Ordner Webcake lässt sich nicht löschen

Sebi88 · 04.06.2013, 10:16

Hallo,

habe mir Webcake und Deltsearch eingefangen, diese habe ich bereits über die Systemsteuerung entfernen können.

Auf der Festplatte unter Windows Vista habe ich jedoch im Ordner Programm Files einen Ordner Namens "Webcake" gefunden welchen ich nicht löschen kann da ich keine Berechtigung von Webcake besitze.

Bitte um Hilfe

cosinus · 04.06.2013, 10:39

Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die jemals fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Sebi88 · 04.06.2013, 10:45

Nein, sind nicht fündig geworden

cosinus · 04.06.2013, 10:46

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.

Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.
Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.
Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!
Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!
Die Logs der aufgegebenen Tools wie zB Malwarebytes sind immer zu posten - egal ob ein Fund dabei war oder nicht!
Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.

Erstmal eine Kontrolle mit OTL bitte:

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Setze oben mittig den Haken bei Scanne alle Benutzer
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles hier in CODE-Tags in den Thread.

Sebi88 · 04.06.2013, 11:21

Code:

ATTFilter

OTL logfile created on: 04.06.2013 11:58:56 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Sebi\Desktop
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,12 Gb Available Physical Memory | 56,17% Memory free
4,20 Gb Paging File | 2,98 Gb Available in Paging File | 70,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 92,21 Gb Total Space | 9,60 Gb Free Space | 10,42% Space Free | Partition Type: NTFS
Drive D: | 45,12 Gb Total Space | 27,84 Gb Free Space | 61,70% Space Free | Partition Type: NTFS
 
Computer Name: SEBI-PC | User Name: Sebi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Sebi\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe ()
PRC - C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\1&1 Surf-Stick\AssistantServices.exe ()
PRC - C:\Program Files\1&1 Surf-Stick\UIExec.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
PRC - C:\Windows\System32\sdclt.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe ()
MOD - c:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\Program Files\1&1 Surf-Stick\UIExec.exe ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\7208ffa39630e9b923331f9df0947a12\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1941d7639299344ae28fb6b23da65247\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6312464f64727a2a50d5ce3fd73ad1bb\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\52e1ea3c7491e05cda766d7b3ce3d559\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\17f572b09facdc5fda9431558eb7a26e\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Program Files\PSPad editor\PSPadShell.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2840.38318__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2840.38373__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2840.38353__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2840.38361__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2840.38616__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2840.38587__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2840.38579__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2840.38537__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2840.38473__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2840.38339__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2840.38621__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2840.38332__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2840.38482__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2840.38565__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2840.38545__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.2840.38609__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2840.38552__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2840.38481__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2840.38545__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.2840.38609__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2840.38580__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2840.38387__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2840.38475__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2840.38340__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2840.38524__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2840.38467__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2840.38392__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2840.38380__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2840.38504__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2840.38474__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2840.38392__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2840.38481__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2840.38503__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2840.38523__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2791.32000__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2791.31999__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2791.32011__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2791.31986__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2791.31992__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2791.32016__90ba9c70f846762e\DEM.OS.I0602.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2791.32006__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2791.32016__90ba9c70f846762e\DEM.OS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2791.32015__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2791.32024__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2791.32025__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2791.32027__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2791.32002__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2791.32027__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2791.31988__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2791.32015__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2833.15324__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2791.32041__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2791.32007__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2791.32434__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2791.32014__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2791.32039__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2791.32041__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2791.32039__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2791.32007__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2791.31999__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2791.31995__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2791.32029__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2791.32001__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2791.32029__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2791.32040__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2791.32014__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2833.15304__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2833.15206__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2791.31987__90ba9c70f846762e\AEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2791.32006__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2791.32001__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2840.38348__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2840.38594__90ba9c70f846762e\CLI.Component.Systemtray.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2840.38602__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2840.38601__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2791.31996__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2791.32008__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2840.38644__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2791.31993__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2791.32039__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.2840.38594_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2791.32009__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2840.38309__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2840.38327__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2840.38310__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2840.38311__90ba9c70f846762e\ATIDEMOS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2840.38310__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2840.38309__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2791.32004__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2840.38602__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2791.32010__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2791.32030__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\Windows\System32\atitmmxx.dll ()
MOD - C:\Program Files\Motorola\SMSERIAL\sm56ita.dll ()
MOD - C:\Program Files\Motorola\SMSERIAL\sm56esp.dll ()
MOD - C:\Program Files\Motorola\SMSERIAL\sm56brz.dll ()
MOD - C:\Program Files\Motorola\SMSERIAL\sm56kor.dll ()
MOD - C:\Program Files\Motorola\SMSERIAL\sm56ger.dll ()
MOD - C:\Program Files\Motorola\SMSERIAL\sm56fra.dll ()
MOD - C:\Program Files\Motorola\SMSERIAL\sm56dnk.dll ()
MOD - C:\Program Files\Motorola\SMSERIAL\sm56jpn.dll ()
MOD - C:\Program Files\Motorola\SMSERIAL\sm56cht.dll ()
MOD - C:\Program Files\Motorola\SMSERIAL\sm56chs.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (BrowserDefendert) -- C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe ()
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (UI Assistant Service) -- C:\Program Files\1&1 Surf-Stick\AssistantServices.exe ()
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (TestHandler) -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Siemens Computers)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (sxuptp) -- system32\DRIVERS\sxuptp.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (IntcAzAudAddService) -- system32\drivers\RTKVHDA.sys File not found
DRV - (hwusbdev) -- system32\DRIVERS\ewusbdev.sys File not found
DRV - (hwdatacard) -- system32\DRIVERS\ewusbmdm.sys File not found
DRV - (ewusbnet) -- system32\DRIVERS\ewusbnet.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (ZTEusbser6k) -- C:\Windows\System32\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV - (ZTEusbnmea) -- C:\Windows\System32\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV - (ZTEusbmdm6k) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV - (massfilter) -- C:\Windows\System32\drivers\massfilter.sys (ZTE Incorporated)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
DRV - (RMCAST) -- C:\Windows\System32\drivers\rmcast.sys (Microsoft Corporation)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (nvrd32) -- C:\Windows\System32\drivers\nvrd32.sys (NVIDIA Corporation)
DRV - (nvstor32) -- C:\Windows\System32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (JRAID) -- C:\Windows\System32\drivers\jraid.sys (JMicron Technology Corp.)
DRV - (itecir) -- C:\Windows\System32\drivers\itecir.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3356950530-3592456592-3535814550-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?affID=119294&tt=gc_&babsrc=HP_ss&mntrId=4A110016449A8B4C
IE - HKU\S-1-5-21-3356950530-3592456592-3535814550-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-3356950530-3592456592-3535814550-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3356950530-3592456592-3535814550-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-3356950530-3592456592-3535814550-1000\..\SearchScopes,DefaultScope = {E358CE1B-CF20-46DF-9152-AF420ED56D33}
IE - HKU\S-1-5-21-3356950530-3592456592-3535814550-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.delta-search.com/?q={searchTerms}&affID=122471&tt=gc_&babsrc=SP_ss&mntrId=4A110016449A8B4C
IE - HKU\S-1-5-21-3356950530-3592456592-3535814550-1000\..\SearchScopes\{E358CE1B-CF20-46DF-9152-AF420ED56D33}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADFA_deDE493
IE - HKU\S-1-5-21-3356950530-3592456592-3535814550-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3356950530-3592456592-3535814550-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Delta Search"
FF - prefs.js..browser.startup.homepage: "hxxp://search.babylon.com/?affID=119294&tt=gc_&babsrc=HP_ss_gin2g&mntrId=4A110016449A8B4C"
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.05 13:50:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\singalong@xenophesoft.com: C:\Program Files\SingAlong\FF\
 
[2012.02.29 23:20:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sebi\AppData\Roaming\mozilla\Extensions
[2013.06.04 10:39:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sebi\AppData\Roaming\mozilla\Firefox\Profiles\jqzi0asx.default\extensions
[2013.06.02 11:47:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sebi\AppData\Roaming\mozilla\Firefox\Profiles\jqzi0asx.default\extensions\ffxtlbr@babylon.com
[2013.06.02 11:47:17 | 000,000,000 | ---D | M] (Delta Toolbar) -- C:\Users\Sebi\AppData\Roaming\mozilla\Firefox\Profiles\jqzi0asx.default\extensions\ffxtlbr@delta.com
[2013.06.04 10:54:13 | 000,006,503 | ---- | M] () -- C:\Users\Sebi\AppData\Roaming\mozilla\firefox\profiles\jqzi0asx.default\searchplugins\babylon.xml
[2013.06.04 10:54:13 | 000,006,503 | ---- | M] () -- C:\Users\Sebi\AppData\Roaming\mozilla\firefox\profiles\jqzi0asx.default\searchplugins\BrowserDefender.xml
[2013.06.02 11:47:20 | 000,001,294 | ---- | M] () -- C:\Users\Sebi\AppData\Roaming\mozilla\firefox\profiles\jqzi0asx.default\searchplugins\delta.xml
[2012.02.29 23:20:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.05.20 10:39:33 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.02.16 13:02:53 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.16 12:48:01 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.02.16 13:02:53 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.16 13:02:53 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.16 13:02:53 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.16 13:02:53 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - homepage: hxxp://www.google.com
CHR - Extension: No name found = C:\Users\Sebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\abepbblpkilpjohncjbccmdjhdhbnhdj\1.111\
CHR - Extension: No name found = C:\Users\Sebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0\
CHR - Extension: No name found = C:\Users\Sebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh\1.0.3_0\
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - No CLSID value found.
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Sing Along) - {6492E171-2427-4932-B414-33574A089F5E} - C:\Program Files\SingAlong\singalng.dll File not found
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.21.5\bh\delta.dll File not found
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.21.5\deltaTlbr.dll File not found
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-21-3356950530-3592456592-3535814550-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-3356950530-3592456592-3535814550-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [recinfo363] c:\RecInfo\RecInfo.exe ()
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [UIExec] C:\Program Files\1&1 Surf-Stick\UIExec.exe ()
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3356950530-3592456592-3535814550-1000..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKU\S-1-5-21-3356950530-3592456592-3535814550-1000..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O7 - HKU\S-1-5-21-3356950530-3592456592-3535814550-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3356950530-3592456592-3535814550-1000\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKU\S-1-5-21-3356950530-3592456592-3535814550-1000\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2BA29248-E328-4F47-8FCB-7DF09A9DF028}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{56DB8462-5E2B-49DC-BE0D-A3171456916D}: DhcpNameServer = 192.168.178.1
O20 - AppInit_DLLs: (c:\progra~2\browse~1\261339~1.144\{c16c1~1\browse~1.dll) - c:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Sebi\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Sebi\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1a97f30d-82a6-11dd-ae3e-00030d8a9448}\Shell - "" = AutoRun
O33 - MountPoints2\{1a97f30d-82a6-11dd-ae3e-00030d8a9448}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{2a8e0fcd-bd35-11e0-a6b9-c38055c90838}\Shell - "" = AutoRun
O33 - MountPoints2\{2a8e0fcd-bd35-11e0-a6b9-c38055c90838}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{2b54fd12-2f5c-11df-9272-85e79bb30f6d}\Shell - "" = AutoRun
O33 - MountPoints2\{2b54fd12-2f5c-11df-9272-85e79bb30f6d}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{2b54fd30-2f5c-11df-9272-85e79bb30f6d}\Shell - "" = AutoRun
O33 - MountPoints2\{2b54fd30-2f5c-11df-9272-85e79bb30f6d}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{331eab63-3009-11df-94f7-934524e3e677}\Shell - "" = AutoRun
O33 - MountPoints2\{331eab63-3009-11df-94f7-934524e3e677}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{3a3e7cab-a8ba-11e0-a999-ac681bd9894c}\Shell - "" = AutoRun
O33 - MountPoints2\{3a3e7cab-a8ba-11e0-a999-ac681bd9894c}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{53f50937-a66e-11e0-b1fb-8dce06802d0b}\Shell - "" = AutoRun
O33 - MountPoints2\{53f50937-a66e-11e0-b1fb-8dce06802d0b}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{53f5094d-a66e-11e0-b1fb-8dce06802d0b}\Shell - "" = AutoRun
O33 - MountPoints2\{53f5094d-a66e-11e0-b1fb-8dce06802d0b}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{53f5095c-a66e-11e0-b1fb-a081b7852382}\Shell - "" = AutoRun
O33 - MountPoints2\{53f5095c-a66e-11e0-b1fb-a081b7852382}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{578cc584-825f-11dd-92f1-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{578cc584-825f-11dd-92f1-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{578cc70c-825f-11dd-92f1-00030d8a9448}\Shell - "" = AutoRun
O33 - MountPoints2\{578cc70c-825f-11dd-92f1-00030d8a9448}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{5bcbadcc-8187-11df-a27e-c8bfeac83c41}\Shell - "" = AutoRun
O33 - MountPoints2\{5bcbadcc-8187-11df-a27e-c8bfeac83c41}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{897fdfd3-7812-11e2-be0c-cb2a230adf05}\Shell - "" = AutoRun
O33 - MountPoints2\{897fdfd3-7812-11e2-be0c-cb2a230adf05}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{897fdfe1-7812-11e2-be0c-9eb46d1431fe}\Shell - "" = AutoRun
O33 - MountPoints2\{897fdfe1-7812-11e2-be0c-9eb46d1431fe}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{897fdfec-7812-11e2-be0c-8a5a6e6ec577}\Shell - "" = AutoRun
O33 - MountPoints2\{897fdfec-7812-11e2-be0c-8a5a6e6ec577}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{897fe00d-7812-11e2-be0c-d540b31411da}\Shell - "" = AutoRun
O33 - MountPoints2\{897fe00d-7812-11e2-be0c-d540b31411da}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{897fe019-7812-11e2-be0c-add60f76ea31}\Shell - "" = AutoRun
O33 - MountPoints2\{897fe019-7812-11e2-be0c-add60f76ea31}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{8eba6c97-74e7-11dd-a81a-00030d8a9448}\Shell - "" = AutoRun
O33 - MountPoints2\{8eba6c97-74e7-11dd-a81a-00030d8a9448}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{8eba6ca9-74e7-11dd-a81a-00030d8a9448}\Shell - "" = AutoRun
O33 - MountPoints2\{8eba6ca9-74e7-11dd-a81a-00030d8a9448}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{9ccf0fec-74f2-11dd-987c-00030d8a9448}\Shell - "" = AutoRun
O33 - MountPoints2\{9ccf0fec-74f2-11dd-987c-00030d8a9448}\Shell\AutoRun\command - "" = H:\SETUP.EXE
O33 - MountPoints2\{9ccf0fec-74f2-11dd-987c-00030d8a9448}\Shell\configure\command - "" = H:\SETUP.EXE
O33 - MountPoints2\{9ccf0fec-74f2-11dd-987c-00030d8a9448}\Shell\install\command - "" = H:\SETUP.EXE
O33 - MountPoints2\{a1f1d147-c92e-11dd-9cab-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a1f1d147-c92e-11dd-9cab-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{a59960ab-050a-11de-abe2-00030d8a9448}\Shell - "" = AutoRun
O33 - MountPoints2\{a59960ab-050a-11de-abe2-00030d8a9448}\Shell\AutoRun\command - "" = F:\pushinst.exe
O33 - MountPoints2\{b1969f8e-b1eb-11e0-ac97-a924cffa13b9}\Shell - "" = AutoRun
O33 - MountPoints2\{b1969f8e-b1eb-11e0-ac97-a924cffa13b9}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{b7f5f15d-8b08-11dd-b114-00030d8a9448}\Shell\AutoRun\command - "" = G:\InstallTomTomHOME.exe
O33 - MountPoints2\{c922581d-b1ec-11e0-ad02-c70c066ef1ba}\Shell - "" = AutoRun
O33 - MountPoints2\{c922581d-b1ec-11e0-ad02-c70c066ef1ba}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{fe05dc3c-b2cc-11e0-aee9-bc818e616486}\Shell - "" = AutoRun
O33 - MountPoints2\{fe05dc3c-b2cc-11e0-aee9-bc818e616486}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.04 11:54:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Sebi\Desktop\OTL.exe
[2013.06.04 11:50:23 | 000,000,000 | ---D | C] -- C:\Program Files\UtilityChest_49EI
[2013.06.04 10:54:11 | 000,000,000 | ---D | C] -- C:\Users\Sebi\AppData\Local\Babylon
[2013.06.02 15:30:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\Extensions
[2013.06.02 15:30:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\searchplugins
[2013.06.02 11:47:55 | 000,000,000 | ---D | C] -- C:\Users\Sebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
[2013.06.02 11:47:33 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserDefender
[2013.06.02 11:47:21 | 000,000,000 | ---D | C] -- C:\Users\Sebi\AppData\Roaming\BabSolution
[2013.06.02 11:47:16 | 000,000,000 | ---D | C] -- C:\Users\Sebi\AppData\Roaming\Delta
[2013.06.02 11:47:06 | 000,000,000 | ---D | C] -- C:\Program Files\WebCake
[2013.06.02 11:46:56 | 000,000,000 | ---D | C] -- C:\Users\Sebi\AppData\Roaming\Babylon
[2013.06.02 11:46:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2013.06.02 11:46:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2013.06.02 11:46:51 | 000,000,000 | ---D | C] -- C:\Users\Sebi\AppData\Roaming\GoforFiles
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.04 12:03:21 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{6729A8B8-59BC-4D3F-AC70-E33F479ADC8B}.job
[2013.06.04 12:02:15 | 000,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.04 12:02:15 | 000,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.04 11:57:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.04 11:55:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sebi\Desktop\OTL.exe
[2013.06.04 11:25:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.04 11:08:26 | 000,651,350 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.06.04 11:08:26 | 000,618,470 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.06.04 11:08:26 | 000,121,114 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.06.04 11:08:26 | 000,107,614 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.06.04 11:02:23 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.04 11:01:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.04 11:01:49 | 2145,837,056 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.02 12:04:50 | 000,446,306 | ---- | M] () -- C:\Users\Sebi\Documents\_Nie-wieder-zu-frueh-kommen.pdf
[2013.05.30 17:59:27 | 000,001,937 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.05.14 21:25:53 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.05.14 21:25:53 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.06.02 12:04:50 | 000,446,306 | ---- | C] () -- C:\Users\Sebi\Documents\_Nie-wieder-zu-frueh-kommen.pdf
[2010.05.16 21:33:12 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.02.05 10:19:20 | 000,000,829 | ---- | C] () -- C:\Users\Sebi\FLV Player.lnk
[2009.05.20 10:35:00 | 000,006,196 | ---- | C] () -- C:\Users\Sebi\AppData\Roaming\wklnhst.dat
[2009.01.09 18:53:42 | 000,000,600 | ---- | C] () -- C:\Users\Sebi\AppData\Roaming\winscp.rnd
[2008.12.11 17:21:30 | 000,000,092 | ---- | C] () -- C:\Users\Sebi\AppData\Local\fusioncache.dat
[2008.10.28 17:32:17 | 000,000,680 | ---- | C] () -- C:\Users\Sebi\AppData\Local\d3d9caps.dat
[2008.10.22 17:11:31 | 000,061,952 | ---- | C] () -- C:\Users\Sebi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.08.28 12:20:44 | 000,024,064 | ---- | C] () -- C:\Users\Sebi\AppData\Roaming\UserTile.png
 
========== ZeroAccess Check ==========
 
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2008.11.06 14:57:06 | 011,315,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.03.03 06:16:12 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2006.11.02 11:46:13 | 000,348,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

Code:

ATTFilter

OTL Extras logfile created on: 04.06.2013 11:58:56 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Sebi\Desktop
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,12 Gb Available Physical Memory | 56,17% Memory free
4,20 Gb Paging File | 2,98 Gb Available in Paging File | 70,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 92,21 Gb Total Space | 9,60 Gb Free Space | 10,42% Space Free | Partition Type: NTFS
Drive D: | 45,12 Gb Total Space | 27,84 Gb Free Space | 61,70% Space Free | Partition Type: NTFS
 
Computer Name: SEBI-PC | User Name: Sebi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3356950530-3592456592-3535814550-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01502646-C366-4EAB-B534-984FC4518021}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{08CBFD53-9648-45A7-98A3-3DDF19674FF6}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{0D9A264C-28B2-42C5-889A-7A64071C6258}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{4BCA737E-8E56-44CA-9A67-DE6889477668}" = rport=2869 | protocol=6 | dir=out | app=system | 
"{4FE707F8-E2FA-447F-B281-369F2A1A9DE4}" = rport=139 | protocol=6 | dir=out | app=system | 
"{59A24A9D-CC95-41B7-8F26-72855042BBB2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{5AC61FDE-A35D-421C-BAF4-F1DF4D187F7F}" = lport=137 | protocol=17 | dir=in | app=system | 
"{5FA7788D-34B3-498B-B892-A3C016D1828B}" = lport=139 | protocol=6 | dir=in | app=system | 
"{66FD812A-B958-4DF2-BE39-0B8A3DFD3A58}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{6B1D7C17-76C2-4930-A5FA-34559016846B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{76AD4156-4932-48EB-A6EA-2A30FD7254ED}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{8809DD59-11D4-401F-A8A3-AAE48D6071B7}" = rport=137 | protocol=17 | dir=out | app=system | 
"{8D31926C-C7D0-4D06-BADC-78E9024ACF9C}" = rport=138 | protocol=17 | dir=out | app=system | 
"{8FC6FBD2-E59D-4D58-920F-20FA6FFE3FB9}" = lport=138 | protocol=17 | dir=in | app=system | 
"{928F352C-5B6C-40EF-8D97-9BDD42DCD072}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{9B5E0BF2-9B2F-44EE-B485-96BD669B6720}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{A39B798B-7A1F-43EB-A720-24B038FC9968}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{A3DB04FF-5DD5-4A19-AE30-31DB297DB1CA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{AD3E6B7B-729A-4954-8283-B8BF748A0AE3}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{B8B11F31-C20B-44E2-B847-F926A55CDCAD}" = lport=445 | protocol=6 | dir=in | app=system | 
"{B9514880-1C10-46B2-A301-EBB9A045D7D2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{CDE63819-708A-4933-B7D8-E9B901D4A245}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{DA573CF1-4D35-40C2-929E-647FBE45702D}" = rport=445 | protocol=6 | dir=out | app=system | 
"{DB523F25-96F3-4C43-AC5A-CC4E122B0127}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{F8BCA86C-E72E-4572-BDA1-A93F57D83B81}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01DFBA59-C95B-43CF-A56C-8E2F5E56BCD3}" = dir=in | app=c:\program files\cyberlink\powerdv\powerdv.exe | 
"{02E709EA-A4B5-43B0-BAEB-66D8C317E527}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{05B7AAE1-6F45-4D98-ABFF-D5AF3D18B6EA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{153F099A-0B02-4E47-9A0D-E81441EC19E9}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{20D1417D-C624-4C43-B2E2-12E30345785B}" = protocol=6 | dir=in | app=c:\program files\goforfiles\goforfilesdl.exe | 
"{224DFFF2-BDCC-4EB8-895B-4078BE92EC2C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{262991C5-8F69-4921-88C5-C34C1387A82A}" = protocol=17 | dir=in | app=c:\program files\smartftp client\smartftp.exe | 
"{2A987373-CC7F-434E-8EF5-77550B87C98B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{307E2BA2-6FF7-4B4C-8063-3887A1F97FEB}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{3A32B507-852B-45FE-86E0-AE9D027E2121}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 | 
"{41395CFB-76B2-4791-8172-4FFED30C07A7}" = protocol=17 | dir=in | app=c:\program files\goforfiles\goforfilesdl.exe | 
"{44A83E5F-BE0F-4F35-86EA-A7AE744C68A4}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{4518F18C-5AF5-4D20-A895-4445FC00A22B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{6A672285-8E33-4DEA-BCEB-E7FE3B024793}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{6A895198-CBFE-47B3-9BFB-174D4C4DC0CB}" = protocol=17 | dir=in | app=c:\users\sebi\appdata\local\temp\7zsf556.tmp\symnrt.exe | 
"{703BB9EE-A03A-4606-B2C1-1B0391A928C6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{74846FC3-AB5A-4065-AC41-95F3FF762D4D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{84DC398C-C1D0-4C13-984B-BD83AD2D7C10}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{8F14B8F7-F1B4-42C9-8062-6713CA0E348B}" = protocol=6 | dir=in | app=c:\program files\smartftp client\smartftp.exe | 
"{9197FA0B-5474-478F-81B3-9D01AE18A07A}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{96BDC564-1CC8-44DF-B0D1-2C4D7F4BC98E}" = protocol=17 | dir=in | app=c:\program files\goforfiles\goforfiles.exe | 
"{9B2883F2-0A47-4AE0-86DC-F6488FF54ADB}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | 
"{A964D770-FB5A-4305-BC13-A5096DECE8FA}" = protocol=6 | dir=in | app=c:\users\sebi\appdata\local\temp\7zsf556.tmp\symnrt.exe | 
"{C0DD7E78-B181-4A1E-A038-57749E5BE290}" = protocol=6 | dir=in | app=c:\program files\goforfiles\goforfiles.exe | 
"{C522492A-BF8B-4176-8E94-5ADC9E5BEA11}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{C84E9912-56E8-4B7A-A79F-9C0E6F5BDAC5}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{C9513B13-665E-436B-A70A-0AFC3FC246FA}" = protocol=17 | dir=in | app=c:\programme\ftp-uploader\ftpuploader.exe | 
"{CBB8D5CE-5271-45CE-BC8A-32BE43976026}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{D51E5B40-7ECF-437A-9B39-FE3799F603CB}" = protocol=6 | dir=in | app=c:\programme\ftp-uploader\ftpuploader.exe | 
"{DE7CBFEF-1711-4040-ABC8-948A36229136}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{E3BF2C78-C1A4-4480-BFA0-517A475C24BB}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"TCP Query User{4C1298E0-B349-460E-8ADD-EE98A785685B}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe | 
"TCP Query User{6580F88C-0000-4AF2-B7C1-011466CA6C76}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe | 
"TCP Query User{BCBD6046-63D8-40A5-9224-827352351930}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{C3FDC39E-254B-402E-A808-195304647D57}C:\program files\novomatic gaminator cf1 final\game.exe" = protocol=6 | dir=in | app=c:\program files\novomatic gaminator cf1 final\game.exe | 
"TCP Query User{E97F9FB9-B22C-4856-8197-F782FD52D8D6}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{3E97D80F-C146-4B20-B868-40F33FE3FC95}C:\program files\novomatic gaminator cf1 final\game.exe" = protocol=17 | dir=in | app=c:\program files\novomatic gaminator cf1 final\game.exe | 
"UDP Query User{72211BA8-9F15-416E-A2E1-01CA0B5B790D}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe | 
"UDP Query User{7C10A075-E20A-478F-88EE-AD033A622C42}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{B3DBDC91-0C72-442F-BC6D-16D77DB1D758}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe | 
"UDP Query User{D8527053-E535-440F-8C10-CE134D055E11}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03AEE2B3-F368-E3A8-9EBB-4465FED5ECCF}" = CCC Help Japanese
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{066D65EA-ED53-44E4-A96A-F81B6E409D2E}" = PC Connectivity Solution
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{0D32CEAA-E78B-9E26-582F-D2261E440C11}" = Catalyst Control Center Localization Chinese Traditional
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0FE6B77F-54CD-45ED-BB64-A99477B0A8F1}" = 5600
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = BrowserDefender
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1CD220E7-1512-A5E1-327F-9607587B75AD}" = Catalyst Control Center Graphics Light
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2605461E-AB2E-49F5-8A16-64B7F3595030}" = 5600Trb
"{2B091530-69AA-442E-AB09-39ED06B58220}" = Windows Live Messenger
"{2ED7986A-FFCF-7CE8-8714-10FADD57F93E}" = CCC Help Dutch
"{3569D31A-9079-9242-5506-72E724897CCE}" = CCC Help Chinese Traditional
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3E5948BC-A071-3C35-7DC4-31F5F293F35B}" = Catalyst Control Center Graphics Full New
"{418E2CBE-A6E4-7391-ABA0-B57CC95FB00A}" = Catalyst Control Center Localization Chinese Standard
"{42C5F6CE-D945-995C-033A-8401107567FA}" = CCC Help Spanish
"{43EA3C14-C1F7-A093-1F4D-362A09F9A63B}" = CCC Help German
"{44135984-1326-48ED-8071-BE0626892362}" = Catalyst Control Center Localization Italian
"{462F002C-0A03-6C5F-3475-228396D8F2AB}" = ccc-core-static
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4A57592C-FF92-4083-97A9-92783BD5AFB4}" = WebCam
"{5375B71B-6413-0C4D-9EDF-B059FECF66F7}" = CCC Help Swedish
"{5A66C68A-42E6-BB9E-2EC7-5C170DD944E9}" = Catalyst Control Center Localization Dutch
"{5B622752-7D0C-D1F6-85FC-7CD5604E6FA2}" = Catalyst Control Center Localization Swedish
"{5F2A68D1-9BB3-4A1C-A67E-DD95F59B3061}_is1" = NVGCF1F PATCH 1.1
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes
"{6BB19E5E-2AD7-B464-3B80-FB0CD8C504FB}" = Catalyst Control Center Graphics Full Existing
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710BF966-43C8-4216-A8EC-BC4E169FF7C1}" = MobileMe Control Panel
"{71DAE231-77A6-A1A9-EE96-E2C965988C54}" = Catalyst Control Center Localization French
"{73B9678F-E73B-E49F-4E21-EB5C839A1503}" = CCC Help Italian
"{763A5318-9657-9D47-3750-59DC1B00315E}" = CCC Help Chinese Standard
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax
"{7C379BEF-4E12-3224-B2E8-513363B99181}" = ccc-utility
"{7DCBC3D8-8954-491D-A1B9-8C61C563B004}" = 5600_Help
"{81CD6232-10F5-4832-B3DA-1B88B1571031}" = Nero 7 Essentials
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8AC6C353-E7E2-163C-5C77-4D71F3A02443}" = CCC Help French
"{8AD67572-0AE2-0CAC-CD8B-17FBAC973901}" = ATI Catalyst Install Manager
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8E4E938B-3D60-4F44-4E0A-CBC4259D96F9}" = CCC Help English
"{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{94D66D71-12F0-48A5-B46A-D4B835A0F1B7}" = FirstSteps Diagnostics
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{95ED7549-7C66-A618-3100-B6999F6A79A4}" = Catalyst Control Center Localization German
"{960EED1D-8F37-9EF5-C2F2-19C19983658B}" = Catalyst Control Center Core Implementation
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9E55D626-6CC8-780C-248E-486574EB08B7}" = CCC Help Korean
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{A471D44A-03B3-7D4D-D302-00430F5E992A}" = Catalyst Control Center Localization Portuguese
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = 1&1 Surf-Stick
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{ABC80104-036E-6193-566F-4308420A4005}" = Catalyst Control Center Graphics Previews Vista
"{AC76BA86-7AD7-1031-7B44-A81000000003}" = Adobe Reader 8.1.0 - Deutsch
"{B71ACC25-ED80-056C-8184-F3A282F00818}" = Catalyst Control Center Localization Japanese
"{B804C424-B66D-447A-84BD-C6B88C392C3A}" = PowerDV
"{BCB313A5-1AD0-4829-9D6F-EB41C3CFCD4B}" = Phase 5 HTML-Editor
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}" = HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE325D55-FCAF-4273-BB79-069BB8747270}" = TomTom HOME
"{D11A5A14-84B6-4BE5-B4A1-11E00DE0B78B}" = Dart Pro 1.0
"{D8CF7C31-55A2-03EA-4998-89B44D559BBD}" = CCC Help Portuguese
"{DEE7AE5E-A8D1-05CF-5383-E5DC68486A54}" = Skins
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E09575B2-498D-4C8B-A9D2-623F78574F29}" = AIO_CDB_Software
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{E8673265-836F-796B-4923-27EC0D563810}" = Catalyst Control Center Localization Spanish
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F252645C-3259-9DCC-C235-64562E08E868}" = Catalyst Control Center Localization Korean
"{FDB5E0F3-86EA-4379-8A2F-1BC2436543E9}" = iCloud
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"7-Zip" = 7-Zip 4.57
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Any Video Converter_is1" = Any Video Converter 3.0.3
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVMFBox" = AVM FRITZ!Box Dokumentation
"BabylonToolbar" = Babylon toolbar on IE
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"ElsterFormular 13.1.1.8531p" = ElsterFormular
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FLV Player" = FLV Player 2.0 (build 25)
"Free YouTube to iPhone Converter_is1" = Free YouTube to iPhone Converter version 2.9
"ftp-uploader" = ftp-uploader
"Google Chrome" = Google Chrome
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"HxD Hex Editor_is1" = HxD Hex Editor Version 1.7.7.0
"Kassenbuch" = Kassenbuch
"Luxor Amun Rising" = Luxor Amun Rising (remove only)
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
"Mystery Case Files - Prime Suspects" = Mystery Case Files - Prime Suspects (remove only)
"PSPad editor_is1" = PSPad editor
"QuickPar" = QuickPar 0.9
"SMSERIAL" = Motorola SM56 Data Fax Modem
"Uninstall_is1" = Uninstall 1.0.0.1
"UseNeXT by Tangysoft_is1" = UseNeXT by Tangysoft
"VLC media player" = VLC media player 1.0.5
"Webocton - Scriptly_is1" = Webocton - Scriptly 0.8.95.2
"WinRAR archiver" = WinRAR 4.00 (32-Bit)
"winscp3_is1" = WinSCP 4.2.7
"XnView_is1" = XnView 1.96
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 03.06.2013 17:43:15 | Computer Name = Sebi-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 04.06.2013 04:38:10 | Computer Name = Sebi-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 04.06.2013 04:38:10 | Computer Name = Sebi-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 04.06.2013 04:38:41 | Computer Name = Sebi-PC | Source = WerSvc | ID = 5007
Description = 
 
Error - 04.06.2013 04:49:29 | Computer Name = Sebi-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung ApplePhotoStreams.exe, Version 7.1.75.5, Zeitstempel
 0x4eb0a8dc, fehlerhaftes Modul CoreFoundation.dll, Version 1.630.16.0, Zeitstempel
 0x4fb5aa9e, Ausnahmecode 0xc0000005, Fehleroffset 0x0004bd32,  Prozess-ID 0x868, 
Anwendungsstartzeit 01ce60fec3a56572.
 
Error - 04.06.2013 05:03:40 | Computer Name = Sebi-PC | Source = WerSvc | ID = 5007
Description = 
 
Error - 04.06.2013 05:03:58 | Computer Name = Sebi-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 04.06.2013 05:03:58 | Computer Name = Sebi-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 04.06.2013 05:05:40 | Computer Name = Sebi-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung ApplePhotoStreams.exe, Version 7.1.75.5, Zeitstempel
 0x4eb0a8dc, fehlerhaftes Modul CoreFoundation.dll, Version 1.630.16.0, Zeitstempel
 0x4fb5aa9e, Ausnahmecode 0xc0000005, Fehleroffset 0x0004bd32,  Prozess-ID 0x954, 
Anwendungsstartzeit 01ce61023c7f72dd.
 
Error - 04.06.2013 05:58:41 | Computer Name = Sebi-PC | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.69.0 arbeitet nicht mehr mit Windows
 zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
 für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
 zu suchen.  Prozess-ID: 13bc  Anfangszeit: 01ce610996c20f8d  Zeitpunkt der Beendigung:
 16
 
[ OSession Events ]
Error - 01.08.2010 06:57:42 | Computer Name = Sebi-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session 
lasted 893 seconds with 120 seconds of active time.  This session ended with a crash.
 
Error - 03.08.2011 06:53:55 | Computer Name = Sebi-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session 
lasted 10197 seconds with 960 seconds of active time.  This session ended with a
 crash.
 
[ System Events ]
Error - 02.06.2013 09:35:26 | Computer Name = Sebi-PC | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
 werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner 
Fehler ist im Speicher-Manager aufgetreten.
 
Error - 03.06.2013 13:35:24 | Computer Name = Sebi-PC | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
 werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner 
Fehler ist im Speicher-Manager aufgetreten.
 
Error - 03.06.2013 16:46:13 | Computer Name = Sebi-PC | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
 werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner 
Fehler ist im Speicher-Manager aufgetreten.
 
Error - 03.06.2013 17:32:09 | Computer Name = Sebi-PC | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
 werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner 
Fehler ist im Speicher-Manager aufgetreten.
 
Error - 03.06.2013 17:43:12 | Computer Name = Sebi-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 04.06.2013 04:38:22 | Computer Name = Sebi-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 04.06.2013 04:49:05 | Computer Name = Sebi-PC | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
 werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner 
Fehler ist im Speicher-Manager aufgetreten.
 
Error - 04.06.2013 04:49:05 | Computer Name = Sebi-PC | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
 werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner 
Fehler ist im Speicher-Manager aufgetreten.
 
Error - 04.06.2013 05:00:11 | Computer Name = Sebi-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 04.06.2013 05:05:05 | Computer Name = Sebi-PC | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
 werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner 
Fehler ist im Speicher-Manager aufgetreten.
 
 
< End of report >

cosinus · 04.06.2013, 11:27

Zitat:

Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation

Wie lange ist dieser Rechner mit dieser Vista-Installation schon im Einsatz?! Der at noch nicht ein Service Pack bekommen

Sebi88 · 04.06.2013, 11:34

Boa gute Frage, 8 Jahre bestimmt

cosinus · 04.06.2013, 11:44

Rootkitscan mit GMER

Bitte lade dir

GMER herunter: (Dateiname zufällig)

Schließe alle anderen Programme, deaktiviere deinen Virenscanner und trenne den Rechner vom Internet bevor du GMER startest.
Sollte sich nach dem Start ein Fenster mit folgender Warnung öffnen:
WARNING !!!
GMER has found system modification, which might have been caused by ROOTKIT activity.
Do you want to fully scan your system ?

Unbedingt auf "No" klicken.
Entferne rechts den Haken bei: IAT/EAT und Show All
Setze den Haken bei Quickscan und entferne ihn bei allen anderen Laufwerken.
Starte den Scan mit "Scan".
Mache nichts am Computer während der Scan läuft.
Wenn der Scan fertig ist klicke auf Save und speichere die Logfile unter Gmer.txt auf deinem Desktop. Mit "Ok" wird GMER beendet.

Antiviren-Programm und sonstige Scanner wieder einschalten, bevor Du ins Netz gehst!

Tauchen Probleme auf?

Probiere alternativ den abgesicherten Modus.
Erhältst du einen Bluescreen, dann entferne den Haken vor Devices.

Anschließend bitte MBAR ausführen:

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Sebi88 · 04.06.2013, 11:47

Danke soweit, muss jetzt leider in die Arbeit .... mache heute Abend weiter

cosinus · 04.06.2013, 11:47

Ok, aber eine Bitte: lass solche Zwischenrufe, poste nur wenn es Probleme gibt oder wenn du die Logs hast (diese dann auch posten in CODE-Tags)

Sebi88 · 04.06.2013, 20:13

Bin gerade mit dem Handy online! Habe GMER ausgeführt vor ca einer halben Stunde! Der PC hängt komplett auch der task Manager lässt sich nicht öffnen ist das normal? Soll ich noch warten?

Code:

ATTFilter

GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-06-04 21:58:55
Windows 6.0.6000  \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 WDC_WD16 rev.04.0 149,05GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Sebi\AppData\Local\Temp\kwrdypod.sys


---- System - GMER 2.1 ----

INT 0x51  ?                                                                                                     85B76BF8
INT 0x52  ?                                                                                                     85B76BF8
INT 0x62  ?                                                                                                     84490BF8
INT 0x72  ?                                                                                                     84490BF8
INT 0x92  ?                                                                                                     84DC3BF8
INT 0xA2  ?                                                                                                     85B76BF8
INT 0xA3  ?                                                                                                     85B76BF8

---- Kernel code sections - GMER 2.1 ----

?         System32\Drivers\spyq.sys                                                                             Das System kann den angegebenen Pfad nicht finden. !

---- Devices - GMER 2.1 ----

Device    \FileSystem\Ntfs \Ntfs                                                                                84E2F1F8
Device    \Driver\volmgr \Device\VolMgrControl                                                                  84DC11F8
Device    \Driver\usbuhci \Device\USBPDO-0                                                                      85A6C500
Device    \Driver\usbuhci \Device\USBPDO-1                                                                      85A6C500
Device    \Driver\usbehci \Device\USBPDO-2                                                                      859CB1F8
Device    \Driver\usbuhci \Device\USBPDO-3                                                                      85A6C500
Device    \Driver\usbuhci \Device\USBPDO-4                                                                      85A6C500
Device    \Driver\usbuhci \Device\USBPDO-5                                                                      85A6C500
Device    \Driver\usbehci \Device\USBPDO-6                                                                      859CB1F8
Device    \Driver\volmgr \Device\HarddiskVolume1                                                                84DC11F8
Device    \Driver\volmgr \Device\HarddiskVolume2                                                                84DC11F8
Device    \Driver\cdrom \Device\CdRom0                                                                          859D61F8
Device    \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0                                                           84E2D1F8
Device    \Driver\iaStor \Device\Ide\iaStor0                                                                    [8237FD30] \SystemRoot\system32\DRIVERS\iaStor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device    \Driver\atapi \Device\Ide\IdePort0                                                                    84E2D1F8
Device    \Driver\atapi \Device\Ide\IdePort1                                                                    84E2D1F8
Device    \Driver\iaStor \Device\Ide\IAAStorageDevice-0                                                         [8237FD30] \SystemRoot\system32\DRIVERS\iaStor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device    \Driver\volmgr \Device\HarddiskVolume3                                                                84DC11F8
Device    \Driver\iScsiPrt \Device\RaidPort0                                                                    85AE91F8
Device    \Driver\usbuhci \Device\USBFDO-0                                                                      85A6C500
Device    \Driver\usbuhci \Device\USBFDO-1                                                                      85A6C500
Device    \Driver\usbehci \Device\USBFDO-2                                                                      859CB1F8
Device    \Driver\usbuhci \Device\USBFDO-3                                                                      85A6C500
Device    \Driver\usbuhci \Device\USBFDO-4                                                                      85A6C500
Device    \Driver\usbuhci \Device\USBFDO-5                                                                      85A6C500
Device    \Driver\usbehci \Device\USBFDO-6                                                                      859CB1F8
Device    \FileSystem\cdfs \Cdfs                                                                                85A6B1F8

---- Trace I/O - GMER 2.1 ----

Trace     ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys spyq.sys >>UNKNOWN [0x84de6938]<<      84de6938
Trace     1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85829030]                                               85829030
Trace     3 ntkrnlpa.exe[824b07e2] -> nt!IofCallDriver -> [0x853df680]                                          853df680
Trace     5 acpi.sys[8044332a] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x84ed7030]                84ed7030

---- Processes - GMER 2.1 ----

Process    (*** hidden *** )                                                                                    [4] 84039AB0                                                                                                                                    

---- Registry - GMER 2.1 ----

Reg       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1                                                    771343423
Reg       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2                                                    285507792
Reg       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0                                                    1
Reg       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4                      
Reg       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                   0
Reg       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                0x6B 0xEF 0x4E 0xCF ...
Reg       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)  
Reg       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                       0
Reg       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                    0x6B 0xEF 0x4E 0xCF ...

---- EOF - GMER 2.1 ----

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.06.0.1003
www.malwarebytes.org

Database version: v2013.06.04.08

Windows Vista x86 NTFS
Internet Explorer 8.0.6001.18904
Sebi :: SEBI-PC [administrator]

04.06.2013 22:09:01
mbar-log-2013-06-04 (22-09-01).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | Deep Anti-Rootkit Scan | PUM | P2P
Scan options disabled: PUP
Objects scanned: 217260
Time elapsed: 31 minute(s), 13 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

cosinus · 05.06.2013, 09:42

Dann bitte jetzt Combofix ausführen:

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Sebi88 · 05.06.2013, 10:34

Code:

ATTFilter

ComboFix 13-06-03.06 - Sebi 05.06.2013  10:47:58.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6000.0.1252.49.1031.18.2046.1164 [GMT 2:00]
ausgeführt von:: c:\users\Sebi\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Sebi\AppData\Roaming\Microsoft\Windows\Recent\fbox_beo.url
c:\windows\system32\SETE249.tmp
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\regtlib.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_BrowserDefendert
-------\Service_usnjsvc
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-05-05 bis 2013-06-05  ))))))))))))))))))))))))))))))
.
.
2013-06-05 09:00 . 2013-06-05 09:26	--------	d-----w-	c:\users\Sebi\AppData\Local\temp
2013-06-05 09:00 . 2013-06-05 09:00	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-06-04 20:24 . 2013-05-13 23:49	7016152	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{49E6C2E7-F8AC-4A78-A94A-3C11D577738B}\mpengine.dll
2013-06-04 20:08 . 2013-06-04 20:41	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-06-04 20:05 . 2013-06-04 20:05	--------	d-----w-	c:\programdata\Malwarebytes
2013-06-04 08:54 . 2013-06-04 08:54	--------	d-----w-	c:\users\Sebi\AppData\Local\Babylon
2013-06-02 13:30 . 2013-06-02 13:30	--------	d-----w-	c:\windows\system32\Extensions
2013-06-02 13:30 . 2013-06-02 13:30	--------	d-----w-	c:\windows\system32\searchplugins
2013-06-02 09:47 . 2013-06-02 09:47	--------	d-----w-	c:\programdata\BrowserDefender
2013-06-02 09:47 . 2013-06-02 09:47	--------	d-----w-	c:\users\Sebi\AppData\Roaming\BabSolution
2013-06-02 09:47 . 2013-06-02 09:47	--------	d-----w-	c:\users\Sebi\AppData\Roaming\Delta
2013-06-02 09:47 . 2013-06-03 21:00	--------	d-----w-	c:\program files\WebCake
2013-06-02 09:46 . 2013-06-04 08:54	--------	d-----w-	c:\users\Sebi\AppData\Roaming\Babylon
2013-06-02 09:46 . 2013-06-02 09:46	--------	d-----w-	c:\programdata\Babylon
2013-06-02 09:46 . 2013-06-04 08:39	--------	d-----w-	c:\programdata\Tarma Installer
2013-06-02 09:46 . 2013-06-02 09:48	--------	d-----w-	c:\users\Sebi\AppData\Roaming\GoforFiles
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-14 19:25 . 2012-07-20 12:07	692104	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-05-14 19:25 . 2011-05-20 13:52	71048	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-02 00:06 . 2009-10-02 23:58	238872	------w-	c:\windows\system32\MpSigStub.exe
2012-05-20 08:39 . 2012-02-29 21:20	97208	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-02-01 1232896]
"iCloudServices"="c:\program files\Common Files\Apple\Internet Services\iCloudServices.exe" [2011-11-11 59240]
"ApplePhotoStreams"="c:\program files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2011-11-11 59240]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-07-20 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 630784]
"recinfo363"="c:\recinfo\RecInfo.exe" [2007-10-23 2764800]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-03-28 281768]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"UIExec"="c:\program files\1&1 Surf-Stick\UIExec.exe" [2010-12-08 139088]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-07 421776]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\browse~1\261339~1.144\{c16c1~1\browse~1.dll
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2007-05-11 02:06	40048	----a-w-	c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2011-11-02 06:51	59240	----a-w-	c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2006-12-10 19:52	49152	----a-w-	c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-06-07 17:33	421776	----a-w-	c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-02-26 19:46	153136	----a-w-	c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-04-18 18:56	421888	----a-w-	c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2008-02-14 09:58	3977128	----a-w-	c:\program files\TomTom HOME\TomTomHOME.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-02-01 08:21	1006264	----a-w-	c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-05-30 15:57	1165776	----a-w-	c:\program files\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-20 19:25]
.
2013-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-07-20 12:08]
.
2013-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-07-20 12:08]
.
2013-06-05 c:\windows\Tasks\User_Feed_Synchronization-{6729A8B8-59BC-4D3F-AC70-E33F479ADC8B}.job
- c:\windows\system32\msfeedssync.exe [2010-03-31 04:54]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uInternet Settings,ProxyOverride = *.local
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Sebi\AppData\Roaming\Mozilla\Firefox\Profiles\jqzi0asx.default\
FF - prefs.js: browser.search.selectedEngine - Delta Search
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=119294&tt=gc_&babsrc=HP_ss_gin2g&mntrId=4A110016449A8B4C
FF - user.js: extensions.shownSelectionUI - true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
MSConfigStartUp-DAEMON Tools Lite - c:\program files\DAEMON Tools Lite\daemon.exe
MSConfigStartUp-PCSuiteTrayApplication - c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-06-05 11:26
Windows 6.0.6000  NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(2480)
c:\program files\WinSCP\DragExt.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Avira\AntiVir Desktop\sched.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\1&1 Surf-Stick\AssistantServices.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conime.exe
c:\windows\system32\PresentationSettings.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-06-05  11:31:01 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-06-05 09:30
.
Vor Suchlauf: 19 Verzeichnis(se), 11.198.382.080 Bytes frei
Nach Suchlauf: 25 Verzeichnis(se), 11.129.229.312 Bytes frei
.
- - End Of File - - B18C020438262F44988F472C410500F0

Kann ich die neuen Programme die wir schon verwendet haben auf dem Dektop wieder löschen?

Bei meinen Eigenen Datein wurden sämtliche Datein irgendwie Verknüpft und der Zugriff verweigert!!

cosinus · 05.06.2013, 12:34

Nun bleib doch mal bitte geduldig und warte ab bis wir durch sind. Dann kann der ganze verwendete Kram runter.

aswMBR

Downloade dir bitte

aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe - (aswMBR.exe Anleitung)
Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS-Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

TDSS-Killer

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Sebi88 · 05.06.2013, 20:50

Code:

ATTFilter

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-06-05 21:02:36
-----------------------------
21:02:36.702    OS Version: Windows 6.0.6000 
21:02:36.702    Number of processors: 2 586 0xF0D
21:02:36.702    ComputerName: SEBI-PC  UserName: Sebi
21:02:37.872    Initialize success
21:05:54.331    AVAST engine defs: 13060501
21:06:05.282    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
21:06:05.282    Disk 0 Vendor: WDC_WD16 04.0 Size: 152627MB BusType: 3
21:06:06.202    Disk 0 MBR read successfully
21:06:06.202    Disk 0 MBR scan
21:06:06.327    Disk 0 Windows VISTA default MBR code
21:06:06.358    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        12000 MB offset 2048
21:06:06.374    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        94419 MB offset 24578048
21:06:07.107    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        46206 MB offset 217948160
21:06:07.138    Disk 0 scanning sectors +312578048
21:06:08.917    Disk 0 scanning C:\Windows\system32\drivers
21:06:50.932    Service scanning
21:07:10.879    Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
21:07:18.352    Modules scanning
21:07:43.312    Disk 0 trace - called modules:
21:07:43.359    ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys spiw.sys >>UNKNOWN [0x84ddc938]<<
21:07:43.374    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85e3bad8]
21:07:43.390    3 ntkrnlpa.exe[824b07e2] -> nt!IofCallDriver -> [0x853e7cc8]
21:07:43.390    5 acpi.sys[8044332a] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x84ea6030]
21:07:44.544    AVAST engine scan C:\Windows
21:07:54.950    AVAST engine scan C:\Windows\system32
21:13:33.343    AVAST engine scan C:\Windows\system32\drivers
21:13:51.378    AVAST engine scan C:\Users\Sebi
21:46:00.213    Disk 0 MBR has been saved successfully to "C:\Users\Sebi\Desktop\MBR.dat"
21:46:00.213    The log file has been saved successfully to "C:\Users\Sebi\Desktop\aswMBR.txt"

Code:

ATTFilter

21:47:14.0561 5844  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:47:14.0951 5844  ============================================================
21:47:14.0951 5844  Current date / time: 2013/06/05 21:47:14.0951
21:47:14.0951 5844  SystemInfo:
21:47:14.0951 5844  
21:47:14.0951 5844  OS Version: 6.0.6000 ServicePack: 0.0
21:47:14.0951 5844  Product type: Workstation
21:47:14.0951 5844  ComputerName: SEBI-PC
21:47:14.0951 5844  UserName: Sebi
21:47:14.0951 5844  Windows directory: C:\Windows
21:47:14.0951 5844  System windows directory: C:\Windows
21:47:14.0951 5844  Processor architecture: Intel x86
21:47:14.0951 5844  Number of processors: 2
21:47:14.0951 5844  Page size: 0x1000
21:47:14.0951 5844  Boot type: Normal boot
21:47:14.0951 5844  ============================================================
21:47:15.0544 5844  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:47:15.0544 5844  ============================================================
21:47:15.0544 5844  \Device\Harddisk0\DR0:
21:47:15.0544 5844  MBR partitions:
21:47:15.0544 5844  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0xB869800
21:47:15.0544 5844  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xCFDA000, BlocksNum 0x5A3F000
21:47:15.0544 5844  ============================================================
21:47:15.0591 5844  C: <-> \Device\Harddisk0\DR0\Partition1
21:47:15.0638 5844  D: <-> \Device\Harddisk0\DR0\Partition2
21:47:15.0638 5844  ============================================================
21:47:15.0638 5844  Initialize success
21:47:15.0638 5844  ============================================================
21:47:43.0166 3324  ============================================================
21:47:43.0166 3324  Scan started
21:47:43.0166 3324  Mode: Manual; SigCheck; TDLFS; 
21:47:43.0166 3324  ============================================================
21:47:43.0852 3324  ================ Scan system memory ========================
21:47:43.0852 3324  System memory - ok
21:47:43.0852 3324  ================ Scan services =============================
21:47:44.0055 3324  [ 84FC6DF81212D16BE5C4F441682FECCC ] ACPI            C:\Windows\system32\drivers\acpi.sys
21:47:44.0180 3324  ACPI - ok
21:47:44.0320 3324  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:47:44.0336 3324  AdobeFlashPlayerUpdateSvc - ok
21:47:44.0383 3324  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:47:44.0414 3324  adp94xx - ok
21:47:44.0445 3324  [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:47:44.0476 3324  adpahci - ok
21:47:44.0492 3324  [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
21:47:44.0508 3324  adpu160m - ok
21:47:44.0539 3324  [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:47:44.0554 3324  adpu320 - ok
21:47:44.0601 3324  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:47:44.0851 3324  AeLookupSvc - ok
21:47:44.0866 3324  [ 5D24CAF8EFD924A875698FF28384DB8B ] AFD             C:\Windows\system32\drivers\afd.sys
21:47:44.0976 3324  AFD - ok
21:47:45.0007 3324  [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440          C:\Windows\system32\drivers\agp440.sys
21:47:45.0022 3324  agp440 - ok
21:47:45.0085 3324  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
21:47:45.0100 3324  aic78xx - ok
21:47:45.0132 3324  [ E69FB0E3112C40FDC0EF7D21A52DC951 ] ALG             C:\Windows\System32\alg.exe
21:47:45.0194 3324  ALG - ok
21:47:45.0210 3324  [ 90395B64600EBB4552E26E178C94B2E4 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:47:45.0225 3324  aliide - ok
21:47:45.0241 3324  [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
21:47:45.0256 3324  amdagp - ok
21:47:45.0256 3324  [ 0577DF1D323FE75A739C787893D300EA ] amdide          C:\Windows\system32\drivers\amdide.sys
21:47:45.0272 3324  amdide - ok
21:47:45.0288 3324  [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
21:47:45.0350 3324  AmdK7 - ok
21:47:45.0366 3324  [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
21:47:45.0459 3324  AmdK8 - ok
21:47:45.0584 3324  [ C27D46B06D340293670450FCE9DFB166 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
21:47:45.0600 3324  AntiVirSchedulerService - ok
21:47:45.0646 3324  [ 72D90E56563165984224493069C69ED4 ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
21:47:45.0662 3324  AntiVirService - ok
21:47:45.0709 3324  [ CFA455816879F06F1C4E5BBF9E8AEF7D ] Appinfo         C:\Windows\System32\appinfo.dll
21:47:45.0802 3324  Appinfo - ok
21:47:45.0974 3324  [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:47:46.0005 3324  Apple Mobile Device - ok
21:47:46.0052 3324  [ 5F673180268BB1FDB69C99B6619FE379 ] arc             C:\Windows\system32\drivers\arc.sys
21:47:46.0068 3324  arc - ok
21:47:46.0130 3324  [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:47:46.0146 3324  arcsas - ok
21:47:46.0161 3324  [ E86CF7CE67D5DE898F27EF884DC357D8 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:47:46.0239 3324  AsyncMac - ok
21:47:46.0286 3324  [ B35CFCEF838382AB6490B321C87EDF17 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:47:46.0286 3324  atapi - ok
21:47:46.0380 3324  [ 2846F5EE802889D500FCF5CC48B28381 ] athr            C:\Windows\system32\DRIVERS\athr.sys
21:47:46.0536 3324  athr - ok
21:47:46.0582 3324  [ ADFD93663D3BAE4FADC19AD1AE519EE4 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
21:47:46.0692 3324  Ati External Event Utility - ok
21:47:46.0894 3324  [ 389A2668E0C0C6698A6B565632C7F43A ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
21:47:47.0144 3324  atikmdag - ok
21:47:47.0222 3324  [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:47:47.0300 3324  AudioEndpointBuilder - ok
21:47:47.0331 3324  [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
21:47:47.0394 3324  Audiosrv - ok
21:47:47.0440 3324  [ 1E4114685DE1FFA9675E09C6A1FB3F4B ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
21:47:47.0487 3324  avgntflt - ok
21:47:47.0518 3324  [ 0F78D3DAE6DEDD99AE54C9491C62ADF2 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
21:47:47.0534 3324  avipbb - ok
21:47:47.0581 3324  [ AC3DD1708B22761EBD7CBE14DCC3B5D7 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:47:47.0643 3324  Beep - ok
21:47:47.0721 3324  [ 96B73CC64BD905EA6CC4E44384ABD8C9 ] BFE             C:\Windows\System32\bfe.dll
21:47:47.0784 3324  BFE - ok
21:47:47.0846 3324  [ DA551697E34D2B9943C8B1C8EAFFE89A ] BITS            C:\Windows\system32\qmgr.dll
21:47:47.0971 3324  BITS - ok
21:47:47.0971 3324  blbdrive - ok
21:47:48.0111 3324  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:47:48.0158 3324  Bonjour Service - ok
21:47:48.0189 3324  [ 913CD06FBE9105CE6077E90FD4418561 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:47:48.0267 3324  bowser - ok
21:47:48.0314 3324  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
21:47:48.0392 3324  BrFiltLo - ok
21:47:48.0423 3324  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
21:47:48.0501 3324  BrFiltUp - ok
21:47:48.0532 3324  [ BEB6470532B7461D7BB426E3FACB424F ] Browser         C:\Windows\System32\browser.dll
21:47:48.0610 3324  Browser - ok
21:47:48.0657 3324  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
21:47:48.0720 3324  Brserid - ok
21:47:48.0751 3324  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
21:47:48.0798 3324  BrSerWdm - ok
21:47:48.0829 3324  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
21:47:48.0876 3324  BrUsbMdm - ok
21:47:48.0891 3324  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
21:47:48.0954 3324  BrUsbSer - ok
21:47:48.0985 3324  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:47:49.0063 3324  BTHMODEM - ok
21:47:49.0125 3324  catchme - ok
21:47:49.0141 3324  [ 6C3A437FC873C6F6A4FC620B6888CB86 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:47:49.0234 3324  cdfs - ok
21:47:49.0266 3324  [ 8D1866E61AF096AE8B582454F5E4D303 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:47:49.0344 3324  cdrom - ok
21:47:49.0390 3324  [ 0600E04315FE543802A379D5D23C8BE0 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:47:49.0468 3324  CertPropSvc - ok
21:47:49.0484 3324  [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
21:47:49.0546 3324  circlass - ok
21:47:49.0609 3324  [ 1B84FD0937D3B99AF9BA38DDFF3DAF54 ] CLFS            C:\Windows\system32\CLFS.sys
21:47:49.0624 3324  CLFS - ok
21:47:49.0687 3324  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:47:49.0702 3324  clr_optimization_v2.0.50727_32 - ok
21:47:49.0718 3324  [ ED97AD3DF1B9005989EAF149BF06C821 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:47:49.0765 3324  CmBatt - ok
21:47:49.0796 3324  [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:47:49.0812 3324  cmdide - ok
21:47:49.0843 3324  [ 722936AFB75A7F509662B69B5632F48A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
21:47:49.0858 3324  Compbatt - ok
21:47:49.0858 3324  COMSysApp - ok
21:47:49.0874 3324  [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:47:49.0890 3324  crcdisk - ok
21:47:49.0905 3324  [ 22A7F883508176489F559EE745B5BF5D ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
21:47:49.0983 3324  Crusoe - ok
21:47:50.0046 3324  [ 1C26FB097170A2A91066D1E3A24366E3 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:47:50.0124 3324  CryptSvc - ok
21:47:50.0233 3324  [ 7B981222A257D076885BFFB66F19B7CE ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:47:50.0358 3324  DcomLaunch - ok
21:47:50.0389 3324  [ A7179DE59AE269AB70345527894CCD7C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:47:50.0467 3324  DfsC - ok
21:47:50.0576 3324  [ E0D584AA76C7D845BA9F3A788260528F ] DFSR            C:\Windows\system32\DFSR.exe
21:47:50.0763 3324  DFSR - ok
21:47:50.0794 3324  [ DC45739BC22D528D2B3E50D3F6761750 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
21:47:50.0872 3324  Dhcp - ok
21:47:50.0904 3324  [ 841AF4C4D41D3E3B2F244E976B0F7963 ] disk            C:\Windows\system32\drivers\disk.sys
21:47:50.0919 3324  disk - ok
21:47:50.0966 3324  [ EECBA1DD142BF8693C476BE8F32FE253 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:47:51.0013 3324  Dnscache - ok
21:47:51.0060 3324  [ 1F795D214820E496BF1124434A6DB546 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:47:51.0138 3324  dot3svc - ok
21:47:51.0200 3324  [ 57B2D433A08B95E4F1B53A919937F3E5 ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
21:47:51.0294 3324  Dot4 - ok
21:47:51.0340 3324  [ D93FA484BB62FBE7E5EF335C5415D3CF ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
21:47:51.0418 3324  Dot4Print - ok
21:47:51.0450 3324  [ 599742C4260FB3E8EDB3BE148B8CE856 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
21:47:51.0528 3324  dot4usb - ok
21:47:51.0559 3324  [ 032C90AD677BF7B7A8013D6087C7A921 ] DPS             C:\Windows\system32\dps.dll
21:47:51.0606 3324  DPS - ok
21:47:51.0652 3324  [ EE472CD2C01F6F8E8AA1FA06FFEF61B6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:47:51.0699 3324  drmkaud - ok
21:47:51.0762 3324  [ B95202EFD0464D226E7542C1E319C028 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:47:51.0855 3324  DXGKrnl - ok
21:47:51.0933 3324  [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
21:47:52.0011 3324  E1G60 - ok
21:47:52.0058 3324  [ 90A0A875642E18618010645311B4E89E ] EapHost         C:\Windows\System32\eapsvc.dll
21:47:52.0136 3324  EapHost - ok
21:47:52.0198 3324  [ 0EFC7531B936EE57FDB4E837664C509F ] Ecache          C:\Windows\system32\drivers\ecache.sys
21:47:52.0198 3324  Ecache - ok
21:47:52.0276 3324  [ B4580122B0A7B263B6EE9ACBA69C8013 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:47:52.0370 3324  ehRecvr - ok
21:47:52.0401 3324  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
21:47:52.0417 3324  ehSched - ok
21:47:52.0464 3324  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
21:47:52.0495 3324  ehstart - ok
21:47:52.0557 3324  [ E8F3F21A71720C84BCF423B80028359F ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:47:52.0573 3324  elxstor - ok
21:47:52.0635 3324  [ 3226FDA08988526E819E364E8CCE4CEE ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
21:47:52.0760 3324  EMDMgmt - ok
21:47:52.0838 3324  [ 7B4971C3D43525175A4EA0D143E0412E ] EventSystem     C:\Windows\system32\es.dll
21:47:52.0885 3324  EventSystem - ok
21:47:52.0916 3324  ewusbnet - ok
21:47:52.0932 3324  [ 84A317CB0B3954D3768CDCD018DBF670 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:47:53.0025 3324  fastfat - ok
21:47:53.0103 3324  [ 63BDADA84951B9C03E641800E176898A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
21:47:53.0181 3324  fdc - ok
21:47:53.0212 3324  [ E43BCE1A77D6FD4ED5F8E0482B9E7DF1 ] fdPHost         C:\Windows\system32\fdPHost.dll
21:47:53.0290 3324  fdPHost - ok
21:47:53.0306 3324  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:47:53.0368 3324  FDResPub - ok
21:47:53.0384 3324  [ 65773D6115C037FFD7EF8280AE85EB9D ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:47:53.0400 3324  FileInfo - ok
21:47:53.0415 3324  [ C226DD0DE060745F3E042F58DCF78402 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:47:53.0493 3324  Filetrace - ok
21:47:53.0540 3324  [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
21:47:53.0618 3324  flpydisk - ok
21:47:53.0649 3324  [ A6A8DA7AE4D53394AB22AC3AB6D3F5D3 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:47:53.0665 3324  FltMgr - ok
21:47:53.0743 3324  [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:47:53.0758 3324  FontCache3.0.0.0 - ok
21:47:53.0790 3324  [ 66A078591208BAA210C7634B11EB392C ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:47:53.0821 3324  Fs_Rec - ok
21:47:53.0852 3324  [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:47:53.0868 3324  gagp30kx - ok
21:47:53.0930 3324  [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:47:53.0930 3324  GEARAspiWDM - ok
21:47:53.0977 3324  [ BCF6589C42D8F6A20F33EF133FFE0524 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:47:54.0039 3324  gpsvc - ok
21:47:54.0211 3324  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
21:47:54.0226 3324  gupdate - ok
21:47:54.0273 3324  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
21:47:54.0289 3324  gupdatem - ok
21:47:54.0382 3324  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
21:47:54.0398 3324  gusvc - ok
21:47:54.0445 3324  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:47:54.0507 3324  HdAudAddService - ok
21:47:54.0538 3324  [ 0DB613A7E427B5663563677796FD5258 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:47:54.0570 3324  HDAudBus - ok
21:47:54.0601 3324  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:47:54.0679 3324  HidBth - ok
21:47:54.0710 3324  [ F24393C44FDFE2E5E9F416FD3BDF98E2 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
21:47:54.0757 3324  HidIr - ok
21:47:54.0788 3324  [ 8FA640195279ACE21BEA91396A0054FC ] hidserv         C:\Windows\System32\hidserv.dll
21:47:54.0850 3324  hidserv - ok
21:47:54.0882 3324  [ 01E7971E9F4BD6AC6A08DB52D0EA0418 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:47:54.0928 3324  HidUsb - ok
21:47:54.0944 3324  [ D40AA05E29BF6ED29B139F044B461E9B ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:47:55.0038 3324  hkmsvc - ok
21:47:55.0069 3324  [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
21:47:55.0069 3324  HpCISSs - ok
21:47:55.0225 3324  [ FCB563B0A23643E5F80B6FF1E60F610F ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
21:47:55.0240 3324  hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
21:47:55.0240 3324  hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
21:47:55.0256 3324  [ 25E443E27165C652723A92D9BDFD4649 ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
21:47:55.0287 3324  hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
21:47:55.0287 3324  hpqddsvc - detected UnsignedFile.Multi.Generic (1)
21:47:55.0350 3324  [ EA24FE637D974A8A31BC650F478E3533 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:47:55.0412 3324  HTTP - ok
21:47:55.0443 3324  hwdatacard - ok
21:47:55.0474 3324  hwusbdev - ok
21:47:55.0537 3324  [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
21:47:55.0552 3324  i2omp - ok
21:47:55.0646 3324  [ 1C9EE072BAA3ABB460B91D7EE9152660 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
21:47:55.0693 3324  i8042prt - ok
21:47:55.0740 3324  [ FD7F9D74C2B35DBDA400804A3F5ED5D8 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
21:47:55.0755 3324  iaStor - ok
21:47:55.0786 3324  [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
21:47:55.0802 3324  iaStorV - ok
21:47:55.0864 3324  [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:47:55.0974 3324  idsvc - ok
21:47:56.0005 3324  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:47:56.0020 3324  iirsp - ok
21:47:56.0083 3324  [ 4456E314E60177B03E5CBE64CD6A337E ] IKEEXT          C:\Windows\System32\ikeext.dll
21:47:56.0145 3324  IKEEXT - ok
21:47:56.0192 3324  IntcAzAudAddService - ok
21:47:56.0239 3324  [ 988981C840084F480BA9E3319CEBDE1B ] intelide        C:\Windows\system32\drivers\intelide.sys
21:47:56.0254 3324  intelide - ok
21:47:56.0270 3324  [ CE44CC04262F28216DD4341E9E36A16F ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:47:56.0348 3324  intelppm - ok
21:47:56.0379 3324  [ 88CF5281ED9880D74DC9011CF8B5262D ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:47:56.0473 3324  IPBusEnum - ok
21:47:56.0488 3324  [ 880C6F86CC3F551B8FEA2C11141268C0 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:47:56.0566 3324  IpFilterDriver - ok
21:47:56.0613 3324  [ ECC9AD72CFC4AB41CF6A9BCC11F9FEF6 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:47:56.0644 3324  iphlpsvc - ok
21:47:56.0660 3324  IpInIp - ok
21:47:56.0676 3324  [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
21:47:56.0769 3324  IPMIDRV - ok
21:47:56.0785 3324  [ 10077C35845101548037DF04FD1A420B ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
21:47:56.0863 3324  IPNAT - ok
21:47:56.0956 3324  [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:47:57.0003 3324  iPod Service - ok
21:47:57.0034 3324  [ A82F328F4792304184642D6D397BB1E3 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:47:57.0128 3324  IRENUM - ok
21:47:57.0159 3324  [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:47:57.0175 3324  isapnp - ok
21:47:57.0222 3324  [ 4DCA456D4D5723F8FA9C6760D240B0DF ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
21:47:57.0237 3324  iScsiPrt - ok
21:47:57.0268 3324  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
21:47:57.0284 3324  iteatapi - ok
21:47:57.0331 3324  [ E4B04A0D8B237ECF026D849439F1BCCE ] itecir          C:\Windows\system32\DRIVERS\itecir.sys
21:47:57.0362 3324  itecir - ok
21:47:57.0393 3324  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
21:47:57.0409 3324  iteraid - ok
21:47:57.0424 3324  [ C1632FE31D1824A43DEA29725312E3FA ] JRAID           C:\Windows\system32\drivers\jraid.sys
21:47:57.0456 3324  JRAID - ok
21:47:57.0471 3324  [ B076B2AB806B3F696DAB21375389101C ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:47:57.0487 3324  kbdclass - ok
21:47:57.0518 3324  [ ED61DBC6603F612B7338283EDBACBC4B ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:47:57.0534 3324  kbdhid - ok
21:47:57.0565 3324  [ C731B1FE449D4E9CEA358C9D55B69BE9 ] KeyIso          C:\Windows\system32\lsass.exe
21:47:57.0627 3324  KeyIso - ok
21:47:57.0690 3324  [ 0A829977B078DEA11641FC2AF87CEADE ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:47:57.0705 3324  KSecDD - ok
21:47:57.0768 3324  [ 45C537FE5DDE9A0146AEFF76E615737D ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:47:57.0846 3324  KtmRm - ok
21:47:57.0908 3324  [ 53D1482FC1AA36AC015A85E6CF2146BD ] LanmanServer    C:\Windows\System32\srvsvc.dll
21:47:57.0970 3324  LanmanServer - ok
21:47:58.0033 3324  [ 435F0F6DC87A4B5DA78F1FA309884189 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:47:58.0095 3324  LanmanWorkstation - ok
21:47:58.0126 3324  [ FD015B4F95DAA2B712F0E372A116FBAD ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:47:58.0204 3324  lltdio - ok
21:47:58.0251 3324  [ 7450DBCF754391DD6363FFFD5EF0E789 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:47:58.0329 3324  lltdsvc - ok
21:47:58.0360 3324  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:47:58.0438 3324  lmhosts - ok
21:47:58.0470 3324  [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:47:58.0485 3324  LSI_FC - ok
21:47:58.0516 3324  [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:47:58.0516 3324  LSI_SAS - ok
21:47:58.0563 3324  [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:47:58.0579 3324  LSI_SCSI - ok
21:47:58.0610 3324  [ 42885BB44B6E065B8575A8DD6C430C52 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:47:58.0672 3324  luafv - ok
21:47:58.0766 3324  [ 59A2783ABA6019BED0C843C706E10A6A ] massfilter      C:\Windows\system32\drivers\massfilter.sys
21:47:58.0797 3324  massfilter - ok
21:47:58.0828 3324  [ BF8426A8E3F3856389E26E94A8F1B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:47:58.0875 3324  Mcx2Svc - ok
21:47:58.0906 3324  [ D153B14FC6598EAE8422A2037553ADCE ] megasas         C:\Windows\system32\drivers\megasas.sys
21:47:58.0906 3324  megasas - ok
21:47:59.0000 3324  [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
21:47:59.0016 3324  Microsoft Office Groove Audit Service - ok
21:47:59.0031 3324  [ 9DFA3A459AF0954AA85B4F7622AD87BB ] MMCSS           C:\Windows\system32\mmcss.dll
21:47:59.0125 3324  MMCSS - ok
21:47:59.0156 3324  [ 21755967298A46FB6ADFEC9DB6012211 ] Modem           C:\Windows\system32\drivers\modem.sys
21:47:59.0218 3324  Modem - ok
21:47:59.0281 3324  [ 7446E104A5FE5987CA9E4983FBAC4F97 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:47:59.0328 3324  monitor - ok
21:47:59.0374 3324  [ 5FBA13C1A1841B0885D316ED3589489D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:47:59.0374 3324  mouclass - ok
21:47:59.0390 3324  [ B569B5C5D3BDE545DF3A6AF512CCCDBA ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:47:59.0437 3324  mouhid - ok
21:47:59.0468 3324  [ 01F1E5A3E4877C931CBB31613FEC16A6 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
21:47:59.0484 3324  MountMgr - ok
21:47:59.0499 3324  [ 583A41F26278D9E0EA548163D6139397 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:47:59.0515 3324  mpio - ok
21:47:59.0530 3324  [ 6E7A7F0C1193EE5648443FE2D4B789EC ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:47:59.0577 3324  mpsdrv - ok
21:47:59.0624 3324  [ 563ED845885C6A7C09A7715D8BD0585C ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:47:59.0671 3324  MpsSvc - ok
21:47:59.0702 3324  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
21:47:59.0702 3324  Mraid35x - ok
21:47:59.0749 3324  [ 1D8828B98EE309D65E006F0829E280E5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:47:59.0796 3324  MRxDAV - ok
21:47:59.0827 3324  [ 8AF705CE1BB907932157FAB821170F27 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:47:59.0858 3324  mrxsmb - ok
21:47:59.0889 3324  [ 47E13AB23371BE3279EEF22BBFA2C1BE ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:47:59.0920 3324  mrxsmb10 - ok
21:47:59.0952 3324  [ 90B3FC7BD6B3D7EE7635DEBBA2187F66 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:47:59.0998 3324  mrxsmb20 - ok
21:48:00.0076 3324  [ A7DF0C3ADB40919F91B2917FBE07A370 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:48:00.0092 3324  msahci - ok
21:48:00.0123 3324  [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:48:00.0139 3324  msdsm - ok
21:48:00.0170 3324  [ BC64A92D821EFEA8BAB8E8CAF1B668BC ] MSDTC           C:\Windows\System32\msdtc.exe
21:48:00.0201 3324  MSDTC - ok
21:48:00.0217 3324  [ 729EAFEFD4E7417165F353A18DBE947D ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:48:00.0295 3324  Msfs - ok
21:48:00.0326 3324  [ 5F454A16A5146CD91A176D70F0CFA3EC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:48:00.0342 3324  msisadrv - ok
21:48:00.0373 3324  [ 8ACF956D9154E893E789881430C12632 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:48:00.0420 3324  MSiSCSI - ok
21:48:00.0435 3324  msiserver - ok
21:48:00.0466 3324  [ 892CEDEFA7E0FFE7BE8DA651B651D047 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:48:00.0529 3324  MSKSSRV - ok
21:48:00.0591 3324  [ AE2CB1DA69B2676B4CEE2A501AF5871C ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:48:00.0669 3324  MSPCLOCK - ok
21:48:00.0700 3324  [ F910DA84FA90C44A3ADDB7CD874463FD ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:48:00.0763 3324  MSPQM - ok
21:48:00.0794 3324  [ 84571C0AE07647BA38D493F5F0015DF7 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:48:00.0810 3324  MsRPC - ok
21:48:00.0825 3324  [ 4385C80EDE885E25492D408CAD91BD6F ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:48:00.0825 3324  mssmbios - ok
21:48:00.0856 3324  [ C826DD1373F38AFD9CA46EC3C436A14E ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:48:00.0950 3324  MSTEE - ok
21:48:00.0981 3324  [ FA7AA70050CF5E2D15DE00941E5665E5 ] Mup             C:\Windows\system32\Drivers\mup.sys
21:48:00.0981 3324  Mup - ok
21:48:01.0028 3324  [ 1CDBB5D002FE2BC5300AA20550D8A52E ] napagent        C:\Windows\system32\qagentRT.dll
21:48:01.0090 3324  napagent - ok
21:48:01.0153 3324  [ 6DA4A0FC7C0E83DF0CB3CFD0A514C3BC ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:48:01.0200 3324  NativeWifiP - ok
21:48:01.0246 3324  [ 227C11E1E7CF6EF8AFB2A238D209760C ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:48:01.0278 3324  NDIS - ok
21:48:01.0309 3324  [ 81659CDCBD0F9A9E07E6878AD8C78D3F ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:48:01.0356 3324  NdisTapi - ok
21:48:01.0371 3324  [ 5DE5EE546BF40838EBE0E01CB629DF64 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:48:01.0449 3324  Ndisuio - ok
21:48:01.0465 3324  [ 397402ADCBB8946223A1950101F6CD94 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:48:01.0527 3324  NdisWan - ok
21:48:01.0543 3324  [ 1B24FA907AF283199A81B3BB37E5E526 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:48:01.0605 3324  NDProxy - ok
21:48:01.0636 3324  [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
21:48:01.0654 3324  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
21:48:01.0655 3324  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
21:48:01.0684 3324  [ 356DBB9F98E8DC1028DD3092FCEEB877 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:48:01.0790 3324  NetBIOS - ok
21:48:01.0822 3324  [ E3A168912E7EEFC3BD3B814720D68B41 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
21:48:01.0900 3324  netbt - ok
21:48:01.0931 3324  [ C731B1FE449D4E9CEA358C9D55B69BE9 ] Netlogon        C:\Windows\system32\lsass.exe
21:48:01.0946 3324  Netlogon - ok
21:48:01.0978 3324  [ 90A4DAE28B94497F83BEA0F2A3B77092 ] Netman          C:\Windows\System32\netman.dll
21:48:02.0071 3324  Netman - ok
21:48:02.0102 3324  [ 7C5C3D9CEEE838856B828AB6F98A2857 ] netprofm        C:\Windows\System32\netprofm.dll
21:48:02.0165 3324  netprofm - ok
21:48:02.0196 3324  [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:48:02.0212 3324  NetTcpPortSharing - ok
21:48:02.0243 3324  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:48:02.0258 3324  nfrd960 - ok
21:48:02.0290 3324  [ C424117A562F2DE37A42266894C79AEB ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:48:02.0352 3324  NlaSvc - ok
21:48:02.0430 3324  [ 7B273501C59D52978B761F82BEBADB06 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
21:48:02.0446 3324  NMIndexingService - ok
21:48:02.0477 3324  [ 4F9832BEB9FAFD8CEB0E541F1323B26E ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:48:02.0555 3324  Npfs - ok
21:48:02.0586 3324  [ 23B8201A363DE0E649FC75EE9874DEE2 ] nsi             C:\Windows\system32\nsisvc.dll
21:48:02.0648 3324  nsi - ok
21:48:02.0680 3324  [ B488DFEC274DE1FC9D653870EF2587BE ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:48:02.0742 3324  nsiproxy - ok
21:48:02.0836 3324  [ 37430AA7A66D7A63407ADC2C0D05E9F6 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:48:02.0945 3324  Ntfs - ok
21:48:02.0976 3324  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
21:48:03.0070 3324  ntrigdigi - ok
21:48:03.0101 3324  [ EC5EFB3C60F1B624648344A328BCE596 ] Null            C:\Windows\system32\drivers\Null.sys
21:48:03.0163 3324  Null - ok
21:48:03.0194 3324  [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:48:03.0210 3324  nvraid - ok
21:48:03.0226 3324  [ ED399014A8029DE02BA5AE01DA8CC9EE ] nvrd32          C:\Windows\system32\drivers\nvrd32.sys
21:48:03.0241 3324  nvrd32 - ok
21:48:03.0257 3324  [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:48:03.0272 3324  nvstor - ok
21:48:03.0288 3324  [ 703E3A7093B0FAC0EEBADBB8E931ECAF ] nvstor32        C:\Windows\system32\drivers\nvstor32.sys
21:48:03.0304 3324  nvstor32 - ok
21:48:03.0335 3324  [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:48:03.0335 3324  nv_agp - ok
21:48:03.0350 3324  NwlnkFlt - ok
21:48:03.0366 3324  NwlnkFwd - ok
21:48:03.0475 3324  [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:48:03.0538 3324  odserv - ok
21:48:03.0553 3324  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:48:03.0631 3324  ohci1394 - ok
21:48:03.0694 3324  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:48:03.0709 3324  ose - ok
21:48:03.0772 3324  [ 016D01D3B8FB976A193C7434BED8DCCF ] p2pimsvc        C:\Windows\system32\p2psvc.dll
21:48:03.0881 3324  p2pimsvc - ok
21:48:03.0912 3324  [ 016D01D3B8FB976A193C7434BED8DCCF ] p2psvc          C:\Windows\system32\p2psvc.dll
21:48:03.0943 3324  p2psvc - ok
21:48:03.0990 3324  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
21:48:04.0068 3324  Parport - ok
21:48:04.0099 3324  [ 555A5B2C8022983BC7467BC925B222EE ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:48:04.0099 3324  partmgr - ok
21:48:04.0130 3324  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
21:48:04.0208 3324  Parvdm - ok
21:48:04.0240 3324  [ D8C5C215C932233A4F1D7F368F4E4E65 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:48:04.0271 3324  PcaSvc - ok
21:48:04.0302 3324  [ 1085D75657807E0E8B32F9E19A1647C3 ] pci             C:\Windows\system32\drivers\pci.sys
21:48:04.0318 3324  pci - ok
21:48:04.0349 3324  [ 3B1901E401473E03EB8C874271E50C26 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:48:04.0364 3324  pciide - ok
21:48:04.0396 3324  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:48:04.0411 3324  pcmcia - ok
21:48:04.0458 3324  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:48:04.0598 3324  PEAUTH - ok
21:48:04.0692 3324  [ CD05A38D166BEADE18030BAFC0C0A939 ] pla             C:\Windows\system32\pla.dll
21:48:04.0848 3324  pla - ok
21:48:04.0895 3324  [ 747BB4C31F3B6E8D1B5ED0AD61518CB5 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:48:04.0973 3324  PlugPlay - ok
21:48:05.0020 3324  [ 79834AA2FBF9FE81EEBB229024F6F7FC ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
21:48:05.0051 3324  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
21:48:05.0051 3324  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
21:48:05.0082 3324  [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
21:48:05.0113 3324  PNRPAutoReg - ok
21:48:05.0176 3324  [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPsvc         C:\Windows\system32\p2psvc.dll
21:48:05.0207 3324  PNRPsvc - ok
21:48:05.0300 3324  [ 5EBDEC613BD377CE9A85382BE5C6B83B ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:48:05.0347 3324  PolicyAgent - ok
21:48:05.0410 3324  [ C04DEC5ACE67C5247B150C4223970BB7 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:48:05.0441 3324  PptpMiniport - ok
21:48:05.0488 3324  [ 0E3CEF5D28B40CF273281D620C50700A ] Processor       C:\Windows\system32\drivers\processr.sys
21:48:05.0566 3324  Processor - ok
21:48:05.0612 3324  [ 213112E152E68F0E4705E36F052A2880 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:48:05.0675 3324  ProfSvc - ok
21:48:05.0675 3324  [ C731B1FE449D4E9CEA358C9D55B69BE9 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:48:05.0706 3324  ProtectedStorage - ok
21:48:05.0722 3324  [ 2C8BAE55247C4E09352E870292E4D1AB ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
21:48:05.0753 3324  PSched - ok
21:48:05.0831 3324  [ CCDAC889326317792480C0A67156A1EC ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:48:05.0909 3324  ql2300 - ok
21:48:05.0924 3324  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:48:05.0940 3324  ql40xx - ok
21:48:05.0971 3324  [ CA61BDFD3713A7CE75F2812AFC431594 ] QWAVE           C:\Windows\system32\qwave.dll
21:48:06.0018 3324  QWAVE - ok
21:48:06.0049 3324  [ D2B3E2B7426DC23E185FBC73C8936C12 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:48:06.0080 3324  QWAVEdrv - ok
21:48:06.0112 3324  [ BD7B30F55B3649506DD8B3D38F571D2A ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:48:06.0158 3324  RasAcd - ok
21:48:06.0205 3324  [ F14F4AAB9F54D099FE99192BDB100AC9 ] RasAuto         C:\Windows\System32\rasauto.dll
21:48:06.0268 3324  RasAuto - ok
21:48:06.0299 3324  [ 68B0019FEE429EC49D29017AF937E482 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:48:06.0330 3324  Rasl2tp - ok
21:48:06.0361 3324  [ 11D65E29BC9D1E4114D18FE68194394C ] RasMan          C:\Windows\System32\rasmans.dll
21:48:06.0439 3324  RasMan - ok
21:48:06.0455 3324  [ CCF4E9C6CBBAC81437F88CB2AE0B6C96 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:48:06.0533 3324  RasPppoe - ok
21:48:06.0564 3324  [ 54129C5D9581BBEC8BD1EBD3BA813F47 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:48:06.0611 3324  rdbss - ok
21:48:06.0642 3324  [ 794585276B5D7FCA9F3FC15543F9F0B9 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:48:06.0698 3324  RDPCDD - ok
21:48:06.0735 3324  [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
21:48:06.0823 3324  rdpdr - ok
21:48:06.0823 3324  [ 980B56E2E273E19D3A9D72D5C420F008 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:48:06.0901 3324  RDPENCDD - ok
21:48:06.0932 3324  [ E2AFAC98FC6CA2AD2D09F2DE1BC71AD9 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:48:06.0964 3324  RDPWD - ok
21:48:07.0010 3324  [ 6C1A43C589EE8011A1EBFD51C01B77CE ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:48:07.0104 3324  RemoteAccess - ok
21:48:07.0135 3324  [ 9A043808667C8C1893DA7275AF373F0E ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:48:07.0198 3324  RemoteRegistry - ok
21:48:07.0291 3324  [ C1C132455200AD4704142442C89D0FA4 ] RichVideo       C:\Program Files\CyberLink\Shared Files\RichVideo.exe
21:48:07.0400 3324  RichVideo ( UnsignedFile.Multi.Generic ) - warning
21:48:07.0400 3324  RichVideo - detected UnsignedFile.Multi.Generic (1)
21:48:07.0463 3324  [ 8804BCB4383859F66FFD51F049A1D744 ] RMCAST          C:\Windows\system32\DRIVERS\RMCAST.sys
21:48:07.0556 3324  RMCAST - ok
21:48:07.0603 3324  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
21:48:07.0634 3324  RpcLocator - ok
21:48:07.0697 3324  [ 7B981222A257D076885BFFB66F19B7CE ] RpcSs           C:\Windows\system32\rpcss.dll
21:48:07.0728 3324  RpcSs - ok
21:48:07.0775 3324  [ 97E939D2128FEC5D5A3E6E79B290A2F4 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:48:07.0853 3324  rspndr - ok
21:48:07.0900 3324  [ 904FD29EC1FF2709099AE2CD1C09A913 ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
21:48:07.0978 3324  RTL8169 - ok
21:48:07.0993 3324  [ C731B1FE449D4E9CEA358C9D55B69BE9 ] SamSs           C:\Windows\system32\lsass.exe
21:48:08.0024 3324  SamSs - ok
21:48:08.0040 3324  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:48:08.0056 3324  sbp2port - ok
21:48:08.0102 3324  [ 565B4B9E5AD2F2F18A4F8AAFA6C06BBB ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:48:08.0196 3324  SCardSvr - ok
21:48:08.0258 3324  [ 886CEC884B5BE29AB9828B8AB46B11F7 ] Schedule        C:\Windows\system32\schedsvc.dll
21:48:08.0321 3324  Schedule - ok
21:48:08.0336 3324  [ 0600E04315FE543802A379D5D23C8BE0 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:48:08.0399 3324  SCPolicySvc - ok
21:48:08.0430 3324  [ F7B6BF02240D0A764ADF8C8966735552 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:48:08.0461 3324  SDRSVC - ok
21:48:08.0492 3324  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:48:08.0570 3324  secdrv - ok
21:48:08.0602 3324  [ 8388C4133DDBE62AD7BC3EC9F14271ED ] seclogon        C:\Windows\system32\seclogon.dll
21:48:08.0680 3324  seclogon - ok
21:48:08.0711 3324  [ 34350AE2C1D33D21C7305F861BD8DAD8 ] SENS            C:\Windows\system32\sens.dll
21:48:08.0836 3324  SENS - ok
21:48:08.0851 3324  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
21:48:08.0945 3324  Serenum - ok
21:48:08.0992 3324  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
21:48:09.0038 3324  Serial - ok
21:48:09.0101 3324  [ 450ACCD77EC5CEA720C1CDB9E26B953B ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:48:09.0116 3324  sermouse - ok
21:48:09.0226 3324  [ 78546CD2ECA6DD6BDCD4B13048621F88 ] ServiceLayer    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
21:48:09.0319 3324  ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
21:48:09.0319 3324  ServiceLayer - detected UnsignedFile.Multi.Generic (1)
21:48:09.0382 3324  [ 78878235DA4DF0D116E86837A0A21DF8 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:48:09.0475 3324  SessionEnv - ok
21:48:09.0506 3324  [ 103B79418DA647736EE95645F305F68A ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:48:09.0553 3324  sffdisk - ok
21:48:09.0569 3324  [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:48:09.0631 3324  sffp_mmc - ok
21:48:09.0662 3324  [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:48:09.0725 3324  sffp_sd - ok
21:48:09.0756 3324  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
21:48:09.0818 3324  sfloppy - ok
21:48:09.0881 3324  [ 9A82BF4C90B00A63150A606A1E2FD82B ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:48:09.0928 3324  SharedAccess - ok
21:48:09.0959 3324  [ B264DFA21677728613267FE63802B332 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:48:10.0006 3324  ShellHWDetection - ok
21:48:10.0052 3324  [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
21:48:10.0084 3324  sisagp - ok
21:48:10.0146 3324  [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
21:48:10.0177 3324  SiSRaid2 - ok
21:48:10.0224 3324  [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:48:10.0240 3324  SiSRaid4 - ok
21:48:10.0349 3324  [ A1DCD30534835CB67733AD00175125A6 ] slsvc           C:\Windows\system32\SLsvc.exe
21:48:10.0642 3324  slsvc - ok
21:48:10.0677 3324  [ 56DA296E7B376A727E7BDC5AC7FBEE02 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
21:48:10.0697 3324  SLUINotify - ok
21:48:10.0717 3324  [ AC0D90738ADB51A6FD12FF00874A2162 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:48:10.0772 3324  Smb - ok
21:48:10.0852 3324  [ D9BFD2298F5CF116D8EAAE3B02DCEE2E ] smserial        C:\Windows\system32\DRIVERS\smserial.sys
21:48:10.0962 3324  smserial - ok
21:48:11.0014 3324  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:48:11.0059 3324  SNMPTRAP - ok
21:48:11.0098 3324  [ 426F9B029AA9162CECCF65369457D046 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:48:11.0109 3324  spldr - ok
21:48:11.0133 3324  [ DA612EF2556776DF2630B68BF2D48935 ] Spooler         C:\Windows\System32\spoolsv.exe
21:48:11.0153 3324  Spooler - ok
21:48:11.0213 3324  [ 71E276F6D189413266EA22171806597B ] sptd            C:\Windows\system32\Drivers\sptd.sys
21:48:11.0213 3324  Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 71E276F6D189413266EA22171806597B
21:48:11.0228 3324  sptd ( LockedFile.Multi.Generic ) - warning
21:48:11.0228 3324  sptd - detected LockedFile.Multi.Generic (1)
21:48:11.0285 3324  [ 038579C35F7CAD4A4BBF735DBF83277D ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:48:11.0357 3324  srv - ok
21:48:11.0422 3324  [ 6971A757AF8CB5E2CBCBB76CC530DB6C ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:48:11.0492 3324  srv2 - ok
21:48:11.0540 3324  [ 9E1A4603B874EEBCE0298113951ABEFB ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:48:11.0563 3324  srvnet - ok
21:48:11.0595 3324  [ 8D3E4BAFF8B3997138C38EB1B600519A ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:48:11.0675 3324  SSDPSRV - ok
21:48:11.0711 3324  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
21:48:11.0723 3324  ssmdrv - ok
21:48:11.0773 3324  [ A941E099EF46E3CC12F898CBE1C39910 ] stisvc          C:\Windows\System32\wiaservc.dll
21:48:11.0814 3324  stisvc - ok
21:48:11.0843 3324  [ 1379BDB336F8158C176A465E30759F57 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
21:48:11.0854 3324  swenum - ok
21:48:11.0876 3324  [ 749ADA8D6C18A08ADFEDE69CBF5DB2E0 ] swprv           C:\Windows\System32\swprv.dll
21:48:11.0955 3324  swprv - ok
21:48:11.0979 3324  sxuptp - ok
21:48:12.0001 3324  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
21:48:12.0023 3324  Symc8xx - ok
21:48:12.0060 3324  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
21:48:12.0088 3324  Sym_hi - ok
21:48:12.0123 3324  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
21:48:12.0141 3324  Sym_u3 - ok
21:48:12.0197 3324  [ 8F2B5FEDE18BD3C4C926CBF88E6F1264 ] SysMain         C:\Windows\system32\sysmain.dll
21:48:12.0284 3324  SysMain - ok
21:48:12.0334 3324  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:48:12.0380 3324  TabletInputService - ok
21:48:12.0423 3324  [ EF3DD33C740FC2F82E7E4622F1C49289 ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:48:12.0503 3324  TapiSrv - ok
21:48:12.0535 3324  [ 68FA52794AE9ACC61BDE16FE0956B414 ] TBS             C:\Windows\System32\tbssvc.dll
21:48:12.0603 3324  TBS - ok
21:48:12.0692 3324  [ 2C1F7005AA3B62721BFDB307BD5F5010 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:48:12.0812 3324  Tcpip - ok
21:48:12.0870 3324  [ 2C1F7005AA3B62721BFDB307BD5F5010 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
21:48:12.0918 3324  Tcpip6 - ok
21:48:12.0968 3324  [ 5CE0C4A7B12D0067DAD527D72B68C726 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:48:13.0039 3324  tcpipreg - ok
21:48:13.0067 3324  [ 964248AEF49C31FA6A93201A73FFAF50 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:48:13.0167 3324  TDPIPE - ok
21:48:13.0202 3324  [ 7D2C1AE1648A60FCE4AA0F7982E419D3 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:48:13.0276 3324  TDTCP - ok
21:48:13.0308 3324  [ AB4FDE8AF4A0270A46A001C08CBCE1C2 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:48:13.0364 3324  tdx - ok
21:48:13.0381 3324  [ 2C549BD9DD091FBFAA0A2A48E82EC2FB ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
21:48:13.0393 3324  TermDD - ok
21:48:13.0430 3324  [ FAD71C1E8E4047B154E899AE31EB8CAA ] TermService     C:\Windows\System32\termsrv.dll
21:48:13.0544 3324  TermService - ok
21:48:13.0620 3324  [ 8C80A73A5D77B2208CA91E4FA269981D ] TestHandler     C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
21:48:13.0649 3324  TestHandler ( UnsignedFile.Multi.Generic ) - warning
21:48:13.0649 3324  TestHandler - detected UnsignedFile.Multi.Generic (1)
21:48:13.0678 3324  [ B264DFA21677728613267FE63802B332 ] Themes          C:\Windows\system32\shsvcs.dll
21:48:13.0703 3324  Themes - ok
21:48:13.0724 3324  [ 9DFA3A459AF0954AA85B4F7622AD87BB ] THREADORDER     C:\Windows\system32\mmcss.dll
21:48:13.0784 3324  THREADORDER - ok
21:48:13.0804 3324  [ 6BBA0582C0025D43729A1112D3B57897 ] TrkWks          C:\Windows\System32\trkwks.dll
21:48:13.0902 3324  TrkWks - ok
21:48:14.0049 3324  [ 34E388A395FEDBA1D0511ED39BBF4074 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:48:14.0118 3324  TrustedInstaller - ok
21:48:14.0150 3324  [ 29F0ECA726F0D51F7E048BDB0B372F29 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:48:14.0256 3324  tssecsrv - ok
21:48:14.0349 3324  [ 65E953BC0084D44498B51F59784D2A82 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
21:48:14.0372 3324  tunmp - ok
21:48:14.0408 3324  [ 4A39BDA5E0FD30BDF4884F9D33AE6105 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:48:14.0439 3324  tunnel - ok
21:48:14.0502 3324  [ C3ADE15414120033A36C0F293D4A4121 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:48:14.0520 3324  uagp35 - ok
21:48:14.0561 3324  [ 6348DA98707CEDA8A0DFB05820E17732 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:48:14.0688 3324  udfs - ok
21:48:14.0822 3324  [ FB20E2BA7CDF44B457939246647BDF65 ] UI Assistant Service C:\Program Files\1&1 Surf-Stick\AssistantServices.exe
21:48:14.0855 3324  UI Assistant Service - ok
21:48:14.0902 3324  [ 24A333F4F14DCFB6FF6D5A1B9E5D79DD ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:48:14.0921 3324  UI0Detect - ok
21:48:14.0943 3324  [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:48:14.0955 3324  uliagpkx - ok
21:48:14.0996 3324  [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci         C:\Windows\system32\drivers\uliahci.sys
21:48:15.0014 3324  uliahci - ok
21:48:15.0048 3324  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
21:48:15.0060 3324  UlSata - ok
21:48:15.0089 3324  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
21:48:15.0102 3324  ulsata2 - ok
21:48:15.0120 3324  [ 3FB78F1D1DD86D87BECECD9DFFA24DD9 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:48:15.0220 3324  umbus - ok
21:48:15.0264 3324  [ 8EB871A3DEB6B3D5A85EB6DDFC390B59 ] upnphost        C:\Windows\System32\upnphost.dll
21:48:15.0377 3324  upnphost - ok
21:48:15.0449 3324  [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
21:48:15.0477 3324  USBAAPL - ok
21:48:15.0624 3324  [ F6BF998AE33E3FB6C7D27F0560F1173F ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
21:48:15.0679 3324  usbaudio - ok
21:48:15.0902 3324  [ 03B01E8DBD2DA2B49157B7E51912AAF2 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:48:15.0971 3324  usbccgp - ok
21:48:16.0103 3324  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:48:16.0228 3324  usbcir - ok
21:48:16.0306 3324  [ 2F83363F98484F8EDAF49F9B41520D14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
21:48:16.0337 3324  usbehci - ok
21:48:16.0384 3324  [ 14D2A4DCD92C0B3368667AED6893463D ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:48:16.0399 3324  usbhub - ok
21:48:16.0431 3324  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:48:16.0571 3324  usbohci - ok
21:48:16.0680 3324  [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:48:16.0774 3324  usbprint - ok
21:48:16.0945 3324  [ B1F95285C08DDFE00C0B955462637EC7 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
21:48:17.0039 3324  usbscan - ok
21:48:17.0133 3324  [ 7887CE56934E7F104E98C975F47353C5 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:48:17.0195 3324  USBSTOR - ok
21:48:17.0257 3324  [ 7747B902F6B7D0096F9C2BF55D3247F1 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
21:48:17.0273 3324  usbuhci - ok
21:48:17.0367 3324  [ 0A6B81F01BC86399482E27E6FDA7B33B ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
21:48:17.0507 3324  usbvideo - ok
21:48:17.0554 3324  [ F79D0D7C9004474CB42746D9B2C30A2B ] UxSms           C:\Windows\System32\uxsms.dll
21:48:17.0632 3324  UxSms - ok
21:48:17.0694 3324  [ C9D0BAFEE0D0A2681F048CA61BC0DA96 ] vds             C:\Windows\System32\vds.exe
21:48:17.0741 3324  vds - ok
21:48:17.0788 3324  [ 7D92BE0028ECDEDEC74617009084B5EF ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:48:17.0850 3324  vga - ok
21:48:17.0881 3324  [ 17A8F877314E4067F8C8172CC6D9101C ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:48:17.0959 3324  VgaSave - ok
21:48:17.0991 3324  [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp          C:\Windows\system32\drivers\viaagp.sys
21:48:18.0006 3324  viaagp - ok
21:48:18.0037 3324  [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
21:48:18.0132 3324  ViaC7 - ok
21:48:18.0179 3324  [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide          C:\Windows\system32\drivers\viaide.sys
21:48:18.0194 3324  viaide - ok
21:48:18.0241 3324  [ 7DC3E1DC6E4F8BE381C31BFEA578412A ] viamraid        C:\Windows\system32\drivers\viamraid.sys
21:48:18.0272 3324  viamraid - ok
21:48:18.0288 3324  [ 103E84C95832D0ED93507997CC7B54E8 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:48:18.0304 3324  volmgr - ok
21:48:18.0350 3324  [ 294DA8D3F965F6A8DB934A83C7B461FF ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:48:18.0366 3324  volmgrx - ok
21:48:18.0397 3324  [ 80DC0C9BCB579ED9815001A4D37CBFD5 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:48:18.0428 3324  volsnap - ok
21:48:18.0460 3324  [ D984439746D42B30FC65A4C3546C6829 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:48:18.0475 3324  vsmraid - ok
21:48:18.0647 3324  [ E0E29D9EF2524ABD11749C7C2FD7F607 ] VSS             C:\Windows\system32\vssvc.exe
21:48:18.0772 3324  VSS - ok
21:48:18.0803 3324  [ 62B0D0F6F5580D9D0DFA5E0B466FF2ED ] W32Time         C:\Windows\system32\w32time.dll
21:48:18.0896 3324  W32Time - ok
21:48:18.0959 3324  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:48:19.0037 3324  WacomPen - ok
21:48:19.0084 3324  [ 6798C1209A53B5A0DED8D437C45145FF ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
21:48:19.0146 3324  Wanarp - ok
21:48:19.0146 3324  [ 6798C1209A53B5A0DED8D437C45145FF ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:48:19.0162 3324  Wanarpv6 - ok
21:48:19.0208 3324  [ C1B19162E0509CEAB4CDF664E139D956 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:48:19.0271 3324  wcncsvc - ok
21:48:19.0302 3324  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:48:19.0364 3324  WcsPlugInService - ok
21:48:19.0380 3324  [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd              C:\Windows\system32\drivers\wd.sys
21:48:19.0396 3324  Wd - ok
21:48:19.0474 3324  [ 7B5F66E4A2219C7D9DAF9E738480E534 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:48:19.0489 3324  Wdf01000 - ok
21:48:19.0520 3324  [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:48:19.0536 3324  WdiServiceHost - ok
21:48:19.0552 3324  [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:48:19.0567 3324  WdiSystemHost - ok
21:48:19.0645 3324  [ 01E41C264EEDCB827820A1909162579F ] WebClient       C:\Windows\System32\webclnt.dll
21:48:19.0723 3324  WebClient - ok
21:48:19.0754 3324  [ 9CF67FF7F8D34CBF115D0C278B9F74AA ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:48:19.0879 3324  Wecsvc - ok
21:48:19.0926 3324  [ B68CAB45DB1DAB59D92ACADFAD6364A8 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:48:20.0004 3324  wercplsupport - ok
21:48:20.0035 3324  [ 36BA0707680EF4236FD752BEE982CC25 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:48:20.0098 3324  WerSvc - ok
21:48:20.0176 3324  [ 0D5AD0E71FF5DDAC5DD2F443B499ABD0 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
21:48:20.0191 3324  WinDefend - ok
21:48:20.0207 3324  WinHttpAutoProxySvc - ok
21:48:20.0285 3324  [ 38A7B89DE4E3417C122317949667FDD8 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:48:20.0394 3324  Winmgmt - ok
21:48:20.0488 3324  [ 3F6823040030C3E4DA1CF11CD40B7534 ] WinRM           C:\Windows\system32\WsmSvc.dll
21:48:20.0566 3324  WinRM - ok
21:48:20.0690 3324  [ 7640ACEA41348BFEF34B76E245501261 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:48:20.0784 3324  Wlansvc - ok
21:48:20.0815 3324  [ 17EAC0D023A65FA9B02114CC2BAACAD5 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
21:48:20.0846 3324  WmiAcpi - ok
21:48:20.0893 3324  [ A279323BEE5FFFAFDA222910BCE92132 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:48:20.0924 3324  wmiApSrv - ok
21:48:21.0002 3324  [ ACB2E63D50157E3EA7140F29D9E76A48 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
21:48:21.0112 3324  WMPNetworkSvc - ok
21:48:21.0174 3324  [ 3D3B3B80C12ABE506F56930C46422C28 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:48:21.0377 3324  WPCSvc - ok
21:48:21.0408 3324  [ C24844A1D0D9528B19D5BC266B8CD572 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:48:21.0455 3324  WPDBusEnum - ok
21:48:21.0502 3324  [ 2D27171B16A577EF14C1273668753485 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
21:48:21.0580 3324  WpdUsb - ok
21:48:21.0611 3324  [ 84620AECDCFD2A7A14E6263927D8C0ED ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:48:21.0658 3324  ws2ifsl - ok
21:48:21.0720 3324  [ F97CBB919AF6D0A6643D1A59C15014D1 ] wscsvc          C:\Windows\system32\wscsvc.dll
21:48:21.0751 3324  wscsvc - ok
21:48:21.0751 3324  WSearch - ok
21:48:21.0876 3324  [ 6298277B73C77FA99106B271A7525163 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:48:22.0016 3324  wuauserv - ok
21:48:22.0048 3324  [ A2AAFCC8A204736296D937C7C545B53F ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:48:22.0126 3324  WUDFRd - ok
21:48:22.0157 3324  [ DB5BF5AAB72B1B99B5331231D09EBB26 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:48:22.0204 3324  wudfsvc - ok
21:48:22.0282 3324  [ 3862318F85BE7A91957ADA5E814ED58C ] ZTEusbmdm6k     C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
21:48:22.0313 3324  ZTEusbmdm6k - ok
21:48:22.0391 3324  [ 3862318F85BE7A91957ADA5E814ED58C ] ZTEusbnmea      C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
21:48:22.0406 3324  ZTEusbnmea - ok
21:48:22.0453 3324  [ 3862318F85BE7A91957ADA5E814ED58C ] ZTEusbser6k     C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
21:48:22.0484 3324  ZTEusbser6k - ok
21:48:22.0516 3324  ================ Scan global ===============================
21:48:22.0547 3324  [ 8CD98A8EC9CADAF4E051CDCAC15C96C4 ] C:\Windows\system32\basesrv.dll
21:48:22.0594 3324  [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
21:48:22.0609 3324  [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
21:48:22.0640 3324  [ 329CF3C97CE4C19375C8ABCABAE258B0 ] C:\Windows\system32\services.exe
21:48:22.0656 3324  [Global] - ok
21:48:22.0656 3324  ================ Scan MBR ==================================
21:48:22.0672 3324  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
21:48:23.0264 3324  \Device\Harddisk0\DR0 - ok
21:48:23.0264 3324  ================ Scan VBR ==================================
21:48:23.0264 3324  [ 4DB8E4CEF920630820FAF341EB0172F3 ] \Device\Harddisk0\DR0\Partition1
21:48:23.0264 3324  \Device\Harddisk0\DR0\Partition1 - ok
21:48:23.0296 3324  [ 17F6BA487B339B61417F6628C058E067 ] \Device\Harddisk0\DR0\Partition2
21:48:23.0296 3324  \Device\Harddisk0\DR0\Partition2 - ok
21:48:23.0296 3324  ============================================================
21:48:23.0296 3324  Scan finished
21:48:23.0296 3324  ============================================================
21:48:23.0327 0540  Detected object count: 8
21:48:23.0327 0540  Actual detected object count: 8
21:49:12.0139 0540  hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
21:49:12.0139 0540  hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:49:12.0139 0540  hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
21:49:12.0139 0540  hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:49:12.0139 0540  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
21:49:12.0139 0540  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:49:12.0139 0540  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
21:49:12.0155 0540  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:49:12.0155 0540  RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
21:49:12.0155 0540  RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:49:12.0155 0540  ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
21:49:12.0155 0540  ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:49:12.0155 0540  sptd ( LockedFile.Multi.Generic ) - skipped by user
21:49:12.0155 0540  sptd ( LockedFile.Multi.Generic ) - User select action: Skip 
21:49:12.0155 0540  TestHandler ( UnsignedFile.Multi.Generic ) - skipped by user
21:49:12.0155 0540  TestHandler ( UnsignedFile.Multi.Generic ) - User select action: Skip

04.06.2013, 11:47	#10
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Ordner Webcake lässt sich nicht löschen Ok, aber eine Bitte: lass solche Zwischenrufe, poste nur wenn es Probleme gibt oder wenn du die Logs hast (diese dann auch posten in CODE-Tags) __________________ Logfiles bitte immer in CODE-Tags posten

Ordner Webcake lässt sich nicht löschen

Plagegeister aller Art und deren Bekämpfung: Ordner Webcake lässt sich nicht löschen