Restlose Entfernung von Maleware usw. ( SpyHunter4 und Snap.do )

Talerius · 14.06.2013, 14:59

Hallo zusammen !

Ich habe folgendes Problem . Und zwar hatte ich die schädliche Software SpyHunter4 installiert und habe Snap.do als Browserstartseite ( Ungewollt ) und wollte fragen , wie ich diese mit allen versteckten viren (und anderen schädlichen Sachen ) wieder loswerde .

(Ich bin erst gegen Abend wieder zuhause , bedanke mich aber schonmal für Hilfe )

LG

markusg · 14.06.2013, 15:02

Hi,

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die
OTL.exe
.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den Inhalt in die
Textbox.

Code:

ATTFilter

activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Kopiere
nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

Talerius · 14.06.2013, 18:27

Ist gemacht

Achja , das ganze ist über google chrome passiert , falls das wichtig ist .

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 14.06.2013 19:14:22 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Thorge\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
15,95 Gb Total Physical Memory | 13,78 Gb Available Physical Memory | 86,39% Memory free
15,95 Gb Paging File | 13,88 Gb Available in Paging File | 87,02% Paging File free
Paging file location(s):  [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 64,41 Gb Free Space | 57,67% Space Free | Partition Type: NTFS
Drive E: | 1277,08 Gb Total Space | 1211,08 Gb Free Space | 94,83% Space Free | Partition Type: NTFS
Drive F: | 97,66 Gb Total Space | 47,15 Gb Free Space | 48,28% Space Free | Partition Type: NTFS
Drive G: | 488,28 Gb Total Space | 313,88 Gb Free Space | 64,28% Space Free | Partition Type: NTFS
 
Computer Name: DC6KH-I | User Name: Thorge | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.06.14 19:02:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Thorge\Desktop\OTL.exe
PRC - [2013.05.12 15:43:32 | 000,413,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.04.01 10:42:22 | 001,719,944 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2012.12.14 13:45:40 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
PRC - [2011.12.09 11:15:24 | 000,252,432 | ---- | M] () -- C:\Program Files (x86)\MSI\OTPService\OTPService.exe
PRC - [2011.12.02 15:14:16 | 000,007,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe
PRC - [2011.12.02 15:14:10 | 000,286,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe
PRC - [2010.11.17 10:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2000.01.01 02:00:00 | 001,266,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.02.22 17:30:30 | 001,358,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\9266d6e1f8057b5b62b460cbf33cda21\System.WorkflowServices.ni.dll
MOD - [2013.02.22 14:45:21 | 000,335,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\05477cb6a1216a3e996ca2860b683a9b\IAStorUtil.ni.dll
MOD - [2013.02.21 22:58:54 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll
MOD - [2013.02.21 22:58:49 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013.01.13 16:56:08 | 001,707,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\1e04a5319c58010e945220af2751d34e\System.ServiceModel.Web.ni.dll
MOD - [2013.01.13 16:54:59 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvcInt#\282301f4ccc97a06b9e585f5e95f24d5\IAStorDataMgrSvcInterfaces.ni.dll
MOD - [2013.01.13 16:54:57 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\797771379e5c349224ee3a9511c124d2\IAStorCommon.ni.dll
MOD - [2013.01.13 04:36:30 | 017,478,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\3e79256ce40faa9682f9e3511ca115ea\System.ServiceModel.ni.dll
MOD - [2013.01.13 04:36:21 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll
MOD - [2013.01.13 04:36:19 | 001,084,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\219c68f83fa608b496b163fd6782e696\System.IdentityModel.ni.dll
MOD - [2013.01.13 04:36:17 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\eb33bf977e97e97b12e82c18e36fbaee\SMDiagnostics.ni.dll
MOD - [2013.01.13 04:32:33 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.01.13 04:32:19 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.01.13 04:32:17 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013.01.13 04:32:16 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.01.13 04:32:10 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012.08.17 21:38:56 | 000,479,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
MOD - [2011.04.12 09:43:19 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.resources.dll
MOD - [2010.11.13 01:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013.01.03 14:38:52 | 000,183,200 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel(R)
SRV - [2013.06.14 16:53:06 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.06.07 00:06:24 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.05.12 15:43:32 | 000,413,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.04.10 22:38:34 | 000,116,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.02.22 16:07:53 | 000,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service)
SRV - [2012.12.14 13:45:40 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -- (AVP)
SRV - [2012.12.14 11:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2011.12.09 11:15:24 | 000,252,432 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\MSI\OTPService\OTPService.exe -- (MSI_OTPService)
SRV - [2011.12.02 15:14:16 | 000,007,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010.11.29 16:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Running] -- C:\Programme\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2000.01.01 02:00:00 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.05.04 21:54:17 | 000,620,128 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2013.05.04 21:54:17 | 000,178,448 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps)
DRV:64bit: - [2013.05.04 21:54:17 | 000,055,056 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi)
DRV:64bit: - [2013.04.19 04:00:16 | 000,025,600 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzdaendpt.sys -- (rzdaendpt)
DRV:64bit: - [2013.04.19 04:00:14 | 000,023,040 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzvkeyboard.sys -- (rzvkeyboard)
DRV:64bit: - [2013.04.19 04:00:06 | 000,119,808 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzudd.sys -- (rzudd)
DRV:64bit: - [2013.03.04 08:48:30 | 000,022,016 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzendpt.sys -- (rzendpt)
DRV:64bit: - [2013.02.25 07:27:45 | 000,194,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013.02.21 07:14:03 | 000,495,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2013.01.09 17:29:57 | 000,066,728 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm)
DRV:64bit: - [2012.12.14 13:45:34 | 000,029,528 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2012.12.14 13:45:32 | 000,029,016 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt)
DRV:64bit: - [2012.10.03 00:26:46 | 000,066,360 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:64bit: - [2012.09.21 21:04:22 | 004,763,680 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012.09.21 21:04:22 | 000,351,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2012.08.02 15:09:34 | 000,028,504 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2012.06.19 17:28:12 | 000,458,584 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.02 15:06:04 | 000,023,832 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:64bit: - [2011.12.02 15:06:00 | 000,565,528 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2011.09.22 03:49:56 | 000,056,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011.04.11 22:01:00 | 000,341,832 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ladfGSRamd64.sys -- (LADF_RenderOnly)
DRV:64bit: - [2011.04.11 22:00:18 | 000,410,184 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ladfGSCamd64.sys -- (LADF_CaptureOnly)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.10 15:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011.02.10 15:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.11.29 16:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.10.25 03:00:00 | 000,714,368 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fwlanusbn.sys -- (fwlanusbn)
DRV:64bit: - [2010.10.25 03:00:00 | 000,014,120 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avmeject.sys -- (avmeject)
DRV:64bit: - [2009.11.24 03:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009.11.24 03:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.11.18 08:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2010.10.22 10:37:36 | 000,014,136 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys -- (NTIOLib_1_0_4)
DRV - [2009.10.06 01:10:14 | 000,014,136 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI\OTPService\NTIOLib_X64.sys -- (NTIOLib_1_0_T)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DE CA B0 4C 0B ED CD 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SPLEP1&pc=SPLH
IE - HKCU\..\SearchScopes\{5875B51A-5C22-4ba7-94A6-149551E0894D}: "URL" = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7256076927&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7256076927&q={searchTerms}
IE - HKCU\..\SearchScopes\{6AF1964A-3016-4919-AB23-A45F12C1AA40}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=MMBROWSV
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013.05.04 21:54:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013.05.04 21:54:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013.05.04 21:54:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013.05.04 21:54:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013.05.04 21:54:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: E:\Mozilla Thunderbird\components [2013.05.13 23:21:22 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: E:\Mozilla Thunderbird\plugins
 
[2013.05.22 21:23:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thorge\AppData\Roaming\mozilla\Extensions
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=9fab4e44-cb29-43b8-8d76-900903cf0031&searchtype=hp&installDate=14/06/2013
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - Extension: South Park = C:\Users\Thorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoiakcboakkfknbginpmpfkcdmcmpnfm\1.6_0\
CHR - Extension: Google Drive = C:\Users\Thorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Thorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: BetterAds = C:\Users\Thorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\cacclhdpfoingihegojhoipnihfnoaki\2.1_0\
CHR - Extension: Google-Suche = C:\Users\Thorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Modul zur Link-Untersuchung = C:\Users\Thorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0\
CHR - Extension: Sicherer Zahlungsverkehr = C:\Users\Thorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0\
CHR - Extension: Modul f\u00FCr das Blockieren gef\u00E4hrlicher Webseiten = C:\Users\Thorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0\
CHR - Extension: Virtuelle Tastatur = C:\Users\Thorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4292_0\
CHR - Extension: Google Mail = C:\Users\Thorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Anti-Banner = C:\Users\Thorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (ooVoo toolbar, powered by Ask.com) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (ooVoo toolbar, powered by Ask.com) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (ooVoo toolbar, powered by Ask.com) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY File not found
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [ControlCenterCount] C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe (MSI CO.,LTD.)
O4 - HKLM..\Run: [ControlCenterII] \BootStartControlCenter.exe File not found
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LWS] E:\Logitech Webcam\LWS\Webcam Software\LWS.exe -hide File not found
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer USA Ltd)
O4 - HKCU..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun File not found
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Thorge\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKCU..\Run: [Steam] G:\Steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Thorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ControlCenter.lnk = C:\Program Files (x86)\MSI\ControlCenter\StartControlCenter.exe (MSI CO.,LTD.)
O4 - Startup: C:\Users\Thorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk =  File not found
O4 - Startup: C:\Users\Thorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm ()
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm ()
O9:64bit: - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6B6E2D1E-896C-4640-8F14-7786F6EB7481}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FA2CA98D-A49A-4241-A510-AB8A9B48BF29}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.06.14 15:07:59 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{86669ec8-58ea-11e2-99f6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{86669ec8-58ea-11e2-99f6-806e6f6e6963}\Shell\AutoRun\command - "" = D:\DVDSetup.exe
O33 - MountPoints2\{f9c5dbd9-58fd-11e2-b8dc-f39df683af77}\Shell - "" = AutoRun
O33 - MountPoints2\{f9c5dbd9-58fd-11e2-b8dc-f39df683af77}\Shell\AutoRun\command - "" = E:\pushinst.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.14 19:02:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Thorge\Desktop\OTL.exe
[2013.06.14 15:07:44 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013.06.14 15:06:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013.06.13 21:45:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins
[2013.06.13 21:45:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions
[2013.06.13 21:44:41 | 000,000,000 | ---D | C] -- C:\Users\Thorge\AppData\Roaming\Babylon
[2013.06.13 21:44:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2013.06.13 21:44:31 | 000,000,000 | ---D | C] -- C:\Users\Thorge\AppData\Roaming\OpenCandy
[2013.06.13 21:44:31 | 000,000,000 | ---D | C] -- C:\Users\Thorge\AppData\Roaming\DVDVideoSoft
[2013.06.13 21:44:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2013.06.13 18:18:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2013.06.07 21:58:41 | 000,000,000 | ---D | C] -- C:\Users\Thorge\AppData\Local\Eclipse
[2013.06.03 18:02:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
[2013.06.02 18:02:10 | 000,000,000 | ---D | C] -- C:\User
[2013.06.02 11:55:29 | 000,000,000 | R--D | C] -- C:\Users\Thorge\Videos
[2013.06.02 11:55:29 | 000,000,000 | R--D | C] -- C:\Users\Thorge\Pictures
[2013.06.02 11:55:29 | 000,000,000 | R--D | C] -- C:\Users\Thorge\Music
[2013.06.01 19:48:52 | 000,000,000 | ---D | C] -- C:\Users\Thorge\Downloads
[2013.06.01 19:13:42 | 000,000,000 | ---D | C] -- C:\Users\Thorge\Documents
[2013.06.01 19:10:05 | 000,000,000 | ---D | C] -- E:\User\Dokumente\Downloaded Installers
[2013.06.01 19:09:50 | 000,000,000 | ---D | C] -- E:\User\Dokumente\StarCraft II
[2013.06.01 19:09:50 | 000,000,000 | ---D | C] -- E:\User\Dokumente\Processing
[2013.06.01 19:09:50 | 000,000,000 | ---D | C] -- E:\User\Dokumente\My ooVoo
[2013.06.01 19:09:47 | 000,000,000 | ---D | C] -- E:\User\Dokumente\My Games
[2013.06.01 19:09:47 | 000,000,000 | ---D | C] -- E:\User\Dokumente\ArmA 2
[2013.06.01 19:09:47 | 000,000,000 | ---D | C] -- E:\User\Dokumente\ANNO 2070
[2013.05.31 19:38:10 | 000,000,000 | ---D | C] -- C:\Users\Thorge\AppData\Local\wow-one.com
[2013.05.31 18:25:33 | 000,000,000 | ---D | C] -- C:\Users\Thorge\AppData\Local\MediaBA
[2013.05.31 18:24:07 | 000,000,000 | ---D | C] -- C:\Users\Thorge\AppData\Roaming\uTorrent
[2013.05.30 20:03:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA
[2013.05.26 12:21:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers
[2013.05.26 12:21:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SlimDrivers
[2013.05.24 23:52:31 | 000,000,000 | ---D | C] -- C:\Users\Thorge\AppData\Roaming\FileZilla
[2013.05.24 23:52:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[2013.05.23 15:15:20 | 000,000,000 | ---D | C] -- C:\Users\Thorge\AppData\Roaming\Processing
[2013.05.22 21:23:11 | 000,000,000 | ---D | C] -- C:\Users\Thorge\AppData\Roaming\Mozilla
[2013.05.21 20:51:47 | 000,000,000 | ---D | C] -- C:\Users\Thorge\AppData\Local\Logitech® Webcam-Software
[2013.05.21 20:07:39 | 000,000,000 | ---D | C] -- C:\Users\Thorge\AppData\Roaming\ooVoo Details
[2013.05.21 20:07:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2013.05.21 20:07:05 | 000,000,000 | ---D | C] -- C:\Users\Thorge\AppData\Local\APN
[2013.05.21 20:06:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ooVoo
[2013.05.21 18:33:36 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013.05.20 23:03:55 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2013.05.20 11:01:22 | 000,000,000 | R--D | C] -- C:\Users\Thorge\Searches
[2013.05.19 19:20:54 | 000,000,000 | R--D | C] -- C:\Users\Thorge\Favorites
[2013.05.18 18:56:25 | 000,000,000 | ---D | C] -- C:\Users\Thorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2013.05.18 15:10:53 | 000,000,000 | -H-D | C] -- C:\$WINDOWS.~BT
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.14 19:05:47 | 000,000,412 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2013.06.14 19:02:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Thorge\Desktop\OTL.exe
[2013.06.14 18:59:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.14 18:53:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.14 15:31:27 | 000,021,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.14 15:31:27 | 000,021,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.14 15:30:14 | 001,615,906 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.06.14 15:30:14 | 000,697,658 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.06.14 15:30:14 | 000,652,976 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.06.14 15:30:14 | 000,148,452 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.06.14 15:30:14 | 000,121,406 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.06.14 15:24:35 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.14 15:24:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.14 15:24:17 | 4258,426,878 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.14 15:07:59 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2013.05.31 18:25:26 | 000,000,529 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2013.05.22 15:52:15 | 002,619,757 | ---- | M] () -- C:\Users\Thorge\Desktop\Linkin Park-Bleed it Out (Official).mp3
[2013.05.22 13:47:19 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2013.05.21 23:03:49 | 000,000,521 | ---- | M] () -- C:\Users\Thorge\Desktop\Fraps.lnk
[2013.05.21 20:48:46 | 000,000,677 | ---- | M] () -- C:\Users\Thorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2013.05.18 18:58:58 | 001,265,434 | ---- | M] () -- E:\User\Dokumente\ts3_clientui-win64-1365064384-2013-05-18 18_58_57.966009.dmp
[2013.05.18 18:58:49 | 001,265,434 | ---- | M] () -- E:\User\Dokumente\ts3_clientui-win64-1365064384-2013-05-18 18_58_49.110502.dmp
[2013.05.18 18:57:06 | 001,265,434 | ---- | M] () -- E:\User\Dokumente\ts3_clientui-win64-1365064384-2013-05-18 18_57_06.684644.dmp
[2013.05.18 18:56:18 | 001,265,434 | ---- | M] () -- E:\User\Dokumente\ts3_clientui-win64-1365064384-2013-05-18 18_56_18.537890.dmp
[2013.05.18 18:55:42 | 001,262,753 | ---- | M] () -- E:\User\Dokumente\ts3_clientui-win64-1365064384-2013-05-18 18_55_42.944854.dmp
[2013.05.18 18:55:40 | 000,000,000 | ---- | M] () -- E:\User\Dokumente\ts3_clientui-win64-1365064384-2013-05-18 18_55_40.998743.dmp
[2013.05.18 18:55:23 | 001,262,753 | ---- | M] () -- E:\User\Dokumente\ts3_clientui-win64-1365064384-2013-05-18 18_55_23.457740.dmp
[2013.05.18 18:54:56 | 001,262,753 | ---- | M] () -- E:\User\Dokumente\ts3_clientui-win64-1365064384-2013-05-18 18_54_56.089174.dmp
[2013.05.18 15:13:18 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml
[2013.05.18 15:13:18 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
 
========== Files Created - No Company Name ==========
 
[2013.06.14 15:07:59 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2013.06.03 18:03:07 | 000,002,567 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Excel Viewer.lnk
[2013.06.01 19:09:53 | 001,262,753 | ---- | C] () -- E:\User\Dokumente\ts3_clientui-win64-1365064384-2013-05-18 18_54_56.089174.dmp
[2013.06.01 19:09:47 | 001,265,434 | ---- | C] () -- E:\User\Dokumente\ts3_clientui-win64-1365064384-2013-05-18 18_58_57.966009.dmp
[2013.06.01 19:09:47 | 001,265,434 | ---- | C] () -- E:\User\Dokumente\ts3_clientui-win64-1365064384-2013-05-18 18_58_49.110502.dmp
[2013.06.01 19:09:47 | 001,265,434 | ---- | C] () -- E:\User\Dokumente\ts3_clientui-win64-1365064384-2013-05-18 18_57_06.684644.dmp
[2013.06.01 19:09:47 | 001,265,434 | ---- | C] () -- E:\User\Dokumente\ts3_clientui-win64-1365064384-2013-05-18 18_56_18.537890.dmp
[2013.06.01 19:09:47 | 001,262,753 | ---- | C] () -- E:\User\Dokumente\ts3_clientui-win64-1365064384-2013-05-18 18_55_42.944854.dmp
[2013.06.01 19:09:47 | 001,262,753 | ---- | C] () -- E:\User\Dokumente\ts3_clientui-win64-1365064384-2013-05-18 18_55_23.457740.dmp
[2013.06.01 19:09:47 | 000,000,000 | ---- | C] () -- E:\User\Dokumente\ts3_clientui-win64-1365064384-2013-05-18 18_55_40.998743.dmp
[2013.05.31 18:25:26 | 000,000,529 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2013.05.22 15:52:13 | 002,619,757 | ---- | C] () -- C:\Users\Thorge\Desktop\Linkin Park-Bleed it Out (Official).mp3
[2013.05.21 20:48:46 | 000,000,677 | ---- | C] () -- C:\Users\Thorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2013.05.18 15:10:41 | 000,001,908 | ---- | C] () -- C:\Windows\diagwrn.xml
[2013.05.18 15:10:41 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2013.02.11 19:44:31 | 000,007,705 | ---- | C] () -- C:\Users\Thorge\AppData\Local\recently-used.xbel
[2013.01.15 21:52:57 | 000,001,469 | ---- | C] () -- C:\Users\Thorge\AppData\Local\RecConfig.xml
[2013.01.07 22:45:01 | 001,592,864 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.11.19 09:33:32 | 000,065,656 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2012.11.19 09:33:30 | 000,022,640 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2012.09.28 17:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
[2012.09.21 21:08:36 | 010,919,784 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012.09.21 21:08:36 | 000,338,136 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012.09.21 21:08:36 | 000,103,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.06.14 15:23:08 | 000,000,000 | ---D | M] -- C:\Users\Thorge\AppData\Roaming\.minecraft
[2013.06.13 21:44:41 | 000,000,000 | ---D | M] -- C:\Users\Thorge\AppData\Roaming\Babylon
[2013.04.06 17:14:26 | 000,000,000 | ---D | M] -- C:\Users\Thorge\AppData\Roaming\BANDISOFT
[2013.02.01 00:52:16 | 000,000,000 | ---D | M] -- C:\Users\Thorge\AppData\Roaming\Bump Technologies, Inc
[2013.06.14 15:20:38 | 000,000,000 | ---D | M] -- C:\Users\Thorge\AppData\Roaming\DVDVideoSoft
[2013.05.31 17:00:32 | 000,000,000 | ---D | M] -- C:\Users\Thorge\AppData\Roaming\FileZilla
[2013.01.08 16:38:28 | 000,000,000 | ---D | M] -- C:\Users\Thorge\AppData\Roaming\Leadertech
[2013.01.08 17:17:55 | 000,000,000 | ---D | M] -- C:\Users\Thorge\AppData\Roaming\LolClient
[2013.06.14 15:23:32 | 000,000,000 | ---D | M] -- C:\Users\Thorge\AppData\Roaming\Notepad++
[2013.05.21 20:07:39 | 000,000,000 | ---D | M] -- C:\Users\Thorge\AppData\Roaming\ooVoo Details
[2013.06.14 14:19:46 | 000,000,000 | ---D | M] -- C:\Users\Thorge\AppData\Roaming\OpenCandy
[2013.05.23 15:15:36 | 000,000,000 | ---D | M] -- C:\Users\Thorge\AppData\Roaming\Processing
[2013.06.14 15:34:52 | 000,000,000 | ---D | M] -- C:\Users\Thorge\AppData\Roaming\Splashtop
[2013.05.25 18:15:10 | 000,000,000 | ---D | M] -- C:\Users\Thorge\AppData\Roaming\Spotify
[2013.05.23 15:11:01 | 000,000,000 | ---D | M] -- C:\Users\Thorge\AppData\Roaming\TeamViewer
[2013.03.25 02:15:13 | 000,000,000 | ---D | M] -- C:\Users\Thorge\AppData\Roaming\Teeworlds
[2013.01.07 23:30:25 | 000,000,000 | ---D | M] -- C:\Users\Thorge\AppData\Roaming\Thunderbird
[2013.06.11 21:49:54 | 000,000,000 | ---D | M] -- C:\Users\Thorge\AppData\Roaming\TS3Client
[2013.01.09 17:23:45 | 000,000,000 | ---D | M] -- C:\Users\Thorge\AppData\Roaming\TuneUp Software
[2013.01.13 02:32:54 | 000,000,000 | ---D | M] -- C:\Users\Thorge\AppData\Roaming\Ubisoft
[2013.06.02 01:42:45 | 000,000,000 | ---D | M] -- C:\Users\Thorge\AppData\Roaming\uTorrent
[2013.01.27 00:20:25 | 000,000,000 | ---D | M] -- C:\Users\Thorge\AppData\Roaming\YaTQA
 
========== Purity Check ==========
 
 

< End of report >

--- --- ---

Code:

ATTFilter

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "E:\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "E:\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "E:\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "E:\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "E:\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "E:\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "E:\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "E:\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "E:\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "E:\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A3A7C38-4D9A-48EC-AC42-ADC93506856C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{2C7BDEAD-F60E-4211-8F52-26393A2FE284}" = lport=139 | protocol=6 | dir=in | app=system | 
"{43F70AED-46F8-47D7-AB44-38E35C2581EA}" = rport=445 | protocol=6 | dir=out | app=system | 
"{6328D6B3-E33F-4DC3-AF8A-B1C69E1EF3C7}" = rport=139 | protocol=6 | dir=out | app=system | 
"{A24159D3-69F3-407A-AC6B-971F7A9039CF}" = rport=137 | protocol=17 | dir=out | app=system | 
"{A6E506D2-F85D-4EB4-9B05-EF54073DDDB1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{BF0791F3-C68E-45B4-854C-8D72F8E6DA5D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{D023F9C4-FF5D-4A1F-80BE-A5A685C06F94}" = lport=137 | protocol=17 | dir=in | app=system | 
"{D7CA7CA4-B27E-441B-BB72-63A6C536BB45}" = lport=138 | protocol=17 | dir=in | app=system | 
"{E3107C31-AE6A-412D-831E-16EA34E214EB}" = rport=138 | protocol=17 | dir=out | app=system | 
"{ED1F3E5E-CF97-41F3-8C93-36C374448E2F}" = lport=445 | protocol=6 | dir=in | app=system | 
"{F758C953-A131-49CC-B633-9E86DD7EEA71}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02F094D5-2ED6-47EB-9ED8-1AE099088F82}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | 
"{0487D6CA-7AB4-4941-9321-DE1C605429A1}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe | 
"{04E65C43-5C74-4981-906D-00D4BF84DE1A}" = protocol=6 | dir=in | app=g:\steam\steamapps\grimmlich\counter-strike source\hl2.exe | 
"{09485650-BACC-4035-A9D3-32F7336169C4}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\hell yeah\hellyeah.exe | 
"{09B83562-47EA-465A-9363-E8988F6C618C}" = protocol=17 | dir=in | app=g:\starcraft ii\starcraft ii public test.exe | 
"{0E96F072-DA58-48FE-8E3D-ED869DC1E8A0}" = protocol=6 | dir=in | app=e:\utorrent\utorrent.exe | 
"{134EA77B-304A-46DD-8561-819BAEB14705}" = protocol=17 | dir=in | app=g:\company of heros\reliccoh.exe | 
"{17CC6A38-3018-4DA6-B24C-9EFFA97C67AE}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe | 
"{1EADD97B-CDE6-464D-B717-6E91C54711A7}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe | 
"{20CA8E6F-FF1D-444B-ACC8-614EC283F19B}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\anno5.exe | 
"{2BAA4B85-C4AD-4649-B762-127D7BCB1D3F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{2E83BF8F-8F3E-47CF-BF0B-FE6FDBE5B528}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe | 
"{32508C53-4504-4F06-B066-773F2F141D74}" = protocol=17 | dir=in | app=e:\utorrent\utorrent.exe | 
"{34FE4F20-56CA-440D-8864-1B9396861103}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | 
"{3AF9223F-7B49-4583-8A87-BA2F64A18E86}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"{3E82B89D-ADDF-4445-8A82-E302427AC177}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe | 
"{4204EC27-D40B-44E3-B70F-4C3AF0490FB3}" = protocol=17 | dir=in | app=g:\starcraft ii\starcraft ii.exe | 
"{42181A6B-B13F-476E-B932-5F3B31C9A35E}" = protocol=17 | dir=in | app=g:\company of heros\relicdownloader\relicdownloader.exe | 
"{47C5CA8C-1807-4CA2-A5DE-429C0125FA39}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe | 
"{4A6AEEC8-70A1-4014-ACAE-C74D6F690A9C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{4C57CC85-BC6F-4EFA-8809-7A81D61CBAD2}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe | 
"{509E7F13-6F03-4328-9F37-E3E5B6532B9B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe | 
"{5556DA03-3232-40B8-9CC4-98054ABB3539}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe | 
"{57923EDC-154E-481E-9A18-9210C82085D8}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\anno5.exe | 
"{597AA49A-F35C-4FA6-9F00-EFD71E680AC1}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\left 4 dead\left4dead.exe | 
"{5E9880A1-6993-4650-9BE0-47E27C94927E}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe | 
"{5EE73551-7E43-4DB9-B006-D42D8DE5F38B}" = protocol=6 | dir=in | app=g:\starcraft ii\starcraft ii.exe | 
"{606A41DB-82E3-4719-937D-89770275F9CA}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe | 
"{663ADC67-4FEF-4F70-9891-3084A9C0268F}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"{67AD024A-F800-450D-A213-7905AF0AE24F}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe | 
"{69A9B59D-65D6-47ED-B645-6EFD972C5EAD}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe | 
"{70AB8FBB-1A8E-4790-9B9B-02879E5ADA8C}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\dota 2 beta\dota.exe | 
"{72EDFF07-FAD2-440C-9F70-23D5E4903CCB}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"{75BC6A8D-4AB5-4BCB-B95E-015C9E5633CA}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | 
"{7B0136D1-8074-4B54-B0A0-A74FD28629C6}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\arma 2\arma2.exe | 
"{7CD65150-A3C4-418D-AD65-52243E4AF499}" = protocol=17 | dir=in | app=e:\steam\steam.exe | 
"{7F4AE353-C013-4374-A9BD-1622C41239CA}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | 
"{86883949-80DB-4DC5-B7C6-2DAA344504A4}" = protocol=6 | dir=in | app=e:\steam\steam.exe | 
"{87D9FD68-63CA-48D1-8D11-FE938DBE2B64}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\autopatcher.exe | 
"{87EFF047-DBFF-4C92-8179-2728F4585BE1}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe | 
"{8A5BD1F7-D6A9-428A-8E9A-C08C5D3BF040}" = protocol=17 | dir=in | app=g:\steam\steamapps\grimmlich\counter-strike source\hl2.exe | 
"{8F0F2B09-3490-416D-8D10-C6E4245E74E3}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe | 
"{91FCA72C-EF87-40D7-866E-582BC87CA60E}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"{96DD0BEE-01E1-48E6-81A2-6FF3C36511B9}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\terraria\terraria.exe | 
"{9776A334-CA24-4A70-95FA-40BA4F4AA729}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{98E05599-3F9A-4E0A-9165-AD8915851507}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\half-life\hl.exe | 
"{9AAD399B-528B-4E76-B741-7515D93FB39D}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\arma 2\arma2.exe | 
"{9BD3F878-87CE-4A5C-BC33-296B40469BAD}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{9F4612B9-236D-4CA4-92C9-6DA4F144EF0B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe | 
"{A080B121-17D1-4529-8E4B-D8A6C83EFAA8}" = protocol=6 | dir=in | app=g:\company of heros\relicdownloader\relicdownloader.exe | 
"{A31790D5-2BC8-4287-A6EA-D8CF408AA60D}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\dota 2 beta\dota.exe | 
"{A784E303-B009-4702-8699-1144B52972BF}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{AF1F4EAB-D53A-4AA8-A4FC-AAD42376F37F}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe | 
"{B1BCB58D-965F-4D0F-B040-CF2DA0DC6D4A}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\initengine.exe | 
"{B5E3AA99-7F18-4872-BD8A-E5C865A0CEAD}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\autopatcher.exe | 
"{B6105227-6A74-4A31-99B5-6C1B6E4FCE5F}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"{B697636A-732A-4170-9D29-D5572B4E9CEA}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe | 
"{BACCE981-A220-4AFC-BC1A-144370743EE4}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe | 
"{BB7AB29D-D3F1-4BF3-AEB6-16C504B4CBA5}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe | 
"{BB880070-5839-4D4E-9A1F-8F4A26EE1CD0}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\terraria\terrariaserver.exe | 
"{BD9FBF60-B41D-4E32-9206-20A369333A07}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe | 
"{BE2B209A-E973-403C-B923-CBD447EA8829}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | 
"{BF906B61-2BDC-4F26-BFAC-DF4A3092946F}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\dota 2 beta\dota.exe | 
"{C9105488-1800-473E-B1F5-5117B846B774}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\warhammer 40,000 space marine\spacemarine.exe | 
"{C93ECD81-2601-43B1-AE4A-5FB1A5092D6E}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe | 
"{CA7E2C5C-C728-4879-AA38-F920000AE444}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\half-life\hl.exe | 
"{CD98DB7F-32C2-4B26-A6F8-FC980707D61D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe | 
"{CE5DB64D-581B-4ED7-B533-7CC806363FC8}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe | 
"{CFCFD03D-EE05-42D1-9DC5-3A368F18EB96}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe | 
"{CFF02251-2455-4E58-B067-567424C03988}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe | 
"{D2D2AD27-BC55-43C5-971F-60AEF165793A}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | 
"{D7DC8FCF-3897-46BF-A118-A2902ADCEBAC}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\terraria\terraria.exe | 
"{DF8BEF37-BC09-4AD3-839B-072473FECF45}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | 
"{E235F7B7-861F-4303-965A-A4C175C2CBD1}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\warhammer 40,000 space marine\spacemarine.exe | 
"{E2E862D6-FC29-40D5-AEE3-B6A269B73F6D}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\half-life\hl.exe | 
"{E32F2DCC-51D5-4BC1-8268-C1C1D05A1FDC}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\hell yeah\hellyeah.exe | 
"{E34C4681-3831-4A9F-8471-3679EE8E37A6}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\terraria\terrariaserver.exe | 
"{E3D29B95-CF99-498F-9A8C-3AE450B14210}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\initengine.exe | 
"{E8FB613F-83E1-4F12-BF24-19B73E6FE9C1}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe | 
"{ECD296DB-1869-4FE9-8253-FE11527536EF}" = protocol=6 | dir=in | app=g:\company of heros\reliccoh.exe | 
"{F10DB941-415A-4141-85C3-AC51519E86CC}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe | 
"{F1E758ED-0922-4F25-9CF3-416A1AD54C3C}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\half-life\hl.exe | 
"{F2291FB6-E526-4442-8CFF-51596C0BF41B}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\left 4 dead\left4dead.exe | 
"{F5313871-A36B-4247-96E1-97B3EE7C6917}" = protocol=6 | dir=in | app=g:\starcraft ii\starcraft ii public test.exe | 
"{FB45AED2-9DF2-4D3B-B6F3-D57D083153EC}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | 
"{FE4F75CA-AEFC-4BD6-A745-7A4B78F2B256}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\dota 2 beta\dota.exe | 
"{FEF9C746-CC71-42EB-AA24-EC2291C94F01}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"TCP Query User{05358267-EDA0-4418-AC46-6AAABB1089A4}E:\skype\phone\skype.exe" = protocol=6 | dir=in | app=e:\skype\phone\skype.exe | 
"TCP Query User{066E21EA-2C41-48D3-90BD-505928ED9662}C:\program files (x86)\liquid entertainment\battle realms\battle_realms_f.exe" = protocol=6 | dir=in | app=c:\program files (x86)\liquid entertainment\battle realms\battle_realms_f.exe | 
"TCP Query User{07C14C00-4065-4A48-AEB3-76233C198162}C:\program files (x86)\starcraft ii\versions\base23260\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base23260\sc2.exe | 
"TCP Query User{11333C9B-A921-4860-A0FD-47258FAB1480}G:\ubisoft\related designs\anno 2070\autopatcher.exe" = protocol=6 | dir=in | app=g:\ubisoft\related designs\anno 2070\autopatcher.exe | 
"TCP Query User{21497D63-A904-44AE-9A51-6CB3A9AB1CD3}G:\steam\steamapps\common\terraria\terrariaserver.exe" = protocol=6 | dir=in | app=g:\steam\steamapps\common\terraria\terrariaserver.exe | 
"TCP Query User{2761E2EF-27C2-4674-8B9F-7B0B83E07037}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"TCP Query User{40162739-344D-4FB8-B638-5E3DE9C001A5}G:\steam\steam.exe" = protocol=6 | dir=in | app=g:\steam\steam.exe | 
"TCP Query User{460D66CD-9D47-4CB7-89A2-3D0A4B24DE7C}G:\planetsideii\planetside2.exe" = protocol=6 | dir=in | app=g:\planetsideii\planetside2.exe | 
"TCP Query User{52BA4AE9-A9BA-46AA-B9FD-35A2C3C0E156}G:\gamespy arcade\aphex.exe" = protocol=6 | dir=in | app=g:\gamespy arcade\aphex.exe | 
"TCP Query User{6C249933-308A-473F-A451-506817F69FC1}C:\users\thorge\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\thorge\appdata\roaming\spotify\spotify.exe | 
"TCP Query User{71233182-E558-4EB9-845B-1BC5CC7301E0}C:\users\thorge\desktop\teamspeak3-server_win64\ts3server_win64.exe" = protocol=6 | dir=in | app=c:\users\thorge\desktop\teamspeak3-server_win64\ts3server_win64.exe | 
"TCP Query User{766C7C5A-0322-40C6-8A9D-1F84C0ABACB4}G:\steam\steamapps\grimmlich\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=g:\steam\steamapps\grimmlich\counter-strike source\hl2.exe | 
"TCP Query User{7CC461B6-DDD6-4528-A4BA-7118F4E60DD1}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe | 
"TCP Query User{7DB31FB5-64F1-45B8-A67D-C17AE8588A7B}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"TCP Query User{96BC923A-1DF5-4E87-94FC-B92F67520DB9}E:\winamp\winamp.exe" = protocol=6 | dir=in | app=e:\winamp\winamp.exe | 
"TCP Query User{9799A891-9A81-40B7-9F1F-F1511BF5CD63}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe | 
"TCP Query User{A8A1D60E-0D16-4EA9-8678-AA8246BE8750}G:\steam\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe" = protocol=6 | dir=in | app=g:\steam\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe | 
"TCP Query User{A989B13B-A467-474A-B880-B4C6594BC778}G:\starcraft ii\versions\base24944\sc2.exe" = protocol=6 | dir=in | app=g:\starcraft ii\versions\base24944\sc2.exe | 
"TCP Query User{C548D033-7ACC-4FA1-B188-D40D898AA0FC}E:\steam\steamapps\grimmlich\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=e:\steam\steamapps\grimmlich\counter-strike source\hl2.exe | 
"TCP Query User{DE2D7848-96F3-4475-8B19-CBE443EA2EC6}G:\starcraft ii\versions\base23260\sc2.exe" = protocol=6 | dir=in | app=g:\starcraft ii\versions\base23260\sc2.exe | 
"TCP Query User{E9706156-6BDF-499A-A3A2-67A2A61046CB}E:\starcraft ii\versions\base23260\sc2.exe" = protocol=6 | dir=in | app=e:\starcraft ii\versions\base23260\sc2.exe | 
"UDP Query User{0A68BC63-829B-4C06-9F66-34DD1495E93E}G:\steam\steamapps\grimmlich\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=g:\steam\steamapps\grimmlich\counter-strike source\hl2.exe | 
"UDP Query User{0C1AD39E-2E2A-4E08-8E45-E11BE25EB8F0}G:\starcraft ii\versions\base24944\sc2.exe" = protocol=17 | dir=in | app=g:\starcraft ii\versions\base24944\sc2.exe | 
"UDP Query User{18319A9C-EF2E-4D8B-BB78-6E90A2AD0A01}C:\users\thorge\desktop\teamspeak3-server_win64\ts3server_win64.exe" = protocol=17 | dir=in | app=c:\users\thorge\desktop\teamspeak3-server_win64\ts3server_win64.exe | 
"UDP Query User{1D279492-8D8D-4F23-9DA1-2D24FD475398}E:\steam\steamapps\grimmlich\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=e:\steam\steamapps\grimmlich\counter-strike source\hl2.exe | 
"UDP Query User{3084FC7D-5AD7-4CC1-9F79-92349343F820}E:\winamp\winamp.exe" = protocol=17 | dir=in | app=e:\winamp\winamp.exe | 
"UDP Query User{35D22BE2-8D19-45C2-95FD-16BE139AE7A9}C:\users\thorge\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\thorge\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{3B8FE289-B094-49AD-B589-CEF233553A4F}C:\program files (x86)\starcraft ii\versions\base23260\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base23260\sc2.exe | 
"UDP Query User{40B31282-06C1-4B63-8427-09147FFB0477}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe | 
"UDP Query User{411037EB-B3FC-4B2D-90D6-B25DC5A204B2}G:\gamespy arcade\aphex.exe" = protocol=17 | dir=in | app=g:\gamespy arcade\aphex.exe | 
"UDP Query User{45978280-A283-45F8-A0BA-AFA29F2AD805}E:\skype\phone\skype.exe" = protocol=17 | dir=in | app=e:\skype\phone\skype.exe | 
"UDP Query User{4CA1D9A7-718E-453D-852C-D51C84B7EAFF}G:\starcraft ii\versions\base23260\sc2.exe" = protocol=17 | dir=in | app=g:\starcraft ii\versions\base23260\sc2.exe | 
"UDP Query User{74495424-683F-498A-BF08-66EA85F0ACE5}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"UDP Query User{A0EEBEBD-A7A3-4396-AA32-31F209B031E3}E:\starcraft ii\versions\base23260\sc2.exe" = protocol=17 | dir=in | app=e:\starcraft ii\versions\base23260\sc2.exe | 
"UDP Query User{A92B4274-7D28-4376-AAC0-A13B3FF2CE9D}G:\ubisoft\related designs\anno 2070\autopatcher.exe" = protocol=17 | dir=in | app=g:\ubisoft\related designs\anno 2070\autopatcher.exe | 
"UDP Query User{AF9A4881-D06A-4745-8D3B-F9B4D26408C5}G:\steam\steamapps\common\terraria\terrariaserver.exe" = protocol=17 | dir=in | app=g:\steam\steamapps\common\terraria\terrariaserver.exe | 
"UDP Query User{B64FAE63-1D73-4ACD-8FAF-EF19522DDB4C}G:\steam\steam.exe" = protocol=17 | dir=in | app=g:\steam\steam.exe | 
"UDP Query User{B752D6ED-21C0-4307-8BCB-D5B7A6F9032E}G:\planetsideii\planetside2.exe" = protocol=17 | dir=in | app=g:\planetsideii\planetside2.exe | 
"UDP Query User{C2731DE8-BA99-4352-A599-2C9EB13F2152}C:\program files (x86)\liquid entertainment\battle realms\battle_realms_f.exe" = protocol=17 | dir=in | app=c:\program files (x86)\liquid entertainment\battle realms\battle_realms_f.exe | 
"UDP Query User{D0DCE027-A8BB-4572-AA3F-9D4AB1D92D06}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe | 
"UDP Query User{D28B6E5E-B9C2-4DF5-ABAA-4F216F9D9B82}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"UDP Query User{D8781A02-4D16-4A81-9CE4-4ED7213AECD0}G:\steam\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe" = protocol=17 | dir=in | app=g:\steam\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{26A24AE4-039D-4CA4-87B4-2F86417010FF}" = Java 7 Update 10 (64-bit)
"{644B5296-5B22-40EE-B954-9598E2E1427E}" = Intel(R) Network Connections 18.1.59.0
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 320.18
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 320.18
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 320.18
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.24.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.0
"{B9D80BD8-C6F4-467C-9717-0ABA9684DA29}" = AVG 2013
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"GIMP-2_is1" = GIMP 2.8.2
"Logitech Gaming Software" = Logitech Gaming Software 8.40
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"PROSetDX" = Intel(R) Network Connections 18.1.59.0
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Virtual Audio Cable 4.10" = Virtual Audio Cable 4.10
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{009E5DF2-3F97-480B-89DA-F2D5E672E14A}_is1" = Live Update 5
"{0170930E-68D6-4E85-88B2-82761CDE1F94}" = DayZ Commander
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}" = Razer Synapse 2.0
"{14574B7F-75D1-4718-B7F2-EBF6E2862A35}" = Company of Heroes - FAKEMSI
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{199E6632-EB28-4F73-AECB-3E192EB92D18}" = Company of Heroes - FAKEMSI
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{25724802-CC14-4B90-9F3B-3D6955EE27B1}" = Company of Heroes - FAKEMSI
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}" = Company of Heroes - FAKEMSI
"{36A19DE0-7C35-41E3-9BA6-DB85C74B3021}" = SlimDrivers
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{50193078-F553-4EBA-AA77-64C9FAA12F98}" = Company of Heroes - FAKEMSI
"{51D718D1-DA81-4FAD-919F-5C1CE3C33379}" = Company of Heroes - FAKEMSI
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{66F78C51-D108-4F0C-A93C-1CBE74CE338F}" = Company of Heroes - FAKEMSI
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}" = Company of Heroes - FAKEMSI
"{80D03817-7943-4839-8E96-B9F924C5E67D}" = Company of Heroes - FAKEMSI
"{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1" = Winki
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8B313BF5-9BD5-42a3-94C1-A28AF3AA51CC}" = Intel(R) Rapid Storage Technology enterprise
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{95120000-003F-0407-0000-0000000FF1CE}" = Microsoft Office Excel Viewer
"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 4.1.7
"{97E5205F-EA4F-438F-B211-F1846419F1C1}" = Company of Heroes - FAKEMSI
"{99A7722D-9ACB-43F3-A222-ABC7133F159E}" = Company of Heroes - FAKEMSI
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1" = Gameforge Live 1.0 "Legend"
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{AF14F0CD-5307-4134-BDFA-15974473C1EE}_is1" = ControlCenter
"{B05F7750-8800-4520-9732-9C841246C8E2}_is1" = OTPService
"{B48E264C-C8CD-4617-B0BE-46E977BAD694}" = ANNO 2070
"{BA801B94-C28D-46EE-B806-E1E021A3D519}" = Company of Heroes - FAKEMSI
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam-Software
"{D4D244D1-05E0-4D24-86A2-B2433C435671}" = Company of Heroes - FAKEMSI
"{EAF636A9-F664-4703-A659-85A894DA264F}" = Company of Heroes - FAKEMSI
"{EBCB111F-4907-4B28-BD03-F5BD901106D2}_is1" = CLICKBIOSII
"{EECD7B96-1416-4D3A-B12D-0D2512120C36}" = EasyViewer
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Afterburner" = MSI Afterburner 2.3.0
"AudioGenie_is1" = AudioGenie
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Company of Heroes" = Company of Heroes
"FileZilla Client" = FileZilla Client 3.7.0.1
"Fraps" = Fraps (remove only)
"Google Chrome" = Google Chrome
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{EECD7B96-1416-4D3A-B12D-0D2512120C36}" = EasyViewer
"InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"Mozilla Thunderbird 17.0.5 (x86 de)" = Mozilla Thunderbird 17.0.5 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"StarCraft II" = StarCraft II
"Steam App 10" = Counter-Strike
"Steam App 105600" = Terraria
"Steam App 201790" = Orcs Must Die! 2
"Steam App 205230" = Hell Yeah!
"Steam App 219540" = Arma 2: Operation Arrowhead Beta
"Steam App 224580" = Arma 2: DayZ Mod
"Steam App 240" = Counter-Strike: Source
"Steam App 33910" = Arma 2
"Steam App 33930" = Arma 2: Operation Arrowhead
"Steam App 49520" = Borderlands 2
"Steam App 500" = Left 4 Dead
"Steam App 550" = Left 4 Dead 2
"Steam App 55150" = Warhammer 40,000 Space Marine
"Steam App 55230" = Saints Row: The Third
"Steam App 570" = Dota 2
"Steam App 620" = Portal 2
"Steam App 730" = Counter-Strike: Global Offensive
"TeamViewer 8" = TeamViewer 8
"Winamp" = Winamp
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = ooVoo toolbar, powered by Ask.com Updater
"Mozilla Thunderbird 17.0.6 (x86 de)" = Mozilla Thunderbird 17.0.6 (x86 de)
"SOE-G:/PlanetsideII" = gamelauncher-ps2-live
"soe-PlanetSide 2" = PlanetSide 2
"Spotify" = Spotify
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 14.06.2013 09:17:17 | Computer Name = dc6kh-i | Source = Windows Search Service | ID = 7010
Description = 
 
Error - 14.06.2013 09:18:55 | Computer Name = dc6kh-i | Source = WinMgmt | ID = 10
Description = 
 
Error - 14.06.2013 09:21:57 | Computer Name = dc6kh-i | Source = System Restore | ID = 8210
Description = 
 
Error - 14.06.2013 09:21:58 | Computer Name = dc6kh-i | Source = WinMgmt | ID = 10
Description = 
 
Error - 14.06.2013 09:24:28 | Computer Name = dc6kh-i | Source = WinMgmt | ID = 10
Description = 
 
Error - 14.06.2013 10:18:16 | Computer Name = dc6kh-i | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
 Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
 des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error - 14.06.2013 10:39:03 | Computer Name = dc6kh-i | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 14.06.2013 11:54:44 | Computer Name = dc6kh-i | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 14.06.2013 13:11:26 | Computer Name = dc6kh-i | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: chrome.exe, Version: 27.0.1453.110,
 Zeitstempel: 0x51a566a7  Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514,
 Zeitstempel: 0x4ce7b96f  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0003bc21  ID des fehlerhaften
 Prozesses: 0x17e0  Startzeit der fehlerhaften Anwendung: 0x01ce69029bf4c573  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\syswow64\ole32.dll  Berichtskennung: 71a88533-d515-11e2-87e7-8c89a5c3d485
 
Error - 14.06.2013 13:13:52 | Computer Name = dc6kh-i | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: chrome.exe, Version: 27.0.1453.110,
 Zeitstempel: 0x51a566a7  Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514,
 Zeitstempel: 0x4ce7b96f  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0003bc21  ID des fehlerhaften
 Prozesses: 0x1350  Startzeit der fehlerhaften Anwendung: 0x01ce692234962f96  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\syswow64\ole32.dll  Berichtskennung: c8b02034-d515-11e2-87e7-8c89a5c3d485
 
[ System Events ]
Error - 27.05.2013 14:54:57 | Computer Name = dc6kh-i | Source = Service Control Manager | ID = 7003
Description = Der Dienst "AVGIDSAgent" ist von folgendem Dienst abhängig: AVGIDSDriver.
 Dieser Dienst ist eventuell nicht installiert.
 
Error - 27.05.2013 14:54:57 | Computer Name = dc6kh-i | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AVG WatchDog" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 28.05.2013 09:22:02 | Computer Name = dc6kh-i | Source = volmgr | ID = 262190
Description = Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
 
Error - 28.05.2013 09:22:08 | Computer Name = dc6kh-i | Source = Service Control Manager | ID = 7003
Description = Der Dienst "AVGIDSAgent" ist von folgendem Dienst abhängig: AVGIDSDriver.
 Dieser Dienst ist eventuell nicht installiert.
 
Error - 28.05.2013 09:22:08 | Computer Name = dc6kh-i | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AVG WatchDog" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 28.05.2013 10:25:32 | Computer Name = dc6kh-i | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
 
Error - 28.05.2013 10:25:33 | Computer Name = dc6kh-i | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
 
Error - 28.05.2013 10:25:33 | Computer Name = dc6kh-i | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
 
Error - 28.05.2013 10:25:34 | Computer Name = dc6kh-i | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
 
Error - 28.05.2013 10:25:34 | Computer Name = dc6kh-i | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
 
 
< End of report >

markusg · 14.06.2013, 18:42

Hi,
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Talerius · 14.06.2013, 18:48

Da ist sie schon

Code:

ATTFilter

19:46:16.0767 7020  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:46:16.0943 7020  ============================================================
19:46:16.0943 7020  Current date / time: 2013/06/14 19:46:16.0943
19:46:16.0943 7020  SystemInfo:
19:46:16.0943 7020  
19:46:16.0943 7020  OS Version: 6.1.7601 ServicePack: 1.0
19:46:16.0943 7020  Product type: Workstation
19:46:16.0943 7020  ComputerName: DC6KH-I
19:46:16.0943 7020  UserName: Thorge
19:46:16.0943 7020  Windows directory: C:\Windows
19:46:16.0943 7020  System windows directory: C:\Windows
19:46:16.0943 7020  Running under WOW64
19:46:16.0943 7020  Processor architecture: Intel x64
19:46:16.0943 7020  Number of processors: 8
19:46:16.0943 7020  Page size: 0x1000
19:46:16.0943 7020  Boot type: Normal boot
19:46:16.0943 7020  ============================================================
19:46:17.0506 7020  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:46:17.0740 7020  Drive \Device\Harddisk1\DR2 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:46:17.0753 7020  ============================================================
19:46:17.0753 7020  \Device\Harddisk0\DR0:
19:46:17.0753 7020  MBR partitions:
19:46:17.0753 7020  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:46:17.0753 7020  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61000
19:46:17.0753 7020  \Device\Harddisk1\DR2:
19:46:17.0753 7020  MBR partitions:
19:46:17.0753 7020  \Device\Harddisk1\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x9FA27800
19:46:17.0753 7020  \Device\Harddisk1\DR2\Partition2: MBR, Type 0x7, StartLBA 0x9FA28000, BlocksNum 0xC34F800
19:46:17.0753 7020  \Device\Harddisk1\DR2\Partition3: MBR, Type 0x7, StartLBA 0xABD78000, BlocksNum 0x3D08F800
19:46:17.0754 7020  ============================================================
19:46:17.0754 7020  C: <-> \Device\Harddisk0\DR0\Partition2
19:46:17.0781 7020  E: <-> \Device\Harddisk1\DR2\Partition1
19:46:17.0812 7020  G: <-> \Device\Harddisk1\DR2\Partition3
19:46:17.0837 7020  F: <-> \Device\Harddisk1\DR2\Partition2
19:46:17.0837 7020  ============================================================
19:46:17.0837 7020  Initialize success
19:46:17.0837 7020  ============================================================
19:46:43.0796 2992  ============================================================
19:46:43.0796 2992  Scan started
19:46:43.0796 2992  Mode: Manual; SigCheck; TDLFS; 
19:46:43.0796 2992  ============================================================
19:46:44.0350 2992  ================ Scan system memory ========================
19:46:44.0350 2992  System memory - ok
19:46:44.0351 2992  ================ Scan services =============================
19:46:44.0390 2992  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:46:44.0444 2992  1394ohci - ok
19:46:44.0452 2992  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:46:44.0469 2992  ACPI - ok
19:46:44.0472 2992  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:46:44.0485 2992  AcpiPmi - ok
19:46:44.0490 2992  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:46:44.0496 2992  AdobeARMservice - ok
19:46:44.0518 2992  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:46:44.0526 2992  AdobeFlashPlayerUpdateSvc - ok
19:46:44.0533 2992  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
19:46:44.0544 2992  adp94xx - ok
19:46:44.0550 2992  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
19:46:44.0558 2992  adpahci - ok
19:46:44.0563 2992  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
19:46:44.0570 2992  adpu320 - ok
19:46:44.0575 2992  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:46:44.0614 2992  AeLookupSvc - ok
19:46:44.0620 2992  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
19:46:44.0634 2992  AFD - ok
19:46:44.0639 2992  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
19:46:44.0649 2992  agp440 - ok
19:46:44.0661 2992  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
19:46:44.0712 2992  ALG - ok
19:46:44.0726 2992  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:46:44.0743 2992  aliide - ok
19:46:44.0762 2992  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
19:46:44.0777 2992  amdide - ok
19:46:44.0782 2992  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
19:46:44.0797 2992  AmdK8 - ok
19:46:44.0799 2992  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
19:46:44.0813 2992  AmdPPM - ok
19:46:44.0816 2992  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:46:44.0823 2992  amdsata - ok
19:46:44.0826 2992  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
19:46:44.0838 2992  amdsbs - ok
19:46:44.0840 2992  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:46:44.0845 2992  amdxata - ok
19:46:44.0848 2992  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
19:46:44.0867 2992  AppID - ok
19:46:44.0869 2992  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:46:44.0888 2992  AppIDSvc - ok
19:46:44.0891 2992  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
19:46:44.0910 2992  Appinfo - ok
19:46:44.0912 2992  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
19:46:44.0918 2992  arc - ok
19:46:44.0921 2992  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:46:44.0927 2992  arcsas - ok
19:46:44.0935 2992  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:46:44.0941 2992  aspnet_state - ok
19:46:44.0943 2992  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:46:44.0962 2992  AsyncMac - ok
19:46:44.0964 2992  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
19:46:44.0970 2992  atapi - ok
19:46:44.0975 2992  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:46:44.0999 2992  AudioEndpointBuilder - ok
19:46:45.0005 2992  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:46:45.0027 2992  AudioSrv - ok
19:46:45.0028 2992  AVGIDSAgent - ok
19:46:45.0031 2992  avgwd - ok
19:46:45.0034 2992  [ 1DC2F715792CF33428AD7993ACBD224D ] avmeject        C:\Windows\system32\drivers\avmeject.sys
19:46:45.0041 2992  avmeject - ok
19:46:45.0047 2992  [ 587EFD6A3A30A35A27904D21AE1FB882 ] AVP             C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
19:46:45.0056 2992  AVP - ok
19:46:45.0059 2992  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:46:45.0072 2992  AxInstSV - ok
19:46:45.0077 2992  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
19:46:45.0087 2992  b06bdrv - ok
19:46:45.0091 2992  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:46:45.0099 2992  b57nd60a - ok
19:46:45.0102 2992  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:46:45.0109 2992  BDESVC - ok
19:46:45.0111 2992  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:46:45.0130 2992  Beep - ok
19:46:45.0136 2992  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
19:46:45.0160 2992  BFE - ok
19:46:45.0167 2992  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
19:46:45.0198 2992  BITS - ok
19:46:45.0200 2992  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:46:45.0207 2992  blbdrive - ok
19:46:45.0209 2992  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:46:45.0217 2992  bowser - ok
19:46:45.0219 2992  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
19:46:45.0227 2992  BrFiltLo - ok
19:46:45.0228 2992  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
19:46:45.0236 2992  BrFiltUp - ok
19:46:45.0238 2992  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
19:46:45.0246 2992  Browser - ok
19:46:45.0250 2992  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:46:45.0259 2992  Brserid - ok
19:46:45.0261 2992  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:46:45.0270 2992  BrSerWdm - ok
19:46:45.0271 2992  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:46:45.0279 2992  BrUsbMdm - ok
19:46:45.0281 2992  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:46:45.0287 2992  BrUsbSer - ok
19:46:45.0289 2992  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
19:46:45.0298 2992  BTHMODEM - ok
19:46:45.0301 2992  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
19:46:45.0320 2992  bthserv - ok
19:46:45.0323 2992  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:46:45.0343 2992  cdfs - ok
19:46:45.0345 2992  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:46:45.0352 2992  cdrom - ok
19:46:45.0355 2992  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
19:46:45.0374 2992  CertPropSvc - ok
19:46:45.0376 2992  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
19:46:45.0384 2992  circlass - ok
19:46:45.0388 2992  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
19:46:45.0396 2992  CLFS - ok
19:46:45.0400 2992  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:46:45.0406 2992  clr_optimization_v2.0.50727_32 - ok
19:46:45.0410 2992  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:46:45.0415 2992  clr_optimization_v2.0.50727_64 - ok
19:46:45.0422 2992  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:46:45.0427 2992  clr_optimization_v4.0.30319_32 - ok
19:46:45.0430 2992  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:46:45.0435 2992  clr_optimization_v4.0.30319_64 - ok
19:46:45.0437 2992  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
19:46:45.0443 2992  CmBatt - ok
19:46:45.0445 2992  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:46:45.0451 2992  cmdide - ok
19:46:45.0455 2992  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
19:46:45.0468 2992  CNG - ok
19:46:45.0470 2992  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
19:46:45.0475 2992  Compbatt - ok
19:46:45.0477 2992  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
19:46:45.0485 2992  CompositeBus - ok
19:46:45.0486 2992  COMSysApp - ok
19:46:45.0489 2992  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
19:46:45.0494 2992  crcdisk - ok
19:46:45.0498 2992  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:46:45.0506 2992  CryptSvc - ok
19:46:45.0511 2992  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:46:45.0535 2992  DcomLaunch - ok
19:46:45.0539 2992  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
19:46:45.0561 2992  defragsvc - ok
19:46:45.0563 2992  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:46:45.0582 2992  DfsC - ok
19:46:45.0586 2992  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:46:45.0597 2992  Dhcp - ok
19:46:45.0599 2992  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
19:46:45.0619 2992  discache - ok
19:46:45.0621 2992  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
19:46:45.0627 2992  Disk - ok
19:46:45.0630 2992  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:46:45.0638 2992  Dnscache - ok
19:46:45.0642 2992  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:46:45.0662 2992  dot3svc - ok
19:46:45.0664 2992  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
19:46:45.0684 2992  DPS - ok
19:46:45.0686 2992  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:46:45.0694 2992  drmkaud - ok
19:46:45.0701 2992  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:46:45.0715 2992  DXGKrnl - ok
19:46:45.0720 2992  [ BA01A130D2B850CA87483CE6AC1A2BBA ] e1cexpress      C:\Windows\system32\DRIVERS\e1c62x64.sys
19:46:45.0729 2992  e1cexpress - ok
19:46:45.0732 2992  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
19:46:45.0752 2992  EapHost - ok
19:46:45.0773 2992  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
19:46:45.0808 2992  ebdrv - ok
19:46:45.0810 2992  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
19:46:45.0818 2992  EFS - ok
19:46:45.0825 2992  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:46:45.0838 2992  ehRecvr - ok
19:46:45.0841 2992  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
19:46:45.0848 2992  ehSched - ok
19:46:45.0853 2992  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
19:46:45.0862 2992  elxstor - ok
19:46:45.0864 2992  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:46:45.0871 2992  ErrDev - ok
19:46:45.0874 2992  [ 932C05033053ADA2404FD836C9AB2C70 ] EuMusDesignVirtualAudioCableWdm C:\Windows\system32\DRIVERS\vrtaucbl.sys
19:46:45.0879 2992  EuMusDesignVirtualAudioCableWdm - ok
19:46:45.0884 2992  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
19:46:45.0907 2992  EventSystem - ok
19:46:45.0911 2992  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
19:46:45.0931 2992  exfat - ok
19:46:45.0935 2992  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:46:45.0956 2992  fastfat - ok
19:46:45.0962 2992  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
19:46:45.0975 2992  Fax - ok
19:46:45.0977 2992  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
19:46:45.0983 2992  fdc - ok
19:46:45.0985 2992  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
19:46:46.0004 2992  fdPHost - ok
19:46:46.0006 2992  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:46:46.0026 2992  FDResPub - ok
19:46:46.0029 2992  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:46:46.0035 2992  FileInfo - ok
19:46:46.0037 2992  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:46:46.0056 2992  Filetrace - ok
19:46:46.0058 2992  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
19:46:46.0065 2992  flpydisk - ok
19:46:46.0068 2992  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:46:46.0076 2992  FltMgr - ok
19:46:46.0084 2992  [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache       C:\Windows\system32\FntCache.dll
19:46:46.0112 2992  FontCache - ok
19:46:46.0115 2992  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:46:46.0120 2992  FontCache3.0.0.0 - ok
19:46:46.0122 2992  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:46:46.0128 2992  FsDepends - ok
19:46:46.0129 2992  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:46:46.0135 2992  Fs_Rec - ok
19:46:46.0138 2992  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:46:46.0147 2992  fvevol - ok
19:46:46.0153 2992  [ 15585492E45E2F30768B2D5B57929D99 ] fwlanusbn       C:\Windows\system32\DRIVERS\fwlanusbn.sys
19:46:46.0163 2992  fwlanusbn - ok
19:46:46.0166 2992  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:46:46.0172 2992  gagp30kx - ok
19:46:46.0243 2992  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
19:46:46.0298 2992  gpsvc - ok
19:46:46.0302 2992  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:46:46.0308 2992  gupdate - ok
19:46:46.0312 2992  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:46:46.0317 2992  gupdatem - ok
19:46:46.0320 2992  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
19:46:46.0325 2992  hamachi - ok
19:46:46.0327 2992  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:46:46.0334 2992  hcw85cir - ok
19:46:46.0338 2992  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:46:46.0347 2992  HdAudAddService - ok
19:46:46.0350 2992  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
19:46:46.0358 2992  HDAudBus - ok
19:46:46.0360 2992  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
19:46:46.0367 2992  HidBatt - ok
19:46:46.0369 2992  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
19:46:46.0377 2992  HidBth - ok
19:46:46.0379 2992  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
19:46:46.0387 2992  HidIr - ok
19:46:46.0389 2992  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
19:46:46.0408 2992  hidserv - ok
19:46:46.0410 2992  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:46:46.0417 2992  HidUsb - ok
19:46:46.0419 2992  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:46:46.0438 2992  hkmsvc - ok
19:46:46.0441 2992  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:46:46.0450 2992  HomeGroupListener - ok
19:46:46.0453 2992  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:46:46.0460 2992  HomeGroupProvider - ok
19:46:46.0462 2992  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:46:46.0468 2992  HpSAMD - ok
19:46:46.0474 2992  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:46:46.0497 2992  HTTP - ok
19:46:46.0499 2992  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:46:46.0505 2992  hwpolicy - ok
19:46:46.0507 2992  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
19:46:46.0513 2992  i8042prt - ok
19:46:46.0518 2992  [ BC01732B88777BB2FE58E514A945D517 ] iaStorA         C:\Windows\system32\DRIVERS\iaStorA.sys
19:46:46.0528 2992  iaStorA - ok
19:46:46.0530 2992  [ 4D43DE002EB4E0EFA885F8E15C48CB9A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe
19:46:46.0532 2992  IAStorDataMgrSvc ( UnsignedFile.Multi.Generic ) - warning
19:46:46.0532 2992  IAStorDataMgrSvc - detected UnsignedFile.Multi.Generic (1)
19:46:46.0534 2992  [ 3B78A47E2FCA2FD161A7D65428DAE5FC ] iaStorF         C:\Windows\system32\DRIVERS\iaStorF.sys
19:46:46.0539 2992  iaStorF - ok
19:46:46.0543 2992  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:46:46.0551 2992  iaStorV - ok
19:46:46.0558 2992  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:46:46.0571 2992  idsvc - ok
19:46:46.0574 2992  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
19:46:46.0579 2992  iirsp - ok
19:46:46.0586 2992  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
19:46:46.0611 2992  IKEEXT - ok
19:46:46.0633 2992  [ C9EDE135A702B243DCADEBE913A2087F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:46:46.0671 2992  IntcAzAudAddService - ok
19:46:46.0676 2992  [ EA83415296F905D11651B9AF26FB7EBD ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
19:46:46.0683 2992  Intel(R) PROSet Monitoring Service - ok
19:46:46.0684 2992  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
19:46:46.0690 2992  intelide - ok
19:46:46.0692 2992  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:46:46.0699 2992  intelppm - ok
19:46:46.0701 2992  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:46:46.0721 2992  IPBusEnum - ok
19:46:46.0723 2992  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:46:46.0742 2992  IpFilterDriver - ok
19:46:46.0747 2992  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:46:46.0758 2992  iphlpsvc - ok
19:46:46.0761 2992  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:46:46.0768 2992  IPMIDRV - ok
19:46:46.0770 2992  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:46:46.0790 2992  IPNAT - ok
19:46:46.0792 2992  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:46:46.0801 2992  IRENUM - ok
19:46:46.0803 2992  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:46:46.0808 2992  isapnp - ok
19:46:46.0811 2992  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:46:46.0819 2992  iScsiPrt - ok
19:46:46.0821 2992  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:46:46.0826 2992  kbdclass - ok
19:46:46.0828 2992  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:46:46.0834 2992  kbdhid - ok
19:46:46.0836 2992  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
19:46:46.0842 2992  KeyIso - ok
19:46:46.0847 2992  [ 8B5219318DF5895ABD230C373F2DF18A ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
19:46:46.0856 2992  kl1 - ok
19:46:46.0862 2992  [ 2CBD248370721DCAD632DB70D09C5A6D ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
19:46:46.0873 2992  KLIF - ok
19:46:46.0875 2992  [ 9BD99E1AB3F664120AB95C35F9EC1EB0 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
19:46:46.0880 2992  KLIM6 - ok
19:46:46.0881 2992  [ 2C43FD500522EF3B8C283A5846B7FC41 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
19:46:46.0886 2992  klkbdflt - ok
19:46:46.0888 2992  [ 70A6D2E292017EC47949696F51ABE18D ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
19:46:46.0893 2992  klmouflt - ok
19:46:46.0895 2992  [ 982974975E679276F0FA39EFA331A268 ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
19:46:46.0900 2992  kltdi - ok
19:46:46.0902 2992  [ 1FCB657B581CC4DF17FD6571F93602DE ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
19:46:46.0909 2992  kneps - ok
19:46:46.0911 2992  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:46:46.0917 2992  KSecDD - ok
19:46:46.0919 2992  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:46:46.0926 2992  KSecPkg - ok
19:46:46.0928 2992  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:46:46.0948 2992  ksthunk - ok
19:46:46.0953 2992  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:46:46.0975 2992  KtmRm - ok
19:46:46.0979 2992  [ CE4347E2D90DB2E5517B6F2BC720A862 ] LADF_CaptureOnly C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
19:46:46.0987 2992  LADF_CaptureOnly - ok
19:46:46.0991 2992  [ 85A9D21D3AE2EA963E111CB150895877 ] LADF_RenderOnly C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
19:46:46.0998 2992  LADF_RenderOnly - ok
19:46:47.0001 2992  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:46:47.0022 2992  LanmanServer - ok
19:46:47.0024 2992  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:46:47.0045 2992  LanmanWorkstation - ok
19:46:47.0047 2992  [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
19:46:47.0052 2992  LGBusEnum - ok
19:46:47.0054 2992  [ F7205E939F50B1C8D16F895916BE6756 ] LGSHidFilt      C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
19:46:47.0059 2992  LGSHidFilt - ok
19:46:47.0061 2992  [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
19:46:47.0065 2992  LGVirHid - ok
19:46:47.0067 2992  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:46:47.0087 2992  lltdio - ok
19:46:47.0090 2992  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:46:47.0112 2992  lltdsvc - ok
19:46:47.0114 2992  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:46:47.0133 2992  lmhosts - ok
19:46:47.0136 2992  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
19:46:47.0143 2992  LSI_FC - ok
19:46:47.0145 2992  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:46:47.0151 2992  LSI_SAS - ok
19:46:47.0153 2992  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
19:46:47.0159 2992  LSI_SAS2 - ok
19:46:47.0161 2992  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
19:46:47.0167 2992  LSI_SCSI - ok
19:46:47.0170 2992  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
19:46:47.0190 2992  luafv - ok
19:46:47.0193 2992  [ A401CFF74982D8DF851F20307C806073 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
19:46:47.0201 2992  LVRS64 - ok
19:46:47.0229 2992  [ 13384CB5F5813E65F31078D6ABFAAF38 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
19:46:47.0330 2992  LVUVC64 - ok
19:46:47.0335 2992  [ B8EAC4507EB4655377B1E094FCE7F12E ] Macromedia Licensing Service C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
19:46:47.0341 2992  Macromedia Licensing Service ( UnsignedFile.Multi.Generic ) - warning
19:46:47.0341 2992  Macromedia Licensing Service - detected UnsignedFile.Multi.Generic (1)
19:46:47.0345 2992  [ 8FF2D95CBA49B405C5DE27039FF0BF35 ] MBfilt          C:\Windows\system32\drivers\MBfilt64.sys
19:46:47.0358 2992  MBfilt - ok
19:46:47.0362 2992  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:46:47.0377 2992  Mcx2Svc - ok
19:46:47.0379 2992  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
19:46:47.0386 2992  megasas - ok
19:46:47.0391 2992  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
19:46:47.0400 2992  MegaSR - ok
19:46:47.0403 2992  [ 86614752D2FAE34CCD9E7B2AABA5FBEC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
19:46:47.0409 2992  MEIx64 - ok
19:46:47.0412 2992  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
19:46:47.0437 2992  MMCSS - ok
19:46:47.0439 2992  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
19:46:47.0460 2992  Modem - ok
19:46:47.0462 2992  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:46:47.0470 2992  monitor - ok
19:46:47.0472 2992  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:46:47.0479 2992  mouclass - ok
19:46:47.0480 2992  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:46:47.0487 2992  mouhid - ok
19:46:47.0489 2992  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:46:47.0495 2992  mountmgr - ok
19:46:47.0497 2992  [ 9CE4C8A46B585EB5103EFE5FDEF3703F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:46:47.0503 2992  MozillaMaintenance - ok
19:46:47.0506 2992  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:46:47.0512 2992  mpio - ok
19:46:47.0514 2992  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:46:47.0534 2992  mpsdrv - ok
19:46:47.0541 2992  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:46:47.0569 2992  MpsSvc - ok
19:46:47.0572 2992  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:46:47.0582 2992  MRxDAV - ok
19:46:47.0584 2992  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:46:47.0598 2992  mrxsmb - ok
19:46:47.0603 2992  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:46:47.0618 2992  mrxsmb10 - ok
19:46:47.0621 2992  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:46:47.0630 2992  mrxsmb20 - ok
19:46:47.0634 2992  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:46:47.0639 2992  msahci - ok
19:46:47.0643 2992  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:46:47.0650 2992  msdsm - ok
19:46:47.0653 2992  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
19:46:47.0662 2992  MSDTC - ok
19:46:47.0665 2992  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:46:47.0685 2992  Msfs - ok
19:46:47.0687 2992  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:46:47.0706 2992  mshidkmdf - ok
19:46:47.0708 2992  MSICDSetup - ok
19:46:47.0710 2992  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:46:47.0715 2992  msisadrv - ok
19:46:47.0718 2992  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:46:47.0759 2992  MSiSCSI - ok
19:46:47.0763 2992  msiserver - ok
19:46:47.0767 2992  MSI_MSIBIOS_010507 - ok
19:46:47.0775 2992  [ 1FC68C9D145E55F0F90CF472FB6F28D9 ] MSI_OTPService  C:\Program Files (x86)\MSI\OTPService\OTPService.exe
19:46:47.0788 2992  MSI_OTPService - ok
19:46:47.0791 2992  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:46:47.0818 2992  MSKSSRV - ok
19:46:47.0820 2992  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:46:47.0839 2992  MSPCLOCK - ok
19:46:47.0841 2992  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:46:47.0861 2992  MSPQM - ok
19:46:47.0865 2992  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:46:47.0873 2992  MsRPC - ok
19:46:47.0876 2992  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
19:46:47.0882 2992  mssmbios - ok
19:46:47.0884 2992  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:46:47.0903 2992  MSTEE - ok
19:46:47.0904 2992  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
19:46:47.0911 2992  MTConfig - ok
19:46:47.0913 2992  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
19:46:47.0919 2992  Mup - ok
19:46:47.0923 2992  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
19:46:47.0946 2992  napagent - ok
19:46:47.0950 2992  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:46:47.0961 2992  NativeWifiP - ok
19:46:47.0969 2992  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:46:47.0982 2992  NDIS - ok
19:46:47.0984 2992  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:46:48.0003 2992  NdisCap - ok
19:46:48.0005 2992  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:46:48.0024 2992  NdisTapi - ok
19:46:48.0026 2992  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:46:48.0045 2992  Ndisuio - ok
19:46:48.0048 2992  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:46:48.0068 2992  NdisWan - ok
19:46:48.0070 2992  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:46:48.0089 2992  NDProxy - ok
19:46:48.0091 2992  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:46:48.0111 2992  NetBIOS - ok
19:46:48.0114 2992  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:46:48.0134 2992  NetBT - ok
19:46:48.0136 2992  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
19:46:48.0142 2992  Netlogon - ok
19:46:48.0146 2992  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
19:46:48.0168 2992  Netman - ok
19:46:48.0170 2992  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:46:48.0176 2992  NetMsmqActivator - ok
19:46:48.0178 2992  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:46:48.0184 2992  NetPipeActivator - ok
19:46:48.0188 2992  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
19:46:48.0212 2992  netprofm - ok
19:46:48.0214 2992  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:46:48.0220 2992  NetTcpActivator - ok
19:46:48.0222 2992  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:46:48.0227 2992  NetTcpPortSharing - ok
19:46:48.0229 2992  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
19:46:48.0235 2992  nfrd960 - ok
19:46:48.0238 2992  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:46:48.0247 2992  NlaSvc - ok
19:46:48.0249 2992  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:46:48.0268 2992  Npfs - ok
19:46:48.0279 2992  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
19:46:48.0300 2992  nsi - ok
19:46:48.0302 2992  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:46:48.0321 2992  nsiproxy - ok
19:46:48.0333 2992  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:46:48.0354 2992  Ntfs - ok
19:46:48.0356 2992  [ 1B32C54B95121AB1683C7B83B2DB4B96 ] NTIOLib_1_0_4   C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys
19:46:48.0361 2992  NTIOLib_1_0_4 - ok
19:46:48.0363 2992  NTIOLib_1_0_C - ok
19:46:48.0365 2992  [ C3FEA895FE95EA7A57D9F4D7ABED5E71 ] NTIOLib_1_0_T   C:\Program Files (x86)\MSI\OTPService\NTIOLib_X64.sys
19:46:48.0369 2992  NTIOLib_1_0_T - ok
19:46:48.0371 2992  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
19:46:48.0390 2992  Null - ok
19:46:48.0392 2992  [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
19:46:48.0399 2992  nusb3hub - ok
19:46:48.0402 2992  [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
19:46:48.0409 2992  nusb3xhc - ok
19:46:48.0412 2992  [ 805F0C2B9C07E4C0F74D0EF70E9E827A ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
19:46:48.0419 2992  NVHDA - ok
19:46:48.0482 2992  [ 7A711D08F1FD1AB8149B6199F84A0EB7 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:46:48.0609 2992  nvlddmkm - ok
19:46:48.0616 2992  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:46:48.0631 2992  nvraid - ok
19:46:48.0636 2992  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:46:48.0650 2992  nvstor - ok
19:46:48.0662 2992  [ B9F3591981D761A5CA1D24C369764D96 ] nvsvc           C:\Windows\system32\nvvsvc.exe
19:46:48.0678 2992  nvsvc - ok
19:46:48.0689 2992  [ B7C53DA1C73FF39F4A6248643EFD979A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:46:48.0722 2992  nvUpdatusService - ok
19:46:48.0726 2992  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:46:48.0732 2992  nv_agp - ok
19:46:48.0735 2992  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:46:48.0742 2992  ohci1394 - ok
19:46:48.0747 2992  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:46:48.0758 2992  p2pimsvc - ok
19:46:48.0762 2992  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
19:46:48.0780 2992  p2psvc - ok
19:46:48.0784 2992  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
19:46:48.0791 2992  Parport - ok
19:46:48.0795 2992  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:46:48.0801 2992  partmgr - ok
19:46:48.0804 2992  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:46:48.0815 2992  PcaSvc - ok
19:46:48.0818 2992  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
19:46:48.0825 2992  pci - ok
19:46:48.0827 2992  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
19:46:48.0835 2992  pciide - ok
19:46:48.0838 2992  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:46:48.0845 2992  pcmcia - ok
19:46:48.0847 2992  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:46:48.0855 2992  pcw - ok
19:46:48.0860 2992  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:46:48.0884 2992  PEAUTH - ok
19:46:48.0901 2992  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:46:48.0908 2992  PerfHost - ok
19:46:48.0920 2992  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
19:46:48.0951 2992  pla - ok
19:46:48.0955 2992  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:46:48.0966 2992  PlugPlay - ok
19:46:48.0968 2992  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:46:48.0974 2992  PNRPAutoReg - ok
19:46:48.0978 2992  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:46:48.0986 2992  PNRPsvc - ok
19:46:48.0990 2992  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:46:49.0013 2992  PolicyAgent - ok
19:46:49.0016 2992  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
19:46:49.0037 2992  Power - ok
19:46:49.0040 2992  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:46:49.0059 2992  PptpMiniport - ok
19:46:49.0061 2992  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
19:46:49.0067 2992  Processor - ok
19:46:49.0071 2992  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:46:49.0079 2992  ProfSvc - ok
19:46:49.0081 2992  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:46:49.0087 2992  ProtectedStorage - ok
19:46:49.0090 2992  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:46:49.0109 2992  Psched - ok
19:46:49.0120 2992  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
19:46:49.0140 2992  ql2300 - ok
19:46:49.0143 2992  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
19:46:49.0149 2992  ql40xx - ok
19:46:49.0152 2992  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
19:46:49.0163 2992  QWAVE - ok
19:46:49.0165 2992  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:46:49.0174 2992  QWAVEdrv - ok
19:46:49.0176 2992  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:46:49.0195 2992  RasAcd - ok
19:46:49.0197 2992  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:46:49.0216 2992  RasAgileVpn - ok
19:46:49.0219 2992  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
19:46:49.0239 2992  RasAuto - ok
19:46:49.0241 2992  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:46:49.0261 2992  Rasl2tp - ok
19:46:49.0264 2992  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
19:46:49.0286 2992  RasMan - ok
19:46:49.0288 2992  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:46:49.0309 2992  RasPppoe - ok
19:46:49.0311 2992  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:46:49.0331 2992  RasSstp - ok
19:46:49.0334 2992  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:46:49.0354 2992  rdbss - ok
19:46:49.0357 2992  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
19:46:49.0365 2992  rdpbus - ok
19:46:49.0366 2992  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:46:49.0386 2992  RDPCDD - ok
19:46:49.0389 2992  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:46:49.0408 2992  RDPENCDD - ok
19:46:49.0411 2992  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:46:49.0430 2992  RDPREFMP - ok
19:46:49.0445 2992  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:46:49.0479 2992  RDPWD - ok
19:46:49.0516 2992  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:46:49.0533 2992  rdyboost - ok
19:46:49.0537 2992  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:46:49.0577 2992  RemoteAccess - ok
19:46:49.0583 2992  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:46:49.0617 2992  RemoteRegistry - ok
19:46:49.0620 2992  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:46:49.0645 2992  RpcEptMapper - ok
19:46:49.0646 2992  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
19:46:49.0653 2992  RpcLocator - ok
19:46:49.0658 2992  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
19:46:49.0680 2992  RpcSs - ok
19:46:49.0683 2992  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:46:49.0702 2992  rspndr - ok
19:46:49.0704 2992  [ 60EC0BDF01ECFF14E89B56838D51D57F ] rzdaendpt       C:\Windows\system32\DRIVERS\rzdaendpt.sys
19:46:49.0712 2992  rzdaendpt - ok
19:46:49.0714 2992  [ D0130A5EF3614772E8068F637FFD0B03 ] rzendpt         C:\Windows\system32\DRIVERS\rzendpt.sys
19:46:49.0721 2992  rzendpt - ok
19:46:49.0723 2992  [ 3686A37E1C34FA6F75A4A1C3A3DCCCED ] rzudd           C:\Windows\system32\DRIVERS\rzudd.sys
19:46:49.0732 2992  rzudd - ok
19:46:49.0734 2992  [ E205F05E6C5F21AA432221491FCF2B20 ] rzvkeyboard     C:\Windows\system32\DRIVERS\rzvkeyboard.sys
19:46:49.0741 2992  rzvkeyboard - ok
19:46:49.0743 2992  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
19:46:49.0749 2992  SamSs - ok
19:46:49.0751 2992  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:46:49.0758 2992  sbp2port - ok
19:46:49.0761 2992  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:46:49.0781 2992  SCardSvr - ok
19:46:49.0783 2992  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:46:49.0802 2992  scfilter - ok
19:46:49.0810 2992  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
19:46:49.0837 2992  Schedule - ok
19:46:49.0839 2992  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:46:49.0858 2992  SCPolicySvc - ok
19:46:49.0861 2992  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:46:49.0870 2992  SDRSVC - ok
19:46:49.0872 2992  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:46:49.0891 2992  secdrv - ok
19:46:49.0893 2992  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
19:46:49.0913 2992  seclogon - ok
19:46:49.0915 2992  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
19:46:49.0936 2992  SENS - ok
19:46:49.0938 2992  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:46:49.0946 2992  SensrSvc - ok
19:46:49.0948 2992  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
19:46:49.0954 2992  Serenum - ok
19:46:49.0956 2992  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
19:46:49.0963 2992  Serial - ok
19:46:49.0965 2992  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
19:46:49.0972 2992  sermouse - ok
19:46:49.0977 2992  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
19:46:49.0996 2992  SessionEnv - ok
19:46:49.0998 2992  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:46:50.0006 2992  sffdisk - ok
19:46:50.0008 2992  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:46:50.0016 2992  sffp_mmc - ok
19:46:50.0017 2992  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:46:50.0025 2992  sffp_sd - ok
19:46:50.0027 2992  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
19:46:50.0033 2992  sfloppy - ok
19:46:50.0037 2992  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:46:50.0060 2992  SharedAccess - ok
19:46:50.0064 2992  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:46:50.0086 2992  ShellHWDetection - ok
19:46:50.0088 2992  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
19:46:50.0094 2992  SiSRaid2 - ok
19:46:50.0096 2992  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:46:50.0102 2992  SiSRaid4 - ok
19:46:50.0104 2992  SkypeUpdate - ok
19:46:50.0106 2992  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:46:50.0126 2992  Smb - ok
19:46:50.0130 2992  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:46:50.0137 2992  SNMPTRAP - ok
19:46:50.0139 2992  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:46:50.0145 2992  spldr - ok
19:46:50.0150 2992  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
19:46:50.0161 2992  Spooler - ok
19:46:50.0184 2992  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
19:46:50.0232 2992  sppsvc - ok
19:46:50.0234 2992  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:46:50.0254 2992  sppuinotify - ok
19:46:50.0259 2992  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:46:50.0269 2992  srv - ok
19:46:50.0273 2992  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:46:50.0420 2992  srv2 - ok
19:46:50.0428 2992  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:46:50.0449 2992  srvnet - ok
19:46:50.0456 2992  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:46:50.0497 2992  SSDPSRV - ok
19:46:50.0501 2992  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:46:50.0526 2992  SstpSvc - ok
19:46:50.0529 2992  Steam Client Service - ok
19:46:50.0538 2992  [ 0887B293199AA2055888FABA989ED0A6 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:46:50.0554 2992  Stereo Service - ok
19:46:50.0557 2992  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
19:46:50.0564 2992  stexstor - ok
19:46:50.0571 2992  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
19:46:50.0591 2992  stisvc - ok
19:46:50.0594 2992  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
19:46:50.0601 2992  swenum - ok
19:46:50.0606 2992  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
19:46:50.0646 2992  swprv - ok
19:46:50.0659 2992  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
19:46:50.0686 2992  SysMain - ok
19:46:50.0690 2992  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:46:50.0700 2992  TabletInputService - ok
19:46:50.0704 2992  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:46:50.0725 2992  TapiSrv - ok
19:46:50.0727 2992  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
19:46:50.0747 2992  TBS - ok
19:46:50.0760 2992  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:46:50.0784 2992  Tcpip - ok
19:46:50.0797 2992  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:46:50.0818 2992  TCPIP6 - ok
19:46:50.0821 2992  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:46:50.0827 2992  tcpipreg - ok
19:46:50.0830 2992  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:46:50.0837 2992  TDPIPE - ok
19:46:50.0839 2992  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:46:50.0845 2992  TDTCP - ok
19:46:50.0847 2992  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:46:50.0866 2992  tdx - ok
19:46:50.0889 2992  [ 9F3E7CABE86BBDECA009DE291DB6D9E2 ] TeamViewer8     C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
19:46:50.0931 2992  TeamViewer8 - ok
19:46:50.0933 2992  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
19:46:50.0939 2992  TermDD - ok
19:46:50.0945 2992  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
19:46:50.0969 2992  TermService - ok
19:46:50.0972 2992  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
19:46:50.0981 2992  Themes - ok
19:46:50.0983 2992  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
19:46:51.0003 2992  THREADORDER - ok
19:46:51.0006 2992  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
19:46:51.0026 2992  TrkWks - ok
19:46:51.0029 2992  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:46:51.0048 2992  TrustedInstaller - ok
19:46:51.0051 2992  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:46:51.0070 2992  tssecsrv - ok
19:46:51.0072 2992  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:46:51.0079 2992  TsUsbFlt - ok
19:46:51.0081 2992  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
19:46:51.0087 2992  TsUsbGD - ok
19:46:51.0090 2992  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:46:51.0109 2992  tunnel - ok
19:46:51.0111 2992  [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
19:46:51.0117 2992  TurboB - ok
19:46:51.0120 2992  [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
19:46:51.0125 2992  TurboBoost - ok
19:46:51.0127 2992  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:46:51.0133 2992  uagp35 - ok
19:46:51.0137 2992  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:46:51.0157 2992  udfs - ok
19:46:51.0161 2992  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:46:51.0169 2992  UI0Detect - ok
19:46:51.0171 2992  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:46:51.0177 2992  uliagpkx - ok
19:46:51.0179 2992  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:46:51.0185 2992  umbus - ok
19:46:51.0187 2992  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
19:46:51.0193 2992  UmPass - ok
19:46:51.0197 2992  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
19:46:51.0219 2992  upnphost - ok
19:46:51.0222 2992  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
19:46:51.0231 2992  usbaudio - ok
19:46:51.0233 2992  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:46:51.0241 2992  usbccgp - ok
19:46:51.0243 2992  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:46:51.0251 2992  usbcir - ok
19:46:51.0253 2992  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
19:46:51.0259 2992  usbehci - ok
19:46:51.0263 2992  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:46:51.0271 2992  usbhub - ok
19:46:51.0273 2992  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:46:51.0279 2992  usbohci - ok
19:46:51.0281 2992  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:46:51.0289 2992  usbprint - ok
19:46:51.0291 2992  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:46:51.0299 2992  USBSTOR - ok
19:46:51.0300 2992  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
19:46:51.0306 2992  usbuhci - ok
19:46:51.0308 2992  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
19:46:51.0328 2992  UxSms - ok
19:46:51.0330 2992  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
19:46:51.0336 2992  VaultSvc - ok
19:46:51.0338 2992  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:46:51.0344 2992  vdrvroot - ok
19:46:51.0349 2992  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
19:46:51.0372 2992  vds - ok
19:46:51.0374 2992  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:46:51.0382 2992  vga - ok
19:46:51.0384 2992  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:46:51.0403 2992  VgaSave - ok
19:46:51.0406 2992  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:46:51.0413 2992  vhdmp - ok
19:46:51.0415 2992  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:46:51.0420 2992  viaide - ok
19:46:51.0423 2992  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:46:51.0428 2992  volmgr - ok
19:46:51.0432 2992  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:46:51.0440 2992  volmgrx - ok
19:46:51.0444 2992  [ DF8126BD41180351A093A3AD2FC8903B ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:46:51.0452 2992  volsnap - ok
19:46:51.0455 2992  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:46:51.0461 2992  vsmraid - ok
19:46:51.0473 2992  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
19:46:51.0506 2992  VSS - ok
19:46:51.0508 2992  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
19:46:51.0516 2992  vwifibus - ok
19:46:51.0521 2992  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
19:46:51.0543 2992  W32Time - ok
19:46:51.0546 2992  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
19:46:51.0553 2992  WacomPen - ok
19:46:51.0555 2992  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:46:51.0574 2992  WANARP - ok
19:46:51.0576 2992  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:46:51.0594 2992  Wanarpv6 - ok
19:46:51.0605 2992  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
19:46:51.0622 2992  wbengine - ok
19:46:51.0625 2992  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:46:51.0636 2992  WbioSrvc - ok
19:46:51.0641 2992  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:46:51.0653 2992  wcncsvc - ok
19:46:51.0655 2992  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:46:51.0663 2992  WcsPlugInService - ok
19:46:51.0665 2992  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
19:46:51.0670 2992  Wd - ok
19:46:51.0677 2992  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:46:51.0689 2992  Wdf01000 - ok
19:46:51.0692 2992  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:46:51.0709 2992  WdiServiceHost - ok
19:46:51.0711 2992  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:46:51.0721 2992  WdiSystemHost - ok
19:46:51.0725 2992  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
19:46:51.0736 2992  WebClient - ok
19:46:51.0739 2992  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:46:51.0760 2992  Wecsvc - ok
19:46:51.0763 2992  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:46:51.0783 2992  wercplsupport - ok
19:46:51.0785 2992  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:46:51.0806 2992  WerSvc - ok
19:46:51.0808 2992  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:46:51.0827 2992  WfpLwf - ok
19:46:51.0829 2992  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:46:51.0835 2992  WIMMount - ok
19:46:51.0836 2992  WinDefend - ok
19:46:51.0840 2992  WinHttpAutoProxySvc - ok
19:46:51.0846 2992  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:46:51.0866 2992  Winmgmt - ok
19:46:51.0881 2992  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
19:46:51.0917 2992  WinRM - ok
19:46:51.0922 2992  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
19:46:51.0930 2992  WinUsb - ok
19:46:51.0937 2992  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:46:51.0954 2992  Wlansvc - ok
19:46:51.0956 2992  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
19:46:51.0962 2992  WmiAcpi - ok
19:46:51.0966 2992  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:46:51.0974 2992  wmiApSrv - ok
19:46:51.0975 2992  WMPNetworkSvc - ok
19:46:51.0978 2992  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:46:51.0985 2992  WPCSvc - ok
19:46:51.0988 2992  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:46:51.0998 2992  WPDBusEnum - ok
19:46:52.0000 2992  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:46:52.0019 2992  ws2ifsl - ok
19:46:52.0021 2992  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
19:46:52.0032 2992  wscsvc - ok
19:46:52.0033 2992  WSearch - ok
19:46:52.0050 2992  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:46:52.0082 2992  wuauserv - ok
19:46:52.0084 2992  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:46:52.0091 2992  WudfPf - ok
19:46:52.0094 2992  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:46:52.0101 2992  WUDFRd - ok
19:46:52.0104 2992  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:46:52.0111 2992  wudfsvc - ok
19:46:52.0114 2992  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:46:52.0125 2992  WwanSvc - ok
19:46:52.0129 2992  ================ Scan global ===============================
19:46:52.0130 2992  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:46:52.0133 2992  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:46:52.0136 2992  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:46:52.0139 2992  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:46:52.0142 2992  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:46:52.0145 2992  [Global] - ok
19:46:52.0145 2992  ================ Scan MBR ==================================
19:46:52.0146 2992  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:46:52.0295 2992  \Device\Harddisk0\DR0 - ok
19:46:52.0298 2992  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR2
19:46:52.0357 2992  \Device\Harddisk1\DR2 - ok
19:46:52.0357 2992  ================ Scan VBR ==================================
19:46:52.0360 2992  [ 1F5E8B389C9EE2DD4E8603805F4FA1C6 ] \Device\Harddisk0\DR0\Partition1
19:46:52.0362 2992  \Device\Harddisk0\DR0\Partition1 - ok
19:46:52.0366 2992  [ 09623D158B4C66E4F82DE0B06DDDA87A ] \Device\Harddisk0\DR0\Partition2
19:46:52.0368 2992  \Device\Harddisk0\DR0\Partition2 - ok
19:46:52.0372 2992  [ E8F8EBAF4CD5D3EFB0F325DD80307395 ] \Device\Harddisk1\DR2\Partition1
19:46:52.0373 2992  \Device\Harddisk1\DR2\Partition1 - ok
19:46:52.0378 2992  [ C17ADAFF65C152C05600EBEC9BD5133B ] \Device\Harddisk1\DR2\Partition2
19:46:52.0379 2992  \Device\Harddisk1\DR2\Partition2 - ok
19:46:52.0384 2992  [ 1B4A65F7047CB17FE0294D0C7E33198E ] \Device\Harddisk1\DR2\Partition3
19:46:52.0386 2992  \Device\Harddisk1\DR2\Partition3 - ok
19:46:52.0386 2992  ============================================================
19:46:52.0386 2992  Scan finished
19:46:52.0386 2992  ============================================================
19:46:52.0400 4908  Detected object count: 2
19:46:52.0400 4908  Actual detected object count: 2
19:47:26.0034 4908  IAStorDataMgrSvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:47:26.0034 4908  IAStorDataMgrSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:47:26.0036 4908  Macromedia Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:47:26.0036 4908  Macromedia Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:47:31.0005 4104  Deinitialize success

markusg · 14.06.2013, 18:54

Hi,
Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Talerius · 14.06.2013, 19:02

Code:

ATTFilter

ComboFix 13-06-13.01 - Thorge 14.06.2013  19:58:14.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.16338.13890 [GMT 2:00]
ausgeführt von:: c:\users\Thorge\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
FW: Kaspersky Internet Security *Disabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
SP: Kaspersky Internet Security *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.dat
c:\windows\SysWow64\frapsvid.dll
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-05-14 bis 2013-06-14  ))))))))))))))))))))))))))))))
.
.
2013-06-14 17:12 . 2013-06-14 17:12	76232	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{2F5315AB-EFC9-42A3-B72B-9F75ECE73D61}\offreg.dll
2013-06-14 13:07 . 2013-06-14 13:07	--------	d-----w-	c:\program files\Enigma Software Group
2013-06-14 13:06 . 2013-06-14 13:20	--------	d-----w-	c:\program files (x86)\Common Files\Wise Installation Wizard
2013-06-13 19:45 . 2013-06-13 19:45	--------	d-----w-	c:\windows\SysWow64\searchplugins
2013-06-13 19:45 . 2013-06-13 19:45	--------	d-----w-	c:\windows\SysWow64\Extensions
2013-06-13 19:44 . 2013-06-13 19:44	--------	d-----w-	c:\programdata\Babylon
2013-06-13 19:44 . 2013-06-14 13:20	--------	d-----w-	c:\program files (x86)\Common Files\DVDVideoSoft
2013-06-13 16:18 . 2013-06-13 16:18	--------	d-----w-	c:\program files (x86)\Common Files\Blizzard Entertainment
2013-06-03 16:02 . 2013-06-03 16:02	--------	d-----w-	c:\program files (x86)\MSECache
2013-06-02 16:02 . 2013-06-02 16:02	--------	d-----w-	C:\User
2013-05-30 18:03 . 2013-05-30 18:03	--------	d-----w-	c:\program files (x86)\Microsoft XNA
2013-05-26 10:21 . 2013-05-26 10:21	--------	d-----w-	c:\program files (x86)\SlimDrivers
2013-05-21 18:07 . 2013-05-21 18:07	--------	d-----w-	c:\program files (x86)\Ask.com
2013-05-20 21:03 . 2013-05-20 21:03	--------	d--h--w-	c:\programdata\CanonBJ
2013-05-20 21:03 . 2009-07-14 01:40	84992	----a-w-	c:\windows\system32\Spool\prtprocs\x64\CNBPP4.DLL
2013-05-18 13:10 . 2013-05-18 13:12	--------	d-----w-	C:\$WINDOWS.~BT
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-14 14:53 . 2013-02-09 15:44	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-14 14:53 . 2013-02-09 15:44	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-12 21:42 . 2013-05-04 19:49	2597344	----a-w-	c:\windows\SysWow64\nvapi.dll
2013-05-12 21:42 . 2013-01-07 20:23	27775776	----a-w-	c:\windows\system32\nvoglv64.dll
2013-05-12 21:42 . 2013-01-07 20:23	15910736	----a-w-	c:\windows\system32\nvwgf2umx.dll
2013-05-12 21:42 . 2013-01-07 20:23	15143904	----a-w-	c:\windows\system32\nvd3dumx.dll
2013-05-12 21:42 . 2013-01-07 19:20	61216	----a-w-	c:\windows\system32\OpenCL.dll
2013-05-12 21:42 . 2013-01-07 19:20	53024	----a-w-	c:\windows\SysWow64\OpenCL.dll
2013-05-12 21:42 . 2012-10-10 20:23	2935696	----a-w-	c:\windows\system32\nvapi64.dll
2013-05-12 21:42 . 2012-10-10 20:23	1059560	----a-w-	c:\windows\system32\nvumdshimx.dll
2013-05-12 21:42 . 2012-10-10 20:22	12426216	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2013-05-12 20:34 . 2013-01-07 19:20	6491936	----a-w-	c:\windows\system32\nvcpl.dll
2013-05-12 20:34 . 2013-01-07 19:20	3514656	----a-w-	c:\windows\system32\nvsvc64.dll
2013-05-12 20:34 . 2013-01-07 19:20	884512	----a-w-	c:\windows\system32\nvvsvc.exe
2013-05-12 20:34 . 2013-01-07 19:20	63776	----a-w-	c:\windows\system32\nvshext.dll
2013-05-12 20:34 . 2013-01-07 19:20	2555680	----a-w-	c:\windows\system32\nvsvcr.dll
2013-05-12 20:34 . 2013-01-07 19:20	237856	----a-w-	c:\windows\system32\nvmctray.dll
2013-05-12 13:43 . 2013-05-12 13:43	566048	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2013-05-08 14:13 . 2013-01-07 19:20	3165737	----a-w-	c:\windows\system32\nvcoproc.bin
2013-05-04 19:54 . 2013-05-04 19:26	620128	----a-w-	c:\windows\system32\drivers\klif.sys
2013-05-04 19:54 . 2012-12-14 11:45	55056	----a-w-	c:\windows\system32\drivers\kltdi.sys
2013-05-04 19:54 . 2012-08-13 14:49	178448	----a-w-	c:\windows\system32\drivers\kneps.sys
2013-05-04 19:54 . 2013-05-04 19:26	90208	----a-w-	c:\windows\system32\drivers\klflt.sys
2013-05-02 00:06 . 2010-11-21 03:27	278800	------w-	c:\windows\system32\MpSigStub.exe
2013-04-20 12:34 . 2013-04-20 12:34	163504	----a-w-	c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10144.bin
2013-04-19 02:00 . 2013-04-19 02:00	25600	----a-w-	c:\windows\system32\drivers\rzdaendpt.sys
2013-04-19 02:00 . 2013-04-19 02:00	23040	----a-w-	c:\windows\system32\drivers\rzvkeyboard.sys
2013-04-19 02:00 . 2013-04-19 02:00	119808	----a-w-	c:\windows\system32\drivers\rzudd.sys
2013-04-19 01:56 . 2013-04-19 01:56	56832	----a-w-	c:\windows\SysWow64\rzdevinfo.dll
2013-04-19 01:56 . 2013-04-19 01:56	148480	----a-w-	c:\windows\SysWow64\rztouchdll.dll
2013-04-19 01:56 . 2013-04-19 01:56	724480	----a-w-	c:\windows\SysWow64\rzdevicedll.dll
2013-04-19 01:56 . 2013-04-19 01:56	288256	----a-w-	c:\windows\SysWow64\rzaudiodll.dll
2013-04-10 03:46 . 2013-05-04 19:16	9317456	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{2F5315AB-EFC9-42A3-B72B-9F75ECE73D61}\mpengine.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2013-04-01 08:42	1527432	----a-w-	c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2013-04-01 1527432]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="g:\steam\steam.exe" [2013-06-06 1641896]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Spotify Web Helper"="c:\users\Thorge\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-05-04 1105408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe" [2011-12-02 286720]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"ControlCenterCount"="c:\program files (x86)\MSI\ControlCenter\ControlCenterCount.exe" [2012-03-26 872448]
"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2013-04-22 608104]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" [2012-12-14 356376]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2013-04-01 1719944]
.
c:\users\Thorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ControlCenter.lnk - c:\program files (x86)\MSI\ControlCenter\StartControlCenter.exe [2013-1-21 924656]
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-29 204288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
R2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys;c:\windows\SYSNATIVE\drivers\avmeject.sys [x]
R3 fwlanusbn;FRITZ!WLAN N;c:\windows\system32\DRIVERS\fwlanusbn.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusbn.sys [x]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech Webcam 200(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys;c:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys [x]
R3 MSICDSetup;MSICDSetup;d:\cdriver64.sys;d:\CDriver64.sys [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;d:\ntiolib_x64.sys;d:\NTIOLib_X64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R4 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage-Technologie;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 MSI_OTPService;MSI_OTPService;c:\program files (x86)\MSI\OTPService\OTPService.exe;c:\program files (x86)\MSI\OTPService\OTPService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys;c:\windows\SYSNATIVE\DRIVERS\vrtaucbl.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 LADF_CaptureOnly;LADF Capture Filter Driver;c:\windows\system32\DRIVERS\ladfGSCamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSCamd64.sys [x]
S3 LADF_RenderOnly;LADF Render Filter Driver;c:\windows\system32\DRIVERS\ladfGSRamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSRamd64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NTIOLib_1_0_T;NTIOLib_1_0_T;c:\program files (x86)\MSI\OTPService\NTIOLib_X64.sys;c:\program files (x86)\MSI\OTPService\NTIOLib_X64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 rzdaendpt;Razer DeathAdder end point;c:\windows\system32\DRIVERS\rzdaendpt.sys;c:\windows\SYSNATIVE\DRIVERS\rzdaendpt.sys [x]
S3 rzendpt;rzendpt;c:\windows\system32\DRIVERS\rzendpt.sys;c:\windows\SYSNATIVE\DRIVERS\rzendpt.sys [x]
S3 rzudd;Razer Keyboard Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x]
S3 rzvkeyboard;Razer Virtual Keyboard Driver;c:\windows\system32\DRIVERS\rzvkeyboard.sys;c:\windows\SYSNATIVE\DRIVERS\rzvkeyboard.sys [x]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 98564008
*Deregistered* - 98564008
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-06 12:59	1165776	----a-w-	c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-09 14:53]
.
2013-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-07 19:44]
.
2013-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-07 19:44]
.
2013-06-14 c:\windows\Tasks\SlimDrivers Startup.job
- c:\program files (x86)\SlimDrivers\SlimDrivers.exe [2013-04-24 12:12]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2012-11-29 7406392]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-12-03 6854800]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-Skype - c:\program files (x86)\Skype\Phone\Skype.exe
Wow6432Node-HKLM-Run-AVG_UI - c:\program files (x86)\AVG\AVG2013\avgui.exe
Wow6432Node-HKLM-Run-ControlCenterII - \BootStartControlCenter.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-LWS - e:\logitech webcam\LWS\Webcam Software\LWS.exe
c:\users\Thorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk - e:\logitech webcam\Ereg\eReg.exe /remind /language=DEU /_WFM="."
AddRemove-Afterburner - c:\program files (x86)\MSI Afterburner\uninstall.exe
AddRemove-BandiMPEG1 - c:\program files (x86)\BandiMPEG1\uninstall.exe
AddRemove-Fraps - e:\fraaps\uninstall.exe
AddRemove-Mozilla Thunderbird 17.0.5 (x86 de) - c:\program files (x86)\Mozilla Thunderbird\uninstall\helper.exe
AddRemove-StarCraft II - c:\program files (x86)\Common Files\Blizzard Entertainment\StarCraft II (2)\Uninstall.exe
AddRemove-Steam App 201790 - e:\steam\steam.exe
AddRemove-Steam App 205230 - e:\steam\steam.exe
AddRemove-Steam App 240 - e:\steam\steam.exe
AddRemove-Steam App 500 - e:\steam\steam.exe
AddRemove-Steam App 550 - e:\steam\steam.exe
AddRemove-Steam App 730 - e:\steam\steam.exe
AddRemove-TeamViewer 8 - c:\program files (x86)\TeamViewer\Version8\uninstall.exe
AddRemove-{97C82B44-D408-4F14-9252-47FC1636D23E}_is1 - c:\program files (x86)\IZArc\unins000.exe
AddRemove-{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1 - g:\gameforgelive\unins000.exe
AddRemove-TeamSpeak 3 Client - c:\program files\TeamSpeak 3 Client\uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-06-14  20:01:36
ComboFix-quarantined-files.txt  2013-06-14 18:01
.
Vor Suchlauf: 10 Verzeichnis(se), 69.142.183.936 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 68.965.056.512 Bytes frei
.
- - End Of File - - 1035766A84855E538C70338C750244DF
D41D8CD98F00B204E9800998ECF8427E

markusg · 14.06.2013, 19:12

Hi,
malwarebytes:
Downloade Dir bitte Malwarebytes

Installiere
das Programm in den vorgegebenen Pfad.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Starte Malwarebytes, klicke auf Aktualisierung --> Suche
nach Aktualisierung
Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
Wenn der Scan beendet
ist, klicke auf Ergebnisse anzeigen.
Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
Poste
das Logfile, welches sich in Notepad öffnet, hier in den Thread.
Nachträglich kannst du den Bericht unter "Log Dateien" finden.

Talerius · 14.06.2013, 19:44

Code:

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.06.14.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Thorge :: DC6KH-I [Administrator]

14.06.2013 20:14:58
mbam-log-2013-06-14 (20-14-58).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|F:\|G:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 517295
Laufzeit: 27 Minute(n), 48 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Hm , in der Datei steht zwar , dass nichts gefunden wurde , aber Snap.do ist immer noch da , wenn ich meine Browser (Google Chrome) starte .(Und in den Browsereinstellungen ist Google als Serchengine eingetragen ) :O

markusg · 14.06.2013, 20:54

immer mit der Ruhe

lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

Talerius · 14.06.2013, 21:18

Ich habe Google Chrome nochmal neu installiert , jetzt ist es wieder der normale Screen , danke

. Aber vlt. findest du ja doch noch etwas in der Liste , sonst wünsche ich dir noch ein schönes Wochenende und bedanke mich noch einmal bei dir

.

LG

EDIT: Leider hat die Code-Anzeige die Abstände von Nodepad++ nicht übernommen , sorry .

Code:

ATTFilter

Acrobat.com	Adobe Systems Incorporated	07.01.2013		1.1.377											notwendig
Adobe AIR	Adobe Systems Inc.	07.01.2013		1.0.4990												notwendig
Adobe Flash Player 11 ActiveX	Adobe Systems Incorporated	14.06.2013	6,00MB	11.7.700.224			notwendig
Adobe Flash Player 11 Plugin	Adobe Systems Incorporated	14.06.2013	6,00MB	11.7.700.224			notwendig
Adobe Reader XI (11.0.03) - Deutsch	Adobe Systems Incorporated	15.05.2013	134MB	11.0.03				notwendig
ANNO 2070	Ubisoft	13.01.2013		1.0.0.0																notwendig
Arma 2	Bohemia Interactive	12.03.2013																	notwendig
Arma 2: DayZ Mod		12.03.2013																		notwendig
Arma 2: Operation Arrowhead	Bohemia Interactive	12.03.2013												notwendig
Arma 2: Operation Arrowhead Beta		12.03.2013														notwendig
AudioGenie	msi, Inc.	07.01.2013																		notwendig
Bandicam	Bandisoft.com	06.04.2013	19,5MB	1.8.6.321												unnötig
Bandisoft MPEG-1 Decoder	Bandisoft.com	06.04.2013													unnötig
Borderlands 2	Gearbox Software	09.02.2013															notwendig
CCleaner	Piriform	19.12.2012		3.26															notwendig
CLICKBIOSII	MSI	26.05.2013	58,2MB	1.0.115																notwendig
Company of Heroes	THQ Inc.	05.05.2013		2.602.0													notwendig
ControlCenter	MSI	19.03.2013	156MB	2.5.053															notwendig
Counter-Strike	Valve	22.02.2013																		notwendig
Counter-Strike: Global Offensive		11.01.2013														notwendig
Counter-Strike: Source	Valve	09.01.2013																notwendig
DayZ Commander	Dotjosh Studios	17.03.2013	4,01MB	0.92.69												notwendig
Dota 2		26.01.2013																				    notwendig
EasyViewer	MSI	07.01.2013	20,6MB	1.3.0.9																unnötig
FileZilla Client 3.7.0.1	FileZilla Project	24.05.2013	17,6MB	3.7.0.1								notwendig											
Gameforge Live 1.0 "Legend"	Gameforge	27.03.2013	57,3MB	1.1.1724									unnötig
gamelauncher-ps2-live	Sony Online Entertainment	24.01.2013											notwendig
GIMP 2.8.2	The GIMP Team	23.01.2013	244MB	2.8.2													notwendig
Google Chrome	Google Inc.	07.01.2013		27.0.1453.110												notwendig
Hell Yeah!		09.01.2013																				notwendig
Intel(R) Management Engine Components	Intel Corporation	22.09.2011		7.1.21.1134					notwendig
Intel(R) Network Connections 18.1.59.0	Intel	04.05.2013	26,2MB	18.1.59.0							notwendig
Intel(R) Rapid Storage Technology enterprise	Intel Corporation	07.01.2013		3.0.0.3011			notwendig
IZArc 4.1.7	Ivan Zahariev	31.01.2013	15,6MB	4.1.7													notwendig
Java 7 Update 10 (64-bit)	Oracle	08.01.2013	127MB	7.0.100											notwendig
Kaspersky Internet Security 2013	Kaspersky Lab	04.05.2013		13.0.1.4190							notwendig
League of Legends	Riot Games	08.01.2013		1.3														notwendig
Left 4 Dead	Valve	09.01.2013																			notwendig
Left 4 Dead 2	Valve	09.01.2013																		notwendig
Live Update 5	MSI	04.05.2013	28,4MB	5.0.101															notwendig
Logitech Gaming Software 8.40	Logitech Inc.	08.01.2013	89,7MB	8.40.83								notwendig
Logitech Webcam-Software	Logitech Inc.	21.05.2013		2.51										notwendig
Malwarebytes Anti-Malware Version 1.75.0.1300	Malwarebytes Corporation	14.06.2013	19,2MB	1.75.0.1300 naja , das ist von dir ^^
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	07.01.2013	38,8MB	4.0.30319		notwendig
Microsoft .NET Framework 4 Client Profile DEU Language Pack	Microsoft Corporation	07.01.2013	2,93MB	4.0.30319 notwendig
Microsoft .NET Framework 4 Extended	Microsoft Corporation	07.01.2013	51,9MB	4.0.30319				notwendig
Microsoft .NET Framework 4 Extended DEU Language Pack	Microsoft Corporation	07.01.2013	10,6MB	4.0.30319 notwendig
Microsoft Office Excel Viewer	Microsoft Corporation	03.06.2013	71,2MB	12.0.6334.5000				notwendig
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	09.02.2013	2,69MB	8.0.59193		notwendig
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17	Microsoft Corporation	07.01.2013	788KB	9.0.30729 notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	08.01.2013	596KB	9.0.30729 notwendig
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319	Microsoft Corporation	24.02.2013	1,42MB	10.0.30319 notwendig
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219	Microsoft Corporation	08.01.2013	11,1MB	10.0.40219 notwendig
Microsoft XNA Framework Redistributable 4.0	Microsoft Corporation	30.05.2013	8,03MB	4.0.20823.0 	notwendig
Mozilla Maintenance Service	Mozilla	13.04.2013	330KB	17.0.5											unnötig
Mozilla Thunderbird 17.0.5 (x86 de)	Mozilla	13.04.2013	41,9MB	17.0.5									notwendig	
Mozilla Thunderbird 17.0.6 (x86 de)	Mozilla	03.06.2013	43,6MB	17.0.6									notwendig
MSI Afterburner 2.3.0	MSI Co., LTD	08.01.2013		2.3.0											unnötig
NVIDIA 3D Vision Controller-Treiber 314.22	NVIDIA Corporation	04.05.2013		314.22					notwendig
NVIDIA 3D Vision Treiber 320.18	NVIDIA Corporation	23.05.2013		320.18								notwendig
NVIDIA Grafiktreiber 320.18	NVIDIA Corporation	23.05.2013		320.18									notwendig
NVIDIA HD-Audiotreiber 1.3.24.2	NVIDIA Corporation	23.05.2013		1.3.24.2							notwendig
NVIDIA PhysX-Systemsoftware 9.12.1031	NVIDIA Corporation	07.01.2013		9.12.1031					notwendig
NVIDIA Update 1.12.12	NVIDIA Corporation	04.05.2013		1.12.12										notwendig
ooVoo	ooVoo LLC.	21.05.2013	35,2MB	3.5.8022														notwendig
ooVoo toolbar, powered by Ask.com	Ask.com	21.05.2013	3,77MB	1.17.6.0								notwendig
ooVoo toolbar, powered by Ask.com Updater	Ask.com	21.05.2013		1.4.3.42067							notwendig
Orcs Must Die! 2		09.01.2013																		notwendig
OTPService	MSI	07.01.2013	6,23MB	1.0.002																notwendig
PlanetSide 2	Sony Online Entertainment	24.01.2013		1.0.3.183									notwendig
Portal 2	Valve	10.02.2013																			notwendig
Razer Synapse 2.0	Razer USA Ltd.	04.05.2013	17,0MB	1.9.5											notwendig
Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	08.03.2013		6.0.1.6793			notwendig
Renesas Electronics USB 3.0 Host Controller Driver	Renesas Electronics Corporation	07.01.2013	1,01MB	2.0.34.0 unbekannt
Saints Row: The Third	Volition	16.03.2013															notwendig
Skype™ 6.3	Skype Technologies S.A.	07.04.2013	21,1MB	6.3.105											notwendig
SlimDrivers	SlimWare Utilities, Inc.	26.05.2013	28,0MB	2.2.29035									notwendig
Spotify	Spotify AB	04.05.2013		0.9.0.133.gd18ed589													notwendig
StarCraft II	Blizzard Entertainment	08.05.2013		2.0.8.25604										notwendig
Steam	Valve Corporation	07.01.2013	35,4MB	1.0.0.0													notwendig
TeamSpeak 3 Client	TeamSpeak Systems GmbH	18.05.2013		3.0.10										notwendig
TeamViewer 8	TeamViewer	07.01.2013		8.0.16642													notwendig
Terraria		30.05.2013																				notwendig
Virtual Audio Cable 4.10		09.01.2013																notwendig
Visual Studio 2010 x64 Redistributables	AVG Technologies	08.01.2013	12,4MB	13.0.0.1				unbekannt
Warhammer 40,000 Space Marine	Relic	20.02.2013														notwendig
Winamp	Nullsoft, Inc	24.01.2013		5.63 															notwendig
Winamp Erkennungs-Plug-in	Nullsoft, Inc	24.01.2013	63,0KB	1.0.0.1									notwendig
Winki	MSI	07.01.2013	556MB	3.2.118																	notwendig
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0	Intel	07.01.2013	11,8MB	2.1.23.0			notwendig

markusg · 15.06.2013, 14:50

deinstaliere:
Adobe Flash Player alle
Adobe - Adobe Flash Player installieren
neueste version laden, instalieren.
bitte auch mal den adobe reader wie folgt konfigurieren:
adobe reader öffnen, bearbeiten, voreinstellungen.
allgemein:
nur zertifizierte zusatz module verwenden, anhaken.
Sicherheit (erweitert)
Erweiterte Sicherheit anhaken
und alle Dateien auswählen.
internet:
hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc.
es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht.
bei javascript den haken bei java script verwenden raus nehmen
bei updater, automatisch instalieren wählen.
übernehmen /ok

deinstaliere:
Bandicam
Bandisoft
EasyViewer
Gameforge
Java
downloade Java jre:
Java-Downloads für alle Betriebssysteme
klicke:
Download der Java-Software für Windows Offline
laden, und instalieren
deinstaliere:
ooVoo toolbar, : bitte finger weg von toolbard

Öffne CCleaner, analysieren, starten, PC neustarten.
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Restlose Entfernung von Maleware usw. ( SpyHunter4 und Snap.do )

Log-Analyse und Auswertung: Restlose Entfernung von Maleware usw. ( SpyHunter4 und Snap.do )