| |
| |||||||
Log-Analyse und Auswertung: Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werdenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
19.03.2013, 18:04
| #1 |
 |  Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden Hallo, habe seit ein paar Tagen das Problem, dass die gelöschten Dateien nicht im Papierkorb landen, sondern sofort gelöscht werden. Der Papierkorb ist korrekt eingestellt. Habe die Dateien shell.dll und explorer.exe, wie hier im Forum beschrieben, unter VirusTotal prüfen lassen. War ok. Habe den Computer mit dem Antivirenprogramm vollständig durchlaufen lassen, aber da habe ich komischerweise nie ein Problem. Hab ein HiJack-Log gemacht, kann aber nicht so viel damit anfangen. Grüße und vielen Dank Amelie Habe mittlerweile auch die Logs von OTL und Gmer. Bei den Extras springt die Markierung allerdings beim Scan-Beginn wieder auf aus. |
|
20.03.2013, 16:22
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden Hallo und
__________________ Zitat:
  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
21.03.2013, 16:04
| #3 |
| | Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden Hallo,
__________________danke für die schnelle Antwort! Hier also das OTL-Log: Code:
ATTFilter OTL logfile created on: 19.03.2013 21:01:56 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lexikon\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,96 Gb Total Physical Memory | 2,08 Gb Available Physical Memory | 52,49% Memory free 7,92 Gb Paging File | 6,24 Gb Available in Paging File | 78,76% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 134,36 Gb Total Space | 77,89 Gb Free Space | 57,97% Space Free | Partition Type: NTFS Computer Name: ZUHAUSE-PC | User Name: Privat | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Users\Lexikon\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks) PRC - C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation) PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.) PRC - C:\Windows\SysWOW64\IoctlSvc.exe (Prolific Technology Inc.) PRC - C:\Program Files (x86)\0190 Warner\Warn0190.exe (Mirko Böer) ========== Modules (No Company Name) ========== ========== Services (SafeList) ========== SRV:64bit: - (wltrysvc) -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE () SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe (IDT, Inc.) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (NitroReaderDriverReadSpool2) -- C:\Programme\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe (Nitro PDF Software) SRV - (nosGetPlusHelper) -- C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll (NOS Microsystems Ltd.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks) SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.) SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe (IDT, Inc.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (DockLoginService) -- C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation) SRV - (GameConsoleService) -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe (WildTangent, Inc.) SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation) SRV - (sprtsvc_DellSupportCenter) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.) SRV - (PLFlash DeviceIoControl Service) -- C:\Windows\SysWOW64\IoctlSvc.exe (Prolific Technology Inc.) ========== Driver Services (SafeList) ========== DRV:64bit: - (SANDRA) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x64\Sandra.sys File not found DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software) DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software) DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys () DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software) DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software) DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys () DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software) DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation) DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Sun Microsystems, Inc.) DRV:64bit: - (77014092) -- C:\Windows\SysNative\drivers\77014092.sys (Kaspersky Lab) DRV:64bit: - (36351792) -- C:\Windows\SysNative\drivers\36351792.sys (Kaspersky Lab) DRV:64bit: - (97504712) -- C:\Windows\SysNative\drivers\97504712.sys (Kaspersky Lab) DRV:64bit: - (93592522) -- C:\Windows\SysNative\drivers\93592522.sys (Kaspersky Lab) DRV:64bit: - (79665282) -- C:\Windows\SysNative\drivers\79665282.sys (Kaspersky Lab) DRV:64bit: - (70264452) -- C:\Windows\SysNative\drivers\70264452.sys (Kaspersky Lab) DRV:64bit: - (31597942) -- C:\Windows\SysNative\drivers\31597942.sys (Kaspersky Lab) DRV:64bit: - (13558342) -- C:\Windows\SysNative\drivers\13558342.sys (Kaspersky Lab) DRV:64bit: - (setup_9.0.0.722_06.07.2012_12-35drv) -- C:\Windows\SysNative\drivers\7026445.sys (Kaspersky Lab) DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys () DRV:64bit: - (77014091) -- C:\Windows\SysNative\drivers\77014091.sys (Kaspersky Lab) DRV:64bit: - (36351791) -- C:\Windows\SysNative\drivers\36351791.sys (Kaspersky Lab) DRV:64bit: - (97504711) -- C:\Windows\SysNative\drivers\97504711.sys (Kaspersky Lab) DRV:64bit: - (93592521) -- C:\Windows\SysNative\drivers\93592521.sys (Kaspersky Lab) DRV:64bit: - (79665281) -- C:\Windows\SysNative\drivers\79665281.sys (Kaspersky Lab) DRV:64bit: - (70264451) -- C:\Windows\SysNative\drivers\70264451.sys (Kaspersky Lab) DRV:64bit: - (31597941) -- C:\Windows\SysNative\drivers\31597941.sys (Kaspersky Lab) DRV:64bit: - (13558341) -- C:\Windows\SysNative\drivers\13558341.sys (Kaspersky Lab) DRV:64bit: - (BCM42RLY) -- C:\Windows\SysNative\drivers\bcm42rly.sys (Broadcom Corporation) DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {CC04B2F9-F507-4C02-B862-27447E6B6138} IE:64bit: - HKLM\..\SearchScopes\{CC04B2F9-F507-4C02-B862-27447E6B6138}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {78BB7703-48FC-48AD-9EE0-D8327EF260A2} IE - HKLM\..\SearchScopes\{78BB7703-48FC-48AD-9EE0-D8327EF260A2}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2433319336-712607344-602622529-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Lexikon\Desktop IE - HKU\S-1-5-21-2433319336-712607344-602622529-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8 IE - HKU\S-1-5-21-2433319336-712607344-602622529-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKU\S-1-5-21-2433319336-712607344-602622529-1003\..\SearchScopes,DefaultScope = {78BB7703-48FC-48AD-9EE0-D8327EF260A2} IE - HKU\S-1-5-21-2433319336-712607344-602622529-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2433319336-712607344-602622529-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ask.com?o=10148&l=dis&tb=AVR-4 IE - HKU\S-1-5-21-2433319336-712607344-602622529-1005\..\SearchScopes,DefaultScope = {78BB7703-48FC-48AD-9EE0-D8327EF260A2} IE - HKU\S-1-5-21-2433319336-712607344-602622529-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+(R),version=1.6.2.99: C:\Program Files (x86)\NOS\bin\np_gp.dll (NOS Microsystems Ltd.) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll File not found FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}: C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2011.10.29 14:04:27 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.11.04 21:06:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.11.26 20:55:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.03.08 19:26:56 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.16 15:44:31 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.17 00:16:08 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.11.26 20:55:42 | 000,000,000 | ---D | M] [2013.03.16 15:36:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.03.07 15:30:04 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2013.03.07 16:45:15 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.03.07 16:45:15 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013.03.07 16:45:15 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2013.03.07 16:45:15 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2013.03.07 16:45:15 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2013.03.07 16:45:15 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2012.12.11 21:04:48 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (no name) - {0347C33E-8762-4905-BF09-768834316C61} - No CLSID value found. O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (no name) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - No CLSID value found. O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-2433319336-712607344-602622529-1003\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [0190 Warner] C:\PROGRA~2\0190WA~1\WARN0190.EXE (Mirko Böer) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKU\S-1-5-21-2433319336-712607344-602622529-1003..\Run: [BrowserMask] C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyBrowserMaske.exe (Microsoft) O4 - HKU\S-1-5-21-2433319336-712607344-602622529-1005..\Run: [BrowserMask] C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyBrowserMaske.exe (Microsoft) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: HP Smart Web Printing ein- oder ausblenden - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - Reg Error: Key error. File not found O13 - gopher Prefix: missing O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class) O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (sdnclean64.exe) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.03.16 15:44:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2013.03.16 15:44:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime [2013.03.16 15:39:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2013.03.16 15:39:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2013.03.16 15:36:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2013.03.16 15:31:59 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN [2013.03.15 13:04:50 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\Amazon [2013.03.08 19:27:19 | 000,377,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2013.03.08 19:27:19 | 000,033,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2013.03.08 19:27:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2013.03.08 19:27:18 | 000,070,992 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2013.03.08 19:27:17 | 000,068,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2013.03.08 19:27:16 | 001,025,808 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2013.03.08 19:27:15 | 000,080,816 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2013.03.08 19:26:44 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2013.03.08 19:18:36 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft [2013.02.25 11:33:28 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2013.02.23 21:11:07 | 000,000,000 | ---D | C] -- C:\Users\Privat\NTUSER [2013.02.22 20:45:56 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\Programs [2013.02.22 20:44:48 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1 [2013.02.17 22:04:39 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\temp [6 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.03.19 14:23:10 | 000,022,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.03.19 14:23:10 | 000,022,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.03.19 14:15:53 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl [2013.03.19 14:15:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.03.19 14:15:39 | 3190,050,816 | -HS- | M] () -- C:\hiberfil.sys [2013.03.08 19:27:15 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2013.03.07 00:33:21 | 001,025,808 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2013.03.07 00:33:21 | 000,377,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2013.03.07 00:33:21 | 000,178,624 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys [2013.03.07 00:33:21 | 000,070,992 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2013.03.07 00:33:21 | 000,068,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2013.03.07 00:33:21 | 000,065,336 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys [2013.03.07 00:33:20 | 000,080,816 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2013.03.07 00:33:20 | 000,033,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2013.03.07 00:32:51 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2013.03.07 00:32:22 | 000,287,840 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2013.02.25 11:12:59 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.02.25 11:12:59 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.02.25 11:12:59 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.02.25 11:12:59 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.02.25 11:12:59 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.02.23 21:30:11 | 000,376,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.02.19 12:40:01 | 000,016,572 | ---- | M] () -- C:\Users\Privat\Documents\cc_20130219_123955.reg [6 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.03.16 15:39:32 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2013.03.08 19:27:16 | 000,178,624 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys [2013.03.08 19:27:16 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys [2013.02.25 11:13:51 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk [2013.02.19 12:39:59 | 000,016,572 | ---- | C] () -- C:\Users\Privat\Documents\cc_20130219_123955.reg [2012.11.26 20:51:40 | 000,245,473 | ---- | C] () -- C:\Windows\hpoins19.dat [2012.11.26 20:51:40 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat [2011.10.05 10:19:22 | 000,007,600 | ---- | C] () -- C:\Users\Privat\AppData\Local\Resmon.ResmonCfg [2011.09.26 13:42:54 | 000,000,680 | RHS- | C] () -- C:\Users\Privat\ntuser.pol [2011.06.19 21:46:46 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.06.19 14:56:15 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat [2011.06.19 14:56:15 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat [2010.02.22 03:45:21 | 3190,050,816 | -HS- | C] () -- \hiberfil.sys ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 03:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.12.11 21:09:10 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData [2010.02.26 12:43:45 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Anwendungsdaten [2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Application Data [2013.03.08 19:26:18 | 000,000,000 | ---D | M] -- C:\Users\All Users\AVAST Software [2012.12.08 23:06:37 | 000,000,000 | ---D | M] -- C:\Users\All Users\blekko toolbars [2012.12.15 13:25:25 | 000,000,000 | ---D | M] -- C:\Users\All Users\CheckPoint [2012.12.15 13:46:49 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Common Files [2012.01.07 20:34:10 | 000,000,000 | ---D | M] -- C:\Users\All Users\CPA_VA [2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Desktop [2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Documents [2010.02.26 12:43:45 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Dokumente [2010.02.26 12:43:45 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Favoriten [2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Favorites [2012.02.17 21:22:26 | 000,000,000 | ---D | M] -- C:\Users\All Users\firebird [2012.02.17 16:45:44 | 000,000,000 | ---D | M] -- C:\Users\All Users\JanitosTarifrechner [2012.12.15 16:13:50 | 000,000,000 | ---D | M] -- C:\Users\All Users\MFAData [2011.11.04 20:44:37 | 000,000,000 | ---D | M] -- C:\Users\All Users\Nitro PDF [2010.02.22 11:08:27 | 000,000,000 | ---D | M] -- C:\Users\All Users\PCDr [2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Start Menu [2010.02.26 12:43:45 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Startmenü [2010.02.22 11:08:29 | 000,000,000 | ---D | M] -- C:\Users\All Users\SupportSoft [2011.10.29 14:04:27 | 000,000,000 | ---D | M] -- C:\Users\All Users\Swiss Academic Software [2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Templates [2010.02.22 11:19:18 | 000,000,000 | ---D | M] -- C:\Users\All Users\Uninstall [2010.02.26 12:43:45 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Vorlagen [2011.09.25 21:30:28 | 000,000,000 | ---D | M] -- C:\Users\All Users\WildTangent [2011.04.22 21:04:44 | 000,000,000 | ---D | M] -- C:\Users\All Users\ZA_PreservedFiles [2010.02.27 00:07:09 | 000,000,000 | ---D | M] -- C:\Users\All Users\Zylom [2013.01.27 18:07:45 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData [2011.11.01 15:46:03 | 000,000,000 | ---D | M] -- C:\Users\Lexikon\.mediathek [2011.03.08 22:17:22 | 000,000,000 | -HSD | M] -- C:\Users\Lexikon\Anwendungsdaten [2011.03.08 22:17:22 | 000,000,000 | -H-D | M] -- C:\Users\Lexikon\AppData [2013.03.15 10:09:19 | 000,000,000 | R--D | M] -- C:\Users\Lexikon\Contacts [2011.03.08 22:17:22 | 000,000,000 | -HSD | M] -- C:\Users\Lexikon\Cookies [2013.03.19 21:05:29 | 000,000,000 | R--D | M] -- C:\Users\Lexikon\Desktop [2013.03.18 17:32:24 | 000,000,000 | R--D | M] -- C:\Users\Lexikon\Documents [2013.03.18 18:55:42 | 000,000,000 | R--D | M] -- C:\Users\Lexikon\Downloads [2011.03.08 22:17:22 | 000,000,000 | -HSD | M] -- C:\Users\Lexikon\Druckumgebung [2011.03.08 22:17:22 | 000,000,000 | -HSD | M] -- C:\Users\Lexikon\Eigene Dateien [2013.02.23 22:11:56 | 000,000,000 | R--D | M] -- C:\Users\Lexikon\Favorites [2013.02.23 22:12:32 | 000,000,000 | R--D | M] -- C:\Users\Lexikon\Links [2011.03.08 22:17:22 | 000,000,000 | -HSD | M] -- C:\Users\Lexikon\Lokale Einstellungen [2013.03.18 18:01:13 | 000,000,000 | R--D | M] -- C:\Users\Lexikon\Music [2011.03.08 22:17:22 | 000,000,000 | -HSD | M] -- C:\Users\Lexikon\Netzwerkumgebung [2013.03.18 18:53:08 | 000,000,000 | R--D | M] -- C:\Users\Lexikon\Pictures [2013.03.18 17:32:41 | 000,000,000 | ---D | M] -- C:\Users\Lexikon\Private Dokumente [2011.03.08 22:17:22 | 000,000,000 | -HSD | M] -- C:\Users\Lexikon\Recent [2013.02.23 22:12:39 | 000,000,000 | R--D | M] -- C:\Users\Lexikon\Saved Games [2013.02.23 22:11:39 | 000,000,000 | R--D | M] -- C:\Users\Lexikon\Searches [2011.03.08 22:17:22 | 000,000,000 | -HSD | M] -- C:\Users\Lexikon\SendTo [2011.03.08 22:17:22 | 000,000,000 | RH-D | M] -- C:\Users\Lexikon\Startmenü [2012.06.27 13:45:14 | 000,000,000 | ---D | M] -- C:\Users\Lexikon\Tracing [2013.03.18 17:44:07 | 000,000,000 | R--D | M] -- C:\Users\Lexikon\Videos [2011.03.08 22:17:22 | 000,000,000 | -HSD | M] -- C:\Users\Lexikon\Vorlagen [2011.09.26 13:42:53 | 000,000,000 | -HSD | M] -- C:\Users\Privat\Anwendungsdaten [2012.01.29 16:44:45 | 000,000,000 | -H-D | M] -- C:\Users\Privat\AppData [2013.02.23 22:14:13 | 000,000,000 | R--D | M] -- C:\Users\Privat\Contacts [2011.09.26 13:42:53 | 000,000,000 | -HSD | M] -- C:\Users\Privat\Cookies [2013.03.19 20:25:47 | 000,000,000 | R--D | M] -- C:\Users\Privat\Desktop [2013.02.23 22:14:23 | 000,000,000 | R--D | M] -- C:\Users\Privat\Documents [2013.02.23 22:08:04 | 000,000,000 | R--D | M] -- C:\Users\Privat\Downloads [2011.09.26 13:42:53 | 000,000,000 | -HSD | M] -- C:\Users\Privat\Druckumgebung [2011.09.26 13:42:53 | 000,000,000 | -HSD | M] -- C:\Users\Privat\Eigene Dateien [2013.02.23 22:08:16 | 000,000,000 | R--D | M] -- C:\Users\Privat\Favorites [2013.02.23 21:07:12 | 000,000,000 | R--D | M] -- C:\Users\Privat\Links [2011.09.26 13:42:53 | 000,000,000 | -HSD | M] -- C:\Users\Privat\Lokale Einstellungen [2013.02.23 22:08:16 | 000,000,000 | R--D | M] -- C:\Users\Privat\Music [2011.09.26 13:42:53 | 000,000,000 | -HSD | M] -- C:\Users\Privat\Netzwerkumgebung [2013.02.23 21:11:07 | 000,000,000 | ---D | M] -- C:\Users\Privat\NTUSER [2013.02.23 22:10:58 | 000,000,000 | R--D | M] -- C:\Users\Privat\Pictures [2011.09.26 13:42:53 | 000,000,000 | -HSD | M] -- C:\Users\Privat\Recent [2013.02.23 22:12:50 | 000,000,000 | R--D | M] -- C:\Users\Privat\Saved Games [2013.02.23 22:13:53 | 000,000,000 | R--D | M] -- C:\Users\Privat\Searches [2013.03.15 15:00:23 | 000,000,000 | ---D | M] -- C:\Users\Privat\SecurityScans [2011.09.26 13:42:53 | 000,000,000 | -HSD | M] -- C:\Users\Privat\SendTo [2011.09.26 13:42:53 | 000,000,000 | RH-D | M] -- C:\Users\Privat\Startmenü [2012.02.27 18:28:39 | 000,000,000 | ---D | M] -- C:\Users\Privat\Tracing [2013.02.23 22:08:04 | 000,000,000 | R--D | M] -- C:\Users\Privat\Videos [2011.09.26 13:42:53 | 000,000,000 | -HSD | M] -- C:\Users\Privat\Vorlagen [2013.03.19 20:10:45 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop ========== Purity Check ========== < End of report > Gruß Amelie Geändert von amelie77 (21.03.2013 um 16:15 Uhr) |
|
21.03.2013, 16:59
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werdenZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.03.2013, 17:56
| #5 |
| | Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden Hab es dann mal gezippt: |
|
22.03.2013, 10:48
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.
__________________ --> Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden |
|
23.03.2013, 17:52
| #7 |
| | Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden Hallo, hier also die Logs: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1021
www.malwarebytes.org
Database version: v2013.03.23.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16521
Privat :: ZUHAUSE-PC [administrator]
23.03.2013 17:08:41
mbar-log-2013-03-23 (17-08-41).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 28766
Time elapsed: 11 minute(s), 4 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-03-23 17:11:22
-----------------------------
17:11:22.950 OS Version: Windows x64 6.1.7601 Service Pack 1
17:11:22.950 Number of processors: 2 586 0x170A
17:11:22.950 ComputerName: ZUHAUSE-PC UserName: Privat
17:11:23.870 Initialize success
17:11:24.916 AVAST engine defs: 13032200
17:13:45.955 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:13:45.955 Disk 0 Vendor: SAMSUNG_ HH10 Size: 152627MB BusType: 3
17:13:46.205 Disk 0 MBR read successfully
17:13:46.205 Disk 0 MBR scan
17:13:46.221 Disk 0 Windows VISTA default MBR code
17:13:46.221 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
17:13:46.236 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 81920
17:13:46.252 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 137586 MB offset 30801920
17:13:46.299 Disk 0 scanning C:\Windows\system32\drivers
17:14:02.991 Service scanning
17:14:28.356 Modules scanning
17:14:28.356 Disk 0 trace - called modules:
17:14:28.372 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
17:14:28.887 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004298060]
17:14:28.887 3 CLASSPNP.SYS[fffff88000c7743f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80040c0050]
17:14:29.635 AVAST engine scan C:\Windows
17:14:32.350 AVAST engine scan C:\Windows\system32
17:17:39.940 AVAST engine scan C:\Windows\system32\drivers
17:17:55.727 AVAST engine scan C:\Users\Privat
17:23:17.759 AVAST engine scan C:\ProgramData
17:26:01.918 Scan finished successfully
17:27:24.754 Disk 0 MBR has been saved successfully to "C:\Users\Lexikon\Desktop\MBR.dat"
17:27:24.754 The log file has been saved successfully to "C:\Users\Lexikon\Desktop\aswMBR.txt"
Code:
ATTFilter 17:30:18.0442 3164 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:30:18.0489 3164 ============================================================
17:30:18.0489 3164 Current date / time: 2013/03/23 17:30:18.0489
17:30:18.0489 3164 SystemInfo:
17:30:18.0489 3164
17:30:18.0505 3164 OS Version: 6.1.7601 ServicePack: 1.0
17:30:18.0505 3164 Product type: Workstation
17:30:18.0505 3164 ComputerName: ZUHAUSE-PC
17:30:18.0505 3164 UserName: Privat
17:30:18.0505 3164 Windows directory: C:\Windows
17:30:18.0505 3164 System windows directory: C:\Windows
17:30:18.0505 3164 Running under WOW64
17:30:18.0505 3164 Processor architecture: Intel x64
17:30:18.0505 3164 Number of processors: 2
17:30:18.0505 3164 Page size: 0x1000
17:30:18.0505 3164 Boot type: Normal boot
17:30:18.0505 3164 ============================================================
17:30:19.0035 3164 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:30:19.0035 3164 ============================================================
17:30:19.0035 3164 \Device\Harddisk0\DR0:
17:30:19.0035 3164 MBR partitions:
17:30:19.0035 3164 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
17:30:19.0035 3164 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x10CB96B0
17:30:19.0035 3164 ============================================================
17:30:19.0082 3164 C: <-> \Device\Harddisk0\DR0\Partition2
17:30:19.0082 3164 ============================================================
17:30:19.0082 3164 Initialize success
17:30:19.0082 3164 ============================================================
17:30:33.0808 4804 ============================================================
17:30:33.0808 4804 Scan started
17:30:33.0808 4804 Mode: Manual; SigCheck; TDLFS;
17:30:33.0808 4804 ============================================================
17:30:34.0276 4804 ================ Scan system memory ========================
17:30:34.0276 4804 System memory - ok
17:30:34.0276 4804 ================ Scan services =============================
17:30:34.0620 4804 [ 6C5461EEB3FFA1B1DCF9A07F8C3B3AFE ] 13558341 C:\Windows\system32\DRIVERS\13558341.sys
17:30:34.0947 4804 13558341 - ok
17:30:34.0994 4804 [ 3EC7DFDA521B4FB22CE9F76DF15DB099 ] 13558342 C:\Windows\system32\DRIVERS\13558342.sys
17:30:35.0010 4804 13558342 - ok
17:30:35.0072 4804 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:30:35.0181 4804 1394ohci - ok
17:30:35.0244 4804 [ 6C5461EEB3FFA1B1DCF9A07F8C3B3AFE ] 31597941 C:\Windows\system32\DRIVERS\31597941.sys
17:30:35.0275 4804 31597941 - ok
17:30:35.0306 4804 [ 3EC7DFDA521B4FB22CE9F76DF15DB099 ] 31597942 C:\Windows\system32\DRIVERS\31597942.sys
17:30:35.0337 4804 31597942 - ok
17:30:35.0462 4804 [ 6C5461EEB3FFA1B1DCF9A07F8C3B3AFE ] 36351791 C:\Windows\system32\DRIVERS\36351791.sys
17:30:35.0478 4804 36351791 - ok
17:30:35.0509 4804 [ 3EC7DFDA521B4FB22CE9F76DF15DB099 ] 36351792 C:\Windows\system32\DRIVERS\36351792.sys
17:30:35.0540 4804 36351792 - ok
17:30:35.0634 4804 [ 6C5461EEB3FFA1B1DCF9A07F8C3B3AFE ] 70264451 C:\Windows\system32\DRIVERS\70264451.sys
17:30:35.0665 4804 70264451 - ok
17:30:35.0727 4804 [ 3EC7DFDA521B4FB22CE9F76DF15DB099 ] 70264452 C:\Windows\system32\DRIVERS\70264452.sys
17:30:35.0743 4804 70264452 - ok
17:30:35.0821 4804 [ 6C5461EEB3FFA1B1DCF9A07F8C3B3AFE ] 77014091 C:\Windows\system32\DRIVERS\77014091.sys
17:30:35.0852 4804 77014091 - ok
17:30:35.0899 4804 [ 3EC7DFDA521B4FB22CE9F76DF15DB099 ] 77014092 C:\Windows\system32\DRIVERS\77014092.sys
17:30:35.0930 4804 77014092 - ok
17:30:35.0992 4804 [ 6C5461EEB3FFA1B1DCF9A07F8C3B3AFE ] 79665281 C:\Windows\system32\DRIVERS\79665281.sys
17:30:36.0024 4804 79665281 - ok
17:30:36.0039 4804 [ 3EC7DFDA521B4FB22CE9F76DF15DB099 ] 79665282 C:\Windows\system32\DRIVERS\79665282.sys
17:30:36.0055 4804 79665282 - ok
17:30:36.0117 4804 [ 6C5461EEB3FFA1B1DCF9A07F8C3B3AFE ] 93592521 C:\Windows\system32\DRIVERS\93592521.sys
17:30:36.0133 4804 93592521 - ok
17:30:36.0180 4804 [ 3EC7DFDA521B4FB22CE9F76DF15DB099 ] 93592522 C:\Windows\system32\DRIVERS\93592522.sys
17:30:36.0211 4804 93592522 - ok
17:30:36.0273 4804 [ 6C5461EEB3FFA1B1DCF9A07F8C3B3AFE ] 97504711 C:\Windows\system32\DRIVERS\97504711.sys
17:30:36.0304 4804 97504711 - ok
17:30:36.0351 4804 [ 3EC7DFDA521B4FB22CE9F76DF15DB099 ] 97504712 C:\Windows\system32\DRIVERS\97504712.sys
17:30:36.0382 4804 97504712 - ok
17:30:36.0445 4804 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:30:36.0476 4804 ACPI - ok
17:30:36.0492 4804 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:30:36.0616 4804 AcpiPmi - ok
17:30:36.0819 4804 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:30:36.0850 4804 AdobeARMservice - ok
17:30:36.0944 4804 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:30:36.0975 4804 adp94xx - ok
17:30:37.0038 4804 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:30:37.0069 4804 adpahci - ok
17:30:37.0084 4804 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:30:37.0116 4804 adpu320 - ok
17:30:37.0162 4804 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:30:37.0381 4804 AeLookupSvc - ok
17:30:37.0474 4804 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:30:37.0552 4804 AFD - ok
17:30:37.0615 4804 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:30:37.0630 4804 agp440 - ok
17:30:37.0677 4804 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:30:37.0755 4804 ALG - ok
17:30:37.0786 4804 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:30:37.0818 4804 aliide - ok
17:30:37.0849 4804 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:30:37.0880 4804 amdide - ok
17:30:37.0942 4804 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:30:38.0067 4804 AmdK8 - ok
17:30:38.0114 4804 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:30:38.0192 4804 AmdPPM - ok
17:30:38.0317 4804 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:30:38.0332 4804 amdsata - ok
17:30:38.0395 4804 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:30:38.0410 4804 amdsbs - ok
17:30:38.0442 4804 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:30:38.0457 4804 amdxata - ok
17:30:38.0551 4804 [ 1412E9A88FE1F7E35CE6058A2EF03664 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
17:30:38.0582 4804 ApfiltrService - ok
17:30:38.0644 4804 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:30:38.0910 4804 AppID - ok
17:30:38.0956 4804 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:30:39.0034 4804 AppIDSvc - ok
17:30:39.0097 4804 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:30:39.0190 4804 Appinfo - ok
17:30:39.0268 4804 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
17:30:39.0300 4804 arc - ok
17:30:39.0331 4804 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:30:39.0362 4804 arcsas - ok
17:30:39.0456 4804 [ B217378ED9A964E15346A67FEF609A17 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
17:30:39.0471 4804 aswFsBlk - ok
17:30:39.0565 4804 [ E92635BB235B03ED03B17CBB59F77FA4 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
17:30:39.0596 4804 aswMonFlt - ok
17:30:39.0627 4804 [ 8F90459AFB7FD4557D935CE639EF6110 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
17:30:39.0643 4804 aswRdr - ok
17:30:39.0690 4804 [ DE6759B8D8E62BF0FFF2B05F05AFCEE6 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
17:30:39.0721 4804 aswRvrt - ok
17:30:39.0783 4804 [ AB8B4D3136D18A20777036E0F0CFC5E1 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
17:30:39.0846 4804 aswSnx - ok
17:30:39.0877 4804 [ 97D4D725BD32C965119E6C8E252F8C64 ] aswSP C:\Windows\system32\drivers\aswSP.sys
17:30:39.0908 4804 aswSP - ok
17:30:39.0939 4804 [ D62C10D1829C65115111C160EA956260 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
17:30:39.0955 4804 aswTdi - ok
17:30:39.0986 4804 [ 7E44C2684A6CA779B9D07CB4BD3F649D ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
17:30:40.0017 4804 aswVmm - ok
17:30:40.0080 4804 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:30:40.0142 4804 AsyncMac - ok
17:30:40.0220 4804 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:30:40.0236 4804 atapi - ok
17:30:40.0360 4804 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:30:40.0438 4804 AudioEndpointBuilder - ok
17:30:40.0454 4804 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:30:40.0516 4804 AudioSrv - ok
17:30:40.0672 4804 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:30:40.0688 4804 avast! Antivirus - ok
17:30:40.0750 4804 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:30:40.0875 4804 AxInstSV - ok
17:30:40.0938 4804 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:30:41.0031 4804 b06bdrv - ok
17:30:41.0109 4804 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:30:41.0156 4804 b57nd60a - ok
17:30:41.0203 4804 [ E001DD475A7C27EBE5A0DB45C11BAD71 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
17:30:41.0234 4804 BCM42RLY - ok
17:30:41.0359 4804 [ F4CD5F52850BF2C978DE178F256BA372 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
17:30:41.0437 4804 BCM43XX - ok
17:30:41.0530 4804 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:30:41.0593 4804 BDESVC - ok
17:30:41.0655 4804 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:30:41.0733 4804 Beep - ok
17:30:41.0827 4804 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:30:41.0889 4804 BFE - ok
17:30:41.0952 4804 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
17:30:42.0045 4804 BITS - ok
17:30:42.0092 4804 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:30:42.0139 4804 blbdrive - ok
17:30:42.0201 4804 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:30:42.0295 4804 bowser - ok
17:30:42.0373 4804 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:30:42.0498 4804 BrFiltLo - ok
17:30:42.0513 4804 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:30:42.0544 4804 BrFiltUp - ok
17:30:42.0607 4804 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:30:42.0685 4804 BridgeMP - ok
17:30:42.0732 4804 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:30:42.0810 4804 Browser - ok
17:30:42.0841 4804 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:30:42.0903 4804 Brserid - ok
17:30:42.0950 4804 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:30:43.0028 4804 BrSerWdm - ok
17:30:43.0059 4804 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:30:43.0106 4804 BrUsbMdm - ok
17:30:43.0153 4804 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:30:43.0200 4804 BrUsbSer - ok
17:30:43.0246 4804 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:30:43.0324 4804 BTHMODEM - ok
17:30:43.0418 4804 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:30:43.0512 4804 bthserv - ok
17:30:43.0543 4804 catchme - ok
17:30:43.0574 4804 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:30:43.0652 4804 cdfs - ok
17:30:43.0746 4804 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
17:30:43.0824 4804 cdrom - ok
17:30:43.0886 4804 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:30:43.0980 4804 CertPropSvc - ok
17:30:44.0011 4804 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:30:44.0042 4804 circlass - ok
17:30:44.0120 4804 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:30:44.0151 4804 CLFS - ok
17:30:44.0276 4804 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:30:44.0307 4804 clr_optimization_v2.0.50727_32 - ok
17:30:44.0401 4804 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:30:44.0416 4804 clr_optimization_v2.0.50727_64 - ok
17:30:44.0541 4804 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:30:44.0557 4804 clr_optimization_v4.0.30319_32 - ok
17:30:44.0604 4804 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:30:44.0619 4804 clr_optimization_v4.0.30319_64 - ok
17:30:44.0650 4804 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:30:44.0713 4804 CmBatt - ok
17:30:44.0760 4804 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:30:44.0775 4804 cmdide - ok
17:30:44.0853 4804 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
17:30:44.0900 4804 CNG - ok
17:30:44.0978 4804 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:30:44.0994 4804 Compbatt - ok
17:30:45.0025 4804 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:30:45.0087 4804 CompositeBus - ok
17:30:45.0087 4804 COMSysApp - ok
17:30:45.0118 4804 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:30:45.0150 4804 crcdisk - ok
17:30:45.0212 4804 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:30:45.0306 4804 CryptSvc - ok
17:30:45.0384 4804 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:30:45.0477 4804 DcomLaunch - ok
17:30:45.0571 4804 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:30:45.0649 4804 defragsvc - ok
17:30:45.0696 4804 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:30:45.0805 4804 DfsC - ok
17:30:45.0867 4804 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:30:45.0945 4804 Dhcp - ok
17:30:45.0976 4804 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:30:46.0054 4804 discache - ok
17:30:46.0101 4804 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:30:46.0117 4804 Disk - ok
17:30:46.0179 4804 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:30:46.0242 4804 Dnscache - ok
17:30:46.0351 4804 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
17:30:46.0632 4804 DockLoginService ( UnsignedFile.Multi.Generic ) - warning
17:30:46.0632 4804 DockLoginService - detected UnsignedFile.Multi.Generic (1)
17:30:46.0678 4804 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:30:46.0756 4804 dot3svc - ok
17:30:46.0850 4804 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
17:30:46.0912 4804 Dot4 - ok
17:30:46.0990 4804 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
17:30:47.0037 4804 Dot4Print - ok
17:30:47.0068 4804 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
17:30:47.0131 4804 dot4usb - ok
17:30:47.0162 4804 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:30:47.0256 4804 DPS - ok
17:30:47.0287 4804 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:30:47.0334 4804 drmkaud - ok
17:30:47.0396 4804 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:30:47.0443 4804 DXGKrnl - ok
17:30:47.0505 4804 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:30:47.0583 4804 EapHost - ok
17:30:47.0677 4804 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:30:47.0802 4804 ebdrv - ok
17:30:47.0864 4804 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:30:47.0958 4804 EFS - ok
17:30:48.0067 4804 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:30:48.0207 4804 ehRecvr - ok
17:30:48.0285 4804 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:30:48.0363 4804 ehSched - ok
17:30:48.0441 4804 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:30:48.0472 4804 elxstor - ok
17:30:48.0504 4804 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:30:48.0550 4804 ErrDev - ok
17:30:48.0644 4804 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:30:48.0722 4804 EventSystem - ok
17:30:48.0753 4804 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:30:48.0831 4804 exfat - ok
17:30:48.0862 4804 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:30:48.0940 4804 fastfat - ok
17:30:49.0034 4804 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:30:49.0128 4804 Fax - ok
17:30:49.0174 4804 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:30:49.0237 4804 fdc - ok
17:30:49.0284 4804 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:30:49.0362 4804 fdPHost - ok
17:30:49.0408 4804 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:30:49.0486 4804 FDResPub - ok
17:30:49.0533 4804 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:30:49.0564 4804 FileInfo - ok
17:30:49.0580 4804 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:30:49.0658 4804 Filetrace - ok
17:30:49.0689 4804 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:30:49.0736 4804 flpydisk - ok
17:30:49.0783 4804 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:30:49.0814 4804 FltMgr - ok
17:30:49.0892 4804 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
17:30:49.0954 4804 FontCache - ok
17:30:50.0048 4804 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:30:50.0064 4804 FontCache3.0.0.0 - ok
17:30:50.0079 4804 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:30:50.0110 4804 FsDepends - ok
17:30:50.0142 4804 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:30:50.0157 4804 Fs_Rec - ok
17:30:50.0220 4804 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:30:50.0251 4804 fvevol - ok
17:30:50.0282 4804 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:30:50.0313 4804 gagp30kx - ok
17:30:50.0391 4804 [ C1BBCE4B30B45410178EE674C818D10C ] GameConsoleService C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
17:30:50.0422 4804 GameConsoleService - ok
17:30:50.0485 4804 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:30:50.0563 4804 gpsvc - ok
17:30:50.0610 4804 gupdate - ok
17:30:50.0625 4804 gupdatem - ok
17:30:50.0656 4804 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:30:50.0719 4804 hcw85cir - ok
17:30:50.0781 4804 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:30:50.0844 4804 HDAudBus - ok
17:30:50.0875 4804 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:30:50.0922 4804 HidBatt - ok
17:30:50.0953 4804 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:30:50.0984 4804 HidBth - ok
17:30:51.0015 4804 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:30:51.0062 4804 HidIr - ok
17:30:51.0109 4804 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
17:30:51.0187 4804 hidserv - ok
17:30:51.0234 4804 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
17:30:51.0249 4804 HidUsb - ok
17:30:51.0296 4804 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:30:51.0358 4804 hkmsvc - ok
17:30:51.0405 4804 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:30:51.0483 4804 HomeGroupListener - ok
17:30:51.0546 4804 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:30:51.0592 4804 HomeGroupProvider - ok
17:30:51.0795 4804 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:30:51.0858 4804 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
17:30:51.0858 4804 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
17:30:51.0936 4804 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:30:51.0982 4804 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
17:30:51.0982 4804 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
17:30:52.0045 4804 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:30:52.0060 4804 HpSAMD - ok
17:30:52.0185 4804 [ 7F57926169C1B8ABA9274EA7D4B70F18 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
17:30:52.0279 4804 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
17:30:52.0279 4804 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
17:30:52.0357 4804 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:30:52.0450 4804 HTTP - ok
17:30:52.0482 4804 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:30:52.0513 4804 hwpolicy - ok
17:30:52.0575 4804 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:30:52.0606 4804 i8042prt - ok
17:30:52.0700 4804 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
17:30:52.0731 4804 IAANTMON - ok
17:30:52.0794 4804 [ 4F6FB2CDBDEEFC47E7D2066E78254580 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
17:30:52.0825 4804 iaStor - ok
17:30:52.0887 4804 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:30:52.0918 4804 iaStorV - ok
17:30:52.0996 4804 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:30:53.0043 4804 idsvc - ok
17:30:53.0230 4804 [ BABD5F9B2BCC82CE556A0BAF1AE208A7 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
17:30:53.0402 4804 igfx - ok
17:30:53.0480 4804 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:30:53.0496 4804 iirsp - ok
17:30:53.0574 4804 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:30:53.0667 4804 IKEEXT - ok
17:30:53.0698 4804 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:30:53.0714 4804 intelide - ok
17:30:53.0745 4804 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:30:53.0792 4804 intelppm - ok
17:30:53.0839 4804 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:30:53.0917 4804 IPBusEnum - ok
17:30:53.0948 4804 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:30:54.0026 4804 IpFilterDriver - ok
17:30:54.0104 4804 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:30:54.0198 4804 iphlpsvc - ok
17:30:54.0260 4804 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:30:54.0276 4804 IPMIDRV - ok
17:30:54.0307 4804 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:30:54.0369 4804 IPNAT - ok
17:30:54.0416 4804 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:30:54.0525 4804 IRENUM - ok
17:30:54.0541 4804 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:30:54.0572 4804 isapnp - ok
17:30:54.0588 4804 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:30:54.0619 4804 iScsiPrt - ok
17:30:54.0634 4804 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
17:30:54.0650 4804 kbdclass - ok
17:30:54.0681 4804 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
17:30:54.0712 4804 kbdhid - ok
17:30:54.0728 4804 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:30:54.0759 4804 KeyIso - ok
17:30:54.0806 4804 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:30:54.0837 4804 KSecDD - ok
17:30:54.0884 4804 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:30:54.0900 4804 KSecPkg - ok
17:30:54.0946 4804 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:30:55.0024 4804 ksthunk - ok
17:30:55.0087 4804 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:30:55.0165 4804 KtmRm - ok
17:30:55.0243 4804 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
17:30:55.0368 4804 LanmanServer - ok
17:30:55.0446 4804 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:30:55.0539 4804 LanmanWorkstation - ok
17:30:55.0570 4804 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:30:55.0633 4804 lltdio - ok
17:30:55.0648 4804 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:30:55.0711 4804 lltdsvc - ok
17:30:55.0742 4804 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:30:55.0789 4804 lmhosts - ok
17:30:55.0836 4804 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:30:55.0867 4804 LSI_FC - ok
17:30:55.0898 4804 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:30:55.0929 4804 LSI_SAS - ok
17:30:55.0929 4804 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:30:55.0960 4804 LSI_SAS2 - ok
17:30:55.0992 4804 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:30:56.0007 4804 LSI_SCSI - ok
17:30:56.0038 4804 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:30:56.0116 4804 luafv - ok
17:30:56.0163 4804 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:30:56.0210 4804 Mcx2Svc - ok
17:30:56.0241 4804 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:30:56.0257 4804 megasas - ok
17:30:56.0304 4804 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:30:56.0335 4804 MegaSR - ok
17:30:56.0350 4804 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:30:56.0428 4804 MMCSS - ok
17:30:56.0460 4804 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:30:56.0506 4804 Modem - ok
17:30:56.0538 4804 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:30:56.0584 4804 monitor - ok
17:30:56.0662 4804 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
17:30:56.0694 4804 mouclass - ok
17:30:56.0709 4804 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:30:56.0740 4804 mouhid - ok
17:30:56.0818 4804 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:30:56.0834 4804 mountmgr - ok
17:30:56.0959 4804 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:30:56.0974 4804 MozillaMaintenance - ok
17:30:56.0990 4804 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:30:57.0021 4804 mpio - ok
17:30:57.0037 4804 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:30:57.0084 4804 mpsdrv - ok
17:30:57.0146 4804 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:30:57.0240 4804 MpsSvc - ok
17:30:57.0286 4804 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:30:57.0349 4804 MRxDAV - ok
17:30:57.0396 4804 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:30:57.0474 4804 mrxsmb - ok
17:30:57.0536 4804 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:30:57.0583 4804 mrxsmb10 - ok
17:30:57.0614 4804 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:30:57.0661 4804 mrxsmb20 - ok
17:30:57.0739 4804 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:30:57.0754 4804 msahci - ok
17:30:57.0770 4804 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:30:57.0801 4804 msdsm - ok
17:30:57.0848 4804 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:30:57.0879 4804 MSDTC - ok
17:30:57.0942 4804 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:30:57.0988 4804 Msfs - ok
17:30:58.0020 4804 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:30:58.0082 4804 mshidkmdf - ok
17:30:58.0129 4804 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:30:58.0144 4804 msisadrv - ok
17:30:58.0207 4804 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:30:58.0285 4804 MSiSCSI - ok
17:30:58.0300 4804 msiserver - ok
17:30:58.0347 4804 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:30:58.0410 4804 MSKSSRV - ok
17:30:58.0441 4804 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:30:58.0503 4804 MSPCLOCK - ok
17:30:58.0534 4804 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:30:58.0612 4804 MSPQM - ok
17:30:58.0659 4804 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:30:58.0690 4804 MsRPC - ok
17:30:58.0737 4804 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:30:58.0753 4804 mssmbios - ok
17:30:58.0784 4804 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:30:58.0846 4804 MSTEE - ok
17:30:58.0893 4804 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:30:58.0924 4804 MTConfig - ok
17:30:58.0971 4804 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:30:58.0987 4804 Mup - ok
17:30:59.0049 4804 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:30:59.0127 4804 napagent - ok
17:30:59.0205 4804 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:30:59.0252 4804 NativeWifiP - ok
17:30:59.0330 4804 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:30:59.0377 4804 NDIS - ok
17:30:59.0439 4804 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:30:59.0517 4804 NdisCap - ok
17:30:59.0548 4804 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:30:59.0626 4804 NdisTapi - ok
17:30:59.0673 4804 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:30:59.0736 4804 Ndisuio - ok
17:30:59.0767 4804 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:30:59.0845 4804 NdisWan - ok
17:30:59.0892 4804 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:30:59.0970 4804 NDProxy - ok
17:31:00.0032 4804 [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:31:00.0063 4804 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:31:00.0063 4804 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:31:00.0110 4804 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:31:00.0172 4804 NetBIOS - ok
17:31:00.0219 4804 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:31:00.0297 4804 NetBT - ok
17:31:00.0344 4804 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:31:00.0375 4804 Netlogon - ok
17:31:00.0438 4804 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:31:00.0516 4804 Netman - ok
17:31:00.0562 4804 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:31:00.0640 4804 netprofm - ok
17:31:00.0687 4804 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:31:00.0718 4804 NetTcpPortSharing - ok
17:31:00.0781 4804 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:31:00.0796 4804 nfrd960 - ok
17:31:00.0921 4804 [ D8ADFBEB3F7F4AE4C32E7EEDE4E59E15 ] NitroReaderDriverReadSpool2 C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
17:31:00.0952 4804 NitroReaderDriverReadSpool2 - ok
17:31:01.0015 4804 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:31:01.0077 4804 NlaSvc - ok
17:31:01.0155 4804 [ 25D6B2EB0A1FC4AB413AFE7EC4793EC1 ] nosGetPlusHelper C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll
17:31:01.0171 4804 nosGetPlusHelper - ok
17:31:01.0186 4804 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:31:01.0249 4804 Npfs - ok
17:31:01.0280 4804 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:31:01.0358 4804 nsi - ok
17:31:01.0389 4804 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:31:01.0467 4804 nsiproxy - ok
17:31:01.0561 4804 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:31:01.0623 4804 Ntfs - ok
17:31:01.0639 4804 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:31:01.0701 4804 Null - ok
17:31:01.0732 4804 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:31:01.0764 4804 nvraid - ok
17:31:01.0810 4804 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:31:01.0842 4804 nvstor - ok
17:31:01.0904 4804 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:31:01.0920 4804 nv_agp - ok
17:31:02.0029 4804 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:31:02.0060 4804 odserv - ok
17:31:02.0091 4804 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:31:02.0122 4804 ohci1394 - ok
17:31:02.0185 4804 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:31:02.0200 4804 ose - ok
17:31:02.0263 4804 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:31:02.0341 4804 p2pimsvc - ok
17:31:02.0388 4804 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:31:02.0419 4804 p2psvc - ok
17:31:02.0481 4804 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:31:02.0497 4804 Parport - ok
17:31:02.0544 4804 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:31:02.0559 4804 partmgr - ok
17:31:02.0622 4804 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:31:02.0668 4804 PcaSvc - ok
17:31:02.0715 4804 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:31:02.0731 4804 pci - ok
17:31:02.0746 4804 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:31:02.0778 4804 pciide - ok
17:31:02.0778 4804 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:31:02.0809 4804 pcmcia - ok
17:31:02.0840 4804 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:31:02.0856 4804 pcw - ok
17:31:02.0887 4804 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:31:02.0980 4804 PEAUTH - ok
17:31:03.0105 4804 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:31:03.0168 4804 PerfHost - ok
17:31:03.0230 4804 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:31:03.0339 4804 pla - ok
17:31:03.0433 4804 [ 875E4E0661F3A5994DF9E5E3A0A4F96B ] PLFlash DeviceIoControl Service C:\Windows\SysWOW64\IoctlSvc.exe
17:31:03.0464 4804 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - warning
17:31:03.0464 4804 PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic (1)
17:31:03.0558 4804 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:31:03.0589 4804 PlugPlay - ok
17:31:03.0745 4804 [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:31:03.0776 4804 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:31:03.0776 4804 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:31:03.0823 4804 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:31:03.0854 4804 PNRPAutoReg - ok
17:31:03.0885 4804 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:31:03.0916 4804 PNRPsvc - ok
17:31:03.0979 4804 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:31:04.0057 4804 PolicyAgent - ok
17:31:04.0104 4804 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:31:04.0182 4804 Power - ok
17:31:04.0260 4804 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:31:04.0338 4804 PptpMiniport - ok
17:31:04.0384 4804 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:31:04.0431 4804 Processor - ok
17:31:04.0462 4804 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:31:04.0572 4804 ProfSvc - ok
17:31:04.0603 4804 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:31:04.0618 4804 ProtectedStorage - ok
17:31:04.0650 4804 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:31:04.0728 4804 Psched - ok
17:31:04.0774 4804 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
17:31:04.0790 4804 PxHlpa64 - ok
17:31:04.0852 4804 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:31:04.0915 4804 ql2300 - ok
17:31:04.0946 4804 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:31:04.0977 4804 ql40xx - ok
17:31:05.0024 4804 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:31:05.0086 4804 QWAVE - ok
17:31:05.0102 4804 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:31:05.0164 4804 QWAVEdrv - ok
17:31:05.0196 4804 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:31:05.0258 4804 RasAcd - ok
17:31:05.0320 4804 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:31:05.0398 4804 RasAgileVpn - ok
17:31:05.0414 4804 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:31:05.0508 4804 RasAuto - ok
17:31:05.0554 4804 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:31:05.0632 4804 Rasl2tp - ok
17:31:05.0679 4804 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:31:05.0773 4804 RasMan - ok
17:31:05.0804 4804 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:31:05.0882 4804 RasPppoe - ok
17:31:05.0913 4804 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:31:05.0991 4804 RasSstp - ok
17:31:06.0022 4804 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:31:06.0069 4804 rdbss - ok
17:31:06.0085 4804 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:31:06.0132 4804 rdpbus - ok
17:31:06.0178 4804 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:31:06.0225 4804 RDPCDD - ok
17:31:06.0256 4804 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:31:06.0334 4804 RDPENCDD - ok
17:31:06.0366 4804 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:31:06.0428 4804 RDPREFMP - ok
17:31:06.0522 4804 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:31:06.0584 4804 RdpVideoMiniport - ok
17:31:06.0646 4804 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:31:06.0709 4804 RDPWD - ok
17:31:06.0771 4804 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:31:06.0802 4804 rdyboost - ok
17:31:06.0834 4804 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:31:06.0912 4804 RemoteAccess - ok
17:31:06.0958 4804 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:31:07.0036 4804 RemoteRegistry - ok
17:31:07.0068 4804 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:31:07.0146 4804 RpcEptMapper - ok
17:31:07.0177 4804 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:31:07.0239 4804 RpcLocator - ok
17:31:07.0302 4804 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:31:07.0348 4804 RpcSs - ok
17:31:07.0411 4804 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:31:07.0473 4804 rspndr - ok
17:31:07.0551 4804 [ 4A25DC970C58104602ED274DACAFD784 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
17:31:07.0598 4804 RSUSBSTOR - ok
17:31:07.0614 4804 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:31:07.0645 4804 SamSs - ok
17:31:07.0645 4804 SANDRA - ok
17:31:07.0692 4804 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:31:07.0723 4804 sbp2port - ok
17:31:07.0785 4804 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:31:07.0832 4804 SCardSvr - ok
17:31:07.0879 4804 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:31:07.0941 4804 scfilter - ok
17:31:08.0004 4804 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:31:08.0082 4804 Schedule - ok
17:31:08.0128 4804 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:31:08.0191 4804 SCPolicySvc - ok
17:31:08.0253 4804 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:31:08.0331 4804 SDRSVC - ok
17:31:08.0425 4804 [ D358E077A0A05D9B12DA22D137EE8464 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
17:31:08.0456 4804 SeaPort - ok
17:31:08.0518 4804 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:31:08.0596 4804 secdrv - ok
17:31:08.0628 4804 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:31:08.0706 4804 seclogon - ok
17:31:08.0752 4804 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
17:31:08.0815 4804 SENS - ok
17:31:08.0862 4804 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:31:08.0924 4804 SensrSvc - ok
17:31:08.0940 4804 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:31:08.0971 4804 Serenum - ok
17:31:08.0986 4804 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:31:09.0033 4804 Serial - ok
17:31:09.0064 4804 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:31:09.0080 4804 sermouse - ok
17:31:09.0142 4804 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:31:09.0205 4804 SessionEnv - ok
17:31:09.0298 4804 [ 8423DB42808E94847EC4E53EFDA6BEE2 ] setup_9.0.0.722_06.07.2012_12-35drv C:\Windows\system32\DRIVERS\7026445.sys
17:31:09.0330 4804 setup_9.0.0.722_06.07.2012_12-35drv - ok
17:31:09.0376 4804 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:31:09.0439 4804 sffdisk - ok
17:31:09.0470 4804 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:31:09.0517 4804 sffp_mmc - ok
17:31:09.0564 4804 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:31:09.0626 4804 sffp_sd - ok
17:31:09.0673 4804 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:31:09.0720 4804 sfloppy - ok
17:31:09.0813 4804 [ 16A5CC62F79A32A974B55110A898945C ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
17:31:09.0844 4804 SftService - ok
17:31:09.0907 4804 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:31:09.0985 4804 SharedAccess - ok
17:31:10.0047 4804 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:31:10.0125 4804 ShellHWDetection - ok
17:31:10.0156 4804 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:31:10.0172 4804 SiSRaid2 - ok
17:31:10.0234 4804 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:31:10.0250 4804 SiSRaid4 - ok
17:31:10.0297 4804 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:31:10.0344 4804 Smb - ok
17:31:10.0422 4804 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:31:10.0468 4804 SNMPTRAP - ok
17:31:10.0500 4804 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:31:10.0531 4804 spldr - ok
17:31:10.0593 4804 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:31:10.0671 4804 Spooler - ok
17:31:10.0796 4804 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:31:10.0952 4804 sppsvc - ok
17:31:10.0983 4804 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:31:11.0061 4804 sppuinotify - ok
17:31:11.0139 4804 [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
17:31:11.0155 4804 sprtsvc_DellSupportCenter - ok
17:31:11.0217 4804 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:31:11.0280 4804 srv - ok
17:31:11.0342 4804 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:31:11.0389 4804 srv2 - ok
17:31:11.0420 4804 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:31:11.0482 4804 srvnet - ok
17:31:11.0545 4804 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:31:11.0623 4804 SSDPSRV - ok
17:31:11.0654 4804 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:31:11.0701 4804 SstpSvc - ok
17:31:11.0888 4804 [ 444109453A2B87E6C16BCDA5953E81A9 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
17:31:11.0966 4804 STacSV - ok
17:31:12.0013 4804 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:31:12.0028 4804 stexstor - ok
17:31:12.0075 4804 [ 02E784FA49032F84964DB90A3ED81890 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
17:31:12.0106 4804 STHDA - ok
17:31:12.0169 4804 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:31:12.0231 4804 stisvc - ok
17:31:12.0278 4804 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
17:31:12.0294 4804 swenum - ok
17:31:12.0372 4804 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:31:12.0450 4804 swprv - ok
17:31:12.0543 4804 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:31:12.0637 4804 SysMain - ok
17:31:12.0684 4804 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:31:12.0730 4804 TabletInputService - ok
17:31:12.0777 4804 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:31:12.0855 4804 TapiSrv - ok
17:31:12.0902 4804 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:31:12.0964 4804 TBS - ok
17:31:13.0058 4804 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:31:13.0120 4804 Tcpip - ok
17:31:13.0167 4804 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:31:13.0230 4804 TCPIP6 - ok
17:31:13.0276 4804 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:31:13.0323 4804 tcpipreg - ok
17:31:13.0370 4804 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:31:13.0448 4804 TDPIPE - ok
17:31:13.0479 4804 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:31:13.0526 4804 TDTCP - ok
17:31:13.0573 4804 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:31:13.0635 4804 tdx - ok
17:31:13.0713 4804 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:31:13.0729 4804 TermDD - ok
17:31:13.0791 4804 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:31:13.0885 4804 TermService - ok
17:31:13.0932 4804 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:31:13.0978 4804 Themes - ok
17:31:14.0041 4804 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:31:14.0088 4804 THREADORDER - ok
17:31:14.0088 4804 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:31:14.0166 4804 TrkWks - ok
17:31:14.0275 4804 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:31:14.0337 4804 TrustedInstaller - ok
17:31:14.0384 4804 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:31:14.0431 4804 tssecsrv - ok
17:31:14.0509 4804 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:31:14.0587 4804 TsUsbFlt - ok
17:31:14.0649 4804 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:31:14.0758 4804 tunnel - ok
17:31:14.0821 4804 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:31:14.0836 4804 uagp35 - ok
17:31:14.0883 4804 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:31:14.0992 4804 udfs - ok
17:31:15.0039 4804 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:31:15.0070 4804 UI0Detect - ok
17:31:15.0133 4804 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:31:15.0148 4804 uliagpkx - ok
17:31:15.0195 4804 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
17:31:15.0242 4804 umbus - ok
17:31:15.0304 4804 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:31:15.0320 4804 UmPass - ok
17:31:15.0351 4804 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:31:15.0398 4804 upnphost - ok
17:31:15.0460 4804 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:31:15.0538 4804 usbccgp - ok
17:31:15.0554 4804 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:31:15.0585 4804 usbcir - ok
17:31:15.0601 4804 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:31:15.0648 4804 usbehci - ok
17:31:15.0694 4804 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:31:15.0757 4804 usbhub - ok
17:31:15.0772 4804 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:31:15.0819 4804 usbohci - ok
17:31:15.0866 4804 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:31:15.0913 4804 usbprint - ok
17:31:15.0960 4804 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:31:15.0975 4804 usbscan - ok
17:31:16.0022 4804 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\drivers\usbser.sys
17:31:16.0100 4804 usbser - ok
17:31:16.0147 4804 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
17:31:16.0225 4804 USBSTOR - ok
17:31:16.0240 4804 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:31:16.0287 4804 usbuhci - ok
17:31:16.0334 4804 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:31:16.0412 4804 UxSms - ok
17:31:16.0443 4804 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:31:16.0474 4804 VaultSvc - ok
17:31:16.0537 4804 [ 1CB3C59EBD394DB0B869FDD804387E65 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
17:31:16.0552 4804 VBoxNetAdp - ok
17:31:16.0584 4804 VBoxNetFlt - ok
17:31:16.0599 4804 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:31:16.0630 4804 vdrvroot - ok
17:31:16.0677 4804 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:31:16.0740 4804 vds - ok
17:31:16.0802 4804 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:31:16.0818 4804 vga - ok
17:31:16.0849 4804 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:31:16.0911 4804 VgaSave - ok
17:31:16.0958 4804 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:31:16.0989 4804 vhdmp - ok
17:31:17.0036 4804 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:31:17.0067 4804 viaide - ok
17:31:17.0083 4804 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:31:17.0098 4804 volmgr - ok
17:31:17.0130 4804 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:31:17.0161 4804 volmgrx - ok
17:31:17.0176 4804 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:31:17.0208 4804 volsnap - ok
17:31:17.0239 4804 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:31:17.0254 4804 vsmraid - ok
17:31:17.0348 4804 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:31:17.0457 4804 VSS - ok
17:31:17.0473 4804 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:31:17.0520 4804 vwifibus - ok
17:31:17.0566 4804 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:31:17.0598 4804 vwififlt - ok
17:31:17.0629 4804 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
17:31:17.0691 4804 vwifimp - ok
17:31:17.0738 4804 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:31:17.0816 4804 W32Time - ok
17:31:17.0847 4804 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:31:17.0894 4804 WacomPen - ok
17:31:17.0988 4804 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:31:18.0034 4804 WANARP - ok
17:31:18.0050 4804 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:31:18.0097 4804 Wanarpv6 - ok
17:31:18.0175 4804 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:31:18.0284 4804 wbengine - ok
17:31:18.0346 4804 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:31:18.0378 4804 WbioSrvc - ok
17:31:18.0440 4804 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:31:18.0471 4804 wcncsvc - ok
17:31:18.0502 4804 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:31:18.0534 4804 WcsPlugInService - ok
17:31:18.0596 4804 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:31:18.0612 4804 Wd - ok
17:31:18.0674 4804 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:31:18.0721 4804 Wdf01000 - ok
17:31:18.0736 4804 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:31:18.0861 4804 WdiServiceHost - ok
17:31:18.0877 4804 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:31:18.0908 4804 WdiSystemHost - ok
17:31:18.0939 4804 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:31:19.0002 4804 WebClient - ok
17:31:19.0048 4804 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:31:19.0126 4804 Wecsvc - ok
17:31:19.0158 4804 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:31:19.0236 4804 wercplsupport - ok
17:31:19.0298 4804 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:31:19.0376 4804 WerSvc - ok
17:31:19.0423 4804 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:31:19.0470 4804 WfpLwf - ok
17:31:19.0532 4804 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
17:31:19.0563 4804 WimFltr - ok
17:31:19.0610 4804 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:31:19.0641 4804 WIMMount - ok
17:31:19.0688 4804 WinDefend - ok
17:31:19.0704 4804 WinHttpAutoProxySvc - ok
17:31:19.0813 4804 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:31:19.0875 4804 Winmgmt - ok
17:31:19.0969 4804 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:31:20.0094 4804 WinRM - ok
17:31:20.0187 4804 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:31:20.0265 4804 Wlansvc - ok
17:31:20.0328 4804 [ 13B0A570E1AE451C92DA550085D72CF3 ] wltrysvc C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
17:31:20.0359 4804 wltrysvc ( UnsignedFile.Multi.Generic ) - warning
17:31:20.0359 4804 wltrysvc - detected UnsignedFile.Multi.Generic (1)
17:31:20.0421 4804 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:31:20.0468 4804 WmiAcpi - ok
17:31:20.0515 4804 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:31:20.0562 4804 wmiApSrv - ok
17:31:20.0608 4804 WMPNetworkSvc - ok
17:31:20.0624 4804 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:31:20.0655 4804 WPCSvc - ok
17:31:20.0718 4804 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:31:20.0764 4804 WPDBusEnum - ok
17:31:20.0827 4804 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:31:20.0889 4804 ws2ifsl - ok
17:31:20.0936 4804 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
17:31:20.0983 4804 wscsvc - ok
17:31:20.0998 4804 WSearch - ok
17:31:21.0092 4804 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:31:21.0186 4804 wuauserv - ok
17:31:21.0232 4804 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:31:21.0310 4804 WudfPf - ok
17:31:21.0357 4804 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:31:21.0404 4804 WUDFRd - ok
17:31:21.0451 4804 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:31:21.0498 4804 wudfsvc - ok
17:31:21.0544 4804 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:31:21.0591 4804 WwanSvc - ok
17:31:21.0654 4804 [ 64F88AF327AA74E03658AE32B48CCB8B ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
17:31:21.0747 4804 yukonw7 - ok
17:31:21.0778 4804 ================ Scan global ===============================
17:31:21.0825 4804 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:31:21.0888 4804 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:31:21.0903 4804 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:31:21.0950 4804 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:31:21.0997 4804 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:31:22.0012 4804 [Global] - ok
17:31:22.0012 4804 ================ Scan MBR ==================================
17:31:22.0028 4804 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
17:31:22.0543 4804 \Device\Harddisk0\DR0 - ok
17:31:22.0543 4804 ================ Scan VBR ==================================
17:31:22.0590 4804 [ C587A4A9A3806AF99FA7391DD3F7C52B ] \Device\Harddisk0\DR0\Partition1
17:31:22.0590 4804 \Device\Harddisk0\DR0\Partition1 - ok
17:31:22.0605 4804 [ 7E439E0C0C6E1D3E1C1ADE3746341CBF ] \Device\Harddisk0\DR0\Partition2
17:31:22.0605 4804 \Device\Harddisk0\DR0\Partition2 - ok
17:31:22.0605 4804 ============================================================
17:31:22.0605 4804 Scan finished
17:31:22.0605 4804 ============================================================
17:31:22.0621 3764 Detected object count: 8
17:31:22.0621 3764 Actual detected object count: 8
17:31:50.0451 3764 DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user
17:31:50.0467 3764 DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:31:50.0467 3764 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
17:31:50.0467 3764 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:31:50.0467 3764 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:31:50.0467 3764 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:31:50.0467 3764 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
17:31:50.0467 3764 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:31:50.0467 3764 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:31:50.0467 3764 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:31:50.0467 3764 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:31:50.0467 3764 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:31:50.0483 3764 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:31:50.0483 3764 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:31:50.0483 3764 wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:31:50.0483 3764 wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:39:06.0258 4716 Deinitialize success
|
|
23.03.2013, 20:33
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden Dann bitte jetzt Combofix ausführen: Scan mit Combofix
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.03.2013, 10:31
| #9 |
| | Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden Hier das ComboFix-Log: Code:
ATTFilter ComboFix 13-03-23.01 - Privat 24.03.2013 9:03.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4056.2780 [GMT 1:00]
ausgeführt von:: c:\users\Lexikon\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-02-24 bis 2013-03-24 ))))))))))))))))))))))))))))))
.
.
2013-03-24 08:11 . 2013-03-24 08:11 -------- d-----w- c:\users\Privat\AppData\Local\temp
2013-03-24 08:11 . 2013-03-24 08:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-24 08:11 . 2013-03-24 08:11 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2013-03-22 17:39 . 2013-02-17 00:40 28672 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-03-22 17:31 . 2013-03-22 17:31 -------- d-----w- c:\program files\Microsoft Silverlight
2013-03-22 17:31 . 2013-03-22 17:31 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-03-22 17:30 . 2013-03-22 17:30 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-03-22 17:29 . 2013-03-22 17:29 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-21 15:39 . 2013-02-08 00:28 9162192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{19B95E06-F646-45C3-AF5F-02B2D0B71519}\mpengine.dll
2013-03-21 15:38 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-19 21:45 . 2013-03-22 17:29 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-03-16 14:39 . 2013-03-16 14:39 -------- d-----w- c:\program files (x86)\Common Files\Apple
2013-03-16 14:39 . 2013-03-19 21:37 -------- d-----w- c:\program files (x86)\Apple Software Update
2013-03-16 14:31 . 2013-03-19 21:30 -------- d-----w- c:\program files\VideoLAN
2013-03-15 14:04 . 2009-10-27 18:31 3982240 ----a-w- c:\windows\SysWow64\Flash10d.ocx
2013-03-15 12:04 . 2013-03-15 12:04 -------- d-----w- c:\users\Privat\AppData\Local\Amazon
2013-03-08 18:27 . 2013-03-06 23:33 377920 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-08 18:27 . 2013-03-06 23:33 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-08 18:27 . 2013-03-06 23:33 70992 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-03-08 18:27 . 2013-03-06 23:33 68920 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-08 18:27 . 2013-03-06 23:33 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-08 18:27 . 2013-03-06 23:33 178624 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-08 18:27 . 2013-03-06 23:33 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-08 18:27 . 2013-03-06 23:33 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-08 18:26 . 2013-03-06 23:32 41664 ----a-w- c:\windows\avastSS.scr
2013-03-08 18:18 . 2013-03-08 18:18 -------- d-s---w- c:\windows\SysWow64\Microsoft
2013-02-25 22:01 . 2013-02-25 22:01 -------- d-----w- c:\users\Lexikon\AppData\Local\Macromedia
2013-02-25 10:33 . 2013-03-08 18:26 -------- d-----w- c:\program files\AVAST Software
2013-02-25 10:13 . 2013-03-19 21:30 -------- d-----r- c:\users\Public
2013-02-23 20:11 . 2013-02-23 20:11 -------- d-----w- c:\users\Privat\NTUSER
2013-02-22 19:45 . 2013-02-22 19:45 -------- d-----w- c:\users\Privat\AppData\Local\Programs
2013-02-22 19:38 . 2013-02-22 19:41 -------- d-----w- c:\users\Lexikon\AppData\Local\Amazon
2013-02-22 19:36 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-22 19:36 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-02-22 19:36 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-22 17:29 . 2011-04-08 09:32 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-03-21 14:07 . 2012-04-09 20:01 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-21 14:07 . 2011-08-08 13:25 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-06 23:32 . 2011-08-03 14:15 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-03-04 13:53 . 2011-06-19 13:23 72013344 ----a-w- c:\windows\system32\MRT.exe
2013-01-17 00:28 . 2011-03-05 19:08 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-04 05:46 . 2013-02-16 20:09 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-01-04 04:51 . 2013-02-16 20:09 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-01-04 04:43 . 2013-02-16 20:09 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-01-04 03:26 . 2013-02-16 19:52 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-01-04 02:47 . 2013-02-16 20:09 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-01-04 02:47 . 2013-02-16 20:09 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-01-04 02:47 . 2013-02-16 20:09 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-01-04 02:47 . 2013-02-16 20:09 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-01-03 06:00 . 2013-02-16 20:06 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-03 06:00 . 2013-02-16 20:06 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BrowserMask"="c:\program files (x86)\AntiBrowserSpy\AntiBrowserSpyBrowserMaske.exe" [2010-09-23 96768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"0190 Warner"="c:\progra~2\0190WA~1\WARN0190.EXE" [2003-02-28 466944]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Z1"="c:\users\Lexikon\Desktop\mbar-1.01.0.1021\mbar\mbar.exe" [2013-02-16 1363016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 aswVmm;aswVmm; [x]
R3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2009-12-17 145360]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-09-28 395264]
S0 13558342;13558342 Boot Guard Driver;c:\windows\system32\DRIVERS\13558342.sys [2009-10-22 40464]
S0 31597942;31597942 Boot Guard Driver;c:\windows\system32\DRIVERS\31597942.sys [2009-10-22 40464]
S0 36351792;36351792 Boot Guard Driver;c:\windows\system32\DRIVERS\36351792.sys [2009-10-22 40464]
S0 70264452;70264452 Boot Guard Driver;c:\windows\system32\DRIVERS\70264452.sys [2009-10-22 40464]
S0 77014092;77014092 Boot Guard Driver;c:\windows\system32\DRIVERS\77014092.sys [2009-10-22 40464]
S0 79665282;79665282 Boot Guard Driver;c:\windows\system32\DRIVERS\79665282.sys [2009-10-22 40464]
S0 93592522;93592522 Boot Guard Driver;c:\windows\system32\DRIVERS\93592522.sys [2009-10-22 40464]
S0 97504712;97504712 Boot Guard Driver;c:\windows\system32\DRIVERS\97504712.sys [2009-10-22 40464]
S0 aswRvrt;aswRvrt; [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
S1 13558341;13558341;c:\windows\system32\DRIVERS\13558341.sys [2009-09-25 157712]
S1 31597941;31597941;c:\windows\system32\DRIVERS\31597941.sys [2009-09-25 157712]
S1 36351791;36351791;c:\windows\system32\DRIVERS\36351791.sys [2009-09-25 157712]
S1 70264451;70264451;c:\windows\system32\DRIVERS\70264451.sys [2009-09-25 157712]
S1 77014091;77014091;c:\windows\system32\DRIVERS\77014091.sys [2009-09-25 157712]
S1 79665281;79665281;c:\windows\system32\DRIVERS\79665281.sys [2009-09-25 157712]
S1 93592521;93592521;c:\windows\system32\DRIVERS\93592521.sys [2009-09-25 157712]
S1 97504711;97504711;c:\windows\system32\DRIVERS\97504711.sys [2009-09-25 157712]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 setup_9.0.0.722_06.07.2012_12-35drv;setup_9.0.0.722_06.07.2012_12-35drv;c:\windows\system32\DRIVERS\7026445.sys [2009-10-09 352784]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-03-06 80816]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2011-10-25 341288]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2009-12-02 656624]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-05-08 215552]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2009-01-23 305664]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-29 444416]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-06-30 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-06-30 385560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"*Restore"="c:\windows\System32\rstrui.exe" [2010-11-20 296960]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.ask.com?o=10148&l=dis&tb=AVR-4
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\h3f9rtyq.default\
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-03-24 09:14:19
ComboFix-quarantined-files.txt 2013-03-24 08:14
.
Vor Suchlauf: 16 Verzeichnis(se), 81.824.444.416 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 81.261.056.000 Bytes frei
.
- - End Of File - - DB7CD00020DDD2E07B4DC6604E7CB39C
|
|
24.03.2013, 13:53
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Im Anschluss: adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.03.2013, 19:40
| #11 |
| | Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden Der Papierkorb funktioniert wieder! Ich weiß nicht warum, aber die Dateien werden wieder dorthin verschoben. Vielleicht kannst Du mir noch mal kurz schreiben, woran es denn lag?Habe übrigens beim Ausführen von JRT nen mächtigen Schreck bekommen... Sämtliche Dateien auf dem Bildschirm waren weg  Dann merkte ich, dass das Programm mich vom Standard-Konto ins Administrator-Konto geschoben hatte. Puhh!Hänge dann mal die restlichen Logs an: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.7.3 (03.23.2013:1)
OS: Windows 7 Home Premium x64
Ran by Privat on 24.03.2013 at 17:21:43,92
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-2433319336-712607344-602622529-1005\software\microsoft\internet explorer\main\\Start Page
~~~ Registry Keys
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{02478d38-c3f9-4efb-9b51-7695eca05670}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\blekko toolbars"
Successfully deleted: [Folder] "C:\Users\Privat\appdata\locallow\adawaretb"
~~~ FireFox
Successfully deleted: [File] C:\Users\Privat\AppData\Roaming\mozilla\firefox\profiles\h3f9rtyq.default\searchplugins\askcom.xml
Successfully deleted: [Folder] C:\Users\Privat\AppData\Roaming\mozilla\firefox\profiles\h3f9rtyq.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
Successfully deleted: [Folder] C:\Users\Privat\AppData\Roaming\mozilla\firefox\profiles\h3f9rtyq.default\extensions\toolbar@ask.com
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.03.2013 at 17:38:19,31
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter # AdwCleaner v2.115 - Datei am 24/03/2013 um 18:00:41 erstellt
# Aktualisiert am 17/03/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Privat - ZUHAUSE-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Lexikon\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Users\Lexikon\AppData\Roaming\Mozilla\Firefox\Profiles\l3fkwzu1.default\searchplugins\11-suche.xml
Ordner Gelöscht : C:\Users\Lexikon\AppData\Roaming\Mozilla\Firefox\Profiles\l3fkwzu1.default\adawaretb
Ordner Gelöscht : C:\Users\Lexikon\AppData\Roaming\Mozilla\Firefox\Profiles\l3fkwzu1.default\jetpack
Ordner Gelöscht : C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\h3f9rtyq.default\adawaretb
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16521
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v19.0.2 (de)
Datei : C:\Users\Lexikon\AppData\Roaming\Mozilla\Firefox\Profiles\l3fkwzu1.default\prefs.js
Gelöscht : user_pref("browser.search.order.1", "Ask.com");
Gelöscht : user_pref("browser.search.selectedEngine", "Ask.com");
Datei : C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\h3f9rtyq.default\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [2054 octets] - [24/03/2013 17:59:23]
AdwCleaner[S1].txt - [1989 octets] - [24/03/2013 18:00:41]
########## EOF - \AdwCleaner[S1].txt - [2049 octets] ##########
Code:
ATTFilter OTL logfile created on: 24.03.2013 18:05:50 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lexikon\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16521) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,96 Gb Total Physical Memory | 2,89 Gb Available Physical Memory | 73,06% Memory free 7,92 Gb Paging File | 6,74 Gb Available in Paging File | 85,12% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 134,36 Gb Total Space | 75,62 Gb Free Space | 56,28% Space Free | Partition Type: NTFS Computer Name: ZUHAUSE-PC | User Name: Privat | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Programme\AVAST Software\Avast\AvastEmUpdate.exe (AVAST Software) PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Users\Lexikon\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks) PRC - C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation) PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.) PRC - C:\Windows\SysWOW64\IoctlSvc.exe (Prolific Technology Inc.) PRC - C:\Program Files (x86)\0190 Warner\Warn0190.exe (Mirko Böer) ========== Modules (No Company Name) ========== ========== Services (SafeList) ========== SRV:64bit: - (wltrysvc) -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE () SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe (IDT, Inc.) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (NitroReaderDriverReadSpool2) -- C:\Programme\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe (Nitro PDF Software) SRV - (nosGetPlusHelper) -- C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll (NOS Microsystems Ltd.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks) SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.) SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe (IDT, Inc.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (DockLoginService) -- C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation) SRV - (GameConsoleService) -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe (WildTangent, Inc.) SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation) SRV - (sprtsvc_DellSupportCenter) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.) SRV - (PLFlash DeviceIoControl Service) -- C:\Windows\SysWOW64\IoctlSvc.exe (Prolific Technology Inc.) ========== Driver Services (SafeList) ========== DRV:64bit: - (SANDRA) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x64\Sandra.sys File not found DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software) DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software) DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys () DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software) DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software) DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys () DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software) DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation) DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Sun Microsystems, Inc.) DRV:64bit: - (77014092) -- C:\Windows\SysNative\drivers\77014092.sys (Kaspersky Lab) DRV:64bit: - (36351792) -- C:\Windows\SysNative\drivers\36351792.sys (Kaspersky Lab) DRV:64bit: - (97504712) -- C:\Windows\SysNative\drivers\97504712.sys (Kaspersky Lab) DRV:64bit: - (93592522) -- C:\Windows\SysNative\drivers\93592522.sys (Kaspersky Lab) DRV:64bit: - (79665282) -- C:\Windows\SysNative\drivers\79665282.sys (Kaspersky Lab) DRV:64bit: - (70264452) -- C:\Windows\SysNative\drivers\70264452.sys (Kaspersky Lab) DRV:64bit: - (31597942) -- C:\Windows\SysNative\drivers\31597942.sys (Kaspersky Lab) DRV:64bit: - (13558342) -- C:\Windows\SysNative\drivers\13558342.sys (Kaspersky Lab) DRV:64bit: - (setup_9.0.0.722_06.07.2012_12-35drv) -- C:\Windows\SysNative\drivers\7026445.sys (Kaspersky Lab) DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys () DRV:64bit: - (77014091) -- C:\Windows\SysNative\drivers\77014091.sys (Kaspersky Lab) DRV:64bit: - (36351791) -- C:\Windows\SysNative\drivers\36351791.sys (Kaspersky Lab) DRV:64bit: - (97504711) -- C:\Windows\SysNative\drivers\97504711.sys (Kaspersky Lab) DRV:64bit: - (93592521) -- C:\Windows\SysNative\drivers\93592521.sys (Kaspersky Lab) DRV:64bit: - (79665281) -- C:\Windows\SysNative\drivers\79665281.sys (Kaspersky Lab) DRV:64bit: - (70264451) -- C:\Windows\SysNative\drivers\70264451.sys (Kaspersky Lab) DRV:64bit: - (31597941) -- C:\Windows\SysNative\drivers\31597941.sys (Kaspersky Lab) DRV:64bit: - (13558341) -- C:\Windows\SysNative\drivers\13558341.sys (Kaspersky Lab) DRV:64bit: - (BCM42RLY) -- C:\Windows\SysNative\drivers\bcm42rly.sys (Broadcom Corporation) DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{CC04B2F9-F507-4C02-B862-27447E6B6138}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{78BB7703-48FC-48AD-9EE0-D8327EF260A2}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2433319336-712607344-602622529-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Lexikon\Desktop IE - HKU\S-1-5-21-2433319336-712607344-602622529-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8 IE - HKU\S-1-5-21-2433319336-712607344-602622529-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKU\S-1-5-21-2433319336-712607344-602622529-1003\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2433319336-712607344-602622529-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2433319336-712607344-602622529-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\S-1-5-21-2433319336-712607344-602622529-1005\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2433319336-712607344-602622529-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+(R),version=1.6.2.99: C:\Program Files (x86)\NOS\bin\np_gp.dll (NOS Microsystems Ltd.) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll File not found FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}: C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2011.10.29 14:04:27 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013.03.19 22:30:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.11.26 20:55:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.03.19 22:43:10 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.19 22:40:10 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.19 22:40:09 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.11.26 20:55:42 | 000,000,000 | ---D | M] [2013.03.19 22:35:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.03.07 15:30:04 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2013.03.07 16:45:15 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.03.07 16:45:15 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013.03.07 16:45:15 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2013.03.07 16:45:15 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2013.03.07 16:45:15 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2013.03.07 16:45:15 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2012.12.11 21:04:48 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2 - BHO: (no name) - {0347C33E-8762-4905-BF09-768834316C61} - No CLSID value found. O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (no name) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - No CLSID value found. O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-2433319336-712607344-602622529-1003\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [0190 Warner] C:\PROGRA~2\0190WA~1\WARN0190.EXE (Mirko Böer) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKU\S-1-5-21-2433319336-712607344-602622529-1003..\Run: [BrowserMask] C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyBrowserMaske.exe (Microsoft) O4 - HKU\S-1-5-21-2433319336-712607344-602622529-1005..\Run: [BrowserMask] C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyBrowserMaske.exe (Microsoft) O4:64bit: - HKLM..\RunOnce: [*Restore] C:\Windows\SysNative\rstrui.exe (Microsoft Corporation) O4 - HKLM..\RunOnce: [Z1] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2433319336-712607344-602622529-1005..\RunOnce: [Report] \AdwCleaner[S1].txt () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: HP Smart Web Printing ein- oder ausblenden - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - Reg Error: Key error. File not found O13 - gopher Prefix: missing O16:64bit: - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class) O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (sdnclean64.exe) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.03.24 17:25:16 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013.03.24 17:25:16 | 000,000,000 | -HSD | C] -- \$RECYCLE.BIN [2013.03.24 17:21:41 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013.03.24 17:21:33 | 000,000,000 | ---D | C] -- C:\JRT [2013.03.24 17:21:33 | 000,000,000 | ---D | C] -- \JRT [2013.03.24 09:36:04 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\temp [2013.03.24 09:00:15 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013.03.24 09:00:15 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013.03.24 09:00:15 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013.03.22 18:39:09 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE [2013.03.22 18:33:46 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.03.22 18:33:46 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013.03.22 18:33:46 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013.03.22 18:33:46 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013.03.22 18:33:46 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.03.22 18:33:46 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013.03.22 18:33:46 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.03.22 18:33:46 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013.03.22 18:33:46 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.03.22 18:33:46 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013.03.22 18:33:46 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013.03.22 18:33:46 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013.03.22 18:33:46 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013.03.22 18:33:46 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013.03.22 18:33:46 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013.03.22 18:33:46 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.03.22 18:33:46 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013.03.22 18:33:46 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013.03.22 18:33:46 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013.03.22 18:33:46 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.03.22 18:33:46 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.03.22 18:33:46 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013.03.22 18:33:46 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.03.22 18:33:46 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013.03.22 18:33:46 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.03.22 18:33:46 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013.03.22 18:33:46 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013.03.22 18:33:46 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.03.22 18:33:46 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013.03.22 18:33:46 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013.03.22 18:33:46 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.03.22 18:33:46 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013.03.22 18:33:46 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013.03.22 18:33:45 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.03.22 18:33:45 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.03.22 18:33:45 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013.03.22 18:33:45 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013.03.22 18:33:45 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.03.22 18:33:45 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013.03.22 18:33:45 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.03.22 18:33:45 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.03.22 18:33:45 | 000,526,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.03.22 18:33:45 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013.03.22 18:33:45 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013.03.22 18:33:45 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013.03.22 18:33:45 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.03.22 18:33:45 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013.03.22 18:33:45 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.03.22 18:33:45 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013.03.22 18:33:45 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013.03.22 18:33:45 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013.03.22 18:33:45 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.03.22 18:33:45 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013.03.22 18:33:45 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013.03.22 18:33:45 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013.03.22 18:33:45 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.03.22 18:33:45 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013.03.22 18:33:45 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013.03.22 18:33:45 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013.03.22 18:33:45 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.03.22 18:33:45 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013.03.22 18:33:45 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.03.22 18:33:45 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013.03.22 18:33:45 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013.03.22 18:33:45 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.03.22 18:33:45 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013.03.22 18:33:45 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013.03.22 18:33:45 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013.03.22 18:31:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2013.03.22 18:31:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2013.03.22 18:31:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2013.03.22 18:30:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2013.03.22 18:30:16 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2013.03.22 18:29:45 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013.03.22 18:29:45 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013.03.22 18:29:44 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2013.03.22 18:24:47 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll [2013.03.22 18:24:47 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll [2013.03.22 18:24:47 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll [2013.03.22 18:24:47 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll [2013.03.22 18:24:40 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2013.03.22 18:24:40 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll [2013.03.22 18:24:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013.03.22 18:24:28 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2013.03.22 18:24:28 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013.03.22 18:24:28 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013.03.22 18:24:28 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013.03.22 18:24:28 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013.03.22 18:24:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013.03.22 18:24:28 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013.03.22 18:24:28 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013.03.22 18:24:27 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2013.03.22 18:24:26 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2013.03.22 18:24:26 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2013.03.22 18:24:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll [2013.03.22 18:24:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll [2013.03.22 18:24:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll [2013.03.22 18:24:25 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013.03.22 18:24:25 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll [2013.03.22 18:24:25 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll [2013.03.22 18:24:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll [2013.03.22 18:24:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll [2013.03.22 18:24:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll [2013.03.22 18:24:24 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2013.03.22 18:24:24 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll [2013.03.22 18:24:24 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013.03.22 18:24:23 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll [2013.03.22 18:24:23 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll [2013.03.22 18:24:23 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2013.03.22 18:24:23 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll [2013.03.22 18:24:22 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll [2013.03.22 18:24:22 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2013.03.22 18:24:21 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2013.03.22 18:24:21 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2013.03.22 18:24:20 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2013.03.22 18:24:20 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013.03.22 18:24:20 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll [2013.03.21 18:21:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2013.03.21 16:38:56 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys [2013.03.19 23:15:24 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft [2013.03.19 22:45:35 | 000,861,088 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2013.03.19 22:39:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2013.03.19 22:39:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime [2013.03.16 15:39:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2013.03.16 15:39:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2013.03.16 15:31:59 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN [2013.03.15 15:04:24 | 003,982,240 | ---- | C] (Adobe Systems, Inc.) -- C:\Windows\SysWow64\Flash10d.ocx [2013.03.15 13:04:50 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\Amazon [2013.03.08 19:27:19 | 000,377,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2013.03.08 19:27:19 | 000,033,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2013.03.08 19:27:18 | 000,070,992 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2013.03.08 19:27:17 | 000,068,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2013.03.08 19:27:16 | 001,025,808 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2013.03.08 19:27:15 | 000,080,816 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2013.03.08 19:26:44 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2013.03.08 19:18:36 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft [2013.02.25 11:33:28 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2013.02.23 21:11:07 | 000,000,000 | ---D | C] -- C:\Users\Privat\NTUSER [2013.02.22 20:45:56 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\Programs [2013.02.22 20:44:48 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1 [2013.02.22 20:36:55 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013.02.22 20:36:52 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2013.02.22 20:36:51 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [6 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.03.24 18:10:08 | 000,022,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.03.24 18:10:08 | 000,022,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.03.24 18:02:37 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl [2013.03.24 18:02:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.03.24 18:02:22 | 3190,050,816 | -HS- | M] () -- C:\hiberfil.sys [2013.03.22 18:33:46 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.03.22 18:33:46 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013.03.22 18:33:46 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013.03.22 18:33:46 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013.03.22 18:33:46 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.03.22 18:33:46 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013.03.22 18:33:46 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.03.22 18:33:46 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013.03.22 18:33:46 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.03.22 18:33:46 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013.03.22 18:33:46 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013.03.22 18:33:46 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013.03.22 18:33:46 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013.03.22 18:33:46 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013.03.22 18:33:46 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013.03.22 18:33:46 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.03.22 18:33:46 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013.03.22 18:33:46 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013.03.22 18:33:46 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013.03.22 18:33:46 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.03.22 18:33:46 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.03.22 18:33:46 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013.03.22 18:33:46 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.03.22 18:33:46 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013.03.22 18:33:46 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.03.22 18:33:46 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013.03.22 18:33:46 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013.03.22 18:33:46 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.03.22 18:33:46 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013.03.22 18:33:46 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013.03.22 18:33:46 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.03.22 18:33:46 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2013.03.22 18:33:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013.03.22 18:33:46 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013.03.22 18:33:45 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.03.22 18:33:45 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.03.22 18:33:45 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013.03.22 18:33:45 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013.03.22 18:33:45 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.03.22 18:33:45 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013.03.22 18:33:45 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.03.22 18:33:45 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.03.22 18:33:45 | 000,526,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.03.22 18:33:45 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013.03.22 18:33:45 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013.03.22 18:33:45 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013.03.22 18:33:45 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.03.22 18:33:45 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013.03.22 18:33:45 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.03.22 18:33:45 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013.03.22 18:33:45 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013.03.22 18:33:45 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013.03.22 18:33:45 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.03.22 18:33:45 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013.03.22 18:33:45 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013.03.22 18:33:45 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013.03.22 18:33:45 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.03.22 18:33:45 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013.03.22 18:33:45 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013.03.22 18:33:45 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013.03.22 18:33:45 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.03.22 18:33:45 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013.03.22 18:33:45 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.03.22 18:33:45 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013.03.22 18:33:45 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013.03.22 18:33:45 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.03.22 18:33:45 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013.03.22 18:33:45 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2013.03.22 18:33:45 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013.03.22 18:33:45 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013.03.22 18:29:32 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013.03.22 18:29:30 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2013.03.22 18:29:30 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2013.03.22 18:29:30 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2013.03.22 18:29:30 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013.03.22 18:29:30 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2013.03.22 18:22:18 | 000,000,134 | ---- | M] () -- C:\Users\Privat\Desktop\Internet Explorer-Problembehebung.url [2013.03.21 18:21:39 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2013.03.21 15:07:46 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.03.21 15:07:46 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.03.07 00:33:21 | 001,025,808 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2013.03.07 00:33:21 | 000,377,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2013.03.07 00:33:21 | 000,178,624 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys [2013.03.07 00:33:21 | 000,070,992 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2013.03.07 00:33:21 | 000,068,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2013.03.07 00:33:21 | 000,065,336 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys [2013.03.07 00:33:20 | 000,080,816 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2013.03.07 00:33:20 | 000,033,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2013.03.07 00:32:51 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2013.03.07 00:32:22 | 000,287,840 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2013.02.25 11:12:59 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.02.25 11:12:59 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.02.25 11:12:59 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.02.25 11:12:59 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.02.25 11:12:59 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.02.23 21:30:11 | 000,376,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [6 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.03.24 09:00:15 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013.03.24 09:00:15 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013.03.24 09:00:15 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013.03.24 09:00:15 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013.03.24 09:00:15 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013.03.22 18:33:46 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2013.03.22 18:33:45 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2013.03.22 18:22:18 | 000,000,134 | ---- | C] () -- C:\Users\Privat\Desktop\Internet Explorer-Problembehebung.url [2013.03.19 22:37:17 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2013.03.08 19:27:16 | 000,178,624 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys [2013.03.08 19:27:16 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys [2013.02.25 11:13:51 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk [2012.11.26 20:51:40 | 000,245,473 | ---- | C] () -- C:\Windows\hpoins19.dat [2012.11.26 20:51:40 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat [2011.10.05 10:19:22 | 000,007,600 | ---- | C] () -- C:\Users\Privat\AppData\Local\Resmon.ResmonCfg [2011.09.26 13:42:54 | 000,000,680 | RHS- | C] () -- C:\Users\Privat\ntuser.pol [2011.06.19 21:46:46 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.06.19 14:56:15 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat [2011.06.19 14:56:15 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat [2010.02.22 03:45:21 | 3190,050,816 | -HS- | C] () -- \hiberfil.sys ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 03:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > Code:
ATTFilter OTL Extras logfile created on: 24.03.2013 18:05:50 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lexikon\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,96 Gb Total Physical Memory | 2,89 Gb Available Physical Memory | 73,06% Memory free
7,92 Gb Paging File | 6,74 Gb Available in Paging File | 85,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 134,36 Gb Total Space | 75,62 Gb Free Space | 56,28% Space Free | Partition Type: NTFS
Computer Name: ZUHAUSE-PC | User Name: Privat | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_USERS\S-1-5-21-2433319336-712607344-602622529-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_USERS\S-1-5-21-2433319336-712607344-602622529-1005\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DisableUnicastResponsesToMulticastBroadcast" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
"DoNotAllowExceptions" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D3BEEB2-99FD-4929-9272-DC8F1DD664B7}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{169EF352-0216-4FE4-8B25-BEEDC0EE7596}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{18CCAE09-899A-4D60-BEDA-3C8754CBF47F}" = rport=2869 | protocol=6 | dir=out | app=system |
"{1B678221-371B-44B5-B995-B285C36F6A21}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{1C85168A-B022-4233-AB3B-AB8FC906445D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=datei- und druckerfreigabe (spoolerdienst - rpc-epmap) |
"{30240EF1-93D4-4ACF-B89E-6DD066E34410}" = rport=445 | protocol=6 | dir=out | app=system |
"{371A9E96-7B40-4550-B9FC-6C1B6151C35E}" = lport=139 | protocol=6 | dir=in | app=system |
"{3821E25D-215E-4B5B-82BA-C96DD63A1EDB}" = lport=138 | protocol=17 | dir=in | app=system |
"{38EEE73C-4F3E-41C2-B160-FC1E2AE460EF}" = rport=138 | protocol=17 | dir=out | app=system |
"{3D7868B4-AA60-4745-9109-1DC58967DF81}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{48898B96-5E37-414C-A948-9DBB9C320A98}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{58F37191-7AB4-46EC-AEE1-870661A0CD1A}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010c\wnt500x64\rpcsandrasrv.exe |
"{7F8D2C41-0F44-40A0-AB64-D1D09ABE880C}" = rport=137 | protocol=17 | dir=out | app=system |
"{8BB792EE-05D9-4C82-B25A-8CE24D8C1B6C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8D53051B-AEDF-427A-A192-1B16371D3B0A}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{92006AF4-32E3-447C-8D3C-BB9AA1D7BD55}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AAB36712-73B8-49FC-B836-62A25F3E6C9F}" = lport=137 | protocol=17 | dir=in | app=system |
"{B1D6DCF4-DFF3-4E2E-A664-2B66127229BB}" = lport=445 | protocol=6 | dir=in | app=system |
"{B7A9846D-921D-42EF-BBAA-431EE7D2A7FC}" = rport=139 | protocol=6 | dir=out | app=system |
"{BB288BD9-9AF0-458C-8EB9-805E108A394A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DAFDD2DE-D080-4459-BBCC-B8DE4C6E0BC3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E1542615-CFE1-4D3E-B6C4-5453C6D584E9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{EFB9AC43-06DE-4F14-93C2-180557DD1A61}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0160F92F-4890-4F94-85FC-27A22680F0B2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{0752EADB-02C4-440C-A6C1-0C92AC1E7D37}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{0871D5CB-CF23-4450-892B-5C7F62E0D870}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{12968749-A132-486B-88EA-CC95C6C527A1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{12FA50E6-B627-402B-9A94-D318563E0366}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{1777FB9C-8E61-4A6C-A5D3-18FA4F732A65}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{3018C003-494C-4BEF-BFCB-E5047E9A3F8B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{3883E3EE-FA7C-4048-BCFC-6DAF075ACEF8}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{39B7F23E-DC7A-4C97-BFA5-4B958A6BBB6A}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{3D9C9DA0-4AC6-4177-B149-6C97EB8459DE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{409CAAD4-F957-4066-9CBE-26C50968F3CD}" = protocol=17 | dir=in | app=c:\users\privat\appdata\local\temp\7zs594d\hpdiagnosticcoreui.exe |
"{41F28F8A-6F95-4759-80F2-C04EFF59BFD8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{4CECDB66-0172-476B-A73C-6C24BEB327BF}" = protocol=58 | dir=out | name=datei- und druckerfreigabe (echoanforderung - icmpv6 ausgehend) |
"{4D75EFAE-813C-4869-9FA5-49A09ACC7E3B}" = protocol=58 | dir=in | name=gemeinsame nutzung der internetverbindung (routeranfrage, eingehend) |
"{4E20D7B7-364C-487D-A21C-D2DADAE664FF}" = protocol=6 | dir=in | app=c:\users\privat\appdata\local\temp\7zs54c9\hpdiagnosticcoreui.exe |
"{4FCDD0F8-1BB6-480B-9BD1-94A4E2D7188C}" = protocol=1 | dir=out | name=datei- und druckerfreigabe (echoanforderung - icmpv4 ausgehend) |
"{50B61AAF-EF03-4D82-800F-90D1E0841B43}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{51497F40-FE20-4E84-A1BE-890831F92479}" = protocol=17 | dir=in | app=c:\users\lexikon\appdata\local\temp\7zs56a9\hppiw.exe |
"{5CC7EC3F-2EE2-4590-8026-DBFC890892EA}" = protocol=6 | dir=in | app=c:\users\lexikon\appdata\local\temp\7zs56a9\hppiw.exe |
"{5DB4249E-EAA4-47FA-9D4D-D98A221013E0}" = protocol=17 | dir=in | app=c:\program files (x86)\avira\antivir desktop\update.exe |
"{5F0D20F0-1A64-44AC-B365-658FE3745506}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{6748EACA-9B34-4AD3-9C68-85B6551BFBB6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{69698779-A8C6-4496-9E0A-2B253F2C2A35}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{6C509A7B-B48E-4B7B-B89B-1F540740525D}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010c\wnt500x64\rpcsandrasrv.exe |
"{6FCBD6E2-E56B-4C4A-89E2-36E0492A2B6B}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{7258240C-2BAC-4C4A-B2E9-9F8F16C3CF4F}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{7741CFF8-2872-49AF-AC5E-E34D93449C08}" = protocol=6 | dir=in | app=c:\program files (x86)\avira\antivir desktop\update.exe |
"{7A05CA96-F03D-46AD-930F-77A2F894480E}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\powerdvd.exe |
"{7B5A9508-CDA0-41C9-A943-35A10D58A3FE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7D0DFA47-9E9A-44D2-8FCF-54BD462CFE5B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{8510761F-77C1-4E26-BE0E-1727050A6A5B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{890DF0A3-A78C-4946-B631-A8B77C3FCEFC}" = protocol=6 | dir=in | app=c:\users\lexikon\appdata\local\temp\7zs5b92\hppiw.exe |
"{89BC8AE6-E6DA-4F6F-8344-4A39F28402B4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{8AA4B592-69F3-430A-90D4-26A59FEB0E7D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{8E7D0B6B-880E-476B-9064-F4210CD65AD3}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{9A72217D-C78D-4F85-89F6-3EBF8BB83AEF}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{9C74E43A-BA4F-427A-A90F-1AF4C4BEB418}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{B3BBD909-10B7-48B5-8FE5-3171D9D3052A}" = protocol=17 | dir=in | app=c:\users\privat\appdata\local\temp\7zs54c9\hpdiagnosticcoreui.exe |
"{B7BA88CD-A241-40EE-9479-FFBE9BB3FD3F}" = protocol=17 | dir=in | app=c:\users\lexikon\appdata\local\temp\7zs53eb\hppiw.exe |
"{B88F99B4-3C64-4A38-BF78-77CEC35ACD8E}" = protocol=6 | dir=in | app=c:\users\lexikon\appdata\local\temp\7zs53eb\hppiw.exe |
"{C84205D6-149D-4E6A-97DB-3AB43F0188EB}" = protocol=6 | dir=in | app=c:\users\privat\appdata\local\temp\7zs594d\hpdiagnosticcoreui.exe |
"{D1338203-3055-4DAF-895E-4054A152ED25}" = protocol=17 | dir=in | app=c:\users\lexikon\appdata\local\temp\7zs5130\hppiw.exe |
"{D7A9B744-9A63-4893-9C40-F1B1DF56D7F9}" = protocol=58 | dir=in | name=datei- und druckerfreigabe (echoanforderung - icmpv6 eingehend) |
"{DCEAB655-C4FD-416C-9188-43DB4BE551E8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{E54D5323-C487-427B-BD4A-51EB25EA2D5C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{E928AF9E-527A-4660-A5C9-E05E235044BF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{EC0E1D7A-8921-4EE6-B9FA-F5DD815B507B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{F265D8F0-6E66-4026-98D9-A51A1973A955}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe |
"{F37152A9-C0A5-4676-BF27-B41C156C557F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{F4732F9B-DDD7-41E0-AD21-B77BFF9AEE95}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{F5BDCF63-A93C-4D60-AB1F-63DF63A26A68}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{F6203B54-5890-47A6-9D22-274389EC9EAE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{F724380A-6FF6-4CD9-AE5A-47AC538C0C79}" = protocol=1 | dir=in | name=datei- und druckerfreigabe (echoanforderung - icmpv4 eingehend) |
"{F95177EF-AD55-4878-9205-CA3DD4669449}" = protocol=17 | dir=in | app=c:\users\lexikon\appdata\local\temp\7zs5b92\hppiw.exe |
"{FCF22CE6-A6BB-4A97-8069-EB4E815657CA}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{FF1DCF63-355B-4FC8-970C-06425C511BB5}" = protocol=6 | dir=in | app=c:\users\lexikon\appdata\local\temp\7zs5130\hppiw.exe |
"TCP Query User{37DC5125-3596-4C55-A68E-A2624CED6AC2}C:\program files (x86)\quicktime\quicktimeplayer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\quicktime\quicktimeplayer.exe |
"TCP Query User{3AC9D01C-63BC-4B1F-A1A5-B4AB5D18D95E}C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spybot - search & destroy 2\sdfiles.exe |
"TCP Query User{3FA974A5-DE70-41FA-AFE0-C23C5C6F3C82}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"TCP Query User{684900E8-E090-4F7C-A534-33F43A9D114E}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"TCP Query User{83FD3689-580B-49FC-AD72-758C939667FE}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"TCP Query User{C92EC406-7717-48DA-B153-8A2B94A8542E}C:\windows\system32\wfs.exe" = protocol=6 | dir=in | app=c:\windows\system32\wfs.exe |
"UDP Query User{07FC74A7-517D-4708-AFAA-BB5A5AD87F08}C:\program files (x86)\quicktime\quicktimeplayer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\quicktime\quicktimeplayer.exe |
"UDP Query User{2DEE06A5-89FB-43E6-AE70-13C4CC1DA322}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"UDP Query User{72C2C284-9A95-48C7-AC70-FE2E5D34694B}C:\windows\system32\wfs.exe" = protocol=17 | dir=in | app=c:\windows\system32\wfs.exe |
"UDP Query User{7B7AB578-A0DC-42FF-BF8B-E9B66651863C}C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spybot - search & destroy 2\sdfiles.exe |
"UDP Query User{91EC5400-E85E-4C47-84C4-E30A4FE53FE8}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"UDP Query User{A061C958-7E9B-444D-B051-B1578160D0D4}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{08C3441C-4FAF-48D3-A551-70DD6031734F}" = Microsoft Baseline Security Analyzer 2.2
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{26A24AE4-039D-4CA4-87B4-2F86417000FF}" = Java(TM) 7 (64-bit)
"{369ABA06-0536-4E6A-A1FC-40983E268F47}" = Nitro PDF Reader 2
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{E60B7350-EA5F-41E0-9D6F-E508781E36D2}" = Dell Dock
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Dell Wireless WLAN Card Utility" = Dell Wireless WLAN Card Utility
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"VLC media player" = VLC media player 2.0.5
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{11B569C2-4BF6-4ED0-9D17-A4273943CB24}" = Adobe Photoshop Album 2.0 Starter Edition
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3A9FE5C3-799E-4E41-AF4E-943F9BC4C4BD}_is1" = All My Books 1.3 for PC-WELT
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5CBDF0C2-6FD1-4A32-9A0A-143D9AB91CCE}" = Microsoft Windows Debugging Symbols
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73006B34-9743-4A39-AC37-38EDFCEB6DCE}" = Adobe Product/Adobe Studio Update 10/2001
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D88A7919-C81E-4F6A-8B77-D1B2E42EE0CD}" = One Button
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E12C6653-1FF0-4686-ADB8-589C13AE761F}" = Citavi
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1" = AntiBrowserSpy
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"0190Warner" = 0190 Warner 3.50
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"Digital Editions" = Adobe Digital Editions
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Non Driver CIO Components" = Non Driver CIO Components
"PPTView97" = Microsoft PowerPoint Viewer 97
"RealPlayer 12.0" = RealPlayer
"WildTangent dell Master Uninstall" = WildTangent-Spiele
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2433319336-712607344-602622529-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Kindle" = Amazon Kindle
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2433319336-712607344-602622529-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 20 Event Log Errors ==========
[ Broadcom Wireless LAN Events ]
Error - 26.02.2010 07:49:36 | Computer Name = Home-PC | Source = WLAN-Tray | ID = 0
Description = 12:49:36, Fri, Feb 26, 10 Error - Unable to get current user admin
status
Error - 26.02.2010 07:50:01 | Computer Name = Home-PC | Source = WLAN-Tray | ID = 0
Description = 12:50:01, Fri, Feb 26, 10 Error - Unable to get current user admin
status
Error - 26.02.2010 07:51:44 | Computer Name = Home-PC | Source = WLAN-Tray | ID = 0
Description = 12:51:44, Fri, Feb 26, 10 Error - Unable to switch user context, authentication
information not set correctly
[ System Events ]
Error - 24.03.2013 12:42:15 | Computer Name = Zuhause-PC | Source = DCOM | ID = 10010
Description =
Error - 24.03.2013 13:05:01 | Computer Name = Zuhause-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
< End of report >
 Neuer Nachtrag: Hatte kurzfristig auch Einwahlprobleme. Bin dann über eine andere Verbindung ins Netz gegangen. Danach funktionierte auch die vorherige Verbindung wieder und das Problem mit dem Mail-Programm hatte sich dann auch erledigt. Ist also, hoffentlich, alles wieder in Ordnung. |
|
25.03.2013, 15:24
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.03.2013, 00:26
| #13 |
| | Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden Hallo, gibt es noch ein anderes Programm als Eset? Beim Download der Komponenten, also nach dem ersten Klick auf Start, tut sich hier nicht wirklich viel, wahrscheinlich weil ich hier hinter einem seeehr langsamen Modem sitze  |
|
| Themen zu Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden |
| antivirenprogramm, compu, computer, dateien, explorer.exe, forum, gelöscht, gelöschte, gelöschten, gespeichert, korrekt, landen, papierkorb, problem, programm, prüfen, sofort, tagen, virus, virustotal, vollständig |
Linear-Darstellung
