAVCpl64.exe[3304] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory 0000000076f27050 5 bytes JMP 0000000100260ecc
.text C:\Windows\RAVCpl64.exe[3304] C:\Windows\system32\ntdll.dll!NtTerminateProcess 0000000076f27130 5 bytes JMP 000000010026163c
.text C:\Windows\RAVCpl64.exe[3304] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory 0000000076f27370 5 bytes JMP 0000000100261284
.text C:\Windows\RAVCpl64.exe[3304] C:\Windows\system32\ntdll.dll!NtSetContextThread 0000000076f28330 5 bytes JMP 00000001002619f4
.text C:\Windows\RAVCpl64.exe[3304] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 194 0000000076c12c52 1 byte [62]
.text C:\Program Files\Windows Sidebar\sidebar.exe[3344] C:\Windows\system32\ntdll.dll!LdrUnloadDll 0000000076ef6d20 5 bytes JMP 000000010020075c
.text C:\Program Files\Windows Sidebar\sidebar.exe[3344] C:\Windows\system32\ntdll.dll!LdrLoadDll 0000000076f13bd0 5 bytes JMP 00000001002003a4
.text C:\Program Files\Windows Sidebar\sidebar.exe[3344] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory 0000000076f26ff0 5 bytes JMP 0000000100200b14
.text C:\Program Files\Windows Sidebar\sidebar.exe[3344] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory 0000000076f27050 5 bytes JMP 0000000100200ecc
.text C:\Program Files\Windows Sidebar\sidebar.exe[3344] C:\Windows\system32\ntdll.dll!NtTerminateProcess 0000000076f27130 5 bytes JMP 000000010020163c
.text C:\Program Files\Windows Sidebar\sidebar.exe[3344] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory 0000000076f27370 5 bytes JMP 0000000100201284
.text C:\Program Files\Windows Sidebar\sidebar.exe[3344] C:\Windows\system32\ntdll.dll!NtSetContextThread 0000000076f28330 5 bytes JMP 00000001002019f4
.text C:\Program Files\Windows Sidebar\sidebar.exe[3344] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 194 0000000076c12c52 1 byte [62]
.text C:\Windows\System32\spool\drivers\x64\3\E_IATIGAU.EXE[3356] C:\Windows\system32\ntdll.dll!LdrUnloadDll 0000000076ef6d20 5 bytes JMP 00000001002c075c
.text C:\Windows\System32\spool\drivers\x64\3\E_IATIGAU.EXE[3356] C:\Windows\system32\ntdll.dll!LdrLoadDll 0000000076f13bd0 5 bytes JMP 00000001002c03a4
.text C:\Windows\System32\spool\drivers\x64\3\E_IATIGAU.EXE[3356] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory 0000000076f26ff0 5 bytes JMP 00000001002c0b14
.text C:\Windows\System32\spool\drivers\x64\3\E_IATIGAU.EXE[3356] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory 0000000076f27050 5 bytes JMP 00000001002c0ecc
.text C:\Windows\System32\spool\drivers\x64\3\E_IATIGAU.EXE[3356] C:\Windows\system32\ntdll.dll!NtTerminateProcess 0000000076f27130 5 bytes JMP 00000001002c163c
.text C:\Windows\System32\spool\drivers\x64\3\E_IATIGAU.EXE[3356] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory 0000000076f27370 5 bytes JMP 00000001002c1284
.text C:\Windows\System32\spool\drivers\x64\3\E_IATIGAU.EXE[3356] C:\Windows\system32\ntdll.dll!NtSetContextThread 0000000076f28330 5 bytes JMP 00000001002c19f4
.text C:\Windows\System32\spool\drivers\x64\3\E_IATIGAU.EXE[3356] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 194 0000000076c12c52 1 byte [62]
.text C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe[3368] C:\Windows\system32\ntdll.dll!LdrUnloadDll 0000000076ef6d20 5 bytes JMP 000000010015075c
.text C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe[3368] C:\Windows\system32\ntdll.dll!LdrLoadDll 0000000076f13bd0 5 bytes JMP 00000001001503a4
.text C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe[3368] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory 0000000076f26ff0 5 bytes JMP 0000000100150b14
.text C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe[3368] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory 0000000076f27050 5 bytes JMP 0000000100150ecc
.text C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe[3368] C:\Windows\system32\ntdll.dll!NtTerminateProcess 0000000076f27130 5 bytes JMP 000000010015163c
.text C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe[3368] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory 0000000076f27370 5 bytes JMP 0000000100151284
.text C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe[3368] C:\Windows\system32\ntdll.dll!NtSetContextThread 0000000076f28330 5 bytes JMP 00000001001519f4
.text C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe[3368] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 194 0000000076c12c52 1 byte [62]
.text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[3388] C:\Windows\SysWOW64\ntdll.dll!LdrLoadDll 00000000770d17d7 5 bytes JMP 00000001000301f8
.text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[3388] C:\Windows\SysWOW64\ntdll.dll!LdrUnloadDll 00000000770d3221 5 bytes JMP 00000001000303fc
.text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[3388] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 00000000770e9578 5 bytes JMP 0000000100030600
.text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[3388] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 00000000770e9608 5 bytes JMP 0000000100030804
.text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[3388] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 00000000770e9758 5 bytes JMP 0000000100030c0c
.text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[3388] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 00000000770e9ab8 5 bytes JMP 0000000100030a08
.text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[3388] C:\Windows\SysWOW64\ntdll.dll!NtSetContextThread 00000000770eb24c 5 bytes JMP 0000000100030e10
.text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[3388] C:\Windows\syswow64\KERNEL32.dll!GetBinaryTypeW + 130 0000000075d94228 1 byte [62]
.text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[3388] C:\Windows\syswow64\USER32.dll!UnhookWindowsHookEx 0000000075bc010d 5 bytes JMP 0000000100070a08
.text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[3388] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW 0000000075bc03d2 5 bytes JMP 0000000100070804
.text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[3388] C:\Windows\syswow64\USER32.dll!SetWindowsHookExA 0000000075bc1b58 5 bytes JMP 0000000100070600
.text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[3388] C:\Windows\syswow64\USER32.dll!UnhookWinEvent 0000000075bc6530 5 bytes JMP 00000001000703fc
.text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[3388] C:\Windows\syswow64\USER32.dll!SetWinEventHook 0000000075bd653e 5 bytes JMP 00000001000701f8
.text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[3388] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceW 0000000076159eb4 5 bytes JMP 00000001000803fc
.text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[3388] C:\Windows\syswow64\ADVAPI32.dll!DeleteService 000000007615a07e 5 bytes JMP 0000000100080600
.text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[3388] C:\Windows\syswow64\ADVAPI32.dll!SetServiceObjectSecurity 0000000076196cd9 5 bytes JMP 0000000100081014
.text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[3388] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigA 0000000076196dd9 5 bytes JMP 0000000100080804
.text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[3388] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigW 0000000076196f81 5 bytes JMP 0000000100080a08
.text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[3388] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2A 0000000076197099 5 bytes JMP 0000000100080c0c
.text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[3388] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2W 00000000761971e1 5 bytes JMP 0000000100080e10
.text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[3388] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceA 00000000761972a1 5 bytes JMP 00000001000801f8
.text C:\Program Files\AVAST Software\Avast\AvastUI.exe[3784] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 130 0000000075d94228 1 byte [62]
.text C:\Windows\system32\svchost.exe[3324] C:\Windows\system32\ntdll.dll!LdrUnloadDll 0000000076ef6d20 5 bytes JMP 00000001000d075c
.text C:\Windows\system32\svchost.exe[3324] C:\Windows\system32\ntdll.dll!LdrLoadDll 0000000076f13bd0 5 bytes JMP 00000001000d03a4
.text C:\Windows\system32\svchost.exe[3324] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory 0000000076f26ff0 5 bytes JMP 00000001000d0b14
.text C:\Windows\system32\svchost.exe[3324] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory 0000000076f27050 5 bytes JMP 00000001000d0ecc
.text C:\Windows\system32\svchost.exe[3324] C:\Windows\system32\ntdll.dll!NtTerminateProcess 0000000076f27130 5 bytes JMP 00000001000d163c
.text C:\Windows\system32\svchost.exe[3324] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory 0000000076f27370 5 bytes JMP 00000001000d1284
.text C:\Windows\system32\svchost.exe[3324] C:\Windows\system32\ntdll.dll!NtSetContextThread 0000000076f28330 5 bytes JMP 00000001000d19f4
.text C:\Windows\ehome\ehsched.exe[3900] C:\Windows\system32\ntdll.dll!LdrUnloadDll 0000000076ef6d20 5 bytes JMP 00000001001a075c
.text C:\Windows\ehome\ehsched.exe[3900] C:\Windows\system32\ntdll.dll!LdrLoadDll 0000000076f13bd0 5 bytes JMP 00000001001a03a4
.text C:\Windows\ehome\ehsched.exe[3900] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory 0000000076f26ff0 5 bytes JMP 00000001001a0b14
.text C:\Windows\ehome\ehsched.exe[3900] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory 0000000076f27050 5 bytes JMP 00000001001a0ecc
.text C:\Windows\ehome\ehsched.exe[3900] C:\Windows\system32\ntdll.dll!NtTerminateProcess 0000000076f27130 5 bytes JMP 00000001001a163c
.text C:\Windows\ehome\ehsched.exe[3900] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory 0000000076f27370 5 bytes JMP 00000001001a1284
.text C:\Windows\ehome\ehsched.exe[3900] C:\Windows\system32\ntdll.dll!NtSetContextThread 0000000076f28330 5 bytes JMP 00000001001a19f4
.text C:\Windows\ehome\ehRecvr.exe[1028] C:\Windows\system32\ntdll.dll!LdrUnloadDll 0000000076ef6d20 5 bytes JMP 000000010012075c
.text C:\Windows\ehome\ehRecvr.exe[1028] C:\Windows\system32\ntdll.dll!LdrLoadDll 0000000076f13bd0 5 bytes JMP 00000001001203a4
.text C:\Windows\ehome\ehRecvr.exe[1028] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory 0000000076f26ff0 5 bytes JMP 0000000100120b14
.text C:\Windows\ehome\ehRecvr.exe[1028] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory 0000000076f27050 5 bytes JMP 0000000100120ecc
.text C:\Windows\ehome\ehRecvr.exe[1028] C:\Windows\system32\ntdll.dll!NtTerminateProcess 0000000076f27130 5 bytes JMP 000000010012163c
.text C:\Windows\ehome\ehRecvr.exe[1028] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory 0000000076f27370 5 bytes JMP 0000000100121284
.text C:\Windows\ehome\ehRecvr.exe[1028] C:\Windows\system32\ntdll.dll!NtSetContextThread 0000000076f28330 5 bytes JMP 00000001001219f4
.text C:\Windows\ehome\ehRecvr.exe[1028] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 194 0000000076c12c52 1 byte [62]
.text C:\Windows\splwow64.exe[4532] C:\Windows\system32\ntdll.dll!LdrUnloadDll 0000000076ef6d20 5 bytes JMP 00000001006b075c
.text C:\Windows\splwow64.exe[4532] C:\Windows\system32\ntdll.dll!LdrLoadDll 0000000076f13bd0 5 bytes JMP 00000001006b03a4
.text C:\Windows\splwow64.exe[4532] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory 0000000076f26ff0 5 bytes JMP 00000001006b0b14
.text C:\Windows\splwow64.exe[4532] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory 0000000076f27050 5 bytes JMP 00000001006b0ecc
.text C:\Windows\splwow64.exe[4532] C:\Windows\system32\ntdll.dll!NtTerminateProcess 0000000076f27130 5 bytes JMP 00000001006b163c
.text C:\Windows\splwow64.exe[4532] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory 0000000076f27370 5 bytes JMP 00000001006b1284
.text C:\Windows\splwow64.exe[4532] C:\Windows\system32\ntdll.dll!NtSetContextThread 0000000076f28330 5 bytes JMP 00000001006b19f4
.text C:\Windows\splwow64.exe[4532] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 194 0000000076c12c52 1 byte [62]
.text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE[4572] C:\Windows\system32\ADVAPI32.dll!SetServiceObjectSecurity 000007fefdad8250 5 bytes JMP 000007ff7db61dac
.text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE[4572] C:\Windows\system32\ADVAPI32.dll!ChangeServiceConfigA 000007fefdad89a0 5 bytes JMP 000007ff7db60ecc
.text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE[4572] C:\Windows\system32\ADVAPI32.dll!ChangeServiceConfigW 000007fefdad8cc0 5 bytes JMP 000007ff7db61284
.text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE[4572] C:\Windows\system32\ADVAPI32.dll!ChangeServiceConfig2A 000007fefdad8e58 5 bytes JMP 000007ff7db6163c
.text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE[4572] C:\Windows\system32\ADVAPI32.dll!ChangeServiceConfig2W 000007fefdad9010 5 bytes JMP 000007ff7db619f4
.text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE[4572] C:\Windows\system32\ADVAPI32.dll!CreateServiceA 000007fefdad90d8 5 bytes JMP 000007ff7db603a4
.text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE[4572] C:\Windows\system32\ADVAPI32.dll!CreateServiceW 000007fefdad9420 5 bytes JMP 000007ff7db6075c
.text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE[4572] C:\Windows\system32\ADVAPI32.dll!DeleteService 000007fefdad95e8 5 bytes JMP 000007ff7db60b14
.text C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe[5708] C:\Windows\system32\ntdll.dll!LdrUnloadDll 0000000076ef6d20 5 bytes JMP 00000001002a075c
.text C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe[5708] C:\Windows\system32\ntdll.dll!LdrLoadDll 0000000076f13bd0 5 bytes JMP 00000001002a03a4
.text C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe[5708] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory 0000000076f26ff0 5 bytes JMP 00000001002a0b14
.text C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe[5708] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory 0000000076f27050 5 bytes JMP 00000001002a0ecc
.text C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe[5708] C:\Windows\system32\ntdll.dll!NtTerminateProcess 0000000076f27130 5 bytes JMP 00000001002a163c
.text C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe[5708] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory 0000000076f27370 5 bytes JMP 00000001002a1284
.text C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe[5708] C:\Windows\system32\ntdll.dll!NtSetContextThread 0000000076f28330 5 bytes JMP 00000001002a19f4
.text C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe[5708] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 194 0000000076c12c52 1 byte [62]
.text C:\Users\Benutzer1\Downloads\gmer_2.1.19155.exe[2344] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 130 0000000075d94228 1 byte [62]
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe suspicious modification
INITKDBG C:\Windows\system32\ntoskrnl.exe suspicious modification
INITKDBG C:\Windows\system32\ntoskrnl.exe suspicious modification
INITKDBG C:\Windows\system32\ntoskrnl.exe suspicious modification
---- Threads - GMER 2.1 ----
Thread C:\Windows\system32\SearchIndexer.exe [2268:2716] 000007fef81f39f0
---- EOF - GMER 2.1 ----
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1021
www.malwarebytes.org
Database version: v2013.03.16.11
Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Benutzer10 :: PC [administrator]
16.03.2013 23:00:05
mbar-log-2013-03-16 (23-00-05).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 28804
Time elapsed: 12 minute(s), 36 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Viele Grüße jareb |
|
17.03.2013, 16:15
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | nach Avast! Update bleibt Rechner beim Booten hängen aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.03.2013, 13:21
| #13 |
| | nach Avast! Update bleibt Rechner beim Booten hängen Hallo cosinus, war ein paar Tage ausser Landes, deswegen gehts erst heute weiter. Ich habe die aswMBR.exe als Administrator ausgeführt und einen Abbruch bekommen; den Screenshot hänge ich Dir an. Hinweis: in der "aswMBR.exe Anleitung" steht das man das Antivirenprogram deaktivieren soll, also habe ich alle Avast!-Schutzprogramme angehalten. Habe ich etwas falsch gemacht? Viele Grüße, jareb |
|
23.03.2013, 16:56
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | nach Avast! Update bleibt Rechner beim Booten hängen Der Screenshot reicht erstma, mach bitte mit dem anderen Tool weiter
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.03.2013, 17:11
| #15 |
| | nach Avast! Update bleibt Rechner beim Booten hängen Hallo cosinus, alles klar, hier das TDSSKiller Log: Code:
ATTFilter 17:06:19.0494 2924 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:06:19.0791 2924 ============================================================
17:06:19.0791 2924 Current date / time: 2013/03/23 17:06:19.0791
17:06:19.0791 2924 SystemInfo:
17:06:19.0791 2924
17:06:19.0791 2924 OS Version: 6.0.6002 ServicePack: 2.0
17:06:19.0791 2924 Product type: Workstation
17:06:19.0791 2924 ComputerName: PC
17:06:19.0791 2924 UserName: Benutzer10
17:06:19.0791 2924 Windows directory: C:\Windows
17:06:19.0791 2924 System windows directory: C:\Windows
17:06:19.0791 2924 Running under WOW64
17:06:19.0791 2924 Processor architecture: Intel x64
17:06:19.0791 2924 Number of processors: 4
17:06:19.0791 2924 Page size: 0x1000
17:06:19.0791 2924 Boot type: Normal boot
17:06:19.0791 2924 ============================================================
17:06:20.0836 2924 Drive \Device\Harddisk0\DR0 - Size: 0x950AF4DE00 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:06:20.0867 2924 ============================================================
17:06:20.0867 2924 \Device\Harddisk0\DR0:
17:06:20.0867 2924 MBR partitions:
17:06:20.0867 2924 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x4A856800
17:06:20.0867 2924 ============================================================
17:06:20.0898 2924 C: <-> \Device\Harddisk0\DR0\Partition1
17:06:20.0898 2924 ============================================================
17:06:20.0898 2924 Initialize success
17:06:20.0898 2924 ============================================================
17:06:28.0605 4768 ============================================================
17:06:28.0605 4768 Scan started
17:06:28.0605 4768 Mode: Manual; SigCheck; TDLFS;
17:06:28.0605 4768 ============================================================
17:06:29.0634 4768 ================ Scan system memory ========================
17:06:29.0634 4768 System memory - ok
17:06:29.0634 4768 ================ Scan services =============================
17:06:29.0759 4768 [ 78E902FB660BD5003FE726B9BEF300B6 ] 61883 C:\Windows\system32\DRIVERS\61883.sys
17:06:29.0899 4768 61883 - ok
17:06:29.0915 4768 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
17:06:29.0946 4768 ACPI - ok
17:06:29.0993 4768 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:06:30.0009 4768 AdobeARMservice - ok
17:06:30.0102 4768 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:06:30.0118 4768 AdobeFlashPlayerUpdateSvc - ok
17:06:30.0149 4768 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:06:30.0165 4768 adp94xx - ok
17:06:30.0180 4768 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:06:30.0211 4768 adpahci - ok
17:06:30.0227 4768 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
17:06:30.0243 4768 adpu160m - ok
17:06:30.0258 4768 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:06:30.0274 4768 adpu320 - ok
17:06:30.0305 4768 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:06:30.0352 4768 AeLookupSvc - ok
17:06:30.0399 4768 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
17:06:30.0430 4768 AFD - ok
17:06:30.0445 4768 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:06:30.0461 4768 agp440 - ok
17:06:30.0461 4768 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
17:06:30.0477 4768 aic78xx - ok
17:06:30.0492 4768 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
17:06:30.0539 4768 ALG - ok
17:06:30.0539 4768 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys
17:06:30.0555 4768 aliide - ok
17:06:30.0586 4768 [ D45D3540C5AE2A48C6112DF03F06F374 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:06:30.0617 4768 AMD External Events Utility - ok
17:06:30.0633 4768 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
17:06:30.0648 4768 amdide - ok
17:06:30.0648 4768 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:06:30.0711 4768 AmdK8 - ok
17:06:30.0929 4768 [ 5B871F3E4A4A6C4693A413E3138B51D0 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:06:31.0272 4768 amdkmdag - ok
17:06:31.0319 4768 [ 9BE1140CE8D2C5E878F136A7B85D41B3 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
17:06:31.0366 4768 amdkmdap - ok
17:06:31.0381 4768 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
17:06:31.0428 4768 Appinfo - ok
17:06:31.0459 4768 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
17:06:31.0475 4768 arc - ok
17:06:31.0475 4768 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:06:31.0491 4768 arcsas - ok
17:06:31.0537 4768 [ B217378ED9A964E15346A67FEF609A17 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
17:06:31.0553 4768 aswFsBlk - ok
17:06:31.0569 4768 [ E92635BB235B03ED03B17CBB59F77FA4 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
17:06:31.0584 4768 aswMonFlt - ok
17:06:31.0600 4768 [ EC4BC131437D17DD40D0243D7CB875C0 ] AswRdr C:\Windows\system32\drivers\AswRdr.sys
17:06:31.0615 4768 AswRdr - ok
17:06:31.0615 4768 [ DE6759B8D8E62BF0FFF2B05F05AFCEE6 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
17:06:31.0631 4768 aswRvrt - ok
17:06:31.0662 4768 [ AB8B4D3136D18A20777036E0F0CFC5E1 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
17:06:31.0725 4768 aswSnx - ok
17:06:31.0756 4768 [ 97D4D725BD32C965119E6C8E252F8C64 ] aswSP C:\Windows\system32\drivers\aswSP.sys
17:06:31.0787 4768 aswSP - ok
17:06:31.0803 4768 [ D62C10D1829C65115111C160EA956260 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
17:06:31.0818 4768 aswTdi - ok
17:06:31.0834 4768 [ 7E44C2684A6CA779B9D07CB4BD3F649D ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
17:06:31.0849 4768 aswVmm - ok
17:06:31.0881 4768 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:06:31.0927 4768 AsyncMac - ok
17:06:31.0959 4768 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\drivers\atapi.sys
17:06:31.0974 4768 atapi - ok
17:06:31.0990 4768 [ 917692CDF8E1CE00D9752FA40615338B ] AtiHDAudioService C:\Windows\system32\drivers\AtihdLH6.sys
17:06:32.0005 4768 AtiHDAudioService - ok
17:06:32.0193 4768 [ 5B871F3E4A4A6C4693A413E3138B51D0 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:06:32.0473 4768 atikmdag - ok
17:06:32.0489 4768 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:06:32.0598 4768 AudioEndpointBuilder - ok
17:06:32.0614 4768 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:06:32.0661 4768 AudioSrv - ok
17:06:32.0707 4768 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:06:32.0723 4768 avast! Antivirus - ok
17:06:32.0754 4768 [ 295FA2878FF499C0EDFA0EBCC8C6EC66 ] Avc C:\Windows\system32\DRIVERS\avc.sys
17:06:32.0801 4768 Avc - ok
17:06:32.0848 4768 [ 044320C8073293E02D000671E1E7A592 ] AVCSTRM C:\Windows\system32\DRIVERS\avcstrm.sys
17:06:32.0895 4768 AVCSTRM - ok
17:06:32.0926 4768 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll
17:06:32.0973 4768 BFE - ok
17:06:33.0004 4768 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\System32\qmgr.dll
17:06:33.0082 4768 BITS - ok
17:06:33.0097 4768 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
17:06:33.0144 4768 blbdrive - ok
17:06:33.0175 4768 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:06:33.0207 4768 bowser - ok
17:06:33.0207 4768 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
17:06:33.0238 4768 BrFiltLo - ok
17:06:33.0253 4768 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
17:06:33.0285 4768 BrFiltUp - ok
17:06:33.0331 4768 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
17:06:33.0394 4768 Browser - ok
17:06:33.0409 4768 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
17:06:33.0472 4768 Brserid - ok
17:06:33.0487 4768 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
17:06:33.0550 4768 BrSerWdm - ok
17:06:33.0581 4768 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
17:06:33.0643 4768 BrUsbMdm - ok
17:06:33.0675 4768 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
17:06:33.0721 4768 BrUsbSer - ok
17:06:33.0737 4768 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:06:33.0799 4768 BTHMODEM - ok
17:06:33.0815 4768 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:06:33.0862 4768 cdfs - ok
17:06:33.0877 4768 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:06:33.0893 4768 cdrom - ok
17:06:33.0924 4768 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
17:06:33.0955 4768 CertPropSvc - ok
17:06:33.0971 4768 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\drivers\circlass.sys
17:06:34.0002 4768 circlass - ok
17:06:34.0018 4768 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
17:06:34.0049 4768 CLFS - ok
17:06:34.0111 4768 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:06:34.0127 4768 clr_optimization_v2.0.50727_32 - ok
17:06:34.0189 4768 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:06:34.0205 4768 clr_optimization_v2.0.50727_64 - ok
17:06:34.0267 4768 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:06:34.0283 4768 clr_optimization_v4.0.30319_32 - ok
17:06:34.0314 4768 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:06:34.0330 4768 clr_optimization_v4.0.30319_64 - ok
17:06:34.0345 4768 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:06:34.0361 4768 cmdide - ok
17:06:34.0361 4768 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
17:06:34.0377 4768 Compbatt - ok
17:06:34.0392 4768 COMSysApp - ok
17:06:34.0423 4768 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:06:34.0439 4768 crcdisk - ok
17:06:34.0470 4768 [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:06:34.0501 4768 CryptSvc - ok
17:06:34.0533 4768 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
17:06:34.0595 4768 DcomLaunch - ok
17:06:34.0642 4768 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:06:34.0673 4768 DfsC - ok
17:06:34.0735 4768 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
17:06:34.0954 4768 DFSR - ok
17:06:35.0001 4768 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
17:06:35.0079 4768 Dhcp - ok
17:06:35.0110 4768 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
17:06:35.0125 4768 disk - ok
17:06:35.0172 4768 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:06:35.0188 4768 Dnscache - ok
17:06:35.0203 4768 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
17:06:35.0250 4768 dot3svc - ok
17:06:35.0281 4768 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
17:06:35.0328 4768 DPS - ok
17:06:35.0344 4768 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:06:35.0375 4768 drmkaud - ok
17:06:35.0422 4768 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:06:35.0469 4768 DXGKrnl - ok
17:06:35.0500 4768 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
17:06:35.0547 4768 E1G60 - ok
17:06:35.0562 4768 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
17:06:35.0609 4768 EapHost - ok
17:06:35.0625 4768 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
17:06:35.0640 4768 Ecache - ok
17:06:35.0687 4768 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:06:35.0734 4768 ehRecvr - ok
17:06:35.0749 4768 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
17:06:35.0765 4768 ehSched - ok
17:06:35.0781 4768 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
17:06:35.0796 4768 ehstart - ok
17:06:35.0812 4768 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:06:35.0859 4768 elxstor - ok
17:06:35.0874 4768 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
17:06:35.0905 4768 EMDMgmt - ok
17:06:35.0921 4768 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:06:35.0983 4768 ErrDev - ok
17:06:36.0030 4768 [ 5DC0914E8C6168DE7702B8E2DC140B80 ] ET5Drv C:\Windows\ET5Drv.sys
17:06:36.0030 4768 ET5Drv - ok
17:06:36.0077 4768 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
17:06:36.0124 4768 EventSystem - ok
17:06:36.0139 4768 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
17:06:36.0186 4768 exfat - ok
17:06:36.0202 4768 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:06:36.0249 4768 fastfat - ok
17:06:36.0264 4768 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:06:36.0295 4768 fdc - ok
17:06:36.0311 4768 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
17:06:36.0358 4768 fdPHost - ok
17:06:36.0358 4768 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
17:06:36.0420 4768 FDResPub - ok
17:06:36.0498 4768 [ E3361B558EF5E413309BDAD6548DB472 ] FDTvCISvc C:\Program Files\FireDTV\FireDTV MCE Plugin\FDTvCISvc.exe
17:06:36.0514 4768 FDTvCISvc ( UnsignedFile.Multi.Generic ) - warning
17:06:36.0514 4768 FDTvCISvc - detected UnsignedFile.Multi.Generic (1)
17:06:36.0514 4768 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:06:36.0529 4768 FileInfo - ok
17:06:36.0545 4768 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:06:36.0576 4768 Filetrace - ok
17:06:36.0607 4768 [ 257AE2F1457C16CDF6D95B6D56A8B169 ] Firesat_Dvbc C:\Windows\system32\DRIVERS\FireDTV_BDA_DVBC_MCE_x64.sys
17:06:36.0623 4768 Firesat_Dvbc - ok
17:06:36.0639 4768 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:06:36.0670 4768 flpydisk - ok
17:06:36.0701 4768 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:06:36.0732 4768 FltMgr - ok
17:06:36.0779 4768 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
17:06:36.0873 4768 FontCache - ok
17:06:36.0935 4768 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:06:36.0951 4768 FontCache3.0.0.0 - ok
17:06:36.0982 4768 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:06:37.0013 4768 Fs_Rec - ok
17:06:37.0013 4768 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:06:37.0029 4768 gagp30kx - ok
17:06:37.0060 4768 [ F51FB25E1328FA14F446A8B24AC52709 ] gdrv C:\Windows\gdrv.sys
17:06:37.0060 4768 gdrv - ok
17:06:37.0091 4768 [ A73082BAB773171B34D656609C6D5854 ] GEST Service C:\Program Files (x86)\GIGABYTE\GEST\GSvr.exe
17:06:37.0107 4768 GEST Service - ok
17:06:37.0138 4768 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
17:06:37.0185 4768 gpsvc - ok
17:06:37.0216 4768 [ 68E732382B32417FF61FD663259B4B09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:06:37.0231 4768 HdAudAddService - ok
17:06:37.0263 4768 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:06:37.0309 4768 HDAudBus - ok
17:06:37.0325 4768 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:06:37.0387 4768 HidBth - ok
17:06:37.0387 4768 [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr C:\Windows\system32\drivers\hidir.sys
17:06:37.0450 4768 HidIr - ok
17:06:37.0465 4768 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
17:06:37.0497 4768 hidserv - ok
17:06:37.0528 4768 [ D02C82CB3A20F391C8AEFF94E8E0BAA1 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:06:37.0575 4768 HidUsb - ok
17:06:37.0606 4768 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
17:06:37.0637 4768 hkmsvc - ok
17:06:37.0653 4768 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
17:06:37.0668 4768 HpCISSs - ok
17:06:37.0715 4768 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:06:37.0762 4768 HTTP - ok
17:06:37.0793 4768 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
17:06:37.0793 4768 i2omp - ok
17:06:37.0809 4768 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:06:37.0855 4768 i8042prt - ok
17:06:37.0871 4768 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
17:06:37.0887 4768 iaStorV - ok
17:06:37.0949 4768 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:06:37.0996 4768 idsvc - ok
17:06:38.0011 4768 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:06:38.0027 4768 iirsp - ok
17:06:38.0043 4768 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
17:06:38.0105 4768 IKEEXT - ok
17:06:38.0152 4768 [ 197EBB23CAAC8A29A5F166D186C5A117 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:06:38.0230 4768 IntcAzAudAddService - ok
17:06:38.0261 4768 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
17:06:38.0277 4768 intelide - ok
17:06:38.0292 4768 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:06:38.0339 4768 intelppm - ok
17:06:38.0370 4768 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:06:38.0401 4768 IPBusEnum - ok
17:06:38.0417 4768 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:06:38.0464 4768 IpFilterDriver - ok
17:06:38.0495 4768 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:06:38.0526 4768 iphlpsvc - ok
17:06:38.0526 4768 IpInIp - ok
17:06:38.0542 4768 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
17:06:38.0573 4768 IPMIDRV - ok
17:06:38.0589 4768 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
17:06:38.0651 4768 IPNAT - ok
17:06:38.0651 4768 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:06:38.0713 4768 IRENUM - ok
17:06:38.0729 4768 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:06:38.0745 4768 isapnp - ok
17:06:38.0760 4768 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
17:06:38.0776 4768 iScsiPrt - ok
17:06:38.0791 4768 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
17:06:38.0807 4768 iteatapi - ok
17:06:38.0823 4768 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
17:06:38.0838 4768 iteraid - ok
17:06:38.0869 4768 [ 98E7D6164EBA27EF25835F95910E622C ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
17:06:38.0885 4768 JRAID - ok
17:06:38.0901 4768 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:06:38.0916 4768 kbdclass - ok
17:06:38.0932 4768 [ BF8783A5066CFECF45095459E8010FA7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:06:38.0979 4768 kbdhid - ok
17:06:39.0010 4768 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
17:06:39.0025 4768 KeyIso - ok
17:06:39.0057 4768 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:06:39.0088 4768 KSecDD - ok
17:06:39.0119 4768 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:06:39.0166 4768 ksthunk - ok
17:06:39.0181 4768 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
17:06:39.0244 4768 KtmRm - ok
17:06:39.0306 4768 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:06:39.0353 4768 LanmanServer - ok
17:06:39.0400 4768 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:06:39.0415 4768 LanmanWorkstation - ok
17:06:39.0447 4768 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:06:39.0493 4768 lltdio - ok
17:06:39.0509 4768 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:06:39.0556 4768 lltdsvc - ok
17:06:39.0556 4768 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:06:39.0603 4768 lmhosts - ok
17:06:39.0618 4768 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:06:39.0634 4768 LSI_FC - ok
17:06:39.0634 4768 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:06:39.0649 4768 LSI_SAS - ok
17:06:39.0665 4768 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:06:39.0681 4768 LSI_SCSI - ok
17:06:39.0696 4768 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
17:06:39.0727 4768 luafv - ok
17:06:39.0759 4768 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:06:39.0774 4768 Mcx2Svc - ok
17:06:39.0790 4768 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
17:06:39.0805 4768 megasas - ok
17:06:39.0837 4768 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
17:06:39.0868 4768 MegaSR - ok
17:06:39.0915 4768 Microsoft SharePoint Workspace Audit Service - ok
17:06:39.0930 4768 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
17:06:39.0977 4768 MMCSS - ok
17:06:39.0993 4768 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
17:06:40.0039 4768 Modem - ok
17:06:40.0039 4768 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:06:40.0086 4768 monitor - ok
17:06:40.0086 4768 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:06:40.0102 4768 mouclass - ok
17:06:40.0117 4768 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:06:40.0133 4768 mouhid - ok
17:06:40.0149 4768 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
17:06:40.0164 4768 MountMgr - ok
17:06:40.0180 4768 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:06:40.0195 4768 MozillaMaintenance - ok
17:06:40.0227 4768 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
17:06:40.0227 4768 mpio - ok
17:06:40.0242 4768 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:06:40.0273 4768 mpsdrv - ok
17:06:40.0289 4768 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll
17:06:40.0320 4768 MpsSvc - ok
17:06:40.0336 4768 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
17:06:40.0351 4768 Mraid35x - ok
17:06:40.0351 4768 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:06:40.0383 4768 MRxDAV - ok
17:06:40.0429 4768 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:06:40.0461 4768 mrxsmb - ok
17:06:40.0476 4768 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:06:40.0492 4768 mrxsmb10 - ok
17:06:40.0523 4768 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:06:40.0539 4768 mrxsmb20 - ok
17:06:40.0554 4768 [ 1AC860612B85D8E85EE257D372E39F4D ] msahci C:\Windows\system32\drivers\msahci.sys
17:06:40.0570 4768 msahci - ok
17:06:40.0585 4768 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:06:40.0601 4768 msdsm - ok
17:06:40.0617 4768 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
17:06:40.0663 4768 MSDTC - ok
17:06:40.0679 4768 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:06:40.0710 4768 Msfs - ok
17:06:40.0726 4768 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:06:40.0741 4768 msisadrv - ok
17:06:40.0757 4768 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:06:40.0804 4768 MSiSCSI - ok
17:06:40.0804 4768 msiserver - ok
17:06:40.0819 4768 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:06:40.0851 4768 MSKSSRV - ok
17:06:40.0866 4768 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:06:40.0897 4768 MSPCLOCK - ok
17:06:40.0913 4768 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:06:40.0944 4768 MSPQM - ok
17:06:40.0975 4768 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:06:41.0007 4768 MsRPC - ok
17:06:41.0022 4768 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:06:41.0038 4768 mssmbios - ok
17:06:41.0038 4768 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:06:41.0085 4768 MSTEE - ok
17:06:41.0100 4768 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
17:06:41.0116 4768 Mup - ok
17:06:41.0147 4768 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
17:06:41.0194 4768 napagent - ok
17:06:41.0241 4768 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:06:41.0272 4768 NativeWifiP - ok
17:06:41.0319 4768 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:06:41.0350 4768 NDIS - ok
17:06:41.0365 4768 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:06:41.0397 4768 NdisTapi - ok
17:06:41.0412 4768 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:06:41.0459 4768 Ndisuio - ok
17:06:41.0475 4768 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:06:41.0506 4768 NdisWan - ok
17:06:41.0521 4768 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:06:41.0537 4768 NDProxy - ok
17:06:41.0553 4768 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:06:41.0615 4768 NetBIOS - ok
17:06:41.0631 4768 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
17:06:41.0662 4768 netbt - ok
17:06:41.0677 4768 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
17:06:41.0693 4768 Netlogon - ok
17:06:41.0724 4768 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
17:06:41.0787 4768 Netman - ok
17:06:41.0802 4768 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
17:06:41.0849 4768 netprofm - ok
17:06:41.0865 4768 [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:06:41.0880 4768 NetTcpPortSharing - ok
17:06:41.0880 4768 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:06:41.0896 4768 nfrd960 - ok
17:06:41.0911 4768 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
17:06:41.0958 4768 NlaSvc - ok
17:06:41.0974 4768 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:06:42.0005 4768 Npfs - ok
17:06:42.0021 4768 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
17:06:42.0052 4768 nsi - ok
17:06:42.0067 4768 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:06:42.0114 4768 nsiproxy - ok
17:06:42.0161 4768 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:06:42.0223 4768 Ntfs - ok
17:06:42.0239 4768 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
17:06:42.0286 4768 Null - ok
17:06:42.0301 4768 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:06:42.0317 4768 nvraid - ok
17:06:42.0333 4768 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:06:42.0348 4768 nvstor - ok
17:06:42.0348 4768 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:06:42.0364 4768 nv_agp - ok
17:06:42.0364 4768 NwlnkFlt - ok
17:06:42.0379 4768 NwlnkFwd - ok
17:06:42.0395 4768 [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
17:06:42.0426 4768 ohci1394 - ok
17:06:42.0504 4768 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:06:42.0520 4768 ose - ok
17:06:42.0645 4768 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:06:42.0832 4768 osppsvc - ok
17:06:42.0894 4768 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
17:06:42.0988 4768 p2pimsvc - ok
17:06:43.0019 4768 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
17:06:43.0066 4768 p2psvc - ok
17:06:43.0159 4768 [ 4C6A7FD04DDF4DB88791048382E3EDB1 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:06:43.0191 4768 Parport - ok
17:06:43.0222 4768 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:06:43.0237 4768 partmgr - ok
17:06:43.0269 4768 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
17:06:43.0284 4768 PcaSvc - ok
17:06:43.0300 4768 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
17:06:43.0315 4768 pci - ok
17:06:43.0331 4768 [ 2657F6C0B78C36D95034BE109336E382 ] pciide C:\Windows\system32\drivers\pciide.sys
17:06:43.0347 4768 pciide - ok
17:06:43.0362 4768 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:06:43.0393 4768 pcmcia - ok
17:06:43.0471 4768 [ A1688A4FB2EC49D040C027EF6DC7A87B ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
17:06:43.0534 4768 PDF Architect Helper Service - ok
17:06:43.0549 4768 [ E23FF9B2F8EEAB2BDDA681C21C48E843 ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
17:06:43.0596 4768 PDF Architect Service - ok
17:06:43.0612 4768 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:06:43.0737 4768 PEAUTH - ok
17:06:43.0815 4768 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:06:43.0846 4768 PerfHost - ok
17:06:43.0893 4768 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
17:06:44.0002 4768 pla - ok
17:06:44.0017 4768 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:06:44.0064 4768 PlugPlay - ok
17:06:44.0080 4768 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
17:06:44.0142 4768 PNRPAutoReg - ok
17:06:44.0158 4768 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
17:06:44.0189 4768 PNRPsvc - ok
17:06:44.0220 4768 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:06:44.0283 4768 PolicyAgent - ok
17:06:44.0314 4768 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:06:44.0345 4768 PptpMiniport - ok
17:06:44.0361 4768 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
17:06:44.0407 4768 Processor - ok
17:06:44.0439 4768 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
17:06:44.0470 4768 ProfSvc - ok
17:06:44.0470 4768 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
17:06:44.0501 4768 ProtectedStorage - ok
17:06:44.0532 4768 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
17:06:44.0563 4768 PSched - ok
17:06:44.0610 4768 [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
17:06:44.0626 4768 PSI - ok
17:06:44.0657 4768 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:06:44.0719 4768 ql2300 - ok
17:06:44.0751 4768 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:06:44.0766 4768 ql40xx - ok
17:06:44.0782 4768 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
17:06:44.0813 4768 QWAVE - ok
17:06:44.0829 4768 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:06:44.0844 4768 QWAVEdrv - ok
17:06:44.0844 4768 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:06:44.0891 4768 RasAcd - ok
17:06:44.0907 4768 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
17:06:44.0938 4768 RasAuto - ok
17:06:44.0969 4768 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:06:45.0000 4768 Rasl2tp - ok
17:06:45.0016 4768 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
17:06:45.0047 4768 RasMan - ok
17:06:45.0063 4768 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:06:45.0094 4768 RasPppoe - ok
17:06:45.0109 4768 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:06:45.0125 4768 RasSstp - ok
17:06:45.0141 4768 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:06:45.0187 4768 rdbss - ok
17:06:45.0203 4768 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:06:45.0234 4768 RDPCDD - ok
17:06:45.0250 4768 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
17:06:45.0297 4768 rdpdr - ok
17:06:45.0312 4768 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:06:45.0359 4768 RDPENCDD - ok
17:06:45.0375 4768 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:06:45.0406 4768 RDPWD - ok
17:06:45.0437 4768 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:06:45.0484 4768 RemoteAccess - ok
17:06:45.0515 4768 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:06:45.0546 4768 RemoteRegistry - ok
17:06:45.0546 4768 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
17:06:45.0577 4768 RpcLocator - ok
17:06:45.0593 4768 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
17:06:45.0640 4768 RpcSs - ok
17:06:45.0655 4768 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:06:45.0702 4768 rspndr - ok
17:06:45.0733 4768 [ 98A07845F5F2B2FEB63B5407E18F6FFF ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys
17:06:45.0765 4768 RTL8169 - ok
17:06:45.0780 4768 [ CC1EB2C98D86EEE3153DC9A1DC576BC1 ] RTTEAMPT C:\Windows\system32\DRIVERS\RtTeam60.sys
17:06:45.0796 4768 RTTEAMPT - ok
17:06:45.0811 4768 [ 8B6B42D782202363A562F82B0E13B1C0 ] RTVLANPT C:\Windows\system32\DRIVERS\RtVlan60.sys
17:06:45.0827 4768 RTVLANPT - ok
17:06:45.0843 4768 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
17:06:45.0858 4768 SamSs - ok
17:06:45.0889 4768 [ 8C8862DC7417D89B375492C981C491F7 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
17:06:45.0905 4768 sbp2port - ok
17:06:45.0921 4768 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:06:45.0967 4768 SCardSvr - ok
17:06:46.0014 4768 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
17:06:46.0077 4768 Schedule - ok
17:06:46.0108 4768 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:06:46.0139 4768 SCPolicySvc - ok
17:06:46.0155 4768 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:06:46.0186 4768 SDRSVC - ok
17:06:46.0201 4768 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:06:46.0264 4768 secdrv - ok
17:06:46.0279 4768 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
17:06:46.0311 4768 seclogon - ok
17:06:46.0373 4768 [ 9901DCF2B6DD2AD12CB42BD559E0C92D ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
17:06:46.0435 4768 Secunia PSI Agent - ok
17:06:46.0467 4768 [ 4F2056349F8BA4154D5213BF8A476B14 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
17:06:46.0498 4768 Secunia Update Agent - ok
17:06:46.0529 4768 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
17:06:46.0591 4768 SENS - ok
17:06:46.0607 4768 [ 2449316316411D65BD2C761A6FFB2CE2 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:06:46.0654 4768 Serenum - ok
17:06:46.0669 4768 [ 4B438170BE2FC8E0BD35EE87A960F84F ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:06:46.0716 4768 Serial - ok
17:06:46.0716 4768 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:06:46.0763 4768 sermouse - ok
17:06:46.0794 4768 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
17:06:46.0841 4768 SessionEnv - ok
17:06:46.0841 4768 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:06:46.0872 4768 sffdisk - ok
17:06:46.0872 4768 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:06:46.0919 4768 sffp_mmc - ok
17:06:46.0919 4768 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:06:46.0966 4768 sffp_sd - ok
17:06:46.0966 4768 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:06:47.0013 4768 sfloppy - ok
17:06:47.0044 4768 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:06:47.0091 4768 SharedAccess - ok
17:06:47.0137 4768 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:06:47.0169 4768 ShellHWDetection - ok
17:06:47.0169 4768 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
17:06:47.0184 4768 SiSRaid2 - ok
17:06:47.0200 4768 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:06:47.0215 4768 SiSRaid4 - ok
17:06:47.0262 4768 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
17:06:47.0356 4768 slsvc - ok
17:06:47.0371 4768 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
17:06:47.0418 4768 SLUINotify - ok
17:06:47.0449 4768 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:06:47.0481 4768 Smb - ok
17:06:47.0512 4768 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:06:47.0574 4768 SNMPTRAP - ok
17:06:47.0574 4768 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
17:06:47.0590 4768 spldr - ok
17:06:47.0637 4768 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
17:06:47.0668 4768 Spooler - ok
17:06:47.0715 4768 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
17:06:47.0761 4768 srv - ok
17:06:47.0793 4768 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:06:47.0808 4768 srv2 - ok
17:06:47.0824 4768 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:06:47.0855 4768 srvnet - ok
17:06:47.0871 4768 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:06:47.0933 4768 SSDPSRV - ok
17:06:47.0949 4768 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:06:47.0964 4768 SstpSvc - ok
17:06:47.0980 4768 Steam Client Service - ok
17:06:48.0027 4768 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
17:06:48.0073 4768 stisvc - ok
17:06:48.0089 4768 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:06:48.0105 4768 swenum - ok
17:06:48.0151 4768 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
17:06:48.0229 4768 swprv - ok
17:06:48.0245 4768 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
17:06:48.0261 4768 Symc8xx - ok
17:06:48.0276 4768 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
17:06:48.0292 4768 Sym_hi - ok
17:06:48.0307 4768 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
17:06:48.0323 4768 Sym_u3 - ok
17:06:48.0354 4768 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
17:06:48.0401 4768 SysMain - ok
17:06:48.0448 4768 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:06:48.0463 4768 TabletInputService - ok
17:06:48.0495 4768 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:06:48.0526 4768 TapiSrv - ok
17:06:48.0541 4768 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
17:06:48.0604 4768 TBS - ok
17:06:48.0635 4768 [ 0E970F59D7FBB838316176B19A2ADB82 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:06:48.0697 4768 Tcpip - ok
17:06:48.0729 4768 [ 0E970F59D7FBB838316176B19A2ADB82 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
17:06:48.0760 4768 Tcpip6 - ok
17:06:48.0807 4768 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:06:48.0838 4768 tcpipreg - ok
17:06:48.0869 4768 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:06:48.0931 4768 TDPIPE - ok
17:06:48.0963 4768 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:06:49.0025 4768 TDTCP - ok
17:06:49.0041 4768 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:06:49.0072 4768 tdx - ok
17:06:49.0087 4768 [ CC1EB2C98D86EEE3153DC9A1DC576BC1 ] TEAM C:\Windows\system32\DRIVERS\RtTeam60.sys
17:06:49.0103 4768 TEAM - ok
17:06:49.0103 4768 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:06:49.0119 4768 TermDD - ok
17:06:49.0150 4768 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
17:06:49.0212 4768 TermService - ok
17:06:49.0243 4768 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
17:06:49.0259 4768 Themes - ok
17:06:49.0275 4768 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
17:06:49.0306 4768 THREADORDER - ok
17:06:49.0321 4768 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
17:06:49.0368 4768 TrkWks - ok
17:06:49.0384 4768 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:06:49.0431 4768 TrustedInstaller - ok
17:06:49.0431 4768 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:06:49.0477 4768 tssecsrv - ok
17:06:49.0509 4768 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:06:49.0524 4768 tunnel - ok
17:06:49.0540 4768 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:06:49.0555 4768 uagp35 - ok
17:06:49.0571 4768 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:06:49.0602 4768 udfs - ok
17:06:49.0618 4768 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:06:49.0649 4768 UI0Detect - ok
17:06:49.0665 4768 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:06:49.0680 4768 uliagpkx - ok
17:06:49.0696 4768 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
17:06:49.0711 4768 uliahci - ok
17:06:49.0727 4768 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
17:06:49.0743 4768 UlSata - ok
17:06:49.0758 4768 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
17:06:49.0774 4768 ulsata2 - ok
17:06:49.0789 4768 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:06:49.0821 4768 umbus - ok
17:06:49.0836 4768 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
17:06:49.0883 4768 upnphost - ok
17:06:49.0930 4768 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:06:49.0961 4768 usbccgp - ok
17:06:49.0977 4768 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:06:50.0039 4768 usbcir - ok
17:06:50.0055 4768 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:06:50.0101 4768 usbehci - ok
17:06:50.0101 4768 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:06:50.0133 4768 usbhub - ok
17:06:50.0164 4768 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:06:50.0226 4768 usbohci - ok
17:06:50.0242 4768 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:06:50.0289 4768 usbprint - ok
17:06:50.0320 4768 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:06:50.0351 4768 usbscan - ok
17:06:50.0398 4768 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:06:50.0429 4768 USBSTOR - ok
17:06:50.0445 4768 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:06:50.0476 4768 usbuhci - ok
17:06:50.0491 4768 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
17:06:50.0538 4768 UxSms - ok
17:06:50.0569 4768 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
17:06:50.0616 4768 vds - ok
17:06:50.0632 4768 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:06:50.0663 4768 vga - ok
17:06:50.0679 4768 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:06:50.0710 4768 VgaSave - ok
17:06:50.0725 4768 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
17:06:50.0741 4768 viaide - ok
17:06:50.0757 4768 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:06:50.0772 4768 volmgr - ok
17:06:50.0788 4768 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:06:50.0819 4768 volmgrx - ok
17:06:50.0850 4768 [ 582F710097B46140F5A89A19A6573D4B ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:06:50.0881 4768 volsnap - ok
17:06:50.0897 4768 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:06:50.0913 4768 vsmraid - ok
17:06:50.0944 4768 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
17:06:51.0084 4768 VSS - ok
17:06:51.0115 4768 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
17:06:51.0193 4768 W32Time - ok
17:06:51.0209 4768 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:06:51.0287 4768 WacomPen - ok
17:06:51.0303 4768 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
17:06:51.0334 4768 Wanarp - ok
17:06:51.0349 4768 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:06:51.0365 4768 Wanarpv6 - ok
17:06:51.0381 4768 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:06:51.0427 4768 wcncsvc - ok
17:06:51.0443 4768 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:06:51.0490 4768 WcsPlugInService - ok
17:06:51.0505 4768 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
17:06:51.0521 4768 Wd - ok
17:06:51.0568 4768 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:06:51.0599 4768 Wdf01000 - ok
17:06:51.0615 4768 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:06:51.0661 4768 WdiServiceHost - ok
17:06:51.0661 4768 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:06:51.0708 4768 WdiSystemHost - ok
17:06:51.0739 4768 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
17:06:51.0771 4768 WebClient - ok
17:06:51.0802 4768 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:06:51.0833 4768 Wecsvc - ok
17:06:51.0849 4768 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:06:51.0880 4768 wercplsupport - ok
17:06:51.0895 4768 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
17:06:51.0942 4768 WerSvc - ok
17:06:51.0942 4768 WinDefend - ok
17:06:51.0958 4768 WinHttpAutoProxySvc - ok
17:06:51.0989 4768 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:06:52.0036 4768 Winmgmt - ok
17:06:52.0114 4768 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
17:06:52.0176 4768 WinRM - ok
17:06:52.0239 4768 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:06:52.0317 4768 Wlansvc - ok
17:06:52.0332 4768 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:06:52.0363 4768 WmiAcpi - ok
17:06:52.0379 4768 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:06:52.0410 4768 wmiApSrv - ok
17:06:52.0426 4768 WMPNetworkSvc - ok
17:06:52.0457 4768 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:06:52.0473 4768 WPCSvc - ok
17:06:52.0504 4768 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:06:52.0535 4768 WPDBusEnum - ok
17:06:52.0660 4768 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:06:52.0707 4768 WPFFontCache_v0400 - ok
17:06:52.0738 4768 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:06:52.0785 4768 ws2ifsl - ok
17:06:52.0800 4768 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc C:\Windows\System32\wscsvc.dll
17:06:52.0816 4768 wscsvc - ok
17:06:52.0816 4768 WSearch - ok
17:06:52.0878 4768 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:06:52.0956 4768 wuauserv - ok
17:06:53.0003 4768 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:06:53.0034 4768 WudfPf - ok
17:06:53.0050 4768 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:06:53.0065 4768 WUDFRd - ok
17:06:53.0065 4768 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:06:53.0097 4768 wudfsvc - ok
17:06:53.0112 4768 ================ Scan global ===============================
17:06:53.0175 4768 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
17:06:53.0206 4768 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
17:06:53.0206 4768 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
17:06:53.0237 4768 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
17:06:53.0253 4768 [Global] - ok
17:06:53.0253 4768 ================ Scan MBR ==================================
17:06:53.0268 4768 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
17:06:53.0518 4768 \Device\Harddisk0\DR0 - ok
17:06:53.0518 4768 ================ Scan VBR ==================================
17:06:53.0518 4768 [ 7EAE5E2B99DDE1DCF156A3A18AA7ABBD ] \Device\Harddisk0\DR0\Partition1
17:06:53.0518 4768 \Device\Harddisk0\DR0\Partition1 - ok
17:06:53.0518 4768 ============================================================
17:06:53.0518 4768 Scan finished
17:06:53.0518 4768 ============================================================
17:06:53.0518 4024 Detected object count: 1
17:06:53.0518 4024 Actual detected object count: 1
17:07:14.0703 4024 FDTvCISvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:07:14.0703 4024 FDTvCISvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:07:22.0331 2016 Deinitialize success
jareb |
|
| Themen zu nach Avast! Update bleibt Rechner beim Booten hängen |
| alternative, antivirenprogramm, avast, bildschirm, booten, funktioniert, gen, hängen, infektion, internet, klicke, laden, neuinstallation, problem, programm, programme, rechner, sp2, starten, system, systemprozess, systemstart, update, vista, windows |
Linear-Darstellung
