| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Immer wieder Abstürze einfach so - WIN XP SP3Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
29.07.2013, 14:48
| #1 |
 |  Immer wieder Abstürze einfach so - WIN XP SP3 Hallo Ihr Klugen Schädlingsbekämpfer, Ich habe immer wieder einfach so Abstürze (PC einfach aus) und teilweise völlig blödsinniges Verhalten von Google Chrome - Monitor 2 24'' 1900*1200 und M2 27'' 2560*1440 (senkrecht ) - wenn ich surfe, kommen einfach so die hinter dem Fenster liegenden Programm teilweise nach vorn, aber nur auf dem 27'' senkrecht - sobald ich den Browser auf M1 verschiebe, dann nicht mehr. Er soll aber auch in einer Länge von 2560 funktionieren.... (Neuester GrafikTreiber ist drauf) Ich möchte nun erst mal abklären, ob es an einem Schädliing liegen kann, bevor ich die Hardware Stück für Stück prüfe(n muß). Wäre nett, wenn ihr kurz über mein Log drüberschaut, ob da was verdächtiges drin ist.... EMSI-Soft Anti-Malware hat nichts gefunden, wie diverse andere OnlineScanner auch nicht. AVIRA DE-Cleaner auch nicht Bitdefender Online Scanner auch nicht. ESET Online Scanner auch nicht. Habe keinen dauerhaften Virenschutz instlalliert, nimmt mir zu viele Ressourcen weg. Hatte so ein paar kleine Sachen wie snap.do und qv.o6, die habe ich aber alle mit JRT entfernen lassen. Hier das .log: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:15:14, on 29.07.13 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe C:\WINDOWS\system32\ACRAMDiskHandlerService32RD3.exe D:\_faster\CachemanXP\CachemanXP.exe D:\_improve system\Flashfolder\FlashFolder.exe C:\Programme\Soluto\SolutoLauncherService.exe C:\WINDOWS\system32\svchost.exe C:\Programme\Gemeinsame Dateien\Acronis\SyncAgent\syncagentsrv.exe C:\Programme\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe C:\Programme\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe C:\WINDOWS\Explorer.EXE C:\Programme\Microsoft IntelliType Pro\itype.exe C:\WINDOWS\system32\rundll32.exe C:\Programme\Microsoft Garage\Mouse without Borders\MousewithoutBordersHelper.exe D:\_improve system\MMTaskbar 3.0\MultiMon.exe D:\_improve system\WindowManager\WindowManager.exe Q:\_easywork\ObjectDock\ObjectDock.exe D:\_easywork\PTFB Pro\PTFBPro.exe Q:\_system improve\Anvir TaskManager Pro\anvir.exe D:\_improve system\Free Extended Task Manager\Extensions\TaskManager\ExtensionsTaskManager32.exe C:\WINDOWS\system32\taskmgr.exe D:\_improve system\System Explorer\SystemExplorer.exe D:\_improve system\System Explorer\service\SystemExplorerService.exe C:\Programme\WebTemp\WebTemp.exe C:\Programme\WebTemp\HWMonitor32.exe C:\Programme\TweakRAM\TweakRAM.exe D:\_improve system\Process Lasso\ProcessLasso.exe D:\_backup\Desksave821\DeskSave.exe C:\Programme\Launchy\Launchy.exe D:\_easywork\ComfortKeys\CKeys.exe D:\_easywork\activeaid\AutoHotkey\AutoHotkey.exe D:\_easywork\ComfortKeys\CKeysCm.exe Q:\_easywork\TaskSwitchXP\TaskSwitchXP.exe Q:\_easywork\WinSplit Revolution\WinSplit.exe Q:\_easywork\WinSplit Revolution\WinSplitDrvr32.exe D:\_improve system\RocketDock\RocketDock.exe D:\_filemanagement\xplorer² pro\xplorer2_UC.exe D:\_improve system\Process Lasso\ProcessGovernor.exe R:\_easywork\Everything\Everything.exe Q:\_easywork\allsnap150beta\allsnap.exe D:\_info\TimeLeft3\TimeLeft.exe D:\_improve system\aborange Scheduler\aboScheduler.exe C:\Programme\FreePDF_XP\fpassist.exe C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Dropbox\bin\Dropbox.exe C:\Programme\Gemeinsame Dateien\Acronis\TibMounter\TibMounterMonitor.exe C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe C:\WINDOWS\system32\mmc.exe C:\Programme\Gemeinsame Dateien\Acronis\TrueImageHome\TrueImageHomeNotify.exe C:\Programme\Gemeinsame Dateien\Acronis\TrueImageHome\TrueImageHomeService.exe C:\Programme\Emsisoft Anti-Malware\a2service.exe C:\Programme\Emsisoft Anti-Malware\a2guard.exe E:\_ dropbox _\Dropbox\_ install new\__new\HiJackThis204.exe R:\GoogleChromePortable 28 final\GoogleChromePortable.exe R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe R:\Office 2003\OFFICE11\WINWORD.EXE R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&from=amt&uid=395049983_134962_1A3A1AE6&ts=1373469190 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&from=amt&uid=395049983_134962_1A3A1AE6&ts=1373469190 F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe,c:\programme\soluto\soluto.exe /userinit O1 - Hosts: # Copyright (c) 1993-1999 Microsoft Corp. O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Programme\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\z_rest\Java 7.25 - 2\bin\ssv.dll O2 - BHO: CmjBrowserHelperObject Object - {AC41D38F-B56D-40AD-94E0-B493D130C959} - D:\Programme\MindManager 6\Mm6InternetExplorer.dll O2 - BHO: ZeonIEEventHelper Class - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - D:\Programme\Nuance Paperport 14\PDFCreate\Bin\ZeonIEFavClient.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\z_rest\Java 7.25 - 2\bin\jp2ssv.dll O3 - Toolbar: DocuCom PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - D:\Programme\Nuance Paperport 14\PDFCreate\Bin\ZeonIEFavClient.dll O4 - HKLM\..\Run: [amd_dc_opt] D:\_hardware\AMD Dual Core optimizer 1.1.4\amd_dc_opt.exe O4 - HKLM\..\Run: [nwiz] "C:\Programme\NVIDIA Corporation\nview\nwiz.exe" /installquiet O4 - HKLM\..\Run: [itype] "C:\Programme\Microsoft IntelliType Pro\itype.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O4 - Startup: WindowManager.lnk = D:\_improve system\WindowManager\WindowManager.exe O4 - Global Startup: MultiMon Taskbar.lnk = D:\_improve system\MMTaskbar 3.0\MultiMon.exe O8 - Extra context menu item: An vorhandene PDF-Datei anhängen - res://D:\Programme\Nuance Paperport 14\PDFCreate\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML O8 - Extra context menu item: PDF-Datei aus Linkinhalt erstellen - res://D:\Programme\Nuance Paperport 14\PDFCreate\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML O8 - Extra context menu item: PDF-Datei erstellen - res://D:\Programme\Nuance Paperport 14\PDFCreate\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML O8 - Extra context menu item: PDF-Dateien aus den ausgewählten Links erstellen - res://D:\Programme\Nuance Paperport 14\PDFCreate\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML O9 - Extra button: (no name) - AutorunsDisabled - (no file) O9 - Extra button: Send to Mindjet MindManager - {531B9DC0-D8EE-4c76-A6EE-6C1E50569655} - D:\Programme\MindManager 6\Mm6InternetExplorer.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1373592075671 O18 - Protocol: AnVirDisabled - (no CLSID) - (no file) O20 - Winlogon Notify: AutorunsDisabled - Invalid registry found O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Emsisoft Anti-Malware 8.0 - Service (a2AntiMalware) - Emsisoft GmbH - C:\Programme\Emsisoft Anti-Malware\a2service.exe O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe O23 - Service: ArchiCrypt Ultimate RAM-Disk 3 - Realisiert RAM-Disk (ArchiCrypt Ultimate RAM-Disk 3) - Softwareentwicklung Remus - ArchiCrypt - C:\WINDOWS\system32\ACRAMDiskHandlerService32RD3.exe O23 - Service: BootlogService - Greatis Software (c) - D:\_faster\BootLog XP\BootLogService.exe O23 - Service: BWMeter Connections Service (BWMeterConSvc) - Unknown owner - D:\_faster\BWMeter\BWMeterConSvc.exe O23 - Service: CachemanXP (CachemanXPService) - Outertech - D:\_faster\CachemanXP\CachemanXP.exe O23 - Service: FlashFolder - zett42 - D:\_improve system\Flashfolder\FlashFolder.exe O23 - Service: Soluto Launcher Service (SolutoLauncherService) - Soluto - C:\Programme\Soluto\SolutoLauncherService.exe O23 - Service: Soluto Remote Service (SolutoRemoteService) - GlavSoft LLC. - C:\Programme\Soluto\SolutoRemoteService.exe O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Programme\Soluto\SolutoService.exe O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Programme\Gemeinsame Dateien\Acronis\SyncAgent\syncagentsrv.exe O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - D:\_improve system\System Explorer\service\SystemExplorerService.exe O23 - Service: User Profile Hive Cleanup (UPHClean) - Windows (R) Codename Longhorn DDK provider - D:\_maintenance\UPHClean\uphclean.exe -- End of file - 9822 bytes Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.2 (07.22.2013:2)
OS: Microsoft Windows XP x86
Ran by Elmar-Admin on 29.07.13 at 14:46:09,82
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\ieplugin.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{c26644c4-2a12-4ca6-8f2e-0ede6cf018f3}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\datamngr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\gencrawler_gc.gencrawler
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\ieplugin.iewebhook
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\ieplugin.iewebhook.1
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\WINDOWS\system32\ai_recyclebin"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29.07.13 at 14:52:12,84
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
================================================================ Hier das Log.file von ADWCleaner [CODE]JRTAdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v2.306 - Datei am 29/07/2013 um 15:50:48 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : Elmar-Admin - ASUS-A8N
# Bootmodus : Normal
# Ausgeführt unter : E:\_ dropbox _\Dropbox\_ install new\_security\adwcleaner06.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Ordner Gefunden : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\boost_interprocess
Ordner Gefunden : C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Ordner Gefunden : C:\Dokumente und Einstellungen\Elmar-Admin\Lokale Einstellungen\Anwendungsdaten\PackageAware
***** [Registrierungsdatenbank] *****
Daten Gefunden : HKLM\...\StartMenuInternet\IEXPLORE.EXE [(Default)] = C:\Programme\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=395049983_134962_1A3A1AE6&ts=1373469190
Schlüssel Gefunden : HKCU\Software\DataMngr
Schlüssel Gefunden : HKCU\Software\FoxyDeal
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{3F39D17D-50C7-4AC4-A63A-CDF6CDBD0C61}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Schlüssel Gefunden : HKLM\Software\DataMngr
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gefunden : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gefunden : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gefunden : HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gefunden : HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gefunden : HKU\S-1-5-21-854245398-1960408961-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.6001.18702
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&from=amt&uid=395049983_134962_1A3A1AE6&ts=1373469190
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - CustomizeSearch] = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&from=amt&uid=395049983_134962_1A3A1AE6&ts=1373469190
-\\ Mozilla Firefox v [Version kann nicht ermittelt werden]
Datei : C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\75mu9wvt.default\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v28.0.1500.71
Datei : C:\Dokumente und Einstellungen\Elmar-Admin\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
-\\ Chromium v26.0.1450.0
Datei : C:\Dokumente und Einstellungen\Elmar-Admin\Lokale Einstellungen\Anwendungsdaten\Chromium\User Data\Default\Preferences
[OK] Die Datei ist sauber.
-\\ Opera v [Version kann nicht ermittelt werden]
Datei : C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Opera\Opera\operaprefs.ini
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [4483 octets] - [29/07/2013 15:50:48]
########## EOF - C:\AdwCleaner[R1].txt - [4543 octets] ##########
====================================================================== Systemlook meldet Fehler "Script required" - geht also nicht.... ====================================================================== ==================================== Kasperskay TDSSKiller Code:
ATTFilter 16:13:02.0109 3368 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:13:02.0531 3368 ============================================================
16:13:02.0531 3368 Current date / time: 2013/07/29 16:13:02.0531
16:13:02.0531 3368 SystemInfo:
16:13:02.0531 3368
16:13:02.0531 3368 OS Version: 5.1.2600 ServicePack: 3.0
16:13:02.0531 3368 Product type: Workstation
16:13:02.0531 3368 ComputerName: ASUS-A8N
16:13:02.0531 3368 UserName: Elmar-Admin
16:13:02.0531 3368 Windows directory: C:\WINDOWS
16:13:02.0531 3368 System windows directory: C:\WINDOWS
16:13:02.0531 3368 Processor architecture: Intel x86
16:13:02.0531 3368 Number of processors: 2
16:13:02.0531 3368 Page size: 0x1000
16:13:02.0531 3368 Boot type: Normal boot
16:13:02.0531 3368 ============================================================
16:13:04.0734 3368 Drive \Device\Harddisk1\DR1 - Size: 0x1BF4290000 (111.82 Gb), SectorSize: 0x200, Cylinders: 0x3C94, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
16:13:04.0734 3368 Drive \Device\Harddisk2\DR2 - Size: 0x14F61AE000 (83.85 Gb), SectorSize: 0x200, Cylinders: 0x2D6D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000058
16:13:04.0765 3368 Drive \Device\Harddisk3\DR3 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
16:13:04.0765 3368 Drive \Device\Harddisk4\DR16 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:13:04.0781 3368 Drive \Device\Harddisk5\DR18 - Size: 0x950B055E00 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:13:04.0828 3368 ============================================================
16:13:04.0828 3368 \Device\Harddisk1\DR1:
16:13:04.0828 3368 MBR partitions:
16:13:04.0828 3368 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x29F9B30, BlocksNum 0xB5A4A10
16:13:04.0828 3368 \Device\Harddisk2\DR2:
16:13:04.0828 3368 MBR partitions:
16:13:04.0828 3368 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x51360, BlocksNum 0x3376A10
16:13:04.0828 3368 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x33C7DAF, BlocksNum 0xC069E1
16:13:04.0828 3368 \Device\Harddisk2\DR2\Partition3: MBR, Type 0x7, StartLBA 0x3FCE7CF, BlocksNum 0x2A0FD11
16:13:04.0828 3368 \Device\Harddisk2\DR2\Partition4: MBR, Type 0x7, StartLBA 0x69DE51F, BlocksNum 0x3DD10B1
16:13:04.0828 3368 \Device\Harddisk3\DR3:
16:13:04.0828 3368 MBR partitions:
16:13:04.0828 3368 \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x332FC8E
16:13:04.0843 3368 \Device\Harddisk3\DR3\Partition2: MBR, Type 0x7, StartLBA 0xA3CF503, BlocksNum 0x2FFB573E
16:13:04.0843 3368 \Device\Harddisk4\DR16:
16:13:04.0843 3368 MBR partitions:
16:13:04.0843 3368 \Device\Harddisk4\DR16\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
16:13:04.0843 3368 \Device\Harddisk5\DR18:
16:13:04.0843 3368 MBR partitions:
16:13:04.0843 3368 \Device\Harddisk5\DR18\Partition1: MBR, Type 0x7, StartLBA 0x3F07, BlocksNum 0x4A852FBA
16:13:04.0843 3368 ============================================================
16:13:04.0843 3368 F: <-> \Device\Harddisk2\DR2\Partition4
16:13:04.0875 3368 V: <-> \Device\Harddisk5\DR18\Partition1
16:13:04.0921 3368 I: <-> \Device\Harddisk1\DR1\Partition1
16:13:04.0953 3368 T: <-> \Device\Harddisk4\DR16\Partition1
16:13:04.0984 3368 W: <-> \Device\Harddisk3\DR3\Partition1
16:13:05.0000 3368 U: <-> \Device\Harddisk3\DR3\Partition2
16:13:05.0000 3368 E: <-> \Device\Harddisk2\DR2\Partition3
16:13:05.0000 3368 D: <-> \Device\Harddisk2\DR2\Partition2
16:13:05.0000 3368 C: <-> \Device\Harddisk2\DR2\Partition1
16:13:05.0000 3368 ============================================================
16:13:05.0000 3368 Initialize success
16:13:05.0000 3368 ============================================================
16:13:26.0281 5228 ============================================================
16:13:26.0281 5228 Scan started
16:13:26.0281 5228 Mode: Manual; SigCheck; TDLFS;
16:13:26.0281 5228 ============================================================
16:13:26.0359 5228 ================ Scan system memory ========================
16:13:26.0390 5228 System memory - ok
16:13:26.0421 5228 ================ Scan services =============================
16:13:26.0703 5228 [ A8A4E18857CDFD8D9AB81E2C9EAF89B5 ] a2acc C:\PROGRAMME\EMSISOFT ANTI-MALWARE\a2accx86.sys
16:13:27.0109 5228 a2acc - ok
16:13:27.0281 5228 [ 4B9C5EEBEE862574CF794582104F0C91 ] a2AntiMalware C:\Programme\Emsisoft Anti-Malware\a2service.exe
16:13:27.0718 5228 a2AntiMalware - ok
16:13:27.0796 5228 [ B0CC0B50441372157F31C4C023D43A3E ] A2DDA C:\Programme\Emsisoft Anti-Malware\a2ddax86.sys
16:13:27.0953 5228 A2DDA - ok
16:13:27.0984 5228 [ 03BFDFAE9D150D43F4A19B5FBB892591 ] a2injectiondriver C:\Programme\Emsisoft Anti-Malware\a2dix86.sys
16:13:28.0140 5228 a2injectiondriver - ok
16:13:28.0265 5228 [ 8DEA3FE12A6686573F16A06AD95D7AB9 ] a2util C:\Programme\Emsisoft Anti-Malware\a2util32.sys
16:13:28.0359 5228 a2util - ok
16:13:28.0718 5228 Abiosdsk - ok
16:13:28.0781 5228 abp480n5 - ok
16:13:28.0796 5228 [ C975B7FB61CE1674C7308DE4CF698F03 ] ACMoFlex32RD3 C:\WINDOWS\system32\drivers\ACMoFlex32RD3.sys
16:13:28.0890 5228 ACMoFlex32RD3 - ok
16:13:28.0906 5228 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:13:29.0109 5228 ACPI - ok
16:13:29.0140 5228 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
16:13:29.0328 5228 ACPIEC - ok
16:13:29.0406 5228 [ 35BCB0F33FABA91F93C062FBE7EA1EAC ] AcrSch2Svc C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
16:13:29.0515 5228 AcrSch2Svc - ok
16:13:29.0546 5228 [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:13:29.0609 5228 AdobeFlashPlayerUpdateSvc - ok
16:13:29.0640 5228 adpu160m - ok
16:13:29.0656 5228 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
16:13:29.0875 5228 aec - ok
16:13:29.0906 5228 [ DF139E5866C19E0B3217EF210198D875 ] afcdp C:\WINDOWS\system32\DRIVERS\afcdp.sys
16:13:30.0015 5228 afcdp - ok
16:13:30.0109 5228 [ 1AEA25F70F12ABB494A4E35E1D717414 ] afcdpsrv C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe
16:13:30.0578 5228 afcdpsrv - ok
16:13:30.0625 5228 [ F6B7B1ECD7B41736BDB6FF4B092BCB79 ] AFD C:\WINDOWS\System32\drivers\afd.sys
16:13:30.0906 5228 AFD - ok
16:13:30.0953 5228 Aha154x - ok
16:13:31.0046 5228 [ 1CC3E547FE3DEC8272780F24F3059519 ] AHDDC2 D:\_maintenance\Ashampoo HDD Control 2\AHDDC2_Service.exe
16:13:32.0109 5228 AHDDC2 - ok
16:13:32.0328 5228 aic78u2 - ok
16:13:32.0359 5228 aic78xx - ok
16:13:32.0515 5228 [ DD8520280304B6145A6BE31008748C7C ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
16:13:34.0062 5228 ALCXWDM - ok
16:13:34.0078 5228 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
16:13:34.0453 5228 Alerter - ok
16:13:35.0078 5228 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
16:13:35.0218 5228 ALG - ok
16:13:35.0421 5228 AliIde - ok
16:13:35.0437 5228 [ 769844EB65DF6A62AA51B886290FE51D ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
16:13:35.0578 5228 AmdK8 - ok
16:13:35.0593 5228 [ AD8FA28D8ED0D0A689A0559085CE0F18 ] AmdLLD C:\WINDOWS\system32\DRIVERS\AmdLLD.sys
16:13:35.0703 5228 AmdLLD - ok
16:13:36.0015 5228 [ 033448D435E65C4BD72E70521FD05C76 ] AmdPPM C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
16:13:36.0156 5228 AmdPPM - ok
16:13:36.0234 5228 amsint - ok
16:13:36.0250 5228 AnvirRun - ok
16:13:36.0312 5228 [ BCF37763868AB5ED70B392D3F101D44D ] AnyDVD C:\WINDOWS\system32\Drivers\AnyDVD.sys
16:13:36.0421 5228 AnyDVD - ok
16:13:36.0453 5228 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
16:13:36.0609 5228 AppMgmt - ok
16:13:36.0812 5228 [ A751D72D0D72FB3CE529F2097EC1E662 ] ArchiCrypt Ultimate RAM-Disk 3 C:\WINDOWS\system32\ACRAMDiskHandlerService32RD3.exe
16:13:37.0000 5228 ArchiCrypt Ultimate RAM-Disk 3 - ok
16:13:37.0015 5228 [ CA3F6CB8472A2E5F0B37FBFB8C7D8A2A ] ArgusMonitor C:\WINDOWS\system32\drivers\ArgusMonitor.sys
16:13:37.0125 5228 ArgusMonitor - ok
16:13:37.0125 5228 asc - ok
16:13:37.0140 5228 asc3350p - ok
16:13:37.0156 5228 asc3550 - ok
16:13:37.0250 5228 [ 2B4E66FAC6503494A2C6F32BB6AB3826 ] AsIO C:\WINDOWS\system32\drivers\AsIO.sys
16:13:37.0375 5228 AsIO - ok
16:13:37.0406 5228 [ B979979AB8027F7F53FB16EC4229B7DB ] Aspi32 C:\WINDOWS\system32\drivers\Aspi32.sys
16:13:37.0437 5228 Aspi32 ( UnsignedFile.Multi.Generic ) - warning
16:13:37.0437 5228 Aspi32 - detected UnsignedFile.Multi.Generic (1)
16:13:37.0468 5228 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
16:13:37.0656 5228 aspnet_state - ok
16:13:38.0125 5228 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:13:38.0703 5228 AsyncMac - ok
16:13:38.0750 5228 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
16:13:39.0000 5228 atapi - ok
16:13:39.0078 5228 Atdisk - ok
16:13:39.0109 5228 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:13:39.0390 5228 Atmarpc - ok
16:13:39.0578 5228 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
16:13:39.0843 5228 AudioSrv - ok
16:13:39.0859 5228 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
16:13:40.0031 5228 audstub - ok
16:13:40.0046 5228 [ 5D7BE7B19E827125E016325334E58FF1 ] BANTExt C:\WINDOWS\System32\Drivers\BANTExt.sys
16:13:40.0078 5228 BANTExt ( UnsignedFile.Multi.Generic ) - warning
16:13:40.0078 5228 BANTExt - detected UnsignedFile.Multi.Generic (1)
16:13:40.0093 5228 [ FF1B04E478694FE92E6D1EC025EAB7FD ] BITS C:\WINDOWS\system32\qmgr.dll
16:13:40.0296 5228 BITS - ok
16:13:40.0453 5228 [ 2F64EAE8C8864AAA3AE8CE0E58B8CC68 ] BootlogService D:\_faster\BootLog XP\BootLogService.exe
16:13:40.0875 5228 BootlogService - ok
16:13:41.0062 5228 [ 63D495ED7E4D46B780CB57ACD46B8AC9 ] BootRacerServ C:\Programme\BootRacer\BootRacerServ.exe
16:13:41.0968 5228 BootRacerServ - ok
16:13:41.0984 5228 [ B2CC8D85D27BF10C5FAF5B98C335978E ] Browser C:\WINDOWS\System32\browser.dll
16:13:42.0218 5228 Browser - ok
16:13:42.0234 5228 [ 92A964547B96D697E5E9ED43B4297F5A ] BrScnUsb C:\WINDOWS\system32\Drivers\BrScnUsb.sys
16:13:42.0281 5228 BrScnUsb ( UnsignedFile.Multi.Generic ) - warning
16:13:42.0281 5228 BrScnUsb - detected UnsignedFile.Multi.Generic (1)
16:13:42.0296 5228 [ 29FD9BF519CEE9CFF4F8E0264B136598 ] BWMeterConSvc D:\_faster\BWMeter\BWMeterConSvc.exe
16:13:42.0390 5228 BWMeterConSvc ( UnsignedFile.Multi.Generic ) - warning
16:13:42.0390 5228 BWMeterConSvc - detected UnsignedFile.Multi.Generic (1)
16:13:42.0609 5228 [ 8E6ACE12CADB0B9E6F1B703798EE913E ] CachemanXPService D:\_faster\CachemanXP\CachemanXP.exe
16:13:42.0781 5228 CachemanXPService ( UnsignedFile.Multi.Generic ) - warning
16:13:42.0781 5228 CachemanXPService - detected UnsignedFile.Multi.Generic (1)
16:13:42.0843 5228 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
16:13:43.0593 5228 cbidf2k - ok
16:13:43.0609 5228 cd20xrnt - ok
16:13:43.0687 5228 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
16:13:43.0875 5228 Cdaudio - ok
16:13:43.0906 5228 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
16:13:44.0234 5228 Cdfs - ok
16:13:44.0312 5228 [ 4B0A100EAF5C49EF3CCA8C641431EACC ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:13:44.0421 5228 Cdrom - ok
16:13:44.0453 5228 [ 81CCDDF83C67BD4F39DE02DD2045AE4E ] cFosSpeed C:\WINDOWS\system32\DRIVERS\cfosspeed.sys
16:13:44.0937 5228 cFosSpeed - ok
16:13:44.0953 5228 [ 3B746A0F0B5CB78458E5AB4AEC101799 ] cFosSpeedS C:\Programme\cFosSpeed\spd.exe
16:13:45.0062 5228 cFosSpeedS - ok
16:13:45.0078 5228 Changer - ok
16:13:45.0093 5228 [ 333A88E0227007E2E0677A92057A6D90 ] cleanhlp C:\Programme\Emsisoft Anti-Malware\cleanhlp32.sys
16:13:45.0156 5228 cleanhlp - ok
16:13:45.0203 5228 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
16:13:45.0671 5228 ClipSrv - ok
16:13:45.0718 5228 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:13:45.0812 5228 clr_optimization_v2.0.50727_32 - ok
16:13:45.0828 5228 [ 3FB186A7A9728102181334336B364BE5 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:13:45.0906 5228 clr_optimization_v4.0.30319_32 - ok
16:13:45.0921 5228 CmdIde - ok
16:13:45.0937 5228 COMSysApp - ok
16:13:45.0953 5228 Cpqarray - ok
16:13:45.0953 5228 cpuz126 - ok
16:13:45.0968 5228 cpuz133 - ok
16:13:46.0046 5228 cpuz136 - ok
16:13:46.0062 5228 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
16:13:46.0453 5228 CryptSvc - ok
16:13:46.0468 5228 dac2w2k - ok
16:13:46.0484 5228 dac960nt - ok
16:13:46.0484 5228 [ B7EF38C2C22A7805DE919CFF5E16A372 ] dc3d C:\WINDOWS\system32\DRIVERS\dc3d.sys
16:13:46.0546 5228 dc3d - ok
16:13:46.0578 5228 [ D3D765E8455A961AE567B408F767D4F9 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
16:13:46.0734 5228 DcomLaunch - ok
16:13:46.0921 5228 [ 92AE26F2CAF4A67E24A0BA6DDF32CC3C ] DfSdkS D:\_maintenance\Ashampoo HDD Control 2\DfSdkS.exe
16:13:46.0984 5228 DfSdkS ( UnsignedFile.Multi.Generic ) - warning
16:13:46.0984 5228 DfSdkS - detected UnsignedFile.Multi.Generic (1)
16:13:47.0031 5228 [ 820110CFFEE9690D64F67D941DDB7879 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
16:13:47.0125 5228 Dhcp - ok
16:13:47.0140 5228 [ 47B6AAEC570F2C11D8BAD80A064D8ED1 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
16:13:47.0250 5228 Disk - ok
16:13:47.0250 5228 dmadmin - ok
16:13:47.0281 5228 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
16:13:47.0656 5228 dmboot - ok
16:13:47.0796 5228 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
16:13:48.0015 5228 dmio - ok
16:13:48.0046 5228 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
16:13:48.0234 5228 dmload - ok
16:13:48.0250 5228 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
16:13:48.0671 5228 dmserver - ok
16:13:48.0906 5228 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
16:13:49.0234 5228 DMusic - ok
16:13:49.0343 5228 [ 4548494812BA3B416D489E0C6AF8D643 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
16:13:49.0484 5228 Dnscache - ok
16:13:49.0531 5228 [ E568A4BFA2C23B29A0F41E00F1E92249 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
16:13:49.0640 5228 Dot3svc - ok
16:13:49.0656 5228 dpti2o - ok
16:13:49.0671 5228 [ CCA30A1F8398B46431A03CF6BB0F8789 ] DragonSvc C:\Programme\Gemeinsame Dateien\Nuance\dgnsvc.exe
16:13:49.0859 5228 DragonSvc - ok
16:13:49.0953 5228 [ 0071F8825D14B16955CD0A0699AB7A6C ] drhard C:\WINDOWS\system32\drivers\drhard.sys
16:13:50.0015 5228 drhard ( UnsignedFile.Multi.Generic ) - warning
16:13:50.0015 5228 drhard - detected UnsignedFile.Multi.Generic (1)
16:13:50.0062 5228 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
16:13:50.0296 5228 drmkaud - ok
16:13:50.0312 5228 [ 8810CBE07A85CF1998750252A8B1F3C4 ] dsnpfd C:\WINDOWS\system32\DRIVERS\dsnpfd.sys
16:13:50.0375 5228 dsnpfd ( UnsignedFile.Multi.Generic ) - warning
16:13:50.0375 5228 dsnpfd - detected UnsignedFile.Multi.Generic (1)
16:13:50.0453 5228 [ 8810CBE07A85CF1998750252A8B1F3C4 ] dsnpfdMP C:\WINDOWS\system32\DRIVERS\dsnpfd.sys
16:13:50.0484 5228 dsnpfdMP ( UnsignedFile.Multi.Generic ) - warning
16:13:50.0484 5228 dsnpfdMP - detected UnsignedFile.Multi.Generic (1)
16:13:50.0515 5228 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
16:13:50.0828 5228 EapHost - ok
16:13:50.0984 5228 [ B83BDCCBACB65BAA9E20888DD0083A16 ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
16:13:51.0046 5228 ElbyCDIO - ok
16:13:51.0062 5228 [ D57F1811D8258D8D277CD9F53657EEF9 ] epmntdrv C:\WINDOWS\system32\epmntdrv.sys
16:13:51.0156 5228 epmntdrv - ok
16:13:51.0234 5228 [ 2407B8164E966755BC6A4242FC9DE31E ] esgiguard C:\Programme\Enigma Software Group\SpyHunter\esgiguard.sys
16:13:51.0312 5228 esgiguard - ok
16:13:51.0328 5228 [ 01CE484FF6D70A39479BC6D619DE7ED6 ] EsgScanner C:\WINDOWS\system32\DRIVERS\EsgScanner.sys
16:13:51.0500 5228 EsgScanner - ok
16:13:52.0031 5228 [ F1DE3EEF501DDA7DDF99F2EDF0C5540E ] EuGdiDrv C:\WINDOWS\system32\EuGdiDrv.sys
16:13:52.0578 5228 EuGdiDrv - ok
16:13:52.0796 5228 [ F0A7D59AF279326528715B206669B86C ] Eventlog C:\WINDOWS\system32\services.exe
16:13:53.0062 5228 Eventlog - ok
16:13:53.0093 5228 [ ADA7241C16F3F42C7F210539FAD5F3AA ] EventSystem C:\WINDOWS\system32\es.dll
16:13:53.0640 5228 EventSystem - ok
16:13:53.0671 5228 [ 4D893323DAE445E34A4C9038B0551BC9 ] exFat C:\WINDOWS\system32\drivers\exFat.sys
16:13:53.0796 5228 exFat - ok
16:13:54.0578 5228 [ 402BE3BC2E9612629CC26314502A7309 ] FancyCcD C:\WINDOWS\system32\DRIVERS\rxfcd.sys
16:13:54.0875 5228 FancyCcD - ok
16:13:54.0921 5228 [ CD0D94EC608B33C665B43ED24D114B4D ] FancyRd C:\WINDOWS\system32\DRIVERS\fancyrd.sys
16:13:55.0140 5228 FancyRd - ok
16:13:55.0640 5228 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
16:13:55.0859 5228 Fastfat - ok
16:13:55.0875 5228 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
16:13:56.0015 5228 FastUserSwitchingCompatibility - ok
16:13:56.0078 5228 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
16:13:56.0546 5228 Fdc - ok
16:13:56.0593 5228 [ F2B9FEF35C5B151FB4A18C1575E5F7FB ] fexservice D:\_filemanagement\FontExplorer X Pro\FontManagementServices.exe
16:13:56.0687 5228 fexservice - ok
16:13:56.0718 5228 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
16:13:56.0968 5228 Fips - ok
16:13:57.0093 5228 [ 6EA7BC2CD83A6C170422F8F0D67500DA ] FlashFolder D:\_improve system\Flashfolder\FlashFolder.exe
16:13:57.0203 5228 FlashFolder ( UnsignedFile.Multi.Generic ) - warning
16:13:57.0203 5228 FlashFolder - detected UnsignedFile.Multi.Generic (1)
16:13:57.0234 5228 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
16:13:57.0453 5228 Flpydisk - ok
16:13:57.0468 5228 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
16:13:57.0656 5228 FltMgr - ok
16:13:57.0953 5228 [ E20D64EDF74D80874837B16506D58166 ] fltsrv C:\WINDOWS\system32\DRIVERS\fltsrv.sys
16:13:58.0046 5228 fltsrv - ok
16:13:58.0078 5228 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
16:13:58.0156 5228 FontCache3.0.0.0 - ok
16:13:58.0171 5228 [ 30D42943A54704EF13E2562911DBFCEA ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:13:58.0640 5228 Fs_Rec - ok
16:13:58.0671 5228 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:13:58.0953 5228 Ftdisk - ok
16:13:59.0109 5228 [ 77EBF3E9386DAA51551AF429052D88D0 ] giveio C:\WINDOWS\system32\giveio.sys
16:13:59.0171 5228 giveio ( UnsignedFile.Multi.Generic ) - warning
16:13:59.0171 5228 giveio - detected UnsignedFile.Multi.Generic (1)
16:13:59.0171 5228 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:13:59.0390 5228 Gpc - ok
16:13:59.0406 5228 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
16:13:59.0437 5228 gupdatem - ok
16:13:59.0453 5228 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:13:59.0625 5228 HDAudBus - ok
16:13:59.0828 5228 [ ED44EC68D7F7FFC6659F5DA3C5EC68B3 ] HDDlife HDD Access service C:\Programme\Gemeinsame Dateien\BinarySense\hldasvc.exe
16:14:00.0578 5228 HDDlife HDD Access service - ok
16:14:00.0734 5228 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
16:14:00.0953 5228 helpsvc - ok
16:14:00.0984 5228 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll
16:14:01.0203 5228 HidServ - ok
16:14:01.0218 5228 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:14:01.0484 5228 hidusb - ok
16:14:01.0578 5228 [ 05E0D8EE7D6FAB5CB672FEC3AAD93AA0 ] hitmanpro37 C:\WINDOWS\system32\drivers\hitmanpro37.sys
16:14:01.0656 5228 hitmanpro37 - ok
16:14:01.0984 5228 [ 0011AC7B83C557D3273A1E093BD46F8E ] HitmanPro37CrusaderBoot C:\Programme\HitmanPro\HitmanPro.exe
16:14:02.0937 5228 HitmanPro37CrusaderBoot - ok
16:14:03.0093 5228 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
16:14:03.0328 5228 hkmsvc - ok
16:14:03.0343 5228 hpn - ok
16:14:03.0359 5228 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
16:14:03.0578 5228 HTTP - ok
16:14:03.0625 5228 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
16:14:03.0875 5228 HTTPFilter - ok
16:14:03.0890 5228 [ DE3FF0AB0C551D7E00E250E81169996A ] HWiNFO32 C:\WINDOWS\system32\drivers\HWiNFO32.SYS
16:14:03.0984 5228 HWiNFO32 - ok
16:14:04.0000 5228 i2omgmt - ok
16:14:04.0015 5228 i2omp - ok
16:14:04.0031 5228 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:14:04.0109 5228 IDriverT ( UnsignedFile.Multi.Generic ) - warning
16:14:04.0109 5228 IDriverT - detected UnsignedFile.Multi.Generic (1)
16:14:04.0140 5228 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:14:04.0265 5228 idsvc - ok
16:14:04.0281 5228 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
16:14:04.0500 5228 Imapi - ok
16:14:04.0546 5228 ini910u - ok
16:14:04.0640 5228 IntelIde - ok
16:14:04.0671 5228 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
16:14:04.0843 5228 Ip6Fw - ok
16:14:05.0046 5228 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:14:05.0312 5228 IpFilterDriver - ok
16:14:05.0343 5228 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:14:05.0578 5228 IpInIp - ok
16:14:05.0578 5228 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:14:05.0812 5228 IpNat - ok
16:14:05.0953 5228 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:14:06.0187 5228 IPSec - ok
16:14:06.0203 5228 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
16:14:06.0343 5228 IRENUM - ok
16:14:06.0359 5228 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:14:06.0781 5228 isapnp - ok
16:14:06.0890 5228 [ 4F4D4AA1E0849FECC0CF5AACD59030B5 ] JavaQuickStarterService D:\z_rest\Java 7.25 - 2\bin\jqs.exe
16:14:07.0015 5228 JavaQuickStarterService - ok
16:14:07.0031 5228 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:14:07.0250 5228 Kbdclass - ok
16:14:07.0265 5228 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
16:14:07.0468 5228 kbdhid - ok
16:14:07.0500 5228 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
16:14:07.0937 5228 kmixer - ok
16:14:07.0953 5228 [ C6EBF1D6AD71DF30DB49B8D3287E1368 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
16:14:08.0015 5228 KSecDD - ok
16:14:08.0031 5228 [ 6EFBC82722D0F7B35283993189ECE9D0 ] KSS C:\Programme\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
16:14:08.0187 5228 KSS - ok
16:14:08.0203 5228 [ 2BBDCB79900990F0716DFCB714E72DE7 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
16:14:08.0265 5228 LanmanServer - ok
16:14:08.0281 5228 [ C9B816901C1ABF28BA6C5B6CB65EB75B ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
16:14:08.0375 5228 lanmanworkstation - ok
16:14:08.0406 5228 [ CF9F4EFDF34FA5BF96FA2AB8F2255CE8 ] LBeepKE C:\WINDOWS\system32\Drivers\LBeepKE.sys
16:14:08.0484 5228 LBeepKE - ok
16:14:08.0500 5228 lbrtfdc - ok
16:14:08.0531 5228 [ FF9E074CCC950398C7D293E1D4D003B3 ] LBTServ C:\Programme\Gemeinsame Dateien\LogiShrd\Bluetooth\lbtserv.exe
16:14:08.0671 5228 LBTServ - ok
16:14:08.0906 5228 [ 59CED2543392EB10B2E8FEAE87A5D248 ] LEqdUsb C:\WINDOWS\system32\Drivers\LEqdUsb.Sys
16:14:09.0062 5228 LEqdUsb - ok
16:14:09.0093 5228 [ 26163F0F1C2636AE3FFF7C54600204A5 ] LHidEqd C:\WINDOWS\system32\Drivers\LHidEqd.Sys
16:14:09.0171 5228 LHidEqd - ok
16:14:09.0187 5228 [ 74EA099C3D9DAD3A657BD89ED4A81C6D ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
16:14:09.0250 5228 LHidFilt - ok
16:14:09.0296 5228 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
16:14:09.0468 5228 LmHosts - ok
16:14:09.0562 5228 [ E9D42CDD5BD22BE28247B77953735650 ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
16:14:09.0640 5228 LMouFilt - ok
16:14:09.0718 5228 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
16:14:09.0890 5228 mnmdd - ok
16:14:09.0968 5228 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
16:14:10.0125 5228 mnmsrvc - ok
16:14:10.0156 5228 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
16:14:10.0343 5228 Modem - ok
16:14:10.0359 5228 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:14:10.0515 5228 Mouclass - ok
16:14:10.0562 5228 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:14:10.0765 5228 mouhid - ok
16:14:10.0859 5228 [ 1A1FAA5102466F418494E94FF9B0B091 ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
16:14:11.0000 5228 MountMgr - ok
16:14:11.0218 5228 [ 55F756E87B2FF0B2E55D909CF6152FF9 ] MouseWithoutBordersSvc C:\Programme\Microsoft Garage\Mouse without Borders\MouseWithoutBordersSvc.exe
16:14:11.0343 5228 MouseWithoutBordersSvc - ok
16:14:11.0359 5228 mraid35x - ok
16:14:11.0375 5228 [ 65E818C473E220B6AB762E1966296FD1 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:14:11.0515 5228 MRxDAV - ok
16:14:12.0500 5228 [ FB2FCCC70F7174C7BF64F48E96D3ADF4 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:14:12.0718 5228 MRxSmb - ok
16:14:12.0875 5228 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
16:14:13.0140 5228 MSDTC - ok
16:14:13.0171 5228 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
16:14:13.0406 5228 Msfs - ok
16:14:13.0437 5228 MSIServer - ok
16:14:13.0546 5228 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:14:13.0718 5228 MSKSSRV - ok
16:14:13.0734 5228 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:14:13.0906 5228 MSPCLOCK - ok
16:14:13.0953 5228 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
16:14:14.0125 5228 MSPQM - ok
16:14:14.0250 5228 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:14:14.0390 5228 mssmbios - ok
16:14:14.0406 5228 [ CA3E22598F411199ADC2DFEE76CD0AE0 ] ms_mpu401 C:\WINDOWS\system32\drivers\msmpu401.sys
16:14:14.0562 5228 ms_mpu401 - ok
16:14:14.0625 5228 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\WINDOWS\system32\DRIVERS\ASACPI.sys
16:14:14.0687 5228 MTsensor - ok
16:14:14.0859 5228 [ F7B1AD991491F02AF6DA70B00B8BF114 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
16:14:15.0062 5228 Mup - ok
16:14:15.0218 5228 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
16:14:15.0515 5228 napagent - ok
16:14:15.0703 5228 [ B5B1080D35974C0E718D64280761BCD5 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
16:14:15.0796 5228 NDIS - ok
16:14:15.0953 5228 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:14:16.0140 5228 NdisTapi - ok
16:14:16.0156 5228 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:14:16.0406 5228 Ndisuio - ok
16:14:16.0609 5228 [ B053A8411045FD0664B389A090CB2BBC ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:14:16.0671 5228 NdisWan - ok
16:14:16.0859 5228 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
16:14:17.0031 5228 NDProxy - ok
16:14:17.0109 5228 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
16:14:17.0359 5228 NetBIOS - ok
16:14:17.0406 5228 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
16:14:17.0656 5228 NetBT - ok
16:14:17.0703 5228 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
16:14:17.0890 5228 NetDDE - ok
16:14:17.0921 5228 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
16:14:18.0109 5228 NetDDEdsdm - ok
16:14:18.0125 5228 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
16:14:18.0593 5228 Netlogon - ok
16:14:18.0671 5228 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
16:14:18.0890 5228 Netman - ok
16:14:18.0984 5228 [ DFE18F2BFD60DA638F24A0776A60F9E3 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:14:19.0109 5228 NetTcpPortSharing - ok
16:14:19.0125 5228 [ 4AA50627B01C0E9C6B4C6BD3AF648F12 ] Nla C:\WINDOWS\System32\mswsock.dll
16:14:19.0359 5228 Nla - ok
16:14:19.0453 5228 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
16:14:19.0656 5228 Npfs - ok
16:14:20.0203 5228 [ AE8CAD8F28DB13B515A68510A539B0B8 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
16:14:20.0625 5228 Ntfs - ok
16:14:20.0703 5228 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
16:14:20.0906 5228 NtLmSsp - ok
16:14:20.0921 5228 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
16:14:21.0109 5228 NtmsSvc - ok
16:14:21.0125 5228 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
16:14:21.0296 5228 Null - ok
16:14:21.0609 5228 [ A613A14FB4D9117F42A3A280F64E9EC4 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
16:14:22.0859 5228 nv - ok
16:14:22.0937 5228 [ C03E15101F6D9E82CD9B0E7D715F5DE3 ] nvata C:\WINDOWS\system32\DRIVERS\nvata.sys
16:14:23.0093 5228 nvata ( UnsignedFile.Multi.Generic ) - warning
16:14:23.0093 5228 nvata - detected UnsignedFile.Multi.Generic (1)
16:14:23.0390 5228 [ FB8595EF3CEB81F0DA3F6F211B2DF932 ] nvax C:\WINDOWS\system32\drivers\nvax.sys
16:14:23.0531 5228 nvax - ok
16:14:23.0640 5228 [ 7D275ECDA4628318912F6C945D5CF963 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
16:14:23.0875 5228 NVENETFD - ok
16:14:23.0890 5228 [ 75E2E77C5497F34E60491D27BF03F1CB ] nvgts C:\WINDOWS\system32\DRIVERS\nvgts.sys
16:14:24.0234 5228 nvgts - ok
16:14:24.0312 5228 [ EDDE04805AC865AC8465388DC4A4CCC7 ] NVHDA C:\WINDOWS\system32\drivers\nvhda32.sys
16:14:24.0406 5228 NVHDA - ok
16:14:24.0421 5228 [ B64AACEFAD2BE5BFF5353FE681253C67 ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
16:14:24.0765 5228 nvnetbus - ok
16:14:25.0031 5228 [ D2315CD3053FC3B4250DC2DBD0AC49E4 ] nvnforce C:\WINDOWS\system32\drivers\nvapu.sys
16:14:25.0250 5228 nvnforce - ok
16:14:25.0296 5228 [ F1AE0BC50661BE09E7BC5919F4C05505 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
16:14:25.0359 5228 NVSvc - ok
16:14:25.0796 5228 [ A9AFE5B0648C8D7A411A72D8222F7F6E ] nvUpdatusService C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
16:14:26.0078 5228 nvUpdatusService - ok
16:14:26.0109 5228 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:14:26.0593 5228 NwlnkFlt - ok
16:14:27.0421 5228 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:14:27.0734 5228 NwlnkFwd - ok
16:14:27.0812 5228 [ 3BBBC02D84AC98AF93F2F4D00EC347F0 ] O&O CleverCache D:\_faster\OO CleverCache\ooccag.exe
16:14:27.0968 5228 O&O CleverCache - ok
16:14:28.0140 5228 [ FD85186C9F1ABE012DDF44C233552129 ] OS Selector D:\_maintenance\Acronis ADD 11\OSS\reinstall_svc.exe
16:14:28.0687 5228 OS Selector - ok
16:14:28.0812 5228 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
16:14:29.0156 5228 ose - ok
16:14:29.0984 5228 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\drivers\Parport.sys
16:14:30.0468 5228 Parport - ok
16:14:30.0796 5228 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
16:14:31.0015 5228 PartMgr - ok
16:14:31.0312 5228 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
16:14:31.0890 5228 ParVdm - ok
16:14:32.0031 5228 pccsmcfd - ok
16:14:32.0062 5228 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
16:14:33.0000 5228 PCI - ok
16:14:33.0250 5228 PCIDump - ok
16:14:33.0281 5228 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
16:14:33.0562 5228 PCIIde - ok
16:14:34.0062 5228 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
16:14:34.0453 5228 Pcmcia - ok
16:14:34.0531 5228 PDCOMP - ok
16:14:34.0562 5228 [ 5BC43398DD26836739C4C030767031B7 ] PDFProFiltSrvPP D:\Programme\Nuance Paperport 14\PaperPort\PDFProFiltSrvPP.exe
16:14:34.0625 5228 PDFProFiltSrvPP - ok
16:14:34.0656 5228 PDFRAME - ok
16:14:34.0671 5228 PDRELI - ok
16:14:34.0687 5228 PDRFRAME - ok
16:14:34.0703 5228 perc2 - ok
16:14:34.0718 5228 perc2hib - ok
16:14:35.0468 5228 [ F0A7D59AF279326528715B206669B86C ] PlugPlay C:\WINDOWS\system32\services.exe
16:14:35.0562 5228 PlugPlay - ok
16:14:35.0953 5228 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
16:14:36.0250 5228 PolicyAgent - ok
16:14:36.0281 5228 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:14:36.0453 5228 PptpMiniport - ok
16:14:36.0859 5228 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
16:14:37.0265 5228 Processor - ok
16:14:37.0359 5228 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
16:14:38.0015 5228 PSched - ok
16:14:38.0390 5228 [ 68B57D7C11277EA89F78255480376B4D ] PSI C:\WINDOWS\system32\DRIVERS\psi_mf_x86.sys
16:14:38.0468 5228 PSI - ok
16:14:38.0656 5228 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:14:38.0828 5228 Ptilink - ok
16:14:38.0968 5228 ql1080 - ok
16:14:38.0984 5228 Ql10wnt - ok
16:14:39.0000 5228 ql12160 - ok
16:14:39.0015 5228 ql1240 - ok
16:14:39.0031 5228 ql1280 - ok
16:14:39.0046 5228 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:14:39.0296 5228 RasAcd - ok
16:14:39.0734 5228 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
16:14:39.0968 5228 RasAuto - ok
16:14:40.0109 5228 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:14:40.0343 5228 Rasl2tp - ok
16:14:40.0859 5228 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
16:14:41.0343 5228 RasMan - ok
16:14:41.0640 5228 [ 2C9D4620A0FD35DE1828370B392F6E2D ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:14:41.0718 5228 RasPppoe - ok
16:14:41.0796 5228 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
16:14:42.0031 5228 Raspti - ok
16:14:43.0265 5228 [ 77050C6615F6EB5402F832B27FD695E0 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:14:44.0062 5228 Rdbss - ok
16:14:44.0406 5228 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:14:44.0562 5228 RDPCDD - ok
16:14:44.0609 5228 [ C694A927EB7C354F7AE97955043A9641 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:14:44.0765 5228 rdpdr - ok
16:14:45.0281 5228 [ C7D9BC54354B8C706ABF172D48313F1B ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
16:14:45.0375 5228 RDPWD - ok
16:14:46.0890 5228 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
16:14:47.0593 5228 RDSessMgr - ok
16:14:48.0062 5228 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
16:14:48.0703 5228 redbook - ok
16:14:48.0750 5228 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
16:14:50.0281 5228 RemoteAccess - ok
16:14:50.0593 5228 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
16:14:51.0031 5228 RemoteRegistry - ok
16:14:52.0265 5228 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
16:14:52.0750 5228 ROOTMODEM - ok
16:14:52.0953 5228 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
16:14:53.0125 5228 RpcLocator - ok
16:14:53.0343 5228 [ D3D765E8455A961AE567B408F767D4F9 ] RpcSs C:\WINDOWS\system32\rpcss.dll
16:14:53.0500 5228 RpcSs - ok
16:14:53.0593 5228 [ 743D7D59767073A617B1DCC6C546F234 ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
16:14:53.0781 5228 rspndr - ok
16:14:53.0968 5228 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
16:14:54.0078 5228 RSVP - ok
16:14:54.0500 5228 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
16:14:54.0734 5228 SamSs - ok
16:14:54.0781 5228 [ 230FD3749904CA045EA5EC0AA14006E9 ] SANDRA D:\_info\SiSoftware Sandra Lite 2013.SP4\WNt500x86\Sandra.sys
16:14:54.0906 5228 SANDRA - ok
16:14:55.0421 5228 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
16:14:55.0640 5228 SCardSvr - ok
16:14:55.0765 5228 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
16:14:55.0984 5228 Schedule - ok
16:14:56.0171 5228 [ 95AA9E165C7DE1B64A11E8B18E91E499 ] SDScannerService D:\_security\Spybot - Search & Destroy 2\SDFSSvc.exe
16:14:56.0437 5228 SDScannerService - ok
16:14:56.0890 5228 [ D31398D4BB4907B517B6E784C2100C4A ] SDUpdateService D:\_security\Spybot - Search & Destroy 2\SDUpdSvc.exe
16:14:57.0109 5228 SDUpdateService - ok
16:14:57.0171 5228 [ 6AE8E702D1027A9627DDE2B77BB9992B ] SDWSCService D:\_security\Spybot - Search & Destroy 2\SDWSCSvc.exe
16:14:57.0406 5228 SDWSCService - ok
16:14:57.0453 5228 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:14:57.0703 5228 Secdrv - ok
16:14:57.0921 5228 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
16:14:58.0171 5228 seclogon - ok
16:14:58.0687 5228 [ 86C9FD4982D0BEAEDF0C8BBF02AA148B ] Secunia PSI Agent D:\_security\PSI 2.x\PSIA.exe
16:14:58.0968 5228 Secunia PSI Agent - ok
16:14:59.0031 5228 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
16:14:59.0234 5228 SENS - ok
16:14:59.0437 5228 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\drivers\Serial.sys
16:14:59.0671 5228 Serial - ok
16:14:59.0812 5228 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
16:15:00.0015 5228 Sfloppy - ok
16:15:00.0062 5228 [ 65746507B64818A0DBAF7607C0D07C54 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
16:15:00.0156 5228 SharedAccess - ok
16:15:00.0359 5228 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:15:00.0484 5228 ShellHWDetection - ok
16:15:00.0593 5228 Simbad - ok
16:15:00.0625 5228 [ 43DC393F21345B6DE59517BD27E2B10F ] SIVDriver C:\WINDOWS\system32\Drivers\SIVX32.sys
16:15:00.0687 5228 SIVDriver - ok
16:15:00.0750 5228 [ 851310C1B742D2DF2D334603836FFDF5 ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys
16:15:00.0812 5228 snapman - ok
16:15:00.0937 5228 [ FF35C2D01AC36B446A1B997F305F0FC2 ] Soluto C:\WINDOWS\system32\DRIVERS\Soluto.sys
16:15:01.0015 5228 Soluto - ok
16:15:01.0046 5228 [ 64853507E75D5DCA9F2CD5BEDD672A3D ] SolutoLauncherService C:\Programme\Soluto\SolutoLauncherService.exe
16:15:01.0203 5228 SolutoLauncherService - ok
16:15:01.0281 5228 SolutoRemoteService - ok
16:15:01.0375 5228 [ 350BA5FDCE5D9C6BEE0312955D0DE1C8 ] SolutoService C:\Programme\Soluto\SolutoService.exe
16:15:01.0578 5228 SolutoService - ok
16:15:01.0593 5228 Sparrow - ok
16:15:01.0609 5228 [ DC8D2952FB6FFBAEC67BD1B93A34DF11 ] speedfan C:\WINDOWS\system32\speedfan.sys
16:15:01.0671 5228 speedfan - ok
16:15:01.0687 5228 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
16:15:01.0843 5228 splitter - ok
16:15:01.0953 5228 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
16:15:02.0015 5228 Spooler - ok
16:15:02.0125 5228 [ 8494B173DD812F7F6A87F2385E444B18 ] SpyHunter 4 Service C:\PROGRA~1\Enigma Software Group\SpyHunter\SH4Service.exe
16:15:02.0375 5228 SpyHunter 4 Service - ok
16:15:02.0484 5228 [ 7B426B8E809EDF081D771EF429345528 ] sp_rsdrv2 C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
16:15:02.0531 5228 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - warning
16:15:02.0531 5228 sp_rsdrv2 - detected UnsignedFile.Multi.Generic (1)
16:15:02.0562 5228 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
16:15:02.0718 5228 sr - ok
16:15:02.0734 5228 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
16:15:02.0843 5228 srservice - ok
16:15:02.0859 5228 [ 9B390283569EA58D43D2586032B892F5 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
16:15:02.0953 5228 Srv - ok
16:15:03.0046 5228 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
16:15:03.0171 5228 SSDPSRV - ok
16:15:03.0218 5228 [ 9CB7C63FD9D5AE484E318F9296279C52 ] ST2012_Svc C:\Programme\Spyware Terminator\st_rsser.exe
16:15:03.0484 5228 ST2012_Svc - ok
16:15:03.0593 5228 [ E57B778208C783D8DEBAB320C16A1B82 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys
16:15:03.0656 5228 StarOpen ( UnsignedFile.Multi.Generic ) - warning
16:15:03.0656 5228 StarOpen - detected UnsignedFile.Multi.Generic (1)
16:15:03.0703 5228 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
16:15:03.0953 5228 stisvc - ok
16:15:03.0984 5228 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
16:15:04.0218 5228 swenum - ok
16:15:04.0250 5228 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
16:15:04.0437 5228 swmidi - ok
16:15:04.0500 5228 SwPrv - ok
16:15:04.0515 5228 symc810 - ok
16:15:04.0531 5228 symc8xx - ok
16:15:04.0546 5228 sym_hi - ok
16:15:04.0562 5228 sym_u3 - ok
16:15:04.0796 5228 [ A214C8AA6A6C06C9DBAB1310E38DAB4A ] syncagentsrv C:\Programme\Gemeinsame Dateien\Acronis\SyncAgent\syncagentsrv.exe
16:15:05.0562 5228 syncagentsrv - ok
16:15:05.0625 5228 [ EF13D05B6F4C629D7A6D3E9B94F10E99 ] Synergy D:\_improve system\Synergy\synergyd.exe
16:15:05.0703 5228 Synergy - ok
16:15:05.0734 5228 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
16:15:05.0921 5228 sysaudio - ok
16:15:06.0000 5228 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
16:15:06.0171 5228 SysmonLog - ok
16:15:06.0296 5228 [ 7EAEF49D206899909EB63014FC8DC19A ] SystemExplorerHelpService D:\_improve system\System Explorer\service\SystemExplorerService.exe
16:15:06.0625 5228 SystemExplorerHelpService - ok
16:15:06.0812 5228 [ 5C7C939BBD03784FE58C80578D065CC9 ] tap0901 C:\WINDOWS\system32\DRIVERS\tap0901.sys
16:15:06.0906 5228 tap0901 ( UnsignedFile.Multi.Generic ) - warning
16:15:06.0906 5228 tap0901 - detected UnsignedFile.Multi.Generic (1)
16:15:07.0140 5228 [ 6C02B5D856674ECCCE64CE8BB8DCE8D9 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
16:15:07.0218 5228 TapiSrv - ok
16:15:07.0312 5228 [ AD978A1B783B5719720CFF204B666C8E ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:15:07.0468 5228 Tcpip - ok
16:15:07.0546 5228 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
16:15:07.0718 5228 TDPIPE - ok
16:15:07.0859 5228 [ 6345E3829FD130A144454F9F5C2A3B9E ] tdrpman C:\WINDOWS\system32\DRIVERS\tdrpman.sys
16:15:08.0015 5228 tdrpman - ok
16:15:08.0062 5228 [ C0578456F29E5F26285F81B7B71FE57D ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
16:15:08.0156 5228 TDTCP - ok
16:15:08.0390 5228 [ 402794A75A899E296AB3EDEC4ECCB9A8 ] TeamViewer8 C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe
16:15:09.0625 5228 TeamViewer8 - ok
16:15:09.0640 5228 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
16:15:09.0796 5228 TermDD - ok
16:15:09.0937 5228 [ 3AE5A27A6A16640BE3FC015DF4DB68DE ] TermService C:\WINDOWS\System32\termsrv.dll
16:15:10.0031 5228 TermService - ok
16:15:10.0062 5228 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
16:15:10.0156 5228 Themes - ok
16:15:10.0187 5228 [ A8C31102F448231596168FFC9F568B9A ] tib_mounter C:\WINDOWS\system32\DRIVERS\tib_mounter.sys
16:15:10.0359 5228 tib_mounter - ok
16:15:10.0406 5228 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
16:15:10.0531 5228 TlntSvr - ok
16:15:10.0546 5228 [ A31246180E61140AD7FF9DD7EDF1F6A1 ] tmcomm C:\WINDOWS\system32\drivers\tmcomm.sys
16:15:10.0671 5228 tmcomm - ok
16:15:10.0781 5228 TosIde - ok
16:15:10.0828 5228 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
16:15:11.0078 5228 TrkWks - ok
16:15:11.0187 5228 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
16:15:11.0375 5228 Udfs - ok
16:15:11.0546 5228 [ 048835A65968E9EA872130AEAA727DED ] uigxrdr C:\WINDOWS\system32\DRIVERS\uigxrdr.sys
16:15:12.0265 5228 uigxrdr ( UnsignedFile.Multi.Generic ) - warning
16:15:12.0265 5228 uigxrdr - detected UnsignedFile.Multi.Generic (1)
16:15:12.0312 5228 ultra - ok
16:15:12.0343 5228 [ BB879DCFD22926EFBEB3298129898CBB ] UnlockerDriver5 D:\_filemanagement\Unlocker\UnlockerDriver5.sys
16:15:12.0781 5228 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - warning
16:15:12.0781 5228 UnlockerDriver5 - detected UnsignedFile.Multi.Generic (1)
16:15:12.0828 5228 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
16:15:13.0156 5228 Update - ok
16:15:13.0265 5228 [ 325FB38C323C63C7F57885B4DFB1B91E ] UPHClean D:\_maintenance\UPHClean\uphclean.exe
16:15:13.0765 5228 UPHClean ( UnsignedFile.Multi.Generic ) - warning
16:15:13.0765 5228 UPHClean - detected UnsignedFile.Multi.Generic (1)
16:15:13.0812 5228 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
16:15:14.0234 5228 upnphost - ok
16:15:14.0296 5228 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
16:15:14.0812 5228 UPS - ok
16:15:14.0828 5228 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
16:15:15.0406 5228 usbaudio - ok
16:15:15.0421 5228 [ C18D6C74953621346DF6B0A11F80C1CC ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:15:15.0609 5228 usbccgp - ok
16:15:15.0640 5228 [ 52674B5DBEE499342A599C7771ABECAA ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:15:15.0703 5228 usbehci - ok
16:15:15.0781 5228 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:15:16.0171 5228 usbhub - ok
16:15:16.0312 5228 [ C5E11CD822ADF0019A5A862D9C4E2222 ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
16:15:16.0859 5228 usbohci - ok
16:15:18.0031 5228 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
16:15:18.0250 5228 usbprint - ok
16:15:18.0468 5228 [ 1D8BA46A4F57234597DAA834FDDBFB84 ] USBSafelyRemoveService D:\_improve system\USB Safely Remove 5.1.2\USBSRService.exe
16:15:19.0421 5228 USBSafelyRemoveService - ok
16:15:19.0687 5228 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:15:20.0187 5228 usbscan - ok
16:15:20.0640 5228 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:15:21.0000 5228 USBSTOR - ok
16:15:21.0171 5228 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:15:21.0390 5228 usbuhci - ok
16:15:21.0546 5228 [ 200847985E963EA9634C1B81A21A4DA6 ] VBoxDrv C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
16:15:21.0656 5228 VBoxDrv - ok
16:15:21.0890 5228 [ 2A29B5D722D6B7F688507393E5D4166B ] VBoxNetAdp C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys
16:15:22.0046 5228 VBoxNetAdp - ok
16:15:22.0140 5228 [ 40458859BA17FC8ACBFEB65A967363E4 ] VBoxNetFlt C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys
16:15:22.0781 5228 VBoxNetFlt - ok
16:15:23.0062 5228 [ A714B5E3AF7F9C54D6D4F4C1F3DD574A ] VBoxUSB C:\WINDOWS\system32\Drivers\VBoxUSB.sys
16:15:23.0687 5228 VBoxUSB - ok
16:15:23.0921 5228 [ E973E67E29344A198FB17351C5CD9320 ] VBoxUSBMon C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
16:15:24.0109 5228 VBoxUSBMon - ok
16:15:24.0125 5228 [ B252DD05C8B1D64239EE8A93C4BC5AD4 ] VClone C:\WINDOWS\system32\DRIVERS\VClone.sys
16:15:24.0171 5228 VClone ( UnsignedFile.Multi.Generic ) - warning
16:15:24.0171 5228 VClone - detected UnsignedFile.Multi.Generic (1)
16:15:24.0203 5228 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
16:15:24.0375 5228 VgaSave - ok
16:15:24.0390 5228 ViaIde - ok
16:15:24.0484 5228 [ 26B75DCB58B006867EFD659E845CD65E ] vididr C:\WINDOWS\system32\DRIVERS\vididr.sys
16:15:24.0718 5228 vididr - ok
16:15:24.0765 5228 [ 40AFA68F81F90636D1300099E9CFC8CE ] vidsflt C:\WINDOWS\system32\DRIVERS\vidsflt.sys
16:15:24.0859 5228 vidsflt - ok
16:15:24.0921 5228 [ F714D4F456A6B91212966B3CA19F720C ] vkservice D:\_security\VirusKeeper 2011 Pro Probeversion\vk_service.exe
16:15:25.0234 5228 vkservice - ok
16:15:25.0531 5228 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
16:15:25.0875 5228 VolSnap - ok
16:15:26.0343 5228 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
16:15:26.0453 5228 VSS - ok
16:15:26.0531 5228 [ C0F55CC0903CFDC819F6D857402B697C ] vulfnths C:\WINDOWS\System32\Drivers\vulfnth.sys
16:15:26.0656 5228 vulfnths ( UnsignedFile.Multi.Generic ) - warning
16:15:26.0656 5228 vulfnths - detected UnsignedFile.Multi.Generic (1)
16:15:27.0046 5228 [ 545D98A7F61AF1C7C4AD38B8F333E0B7 ] vulfntrs C:\WINDOWS\System32\Drivers\vulfntr.sys
16:15:27.0140 5228 vulfntrs ( UnsignedFile.Multi.Generic ) - warning
16:15:27.0140 5228 vulfntrs - detected UnsignedFile.Multi.Generic (1)
16:15:27.0343 5228 [ E2E2D6B1C3BA607E297C26139CB4AA58 ] W32Time C:\WINDOWS\system32\w32time.dll
16:15:27.0437 5228 W32Time - ok
16:15:27.0500 5228 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:15:27.0718 5228 Wanarp - ok
16:15:28.0000 5228 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
16:15:28.0296 5228 Wdf01000 - ok
16:15:28.0859 5228 WDICA - ok
16:15:28.0875 5228 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
16:15:29.0234 5228 wdmaud - ok
16:15:29.0593 5228 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
16:15:29.0812 5228 WebClient - ok
16:15:29.0875 5228 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
16:15:30.0046 5228 winmgmt - ok
16:15:30.0421 5228 [ F10075C2EC96D2EB118012E78ECE2FC2 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
16:15:30.0656 5228 WinRM - ok
16:15:30.0718 5228 [ FD600B032E741EB6AAB509FC630F7C42 ] WinUSB C:\WINDOWS\system32\DRIVERS\WinUSB.sys
16:15:30.0843 5228 WinUSB - ok
16:15:30.0906 5228 [ A7C993F86BE5AF035DE06DF9160D7008 ] WiseBootAssistant D:\_tweak\Wise Care 365\BootTime.exe
16:15:31.0078 5228 WiseBootAssistant - ok
16:15:31.0203 5228 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
16:15:31.0312 5228 WmdmPmSN - ok
16:15:31.0390 5228 [ 54F2088EF92BA975E3147C417EE0E0C3 ] Wmi C:\WINDOWS\System32\advapi32.dll
16:15:31.0578 5228 Wmi - ok
16:15:31.0609 5228 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
16:15:31.0968 5228 WmiApSrv - ok
16:15:32.0015 5228 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
16:15:32.0125 5228 WMPNetworkSvc - ok
16:15:32.0156 5228 [ 017695393AFFFED8DE58ABD1B085BE6D ] WMZuneComm D:\_hardware\Zune - Nokia 800\WMZuneComm.exe
16:15:32.0296 5228 WMZuneComm - ok
16:15:33.0125 5228 [ 120F3B596F79FC990B7D808857A8B3BC ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:15:33.0265 5228 WPFFontCache_v0400 - ok
16:15:33.0312 5228 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
16:15:33.0468 5228 wscsvc - ok
16:15:33.0703 5228 [ AAE1A6FFBA2B0436E91795120F48C461 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
16:15:33.0812 5228 wuauserv - ok
16:15:34.0359 5228 [ EAA6324F51214D2F6718977EC9CE0DEF ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:15:34.0421 5228 WudfPf - ok
16:15:34.0468 5228 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
16:15:34.0546 5228 WudfRd - ok
16:15:34.0609 5228 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
16:15:34.0687 5228 WudfSvc - ok
16:15:34.0843 5228 [ DEE347DC347C633AA04E2FDA8AF332CC ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
16:15:35.0093 5228 WZCSVC - ok
16:15:35.0109 5228 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
16:15:35.0343 5228 xmlprov - ok
16:15:35.0375 5228 [ 87F126D0F8DC176B282924DF0417075E ] yukonwxp C:\WINDOWS\system32\DRIVERS\yk51x86.sys
16:15:35.0468 5228 yukonwxp - ok
16:15:35.0531 5228 [ AE279CD76B38FC079EEC3CA6D65A5926 ] zumbus C:\WINDOWS\system32\DRIVERS\zumbus.sys
16:15:35.0625 5228 zumbus - ok
16:15:35.0843 5228 [ 37F339B64F19E2775284ED7161B96683 ] ZuneBusEnum D:\_hardware\Zune - Nokia 800\ZuneBusEnum.exe
16:15:35.0921 5228 ZuneBusEnum - ok
16:15:36.0125 5228 [ 1076DF9ADE4E13EA3BF39D2165AEB903 ] ZuneNetworkSvc D:\_hardware\Zune - Nokia 800\ZuneNss.exe
16:15:37.0375 5228 ZuneNetworkSvc - ok
16:15:38.0000 5228 [ DE1CDB333A402B279F04D627122FA08E ] ZuneWlanCfgSvc D:\_hardware\Zune - Nokia 800\ZuneWlanCfgSvc.exe
16:15:38.0218 5228 ZuneWlanCfgSvc - ok
16:15:38.0343 5228 ================ Scan global ===============================
16:15:38.0390 5228 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
16:15:38.0406 5228 [ 935B583E1E780BDB75718EAFD9667366 ] C:\WINDOWS\system32\winsrv.dll
16:15:38.0421 5228 [ 935B583E1E780BDB75718EAFD9667366 ] C:\WINDOWS\system32\winsrv.dll
16:15:38.0562 5228 [ F0A7D59AF279326528715B206669B86C ] C:\WINDOWS\system32\services.exe
16:15:38.0578 5228 [Global] - ok
16:15:38.0765 5228 ================ Scan MBR ==================================
16:15:38.0812 5228 [ 3E4114A2BACAE892982C85C4DD4DEB37 ] \Device\Harddisk1\DR1
16:15:39.0453 5228 \Device\Harddisk1\DR1 - ok
16:15:39.0453 5228 [ 8726B7B9EF886270DBDDBBDA1C4F3288 ] \Device\Harddisk2\DR2
16:15:39.0562 5228 \Device\Harddisk2\DR2 - ok
16:15:39.0609 5228 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk3\DR3
16:15:40.0140 5228 \Device\Harddisk3\DR3 - ok
16:15:40.0171 5228 [ A6E521BDA384C6B28CA63A1F6BC15630 ] \Device\Harddisk4\DR16
16:15:41.0078 5228 \Device\Harddisk4\DR16 - ok
16:15:41.0312 5228 [ 4E800BC56057CADF2FCDFC8F093595DC ] \Device\Harddisk5\DR18
16:15:41.0437 5228 \Device\Harddisk5\DR18 - ok
16:15:41.0437 5228 ================ Scan VBR ==================================
16:15:41.0484 5228 [ 5F37297695F57CB0DCA4AA92421774F1 ] \Device\Harddisk1\DR1\Partition1
16:15:41.0484 5228 \Device\Harddisk1\DR1\Partition1 - ok
16:15:41.0531 5228 [ DECB7FCF2A7FB4EE1AD70905ABEB803F ] \Device\Harddisk2\DR2\Partition1
16:15:41.0531 5228 \Device\Harddisk2\DR2\Partition1 - ok
16:15:41.0578 5228 [ A1E9F76B1DEF1B25A58EB8F8E39E2FF1 ] \Device\Harddisk2\DR2\Partition2
16:15:41.0593 5228 \Device\Harddisk2\DR2\Partition2 - ok
16:15:41.0625 5228 [ ACF26D8E903C6D0E7DE674C7C95CB536 ] \Device\Harddisk2\DR2\Partition3
16:15:41.0625 5228 \Device\Harddisk2\DR2\Partition3 - ok
16:15:41.0625 5228 [ E9D00B83F72052EEBD7085319B2809C9 ] \Device\Harddisk2\DR2\Partition4
16:15:41.0640 5228 \Device\Harddisk2\DR2\Partition4 - ok
16:15:41.0671 5228 [ 69BBF11388EEC996391A7EF5C88F00D4 ] \Device\Harddisk3\DR3\Partition1
16:15:41.0687 5228 \Device\Harddisk3\DR3\Partition1 - ok
16:15:41.0687 5228 [ 1BCE5FAD044C85E69B9A2A0DA894A510 ] \Device\Harddisk3\DR3\Partition2
16:15:41.0687 5228 \Device\Harddisk3\DR3\Partition2 - ok
16:15:41.0718 5228 [ 857215B03D76075F3480FAB465BC1BF6 ] \Device\Harddisk4\DR16\Partition1
16:15:41.0734 5228 \Device\Harddisk4\DR16\Partition1 - ok
16:15:41.0765 5228 [ 01DBB0202DBD4285C00DF65596BBDFFE ] \Device\Harddisk5\DR18\Partition1
16:15:41.0781 5228 \Device\Harddisk5\DR18\Partition1 - ok
16:15:41.0843 5228 ============================================================
16:15:41.0843 5228 Scan finished
16:15:41.0843 5228 ============================================================
16:15:42.0078 6128 Detected object count: 22
16:15:42.0078 6128 Actual detected object count: 22
16:16:04.0890 6128 Aspi32 ( UnsignedFile.Multi.Generic ) - skipped by user
16:16:04.0890 6128 Aspi32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:16:04.0890 6128 BANTExt ( UnsignedFile.Multi.Generic ) - skipped by user
16:16:04.0890 6128 BANTExt ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:16:04.0890 6128 BrScnUsb ( UnsignedFile.Multi.Generic ) - skipped by user
16:16:04.0890 6128 BrScnUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:16:04.0906 6128 BWMeterConSvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:16:04.0906 6128 BWMeterConSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:16:04.0937 6128 CachemanXPService ( UnsignedFile.Multi.Generic ) - skipped by user
16:16:04.0937 6128 CachemanXPService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:16:04.0937 6128 DfSdkS ( UnsignedFile.Multi.Generic ) - skipped by user
16:16:04.0937 6128 DfSdkS ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:16:04.0953 6128 drhard ( UnsignedFile.Multi.Generic ) - skipped by user
16:16:04.0953 6128 drhard ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:16:04.0953 6128 dsnpfd ( UnsignedFile.Multi.Generic ) - skipped by user
16:16:04.0953 6128 dsnpfd ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:16:04.0953 6128 dsnpfdMP ( UnsignedFile.Multi.Generic ) - skipped by user
16:16:04.0953 6128 dsnpfdMP ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:16:04.0968 6128 FlashFolder ( UnsignedFile.Multi.Generic ) - skipped by user
16:16:04.0968 6128 FlashFolder ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:16:04.0968 6128 giveio ( UnsignedFile.Multi.Generic ) - skipped by user
16:16:04.0968 6128 giveio ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:16:04.0984 6128 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
16:16:04.0984 6128 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:16:04.0984 6128 nvata ( UnsignedFile.Multi.Generic ) - skipped by user
16:16:04.0984 6128 nvata ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:16:04.0984 6128 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - skipped by user
16:16:04.0984 6128 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:16:05.0000 6128 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
16:16:05.0000 6128 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:16:05.0000 6128 tap0901 ( UnsignedFile.Multi.Generic ) - skipped by user
16:16:05.0000 6128 tap0901 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:16:05.0000 6128 uigxrdr ( UnsignedFile.Multi.Generic ) - skipped by user
16:16:05.0000 6128 uigxrdr ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:16:05.0000 6128 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - skipped by user
16:16:05.0000 6128 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:16:05.0015 6128 UPHClean ( UnsignedFile.Multi.Generic ) - skipped by user
16:16:05.0015 6128 UPHClean ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:16:05.0031 6128 VClone ( UnsignedFile.Multi.Generic ) - skipped by user
16:16:05.0031 6128 VClone ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:16:05.0031 6128 vulfnths ( UnsignedFile.Multi.Generic ) - skipped by user
16:16:05.0031 6128 vulfnths ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:16:05.0031 6128 vulfntrs ( UnsignedFile.Multi.Generic ) - skipped by user
16:16:05.0031 6128 vulfntrs ( UnsignedFile.Multi.Generic ) - User select action: Skip
GMER: braucht auch ewig, kommt noch aswMBR.exe Download dauert noch 50 Minuten, kommt später.... Vielen herzlichen Dank fürs Lesen und Antworten! Elmar Geändert von Eule69 (29.07.2013 um 15:16 Uhr) Grund: weitere Infos |
|
29.07.2013, 14:52
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Immer wieder Abstürze einfach so - WIN XP SP3 Hallo und
__________________  Lesestoff:Bitte keine Hijackthis-Logfiles posten!!! Zitat:
Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die jemals fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten! Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
29.07.2013, 15:24
| #3 |
| | Immer wieder Abstürze einfach so - WIN XP SP3 Und nochn Scan, weoiße nicht von wem:
__________________Code:
ATTFilter QuickScan 32-bit v0.9.9.131
---------------------------
Überprüfungsdatum: Mon Jul 29 15:25:18 2013
Computer ID: C87F518A
Keine Infizierungen gefunden.
-----------------------------
Prozesse
--------
(unsigniert) aborange Scheduler 3432 D:\_improve system\aborange Scheduler\aboScheduler.exe
(unsigniert) allSnap 2820 Q:\_easywork\allsnap150beta\allsnap.exe
(unsigniert) CachemanXP - controls File Cache and re 896 D:\_faster\CachemanXP\CachemanXP.exe
(unsigniert) Everything 1044 R:\_easywork\Everything\Everything.exe
(unsigniert) FreePDF_Assistant 4908 C:\Programme\FreePDF_XP\fpassist.exe
(unsigniert) HijackThis 628 E:\_ dropbox _\Dropbox\_ install new\__new\HiJackThis204.exe
(unsigniert) Launchy.exe 3188 C:\Programme\Launchy\Launchy.exe
(unsigniert) MultiMon Application 3952 D:\_improve system\MMTaskbar 3.0\MultiMon.exe
(unsigniert) TweakRAM 2960 C:\Programme\TweakRAM\TweakRAM.exe
(unsigniert) WebTemp 2776 C:\Programme\WebTemp\WebTemp.exe
(unsigniert) WindowManager 2052 D:\_improve system\WindowManager\WindowManager.exe
(unsigniert) WinSplit Revolution 3176 Q:\_easywork\WinSplit Revolution\WinSplit.exe
(unsigniert) WinSplit Revolution 2900 Q:\_easywork\WinSplit Revolution\WinSplitDrvr32.exe
(verifiziert) Acronis Scheduler 2 700 C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
(verifiziert) Acronis Scheduler Helper 5580 C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe
(verifiziert) Acronis Sync Agent 2264 C:\Programme\Gemeinsame Dateien\Acronis\SyncAgent\syncagentsrv.exe
(verifiziert) Acronis Tib Mounter 5132 C:\Programme\Gemeinsame Dateien\Acronis\TibMounter\TibMounterMonitor.exe
(verifiziert) AnVir Task Manager Pro 2108 Q:\_system improve\Anvir TaskManager Pro\AnVir.exe
(verifiziert) ArchiCrypt Ultimate RAM-Disk 844 C:\WINDOWS\system32\ACRAMDiskHandlerService32RD3.exe
(verifiziert) AutoHotkey 2560 D:\_easywork\activeaid\AutoHotkey\AutoHotkey.exe
(verifiziert) Avira DE-Cleaner 5332 R:\z_temp\decleaner\decleaner\setup\decleaner.exe
(verifiziert) Betriebssystem Microsoft® Windows® 4296 C:\WINDOWS\explorer.exe
(verifiziert) Betriebssystem Microsoft® Windows® 3444 C:\WINDOWS\explorer.exe
(verifiziert) Betriebssystem Microsoft® Windows® 2780 C:\WINDOWS\system32\mmc.exe
(verifiziert) Betriebssystem Microsoft® Windows® 3232 C:\WINDOWS\system32\rundll32.exe
(verifiziert) Betriebssystem Microsoft® Windows® 1476 C:\WINDOWS\system32\services.exe
(verifiziert) Betriebssystem Microsoft® Windows® 1012 C:\WINDOWS\system32\smss.exe
(verifiziert) Betriebssystem Microsoft® Windows® 1716 C:\WINDOWS\system32\taskmgr.exe
(verifiziert) Betriebssystem Microsoft® Windows® 1412 C:\WINDOWS\system32\winlogon.exe
(verifiziert) CKeysCm.exe 2364 D:\_easywork\ComfortKeys\CKeysCm.exe
(verifiziert) Comfort Keys Pro 1660 D:\_easywork\ComfortKeys\CKeys.exe
(verifiziert) CPUID Hardware Monitor 2940 C:\Programme\WebTemp\HWMonitor32.exe
(verifiziert) DE-Cleaner powered by Avira 4992 R:\z_temp\decleaner\avwebloader.exe
(verifiziert) DE-Cleaner powered by Avira 4736 R:\z_temp\decleaner\decleaner\setup\avscan.exe
(verifiziert) DeskSave.exe 2788 D:\_backup\Desksave821\DeskSave.exe
(verifiziert) Dropbox 4644 C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Dropbox\bin\Dropbox.exe
(verifiziert) Emsisoft Anti-Malware 4372 C:\Programme\Emsisoft Anti-Malware\a2guard.exe
(verifiziert) Emsisoft Anti-Malware 6032 C:\Programme\Emsisoft Anti-Malware\a2service.exe
(verifiziert) Emsisoft Anti-Malware 3804 C:\Programme\Emsisoft Anti-Malware\a2start.exe
(verifiziert) Extensions for Windows 2252 D:\_improve system\Free Extended Task Manager\Extensions\TaskManager\ExtensionsTaskManager32.exe
(verifiziert) FlashFolder 1392 D:\_improve system\Flashfolder\FlashFolder.exe
(verifiziert) Google Chrome 5720 R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe
(verifiziert) Google Chrome 1684 R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe
(verifiziert) Google Chrome 1728 R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe
(verifiziert) Google Chrome 4016 R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe
(verifiziert) Google Chrome 2892 R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe
(verifiziert) Google Chrome 5120 R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe
(verifiziert) Google Chrome 5004 R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe
(verifiziert) Google Chrome 2808 R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe
(verifiziert) Google Chrome 5000 R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe
(verifiziert) Google Chrome 5196 R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe
(verifiziert) Google Chrome 2768 R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe
(verifiziert) Google Chrome 4888 R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe
(verifiziert) Google Chrome 4852 R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe
(verifiziert) Google Chrome 4768 R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe
(verifiziert) Google Chrome 4680 R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe
(verifiziert) Google Chrome 3600 R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe
(verifiziert) Google Chrome 5880 R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe
(verifiziert) Google Chrome Portable 3628 R:\GoogleChromePortable 28 final\GoogleChromePortable.exe
(verifiziert) Microsoft IntelliType Pro 2280 C:\Programme\Microsoft IntelliType Pro\itype.exe
(verifiziert) Microsoft Office 2003 5572 R:\Office 2003\OFFICE11\WINWORD.EXE
(verifiziert) Microsoft® Windows® Operating System 2236 C:\WINDOWS\system32\alg.exe
(verifiziert) Microsoft® Windows® Operating System 1380 C:\WINDOWS\system32\csrss.exe
(verifiziert) Microsoft® Windows® Operating System 2004 C:\WINDOWS\system32\locator.exe
(verifiziert) Microsoft® Windows® Operating System 1500 C:\WINDOWS\system32\lsass.exe
(verifiziert) Microsoft® Windows® Operating System 572 C:\WINDOWS\system32\spoolsv.exe
(verifiziert) Microsoft® Windows® Operating System 1880 C:\WINDOWS\system32\svchost.exe
(verifiziert) Microsoft® Windows® Operating System 1840 C:\WINDOWS\system32\svchost.exe
(verifiziert) Microsoft® Windows® Operating System 1052 C:\WINDOWS\system32\svchost.exe
(verifiziert) Microsoft® Windows® Operating System 1708 C:\WINDOWS\system32\svchost.exe
(verifiziert) Microsoft® Windows® Operating System 768 C:\WINDOWS\system32\svchost.exe
(verifiziert) Microsoft® Windows® Operating System 728 C:\WINDOWS\system32\svchost.exe
(verifiziert) Mouse without Borders 3524 C:\Programme\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe
(verifiziert) Mouse without Borders 3492 C:\Programme\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe
(verifiziert) Mouse Without Borders 3868 C:\Programme\Microsoft Garage\Mouse without Borders\MouseWithoutBordersHelper.exe
(verifiziert) Process Lasso core engine 3964 D:\_improve system\Process Lasso\ProcessGovernor.exe
(verifiziert) Process Lasso user interface 3900 D:\_improve system\Process Lasso\ProcessLasso.exe
(verifiziert) PTFBPro 3972 D:\_easywork\PTFB Pro\PTFBPro.exe
(verifiziert) RocketDock.exe 2800 D:\_improve system\RocketDock\RocketDock.exe
(verifiziert) Soluto 684 C:\Programme\Soluto\SolutoLauncherService.exe
(verifiziert) Soluto 3500 C:\Programme\Soluto\SolutoService.exe
(verifiziert) Stardock ObjectDock 3020 Q:\_easywork\ObjectDock\ObjectDock.exe
(verifiziert) System Explorer 3544 D:\_improve system\System Explorer\service\SystemExplorerService.exe
(verifiziert) System Explorer 2068 D:\_improve system\System Explorer\SystemExplorer.exe
(verifiziert) TaskSwitchXP 3384 Q:\_easywork\TaskSwitchXP\TaskSwitchXP.exe
(verifiziert) TimeLeft 1756 D:\_info\TimeLeft3\TimeLeft.exe
(verifiziert) Trend Micro iRobot 4668 R:\z_temp\HouseCall\housecall.bin
(verifiziert) xplorer² 2872 D:\_filemanagement\xplorer² pro\xplorer2_UC.exe
Netzwerkaktivität
-----------------
Vorgang MouseWithoutBorders.exe (3492) verbunden mit Anschluss 48000 --> 192.168.178.21
Vorgang MouseWithoutBorders.exe (3492) verbunden mit Anschluss 15101 --> 192.168.178.21
Vorgang Dropbox.exe (4644) verbunden mit Anschluss 80 (HTTP) --> 108.160.162.103
Vorgang Dropbox.exe (4644) verbunden mit Anschluss 443 (HTTP over SSL) --> 107.21.230.213
Vorgang housecall.bin (4668) verbunden mit Anschluss 80 (HTTP) --> 216.104.20.189
Vorgang chrome.exe (5196) verbunden mit Anschluss 80 (HTTP) --> 92.122.97.83
Vorgang chrome.exe (5196) verbunden mit Anschluss 80 (HTTP) --> 84.53.146.8
Vorgang chrome.exe (5196) verbunden mit Anschluss 80 (HTTP) --> 23.42.22.41
Vorgang chrome.exe (5196) verbunden mit Anschluss 80 (HTTP) --> 91.225.248.80
Vorgang chrome.exe (5196) verbunden mit Anschluss 443 (HTTP over SSL) --> 173.194.113.152
Vorgang chrome.exe (5196) verbunden mit Anschluss 80 (HTTP) --> 23.42.22.41
Vorgang chrome.exe (5196) verbunden mit Anschluss 80 (HTTP) --> 23.42.22.41
Vorgang chrome.exe (5196) verbunden mit Anschluss 5222 (XMPP/Jabber) --> 173.194.70.125
Vorgang chrome.exe (5196) verbunden mit Anschluss 443 (HTTP over SSL) --> 173.194.70.139
Vorgang chrome.exe (5196) verbunden mit Anschluss 80 (HTTP) --> 23.42.22.41
Vorgang chrome.exe (5196) verbunden mit Anschluss 80 (HTTP) --> 23.42.22.41
Vorgang chrome.exe (5196) verbunden mit Anschluss 80 (HTTP) --> 84.53.146.76
Vorgang chrome.exe (5196) verbunden mit Anschluss 80 (HTTP) --> 84.53.146.8
Vorgang chrome.exe (5196) verbunden mit Anschluss 443 (HTTP over SSL) --> 88.221.6.110
Vorgang chrome.exe (5196) verbunden mit Anschluss 80 (HTTP) --> 84.53.146.8
Vorgang chrome.exe (5196) verbunden mit Anschluss 80 (HTTP) --> 23.42.22.41
Vorgang chrome.exe (5196) verbunden mit Anschluss 80 (HTTP) --> 23.42.22.41
Vorgang chrome.exe (5196) verbunden mit Anschluss 80 (HTTP) --> 23.42.22.41
Vorgang chrome.exe (5196) verbunden mit Anschluss 80 (HTTP) --> 84.53.146.8
Vorgang chrome.exe (5196) verbunden mit Anschluss 80 (HTTP) --> 23.42.22.41
Vorgang chrome.exe (5196) verbunden mit Anschluss 80 (HTTP) --> 84.53.146.8
Vorgang chrome.exe (5196) verbunden mit Anschluss 80 (HTTP) --> 84.53.146.8
Vorgang chrome.exe (5196) verbunden mit Anschluss 80 (HTTP) --> 23.42.20.211
Vorgang chrome.exe (5196) verbunden mit Anschluss 80 (HTTP) --> 23.42.22.41
Vorgang chrome.exe (5196) verbunden mit Anschluss 80 (HTTP) --> 23.42.22.41
Vorgang chrome.exe (5196) verbunden mit Anschluss 80 (HTTP) --> 23.42.22.41
Vorgang chrome.exe (5196) verbunden mit Anschluss 80 (HTTP) --> 23.42.22.41
Vorgang chrome.exe (5196) verbunden mit Anschluss 80 (HTTP) --> 92.123.179.139
Vorgang chrome.exe (5196) verbunden mit Anschluss 80 (HTTP) --> 23.42.22.41
Vorgang chrome.exe (5196) verbunden mit Anschluss 80 (HTTP) --> 173.194.70.154
Vorgang chrome.exe (5196) verbunden mit Anschluss 443 (HTTP over SSL) --> 173.194.70.132
Vorgang svchost.exe (1840) kontrolliert die Anschlüsse: 135 (RPC)
Vorgang MouseWithoutBorders.exe (3492) kontrolliert die Anschlüsse: 15100
Autoruns und kritische Dateien
------------------------------
(verifiziert) Adobe® Flash® Player Update Service C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
(unsigniert) AMD Dual-Core Optimizer D:\_hardware\AMD Dual Core optimizer 1.1.4\amd_dc_opt.exe
(verifiziert) Betriebssystem Microsoft® Windows® C:\WINDOWS\system32\crypt32.dll
(verifiziert) Glary Utilities 3 D:\_tweak\Glary Utilities 3\Initialize.exe
(verifiziert) Logitech SetPoint C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTWLgn.dll
(verifiziert) nwiz.exe C:\Programme\NVIDIA Corporation\nview\nwiz.exe
(verifiziert) Soluto c:\programme\soluto\soluto.exe
(unsigniert) WindowManager D:\_improve system\WindowManager\WindowManager.exe
(unsigniert) MultiMon Application D:\_improve system\MMTaskbar 3.0\MultiMon.exe
(unsigniert) XP Services Optimizer C:\WINDOWS\system32\WebUpdate.exe
(verifiziert) Betriebssystem Microsoft® Windows® C:\WINDOWS\system32\browseui.dll
(verifiziert) Betriebssystem Microsoft® Windows® C:\WINDOWS\system32\cscdll.dll
(verifiziert) Betriebssystem Microsoft® Windows® C:\WINDOWS\system32\logon.scr
(verifiziert) Betriebssystem Microsoft® Windows® C:\WINDOWS\system32\logonui.exe
(verifiziert) Betriebssystem Microsoft® Windows® C:\WINDOWS\system32\sclgntfy.dll
(verifiziert) Betriebssystem Microsoft® Windows® C:\WINDOWS\system32\shell32.dll
(verifiziert) Betriebssystem Microsoft® Windows® C:\WINDOWS\system32\stobject.dll
(verifiziert) Betriebssystem Microsoft® Windows® c:\windows\system32\userinit.exe
(verifiziert) Betriebssystem Microsoft® Windows® C:\WINDOWS\system32\wlnotify.dll
(verifiziert) DriverEasy D:\_updates\DriverEasy\DriverEasy.exe
(verifiziert) Flash Player Auto-Updater D:\_updates\Alternative Flash Player Auto-Updater\Alternative Flash Player Auto-Updater.exe
(verifiziert) Google Update C:\Dokumente und Einstellungen\Elmar-Admin\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe
(verifiziert) Google Update C:\Programme\Google\Update\GoogleUpdate.exe
(verifiziert) Microsoft IntelliType Pro C:\Programme\Microsoft IntelliType Pro\itype.exe
(verifiziert) Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll
(verifiziert) Microsoft® Windows® Operating System C:\WINDOWS\system32\dimsntfy.dll
(verifiziert) Microsoft® Windows® Operating System C:\WINDOWS\system32\wpdshserviceobj.dll
(verifiziert) Windows Genuine Advantage C:\WINDOWS\system32\WgaLogon.dll
(verifiziert) Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll
(verifiziert) Wise Care 365 Tray D:\_tweak\Wise Care 365\WiseTray.exe
(verifiziert) Wise Turob D:\_tweak\Wise Care 365\WiseTurbo.exe
Browser Plugins
---------------
(verifiziert) DocuCom PDF Plus D:\_pdfs\Nuance PDF Reader\bin\nppdf.dll
(verifiziert) Google Update C:\Dokumente und Einstellungen\Elmar-Admin\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.153\npGoogleUpdate3.dll
(verifiziert) Google Update C:\Programme\Google\Update\1.3.21.149\npGoogleUpdate3.dll
(verifiziert) NPSWF32_11_8_800_94.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll
(unsigniert) Shockwave for Director C:\WINDOWS\system32\Adobe\Director\np32dsw_1203133.dll
(verifiziert) Silverlight Plug-In C:\Programme\Microsoft Silverlight\5.1.20513.0\npctrl.dll
(verifiziert) Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll
(unsigniert) VLC Web Plugin D:\_show & listen\VLC Player\npvlc.dll
(verifiziert) Adobe Acrobat C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
(verifiziert) Betriebssystem Microsoft® Windows® C:\WINDOWS\system32\mswsock.dll
(verifiziert) Dragon NaturallySpeaking Rich Internet C:\Programme\Nuance\NaturallySpeaking12\Program\npDgnRia.dll
(verifiziert) Java Deployment Toolkit 7.0.250.16 C:\WINDOWS\system32\npDeployJava1.dll
(verifiziert) Java(TM) Platform SE 7 U25 d:\z_rest\java 7.25 - 2\bin\jp2ssv.dll
(verifiziert) Java(TM) Platform SE 7 U25 D:\z_rest\Java 7.25 - 2\bin\plugin2\npjp2.dll
(verifiziert) Java(TM) Platform SE 7 U25 d:\z_rest\java 7.25 - 2\bin\ssv.dll
(verifiziert) Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
(verifiziert) Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll
(verifiziert) Microsoft® Windows® Operating System C:\WINDOWS\system32\winrnr.dll
(verifiziert) MindManager d:\programme\mindmanager 6\mm6internetexplorer.dll
(verifiziert) PDF-XChange Viewer D:\_pdfs\PDF X-Change Viewer\PDF Viewer\npPDFXCviewNPPlugin.dll
(verifiziert) Picasa D:\_pics\Picasa3\npPicasa3.dll
(verifiziert) PlusIEContextMenu c:\programme\nuance\pdf viewer plus\bin\plusiecontextmenu.dll
(verifiziert) Windows Presentation Foundation C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
(verifiziert) ZeonIEFavClient d:\programme\nuance paperport 14\pdfcreate\bin\zeoniefavclient.dll
fehlende Dateien
----------------
Datei nicht gefunden: C:\WINDOWS\system32\dumprep 0 -k
--> HKLM\Software\Microsoft\Windows\CurrentVersion\Run\"KernelFaultCheck"
Überprüfen
----------
MD5: cf36476ff7326f16e22d9afddfd7dd02 C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Dropbox\bin\Dropbox.exe
MD5: 5434e18b933e03f274d8da59fda4c676 C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Dropbox\bin\icudt.dll
MD5: e9610e3e8ec4043767601f5f16c6d4ec C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Dropbox\bin\libcef.dll
MD5: 21bfa433415377c6c9e428202bdfa9f9 C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Dropbox\bin\wxmsw28uh_vc.dll
MD5: 101700e93eb905992b518256cb441829 C:\Dokumente und Einstellungen\Elmar-Admin\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.153\npGoogleUpdate3.dll
MD5: 63d495ed7e4d46b780cb57acd46b8ac9 C:\Programme\BootRacer\BootRacerServ.exe
MD5: e255b2cab18194abe1cff3587a9365d9 C:\Programme\Emsisoft Anti-Malware\a2acc.dll
MD5: a8a4e18857cdfd8d9ab81e2c9eaf89b5 C:\PROGRAMME\EMSISOFT ANTI-MALWARE\a2accx86.sys
MD5: ee683d2ba1f6459616e7be2098bb2574 C:\Programme\Emsisoft Anti-Malware\a2contmenu.dll
MD5: 0f9f00b5e82cc999272c38b64832d6d3 C:\Programme\Emsisoft Anti-Malware\a2core32.dll
MD5: b0cc0b50441372157f31c4c023d43a3e C:\Programme\Emsisoft Anti-Malware\a2ddax86.sys
MD5: eb38f568d21259b410d252a40b39366a C:\Programme\Emsisoft Anti-Malware\a2dix86.dll
MD5: 03bfdfae9d150d43f4a19b5fbb892591 C:\Programme\Emsisoft Anti-Malware\a2dix86.sys
MD5: 1f6209005d2584b1c8359c9b1a568a6b C:\Programme\Emsisoft Anti-Malware\a2engine.dll
MD5: d5f50a7a00e3006fb23348b642fe180f C:\Programme\Emsisoft Anti-Malware\a2framework.dll
MD5: 6cd7139f8643f5d048a5d9c0d57e1552 C:\Programme\Emsisoft Anti-Malware\a2guard.exe
MD5: c9a9b7c0beacc25df284fc50f7d4306d C:\Programme\Emsisoft Anti-Malware\a2hooks32.dll
MD5: 4b9c5eebee862574cf794582104f0c91 C:\Programme\Emsisoft Anti-Malware\a2service.exe
MD5: eb84264f56e347ca09e7dd1f70fe4393 C:\Programme\Emsisoft Anti-Malware\a2start.exe
MD5: 9ca33701da16130cb127fd0c55e53b58 C:\Programme\Emsisoft Anti-Malware\a2update.dll
MD5: 8dea3fe12a6686573f16a06ad95d7ab9 C:\Programme\Emsisoft Anti-Malware\a2util32.sys
MD5: f432eb8d1d84a565167107e2ef001473 C:\Programme\Emsisoft Anti-Malware\a2wsc.dll
MD5: 1755023407fde00d9916505a557569d5 C:\Programme\Emsisoft Anti-Malware\bdcore.dll
MD5: 5d0b4b0a9d015e590bf8671c21d3d75e C:\Programme\Emsisoft Anti-Malware\clean32.dll
MD5: 7d26d78bd9b16a484b55956fa45fce2a C:\Programme\Emsisoft Anti-Malware\cleanhlp32.dll
MD5: 333a88e0227007e2e0677a92057a6d90 C:\Programme\Emsisoft Anti-Malware\cleanhlp32.sys
MD5: aa787c5de7f775995fd9e1e66918b507 C:\Programme\Emsisoft Anti-Malware\frme32.dll
MD5: 2407b8164e966755bc6a4242fc9de31e C:\Programme\Enigma Software Group\SpyHunter\esgiguard.sys
MD5: 8494b173dd812f7f6a87f2385e444b18 C:\Programme\Enigma Software Group\SpyHunter\SH4Service.exe
MD5: 4ac6587e639cd5eab5b657e7c1fbe680 C:\Programme\FreePDF_XP\fpassist.exe
MD5: d623a36247044648977c8688bc3eb53e C:\Programme\Gemeinsame Dateien\Acronis\Home\libcrypto10.dll
MD5: 4136aaa488720e90b520b09a38cda554 C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe
MD5: 4ecedaf47bb2941c8a7520cfd169a2f1 C:\Programme\Gemeinsame Dateien\Acronis\TibMounter\fox.dll
MD5: 97f492ec5ee9c799782ac957b5d49e22 C:\Programme\Gemeinsame Dateien\Acronis\TibMounter\icu38.dll
MD5: e9119ad94f2a315765a82e77db9f8c9a C:\Programme\Gemeinsame Dateien\Acronis\TibMounter\icudt38.dll
MD5: f3f38a2b5540ca45681f9adc9aa0515c C:\Programme\Gemeinsame Dateien\Acronis\TibMounter\thread_pool.dll
MD5: d345c4ce6dd370fccc78d0b61e5b658a C:\Programme\Gemeinsame Dateien\Acronis\TibMounter\tib_mounter.dll
MD5: ccc11052d20c42ae1b206ef04b8403eb C:\Programme\Gemeinsame Dateien\Acronis\TibMounter\TibMounterMonitor.exe
MD5: ff9e074ccc950398c7d293e1d4d003b3 C:\Programme\Gemeinsame Dateien\LogiShrd\Bluetooth\lbtserv.exe
MD5: 65703599e7760ed5eb12ad21f18ebaa3 C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTWLgn.dll
MD5: 5b8b352435f3e457b8c67b6d02888ca5 C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSO.DLL
MD5: 02c317a415a91112edef07aac78af6d5 C:\Programme\Google\Update\1.3.21.149\npGoogleUpdate3.dll
MD5: 6efbc82722d0f7b35283993189ece9d0 C:\Programme\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
MD5: 058ddc41a20cc9f698464d17fb378689 C:\Programme\Launchy\imageformats\qmng4.dll
MD5: d5f90a1f1c14beec118ae3d10e0d2c34 C:\Programme\Launchy\Launchy.exe
MD5: 67637c21ac19be6ca344cc2038c12fea C:\Programme\Launchy\plugins\calcy.dll
MD5: 59c643f71d46b2aa2323c41f79496f66 C:\Programme\Launchy\plugins\controly.dll
MD5: bdb93d4cd64f12e6e4abaeee2033599c C:\Programme\Launchy\plugins\gcalc.dll
MD5: 4dbdfc59b86f92d6a96f83657e98ea1e C:\Programme\Launchy\plugins\runner.dll
MD5: dc508141d62f9ad350e91864aa538edb C:\Programme\Launchy\plugins\verby.dll
MD5: 896fb77fbeba2b76751ff4220efb5f1b C:\Programme\Launchy\plugins\weby.dll
MD5: 68f07453f8aabfd28db1e1b22dfcdc5d C:\Programme\Launchy\QtCore4.dll
MD5: bf783889ffd30dcd089565750e00acf4 C:\Programme\Launchy\QtGui4.dll
MD5: 0b453bec20fcc92c022ee1919eec4e3b C:\Programme\Launchy\QtNetwork4.dll
MD5: 504d8e73807cfe9938d6be75ff332acf C:\Programme\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe
MD5: 3f2b676285b771538b495c6a71e431fe C:\Programme\Microsoft Garage\Mouse without Borders\MouseWithoutBordersHelper.exe
MD5: 55f756e87b2ff0b2e55d909cf6152ff9 C:\Programme\Microsoft Garage\Mouse without Borders\MouseWithoutBordersSvc.exe
MD5: 755fcbe4bc62179ef76ba924abb5f460 C:\Programme\Microsoft IntelliType Pro\Components\Commands\DPGFvs\DPGFvs.dll
MD5: f045df7af127dc4bcc53421850114e15 C:\Programme\Microsoft Silverlight\5.1.20513.0\npctrl.dll
MD5: 075eae10b5c91327a20881f9931058fc C:\Programme\Nuance\NaturallySpeaking12\Program\mfc100deu.dll
MD5: aac63851e6673ceea58657d5d7b7cf2b C:\Programme\Nuance\NaturallySpeaking12\Program\mfc100u.dll
MD5: 3cd36458d23705706e0ef7ebc29a7c5b C:\Programme\Nuance\NaturallySpeaking12\Program\msvcp100.dll
MD5: 356404610c0b6565111f292c232d6402 C:\Programme\Nuance\NaturallySpeaking12\Program\msvcr100.dll
MD5: daf3739d403b330e4ee4e64f0b32743d C:\Programme\NVIDIA Corporation\nview\nView.dll
MD5: 07f4bc741025085e830a2633c78fad71 C:\Programme\NVIDIA Corporation\nview\nvShell.dll
MD5: 59b772a134a8d4ebf44c4bfde0c83200 C:\Programme\NVIDIA Corporation\nview\NVWRSDE.dll
MD5: a23319a38290d9f495a076254d995499 C:\Programme\NVIDIA Corporation\nview\nwiz.exe
MD5: a8528d01a0a1ecffdb44476cff04e931 C:\Programme\Soluto\Community.CsharpSqlite.dll
MD5: bf9cf20f3eb49be39126e3bf8c84463c C:\Programme\Soluto\Interop.IWshRuntimeLibrary.dll
MD5: 9bad0bee490babbb95ca246d37ae389e C:\Programme\Soluto\Interop.NetFwTypeLib.dll
MD5: ab909f6ff25685785673b2c8bbf4d399 C:\Programme\Soluto\Ionic.Zip.Reduced.dll
MD5: 347f21144fc4c98f2cf0a1c316349829 C:\Programme\Soluto\Microsoft.ServiceHosting.ServiceRuntime.dll
MD5: 23d63963d014cec9fc6391becdebf27d C:\Programme\Soluto\Newtonsoft.Json.dll
MD5: c9ed00129c7528e4f666807899985a26 C:\Programme\Soluto\Newtonsoft.Json.Net35.dll
MD5: 7700eba56d21710f637ed6017736823b C:\Programme\Soluto\PCGAppControlPluginLoader.exe
MD5: 7ca6192086cd589594052d4a90a3865c C:\Programme\Soluto\PCGAzureEntityFramework.dll
MD5: af53b4b7b5c2a875d4dcbbd1799d8ffe C:\Programme\Soluto\PCGAzureShared.dll
MD5: fe7f0735f3908e52b19e85eb81ed6517 C:\Programme\Soluto\PCGBootVisualizingCore.dll
MD5: 6c69e7fef58bc582c1d6b270adba9f6a C:\Programme\Soluto\PCGBrowsersProbe.dll
MD5: fc4f35afa2dc541ffbaabd52a3d150da C:\Programme\Soluto\PCGCatalogItemCache.dll
MD5: 9b18258e74507c4d4b6a2ef5b02040b9 C:\Programme\Soluto\PCGCatalogItemFootprint.dll
MD5: 528babef2ae7f0f52ae0f1fa15b020b7 C:\Programme\Soluto\PCGClientCommon.dll
MD5: 8e2a281e4b026b88c669650c72586465 C:\Programme\Soluto\PCGClientCommunication.dll
MD5: e4bbc65501ffc1a139a844d51c45b555 C:\Programme\Soluto\PCGCommunication.dll
MD5: 42c69034dd1e49d10185f54e983e74f3 C:\Programme\Soluto\PCGConfiguration.dll
MD5: 74b4123f518059c8ea09395592a375ba C:\Programme\Soluto\PCGDataAggregation.dll
MD5: b14a5a42ef8ecefe2d57dc89d34ecf6f C:\Programme\Soluto\PCGDatabase.dll
MD5: bf214c45e3160a2364b9fa78a7d40805 C:\Programme\Soluto\PCGDriverProbe.dll
MD5: 2ede08bbbb35412407efc4d29c7e6aed C:\Programme\Soluto\PCGEntities.dll
MD5: 24e8c160a318e2855efeeafe6be2232b C:\Programme\Soluto\PCGFramework.dll
MD5: 85a54ed3bf58f7ac9b86a3375d4036ce C:\Programme\Soluto\PCGPreCompiled.dll
MD5: 4933b5882a53c63258dff38fb701a97f C:\Programme\Soluto\PCGPrestoSerializer.dll
MD5: bff44b72ec9cc9000ec5fb11c6189534 C:\Programme\Soluto\PCGSAProbe.dll
MD5: 4a491a15c2ae95e978c103c9b644f424 C:\Programme\Soluto\PCGUpgrader.dll
MD5: 0b33e90c63e0fe25ffe95d38278b9ee1 C:\Programme\Soluto\PCGUsersCenter.dll
MD5: 668faf637d7f896d90dc27956f749676 C:\Programme\Soluto\PCGWuInfo.dll
MD5: 5a120ba8867e7589256aa8e9bc58bd6e C:\Programme\Soluto\SignalRWrapper.dll
MD5: 8d6b4b337f3e99e1618446ad81240f82 c:\programme\soluto\soluto.exe
MD5: cd7bd355d0f864b94b2dd71486a6a6ee C:\Programme\Soluto\Soluto.SignalR.Client35.dll
MD5: 52486530ab680f5f56eafc8d3ba1b4bf C:\Programme\Soluto\SolutoCleanup.exe
MD5: 64853507e75d5dca9f2cd5bedd672a3d C:\Programme\Soluto\SolutoLauncherService.exe
MD5: 13eeac776482109315082e0430850d11 C:\Programme\Soluto\SolutoRemoteService.exe
MD5: 350ba5fdce5d9c6bee0312955d0de1c8 C:\Programme\Soluto\SolutoService.exe
MD5: eb61d4a7e770d5e0b9a42ca8c653b159 C:\Programme\Soluto\SolutoUpdateService.exe
MD5: f5ee17938d7c545bf62ad955803661c7 C:\Programme\Soluto\System.Threading.dll
MD5: 9cb7c63fd9d5ae484e318f9296279c52 C:\Programme\Spyware Terminator\st_rsser.exe
MD5: f185b0a7f31cea8b7d3764ff2809072a C:\Programme\Spyware Terminator\STShell.dll
MD5: 402794a75a899e296ab3edec4eccb9a8 C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe
MD5: 0b5b6f6dfe055f279e1cad0e8ba6cb61 C:\Programme\TweakRAM\TweakRAM.exe
MD5: 4c444d8207bfe9b4d0c670df5b89f0be C:\Programme\WebTemp\HWMonitor32.exe
MD5: 7b8186d01e0782372b9fa4e33d08e2fa C:\Programme\WebTemp\WebTemp.exe
MD5: 212c9c057d9776a665fc2ae49a9597be C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.Resources.dll
MD5: 5d04862a6f0c627f4bf4535295786e5b C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Community.CsharpSql#\bf27d0baf78a5b69f1f08c3b6c1142b7\Community.CsharpSqlite.ni.dll
MD5: b868ecbe93038c3999744b356d0e30c4 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Interop.IWshRuntime#\7ea9c8e722d462648db1caaede485b18\Interop.IWshRuntimeLibrary.ni.dll
MD5: a04e239d0aad27369aef8f510b90b1c1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Interop.NetFwTypeLib\46d9c0ce9e5e5a90a55d5588277b0340\Interop.NetFwTypeLib.ni.dll
MD5: f204736a60c51ebc4f57ef3d89051228 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Ionic.Zip.Reduced\1a69b73829403a6d7980664fc005abbc\Ionic.Zip.Reduced.ni.dll
MD5: e77b732208efa17f67917eaa03d1db92 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\fef10c14b1bfa97b78ebe93db912c095\mscorlib.ni.dll
MD5: 6664f4b64bd169cf8c8d502000e6152f C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Newtonsoft.Json.Net#\1beaf757ff6cab5e1d97d072225490e9\Newtonsoft.Json.Net35.ni.dll
MD5: e722e3ea3f476d14d7dbe161ada2c90f C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGAppControlPlugin#\031ca8e454a02749bff38de7d4e98ed7\PCGAppControlPluginLoader.ni.dll
MD5: 14154a099a1a44b51a2bc18e37621e98 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGAzureEntityFrame#\77ac1cd8d68695229b62ac82457bdeb9\PCGAzureEntityFramework.ni.dll
MD5: ef4b0261a9f2af9f91665ad1df6a5bc8 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGAzureShared\f18ce0d8bcb3ba5c99eefc978d5137dd\PCGAzureShared.ni.dll
MD5: e7b001fcfd67e09d967510ce4b7cf02b C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGBootVisualizingC#\f438fe859100c14a998663b9ad0d0b1f\PCGBootVisualizingCore.ni.dll
MD5: 9c5b4d2a7406129d6215d0dfbfa20451 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGBrowsersProbe\48a855c29385d364610603dd8d279ac7\PCGBrowsersProbe.ni.dll
MD5: 3576b7c4b9e5c85ee5c2b6c5193a08d6 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGCatalogItemCache\221b2115e7a093cf50e623a3c25ebc43\PCGCatalogItemCache.ni.dll
MD5: a8ca1bfce62045e1b18638fc89ab621e C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGCatalogItemFootp#\a261f77cb8b9dfee2edbae66b47f6135\PCGCatalogItemFootprint.ni.dll
MD5: e3416cf9a5ef8035064360258d48c5cd C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGClientCommon\9037d10dd58714a968aee508d888b0a5\PCGClientCommon.ni.dll
MD5: 15c966a2929a20f342471b989fa721d1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGClientCommunicat#\6416e238ba80e81966186a3eccee75af\PCGClientCommunication.ni.dll
MD5: 4eed06a8841438defd12e02188fb54b7 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGCommunication\8eb6c8b32ce401438691257b5424ac5d\PCGCommunication.ni.dll
MD5: da1508a7cc2e49d780cc49259df8b714 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGConfiguration\dd27a3608f2bd9d8fce3e1efb84de3c3\PCGConfiguration.ni.dll
MD5: cb7bc700fe763e4fb2c9540941906f31 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGDataAggregation\4e1f102e17f854ff61f2781ca1d30e3a\PCGDataAggregation.ni.dll
MD5: 97563158447e55cc0561e8349bfa046c C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGDatabase\9a627a74cf9cc1fcb62f02c88d901ffd\PCGDatabase.ni.dll
MD5: e8b431e82c1e6115caf156ac4ca99a91 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGDriverProbe\ec61946f684022e445b51c764db9b414\PCGDriverProbe.ni.dll
MD5: 64297f35f25c7aab217216b478078262 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGEntities\328336abbe815361f462346b228623cd\PCGEntities.ni.dll
MD5: de0a69f73738c00bbf08e72971dfda6c C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGFramework\4e6d5f0eb87f2261983b9c0144da35c3\PCGFramework.ni.dll
MD5: 20253f952ee1c82e7251495f81025ef9 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGPreCompiled\b5cfd5b69493d78588d63cc5a268c04c\PCGPreCompiled.ni.dll
MD5: fe0f69bcca1fead5d581cc177844f203 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGPrestoSerializer\c10a9d4653601ad69bb9b8030b68aebe\PCGPrestoSerializer.ni.dll
MD5: 975751768eb0321548e1d74b6c0ad68f C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGSAProbe\f3e61956b4b8570208f3c5a4db0cad63\PCGSAProbe.ni.dll
MD5: 5ffb79e8a487f2351902ccb53e4b66e9 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGUpgrader\d8aff7f7b1533366ff06f3027a35c473\PCGUpgrader.ni.dll
MD5: d10cb85a602b3c2b7b8a4e0ab2c1a4c2 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGUsersCenter\593f7fa8523a7cf010fd616f5fabb18c\PCGUsersCenter.ni.dll
MD5: 965db782a134450a143b973b2f189a31 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGWuInfo\5c100535b57b3dfe8c028d53b5a9d9d8\PCGWuInfo.ni.dll
MD5: b331f5d71e5b16d7b077c4e40a9fb44f C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SignalRWrapper\0cdf7e39a31d3b7a1e129ff4b7a3b990\SignalRWrapper.ni.dll
MD5: 60d2bb21fb9d702d3ca613535a72036d C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Soluto.SignalR.Clie#\773cfd8e84cf97394305439da910e220\Soluto.SignalR.Client35.ni.dll
MD5: a694dd333969b58fc4cf2d1eeaec4461 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SolutoCleanup\654a990c593a4efc1b8ec477499448d8\SolutoCleanup.ni.dll
MD5: f173b9ac885e1c3c958adcfcdad39dfc C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SolutoService\cb2b3549ae06eff7d713bbf032cd939b\SolutoService.ni.exe
MD5: 061984237e41512e551a3caf9e2a7838 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\674001d4765d9d23e13e38904821cf1f\System.Core.ni.dll
MD5: 4d7ca8f139e54028ce5a01a17bc51c55 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\36a001c088d31c981b24c1edd020788b\System.ServiceProcess.ni.dll
MD5: de0e0a3cd77ac0130ffdb12666e40c35 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\6a00dc121491c126faa82c35d16d6eca\System.ni.dll
MD5: c08b69127c2f683ce1f2b05d2089629b C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\a01e07e47ecdd94ae099e8c4bf650516\mscorlib.ni.dll
MD5: f6fdcdd877c5dfdc192c4252819523b6 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\7546a01feb9d477570b883eec56cc673\System.Configuration.ni.dll
MD5: fd5f7b4f1f3c61e2aada55edb77cd719 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\54e91e1cae6e1a6522aa4aa734dc59a1\System.Core.ni.dll
MD5: fe7beb0d9a8ea4c9795db11589f5aa3e C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\da851a56e2eb6cc239c4f018a57eb147\System.Drawing.ni.dll
MD5: fb099c90ae3489084d321cbbd1f62f12 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\2e9b90d387ecd9febb0d8231f4317667\System.Runtime.Remoting.ni.dll
MD5: dab549b60e76ee9b8a34abe7616f675c C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web\f12d39d52b197c5ab34e829c16aa95bd\System.Web.ni.dll
MD5: c2b138dddb564a3768bf1969117d09cf C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\aa68302abb5a0c4ff09f84b4be6ff459\System.Windows.Forms.ni.dll
MD5: 3d0d3b0897d669fa57e5b366a3339eb8 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\c1c41a9e1a25999e74defafecb2aa0bc\System.Xml.ni.dll
MD5: afcd4497051a598e3de93ab2295b0b4a C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\89445d5b924ad94744d00f1b6cd2285d\System.ni.dll
MD5: c2ab0bf642b86d1915863cdb861df71e C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
MD5: d2f5ea715f155b77fb2d18a70bd7d041 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MD5: f7332055800dade48e0fcae6c2f43fcc C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clr.dll
MD5: 5f59a5e21b387b1258f5bc979b6bc5e7 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
MD5: e76d3b8b711aad564e2f31655a79c175 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Culture.dll
MD5: 8a2f574db38876fcb6adfa509ae5c7ef C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll
MD5: 92f8656d0167412a2379517c3f704ffb C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MD5: 3fb186a7a9728102181334336b364be5 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
MD5: a8f8a187bca7c1dee5638ad2997595ee C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
MD5: dfe18f2bfd60da638f24a0776a60f9e3 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
MD5: 120f3b596f79fc990b7d808857a8b3bc C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
MD5: ae7b288233c212c62cd544bf768c45e6 C:\WINDOWS\system32\Adobe\Director\np32dsw_1203133.dll
MD5: d2212de58670f43233a97540804c86ac C:\WINDOWS\system32\asycfilt.dll
MD5: 6586e91828fb64b7236771c0ebe25d4d C:\WINDOWS\system32\AVSredirect.dll
MD5: 4bc526551b07df63a219b85576568b07 C:\WINDOWS\system32\CNMNPPM.DLL
MD5: b2e8f9564c82f77bce2c144b1983ce7d C:\WINDOWS\system32\crypt32.dll
MD5: c066da0f6052a5c74c54dab48f8ca8d3 C:\WINDOWS\system32\dfshim.dll
MD5: 84c3bfe972b722532ed9e88d0301a5b1 C:\WINDOWS\system32\dinput8.dll
MD5: 9e1ca3160dafb159ca14f83b1e317f75 C:\WINDOWS\system32\drivers\ACPIEC.sys
MD5: 769844eb65df6a62aa51b886290fe51d C:\WINDOWS\system32\DRIVERS\AmdK8.sys
MD5: ad8fa28d8ed0d0a689a0559085ce0f18 C:\WINDOWS\system32\DRIVERS\AmdLLD.sys
MD5: bcf37763868ab5ed70b392d3f101d44d C:\WINDOWS\System32\Drivers\AnyDVD.sys
MD5: 2b4e66fac6503494a2c6f32bb6ab3826 C:\WINDOWS\system32\drivers\ASIO.sys
MD5: b979979ab8027f7f53fb16ec4229b7db C:\WINDOWS\system32\drivers\ASPI32.sys
MD5: 92a964547b96d697e5e9ed43b4297f5a C:\WINDOWS\System32\Drivers\BrScnUsb.sys
MD5: 0071f8825d14b16955cd0a0699ab7a6c C:\WINDOWS\system32\drivers\DRHARD.sys
MD5: 8810cbe07a85cf1998750252a8b1f3c4 C:\WINDOWS\system32\DRIVERS\dsnpfd.sys
MD5: 01ce484ff6d70a39479bc6d619de7ed6 C:\WINDOWS\system32\drivers\ESGSCANNER.sys
MD5: cf9f4efdf34fa5bf96fa2ab8f2255ce8 C:\WINDOWS\System32\Drivers\LBeepKE.sys
MD5: 59ced2543392eb10b2e8feae87a5d248 C:\WINDOWS\System32\Drivers\LEqdUsb.Sys
MD5: 26163f0f1c2636ae3fff7c54600204a5 C:\WINDOWS\System32\Drivers\LHidEqd.Sys
MD5: 74ea099c3d9dad3a657bd89ed4a81c6d C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
MD5: e9d42cdd5bd22be28247b77953735650 C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
MD5: ca3e22598f411199adc2dfee76cd0ae0 C:\WINDOWS\system32\drivers\msmpu401.sys
MD5: f7b1ad991491f02af6da70b00b8bf114 C:\WINDOWS\system32\drivers\MUP.sys
MD5: 9282bd12dfb069d3889eb3fcc1000a9b C:\WINDOWS\system32\drivers\NDPROXY.sys
MD5: a613a14fb4d9117f42a3a280f64e9ec4 C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
MD5: c03e15101f6d9e82cd9b0e7d715f5de3 C:\WINDOWS\system32\DRIVERS\nvata.sys
MD5: c2bf987829099a3eaa2ca6a0a90ecb4f C:\WINDOWS\system32\drivers\PARVDM.sys
MD5: a2a966b77d61847d61a3051df87c8c97 C:\WINDOWS\system32\drivers\Pcmcia.sys
MD5: c7d9bc54354b8c706abf172d48313f1b C:\WINDOWS\system32\drivers\RDPWD.sys
MD5: d1facb3c7d12f439c18ef01aa88c2a9d C:\WINDOWS\system32\drivers\Sdbus.sys
MD5: cf24eb4f0412c82bcd1f4f35a025e31d C:\WINDOWS\system32\drivers\SERIAL.sys
MD5: 43dc393f21345b6de59517bd27e2b10f C:\WINDOWS\system32\Drivers\SIVX32.sys
MD5: 7b426b8e809edf081d771ef429345528 C:\WINDOWS\system32\drivers\SP_RSDRV2.sys
MD5: e57b778208c783d8debab320c16a1b82 C:\WINDOWS\system32\drivers\STAROPEN.sys
MD5: 5c7c939bbd03784fe58c80578d065cc9 C:\WINDOWS\system32\DRIVERS\tap0901.sys
MD5: a31246180e61140ad7ff9dd7edf1f6a1 C:\WINDOWS\system32\drivers\TMCOMM.sys
MD5: 048835a65968e9ea872130aeaa727ded C:\WINDOWS\system32\drivers\UIGXRDR.sys
MD5: 200847985e963ea9634c1b81a21a4da6 C:\WINDOWS\system32\drivers\VBOXDRV.sys
MD5: 2a29b5d722d6b7f688507393e5d4166b C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys
MD5: 40458859ba17fc8acbfeb65a967363e4 C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys
MD5: e973e67e29344a198fb17351c5cd9320 C:\WINDOWS\system32\drivers\VBOXUSBMON.sys
MD5: b252dd05c8b1d64239ee8a93c4bc5ad4 C:\WINDOWS\system32\DRIVERS\VClone.sys
MD5: c0f55cc0903cfdc819f6d857402b697c C:\WINDOWS\System32\Drivers\vulfnth.sys
MD5: 545d98a7f61af1c7c4ad38b8f333e0b7 C:\WINDOWS\System32\Drivers\vulfntr.sys
MD5: fd600b032e741eb6aab509fc630f7c42 C:\WINDOWS\system32\DRIVERS\WinUSB.sys
MD5: ae279cd76b38fc079eec3ca6d65a5926 C:\WINDOWS\system32\DRIVERS\zumbus.sys
MD5: bf8517b249b4b81f72cd659e89e8595a C:\WINDOWS\system32\filemgmt.dll
MD5: ae98f1471c7836ed5f5aafa2962e5ea7 C:\WINDOWS\system32\hhsetup.dll
MD5: 35ea674e7239b527ad98afd1dbc1efd6 C:\WINDOWS\system32\ieframe.dll
MD5: 81faefc42d0b236c62c3401558867faa C:\WINDOWS\system32\iertutil.dll
MD5: cd1f8b68515120ebac5a1e3bad5199c4 C:\WINDOWS\system32\loadperf.dll
MD5: 476bb014f3f68c0c15eddd5b444da8ff C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
MD5: 0c8597dbc74aaf5179471ba013e3c6b4 C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll
MD5: 072376b62a8ad268f7f1aeb45f2e7d3b C:\WINDOWS\system32\MatroskaDX.ax
MD5: 7cfded5c3dc1b5843cbaaecf6868cbd0 C:\WINDOWS\system32\mfc42loc.dll
MD5: 973e32a975effcc4b430ee8e5d2b580b C:\WINDOWS\system32\mfc42u.dll
MD5: d1ec2800e02e81b0c74e39510e80cf24 C:\WINDOWS\system32\mmc.exe
MD5: f1c8ce383de472818312d289b296e05e C:\WINDOWS\system32\mmcbase.dll
MD5: b1d4df0c11dc13120f051e8804039ea0 C:\WINDOWS\system32\mmcndmgr.dll
MD5: 4b69d5e6fbb0638b8fa0e2c2afa231b5 C:\WINDOWS\system32\mmcshext.dll
MD5: 45e53033a634317ac04b7ba79ec0749d C:\WINDOWS\system32\mmfutil.dll
MD5: 9eba8603c3ca00edcdf0f34c6d3044e6 C:\WINDOWS\system32\msdtcprx.dll
MD5: ffe0439805a7db1674bab0a2285c3447 C:\WINDOWS\system32\msdtcuiu.dll
MD5: 2dac1ded391da6687dc4dfad5c029352 C:\WINDOWS\system32\msftedit.dll
MD5: 76a0cf7f71b56cf9ccf46536affe3e26 C:\WINDOWS\system32\mshtml.dll
MD5: 1f15b1d33e0a45b6eb1011cd45c25480 C:\WINDOWS\system32\msvbvm60.dll
MD5: 5a6b199a4e9e4eb24b6138b87ee4da79 C:\WINDOWS\system32\netfxperf.dll
MD5: 25bec0f383359a9806602835cb756652 C:\WINDOWS\system32\nvapi.dll
MD5: f1ae0bc50661be09e7bc5919f4c05505 C:\WINDOWS\system32\nvsvc32.exe
MD5: 7641cbd793459559c7c99481ec3c6803 C:\WINDOWS\system32\nvwddi.dll
MD5: 189b2c9e7551bffefc9af7557a1d89d0 C:\WINDOWS\system32\odbcbcp.dll
MD5: 5ca984ba87d2f268f8dc96a38e67ed34 C:\WINDOWS\system32\pdfcmon.dll
MD5: 594d1ed86a44a1a92ab72bab5db5a726 C:\WINDOWS\system32\pdh.dll
MD5: c47fd93010649ac0d79022d9b69adbe4 C:\WINDOWS\system32\perfctrs.dll
MD5: 4ce772e935114095695d3f75e999631c C:\WINDOWS\system32\perfdisk.dll
MD5: 5eba4a1e0bec4c3eef814b210b0de871 C:\WINDOWS\system32\perfnet.dll
MD5: d572dc556bb594976d4d179e5b9b41b9 C:\WINDOWS\system32\perfos.dll
MD5: ccb87461ecaa2b5ab7e6f0ba5fc27869 C:\WINDOWS\system32\perfproc.dll
MD5: f938c6ddf7f7791c53bd8e55f723016a C:\WINDOWS\system32\perfts.dll
MD5: e2ee17f580e02d3997b7352ed02a768b C:\WINDOWS\system32\pschdprf.dll
MD5: 0b7a5b82fbb8d2d9f7ceefb8a74c06c6 C:\WINDOWS\system32\rasctrs.dll
MD5: 8209c58db27dcd32579f8eeb585f32fe C:\WINDOWS\system32\rsvpperf.dll
MD5: f6b34cd47caf6d68106b9f8055f35c50 C:\WINDOWS\system32\rundll32.exe
MD5: 62bf9200e1bdf8fb88b41403add33d0c C:\WINDOWS\system32\servdeps.dll
MD5: fde6990df7ec6db4930addeeab4f5f9f C:\WINDOWS\system32\snmpsnap.dll
MD5: 71904b089f4a0d8f6bc46ce52a457836 C:\WINDOWS\system32\TAKDSDecoder.ax
MD5: 6d8bdea7fb2e1a8461acd4970627e95a C:\WINDOWS\system32\TAKDSDecoder.dll
MD5: 78908cc0eeae43de90b07c1a2da298d7 C:\WINDOWS\system32\tapiperf.dll
MD5: b198cb3b0689b10fdc4c8ccf8c3c3289 C:\WINDOWS\system32\taskmgr.exe
MD5: 926f5a50f62b7cdc87beeb3527b4f2a8 C:\WINDOWS\system32\traffic.dll
MD5: a049859689c3a920c8962627c05a2296 C:\WINDOWS\system32\UIGMXMON.DLL
MD5: c0c55f5ef0fe738a50af2f3ff53ad0c1 C:\WINDOWS\system32\uigxnp.dll
MD5: 28f73a450aa227894e2e6288f8681e79 C:\WINDOWS\system32\urlmon.dll
MD5: b0d56545c7297f4328496f4ee9acd36d C:\WINDOWS\system32\utildll.dll
MD5: 6a554775aefd402c2f311ac820f836ea C:\WINDOWS\system32\VB6DE.DLL
MD5: c7636ba48f5ba08ad427e6fbecc32679 C:\WINDOWS\system32\wbem\wbemcons.dll
MD5: 696aa05c1fb6a73f553095e217b9b24f C:\WINDOWS\system32\wbem\wbemdisp.dll
MD5: 45edc8b9c1024ec31165ecaa913170c9 C:\WINDOWS\system32\wbem\wmiaprpl.dll
MD5: c0b9a1f9a7dfdb6fbd72eac6626f76e5 C:\WINDOWS\system32\WebUpdate.exe
MD5: 4af40b1cc33d92fd6f45d8560509cfcb C:\WINDOWS\system32\winDCE32.dll
MD5: c087cc88d7cd554409cbb5ebc29e8e38 C:\WINDOWS\system32\wininet.dll
MD5: 77f595dee5ffacea72b135b1fce1312e C:\WINDOWS\system32\xinput1_3.dll
MD5: 38e1a82ea77e591245fd7487a7e32fe8 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6229_x-ww_449d3952\msvcp80.dll
MD5: 2a617261b0de3b9ac1ee5f83cf1fd830 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6229_x-ww_449d3952\msvcr80.dll
MD5: 0692f956ba7c7648b30357e154e409cc C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6229_x-ww_1583ac57\mfc80u.dll
MD5: d992f37111edf8442505df287a2b9af0 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6229_x-ww_6ad2c555\mfc80DEU.dll
MD5: 45892c984c909bd3c1aa6ae812225553 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.7523_x-ww_c2c04980\atl90.dll
MD5: 13d0c0b903d843d82897c0432c1fcb96 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.7523_x-ww_62205c0c\msvcp90.dll
MD5: 8fb39073ebb7a91a0ec4209edb46d933 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.7523_x-ww_62205c0c\msvcr90.dll
MD5: 75781af15861036424e610a8d89c63e6 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.7523_x-ww_3306cf11\mfc90u.dll
MD5: 4bb88951ddfe5dbdf5c5cddf71a665c1 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.7523_x-ww_a38742d1\mfc90deu.dll
MD5: be80c3b05e526dbf4315823b810b8ce9 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.23084_x-ww_f3f35550\GdiPlus.dll
MD5: 1b6be2935938d2f656ef83fb1acd99c5 D:\_backup\GMX Upload Messenger\SHNDLERS.DLL
MD5: f00e75266a6a997fd51e7c7fa3456ea9 D:\_easywork\PTFB Pro\libeay32.dll
MD5: 706fbeeb6b66f99652bc0eabbf069878 D:\_easywork\PTFB Pro\PTFBPro.exe
MD5: 2f64eae8c8864aaa3ae8ce0e58b8cc68 D:\_faster\BootLog XP\BootLogService.exe
MD5: 29fd9bf519cee9cff4f8e0264b136598 D:\_faster\BWMeter\BWMeterConSvc.exe
MD5: 8e6ace12cadb0b9e6f1b703798ee913e D:\_faster\CachemanXP\CachemanXP.exe
MD5: 3bbbc02d84ac98af93f2f4d00ec347f0 D:\_faster\OO CleverCache\ooccag.exe
MD5: 6fa58332c26b00385f8fcd46fbbdf495 D:\_faster\OO CleverCache\ooccguir.dll
MD5: f2b9fef35c5b151fb4a18c1575e5f7fb D:\_filemanagement\FontExplorer X Pro\FontManagementServices.exe
MD5: c2e81dbc80b42c599ff49c5345454a1e D:\_filemanagement\Winrar\RarExt.dll
MD5: 3a23a1d4f001962622bae4dddd8663c0 D:\_filemanagement\xplorer² pro\xplorer2_UC.exe
MD5: ebc0e8c0a4dda2c32a7d5863462a321a D:\_hardware\AMD Dual Core optimizer 1.1.4\amd_dc_opt.exe
MD5: 017695393afffed8de58abd1b085be6d D:\_hardware\Zune - Nokia 800\WMZuneComm.exe
MD5: 37f339b64f19e2775284ed7161b96683 D:\_hardware\Zune - Nokia 800\ZuneBusEnum.exe
MD5: 1076df9ade4e13ea3bf39d2165aeb903 D:\_hardware\Zune - Nokia 800\ZuneNss.exe
MD5: de1cdb333a402b279f04d627122fa08e D:\_hardware\Zune - Nokia 800\ZuneWlanCfgSvc.exe
MD5: 035fe30c12ebeea43b4d08067dc7b257 D:\_improve system\aborange Scheduler\aboScheduler.exe
MD5: a6fa3e04721f85de982c74530c330d6b D:\_improve system\MMTaskbar 3.0\MultiMon.exe
MD5: 168f470a3da98953d6b46c9814c91c69 D:\_improve system\Process Lasso\pl_rsrc_english.dll
MD5: 3db9f6e4eb755ef071cf9eafc57d5c72 D:\_improve system\Process Lasso\pl_rsrc_german.dll
MD5: 11f233ed39533b6d0b38a7ddfb2d8709 D:\_improve system\Process Lasso\ProcessGovernor.exe
MD5: af7d9dfcdc5262aea00f7c8ed6e0adff D:\_improve system\Process Lasso\ProcessLasso.exe
MD5: 7eaef49d206899909eb63014fc8dc19a D:\_improve system\System Explorer\service\SystemExplorerService.exe
MD5: 52d1bcab15fbdb9ec4a52c5d42240f17 D:\_improve system\System Explorer\SystemExplorer.exe
MD5: 1d8ba46a4f57234597daa834fddbfb84 D:\_improve system\USB Safely Remove 5.1.2\USBSRService.exe
MD5: 46ab2515e8ebf3d9101c8b94e2519f2d D:\_improve system\WindowManager\WindowManager.dll
MD5: d15896560a3c53fb7c6593ca2bfd34cf D:\_improve system\WindowManager\WindowManager.exe
MD5: 230fd3749904ca045ea5ec0aa14006e9 D:\_info\SiSoftware Sandra Lite 2013.SP4\WNt500x86\Sandra.sys
MD5: 10b2d3459ce232fd8375afa0f44a5174 D:\_maintenance\CleanGenius 3\CGUnlockerExtension.dll
MD5: 325fb38c323c63c7f57885b4dfb1b91e D:\_maintenance\UPHClean\uphclean.exe
MD5: cb862d18bc1359ab6949636aca6a7444 D:\_pdfs\Nuance PDF Reader\bin\nppdf.dll
MD5: edfca3d1cb2147de6ced48284932f5ed D:\_pics\SageThumbs\32\libgfl340.dll
MD5: 1d3c7d9388fa818ffc7f5bdf0479c05d D:\_pics\SageThumbs\32\libgfle340.dll
MD5: 54a0a07db35e5cf3b6fb278bdf285eb9 D:\_pics\SageThumbs\32\SageThumbs.dll
MD5: efa5a3068a246d346c4eb7c3f55ce0c6 D:\_pics\SageThumbs\32\sqlite3.dll
MD5: f714d4f456a6b91212966b3ca19f720c D:\_security\VirusKeeper 2011 Pro Probeversion\vk_service.exe
MD5: 43cebdfa8b91beb5febd4f9e6768aef2 D:\_show & listen\VLC Player\npvlc.dll
MD5: d93eba8a8790c0f9125f434a6e4bbd6f D:\_tweak\Glary Utilities 3\ContextHandler.dll
MD5: d7db8e1cf0c3554dff2a4a2a340afe84 D:\_tweak\Glary Utilities 3\Initialize.exe
MD5: 9a2347903d6edb84c10f288bc0578c1c E:\_ dropbox _\Dropbox\_ install new\__new\HiJackThis204.exe
MD5: c04e5e0060cd89537b686b8f17358ddc Q:\_easywork\allsnap150beta\allsnap.exe
MD5: b4919254bf82c6e05f6cd29c82a5fd1a Q:\_easywork\allsnap150beta\snap_lib.dll
MD5: c9f3bb7738ccf43a3df75ac1d971c338 Q:\_easywork\ObjectDock\CrashRpt.dll
MD5: 148423fdbc7f0b07d8d166414c95b8ab Q:\_easywork\ObjectDock\dbghelp.dll
MD5: cf91d64ccce47ca85b7ee14321b8dfe1 Q:\_easywork\ObjectDock\Docklets\Calendar\Calendar.dll
MD5: 9038e4179464283e41f0e17e2288b16d Q:\_easywork\ObjectDock\Docklets\Clock\Clock.dll
MD5: 78bf85d0ff63979f1995787e87989c0a Q:\_easywork\ObjectDock\DockShellHook.dll
MD5: 532c34258057696e9247605fe9b34b04 Q:\_easywork\ObjectDock\ObjectDock.exe
MD5: 8f490b403bc61771fe9ebd7d7bc8c130 Q:\_easywork\ObjectDock\StardockTray.dll
MD5: 87eddceb9d22c129e386e652c5cda521 Q:\_easywork\ObjectDock\zlib.dll
MD5: 49abbb2b8ef50aa7a91c6b722c63944f Q:\_easywork\WinSplit Revolution\WinSplit.exe
MD5: 6e4c258ef2ffcc1abac0fc5e147b5102 Q:\_easywork\WinSplit Revolution\WinSplitDrvr32.exe
MD5: 78d5786d1e88c97208d2465aa3fc5986 Q:\_easywork\WinSplit Revolution\WinSplitHook32.dll
MD5: 864f89a1b188a0efc06a38884a70f56f Q:\_easywork\WinSplit Revolution\WinSplitLib.dll
MD5: 38974b7cb773cc973647f6238c20ba1b Q:\_system improve\Anvir TaskManager Pro\AnvirRunServ.exe
MD5: c0b4b422fd58dd80c0fbb72d1821a6b6 R:\_easywork\Everything\Everything.exe
MD5: ac22e3c180d7aa25fe47cdd30f5942a0 R:\GoogleChromePortable 28 final\App\Chrome-bin\28.0.1500.71\chrome.dll
MD5: e661fe228412eb24b499775476b6d51a R:\GoogleChromePortable 28 final\App\Chrome-bin\28.0.1500.71\ffmpegsumo.dll
MD5: b829290325c603dbd52afa51822d8500 R:\GoogleChromePortable 28 final\App\Chrome-bin\28.0.1500.71\icudt.dll
MD5: f20c275229bf2fec823b1ce3abab4193 R:\GoogleChromePortable 28 final\App\Chrome-bin\28.0.1500.71\libpeerconnection.dll
MD5: 14378bc0434fbd9907d7b469bff8ce3b R:\GoogleChromePortable 28 final\App\Chrome-bin\28.0.1500.71\pdf.dll
MD5: 723d91b3caeae60926212ce8da54217f R:\GoogleChromePortable 28 final\App\Chrome-bin\28.0.1500.71\ppgooglenaclpluginchrome.dll
MD5: 815fd68f8a6af88827232c2b94622970 R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe
MD5: 6677ef124913dcacc2078b27309edcac R:\GoogleChromePortable 28 final\Data\profile\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.131_0\npqscan.dll
MD5: 9f1cff9f0922a9d22a97791d8cb5e444 R:\GoogleChromePortable 28 final\Data\profile\PepperFlash\11.8.800.97\pepflashplayer.dll
MD5: c94a3239cebefe3ff64e9bfc332da9d3 R:\GoogleChromePortable 28 final\GoogleChromePortable.exe
MD5: 12f4da1ee22bc82825f8134ce4b3f529 R:\z_temp\decleaner\avnetworkloader.dll
MD5: c5d053c589eac6ff38c2ad7b3785e297 R:\z_temp\decleaner\avnetworkLoaderGUI.dll
MD5: 434049e557861645fa160f3035025f51 R:\z_temp\decleaner\decleaner\setup\aebb.dll
MD5: 12206cf57a965bb32f6eeb1841d4180d R:\z_temp\decleaner\decleaner\setup\aecore.dll
MD5: cd7b65e600b8ebc91b292c1ac9ec1215 R:\z_temp\decleaner\decleaner\setup\aeemu.dll
MD5: 19510247a16be81e66dca0057067e740 R:\z_temp\decleaner\decleaner\setup\aeexp.dll
MD5: 73b4e5ca16aff165b3b3152004255587 R:\z_temp\decleaner\decleaner\setup\aegen.dll
MD5: 20ff9c1ac224a84f3833e6d7b1aded05 R:\z_temp\decleaner\decleaner\setup\aehelp.dll
MD5: 9e8cc9e0660c2687a6fc04c6a3a4ef86 R:\z_temp\decleaner\decleaner\setup\aeheur.dll
MD5: 3580ef6282d1f77116dee2983eeb0751 R:\z_temp\decleaner\decleaner\setup\aeoffice.dll
MD5: 0c3bf6691668478ff6b7e6d40fd04335 R:\z_temp\decleaner\decleaner\setup\aepack.dll
MD5: 9d4db1309bb1d86fdc7cfafb315e3e5a R:\z_temp\decleaner\decleaner\setup\aerdl.dll
MD5: 64605b72b605dede66d38e3d7094e73b R:\z_temp\decleaner\decleaner\setup\aesbx.dll
MD5: 25419e7d1ded175b21113d819b3970dc R:\z_temp\decleaner\decleaner\setup\aescn.dll
MD5: 11eef5b07e552a179b72e2c151de9b49 R:\z_temp\decleaner\decleaner\setup\aescript.dll
MD5: b30f23026aa2f12a690153ffb6983993 R:\z_temp\decleaner\decleaner\setup\aevdf.dll
MD5: 30a6cab7a30023a25e098fafdd32695f R:\z_temp\decleaner\decleaner\setup\avpref.dll
MD5: c50071befaf3adc7a830ff287a7824a8 R:\z_temp\decleaner\decleaner\setup\avreg.dll
MD5: 0afc48dbc059918f24cb6b534ed79b86 R:\z_temp\decleaner\decleaner\setup\avrep.dll
MD5: 1f008e3d493b775158636f8c26423b71 R:\z_temp\decleaner\decleaner\setup\avscan.dll
MD5: 9f5ead456c5ba8c6a896e2c68d976928 R:\z_temp\decleaner\decleaner\setup\avscplr.dll
MD5: 2fe7faa8733ca80b8a8160e563f8a7b3 R:\z_temp\decleaner\decleaner\setup\avwinll.dll
MD5: 89fccb24f47d96c960a24f3207e32df2 R:\z_temp\decleaner\decleaner\setup\extdlgfw.dll
MD5: f8f3a942f0213f9fb3fc07b1e3c2e093 R:\z_temp\decleaner\decleaner\setup\luke.dll
MD5: c0b9494af817c10f9ea6c5aafc45991e R:\z_temp\decleaner\decleaner\setup\rcimage.dll
MD5: 26e696e57b9df02a9b0ec41d63186b7f R:\z_temp\decleaner\rcNwLoad_de.dll
MD5: ff4473ae88eb8643cb9372536852b942 R:\z_temp\decleaner\update.dll
MD5: 6dbc038f15baaa2754810c73e40e5648 R:\z_temp\HouseCall\hc_core.dll
MD5: 890c1da5db5515ebc5e243850a505760 R:\z_temp\HouseCall\housecall.bin
MD5: 75676cfb7d636406059c49280bb00791 R:\z_temp\HouseCall\ICRCHdler.dll
MD5: ee9bf48743dccef46527c54bbd8ba5ae R:\z_temp\HouseCall\libcurl.dll
MD5: 9aa69a2f61e7c4f1c6d94a6c3e3680e0 R:\z_temp\HouseCall\libeay32.dll
MD5: deca60f8772002cb8a7f7215814ddf77 R:\z_temp\HouseCall\libexpatw.dll
MD5: 743f1aefbfea418a1b80566b22bbab68 R:\z_temp\HouseCall\perfiCrcPerfMonMgr.dll
MD5: df6fefe6f98fafd3e5ce55c81079af23 R:\z_temp\HouseCall\ssleay32.dll
MD5: acc5fad1798dbc029d77f08081e268b9 R:\z_temp\HouseCall\tmfbeng.dll
MD5: 56156e48b13063dc738bc43c38645274 R:\z_temp\HouseCall\tscdll32.dll
MD5: 260b5930258c7cbeeddf8a4f4568d1a8 R:\z_temp\HouseCall\vsapi32.dll
MD5: 24a7a119e289f1b5b69f3d6cf258db7c R:\z_temp\nsoE.tmp\registry.dll
Folgende Dateien müssen hochgeladen werden für einen Scan vom Server:
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGSAProbe\f3e61956b4b8570208f3c5a4db0cad63\PCGSAProbe.ni.dll
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGPrestoSerializer\c10a9d4653601ad69bb9b8030b68aebe\PCGPrestoSerializer.ni.dll
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SignalRWrapper\0cdf7e39a31d3b7a1e129ff4b7a3b990\SignalRWrapper.ni.dll
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Interop.IWshRuntime#\7ea9c8e722d462648db1caaede485b18\Interop.IWshRuntimeLibrary.ni.dll
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGConfiguration\dd27a3608f2bd9d8fce3e1efb84de3c3\PCGConfiguration.ni.dll
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGUpgrader\d8aff7f7b1533366ff06f3027a35c473\PCGUpgrader.ni.dll
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGWuInfo\5c100535b57b3dfe8c028d53b5a9d9d8\PCGWuInfo.ni.dll
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGBootVisualizingC#\f438fe859100c14a998663b9ad0d0b1f\PCGBootVisualizingCore.ni.dll
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGBrowsersProbe\48a855c29385d364610603dd8d279ac7\PCGBrowsersProbe.ni.dll
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGCatalogItemCache\221b2115e7a093cf50e623a3c25ebc43\PCGCatalogItemCache.ni.dll
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGDriverProbe\ec61946f684022e445b51c764db9b414\PCGDriverProbe.ni.dll
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SolutoCleanup\654a990c593a4efc1b8ec477499448d8\SolutoCleanup.ni.dll
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGAzureEntityFrame#\77ac1cd8d68695229b62ac82457bdeb9\PCGAzureEntityFramework.ni.dll
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGCatalogItemFootp#\a261f77cb8b9dfee2edbae66b47f6135\PCGCatalogItemFootprint.ni.dll
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Interop.NetFwTypeLib\46d9c0ce9e5e5a90a55d5588277b0340\Interop.NetFwTypeLib.ni.dll
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGClientCommunicat#\6416e238ba80e81966186a3eccee75af\PCGClientCommunication.ni.dll
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGAppControlPlugin#\031ca8e454a02749bff38de7d4e98ed7\PCGAppControlPluginLoader.ni.dll
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGEntities\328336abbe815361f462346b228623cd\PCGEntities.ni.dll
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Ionic.Zip.Reduced\1a69b73829403a6d7980664fc005abbc\Ionic.Zip.Reduced.ni.dll
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Soluto.SignalR.Clie#\773cfd8e84cf97394305439da910e220\Soluto.SignalR.Client35.ni.dll
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGUsersCenter\593f7fa8523a7cf010fd616f5fabb18c\PCGUsersCenter.ni.dll
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PCGDataAggregation\4e1f102e17f854ff61f2781ca1d30e3a\PCGDataAggregation.ni.dll
Upload gestartet - 22 Datei(en)
SignalRWrapper.ni.dll (42496)
PCGEntities.ni.dll (49664)
Interop.NetFwTypeLib.ni.dll (50688)
PCGAzureEntityFramework.ni.dll (52224)
PCGUsersCenter.ni.dll (70656)
PCGConfiguration.ni.dll (77824)
Interop.IWshRuntimeLibrary.ni.dll (100864)
PCGCatalogItemCache.ni.dll (112128)
PCGUpgrader.ni.dll (163328)
PCGAppControlPluginLoader.ni.dll (178688)
PCGWuInfo.ni.dll (202240)
PCGDriverProbe.ni.dll (259584)
PCGPrestoSerializer.ni.dll (267264)
PCGBootVisualizingCore.ni.dll (338944)
PCGSAProbe.ni.dll (347136)
PCGCatalogItemFootprint.ni.dll (361472)
Soluto.SignalR.Client35.ni.dll (505344)
Ionic.Zip.Reduced.ni.dll (596992)
SolutoCleanup.ni.dll (733696)
PCGDataAggregation.ni.dll (832512)
PCGClientCommunication.ni.dll (892416)
PCGBrowsersProbe.ni.dll (903680)
Upload Geschwindigkeit - 87 KB/s
Upload beendet - 22 hochgeladen, 0 fehlgeschlagen
Die hochgeladene(n) Datei(en) waren sauber.
Scan beendet - Kommunikation hat 80 Sek. gedauert
übertragene Daten - 6.84 MB gesendet, 0.99 KB empfangen
1044 Dateien und Module geprüft - 124 seconds
==============================================================================
aswMBR: Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-07-29 16:25:53
-----------------------------
16:25:53.843 OS Version: Windows 5.1.2600 Service Pack 3
16:25:53.843 Number of processors: 2 586 0x2302
16:25:53.843 ComputerName: ASUS-A8N UserName:
16:25:54.062 Initialize success
16:26:14.812 Disk 0 \Device\Harddisk0\DR0 -> \Device\Scsi\FancyRdPort0Path0Target0Lun0
16:26:14.812 Disk 0 Vendor: Romex___ 2011 Size: 1144MB BusType: 0
16:26:14.812 Disk 1 \Device\Harddisk1\DR1 -> \Device\0000008a
16:26:14.828 Disk 1 Vendor: SAMSUNG_SV1204H RK100-11 Size: 114498MB BusType: 3
16:26:14.828 Disk 2 (boot) \Device\Harddisk2\DR2 -> \Device\Scsi\nvgts1Port2Path0Target0Lun0
16:26:14.843 Disk 2 Vendor: KINGSTON 502A Size: 85857MB BusType: 3
16:26:14.843 Disk 3 \Device\Harddisk3\DR3 -> \Device\Scsi\nvgts2Port3Path0Target0Lun0
16:26:14.843 Disk 3 Vendor: WDC_WD50 05.0 Size: 476940MB BusType: 3
16:26:14.843 Disk 4 \Device\Harddisk4\DR16 -> \Device\000000a5
16:26:14.859 Disk 4 Vendor: Size: 476940MB BusType: 0
16:26:14.859 Disk 5 \Device\Harddisk5\DR18 -> \Device\000000c8
16:26:14.859 Disk 5 Vendor: Size: 476940MB BusType: 0
16:26:15.046 Disk 2 MBR read successfully
16:26:15.078 Disk 2 MBR scan
16:26:15.093 Disk 2 unknown MBR code
16:26:15.109 Disk 2 Partition 1 80 (A) 07 HPFS/NTFS NTFS 26349 MB offset 332640
16:26:15.140 Disk 2 Partition - 00 0F Extended LBA 85847 MB offset 15120
16:26:15.187 Disk 2 Partition 2 00 16 Hidd FAT16 BOOTWIZ0 155 MB offset 15183
16:26:15.187 Disk 2 Partition - 00 05 Extended 6157 MB offset 54295920
16:26:15.218 Disk 2 Partition 3 00 07 HPFS/NTFS NTFS 6157 MB offset 54295983
16:26:15.250 Disk 2 Partition - 00 05 Extended 21535 MB offset 121186800
16:26:15.281 Disk 2 Partition 4 00 07 HPFS/NTFS NTFS 21535 MB offset 66906063
16:26:15.312 Disk 2 Partition - 00 05 Extended 31650 MB offset 177901920
16:26:15.359 Disk 2 Partition 5 00 07 HPFS/NTFS NTFS 31650 MB offset 111011103
16:26:15.406 Disk 2 scanning sectors +175830480
16:26:15.609 Disk 2 scanning C:\WINDOWS\system32\drivers
16:27:05.359 Service scanning
16:27:21.703 Modules scanning
16:28:53.171 Disk 2 trace - called modules:
16:28:53.187 ntkrnlpa.exe fltsrv.sys hal.dll tdrpman.sys CLASSPNP.SYS disk.sys vidsflt.sys ACPI.sys SCSIPORT.SYS nvgts.sys
16:28:53.203 1 nt!IofCallDriver -> \Device\Harddisk2\DR2[0x8ac47ab8]
16:28:53.203 3 CLASSPNP.SYS[f74c7fd7] -> nt!IofCallDriver -> [0x8ac15d50]
16:28:53.203 5 vidsflt.sys[f733dd9b] -> nt!IofCallDriver -> \Device\0000008c[0x8aca68c0]
16:28:53.203 7 ACPI.sys[f735d620] -> nt!IofCallDriver -> \Device\Scsi\nvgts1Port2Path0Target0Lun0[0x8ac65a38]
16:28:53.203 Scan finished successfully
16:38:12.296 Disk 2 MBR has been saved successfully to "C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\MBR.dat"
16:38:12.343 The log file has been saved successfully to "C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\aswMBR Scan Ergebnisse.txt"
Ich hoffe, ich habe mit den Infos alles richtig gemacht.... Geändert von Eule69 (29.07.2013 um 15:40 Uhr) Grund: weitere Infos |
|
29.07.2013, 15:27
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Immer wieder Abstürze einfach so - WIN XP SP3 Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
29.07.2013, 15:49
| #5 |
| | Immer wieder Abstürze einfach so - WIN XP SP3 FSRT: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-07-2013
Ran by Elmar-Admin (administrator) on 29-07-2013 16:41:33
Running from E:\_ dropbox _\Dropbox\_ install new\__new
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Acronis) C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
(Softwareentwicklung Remus - ArchiCrypt) C:\WINDOWS\system32\ACRAMDiskHandlerService32RD3.exe
(Outertech) D:\_faster\CachemanXP\CachemanXP.exe
(zett42) D:\_improve system\Flashfolder\FlashFolder.exe
(Microsoft Corporation) C:\WINDOWS\system32\locator.exe
(Acronis) C:\Programme\Gemeinsame Dateien\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corporation) C:\Programme\Microsoft IntelliType Pro\itype.exe
() D:\_improve system\MMTaskbar 3.0\MultiMon.exe
(DeskSoft) D:\_improve system\WindowManager\WindowManager.exe
(AnVir Software) Q:\_system improve\Anvir TaskManager Pro\anvir.exe
(Extensoft) D:\_improve system\Free Extended Task Manager\Extensions\TaskManager\ExtensionsTaskManager32.exe
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
(Mister Group) D:\_improve system\System Explorer\SystemExplorer.exe
(Mister Group) D:\_improve system\System Explorer\service\SystemExplorerService.exe
(hxxp://www.webtemp.org) C:\Programme\WebTemp\WebTemp.exe
(CPUID) C:\Programme\WebTemp\HWMonitor32.exe
(Elcor Software) C:\Programme\TweakRAM\TweakRAM.exe
(Bitsum) D:\_improve system\Process Lasso\ProcessLasso.exe
() D:\_backup\Desksave821\DeskSave.exe
() C:\Programme\Launchy\Launchy.exe
(Comfort Software Group) D:\_easywork\ComfortKeys\CKeys.exe
() D:\_easywork\activeaid\AutoHotkey\AutoHotkey.exe
() D:\_easywork\ComfortKeys\CKeysCm.exe
(Alexander Avdonin) Q:\_easywork\TaskSwitchXP\TaskSwitchXP.exe
() Q:\_easywork\WinSplit Revolution\WinSplit.exe
() Q:\_easywork\WinSplit Revolution\WinSplitDrvr32.exe
() D:\_improve system\RocketDock\RocketDock.exe
(ZabKat) D:\_filemanagement\xplorer² pro\xplorer2_UC.exe
(Bitsum) D:\_improve system\Process Lasso\ProcessGovernor.exe
() R:\_easywork\Everything\Everything.exe
(Ivan Heckman) Q:\_easywork\allsnap150beta\allsnap.exe
(NesterSoft Inc.) D:\_info\TimeLeft3\TimeLeft.exe
(aborange.de - Mathias Gerlach) D:\_improve system\aborange Scheduler\aboScheduler.exe
(shbox.de) C:\Programme\FreePDF_XP\fpassist.exe
(Acronis) C:\Programme\Gemeinsame Dateien\Acronis\TibMounter\TibMounterMonitor.exe
(Acronis) C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe
(Emsisoft GmbH) C:\Programme\Emsisoft Anti-Malware\a2service.exe
(Emsisoft GmbH) C:\Programme\Emsisoft Anti-Malware\a2guard.exe
(Microsoft Corporation) R:\Office 2003\OFFICE11\WINWORD.EXE
(Trend Micro Inc.) R:\z_temp\HouseCall\housecall.bin
(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe
(PortableApps.com) R:\GoogleChromePortable 28 final\GoogleChromePortable.exe
(Google Inc.) R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe
(Google Inc.) R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe
(Google Inc.) R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe
(Google Inc.) R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe
(Google Inc.) R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe
(Google Inc.) R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe
(Google Inc.) R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe
(Google Inc.) R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe
(Google Inc.) R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe
() E:\_ dropbox _\Dropbox\_ install new\__new\zvbvo2cp.exe
(Google Inc.) R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe
(Google Inc.) R:\GoogleChromePortable 28 final\App\Chrome-bin\chrome.exe
(Kaspersky Lab ZAO) E:\_ dropbox _\Dropbox\_ install new\__new\tdsskiller.exe
(JAM Software) D:\_filemanagement\TreeSize Professional 5.3.1\TreeSize.exe
(Acronis) D:\_backup\Acronis TI 2013\TrueImageHome\TrueImage.exe
(Acronis) C:\Programme\Gemeinsame Dateien\Acronis\TrueImageHome\TrueImageHomeNotify.exe
(Acronis) C:\Programme\Gemeinsame Dateien\Acronis\TrueImageHome\TrueImageHomeService.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [amd_dc_opt] - D:\_hardware\AMD Dual Core optimizer 1.1.4\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM\...\Run: [nwiz] - C:\Programme\NVIDIA Corporation\nview\nwiz.exe [2586912 2013-06-21] ()
HKLM\...\Run: [itype] - C:\Programme\Microsoft IntelliType Pro\itype.exe [1313640 2000-01-01] (Microsoft Corporation)
HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k [x]
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\programme\soluto\soluto.exe /userinit
Winlogon\Notify\AtiExtEvent:
Winlogon\Notify\AutorunsDisabled:
Winlogon\Notify\LBTWlgn: c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll [X]
Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation)
HKU\Default User\...\RunOnce: [_nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N [x]
HKU\UpdatusUser\...\RunOnce: [_nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N [x]
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\MultiMon Taskbar.lnk
ShortcutTarget: MultiMon Taskbar.lnk -> D:\_improve system\MMTaskbar 3.0\MultiMon.exe ()
Startup: C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\Autostart\WindowManager.lnk
ShortcutTarget: WindowManager.lnk -> D:\_improve system\WindowManager\WindowManager.exe (DeskSoft)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
StartMenuInternet: IEXPLORE.EXE - C:\Programme\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=395049983_134962_1A3A1AE6&ts=1373469190
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKCU - DefaultScope {46D457F8-DB4D-4929-8185-D24B6C1A694D} URL = hxxp://ecosia.org/search.php?q={searchTerms}&addon=opensearch
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - {46D457F8-DB4D-4929-8185-D24B6C1A694D} URL = hxxp://ecosia.org/search.php?q={searchTerms}&addon=opensearch
BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Programme\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\z_rest\Java 7.25 - 2\bin\ssv.dll (Oracle Corporation)
BHO: CmjBrowserHelperObject Object - {AC41D38F-B56D-40AD-94E0-B493D130C959} - D:\Programme\MindManager 6\Mm6InternetExplorer.dll (Mindjet)
BHO: ZeonIEEventHelper Class - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - D:\Programme\Nuance Paperport 14\PDFCreate\Bin\ZeonIEFavClient.dll (Zeon Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\z_rest\Java 7.25 - 2\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - DocuCom PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - D:\Programme\Nuance Paperport 14\PDFCreate\Bin\ZeonIEFavClient.dll (Zeon Corporation)
Toolbar: HKCU -&Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
Handler: AnVirDisabled - No CLSID Value -
Handler: ipp - No CLSID Value -
Handler: msdaipp - No CLSID Value -
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\75mu9wvt.default
FF user.js: detected! => C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\75mu9wvt.default\user.js
FF Homepage: user_pref("browser.startup.homepage", );
FF NewTab: about:blank
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - D:\_pdfs\PDF X-Change Viewer\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - D:\_pics\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - D:\z_rest\Java 7.25 - 2\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Programme\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Programme\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Programme\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.7 - D:\_show & listen\VLC Player\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: nuance.com/DragonRIAPlugin - C:\Programme\Nuance\NaturallySpeaking12\Program\npDgnRia.dll (Nuance Communications Inc.)
FF Plugin: ZEON/PDF,version=2.0 - D:\_pdfs\Nuance PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - D:\_pdfs\PDF X-Change Viewer\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Dokumente und Einstellungen\Elmar-Admin\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Dokumente und Einstellungen\Elmar-Admin\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Extension: No Name - C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF HKLM\...\Firefox\Extensions: [jid0-lmZNVK7a82O8cufhdfB9dUDfA2w@jetpack] C:\Programme\Nuance\NaturallySpeaking12\Program\ffShim.xpi
FF Extension: No Name - C:\Programme\Nuance\NaturallySpeaking12\Program\ffShim.xpi
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF StartMenuInternet: FIREFOX.EXE - F:\FirefoxPortable\App\Firefox\firefox.exe
========================== Services (Whitelisted) =================
R3 a2AntiMalware; C:\Programme\Emsisoft Anti-Malware\a2service.exe [2938408 2013-07-02] (Emsisoft GmbH)
R2 AcrSch2Svc; C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe [813576 2012-08-23] (Acronis)
S3 afcdpsrv; C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe [3729400 2013-07-29] (Acronis)
S4 AHDDC2; D:\_maintenance\Ashampoo HDD Control 2\AHDDC2_Service.exe [1518504 2012-07-30] ()
S4 AnvirRun; Q:\_system improve\Anvir TaskManager Pro\AnvirRunServ.exe [60600 2012-01-20] (AnVir Software)
R2 ArchiCrypt Ultimate RAM-Disk 3; C:\WINDOWS\system32\ACRAMDiskHandlerService32RD3.exe [343656 2012-10-08] (Softwareentwicklung Remus - ArchiCrypt)
S3 BootlogService; D:\_faster\BootLog XP\BootLogService.exe [65248 2009-12-04] (Greatis Software (c))
S4 BootRacerServ; C:\Programme\BootRacer\BootRacerServ.exe [65296 2012-05-31] (Greatis Software, LLC)
S3 BWMeterConSvc; D:\_faster\BWMeter\BWMeterConSvc.exe [62464 2013-07-08] ()
R2 CachemanXPService; D:\_faster\CachemanXP\CachemanXP.exe [316416 2009-05-24] (Outertech)
S4 cFosSpeedS; C:\Programme\cFosSpeed\spd.exe [438112 2013-04-19] (cFos Software GmbH)
S4 DfSdkS; D:\_maintenance\Ashampoo HDD Control 2\DfSdkS.exe [406016 2009-08-24] (mst software GmbH, Germany)
S4 DragonSvc; C:\Programme\Gemeinsame Dateien\Nuance\dgnsvc.exe [311184 2013-02-11] (Nuance Communications, Inc.)
S4 fexservice; D:\_filemanagement\FontExplorer X Pro\FontManagementServices.exe [48952 2013-06-10] (FontExplorer X)
R2 FlashFolder; D:\_improve system\Flashfolder\FlashFolder.exe [71680 2008-03-21] (zett42)
S4 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [116648 2013-07-01] (Google Inc.)
S4 HDDlife HDD Access service; C:\Programme\Gemeinsame Dateien\BinarySense\hldasvc.exe [2095368 2013-02-14] (BinarySense, Inc.)
S4 HitmanPro37CrusaderBoot; C:\Programme\HitmanPro\HitmanPro.exe [9171472 2013-06-16] (SurfRight B.V.)
S4 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation)
S4 KSS; C:\Programme\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)
S4 LBTServ; C:\Programme\Gemeinsame Dateien\LogiShrd\Bluetooth\lbtserv.exe [293144 2013-06-13] (Logitech, Inc.)
S2 MouseWithoutBordersSvc; C:\Programme\Microsoft Garage\Mouse without Borders\MouseWithoutBordersSvc.exe [27872 2012-12-28] (Microsoft)
S4 nvUpdatusService; C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1826592 2013-05-16] (NVIDIA Corporation)
S4 O&O CleverCache; D:\_faster\OO CleverCache\ooccag.exe [701768 2009-12-09] (O&O Software GmbH)
S4 OS Selector; D:\_maintenance\Acronis ADD 11\OSS\reinstall_svc.exe [2155848 2010-09-30] ()
S4 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [89136 2004-08-05] (Microsoft Corporation)
S4 PDFProFiltSrvPP; D:\Programme\Nuance Paperport 14\PaperPort\PDFProFiltSrvPP.exe [138600 2011-08-13] (Nuance Communications, Inc.)
S4 SDScannerService; D:\_security\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
S4 SDUpdateService; D:\_security\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
S4 SDWSCService; D:\_security\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
S4 Secunia PSI Agent; D:\_security\PSI 2.x\PSIA.exe [1227800 2013-04-18] (Secunia)
S2 SolutoLauncherService; C:\Programme\Soluto\SolutoLauncherService.exe [166976 2013-07-24] (Soluto)
S3 SolutoRemoteService; C:\Programme\Soluto\SolutoRemoteService.exe [1667072 2013-07-24] (GlavSoft LLC.)
S2 SolutoService; C:\Programme\Soluto\SolutoService.exe [798784 2013-07-24] (Soluto)
S4 SpyHunter 4 Service; C:\PROGRA~1\Enigma Software Group\SpyHunter\SH4Service.exe [770432 2013-06-27] (Enigma Software Group USA, LLC.)
S4 ST2012_Svc; C:\Programme\Spyware Terminator\st_rsser.exe [587912 2013-04-03] (Crawler.com)
R2 syncagentsrv; C:\Programme\Gemeinsame Dateien\Acronis\SyncAgent\syncagentsrv.exe [7027752 2012-08-18] (Acronis)
S4 Synergy; D:\_improve system\Synergy\synergyd.exe [318976 2013-04-12] ()
R3 SystemExplorerHelpService; D:\_improve system\System Explorer\service\SystemExplorerService.exe [567256 2012-11-25] (Mister Group)
S4 TeamViewer8; C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe [4153184 2013-07-08] (TeamViewer GmbH)
S3 UPHClean; D:\_maintenance\UPHClean\uphclean.exe [399872 2010-09-13] (Windows (R) Codename Longhorn DDK provider)
S4 USBSafelyRemoveService; D:\_improve system\USB Safely Remove 5.1.2\USBSRService.exe [1004888 2012-04-28] (Crystal Rich Ltd)
S4 vkservice; D:\_security\VirusKeeper 2011 Pro Probeversion\vk_service.exe [1121664 2009-09-24] (AxBx)
S4 WiseBootAssistant; D:\_tweak\Wise Care 365\BootTime.exe [580232 2013-04-25] (WiseCleaner.com)
S4 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-11-03] (Microsoft Corporation)
S4 WMZuneComm; D:\_hardware\Zune - Nokia 800\WMZuneComm.exe [268512 2011-08-05] (Microsoft Corporation)
S4 ZuneBusEnum; D:\_hardware\Zune - Nokia 800\ZuneBusEnum.exe [57056 2011-08-05] (Microsoft Corporation)
S4 ZuneNetworkSvc; D:\_hardware\Zune - Nokia 800\ZuneNss.exe [6363872 2011-08-05] (Microsoft Corporation)
S4 ZuneWlanCfgSvc; D:\_hardware\Zune - Nokia 800\ZuneWlanCfgSvc.exe [444640 2011-08-05] (Microsoft Corporation)
S4 JavaQuickStarterService; "D:\z_rest\Java 7.25 - 2\bin\jqs.exe" -service -config "D:\z_rest\Java 7.25 - 2\lib\deploy\jqs\jqs.conf" [x]
==================== Drivers (Whitelisted) ====================
R3 a2acc; C:\PROGRAMME\EMSISOFT ANTI-MALWARE\a2accx86.sys [54072 2012-04-30] (Emsisoft GmbH)
R1 A2DDA; C:\Programme\Emsisoft Anti-Malware\a2ddax86.sys [22056 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Programme\Emsisoft Anti-Malware\a2dix86.sys [37856 2012-04-30] (Emsisoft GmbH)
R1 a2util; C:\Programme\Emsisoft Anti-Malware\a2util32.sys [14432 2013-03-28] (Emsisoft GmbH)
R1 ACMoFlex32RD3; C:\WINDOWS\system32\drivers\ACMoFlex32RD3.sys [21608 2012-10-08] (Softwareentwicklung Remus - ArchiCrypt.com)
R3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [4122368 2000-01-01] (Realtek Semiconductor Corp.)
R1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [43008 2005-03-09] (Advanced Micro Devices)
R3 AmdLLD; C:\Windows\System32\DRIVERS\AmdLLD.sys [34304 2007-06-29] (AMD, Inc.)
S1 AmdPPM; C:\Windows\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [124504 2013-05-19] (SlySoft, Inc.)
S3 ArgusMonitor; C:\Windows\System32\drivers\ArgusMonitor.sys [47936 2013-05-27] (Argotronic UG (haftungsbeschraenkt))
R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [12400 2007-12-17] ()
R1 Aspi32; C:\Windows\System32\Drivers\Aspi32.sys [25244 2009-08-14] (Adaptec)
R1 BANTExt; C:\Windows\System32\Drivers\BANTExt.sys [3840 2008-02-27] ()
S3 BrScnUsb; C:\Windows\System32\Drivers\BrScnUsb.sys [15295 2004-10-15] (Brother Industries Ltd.)
R3 cFosSpeed; C:\Windows\System32\DRIVERS\cfosspeed.sys [1222496 2013-04-19] (cFos Software GmbH)
R3 cleanhlp; C:\Programme\Emsisoft Anti-Malware\cleanhlp32.sys [50208 2013-07-11] (Emsisoft GmbH)
R2 drhard; C:\Windows\System32\Drivers\drhard.sys [23600 2005-12-01] (Licensed for Gebhard Software)
S3 dsnpfd; C:\Windows\System32\DRIVERS\dsnpfd.sys [23040 2013-07-08] (DeskSoft)
R3 dsnpfdMP; C:\Windows\System32\DRIVERS\dsnpfd.sys [23040 2013-07-08] (DeskSoft)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [13896 2013-03-07] ()
S3 esgiguard; C:\Programme\Enigma Software Group\SpyHunter\esgiguard.sys [13904 2011-05-06] ()
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [19984 2012-06-22] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [9160 2013-03-07] ()
R0 FancyCcD; C:\Windows\System32\DRIVERS\rxfcd.sys [106176 2012-04-19] (Romex Software)
R0 FancyRd; C:\Windows\System32\DRIVERS\fancyrd.sys [156608 2012-04-19] (Romex Software)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Windows (R) Server 2003 DDK provider)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [30464 2013-06-16] ()
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO32.SYS [22560 2013-06-26] (REALiX(tm))
S2 LBeepKE; C:\Windows\System32\Drivers\LBeepKE.sys [10136 2013-05-23] (Logitech, Inc.)
R3 LEqdUsb; C:\Windows\System32\Drivers\LEqdUsb.Sys [42264 2013-05-23] (Logitech, Inc.)
R3 LHidEqd; C:\Windows\System32\Drivers\LHidEqd.Sys [10136 2013-05-23] (Logitech, Inc.)
R3 LMouFilt; C:\Windows\System32\DRIVERS\LMouFilt.Sys [37528 2013-05-23] (Logitech, Inc.)
S3 ms_mpu401; C:\Windows\System32\drivers\msmpu401.sys [2944 2001-08-17] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2013-04-15] ()
R0 nvata; C:\Windows\System32\DRIVERS\nvata.sys [100736 2006-04-24] (NVIDIA Corporation)
S3 nvax; C:\Windows\System32\drivers\nvax.sys [53376 2005-04-13] (NVIDIA Corporation)
S3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [54784 2008-08-01] (NVIDIA Corporation)
R0 nvgts; C:\Windows\System32\DRIVERS\nvgts.sys [145952 2008-11-12] (NVIDIA Corporation)
R3 NVHDA; C:\Windows\System32\drivers\nvhda32.sys [128672 2013-02-25] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [22016 2008-08-01] (NVIDIA Corporation)
S3 nvnforce; C:\Windows\System32\drivers\nvapu.sys [414464 2005-04-13] (NVIDIA Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-04-18] (Secunia)
S3 SANDRA; D:\_info\SiSoftware Sandra Lite 2013.SP4\WNt500x86\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 SIVDriver; C:\WINDOWS\system32\Drivers\SIVX32.sys [114296 2013-07-14] (Ray Hinchliffe)
R0 Soluto; C:\Windows\System32\DRIVERS\Soluto.sys [51144 2013-07-24] (Soluto LTD.)
R0 speedfan; C:\Windows\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
R1 sp_rsdrv2; C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [32768 2011-06-21] ()
R2 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [5504 2012-06-03] ()
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [25984 2011-01-08] (The OpenVPN Project)
R0 tdrpman; C:\Windows\System32\DRIVERS\tdrpman.sys [806184 2013-04-19] (Acronis)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [689672 2013-07-07] (Acronis)
R2 tmcomm; C:\WINDOWS\system32\drivers\tmcomm.sys [200976 2011-06-21] (Trend Micro Inc.)
R1 uigxrdr; C:\Windows\System32\DRIVERS\uigxrdr.sys [148992 2011-11-16] (1&1 Mail & Media GmbH)
R0 vididr; C:\Windows\System32\DRIVERS\vididr.sys [139336 2013-07-07] (Acronis)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [99720 2013-04-19] (Acronis)
R3 vulfnths; C:\Windows\System32\Drivers\vulfnth.sys [6912 2005-01-05] (VIA Technologies, Inc.)
R3 vulfntrs; C:\Windows\System32\Drivers\vulfntr.sys [11264 2005-06-06] (VIA Technologies, Inc.)
R3 yukonwxp; C:\Windows\System32\DRIVERS\yk51x86.sys [299424 2012-03-27] (Marvell)
R2 zumbus; C:\Windows\System32\DRIVERS\zumbus.sys [41472 2011-08-05] (Microsoft Corporation)
U4 CiSvc;
S3 cpuz126; \??\R:\z_temp\cpuz.sys [x]
R3 cpuz133; \??\R:\z_temp\cpuz133\cpuz133_x32.sys [x]
R3 cpuz136; \??\R:\z_temp\cpuz136\cpuz136_x32.sys [x]
S4 IntelIde; No ImagePath
U4 Messenger;
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [x]
U1 WS2IFSL;
U3 aswMBR; \??\R:\z_temp\aswMBR.sys [x]
U3 kwlyrpoc; \??\R:\z_temp\\kwlyrpoc.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-29 16:41 - 2013-07-29 16:42 - 00046416 ____C R:\z_temp\log3
2013-07-29 16:41 - 2013-07-29 16:42 - 00043319 ____C R:\z_temp\log1
2013-07-29 16:41 - 2013-07-29 16:41 - 00023042 ____C R:\z_temp\frstlog
2013-07-29 16:41 - 2013-07-29 16:41 - 00000366 ____C R:\z_temp\users00
2013-07-29 16:41 - 2013-07-29 16:41 - 00000003 ____C R:\z_temp\others
2013-07-29 16:41 - 2013-07-29 16:41 - 00000000 ____D C:\FRST
2013-07-29 16:38 - 2013-07-29 16:38 - 00003238 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\aswMBR Scan Ergebnisse.txt
2013-07-29 16:38 - 2013-07-29 16:38 - 00000512 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\MBR.dat
2013-07-29 16:31 - 2013-07-29 16:31 - 00000000 ___RC R:\z_temp\UI03MPQ8~DemonData.swapFile.dat~.itzamlock
2013-07-29 16:30 - 2013-07-29 16:30 - 00000000 ___RC R:\z_temp\Q4AAN7NS~DemonData.swapFile.dat~.itzamlock
2013-07-29 16:30 - 2013-07-29 16:30 - 00000000 ___RC R:\z_temp\P4EPS6DT~DemonData.swapFile.dat~.itzamlock
2013-07-29 16:30 - 2013-07-29 16:30 - 00000000 ___RC R:\z_temp\BRO4JVET~DemonData.swapFile.dat~.itzamlock
2013-07-29 16:30 - 2013-07-29 16:30 - 00000000 ___RC R:\z_temp\BNFT6F6J~DemonData.swapFile.dat~.itzamlock
2013-07-29 16:30 - 2013-07-29 16:30 - 00000000 ___RC R:\z_temp\A1SAVSJV~DemonData.swapFile.dat~.itzamlock
2013-07-29 16:30 - 2013-07-29 16:30 - 00000000 ___RC R:\z_temp\75JAR92I~DemonData.swapFile.dat~.itzamlock
2013-07-29 16:30 - 2013-07-29 16:30 - 00000000 ___RC R:\z_temp\47BE0NRD~DemonData.swapFile.dat~.itzamlock
2013-07-29 16:30 - 2013-07-29 16:30 - 00000000 ___RC R:\z_temp\1A3QJDR8~DemonData.swapFile.dat~.itzamlock
2013-07-29 16:27 - 2013-07-29 16:27 - 00000000 ___RC R:\z_temp\SOB2CO3C~DemonData.swapFile.dat~.itzamlock
2013-07-29 16:27 - 2013-07-29 16:27 - 00000000 ___RC R:\z_temp\Q143P7NK~DemonData.swapFile.dat~.itzamlock
2013-07-29 16:27 - 2013-07-29 16:27 - 00000000 ___RC R:\z_temp\GUM6ML24~DemonData.swapFile.dat~.itzamlock
2013-07-29 16:27 - 2013-07-29 16:27 - 00000000 ___RC R:\z_temp\FTT9G05Q~DemonData.swapFile.dat~.itzamlock
2013-07-29 16:26 - 2013-07-29 16:26 - 00000000 ___RC R:\z_temp\C2J0JK0J~DemonData.swapFile.dat~.itzamlock
2013-07-29 16:25 - 2013-07-29 16:38 - 00000000 ___DC R:\z_temp\_av4_
2013-07-29 16:25 - 2013-07-29 16:25 - 00000000 ___DC R:\z_temp\_avast4_
2013-07-29 15:50 - 2013-07-29 15:51 - 00004612 _____ C:\AdwCleaner[R1].txt
2013-07-29 15:48 - 2013-07-29 15:48 - 00000512 ___CT R:\z_temp\~DF89C2.tmp
2013-07-29 15:37 - 2013-07-29 15:37 - 00073800 __HCT R:\z_temp\etilqs_9CxRsk7EZJv76kv
2013-07-29 15:36 - 2013-07-29 15:36 - 00642283 ___CT R:\z_temp\nsa348.tmp
2013-07-29 15:36 - 2013-07-29 15:36 - 00016400 __HCT R:\z_temp\etilqs_dqD9JIRl5muoJvN
2013-07-29 15:36 - 2013-07-29 15:36 - 00008208 __HCT R:\z_temp\etilqs_hi18D1PMXqa6VlB
2013-07-29 15:36 - 2013-07-29 15:36 - 00000000 ___DC R:\z_temp\nsa34A.tmp
2013-07-29 15:36 - 2013-07-29 15:36 - 00000000 ___DC R:\z_temp\GoogleChromePortable
2013-07-29 15:30 - 2013-07-29 15:30 - 00000970 ____C R:\z_temp\LastScan.txt
2013-07-29 15:28 - 2013-07-29 15:28 - 00016384 ___CT R:\z_temp\~DFC00C.tmp
2013-07-29 15:28 - 2013-07-29 15:28 - 00016384 ___CT R:\z_temp\~DF8A30.tmp
2013-07-29 15:28 - 2013-07-29 15:28 - 00000000 ___DC R:\z_temp\cpuz136
2013-07-29 15:26 - 2013-07-29 15:26 - 00000000 ____D C:\Programme\ESET
2013-07-29 15:25 - 2013-07-29 15:25 - 00004860 ____C R:\z_temp\qs-de-utf16.txt
2013-07-29 15:23 - 2013-07-29 16:42 - 00000000 ___DC R:\z_temp\HouseCall
2013-07-29 15:23 - 2013-07-29 15:24 - 00007881 ____C R:\z_temp\HCLauncher.log
2013-07-29 15:23 - 2013-07-29 15:24 - 00000000 ___DC R:\z_temp\HCBackup
2013-07-29 15:19 - 2013-07-29 15:19 - 00000649 ____C C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\Entfernen des Avira DE-Cleaners.lnk
2013-07-29 15:19 - 2013-07-29 15:19 - 00000584 ____C C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\Avira DE-Cleaner.lnk
2013-07-29 15:19 - 2013-07-29 15:19 - 00000000 ___DC R:\z_temp\decleaner
2013-07-29 15:15 - 2013-07-29 15:29 - 00000000 ___DC R:\z_temp\tmp00003f6e
2013-07-29 15:14 - 2013-07-29 15:14 - 00000512 ___CT R:\z_temp\~DFE77F.tmp
2013-07-29 15:12 - 2013-07-29 16:05 - 00000172 ____C R:\z_temp\hostrules.ini
2013-07-29 15:12 - 2013-07-29 16:05 - 00000164 ____C R:\z_temp\rules.ini
2013-07-29 15:12 - 2013-07-29 16:05 - 00000000 ___DC R:\z_temp\a2temp
2013-07-29 15:11 - 2013-07-29 15:11 - 00000000 ___DC R:\z_temp\tmp00003c13
2013-07-29 15:09 - 2013-07-29 15:09 - 00016384 ___CT R:\z_temp\Perflib_Perfdata_b90.dat
2013-07-29 15:08 - 2013-07-29 15:08 - 00016384 ____C R:\z_temp\~DF9B8D.tmp
2013-07-29 15:07 - 2013-07-29 15:07 - 00016384 ___CT R:\z_temp\Perflib_Perfdata_f3c.dat
2013-07-29 15:07 - 2013-07-29 15:07 - 00016384 ___CT R:\z_temp\Perflib_Perfdata_dd8.dat
2013-07-29 15:07 - 2013-07-29 15:07 - 00016384 ___CT R:\z_temp\Perflib_Perfdata_ad8.dat
2013-07-29 15:07 - 2013-07-29 15:07 - 00016384 ___CT R:\z_temp\Perflib_Perfdata_83c.dat
2013-07-29 15:07 - 2013-07-29 15:07 - 00016384 ____C R:\z_temp\~DF7530.tmp
2013-07-29 15:07 - 2013-07-29 15:07 - 00000000 ___DC R:\z_temp\WPDNSE
2013-07-29 15:06 - 2013-07-29 15:06 - 00016384 ___CT R:\z_temp\Perflib_Perfdata_380.dat
2013-07-29 15:01 - 2013-07-29 15:01 - 00005632 ___CT (Tarma Software Research Pty Ltd) R:\z_temp\_TinDel.exe
2013-07-29 14:46 - 2013-07-29 14:46 - 00000000 ___DC R:\z_temp\jrt
2013-07-29 14:37 - 2013-07-29 14:37 - 00000000 ___RC R:\z_temp\OK2OMASH~DemonData.swapFile.dat~.itzamlock
2013-07-29 14:37 - 2013-07-29 14:37 - 00000000 ___RC R:\z_temp\2M2U3AOK~DemonData.swapFile.dat~.itzamlock
2013-07-29 14:30 - 2013-07-29 14:30 - 00000000 ___RC R:\z_temp\B94K03DJ~DemonData.swapFile.dat~.itzamlock
2013-07-29 14:28 - 2013-07-29 14:30 - 02469066 ___CT R:\z_temp\QVIRDOTD~DemonData.swapFile.dat~
2013-07-29 14:28 - 2013-07-29 14:30 - 00000644 ___CT R:\z_temp\FMM0ADKP~DemonData.swapFile.dat~
2013-07-29 14:28 - 2013-07-29 14:28 - 00000000 ___RC R:\z_temp\QVIRDOTD~DemonData.swapFile.dat~.itzamlock
2013-07-29 14:17 - 2013-07-29 14:17 - 00001770 ____C R:\z_temp\Rar$LS0.973
2013-07-29 13:45 - 2013-07-29 13:45 - 00000000 ___DC R:\z_temp\AcronisUpdates
2013-07-29 13:42 - 2013-07-29 13:42 - 00000000 ___DC R:\z_temp\Acronis
2013-07-29 13:42 - 2013-07-29 13:42 - 00000000 ___DC R:\z_temp\3D81E9D3-086F-414D-85B0-8BF84D647042
2013-07-29 13:42 - 2013-07-29 13:42 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\2F2FCA96-760A-439F-B89D-CDC8D40CA90C
2013-07-29 13:42 - 2013-07-07 01:46 - 00689672 ____C (Acronis) R:\z_temp\284FA982-B8E0-44DF-9F05-0C11815B9A64
2013-07-29 13:42 - 2013-07-07 01:46 - 00139336 ____C (Acronis) R:\z_temp\827824D0-7A8B-4E09-B55A-885840080A00
2013-07-29 13:42 - 2013-04-19 01:12 - 00192904 ____C (Acronis) R:\z_temp\5DAD7C65-C7B2-4ECC-A72E-6BCEF63A6B0D
2013-07-29 13:42 - 2013-04-19 01:12 - 00099720 ____C (Acronis) R:\z_temp\FD6AC45C-56FB-4CA3-A06C-B65692C123D5
2013-07-29 13:42 - 2013-04-19 01:12 - 00093928 ____C (Acronis) R:\z_temp\697C7BE5-62BB-460D-84FA-01B7074B8DF8
2013-07-29 13:41 - 2013-07-29 13:45 - 00000481 ____C R:\z_temp\installerui-163448EE-6E1C-4D40-BFCC-D3EBD89DA93E.log
2013-07-29 13:41 - 2013-07-29 13:41 - 00000000 ___DC R:\z_temp\06FF2D8C-1B97-4FCF-B244-1E87AC858D62
2013-07-29 13:40 - 2013-07-29 13:46 - 00000000 ___DC R:\z_temp\2A46EF9B-1773-4EC4-BC99-292BD4249341
2013-07-29 13:33 - 2013-07-29 13:33 - 00000000 ___RC R:\z_temp\SHM3VO78~DemonData.swapFile.dat~.itzamlock
2013-07-29 13:33 - 2013-07-29 13:33 - 00000000 ___RC R:\z_temp\S29GQ3JH~DemonData.swapFile.dat~.itzamlock
2013-07-29 13:33 - 2013-07-29 13:33 - 00000000 ___RC R:\z_temp\PN1H1VGA~DemonData.swapFile.dat~.itzamlock
2013-07-29 13:33 - 2013-07-29 13:33 - 00000000 ___RC R:\z_temp\G1K6O1V5~DemonData.swapFile.dat~.itzamlock
2013-07-29 13:33 - 2013-07-29 13:33 - 00000000 ___RC R:\z_temp\E3SLBGER~DemonData.swapFile.dat~.itzamlock
2013-07-29 13:33 - 2013-07-29 13:33 - 00000000 ___RC R:\z_temp\AANE815L~DemonData.swapFile.dat~.itzamlock
2013-07-29 13:29 - 2013-07-29 13:29 - 00093441 ____C R:\z_temp\{A452BE11-CE60-4A02-B0C3-D2C51771A8A0}-30.0.1580.0_chrome_installer.exe
2013-07-29 13:04 - 2013-07-29 13:04 - 00000000 ___RC R:\z_temp\NG66PQSM~DemonData.swapFile.dat~.itzamlock
2013-07-29 13:04 - 2013-07-29 13:04 - 00000000 ___RC R:\z_temp\JGVJH7IA~DemonData.swapFile.dat~.itzamlock
2013-07-29 13:04 - 2013-07-29 13:04 - 00000000 ___RC R:\z_temp\AHIG0QGE~DemonData.swapFile.dat~.itzamlock
2013-07-29 13:04 - 2013-07-29 13:04 - 00000000 ___RC R:\z_temp\49M5MJ3F~DemonData.swapFile.dat~.itzamlock
2013-07-29 13:04 - 2013-07-29 13:04 - 00000000 ___RC R:\z_temp\3U5VSFO9~DemonData.swapFile.dat~.itzamlock
2013-07-29 12:41 - 2013-07-29 12:41 - 00000251 _____ C:\voxFcoldrv.log
2013-07-29 12:39 - 2013-07-29 15:46 - 00000000 ___DC R:\z_temp\msohtml1
2013-07-29 12:39 - 2013-07-29 12:39 - 00000000 ___DC R:\z_temp\msohtml
2013-07-29 12:31 - 2013-07-29 12:31 - 00000000 ___DC R:\z_temp\comtypes_cache
2013-07-29 12:30 - 2013-07-29 12:30 - 00000000 ___DC R:\z_temp\VBE
2013-07-29 12:28 - 2013-07-29 12:28 - 03876956 ____C R:\z_temp\MSI2622d.LOG
2013-07-29 12:28 - 2013-07-29 12:28 - 03876956 ____C R:\z_temp\MSI2622c.LOG
2013-07-29 12:27 - 2013-07-29 12:28 - 03909408 ____C R:\z_temp\MSI2622b.LOG
2013-07-29 12:23 - 2013-07-29 15:06 - 00000483 ____C R:\z_temp\WGAErrLog.txt
2013-07-29 12:04 - 2013-07-29 12:04 - 00042080 ____C (Somoto Ltd.) R:\z_temp\bi_cleaner.exe
2013-07-29 12:04 - 2013-07-29 12:04 - 00028452 ____C R:\z_temp\MSIfc944.LOG
2013-07-29 12:00 - 2013-07-29 12:00 - 00016384 ___CT R:\z_temp\Perflib_Perfdata_64c.dat
2013-07-29 11:53 - 2013-07-29 11:53 - 00000645 ____C C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\ev.lnk
2013-07-29 11:52 - 2013-07-29 11:52 - 00000000 ___DC R:\z_temp\CRX_75DAF8CB7768
2013-07-29 11:46 - 2013-07-29 11:46 - 00642283 ___CT R:\z_temp\nstF.tmp
2013-07-29 11:46 - 2013-07-29 11:46 - 00049200 __HCT R:\z_temp\etilqs_YGtswQEme6GwC7I
2013-07-29 11:46 - 2013-07-29 11:46 - 00016400 __HCT R:\z_temp\etilqs_hRX3p5LDEplCwmC
2013-07-29 11:46 - 2013-07-29 11:46 - 00002052 __HCT R:\z_temp\etilqs_TqgAXa6KUlWfG84
2013-07-29 11:34 - 2013-07-29 11:34 - 00016384 ___CT R:\z_temp\Perflib_Perfdata_620.dat
2013-07-29 11:31 - 2013-07-29 11:31 - 00016384 ___CT R:\z_temp\Perflib_Perfdata_920.dat
2013-07-29 11:19 - 2013-07-29 11:19 - 44467068 _____ C:\WINDOWS\MEMORY.zip
2013-07-29 11:13 - 2013-07-29 11:13 - 00065536 _____ C:\WINDOWS\Minidump\Mini072913-01.dmp
2013-07-29 11:12 - 2013-07-29 11:13 - 00000000 ____D C:\WINDOWS\Minidump
2013-07-28 23:03 - 2013-07-28 23:13 - 00000510 __RSH C:\Dokumente und Einstellungen\Elmar-Admin\ntuser.pol
2013-07-28 20:26 - 2013-07-29 11:12 - 164388864 _____ C:\WINDOWS\MEMORY.DMP
2013-07-28 19:53 - 2013-07-28 19:53 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\HD Tune Pro
2013-07-28 18:26 - 2013-07-28 18:29 - 00002919 _____ C:\WINDOWS\KB2686509.log
2013-07-28 18:26 - 2013-07-28 18:29 - 00000094 _____ C:\WINDOWS\faultykeyboard.log
2013-07-28 18:02 - 2005-06-06 17:51 - 00011264 _____ (VIA Technologies, Inc.) C:\WINDOWS\system32\Drivers\vulfntr.sys
2013-07-28 18:02 - 2005-01-05 18:02 - 00006912 _____ (VIA Technologies, Inc.) C:\WINDOWS\system32\Drivers\vulfnth.sys
2013-07-28 17:32 - 2013-07-28 17:32 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\tor
2013-07-28 17:13 - 2013-07-28 17:13 - 00000000 ____D C:\Programme\Tor
2013-07-28 17:08 - 2013-07-28 17:08 - 00000673 _____ C:\Dokumente und Einstellungen\All Users\Desktop\RadarSync PC Updater.lnk
2013-07-28 17:08 - 2013-07-28 17:08 - 00000000 ____D C:\Programme\RadarSync
2013-07-28 17:08 - 2013-07-28 17:08 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\RadarSync
2013-07-28 16:18 - 2008-07-29 12:33 - 00446464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvunrm.exe
2013-07-28 16:18 - 2008-07-29 12:30 - 00006045 _____ C:\WINDOWS\system32\nvnrm.nvu
2013-07-28 16:18 - 2008-07-08 00:45 - 00004984 _____ C:\WINDOWS\system32\Drivers\nvphy.bin
2013-07-28 12:41 - 2013-07-29 13:42 - 00792576 _____ C:\WINDOWS\setupapi.log
2013-07-28 12:18 - 2013-07-28 12:18 - 00000000 ____D C:\VITSOFT
2013-07-28 03:49 - 2013-07-28 03:49 - 00940794 _____ C:\WINDOWS\system32\LoopyMusic.wav
2013-07-28 03:49 - 2013-07-28 03:49 - 00146650 _____ C:\WINDOWS\system32\BuzzingBee.wav
2013-07-28 03:49 - 2013-07-28 03:49 - 00060416 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\ALCFDRTM.VER
2013-07-28 03:49 - 2013-07-28 03:49 - 00060416 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\ALCFDRTM.EXE
2013-07-28 03:49 - 2013-07-28 03:49 - 00000000 ____D C:\WINDOWS\system32\Lang
2013-07-28 03:44 - 2003-10-03 16:28 - 00045056 _____ C:\WINDOWS\system32\vusetup.dll
2013-07-28 03:37 - 2013-07-28 03:37 - 00000000 ____D C:\Programme\Realtek AC97
2013-07-28 03:24 - 2013-07-28 03:24 - 00000000 ____D C:\Programme\Microsoft Garage
2013-07-28 03:22 - 2013-07-28 03:22 - 00000000 ____D C:\Programme\Soluto
2013-07-28 03:20 - 2013-07-28 03:20 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\Everything
2013-07-28 02:56 - 2013-07-28 03:46 - 186187776 _____ C:\LogFile.Etl
2013-07-28 02:40 - 2010-03-03 16:36 - 00600680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NVUNINST.EXE
2013-07-28 01:29 - 2013-07-28 21:38 - 00103824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-07-28 00:28 - 2006-06-29 13:07 - 00014048 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsg2.dll
2013-07-28 00:08 - 2013-07-28 00:08 - 00000565 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\3360x2560_20130728.dsv
2013-07-27 23:52 - 2013-07-27 23:52 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\NVIDIA
2013-07-27 22:44 - 2013-07-27 22:44 - 00000000 ____D C:\Programme\AGEIA Technologies
2013-07-27 22:41 - 2013-07-27 22:41 - 00000000 ____D C:\Programme\Logitech
2013-07-27 22:20 - 2013-06-21 14:02 - 20197376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglnt.dll
2013-07-27 22:20 - 2013-06-21 14:02 - 17551360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2013-07-27 22:20 - 2013-06-21 14:02 - 10973504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nv4_mini.sys
2013-07-27 22:20 - 2013-06-21 14:02 - 07663616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2013-07-27 22:20 - 2013-06-21 14:02 - 06320128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2013-07-27 22:20 - 2013-06-21 14:02 - 04014592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv4_disp.dll
2013-07-27 22:20 - 2013-06-21 14:02 - 02783008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2013-07-27 22:20 - 2013-06-21 14:02 - 02548736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi.dll
2013-07-27 22:20 - 2013-06-21 14:02 - 02002720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2013-07-27 22:20 - 2013-06-21 14:02 - 01024288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco3232049.dll
2013-07-27 22:20 - 2013-06-21 14:02 - 00893728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco3232049.dll
2013-07-27 22:20 - 2013-06-21 14:02 - 00017134 _____ C:\WINDOWS\system32\nvinfo.pb
2013-07-27 22:20 - 2013-06-21 11:56 - 00335872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrshe.dll
2013-07-27 22:20 - 2013-06-21 11:56 - 00335872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsar.dll
2013-07-27 22:20 - 2013-06-21 11:56 - 00286720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsfr.dll
2013-07-27 22:20 - 2013-06-21 11:56 - 00282624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsit.dll
2013-07-27 22:20 - 2013-06-21 11:56 - 00282624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrses.dll
2013-07-27 22:20 - 2013-06-21 11:56 - 00282624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsel.dll
2013-07-27 22:20 - 2013-06-21 11:56 - 00278528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsde.dll
2013-07-27 22:20 - 2013-06-21 11:56 - 00274432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrspt.dll
2013-07-27 22:20 - 2013-06-21 11:56 - 00274432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsnl.dll
2013-07-27 22:20 - 2013-06-21 11:56 - 00274432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsja.dll
2013-07-27 22:20 - 2013-06-21 11:56 - 00274432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsesm.dll
2013-07-27 22:20 - 2013-06-21 11:56 - 00270336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsru.dll
2013-07-27 22:20 - 2013-06-21 11:56 - 00270336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsptb.dll
2013-07-27 22:20 - 2013-06-21 11:56 - 00266240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsko.dll
2013-07-27 22:20 - 2013-06-21 11:56 - 00262144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrshu.dll
2013-07-27 22:20 - 2013-06-21 11:56 - 00258048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrstr.dll
2013-07-27 22:20 - 2013-06-21 11:56 - 00258048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrssl.dll
2013-07-27 22:20 - 2013-06-21 11:56 - 00258048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrssk.dll
2013-07-27 22:20 - 2013-06-21 11:56 - 00258048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrspl.dll
2013-07-27 22:20 - 2013-06-21 11:56 - 00253952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsth.dll
2013-07-27 22:20 - 2013-06-21 11:56 - 00253952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrssv.dll
2013-07-27 22:20 - 2013-06-21 11:56 - 00253952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsno.dll
2013-07-27 22:20 - 2013-06-21 11:56 - 00253952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsda.dll
2013-07-27 22:20 - 2013-06-21 11:56 - 00249856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsfi.dll
2013-07-27 22:20 - 2013-06-21 11:56 - 00249856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrseng.dll
2013-07-27 22:20 - 2013-06-21 11:56 - 00249856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrscs.dll
2013-07-27 22:20 - 2013-06-21 11:56 - 00229376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrszhc.dll
2013-07-27 22:20 - 2013-06-21 11:56 - 00126976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrszht.dll
2013-07-27 22:20 - 2013-06-21 11:54 - 15677728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2013-07-27 22:20 - 2013-06-21 11:54 - 00223008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2013-07-27 22:20 - 2013-06-21 11:54 - 00156960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
2013-07-27 22:20 - 2013-06-21 11:54 - 00144160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcolor.exe
2013-07-27 22:20 - 2013-06-21 11:54 - 00054272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwddi.dll
2013-07-27 22:20 - 2013-02-25 07:27 - 00128672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda32.sys
2013-07-27 22:20 - 2013-02-25 07:27 - 00028448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap32.dll
2013-07-27 22:20 - 2013-01-29 10:35 - 00892704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco3220103.dll
2013-07-27 22:19 - 2013-07-28 16:53 - 00000000 ____D C:\Programme\NVIDIA Corporation
2013-07-27 22:15 - 2013-07-27 22:42 - 00016400 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2013-07-27 22:02 - 2013-07-27 22:02 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\DriverEasy
2013-07-27 21:48 - 2013-07-27 21:48 - 00000000 ____D C:\Programme\1-click run
2013-07-27 20:14 - 2013-07-27 20:14 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\VITSOFT
2013-07-27 19:41 - 2013-07-27 19:41 - 00000000 ____D C:\Programme\MSBuild
2013-07-27 19:12 - 2000-01-01 02:00 - 00147456 _____ () C:\WINDOWS\system32\RtlCPAPI.dll
2013-07-27 17:46 - 2013-07-29 16:07 - 00008456 _____ C:\WINDOWS\system32\nvAppTimestamps
2013-07-27 17:42 - 2013-07-27 22:20 - 00000190 ___SH C:\Dokumente und Einstellungen\UpdatusUser\ntuser.ini
2013-07-27 17:42 - 2013-07-08 19:27 - 00000000 __SHD C:\Dokumente und Einstellungen\UpdatusUser\IETldCache
2013-07-27 17:42 - 2013-04-19 01:58 - 00000000 ___RD C:\Dokumente und Einstellungen\UpdatusUser\Startmenü
2013-07-27 17:42 - 2013-04-19 01:58 - 00000000 ___HD C:\Dokumente und Einstellungen\UpdatusUser\Netzwerkumgebung
2013-07-27 17:42 - 2013-04-19 01:58 - 00000000 ___HD C:\Dokumente und Einstellungen\UpdatusUser\Druckumgebung
2013-07-27 16:55 - 2013-07-27 16:55 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\C6B73907-D4E8-4912-BC6D-FDD054C6F0E2
2013-07-27 13:10 - 2013-07-27 13:10 - 00000967 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\FSB 215 - 291.nbr
2013-07-26 23:25 - 2013-07-26 23:25 - 00001113 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\3360x2560_20130726[1].dsv
2013-07-26 23:00 - 2013-07-26 23:00 - 00000603 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\Arora.lnk
2013-07-26 22:46 - 2013-07-26 22:46 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\AnyDVDHD
2013-07-26 19:33 - 2012-04-19 19:26 - 00106176 _____ (Romex Software) C:\WINDOWS\system32\Drivers\rxfcd.sys
2013-07-26 14:24 - 2013-07-26 14:24 - 00001289 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\3360x2560_20130726.dsv
2013-07-26 14:06 - 2007-06-29 14:47 - 00034304 _____ (AMD, Inc.) C:\WINDOWS\system32\Drivers\AmdLLD.sys
2013-07-25 19:25 - 2007-04-09 13:23 - 00028040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdimon.dll
2013-07-25 19:07 - 2013-07-25 19:35 - 00131072 _____ C:\Dokumente und Einstellungen\Elmar-Admin\fbchathistory.dat
2013-07-25 14:48 - 2013-07-25 14:48 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Greenshot
2013-07-24 18:39 - 2013-07-24 18:39 - 00000000 ____D C:\Programme\Kaspersky Lab
2013-07-24 18:39 - 2013-07-24 18:39 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\Kaspersky Security Scan
2013-07-24 10:23 - 2013-07-24 10:23 - 00000000 ___HD C:\BJPrinter
2013-07-24 01:24 - 2013-07-28 00:46 - 00002447 ____C C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\cy.lnk
2013-07-23 10:41 - 2013-07-29 00:19 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\.VirtualBox
2013-07-23 09:56 - 2013-07-27 22:42 - 01148048 _____ C:\WINDOWS\setupapi.log.0.old
2013-07-23 01:29 - 2013-07-23 01:29 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\GlarySoft
2013-07-23 01:21 - 2013-07-23 01:21 - 00000318 _____ C:\WINDOWS\Tasks\GlaryInitialize 3.job
2013-07-22 13:32 - 2013-07-22 13:33 - 00000000 ____D C:\WINDOWS\system32\NtmsData
2013-07-22 12:02 - 2013-07-22 12:02 - 00000967 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\110% - 298.nbr
2013-07-21 14:24 - 2013-07-22 11:31 - 00065536 _____ C:\WINDOWS\system32\config\iolo App.evt
2013-07-21 14:24 - 2013-07-21 14:24 - 00074703 _____ C:\WINDOWS\system32\mfc45.dat
2013-07-21 14:24 - 2013-07-21 14:24 - 00000000 ____D C:\Programme\iolo
2013-07-20 17:05 - 2013-07-20 17:05 - 00000529 ____C C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\fp.lnk
2013-07-19 21:11 - 2013-07-19 21:11 - 00000967 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\285- 108% - all running.nbr
2013-07-19 21:06 - 2013-07-19 21:09 - 00000967 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\271 - 108% - nothing running.nbr
2013-07-19 20:59 - 2013-07-19 20:59 - 00000967 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\295 - 108% - nothing running.nbr
2013-07-19 20:57 - 2013-07-19 20:57 - 00000967 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\291 - 108% - nothing running.nbr
2013-07-19 20:54 - 2013-07-19 20:54 - 00000967 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\285 - 206 MHz - nothing running.nbr
2013-07-19 14:43 - 2013-07-19 14:43 - 00000000 ____D C:\Programme\Gemeinsame Dateien\RBSoft
2013-07-19 00:38 - 2013-07-19 00:38 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_ZuneDriver_01_09_00.Wdf
2013-07-19 00:38 - 2013-07-19 00:38 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____H C:\WINDOWS\system32\Drivers\MsftWdf_user_01_09_00.Wdf
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\zh-TW
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\zh-CN
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\sv-SE
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\ru-RU
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\pt-PT
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\pt-BR
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\pl-PL
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\nl-NL
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\nb-NO
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\ms-MY
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\ko-KR
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\ja-JP
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\it-IT
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\hu-HU
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\fr-FR
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\fi-FI
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\el-GR
2013-07-19 00:33 - 2013-07-19 00:33 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_zumbus_01009.Wdf
2013-07-18 23:59 - 2013-07-18 23:59 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\PC Suite
2013-07-18 23:57 - 2013-07-18 23:57 - 00000000 ____D C:\Programme\DIFX
2013-07-18 23:56 - 2013-01-23 10:31 - 00075264 _____ (Nokia) C:\WINDOWS\system32\nmwcdcls.dll
2013-07-18 19:24 - 2013-07-18 19:24 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\TrojanHunter
2013-07-18 19:17 - 2013-07-18 19:17 - 00059392 ____R C:\WINDOWS\system32\streamhlp.dll
2013-07-18 12:19 - 2013-04-09 15:13 - 00095416 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll
2013-07-18 12:19 - 2012-05-05 11:54 - 00137000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMAPI32.OCX
2013-07-18 12:19 - 2012-05-05 11:54 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPIDE.DLL
2013-07-18 12:19 - 1998-07-06 18:56 - 00125712 _____ (Microsoft Corporation) C:\WINDOWS\system32\VB6DE.DLL
2013-07-18 12:19 - 1998-07-06 18:55 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSCMCDE.DLL
2013-07-18 12:19 - 1998-07-06 18:55 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSCC2DE.DLL
2013-07-17 16:45 - 2013-07-23 10:37 - 00000000 ____D C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\ad
2013-07-17 16:42 - 2013-07-20 17:24 - 00000190 ___SH C:\Dokumente und Einstellungen\Dragnon NeuerUser\ntuser.ini
2013-07-17 16:42 - 2013-07-08 19:27 - 00000000 __SHD C:\Dokumente und Einstellungen\Dragnon NeuerUser\IETldCache
2013-07-17 16:42 - 2013-04-19 01:58 - 00000000 ___RD C:\Dokumente und Einstellungen\Dragnon NeuerUser\Startmenü
2013-07-17 16:42 - 2013-04-19 01:58 - 00000000 ___HD C:\Dokumente und Einstellungen\Dragnon NeuerUser\Netzwerkumgebung
2013-07-17 16:42 - 2013-04-19 01:58 - 00000000 ___HD C:\Dokumente und Einstellungen\Dragnon NeuerUser\Druckumgebung
2013-07-17 16:42 - 2008-04-14 08:52 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpns.dll
2013-07-17 15:41 - 2013-07-17 15:41 - 00000188 ____C C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\5300-2.lnk
2013-07-17 15:41 - 2013-07-17 15:41 - 00000188 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\60er.lnk
2013-07-17 15:09 - 2013-07-17 15:09 - 00000000 ____D C:\WINDOWS\ERUNT
2013-07-16 19:47 - 2013-07-28 21:07 - 00000000 ____D C:\Programme\Microsoft IntelliType Pro
2013-07-16 19:07 - 2013-07-16 19:07 - 00000174 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\Drucker hinzufügen.lnk
2013-07-16 14:17 - 2013-07-28 21:20 - 00000000 ___DC C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\MouseWithoutBorders
2013-07-16 13:35 - 2013-07-16 13:35 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\IGC
2013-07-16 13:35 - 2013-07-16 13:35 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\IGC
2013-07-16 13:35 - 2003-05-28 13:19 - 00245408 _____ (Microsoft Corporation) C:\WINDOWS\system32\unicows.dll
2013-07-16 11:24 - 2013-07-16 11:24 - 00001819 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\SyncSettings - R -- E-Dropbox - Backup - Q.ffs_batch
2013-07-16 11:24 - 2013-07-16 11:24 - 00001791 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\SyncSettings - R -- E-Dropbox - Backup - Q.ffs_gui
2013-07-16 10:24 - 2013-07-16 10:24 - 00000967 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\300 - 108% - nicht NOS.nbr
2013-07-16 02:00 - 2013-07-16 02:00 - 00000589 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\NovaBench.lnk
2013-07-16 01:58 - 2013-07-16 01:58 - 00000967 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\299 - 108% - nicht NOS.nbr
2013-07-16 01:38 - 2013-07-16 01:38 - 00000967 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\298 - 108%.nbr
2013-07-16 01:35 - 2013-07-16 01:35 - 00000967 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\293 - 105%.nbr
2013-07-16 01:33 - 2013-07-16 01:33 - 00000967 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\288 - 103%.nbr
2013-07-16 01:31 - 2013-07-16 01:31 - 00001445 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\Ai Booster v2.00.68.lnk
2013-07-16 01:29 - 2013-07-16 01:29 - 00000967 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\287 - 100%.nbr
2013-07-16 00:57 - 2008-01-04 13:34 - 00011832 _____ C:\WINDOWS\system32\Drivers\AsInsHelp64.sys
2013-07-16 00:57 - 2008-01-04 13:34 - 00010216 _____ C:\WINDOWS\system32\Drivers\AsInsHelp32.sys
2013-07-16 00:54 - 2013-07-28 14:12 - 00000000 _____ C:\WINDOWS\AS_Debug.txt
2013-07-16 00:53 - 2008-04-09 17:16 - 01052672 _____ (ASUSTeK) C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\cnq.exe
2013-07-16 00:53 - 2004-02-27 00:00 - 00962612 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42d.dll
2013-07-16 00:53 - 2004-02-17 00:00 - 00434252 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVCRTD.DLL
2013-07-16 00:51 - 2005-03-09 15:53 - 00043008 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AmdK8.sys
2013-07-16 00:32 - 2013-07-16 00:32 - 00001561 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\AI Suite v1.03.15.lnk
2013-07-16 00:31 - 2013-07-16 00:31 - 00000946 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\13.0x (X) 1.375V.lnk
2013-07-16 00:30 - 2013-07-16 00:30 - 00000938 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\12.5x (X).lnk
2013-07-15 23:45 - 2013-07-14 08:16 - 00114296 _____ (Ray Hinchliffe) C:\WINDOWS\system32\Drivers\SIVX32.sys
2013-07-15 15:02 - 2013-07-15 15:02 - 00000887 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\process explorer.lnk
2013-07-15 14:43 - 2013-07-15 14:43 - 00000540 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\wscc.lnk
2013-07-15 13:05 - 2013-07-28 02:31 - 00000000 ____D C:\Programme\Kyocera
2013-07-15 12:17 - 2012-03-29 07:25 - 00070144 _____ (KYOCERA Document Solutions Inc.) C:\WINDOWS\system32\KMPJLMN.DLL
2013-07-15 12:17 - 2008-05-15 12:58 - 00046877 _____ (KYOCERA MITA) C:\WINDOWS\system32\KM-PMKN.DLL
2013-07-15 01:22 - 2013-07-15 01:22 - 00000855 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\3360x2560_20130715.dsv
2013-07-15 00:24 - 2013-07-15 00:24 - 00001710 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\ad.lnk
2013-07-15 00:24 - 2013-07-15 00:24 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\7stacks
2013-07-14 14:29 - 2004-11-19 21:17 - 00054272 ____N (Brother Industries,Ltd.) C:\WINDOWS\system32\brinsstr.dll
2013-07-14 14:29 - 2004-11-18 15:32 - 00052224 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrNetSti.dll
2013-07-14 14:29 - 2004-11-16 16:51 - 00034816 _____ (Brother Industries,Ltd.) C:\WINDOWS\system32\BrWiaNCp.dll
2013-07-14 14:29 - 2004-11-12 11:28 - 00031744 _____ (Brother Industries,Ltd) C:\WINDOWS\system32\Brnsplg.dll
2013-07-14 14:29 - 2004-11-09 12:52 - 00163840 _____ (brother) C:\WINDOWS\system32\NSSearch.dll
2013-07-14 14:29 - 2003-12-11 09:32 - 00147456 _____ (Brother Industries,Ltd.) C:\WINDOWS\brunin03.dll
2013-07-14 14:29 - 2002-11-26 13:43 - 00106496 _____ C:\WINDOWS\system32\BrMuSNMP.dll
2013-07-13 22:04 - 2013-07-16 16:16 - 00000649 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\Entfernen des Avira DE-Cleaners.lnk
2013-07-13 22:04 - 2013-07-16 16:16 - 00000584 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\Avira DE-Cleaner.lnk
2013-07-13 21:03 - 2013-07-13 21:03 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Help
2013-07-13 19:02 - 2013-07-13 19:02 - 00087704 _____ C:\WINDOWS\cadkasdeinst01.exe
2013-07-13 19:02 - 2013-07-13 19:02 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\Mein Schriftarten 1.0
2013-07-13 14:17 - 2013-07-15 12:15 - 00000432 _____ C:\WINDOWS\BRWMARK.INI
2013-07-13 14:17 - 2013-07-14 14:31 - 00000065 _____ C:\WINDOWS\system32\BD7010.DAT
2013-07-13 14:17 - 2013-07-13 14:17 - 00000000 ___RD C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Brother
2013-07-13 14:15 - 2004-11-02 14:19 - 00120832 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrWia04b.dll
2013-07-13 14:15 - 2004-10-15 05:50 - 00015295 _____ (Brother Industries Ltd.) C:\WINDOWS\system32\Drivers\BrScnUsb.sys
2013-07-13 14:15 - 2004-09-21 06:11 - 00037888 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrUSi04b.dll
2013-07-13 03:09 - 2013-07-13 03:10 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\.tfo4
2013-07-13 03:09 - 2013-07-13 03:09 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\4.0
2013-07-13 02:56 - 2013-07-13 02:56 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\STRATO
2013-07-13 02:44 - 2013-07-29 14:07 - 00000634 ____C C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\cp.lnk
2013-07-13 02:44 - 2013-07-13 02:44 - 00000634 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\cp.lnk
2013-07-12 20:13 - 2013-07-12 20:13 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\MeineBackups
2013-07-12 16:31 - 2013-07-13 18:20 - 00000739 ____C C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\aS.lnk
2013-07-12 16:31 - 2013-07-13 18:20 - 00000739 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\aborange Scheduler.lnk
2013-07-12 15:15 - 2013-05-21 13:52 - 00001079 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\9 - Dropbox.lnk
2013-07-12 11:20 - 2001-08-17 13:00 - 00002944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msmpu401.sys
2013-07-12 03:32 - 2007-03-05 11:51 - 00360580 _____ (eSellerate Inc.) C:\WINDOWS\eSellerateEngine.dll
2013-07-12 03:07 - 2013-07-29 15:07 - 00621677 _____ C:\WINDOWS\WindowsUpdate.log
2013-07-12 03:00 - 2013-07-12 03:00 - 00000830 ____C C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\x2.lnk
2013-07-12 03:00 - 2013-07-12 03:00 - 00000830 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\x2.lnk
2013-07-12 02:49 - 2013-07-12 02:49 - 00000823 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\PandaCloudAntivirus22.lnk
2013-07-11 22:00 - 2013-07-11 22:00 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\aborange Scheduler
2013-07-11 20:34 - 2013-07-16 00:57 - 00000000 ____D C:\Programme\ASUS
2013-07-11 20:34 - 2007-12-17 17:14 - 00012400 _____ C:\WINDOWS\system32\Drivers\AsIO.sys
2013-07-11 20:34 - 2006-01-10 16:50 - 00024576 _____ () C:\WINDOWS\system32\AsIO.dll
2013-07-11 20:19 - 2013-07-15 10:41 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\WinRAR
2013-07-11 19:10 - 2013-07-29 16:17 - 00000000 ____D C:\Programme\Emsisoft Anti-Malware
2013-07-11 19:10 - 2013-07-11 19:10 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\Anti-Malware
2013-07-11 16:23 - 2013-07-11 16:24 - 00000000 ____D C:\Programme\Spyware Terminator
2013-07-11 16:23 - 2013-07-11 16:23 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Spyware Terminator
2013-07-11 16:23 - 2011-06-21 11:24 - 00032768 _____ C:\WINDOWS\system32\Drivers\sp_rsdrv2.sys
2013-07-11 15:34 - 2013-07-11 15:36 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\ShutdownAddin
2013-07-11 15:34 - 2013-07-11 15:34 - 00000000 ____D C:\Programme\Gemeinsame Dateien\OutlookShutdown
2013-07-11 12:33 - 2013-07-11 12:33 - 00000224 ____C C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\4950.lnk
2013-07-11 12:33 - 2013-07-11 12:33 - 00000224 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\10er.lnk
2013-07-11 12:32 - 2013-06-04 09:22 - 00563712 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\qedit.dll
2013-07-10 21:06 - 2013-07-10 21:06 - 00000000 ____D C:\Programme\Enigma Software Group
2013-07-10 20:59 - 2013-07-10 20:59 - 00000495 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\Temps löschen.bat
2013-07-10 10:28 - 2013-07-10 10:28 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\aborange
2013-07-09 23:26 - 2013-07-09 23:27 - 00000000 ___DC C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\neuer LD
2013-07-09 17:53 - 2013-07-09 17:55 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\MagraSoft
2013-07-09 17:09 - 2013-07-09 17:09 - 00004165 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\Weiland CD Zusammenstellung 2.dxp
2013-07-09 11:15 - 2013-07-09 11:15 - 00000254 _____ C:\WINDOWS\UPGRADE.TXT
2013-07-09 11:15 - 2013-07-09 11:15 - 00000000 ____D C:\WINDOWS\setupupd
2013-07-09 11:15 - 2013-07-09 11:15 - 00000000 ____D C:\WINDOWS\setup.pss
2013-07-09 11:15 - 2013-07-09 11:07 - 00000492 _____ C:\BOOT.BAK
2013-07-09 11:15 - 2008-04-14 01:02 - 00262464 __RSH C:\cmldr
2013-07-08 22:13 - 2013-07-27 10:22 - 00000000 ____D C:\WINDOWS\Acronis
2013-07-08 22:13 - 2013-07-19 20:27 - 00000148 _____ C:\WINDOWS\system32\autopart.opt
2013-07-08 20:35 - 2013-07-08 22:52 - 00065536 _____ C:\WINDOWS\system32\config\bootracer.evt
2013-07-08 20:22 - 2013-07-08 20:22 - 00000973 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\C&D.lnk
2013-07-08 20:15 - 2013-07-08 20:15 - 00065536 _____ C:\WINDOWS\system32\config\Bootrace.evt
2013-07-08 20:15 - 2013-07-08 20:15 - 00000000 ____D C:\Programme\BootRacer
2013-07-08 20:12 - 2013-07-09 17:37 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\DeskSoft
2013-07-08 20:12 - 2013-07-08 20:13 - 00023040 _____ (DeskSoft) C:\WINDOWS\system32\Drivers\dsnpfd.sys
2013-07-08 20:09 - 2013-07-08 20:10 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Expert PDF Reader
2013-07-08 20:06 - 2013-07-08 20:08 - 00082008 _____ C:\WINDOWS\CFSETUP.TXT
2013-07-08 19:27 - 2013-07-08 19:27 - 00000000 __SHD C:\Dokumente und Einstellungen\Default User\IETldCache
2013-07-08 19:18 - 2000-01-01 02:00 - 00049152 _____ C:\WINDOWS\system32\ChCfg.exe
2013-07-08 19:17 - 2000-01-01 02:00 - 00315392 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\alcupd.exe
2013-07-08 18:37 - 1998-10-29 16:45 - 00306688 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUninst.exe
2013-07-08 16:18 - 2013-07-08 16:18 - 00000398 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\boot.lnk
2013-07-08 14:42 - 2013-07-08 14:42 - 00000000 __SHD C:\Dokumente und Einstellungen\NetworkService\PrivacIE
2013-07-08 14:33 - 2013-06-14 22:02 - 13709312 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Sandra.mdb
2013-07-08 14:32 - 2005-12-01 14:38 - 00020651 _____ C:\WINDOWS\system32\Drivers\DRHARD.VXD
2013-07-08 14:32 - 2005-12-01 10:49 - 00023600 _____ (Licensed for Gebhard Software) C:\WINDOWS\system32\Drivers\drhard.sys
2013-07-08 14:16 - 2013-07-08 14:16 - 00000023 _____ C:\WINDOWS\system32\CleanGenius3Free.dll
2013-07-08 13:43 - 2013-07-08 13:43 - 00000000 __SHD C:\Dokumente und Einstellungen\LocalService\PrivacIE
2013-07-08 12:59 - 2013-07-08 13:00 - 00000026 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\Clearup RAM.vbs
2013-07-08 12:56 - 2013-07-08 12:56 - 00001642 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\ContentIndex original.reg
2013-07-08 00:08 - 2013-07-11 16:26 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\_faster
2013-07-07 21:23 - 2013-07-07 21:23 - 00000000 ____D C:\Programme\TweakRAM
2013-07-07 21:21 - 2013-07-07 21:21 - 00000000 ____D C:\Programme\RAM Defrag
2013-07-07 21:21 - 2006-06-04 18:33 - 00081920 _____ C:\WINDOWS\system32\GkSui20.EXE
2013-07-07 13:24 - 2013-07-07 13:24 - 00000645 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Launchy.lnk
2013-07-07 12:38 - 2013-07-07 12:38 - 00000931 ____C C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\DP.lnk
2013-07-07 12:38 - 2013-07-07 12:38 - 00000931 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\DP.lnk
2013-07-07 12:34 - 2013-07-08 20:41 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\_easywork
2013-07-07 12:34 - 2013-07-07 12:34 - 00000000 ____D C:\Programme\Launchy
2013-07-07 10:44 - 2013-07-07 10:44 - 00000662 ____C C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\od.lnk
2013-07-07 10:44 - 2013-07-07 10:44 - 00000662 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\ObjectDock.lnk
2013-07-07 10:22 - 2013-07-07 10:25 - 00000000 ____D C:\Programme\ObjectDockFree
2013-07-07 03:28 - 2013-07-07 03:28 - 00000000 ____D C:\Programme\Sinvise Systems
2013-07-07 03:28 - 2013-07-07 03:28 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Sinvise Systems
2013-07-07 02:18 - 2013-07-24 09:53 - 00051144 _____ (Soluto LTD.) C:\WINDOWS\system32\Drivers\Soluto.sys
2013-07-07 02:14 - 2013-07-07 02:14 - 00000822 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\3360x2560_20130707.dsv
2013-07-07 01:46 - 2013-07-07 01:46 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\350F4898-238C-459E-9E95-A334F8063E77
2013-07-07 01:40 - 2013-07-07 11:13 - 00010240 _____ C:\WINDOWS\system32\ACRAMDiskHandlerService32RD3.ini
2013-07-07 01:37 - 2012-10-08 12:04 - 00343656 _____ (Softwareentwicklung Remus - ArchiCrypt) C:\WINDOWS\system32\ACRAMDiskHandlerService32RD3.exe
2013-07-07 01:37 - 2012-10-08 12:04 - 00147048 _____ (Softwareentwicklung Remus - ArchiCrypt.com) C:\WINDOWS\system32\ACMFEngine32RD3.dll
2013-07-07 01:37 - 2012-10-08 12:04 - 00021608 _____ (Softwareentwicklung Remus - ArchiCrypt.com) C:\WINDOWS\system32\Drivers\ACMoFlex32RD3.sys
2013-07-07 01:22 - 2013-07-28 04:19 - 00000000 ____D C:\WINDOWS\system32\LogFiles
2013-07-07 01:20 - 2013-07-28 20:55 - 00000000 ____D C:\Programme\Microsoft Bootvis
2013-07-07 01:15 - 2013-07-07 01:15 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Application Data\Soluto
2013-07-07 00:09 - 2008-05-07 12:12 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys
2013-07-07 00:02 - 2012-04-19 17:42 - 00156608 _____ (Romex Software) C:\WINDOWS\system32\Drivers\fancyrd.sys
2013-07-06 23:30 - 2013-07-08 21:34 - 00000436 ____C C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\kill unnecessary tasks.lnk
2013-07-06 23:30 - 2013-07-08 21:34 - 00000436 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\kill unnecessary tasks.lnk
2013-07-06 23:29 - 2013-07-29 15:06 - 00000157 _____ C:\WINDOWS\wiadebug.log
2013-07-06 23:29 - 2013-07-29 15:06 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-07-06 23:29 - 2013-07-29 15:05 - 00032320 _____ C:\WINDOWS\SchedLgU.Txt
2013-07-06 23:29 - 2013-07-06 23:29 - 00000000 ____N C:\WINDOWS\Sti_Trace.log
2013-07-06 00:27 - 2013-07-06 00:27 - 00000000 ____D C:\Programme\Lame For Audacity
2013-07-05 22:46 - 2013-07-06 00:49 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Audacity
2013-07-05 22:18 - 2013-07-05 22:18 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\AMPSoft
2013-07-05 18:23 - 2013-07-29 15:04 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Everything
2013-07-05 16:00 - 2013-07-05 16:01 - 01451238 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\Windows Systeminformationen 050713 - 1600.nfo
2013-07-05 12:16 - 2013-07-05 16:17 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Nuance
2013-07-05 12:16 - 2013-07-05 12:16 - 00000000 ____D C:\Programme\Gemeinsame Dateien\IVA
2013-07-05 09:33 - 2013-07-12 09:59 - 00002321 _____ C:\Dokumente und Einstellungen\Administrator\Desktop\W.lnk
2013-07-05 09:33 - 2013-07-05 09:33 - 00000000 ____D C:\Dokumente und Einstellungen\Administrator\Desktop\Microsoft Office
2013-07-04 23:02 - 2013-07-04 23:02 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Typograf
2013-07-04 20:08 - 2013-07-04 20:08 - 00000224 ____C C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\5300.lnk
2013-07-04 20:08 - 2013-07-04 20:08 - 00000224 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\50er.lnk
2013-07-04 16:37 - 2013-07-04 16:37 - 00174864 _____ (Oracle Corporation) C:\WINDOWS\system32\VBoxNetFltNobj.dll
2013-07-04 16:37 - 2013-07-04 16:37 - 00115984 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetFlt.sys
2013-07-04 13:16 - 2013-07-04 13:16 - 00002721 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\Weiland CD Zusammenstellung.dxp
2013-07-04 13:04 - 2013-07-04 13:04 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Canneverbe Limited
2013-07-04 13:04 - 2012-06-03 10:45 - 00005504 _____ C:\WINDOWS\system32\Drivers\StarOpen.sys
2013-07-04 08:46 - 2013-07-04 08:46 - 00013824 ____C C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\Duschen - bitte genießen .msg
2013-07-04 08:46 - 2013-07-04 08:46 - 00013824 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\Duschen - bitte genießen .msg
2013-07-03 01:20 - 2013-07-27 22:42 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Logishrd
2013-07-03 01:20 - 2013-07-03 01:20 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Leadertech
2013-07-03 01:20 - 2013-05-23 08:12 - 00010136 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LBeepKE.sys
2013-07-03 01:19 - 2013-07-28 11:32 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Logishrd
2013-07-03 01:19 - 2013-07-27 22:16 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Logitech
2013-07-03 00:43 - 2013-07-03 00:43 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Opera Software
2013-07-03 00:08 - 2013-07-03 00:09 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\StartMenuX
2013-07-02 22:53 - 2013-07-10 21:05 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Wise Installation Wizard
2013-07-02 20:33 - 2013-07-02 20:33 - 01198049 _____ C:\WINDOWS\unins001.exe
2013-07-02 20:33 - 2013-07-02 20:33 - 00000000 ____D C:\WINDOWS\system32\Adobe
2013-07-02 20:26 - 2013-07-02 20:44 - 00000000 ____D C:\WINDOWS\SxsCaPendDel
2013-07-02 18:06 - 2012-06-04 17:35 - 00222448 _____ (Microsoft Corporation) C:\WINDOWS\system32\muweb.dll
2013-07-02 18:06 - 2009-08-14 02:14 - 00202776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuweb.dll
2013-07-02 17:37 - 2013-07-02 17:37 - 01609384 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\Windows Systeminformationen.nfo
2013-07-02 15:27 - 2013-07-02 15:27 - 00097176 _____ (Elaborate Bytes AG) C:\WINDOWS\system32\ElbyCDIO.dll
2013-07-02 13:43 - 2013-07-02 13:43 - 00000000 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\soft Xpansion Perfect PDF 8 Reader - 02.07.13 13.43.18.dmp
2013-07-02 02:41 - 2013-07-02 02:41 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\ASCOMP Software
2013-07-01 23:55 - 2013-03-27 00:53 - 00076800 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cryptdlg.dll
2013-07-01 21:24 - 2013-07-01 21:24 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\IObit
2013-07-01 21:06 - 2013-07-01 21:06 - 00001100 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-01 21:06 - 2013-07-01 21:06 - 00001096 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-01 15:36 - 2010-03-18 19:25 - 00307200 _____ (CANON INC.) C:\WINDOWS\system32\CNC5100L.dll
2013-07-01 15:36 - 2010-03-18 17:12 - 01335296 _____ (CANON INC.) C:\WINDOWS\system32\CNC5100C.dll
2013-07-01 15:36 - 2010-03-18 17:12 - 00114688 _____ (CANON INC.) C:\WINDOWS\system32\CNC5100I.dll
2013-07-01 15:36 - 2010-03-18 17:11 - 00106496 _____ (CANON INC.) C:\WINDOWS\system32\CNC5100U.dll
2013-07-01 15:36 - 2010-03-11 08:56 - 00180224 _____ (CANON INC.) C:\WINDOWS\system32\CNMIUAD.DLL
2013-07-01 15:36 - 2010-01-13 14:03 - 00094208 _____ (Canon Inc.) C:\WINDOWS\system32\CNC5100O.dll
2013-07-01 15:33 - 2012-04-18 13:50 - 00090112 _____ (Canon Inc.) C:\WINDOWS\system32\CNC_ATO.dll
2013-07-01 15:33 - 2011-03-31 10:07 - 00114688 _____ (CANON INC.) C:\WINDOWS\system32\CNC_ATU.dll
2013-07-01 15:33 - 2011-03-31 10:05 - 00286720 _____ (CANON INC.) C:\WINDOWS\system32\CNC_ATC.dll
2013-07-01 15:33 - 2011-03-31 10:05 - 00114688 _____ (CANON INC.) C:\WINDOWS\system32\CNC_ATI.dll
2013-07-01 15:33 - 2011-03-30 12:54 - 00323584 _____ (CANON INC.) C:\WINDOWS\system32\CNC_ATL.dll
2013-07-01 15:33 - 2011-02-03 09:20 - 00184320 _____ (CANON INC.) C:\WINDOWS\system32\CNMIUAT.DLL
2013-07-01 12:39 - 2013-07-01 12:39 - 00000000 ____D C:\Dokumente und Einstellungen\LocalService\Startmenü
2013-07-01 00:28 - 2013-07-01 00:28 - 00000834 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\3360x2560_20130701.dsv
2013-06-30 23:24 - 2013-06-30 23:24 - 00000830 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\2944x1352_20130630.dsv
2013-06-30 19:39 - 2013-07-27 22:57 - 00000020 _____ C:\WINDOWS\system32\nvModes.dat
2013-06-30 19:34 - 2013-07-27 21:07 - 00001324 _____ C:\WINDOWS\system32\d3d9caps.dat
2013-06-30 19:32 - 2013-07-28 15:55 - 01098896 _____ C:\WINDOWS\system32\nvdrsdb1.bin
2013-06-30 19:32 - 2013-07-28 15:55 - 01098896 _____ C:\WINDOWS\system32\nvdrsdb0.bin
2013-06-30 19:32 - 2013-07-28 15:55 - 00000001 _____ C:\WINDOWS\system32\nvdrssel.bin
2013-06-30 19:32 - 2013-07-27 17:41 - 00000000 _____ C:\WINDOWS\system32\nvdrswr.lk
2013-06-30 19:32 - 2013-06-21 14:02 - 02289288 _____ C:\WINDOWS\system32\nvdata.data
2013-06-30 19:31 - 2013-05-12 23:37 - 00057344 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2013-06-30 19:23 - 2013-07-29 14:53 - 00000012 _____ C:\WINDOWS\WININIT.INI
2013-06-30 17:20 - 2013-06-30 17:20 - 00000362 _____ C:\WINDOWS\Tasks\DriverEasy Scheduled Scan.job
2013-06-30 17:17 - 2008-04-13 23:15 - 00060032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBAUDIO.sys
2013-06-30 12:48 - 2013-07-08 22:07 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\UseNeXT
2013-06-30 12:48 - 2013-06-30 12:48 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\UseNeXT
2013-06-29 20:56 - 2013-06-29 20:56 - 00000063 _____ C:\WINDOWS\PPDeskVw.INI
2013-06-29 17:36 - 2013-06-29 17:36 - 00009359 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Microsoft Access.EML
2013-06-29 17:33 - 2013-06-29 17:33 - 00009378 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Tabulatorgetrennte Werte (Windows).EML
2013-06-29 17:30 - 2013-06-29 17:32 - 00009358 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Microsoft Excel.EML
|
|
29.07.2013, 16:42
| #6 |
| | Immer wieder Abstürze einfach so - WIN XP SP3 FSRT Teil 2: Code:
ATTFilter ==================== One Month Modified Files and Folders =======
2013-07-29 16:42 - 2013-07-29 16:41 - 00043319 ____C R:\z_temp\log1
2013-07-29 16:42 - 2013-07-29 15:23 - 00000000 ___DC R:\z_temp\HouseCall
2013-07-29 16:41 - 2013-07-29 16:41 - 00023042 ____C R:\z_temp\frstlog
2013-07-29 16:41 - 2013-07-29 16:41 - 00000366 ____C R:\z_temp\users00
2013-07-29 16:41 - 2013-07-29 16:41 - 00000003 ____C R:\z_temp\others
2013-07-29 16:41 - 2013-07-29 16:41 - 00000000 ____D C:\FRST
2013-07-29 16:38 - 2013-07-29 16:38 - 00003238 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\aswMBR Scan Ergebnisse.txt
2013-07-29 16:38 - 2013-07-29 16:38 - 00000512 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\MBR.dat
2013-07-29 16:38 - 2013-07-29 16:25 - 00000000 ___DC R:\z_temp\_av4_
2013-07-29 16:31 - 2013-07-29 16:31 - 00000000 ___RC R:\z_temp\UI03MPQ8~DemonData.swapFile.dat~.itzamlock
2013-07-29 16:30 - 2013-07-29 16:30 - 00000000 ___RC R:\z_temp\Q4AAN7NS~DemonData.swapFile.dat~.itzamlock
2013-07-29 16:30 - 2013-07-29 16:30 - 00000000 ___RC R:\z_temp\P4EPS6DT~DemonData.swapFile.dat~.itzamlock
2013-07-29 16:30 - 2013-07-29 16:30 - 00000000 ___RC R:\z_temp\BRO4JVET~DemonData.swapFile.dat~.itzamlock
2013-07-29 16:30 - 2013-07-29 16:30 - 00000000 ___RC R:\z_temp\BNFT6F6J~DemonData.swapFile.dat~.itzamlock
2013-07-29 16:30 - 2013-07-29 16:30 - 00000000 ___RC R:\z_temp\A1SAVSJV~DemonData.swapFile.dat~.itzamlock
2013-07-29 16:30 - 2013-07-29 16:30 - 00000000 ___RC R:\z_temp\75JAR92I~DemonData.swapFile.dat~.itzamlock
2013-07-29 16:30 - 2013-07-29 16:30 - 00000000 ___RC R:\z_temp\47BE0NRD~DemonData.swapFile.dat~.itzamlock
2013-07-29 16:30 - 2013-07-29 16:30 - 00000000 ___RC R:\z_temp\1A3QJDR8~DemonData.swapFile.dat~.itzamlock
2013-07-29 16:29 - 2013-05-22 13:38 - 00001234 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-854245398-1960408961-1801674531-1003UA.job
2013-07-29 16:27 - 2013-07-29 16:27 - 00000000 ___RC R:\z_temp\SOB2CO3C~DemonData.swapFile.dat~.itzamlock
2013-07-29 16:27 - 2013-07-29 16:27 - 00000000 ___RC R:\z_temp\Q143P7NK~DemonData.swapFile.dat~.itzamlock
2013-07-29 16:27 - 2013-07-29 16:27 - 00000000 ___RC R:\z_temp\GUM6ML24~DemonData.swapFile.dat~.itzamlock
2013-07-29 16:27 - 2013-07-29 16:27 - 00000000 ___RC R:\z_temp\FTT9G05Q~DemonData.swapFile.dat~.itzamlock
2013-07-29 16:26 - 2013-07-29 16:26 - 00000000 ___RC R:\z_temp\C2J0JK0J~DemonData.swapFile.dat~.itzamlock
2013-07-29 16:25 - 2013-07-29 16:25 - 00000000 ___DC R:\z_temp\_avast4_
2013-07-29 16:17 - 2013-07-11 19:10 - 00000000 ____D C:\Programme\Emsisoft Anti-Malware
2013-07-29 16:07 - 2013-07-27 17:46 - 00008456 _____ C:\WINDOWS\system32\nvAppTimestamps
2013-07-29 16:05 - 2013-07-29 15:12 - 00000172 ____C R:\z_temp\hostrules.ini
2013-07-29 16:05 - 2013-07-29 15:12 - 00000164 ____C R:\z_temp\rules.ini
2013-07-29 16:05 - 2013-07-29 15:12 - 00000000 ___DC R:\z_temp\a2temp
2013-07-29 15:51 - 2013-07-29 15:50 - 00004612 _____ C:\AdwCleaner[R1].txt
2013-07-29 15:48 - 2013-07-29 15:48 - 00000512 ___CT R:\z_temp\~DF89C2.tmp
2013-07-29 15:46 - 2013-07-29 12:39 - 00000000 ___DC R:\z_temp\msohtml1
2013-07-29 15:37 - 2013-07-29 15:37 - 00073800 __HCT R:\z_temp\etilqs_9CxRsk7EZJv76kv
2013-07-29 15:36 - 2013-07-29 15:36 - 00642283 ___CT R:\z_temp\nsa348.tmp
2013-07-29 15:36 - 2013-07-29 15:36 - 00016400 __HCT R:\z_temp\etilqs_dqD9JIRl5muoJvN
2013-07-29 15:36 - 2013-07-29 15:36 - 00008208 __HCT R:\z_temp\etilqs_hi18D1PMXqa6VlB
2013-07-29 15:36 - 2013-07-29 15:36 - 00000000 ___DC R:\z_temp\nsa34A.tmp
2013-07-29 15:36 - 2013-07-29 15:36 - 00000000 ___DC R:\z_temp\GoogleChromePortable
2013-07-29 15:30 - 2013-07-29 15:30 - 00000970 ____C R:\z_temp\LastScan.txt
2013-07-29 15:29 - 2013-07-29 15:15 - 00000000 ___DC R:\z_temp\tmp00003f6e
2013-07-29 15:29 - 2013-04-27 03:38 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Dropbox
2013-07-29 15:28 - 2013-07-29 15:28 - 00016384 ___CT R:\z_temp\~DFC00C.tmp
2013-07-29 15:28 - 2013-07-29 15:28 - 00016384 ___CT R:\z_temp\~DF8A30.tmp
2013-07-29 15:28 - 2013-07-29 15:28 - 00000000 ___DC R:\z_temp\cpuz136
2013-07-29 15:26 - 2013-07-29 15:26 - 00000000 ____D C:\Programme\ESET
2013-07-29 15:26 - 2013-04-19 01:58 - 00000000 ____D C:\Programme
2013-07-29 15:25 - 2013-07-29 15:25 - 00004860 ____C R:\z_temp\qs-de-utf16.txt
2013-07-29 15:24 - 2013-07-29 15:23 - 00007881 ____C R:\z_temp\HCLauncher.log
2013-07-29 15:24 - 2013-07-29 15:23 - 00000000 ___DC R:\z_temp\HCBackup
2013-07-29 15:19 - 2013-07-29 15:19 - 00000649 ____C C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\Entfernen des Avira DE-Cleaners.lnk
2013-07-29 15:19 - 2013-07-29 15:19 - 00000584 ____C C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\Avira DE-Cleaner.lnk
2013-07-29 15:19 - 2013-07-29 15:19 - 00000000 ___DC R:\z_temp\decleaner
2013-07-29 15:14 - 2013-07-29 15:14 - 00000512 ___CT R:\z_temp\~DFE77F.tmp
2013-07-29 15:11 - 2013-07-29 15:11 - 00000000 ___DC R:\z_temp\tmp00003c13
2013-07-29 15:10 - 2013-04-19 01:04 - 00000000 ___RD C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme
2013-07-29 15:09 - 2013-07-29 15:09 - 00016384 ___CT R:\z_temp\Perflib_Perfdata_b90.dat
2013-07-29 15:08 - 2013-07-29 15:08 - 00016384 ____C R:\z_temp\~DF9B8D.tmp
2013-07-29 15:07 - 2013-07-29 15:07 - 00016384 ___CT R:\z_temp\Perflib_Perfdata_f3c.dat
2013-07-29 15:07 - 2013-07-29 15:07 - 00016384 ___CT R:\z_temp\Perflib_Perfdata_dd8.dat
2013-07-29 15:07 - 2013-07-29 15:07 - 00016384 ___CT R:\z_temp\Perflib_Perfdata_ad8.dat
2013-07-29 15:07 - 2013-07-29 15:07 - 00016384 ___CT R:\z_temp\Perflib_Perfdata_83c.dat
2013-07-29 15:07 - 2013-07-29 15:07 - 00016384 ____C R:\z_temp\~DF7530.tmp
2013-07-29 15:07 - 2013-07-29 15:07 - 00000000 ___DC R:\z_temp\WPDNSE
2013-07-29 15:07 - 2013-07-12 03:07 - 00621677 _____ C:\WINDOWS\WindowsUpdate.log
2013-07-29 15:06 - 2013-07-29 15:06 - 00016384 ___CT R:\z_temp\Perflib_Perfdata_380.dat
2013-07-29 15:06 - 2013-07-29 12:23 - 00000483 ____C R:\z_temp\WGAErrLog.txt
2013-07-29 15:06 - 2013-07-06 23:29 - 00000157 _____ C:\WINDOWS\wiadebug.log
2013-07-29 15:06 - 2013-07-06 23:29 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-07-29 15:06 - 2013-04-19 01:04 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-07-29 15:06 - 2001-08-18 13:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2013-07-29 15:05 - 2013-07-06 23:29 - 00032320 _____ C:\WINDOWS\SchedLgU.Txt
2013-07-29 15:04 - 2013-07-05 18:23 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Everything
2013-07-29 15:04 - 2013-04-19 01:04 - 00000300 ___SH C:\Dokumente und Einstellungen\Elmar-Admin\ntuser.ini
2013-07-29 15:01 - 2013-07-29 15:01 - 00005632 ___CT (Tarma Software Research Pty Ltd) R:\z_temp\_TinDel.exe
2013-07-29 14:53 - 2013-06-30 19:23 - 00000012 _____ C:\WINDOWS\WININIT.INI
2013-07-29 14:52 - 2013-04-19 01:36 - 00000000 ___DC C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\ad
2013-07-29 14:46 - 2013-07-29 14:46 - 00000000 ___DC R:\z_temp\jrt
2013-07-29 14:37 - 2013-07-29 14:37 - 00000000 ___RC R:\z_temp\OK2OMASH~DemonData.swapFile.dat~.itzamlock
2013-07-29 14:37 - 2013-07-29 14:37 - 00000000 ___RC R:\z_temp\2M2U3AOK~DemonData.swapFile.dat~.itzamlock
2013-07-29 14:30 - 2013-07-29 14:30 - 00000000 ___RC R:\z_temp\B94K03DJ~DemonData.swapFile.dat~.itzamlock
2013-07-29 14:30 - 2013-07-29 14:28 - 02469066 ___CT R:\z_temp\QVIRDOTD~DemonData.swapFile.dat~
2013-07-29 14:30 - 2013-07-29 14:28 - 00000644 ___CT R:\z_temp\FMM0ADKP~DemonData.swapFile.dat~
2013-07-29 14:28 - 2013-07-29 14:28 - 00000000 ___RC R:\z_temp\QVIRDOTD~DemonData.swapFile.dat~.itzamlock
2013-07-29 14:17 - 2013-07-29 14:17 - 00001770 ____C R:\z_temp\Rar$LS0.973
2013-07-29 14:07 - 2013-07-13 02:44 - 00000634 ____C C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\cp.lnk
2013-07-29 13:46 - 2013-07-29 13:40 - 00000000 ___DC R:\z_temp\2A46EF9B-1773-4EC4-BC99-292BD4249341
2013-07-29 13:45 - 2013-07-29 13:45 - 00000000 ___DC R:\z_temp\AcronisUpdates
2013-07-29 13:45 - 2013-07-29 13:41 - 00000481 ____C R:\z_temp\installerui-163448EE-6E1C-4D40-BFCC-D3EBD89DA93E.log
2013-07-29 13:42 - 2013-07-29 13:42 - 00000000 ___DC R:\z_temp\Acronis
2013-07-29 13:42 - 2013-07-29 13:42 - 00000000 ___DC R:\z_temp\3D81E9D3-086F-414D-85B0-8BF84D647042
2013-07-29 13:42 - 2013-07-29 13:42 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\2F2FCA96-760A-439F-B89D-CDC8D40CA90C
2013-07-29 13:42 - 2013-07-28 12:41 - 00792576 _____ C:\WINDOWS\setupapi.log
2013-07-29 13:42 - 2013-04-19 01:12 - 00234752 _____ (Acronis) C:\WINDOWS\system32\Drivers\afcdp.sys
2013-07-29 13:41 - 2013-07-29 13:41 - 00000000 ___DC R:\z_temp\06FF2D8C-1B97-4FCF-B244-1E87AC858D62
2013-07-29 13:41 - 2013-04-19 01:58 - 01302260 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-07-29 13:33 - 2013-07-29 13:33 - 00000000 ___RC R:\z_temp\SHM3VO78~DemonData.swapFile.dat~.itzamlock
2013-07-29 13:33 - 2013-07-29 13:33 - 00000000 ___RC R:\z_temp\S29GQ3JH~DemonData.swapFile.dat~.itzamlock
2013-07-29 13:33 - 2013-07-29 13:33 - 00000000 ___RC R:\z_temp\PN1H1VGA~DemonData.swapFile.dat~.itzamlock
2013-07-29 13:33 - 2013-07-29 13:33 - 00000000 ___RC R:\z_temp\G1K6O1V5~DemonData.swapFile.dat~.itzamlock
2013-07-29 13:33 - 2013-07-29 13:33 - 00000000 ___RC R:\z_temp\E3SLBGER~DemonData.swapFile.dat~.itzamlock
2013-07-29 13:33 - 2013-07-29 13:33 - 00000000 ___RC R:\z_temp\AANE815L~DemonData.swapFile.dat~.itzamlock
2013-07-29 13:29 - 2013-07-29 13:29 - 00093441 ____C R:\z_temp\{A452BE11-CE60-4A02-B0C3-D2C51771A8A0}-30.0.1580.0_chrome_installer.exe
2013-07-29 13:04 - 2013-07-29 13:04 - 00000000 ___RC R:\z_temp\NG66PQSM~DemonData.swapFile.dat~.itzamlock
2013-07-29 13:04 - 2013-07-29 13:04 - 00000000 ___RC R:\z_temp\JGVJH7IA~DemonData.swapFile.dat~.itzamlock
2013-07-29 13:04 - 2013-07-29 13:04 - 00000000 ___RC R:\z_temp\AHIG0QGE~DemonData.swapFile.dat~.itzamlock
2013-07-29 13:04 - 2013-07-29 13:04 - 00000000 ___RC R:\z_temp\49M5MJ3F~DemonData.swapFile.dat~.itzamlock
2013-07-29 13:04 - 2013-07-29 13:04 - 00000000 ___RC R:\z_temp\3U5VSFO9~DemonData.swapFile.dat~.itzamlock
2013-07-29 12:57 - 2013-05-24 14:15 - 00000000 _RSHD C:\BOOTWIZ
2013-07-29 12:41 - 2013-07-29 12:41 - 00000251 _____ C:\voxFcoldrv.log
2013-07-29 12:39 - 2013-07-29 12:39 - 00000000 ___DC R:\z_temp\msohtml
2013-07-29 12:31 - 2013-07-29 12:31 - 00000000 ___DC R:\z_temp\comtypes_cache
2013-07-29 12:30 - 2013-07-29 12:30 - 00000000 ___DC R:\z_temp\VBE
2013-07-29 12:28 - 2013-07-29 12:28 - 03876956 ____C R:\z_temp\MSI2622d.LOG
2013-07-29 12:28 - 2013-07-29 12:28 - 03876956 ____C R:\z_temp\MSI2622c.LOG
2013-07-29 12:28 - 2013-07-29 12:27 - 03909408 ____C R:\z_temp\MSI2622b.LOG
2013-07-29 12:04 - 2013-07-29 12:04 - 00042080 ____C (Somoto Ltd.) R:\z_temp\bi_cleaner.exe
2013-07-29 12:04 - 2013-07-29 12:04 - 00028452 ____C R:\z_temp\MSIfc944.LOG
2013-07-29 12:00 - 2013-07-29 12:00 - 00016384 ___CT R:\z_temp\Perflib_Perfdata_64c.dat
2013-07-29 11:53 - 2013-07-29 11:53 - 00000645 ____C C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\ev.lnk
2013-07-29 11:52 - 2013-07-29 11:52 - 00000000 ___DC R:\z_temp\CRX_75DAF8CB7768
2013-07-29 11:46 - 2013-07-29 11:46 - 00642283 ___CT R:\z_temp\nstF.tmp
2013-07-29 11:46 - 2013-07-29 11:46 - 00049200 __HCT R:\z_temp\etilqs_YGtswQEme6GwC7I
2013-07-29 11:46 - 2013-07-29 11:46 - 00016400 __HCT R:\z_temp\etilqs_hRX3p5LDEplCwmC
2013-07-29 11:46 - 2013-07-29 11:46 - 00002052 __HCT R:\z_temp\etilqs_TqgAXa6KUlWfG84
2013-07-29 11:45 - 2013-04-19 02:57 - 00000676 __RSH C:\boot.ini
2013-07-29 11:45 - 2001-08-18 13:00 - 00000603 ____N C:\WINDOWS\win.ini
2013-07-29 11:45 - 2001-08-18 13:00 - 00000227 ____N C:\WINDOWS\system.ini
2013-07-29 11:36 - 2013-04-19 01:01 - 00000000 ____D C:\WINDOWS\system32\Restore
2013-07-29 11:34 - 2013-07-29 11:34 - 00016384 ___CT R:\z_temp\Perflib_Perfdata_620.dat
2013-07-29 11:31 - 2013-07-29 11:31 - 00016384 ___CT R:\z_temp\Perflib_Perfdata_920.dat
2013-07-29 11:19 - 2013-07-29 11:19 - 44467068 _____ C:\WINDOWS\MEMORY.zip
2013-07-29 11:13 - 2013-07-29 11:13 - 00065536 _____ C:\WINDOWS\Minidump\Mini072913-01.dmp
2013-07-29 11:13 - 2013-07-29 11:12 - 00000000 ____D C:\WINDOWS\Minidump
2013-07-29 11:12 - 2013-07-28 20:26 - 164388864 _____ C:\WINDOWS\MEMORY.DMP
2013-07-29 02:01 - 2013-04-19 02:33 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-07-29 01:29 - 2013-05-22 13:38 - 00001182 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-854245398-1960408961-1801674531-1003Core.job
2013-07-29 01:05 - 2013-04-19 01:04 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin
2013-07-29 00:46 - 2013-04-27 15:37 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\uTorrent
2013-07-29 00:19 - 2013-07-23 10:41 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\.VirtualBox
2013-07-28 23:13 - 2013-07-28 23:03 - 00000510 __RSH C:\Dokumente und Einstellungen\Elmar-Admin\ntuser.pol
2013-07-28 22:09 - 2013-04-19 01:04 - 00000000 ___RD C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\Autostart
2013-07-28 22:01 - 2013-06-07 09:10 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\Autostart (Disabled by AnVir)
2013-07-28 21:38 - 2013-07-28 01:29 - 00103824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-07-28 21:20 - 2013-07-16 14:17 - 00000000 ___DC C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\MouseWithoutBorders
2013-07-28 21:07 - 2013-07-16 19:47 - 00000000 ____D C:\Programme\Microsoft IntelliType Pro
2013-07-28 20:55 - 2013-07-07 01:20 - 00000000 ____D C:\Programme\Microsoft Bootvis
2013-07-28 20:11 - 2013-05-21 12:56 - 00004659 ____H C:\WINDOWS\EPMBatch.ept
2013-07-28 20:08 - 2013-04-27 11:33 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Mozilla
2013-07-28 19:53 - 2013-07-28 19:53 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\HD Tune Pro
2013-07-28 18:39 - 2013-04-27 03:27 - 00002355 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\SAS7_000.DAT
2013-07-28 18:29 - 2013-07-28 18:26 - 00002919 _____ C:\WINDOWS\KB2686509.log
2013-07-28 18:29 - 2013-07-28 18:26 - 00000094 _____ C:\WINDOWS\faultykeyboard.log
2013-07-28 17:32 - 2013-07-28 17:32 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\tor
2013-07-28 17:13 - 2013-07-28 17:13 - 00000000 ____D C:\Programme\Tor
2013-07-28 17:08 - 2013-07-28 17:08 - 00000673 _____ C:\Dokumente und Einstellungen\All Users\Desktop\RadarSync PC Updater.lnk
2013-07-28 17:08 - 2013-07-28 17:08 - 00000000 ____D C:\Programme\RadarSync
2013-07-28 17:08 - 2013-07-28 17:08 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\RadarSync
2013-07-28 16:54 - 2013-06-05 14:19 - 00000000 ____D C:\WINDOWS\Downloaded Installations
2013-07-28 16:53 - 2013-07-27 22:19 - 00000000 ____D C:\Programme\NVIDIA Corporation
2013-07-28 16:49 - 2013-04-19 02:12 - 00000000 ____D C:\WINDOWS\system32\ReinstallBackups
2013-07-28 15:55 - 2013-06-30 19:32 - 01098896 _____ C:\WINDOWS\system32\nvdrsdb1.bin
2013-07-28 15:55 - 2013-06-30 19:32 - 01098896 _____ C:\WINDOWS\system32\nvdrsdb0.bin
2013-07-28 15:55 - 2013-06-30 19:32 - 00000001 _____ C:\WINDOWS\system32\nvdrssel.bin
2013-07-28 14:12 - 2013-07-16 00:54 - 00000000 _____ C:\WINDOWS\AS_Debug.txt
2013-07-28 14:12 - 2013-04-19 02:12 - 00000000 ___HD C:\Programme\InstallShield Installation Information
2013-07-28 13:37 - 2013-05-21 14:09 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\AllDup
2013-07-28 12:37 - 2013-06-10 22:48 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\USBSafelyRemove
2013-07-28 12:29 - 2013-04-19 01:04 - 00000000 __SHD C:\Dokumente und Einstellungen\NetworkService
2013-07-28 12:29 - 2013-04-19 01:04 - 00000000 __SHD C:\Dokumente und Einstellungen\LocalService
2013-07-28 12:18 - 2013-07-28 12:18 - 00000000 ____D C:\VITSOFT
2013-07-28 11:58 - 2013-04-19 02:01 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\TeraCopy
2013-07-28 11:32 - 2013-07-03 01:19 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Logishrd
2013-07-28 11:32 - 2013-06-10 22:48 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\USBSRService
2013-07-28 11:32 - 2013-05-23 16:18 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\TeamViewer
2013-07-28 11:32 - 2013-04-25 23:16 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\dvdcss
2013-07-28 04:26 - 2013-05-22 20:56 - 00008165 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\CsActions.cka
2013-07-28 04:19 - 2013-07-07 01:22 - 00000000 ____D C:\WINDOWS\system32\LogFiles
2013-07-28 03:49 - 2013-07-28 03:49 - 00940794 _____ C:\WINDOWS\system32\LoopyMusic.wav
2013-07-28 03:49 - 2013-07-28 03:49 - 00146650 _____ C:\WINDOWS\system32\BuzzingBee.wav
2013-07-28 03:49 - 2013-07-28 03:49 - 00060416 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\ALCFDRTM.VER
2013-07-28 03:49 - 2013-07-28 03:49 - 00060416 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\ALCFDRTM.EXE
2013-07-28 03:49 - 2013-07-28 03:49 - 00000000 ____D C:\WINDOWS\system32\Lang
2013-07-28 03:46 - 2013-07-28 02:56 - 186187776 _____ C:\LogFile.Etl
2013-07-28 03:37 - 2013-07-28 03:37 - 00000000 ____D C:\Programme\Realtek AC97
2013-07-28 03:24 - 2013-07-28 03:24 - 00000000 ____D C:\Programme\Microsoft Garage
2013-07-28 03:22 - 2013-07-28 03:22 - 00000000 ____D C:\Programme\Soluto
2013-07-28 03:22 - 2013-04-19 01:58 - 00000000 ___RD C:\Dokumente und Einstellungen\All Users\Startmenü
2013-07-28 03:20 - 2013-07-28 03:20 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\Everything
2013-07-28 02:31 - 2013-07-15 13:05 - 00000000 ____D C:\Programme\Kyocera
2013-07-28 00:46 - 2013-07-24 01:24 - 00002447 ____C C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\cy.lnk
2013-07-28 00:08 - 2013-07-28 00:08 - 00000565 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\3360x2560_20130728.dsv
2013-07-27 23:52 - 2013-07-27 23:52 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\NVIDIA
2013-07-27 22:57 - 2013-06-30 19:39 - 00000020 _____ C:\WINDOWS\system32\nvModes.dat
2013-07-27 22:44 - 2013-07-27 22:44 - 00000000 ____D C:\Programme\AGEIA Technologies
2013-07-27 22:42 - 2013-07-27 22:15 - 00016400 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2013-07-27 22:42 - 2013-07-23 09:56 - 01148048 _____ C:\WINDOWS\setupapi.log.0.old
2013-07-27 22:42 - 2013-07-03 01:20 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Logishrd
2013-07-27 22:41 - 2013-07-27 22:41 - 00000000 ____D C:\Programme\Logitech
2013-07-27 22:20 - 2013-07-27 17:42 - 00000190 ___SH C:\Dokumente und Einstellungen\UpdatusUser\ntuser.ini
2013-07-27 22:20 - 2013-04-19 02:54 - 00000000 ____D C:\WINDOWS\Help
2013-07-27 22:16 - 2013-07-03 01:19 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Logitech
2013-07-27 22:02 - 2013-07-27 22:02 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\DriverEasy
2013-07-27 21:49 - 2013-05-22 20:08 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\_updates
2013-07-27 21:48 - 2013-07-27 21:48 - 00000000 ____D C:\Programme\1-click run
2013-07-27 21:20 - 2013-05-23 11:58 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\_pdfs
2013-07-27 21:19 - 2013-04-27 11:31 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\_internet browser
2013-07-27 21:07 - 2013-06-30 19:34 - 00001324 _____ C:\WINDOWS\system32\d3d9caps.dat
2013-07-27 20:38 - 2013-05-22 21:41 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\ATI
2013-07-27 20:14 - 2013-07-27 20:14 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\VITSOFT
2013-07-27 19:57 - 2013-04-19 02:34 - 00000000 ____D C:\WINDOWS\system32\XPSViewer
2013-07-27 19:46 - 2013-04-19 01:01 - 00000000 ____D C:\WINDOWS\Registration
2013-07-27 19:42 - 2013-04-27 02:42 - 00000000 ____D C:\Programme\Microsoft.NET
2013-07-27 19:41 - 2013-07-27 19:41 - 00000000 ____D C:\Programme\MSBuild
2013-07-27 17:41 - 2013-06-30 19:32 - 00000000 _____ C:\WINDOWS\system32\nvdrswr.lk
2013-07-27 16:55 - 2013-07-27 16:55 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\C6B73907-D4E8-4912-BC6D-FDD054C6F0E2
2013-07-27 13:31 - 2013-05-26 21:10 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\PassMark
2013-07-27 13:12 - 2013-04-19 01:02 - 00000000 ____D C:\WINDOWS\system32\DirectX
2013-07-27 13:10 - 2013-07-27 13:10 - 00000967 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\FSB 215 - 291.nbr
2013-07-27 12:11 - 2013-04-27 18:09 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\_security
2013-07-27 10:22 - 2013-07-08 22:13 - 00000000 ____D C:\WINDOWS\Acronis
2013-07-26 23:25 - 2013-07-26 23:25 - 00001113 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\3360x2560_20130726[1].dsv
2013-07-26 23:02 - 2013-04-19 02:54 - 00000000 ____D C:\WINDOWS\security
2013-07-26 23:00 - 2013-07-26 23:00 - 00000603 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\Arora.lnk
2013-07-26 22:46 - 2013-07-26 22:46 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\AnyDVDHD
2013-07-26 17:16 - 2013-04-27 21:00 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\_info
2013-07-26 14:24 - 2013-07-26 14:24 - 00001289 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\3360x2560_20130726.dsv
2013-07-25 19:35 - 2013-07-25 19:07 - 00131072 _____ C:\Dokumente und Einstellungen\Elmar-Admin\fbchathistory.dat
2013-07-25 19:25 - 2013-04-27 04:39 - 00000000 ____D C:\WINDOWS\SHELLNEW
2013-07-25 19:25 - 2013-04-19 01:58 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Microsoft Shared
2013-07-25 14:48 - 2013-07-25 14:48 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Greenshot
2013-07-24 22:28 - 2013-05-23 13:58 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\_z hardware
2013-07-24 20:26 - 2013-04-19 02:11 - 00000000 ____D C:\Programme\Gemeinsame Dateien\InstallShield
2013-07-24 18:39 - 2013-07-24 18:39 - 00000000 ____D C:\Programme\Kaspersky Lab
2013-07-24 18:39 - 2013-07-24 18:39 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\Kaspersky Security Scan
2013-07-24 11:29 - 2013-05-23 08:18 - 00000190 ___SH C:\Dokumente und Einstellungen\Administrator\ntuser.ini
2013-07-24 10:47 - 2013-06-13 21:14 - 00065536 _____ C:\WINDOWS\system32\config\Nano.evt
2013-07-24 10:23 - 2013-07-24 10:23 - 00000000 ___HD C:\BJPrinter
2013-07-24 10:21 - 2013-04-27 18:09 - 00065536 _____ C:\WINDOWS\system32\config\SpybotSD.evt
2013-07-24 09:53 - 2013-07-07 02:18 - 00051144 _____ (Soluto LTD.) C:\WINDOWS\system32\Drivers\Soluto.sys
2013-07-24 01:39 - 2013-04-19 02:54 - 00000000 ____D C:\WINDOWS\NLDRV
2013-07-23 10:37 - 2013-07-17 16:45 - 00000000 ____D C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\ad
2013-07-23 01:34 - 2013-05-27 11:54 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Adobe AIR
2013-07-23 01:34 - 2013-04-25 23:10 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\vlc
2013-07-23 01:30 - 2013-05-22 18:51 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\GlarySoft
2013-07-23 01:29 - 2013-07-23 01:29 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\GlarySoft
2013-07-23 01:28 - 2013-05-23 08:18 - 00000000 ____D C:\Dokumente und Einstellungen\Administrator
2013-07-23 01:21 - 2013-07-23 01:21 - 00000318 _____ C:\WINDOWS\Tasks\GlaryInitialize 3.job
2013-07-22 13:33 - 2013-07-22 13:32 - 00000000 ____D C:\WINDOWS\system32\NtmsData
2013-07-22 12:02 - 2013-07-22 12:02 - 00000967 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\110% - 298.nbr
2013-07-22 11:31 - 2013-07-21 14:24 - 00065536 _____ C:\WINDOWS\system32\config\iolo App.evt
2013-07-22 11:10 - 2013-06-13 21:05 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\ProcessLasso
2013-07-21 14:24 - 2013-07-21 14:24 - 00074703 _____ C:\WINDOWS\system32\mfc45.dat
2013-07-21 14:24 - 2013-07-21 14:24 - 00000000 ____D C:\Programme\iolo
2013-07-20 17:24 - 2013-07-17 16:42 - 00000190 ___SH C:\Dokumente und Einstellungen\Dragnon NeuerUser\ntuser.ini
2013-07-20 17:05 - 2013-07-20 17:05 - 00000529 ____C C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\fp.lnk
2013-07-19 21:11 - 2013-07-19 21:11 - 00000967 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\285- 108% - all running.nbr
2013-07-19 21:09 - 2013-07-19 21:06 - 00000967 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\271 - 108% - nothing running.nbr
2013-07-19 20:59 - 2013-07-19 20:59 - 00000967 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\295 - 108% - nothing running.nbr
2013-07-19 20:57 - 2013-07-19 20:57 - 00000967 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\291 - 108% - nothing running.nbr
2013-07-19 20:54 - 2013-07-19 20:54 - 00000967 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\285 - 206 MHz - nothing running.nbr
2013-07-19 20:27 - 2013-07-08 22:13 - 00000148 _____ C:\WINDOWS\system32\autopart.opt
2013-07-19 20:15 - 2013-06-27 20:00 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Downloaded Installations
2013-07-19 14:43 - 2013-07-19 14:43 - 00000000 ____D C:\Programme\Gemeinsame Dateien\RBSoft
2013-07-19 14:42 - 2013-04-27 19:03 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\_improve system
2013-07-19 00:38 - 2013-07-19 00:38 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_ZuneDriver_01_09_00.Wdf
2013-07-19 00:38 - 2013-07-19 00:38 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____H C:\WINDOWS\system32\Drivers\MsftWdf_user_01_09_00.Wdf
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\zh-TW
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\zh-CN
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\sv-SE
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\ru-RU
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\pt-PT
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\pt-BR
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\pl-PL
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\nl-NL
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\nb-NO
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\ms-MY
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\ko-KR
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\ja-JP
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\it-IT
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\hu-HU
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\fr-FR
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\fi-FI
2013-07-19 00:36 - 2013-07-19 00:36 - 00000000 ____D C:\WINDOWS\system32\el-GR
2013-07-19 00:36 - 2013-04-19 02:54 - 00000000 ____D C:\WINDOWS\system32\de-de
2013-07-19 00:35 - 2013-04-19 01:58 - 00000000 ___RD C:\Dokumente und Einstellungen\All Users\Dokumente
2013-07-19 00:35 - 2013-04-19 01:02 - 00000000 __SHD C:\Dokumente und Einstellungen\All Users\DRM
2013-07-19 00:33 - 2013-07-19 00:33 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_zumbus_01009.Wdf
2013-07-18 23:59 - 2013-07-18 23:59 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\PC Suite
2013-07-18 23:57 - 2013-07-18 23:57 - 00000000 ____D C:\Programme\DIFX
2013-07-18 19:24 - 2013-07-18 19:24 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\TrojanHunter
2013-07-18 19:17 - 2013-07-18 19:17 - 00059392 ____R C:\WINDOWS\system32\streamhlp.dll
2013-07-18 17:55 - 2013-04-19 01:28 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\_filemanagement
2013-07-17 16:44 - 2013-04-27 04:40 - 00000400 _____ C:\WINDOWS\ODBC.INI
2013-07-17 15:41 - 2013-07-17 15:41 - 00000188 ____C C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\5300-2.lnk
2013-07-17 15:41 - 2013-07-17 15:41 - 00000188 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\60er.lnk
2013-07-17 15:09 - 2013-07-17 15:09 - 00000000 ____D C:\WINDOWS\ERUNT
2013-07-16 19:07 - 2013-07-16 19:07 - 00000174 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\Drucker hinzufügen.lnk
2013-07-16 16:16 - 2013-07-13 22:04 - 00000649 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\Entfernen des Avira DE-Cleaners.lnk
2013-07-16 16:16 - 2013-07-13 22:04 - 00000584 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\Avira DE-Cleaner.lnk
2013-07-16 13:35 - 2013-07-16 13:35 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\IGC
2013-07-16 13:35 - 2013-07-16 13:35 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\IGC
2013-07-16 12:03 - 2013-04-27 11:21 - 00000000 ____D C:\Programme\Microsoft Silverlight
2013-07-16 11:24 - 2013-07-16 11:24 - 00001819 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\SyncSettings - R -- E-Dropbox - Backup - Q.ffs_batch
2013-07-16 11:24 - 2013-07-16 11:24 - 00001791 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\SyncSettings - R -- E-Dropbox - Backup - Q.ffs_gui
2013-07-16 11:21 - 2013-05-25 00:41 - 00001831 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\SyncSettings - R - F-Backup R - Versioning.ffs_gui
2013-07-16 10:24 - 2013-07-16 10:24 - 00000967 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\300 - 108% - nicht NOS.nbr
2013-07-16 02:00 - 2013-07-16 02:00 - 00000589 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\NovaBench.lnk
2013-07-16 01:58 - 2013-07-16 01:58 - 00000967 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\299 - 108% - nicht NOS.nbr
2013-07-16 01:38 - 2013-07-16 01:38 - 00000967 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\298 - 108%.nbr
2013-07-16 01:35 - 2013-07-16 01:35 - 00000967 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\293 - 105%.nbr
2013-07-16 01:33 - 2013-07-16 01:33 - 00000967 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\288 - 103%.nbr
2013-07-16 01:31 - 2013-07-16 01:31 - 00001445 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\Ai Booster v2.00.68.lnk
2013-07-16 01:29 - 2013-07-16 01:29 - 00000967 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\287 - 100%.nbr
2013-07-16 00:57 - 2013-07-11 20:34 - 00000000 ____D C:\Programme\ASUS
2013-07-16 00:32 - 2013-07-16 00:32 - 00001561 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\AI Suite v1.03.15.lnk
2013-07-16 00:31 - 2013-07-16 00:31 - 00000946 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\13.0x (X) 1.375V.lnk
2013-07-16 00:30 - 2013-07-16 00:30 - 00000938 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\12.5x (X).lnk
2013-07-15 15:02 - 2013-07-15 15:02 - 00000887 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\process explorer.lnk
2013-07-15 14:43 - 2013-07-15 14:43 - 00000540 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\wscc.lnk
2013-07-15 12:15 - 2013-07-13 14:17 - 00000432 _____ C:\WINDOWS\BRWMARK.INI
2013-07-15 10:41 - 2013-07-11 20:19 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\WinRAR
2013-07-15 01:22 - 2013-07-15 01:22 - 00000855 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\3360x2560_20130715.dsv
2013-07-15 00:24 - 2013-07-15 00:24 - 00001710 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\ad.lnk
2013-07-15 00:24 - 2013-07-15 00:24 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\7stacks
2013-07-14 14:31 - 2013-07-13 14:17 - 00000065 _____ C:\WINDOWS\system32\BD7010.DAT
2013-07-14 08:16 - 2013-07-15 23:45 - 00114296 _____ (Ray Hinchliffe) C:\WINDOWS\system32\Drivers\SIVX32.sys
2013-07-13 21:03 - 2013-07-13 21:03 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Help
2013-07-13 19:02 - 2013-07-13 19:02 - 00087704 _____ C:\WINDOWS\cadkasdeinst01.exe
2013-07-13 19:02 - 2013-07-13 19:02 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\Mein Schriftarten 1.0
2013-07-13 18:20 - 2013-07-12 16:31 - 00000739 ____C C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\aS.lnk
2013-07-13 18:20 - 2013-07-12 16:31 - 00000739 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\aborange Scheduler.lnk
2013-07-13 14:17 - 2013-07-13 14:17 - 00000000 ___RD C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Brother
2013-07-13 14:17 - 2013-04-19 02:54 - 00000000 ____D C:\WINDOWS\twain_32
2013-07-13 13:56 - 2013-05-23 00:32 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Winsplit Revolution
2013-07-13 03:10 - 2013-07-13 03:09 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\.tfo4
2013-07-13 03:09 - 2013-07-13 03:09 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\4.0
2013-07-13 02:56 - 2013-07-13 02:56 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\STRATO
2013-07-13 02:44 - 2013-07-13 02:44 - 00000634 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\cp.lnk
2013-07-12 20:13 - 2013-07-12 20:13 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\MeineBackups
2013-07-12 19:49 - 2013-04-19 01:04 - 00000000 ___RD C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü
2013-07-12 09:59 - 2013-07-05 09:33 - 00002321 _____ C:\Dokumente und Einstellungen\Administrator\Desktop\W.lnk
2013-07-12 05:08 - 2008-04-14 01:01 - 00251712 __RSH C:\ntldr
2013-07-12 05:08 - 2008-04-13 23:13 - 00047564 __RSH C:\ntdetect.com
2013-07-12 05:08 - 2001-08-18 13:00 - 00004952 __RSH C:\bootfont.bin
2013-07-12 03:00 - 2013-07-12 03:00 - 00000830 ____C C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\x2.lnk
2013-07-12 03:00 - 2013-07-12 03:00 - 00000830 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\x2.lnk
2013-07-12 02:49 - 2013-07-12 02:49 - 00000823 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\PandaCloudAntivirus22.lnk
2013-07-11 22:00 - 2013-07-11 22:00 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\aborange Scheduler
2013-07-11 19:10 - 2013-07-11 19:10 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\Anti-Malware
2013-07-11 16:26 - 2013-07-08 00:08 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\_faster
2013-07-11 16:24 - 2013-07-11 16:23 - 00000000 ____D C:\Programme\Spyware Terminator
2013-07-11 16:23 - 2013-07-11 16:23 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Spyware Terminator
2013-07-11 15:36 - 2013-07-11 15:34 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\ShutdownAddin
2013-07-11 15:34 - 2013-07-11 15:34 - 00000000 ____D C:\Programme\Gemeinsame Dateien\OutlookShutdown
2013-07-11 12:33 - 2013-07-11 12:33 - 00000224 ____C C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\4950.lnk
2013-07-11 12:33 - 2013-07-11 12:33 - 00000224 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\10er.lnk
2013-07-11 12:32 - 2013-04-27 05:18 - 00000000 ____D C:\WINDOWS\ie8updates
2013-07-10 22:55 - 2013-05-22 13:39 - 00002447 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\cy.lnk
2013-07-10 22:55 - 2013-04-19 01:04 - 00000784 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\IE.lnk
2013-07-10 21:06 - 2013-07-10 21:06 - 00000000 ____D C:\Programme\Enigma Software Group
2013-07-10 21:05 - 2013-07-02 22:53 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Wise Installation Wizard
2013-07-10 20:59 - 2013-07-10 20:59 - 00000495 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\Temps löschen.bat
2013-07-10 18:25 - 2013-04-19 01:04 - 00000000 ___RD C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\Eigene Bilder
2013-07-10 10:28 - 2013-07-10 10:28 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\aborange
2013-07-09 23:27 - 2013-07-09 23:26 - 00000000 ___DC C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\neuer LD
2013-07-09 17:55 - 2013-07-09 17:53 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\MagraSoft
2013-07-09 17:46 - 2013-06-12 00:39 - 00000000 ____D C:\Programme\Sysinternals Suite
2013-07-09 17:37 - 2013-07-08 20:12 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\DeskSoft
2013-07-09 17:09 - 2013-07-09 17:09 - 00004165 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\Weiland CD Zusammenstellung 2.dxp
2013-07-09 15:34 - 2013-05-23 10:57 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Canon
2013-07-09 14:39 - 2013-05-30 19:00 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-07-09 14:39 - 2013-04-27 11:22 - 00692104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-07-09 14:39 - 2013-04-27 11:22 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-07-09 11:46 - 2013-06-28 15:02 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\.oit
2013-07-09 11:15 - 2013-07-09 11:15 - 00000254 _____ C:\WINDOWS\UPGRADE.TXT
2013-07-09 11:15 - 2013-07-09 11:15 - 00000000 ____D C:\WINDOWS\setupupd
2013-07-09 11:15 - 2013-07-09 11:15 - 00000000 ____D C:\WINDOWS\setup.pss
2013-07-09 11:07 - 2013-07-09 11:15 - 00000492 _____ C:\BOOT.BAK
2013-07-08 22:52 - 2013-07-08 20:35 - 00065536 _____ C:\WINDOWS\system32\config\bootracer.evt
2013-07-08 22:10 - 2013-04-19 01:11 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Acronis
2013-07-08 22:07 - 2013-06-30 12:48 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\UseNeXT
2013-07-08 21:34 - 2013-07-06 23:30 - 00000436 ____C C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\kill unnecessary tasks.lnk
2013-07-08 21:34 - 2013-07-06 23:30 - 00000436 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\kill unnecessary tasks.lnk
2013-07-08 20:41 - 2013-07-07 12:34 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\_easywork
2013-07-08 20:40 - 2013-04-27 19:04 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\_maintenance
2013-07-08 20:35 - 2013-04-19 01:04 - 00000000 __SHD C:\WINDOWS\CSC
2013-07-08 20:22 - 2013-07-08 20:22 - 00000973 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\C&D.lnk
2013-07-08 20:15 - 2013-07-08 20:15 - 00065536 _____ C:\WINDOWS\system32\config\Bootrace.evt
2013-07-08 20:15 - 2013-07-08 20:15 - 00000000 ____D C:\Programme\BootRacer
2013-07-08 20:13 - 2013-07-08 20:12 - 00023040 _____ (DeskSoft) C:\WINDOWS\system32\Drivers\dsnpfd.sys
2013-07-08 20:10 - 2013-07-08 20:09 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Expert PDF Reader
2013-07-08 20:08 - 2013-07-08 20:06 - 00082008 _____ C:\WINDOWS\CFSETUP.TXT
2013-07-08 19:27 - 2013-07-27 17:42 - 00000000 __SHD C:\Dokumente und Einstellungen\UpdatusUser\IETldCache
2013-07-08 19:27 - 2013-07-17 16:42 - 00000000 __SHD C:\Dokumente und Einstellungen\Dragnon NeuerUser\IETldCache
2013-07-08 19:27 - 2013-07-08 19:27 - 00000000 __SHD C:\Dokumente und Einstellungen\Default User\IETldCache
2013-07-08 16:18 - 2013-07-08 16:18 - 00000398 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\boot.lnk
2013-07-08 16:07 - 2013-04-19 02:57 - 00000266 ___SH C:\boot old.ini
2013-07-08 14:42 - 2013-07-08 14:42 - 00000000 __SHD C:\Dokumente und Einstellungen\NetworkService\PrivacIE
2013-07-08 14:16 - 2013-07-08 14:16 - 00000023 _____ C:\WINDOWS\system32\CleanGenius3Free.dll
2013-07-08 13:43 - 2013-07-08 13:43 - 00000000 __SHD C:\Dokumente und Einstellungen\LocalService\PrivacIE
2013-07-08 13:00 - 2013-07-08 12:59 - 00000026 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\Clearup RAM.vbs
2013-07-08 12:56 - 2013-07-08 12:56 - 00001642 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\ContentIndex original.reg
2013-07-07 21:23 - 2013-07-07 21:23 - 00000000 ____D C:\Programme\TweakRAM
2013-07-07 21:21 - 2013-07-07 21:21 - 00000000 ____D C:\Programme\RAM Defrag
2013-07-07 17:42 - 2013-04-19 02:09 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\_tweak
2013-07-07 13:24 - 2013-07-07 13:24 - 00000645 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Launchy.lnk
2013-07-07 12:44 - 2013-05-28 12:44 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Launchy
2013-07-07 12:38 - 2013-07-07 12:38 - 00000931 ____C C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\DP.lnk
2013-07-07 12:38 - 2013-07-07 12:38 - 00000931 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\DP.lnk
2013-07-07 12:34 - 2013-07-07 12:34 - 00000000 ____D C:\Programme\Launchy
2013-07-07 12:19 - 2013-06-12 00:40 - 00000000 ____D C:\Programme\NirSoft Utilities
2013-07-07 11:13 - 2013-07-07 01:40 - 00010240 _____ C:\WINDOWS\system32\ACRAMDiskHandlerService32RD3.ini
2013-07-07 10:44 - 2013-07-07 10:44 - 00000662 ____C C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\od.lnk
2013-07-07 10:44 - 2013-07-07 10:44 - 00000662 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\ObjectDock.lnk
2013-07-07 10:25 - 2013-07-07 10:22 - 00000000 ____D C:\Programme\ObjectDockFree
2013-07-07 03:28 - 2013-07-07 03:28 - 00000000 ____D C:\Programme\Sinvise Systems
2013-07-07 03:28 - 2013-07-07 03:28 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Sinvise Systems
2013-07-07 02:14 - 2013-07-07 02:14 - 00000822 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\3360x2560_20130707.dsv
2013-07-07 01:46 - 2013-07-29 13:42 - 00689672 ____C (Acronis) R:\z_temp\284FA982-B8E0-44DF-9F05-0C11815B9A64
2013-07-07 01:46 - 2013-07-29 13:42 - 00139336 ____C (Acronis) R:\z_temp\827824D0-7A8B-4E09-B55A-885840080A00
2013-07-07 01:46 - 2013-07-07 01:46 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\350F4898-238C-459E-9E95-A334F8063E77
2013-07-07 01:46 - 2013-04-19 01:12 - 00689672 _____ (Acronis) C:\WINDOWS\system32\Drivers\tib_mounter.sys
2013-07-07 01:46 - 2013-04-19 01:12 - 00139336 _____ (Acronis) C:\WINDOWS\system32\Drivers\vididr.sys
2013-07-07 01:23 - 2013-04-19 01:49 - 00000000 ____D C:\WINDOWS\pss
2013-07-07 01:15 - 2013-07-07 01:15 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Application Data\Soluto
2013-07-06 23:29 - 2013-07-06 23:29 - 00000000 ____N C:\WINDOWS\Sti_Trace.log
2013-07-06 10:15 - 2013-05-22 20:28 - 00001150 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\CsTemplates.ckt
2013-07-06 00:49 - 2013-07-05 22:46 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Audacity
2013-07-06 00:27 - 2013-07-06 00:27 - 00000000 ____D C:\Programme\Lame For Audacity
2013-07-05 22:18 - 2013-07-05 22:18 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\AMPSoft
2013-07-05 16:17 - 2013-07-05 12:16 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Nuance
2013-07-05 16:01 - 2013-07-05 16:00 - 01451238 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\Windows Systeminformationen 050713 - 1600.nfo
2013-07-05 12:16 - 2013-07-05 12:16 - 00000000 ____D C:\Programme\Gemeinsame Dateien\IVA
2013-07-05 12:16 - 2013-06-28 15:11 - 00000000 ____D C:\Programme\Nuance
2013-07-05 12:16 - 2013-04-27 02:54 - 00000000 ____D C:\WINDOWS\Speech
2013-07-05 09:33 - 2013-07-05 09:33 - 00000000 ____D C:\Dokumente und Einstellungen\Administrator\Desktop\Microsoft Office
2013-07-04 23:02 - 2013-07-04 23:02 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Typograf
2013-07-04 20:08 - 2013-07-04 20:08 - 00000224 ____C C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\5300.lnk
2013-07-04 20:08 - 2013-07-04 20:08 - 00000224 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\50er.lnk
2013-07-04 16:38 - 2013-06-07 23:10 - 00188176 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys
2013-07-04 16:37 - 2013-07-04 16:37 - 00174864 _____ (Oracle Corporation) C:\WINDOWS\system32\VBoxNetFltNobj.dll
2013-07-04 16:37 - 2013-07-04 16:37 - 00115984 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetFlt.sys
2013-07-04 16:37 - 2013-06-07 23:10 - 00094480 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2013-07-04 16:37 - 2013-04-12 12:33 - 00104720 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetAdp.sys
2013-07-04 13:16 - 2013-07-04 13:16 - 00002721 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\Weiland CD Zusammenstellung.dxp
2013-07-04 13:04 - 2013-07-04 13:04 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Canneverbe Limited
2013-07-04 08:46 - 2013-07-04 08:46 - 00013824 ____C C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\Duschen - bitte genießen .msg
2013-07-04 08:46 - 2013-07-04 08:46 - 00013824 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\Duschen - bitte genießen .msg
2013-07-03 18:11 - 2013-04-27 21:05 - 00000000 ____D C:\Programme\FreePDF_XP
2013-07-03 18:11 - 2013-04-27 21:05 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\FreePDF
2013-07-03 01:20 - 2013-07-03 01:20 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Leadertech
2013-07-03 00:43 - 2013-07-03 00:43 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Opera Software
2013-07-03 00:09 - 2013-07-03 00:08 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\StartMenuX
2013-07-02 22:55 - 2013-04-19 02:38 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\_benchmark & test
2013-07-02 20:44 - 2013-07-02 20:26 - 00000000 ____D C:\WINDOWS\SxsCaPendDel
2013-07-02 20:33 - 2013-07-02 20:33 - 01198049 _____ C:\WINDOWS\unins001.exe
2013-07-02 20:33 - 2013-07-02 20:33 - 00000000 ____D C:\WINDOWS\system32\Adobe
2013-07-02 20:33 - 2013-04-27 11:22 - 00014900 _____ C:\WINDOWS\unins001.dat
2013-07-02 20:33 - 2013-04-19 02:54 - 00000000 ____D C:\WINDOWS\system32\Macromed
2013-07-02 20:33 - 2013-04-19 02:54 - 00000000 ____D C:\WINDOWS\system
2013-07-02 17:37 - 2013-07-02 17:37 - 01609384 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\Windows Systeminformationen.nfo
2013-07-02 15:27 - 2013-07-02 15:27 - 00097176 _____ (Elaborate Bytes AG) C:\WINDOWS\system32\ElbyCDIO.dll
2013-07-02 13:43 - 2013-07-02 13:43 - 00000000 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\soft Xpansion Perfect PDF 8 Reader - 02.07.13 13.43.18.dmp
2013-07-02 11:50 - 2013-06-27 19:38 - 00000670 ____C C:\Dokumente und Einstellungen\Elmar-Admin\Desktop\pr.lnk
2013-07-02 11:50 - 2013-06-27 19:38 - 00000670 _____ C:\Dokumente und Einstellungen\Dragnon NeuerUser\Desktop\pr.lnk
2013-07-02 11:46 - 2013-04-19 01:04 - 00000000 ___RD C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\Zubehör
2013-07-02 02:41 - 2013-07-02 02:41 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\ASCOMP Software
2013-07-02 02:41 - 2013-04-27 19:03 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\_backup
2013-07-01 21:24 - 2013-07-01 21:24 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\IObit
2013-07-01 21:06 - 2013-07-01 21:06 - 00001100 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-01 21:06 - 2013-07-01 21:06 - 00001096 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-01 21:06 - 2013-05-29 12:36 - 00000000 ____D C:\Programme\Google
2013-07-01 16:52 - 2013-06-02 12:06 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\QuickScan
2013-07-01 15:36 - 2013-05-23 10:53 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2013-07-01 12:40 - 2013-04-27 19:05 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\z_rest
2013-07-01 12:39 - 2013-07-01 12:39 - 00000000 ____D C:\Dokumente und Einstellungen\LocalService\Startmenü
2013-07-01 00:28 - 2013-07-01 00:28 - 00000834 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\3360x2560_20130701.dsv
2013-06-30 23:24 - 2013-06-30 23:24 - 00000830 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\2944x1352_20130630.dsv
2013-06-30 17:20 - 2013-06-30 17:20 - 00000362 _____ C:\WINDOWS\Tasks\DriverEasy Scheduled Scan.job
2013-06-30 12:54 - 2013-04-27 19:07 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Startmenü\Programme\_internet
2013-06-30 12:48 - 2013-06-30 12:48 - 00000000 ____D C:\Dokumente und Einstellungen\Elmar-Admin\Eigene Dateien\UseNeXT
2013-06-29 20:56 - 2013-06-29 20:56 - 00000063 _____ C:\WINDOWS\PPDeskVw.INI
2013-06-29 17:36 - 2013-06-29 17:36 - 00009359 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Microsoft Access.EML
2013-06-29 17:33 - 2013-06-29 17:33 - 00009378 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Tabulatorgetrennte Werte (Windows).EML
2013-06-29 17:32 - 2013-06-29 17:30 - 00009358 _____ C:\Dokumente und Einstellungen\Elmar-Admin\Anwendungsdaten\Microsoft Excel.EML
Files to move or delete:
====================
C:\Dokumente und Einstellungen\Elmar-Admin\fbchathistory.dat
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2009-08-14 02:13] - [2009-08-14 02:13] - 1036800 ____A (Microsoft Corporation) d999cf40bd4eeb69fab32069ca9d65b1
C:\Windows\System32\winlogon.exe
[2009-08-14 02:14] - [2009-08-14 02:14] - 0513024 ____A (Microsoft Corporation) 8069cbc1daa6de61a6b438ea0d4ae2a0
C:\Windows\System32\svchost.exe
[2009-08-14 02:14] - [2009-08-14 02:14] - 0014848 ____A (Microsoft Corporation) 67e38b4a549833e02d4d1617b5dbc318
C:\Windows\System32\services.exe
[2009-08-14 02:14] - [2009-08-14 02:14] - 0111104 ____A (Microsoft Corporation) f0a7d59af279326528715b206669b86c
C:\Windows\System32\User32.dll
[2008-04-14 08:52] - [2008-04-14 08:52] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd
C:\Windows\System32\userinit.exe
[2008-04-14 08:53] - [2008-04-14 08:53] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106
C:\Windows\System32\Drivers\volsnap.sys
[2008-04-14 08:22] - [2008-04-14 08:22] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-07-2013
Ran by Elmar-Admin at 2013-07-29 16:43:33
Running from E:\_ dropbox _\Dropbox\_ install new\__new
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
µTorrent (Version: 3.3.0.29677)
7-PDF Split & Merge Version 2.1.0 (Build 128) (Version: 7-PDF Split & Merge - Version 2.1.0 (Build 128))
7stacks 1.5 beta 2 (Version: 1.4.24)
aborange Scheduler - Deinstallation (Version: 3.01)
Acronis*Disk*Director*11*Home (Version: 11.0.2121)
Adobe AIR (Version: 3.7.0.2090)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Reader XI (11.0.03) - Deutsch (Version: 11.0.03)
Adobe Shockwave Player 12.0 (Version: 12.0.2.122)
Adobe Shockwave Player 12.0 (Version: 12.0.3.133)
Ai Booster (Version: 2.00.68)
AllDup 3.4.24 (Version: 3.4.24)
Allgemeine Runtime Files (x86) (Version: 1.0.3.6)
allSnap version 1.33.2 (Version: 1.33)
Alternative Flash Player Auto-Updater (Version: 1.1.0.3)
AMP Font Viewer
AntiFreeze 1.01
AnVir Task Manager Pro (Version: 6.3.1)
AnyDVD (Version: 7.2.3.0)
ArchiCrypt Ultimate RAM-Disk 3 Version 3.9.1.4216 (Version: 3.9.1.4216)
ArgusMonitor
Arora 0.10.0 (Version: 0.10.0)
Ashampoo HDD Control 2 v.2.1.0 (Version: 2.1.0)
Ashampoo Snap 6 v.6.0.5 (Version: 6.0.5)
Ashampoo WinOptimizer 9 v.9.04.31 (Version: 9.04.31)
AsusUpdate
Athlon 64 Processor Driver (Version: 1.2.2.2)
Audacity 2.0.3 (Version: 2.0.3)
AVM FRITZ!fax für FRITZ!Box
Belarc Advisor 8.1
BootLog XP (Version: 2.10)
BootRacer (Version: 4.0.0)
BWMeter (Version: 6.5.2)
BySoft FreeRAM 4.0 (Version: 4.0)
CachemanXP 2.0 (Windows 2000,2003,XP) (Version: 2.0)
Canon iP100 series Printer Driver
Canon iP4900 series Benutzerregistrierung
Canon iP4900 series On-screen Manual
Canon iP4900 series Printer Driver
Canon iX6500 series Printer Driver
Canon MG5100 series MP Drivers
Canon MG5300 series MP Drivers
Canon MG5300 series On-screen Manual
Canon MP Navigator EX 5.0
Canon My Printer
Canon S6300
Canon Solution Menu EX
CCleaner (Version: 4.04)
CD Bremse 1.49 (Version: 1.49)
CDBurnerXP (Version: 4.5.2.4214)
cFosSpeed v9.04 (Version: 9.04)
CheckDrive (Version: 4.4)
Circle Dock (Version: 32-bit v1.56 (Refresh))
CleanGenius 3.0.6
Client für die Windows-Rechteverwaltung mit Service Pack 2 (Version: 5.2.95)
Comfort Keys Pro 7.0.3.0 (Version: 7.0)
Cool & Quiet
Copernic Desktop Search - Home
CPUID CPU-Z 1.65.0
CPUID HWMonitor 1.23
CrystalDiskMark 3.0.2d (Version: 3.0.2d)
DDBAC (Version: 5.3.7)
DFÜ-Optimierer 1.40
DirectX 9.0c Extra Files (x86, x64) (Version: 1.10.06.0)
DirectX for Managed Code (Version: 1.0.0.0)
Dr. Hardware 2013 13.0d
Dragon NaturallySpeaking 12 (Version: 12.50.000)
Driver Fusion (Version: 1.7.0)
Driver Genius (Version: 12.0)
Driver Genius Professional 12.0.0.1306 (Version: 12.0.0.1306)
DriverEasy 4.5.2 (Version: 4.5.2.0)
Dropbox (HKCU Version: 2.2.9)
Dual-Core Optimizer (Version: 1.1.4.0169)
Duplicate Email Remover (Version: 2.18.0)
DVD Shrink 3.2 deutsch (DeCSS-frei)
EaseUS Data Recovery Wizard 6.0
EaseUS Partition Master 9.2.2
Emsisoft Anti-Malware (Version: 8.0)
eReg (Version: 1.20.138.34)
ESET Online Scanner v3
Everything 1.3.3.658b (x86)
eXtra Buttons
FancyCache For Disk (Beta) 0.8.0 (Version: 0.8.0)
FileRestorePlus™ 3.0.4.503
FlashFolder (Version: 1.9.181.0)
FontExplorer X Pro 2.4.0 (Version: 002.004.0959)
FormatFactory 3.1.0 (Version: 3.1.0)
Free Audio Converter version 5.0.25.610 (Version: 5.0.25.610)
Free Extended Task Manager (Version: 1.0.0.46)
Free PDF to Word Doc Converter v1.1 (Version: 1.1)
FreeFileSync 5.18 (Version: 5.18)
FreePDF (Remove only)
Glary Utilities 3.7 (Version: 3.7.0.127)
GMX ProfiFax (Version: 2.00.236)
GMX SMS-Manager (Version: 2.7.2)
GMX SMS-Manager (Version: 2.7.2.6)
GMX Upload-Manager (Version: 2.0.670)
Google Chrome Canary (HKCU Version: 30.0.1578.3)
Google Drive (Version: 1.10.4769.632)
GoogleClean (Version: 4.0.112)
GPL Ghostscript (Version: 9.07)
Greenfish Icon Editor Pro 3.25
Greenshot 1.1.5.2643 (Version: 1.1.5.2643)
Hardcopy (Version: 2013.02.01)
HD Tach version 3
HD Tune Pro 5.50
HDDlife Pro 4.0 (Version: 4.0.193)
HitmanPro 3.7 (Version: 3.7.6.201)
Hot CPU Tester Pro 4.4 (Version: 4.4 LE)
HWiNFO32 Version 4.20 (Version: 4.20)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Kaspersky Security Scan (Version: 12.0.1.340)
KC Softwares SUMo (Version: 3.7.1.204)
K-Meleon 1.5.4 de-DE (nur entfernen) (Version: 1.5.4)
Kyocera Product Library (Version: 3.3.0728)
LAME v3.99.3 (for Windows)
Launchy 2.6 Beta 2
Lexware Abschreibungsrechner (Version: 10.50.04.0001)
Lexware Elster (Version: 13.04.00.0113)
Lexware Info Service (Version: 2.70.00.0081)
Lexware lohnauskunft 2009 (Version: 17.50.00.0023)
Lexware lohnauskunft 2011 (Version: 19.60.00.0032)
Lexware online banking (Version: 13.00.00.0040)
Lexware QuickBooks 2012 (Version: 24.30.04.0047)
Logitech SetPoint 6.60 (Version: 6.60.170)
Marvell Miniport Driver (Version: 11.45.4.3)
Mein Schriftarten 1
Memory and CPU Observer 2.3 Personal (Beta)
Memory Measurer (HKCU Version: 1.0.0.1)
MFC RunTime files (Version: 1.0.0)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 German Language Pack (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Language Pack - DEU
Microsoft .NET Framework 2.0 Language Pack - DEU (Version: 1.1.50727.42)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.3.30730)
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30730)
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU (Version: 3.2.30729)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30730)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Bootvis (Version: 1.3.37)
Microsoft Expression Encoder 4 (Version: 4.0.4276.0)
Microsoft Expression Encoder 4 Screen Capture Codec (Version: 4.0.4276.0)
Microsoft Garage Mouse without Borders (Version: 2.1.2.1212)
Microsoft IntelliType Pro 8.2 (Version: 8.20.468.0)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Outlook-Sicherung für Persönliche Ordner (Version: 1.10.0.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61187)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (Version: 9.0.30729.4048)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (Version: 9.0.30729.7523)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual J# 2.0 Redistributable Package - SE
Microsoft Visual J# 2.0 Redistributable Package - SE (Version: 2.0.50728)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1)
Microsoft_VC90_CRT_x86 (Version: 1.0.0)
Mindjet (Version: 11.2.185)
Mindjet MindManager Pro 6 (Version: 6.2.399)
MSN
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVC90_x86 (Version: 1.0.1.2)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 6 Service Pack 2 (KB2758696) (Version: 6.20.2016.0)
MultiMon TaskBar PRO 3 (Trial)
NexusFont 2.5 (ver 2.5.8.1582)
NovaBench 3.0.4
Nuance PaperPort 14 (Version: 14.0.0001)
Nuance PDF Create 7 (Version: 7.10.2332)
Nuance PDF Reader (Version: 7.00.0000)
Nuance PDF Viewer Plus (Version: 7.10.3211)
NVIDIA Drivers (Version: 1.10.57.35)
NVIDIA GeForce Experience 1.5 (Version: 1.5)
NVIDIA Grafiktreiber 320.49 (Version: 320.49)
NVIDIA HD-Audiotreiber 1.3.24.2 (Version: 1.3.24.2)
NVIDIA Install Application (Version: 2.1002.124.810)
NVIDIA nView 140.62 (Version: 140.62)
NVIDIA PhysX (Version: 9.13.0604)
NVIDIA Systemsteuerung 320.49 (Version: 320.49)
NVIDIA Update 4.11.9 (Version: 4.11.9)
NVIDIA Update Components (Version: 4.11.9)
NvMixer
O&O CleverCache (Version: 7.1.2737)
ObjectDock Plus (Version: 2.01)
Opera Stable 15.0.1147.130 (Version: 15.0.1147.130)
Oracle VM VirtualBox 4.2.16 (Version: 4.2.16)
Paint.NET v3.5.10 (Version: 3.60.0)
Panda Cloud Cleaner (Version: 1.0.50)
PaperPort Anywhere 1.1.4241.14593 powered by OfficeDrop (Version: 1.1.4241.14593)
PaperPort Image Printer (Version: 14.00.0000)
PC Fresh (Version: 2013)
PDF reDirect (remove only) (Version: v2.5.2)
PDF Split And Merge Basic (Version: 2.2.2)
PDF24 Creator 5.7.0
PDFCreator (Version: 1.7.1)
PDF-Viewer (Version: 2.5.210.0)
PDF-XChange 2012 (Version: 5.0.266.0)
PDF-XChange 3.0
PerformanceTest v7.0 (Version: 7.0)
PerformanceTest v8.0 (Version: 8.0.1020.0)
Picasa 3 (Version: 3.9)
Pirmasoft RunAsSvc - ComfortKeys (Version: 1.6.159.59)
Pirmasoft RunAsSvc - ComfortKeys2 (Version: 1.6.159.59)
Power Tray
Primo Ramdisk Ultimate Edition 5.5.0 (Version: 5.5.0)
Process Lasso (Version: 6.6.0.18)
PTFB Pro 4.6.0.0
RadarSync PC Updater 2013 (Version: 4.1.0.15322)
RAM Defrag (Version: 2.84)
Realtek AC'97 Audio (Version: 5.36)
Recuva (Version: 1.47)
RedMon - Redirection Port Monitor
Registry Backup v2.0
RENESIS® Player Browser Plugins (Version: 1.1.1)
Right Click Enhancer 4.1.1 (Version: 4.1.1)
RocketDock 1.3.5
Rückwärtskompatibilität des Clients für die Windows-Rechteverwaltung SP2 (Version: 5.2.95)
SageThumbs 2.0.0.15 (Version: 2.0.0.15)
Samsung Magician (Version: 4.1.0)
SARDU 2.0.6.5 (Version: 2.0.6.5)
Scansoft PDF Create
SeaTools for Windows (Version: 1.2.0.7)
Secunia PSI (3.0.0.7009) (Version: 3.0.0.7009)
Sereby's XP SP3 Updatepack Version 3.9.7.1 (Version: Version 3.9.7.1)
Shutdown Timer (Version: 3.3.4)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2510531) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2618444) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2744842) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2797052) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2829530) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2838727) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2847204) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB971961) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB981332) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB982381) (Version: 1)
SiSoftware Sandra Lite 2013.SP4 (Version: 19.50.2013.7)
SlimDrivers (Version: 2.2.30085)
soft Xpansion Perfect PDF 8 Reader (Version: 8.0.2.8)
Software Informer 1.1
Soluto (Version: 1.3.1385.0)
SpeedFan (remove only)
Spybot - Search & Destroy (Version: 2.1.19)
SpyHunter (Version: 4.14.5.4268)
Spyware Terminator 2012 (Version: 3.0.0.82)
SRWare Iron Version SRWare Iron 26.0.1450.0 (Version: SRWare Iron 26.0.1450.0)
SSD Fresh (Version: 2013)
SSD Tweaker version 3.0.3 (Version: 3.0.3)
Start Menu X Version 4.86 (Version: 4.86)
Startup Delayer v2.5 (build 137)
SUPER © +Recorder.2013.55 (Mar 7, 2013) Version +Recorder.2013. (Version: +Recorder.2013.55)
swMSM (Version: 12.0.0.1)
Synergy (Version: 1.4.11)
System Checkup 3.4 (Version: 3.4.0.49)
System Explorer 4.2.2
System Tray Cleaner 3
TaskSwitchXP (Version: 2.0.11)
TeamViewer 8 (Version: 8.0.19617)
TeraCopy 2.3 beta 2
TimeLeft (Version: 3.62)
Tor 0.2.3.25
TreeSize Professional 5.3.1 (Version: 5.3.1)
Treiber-Studio 2013 (Version: 8.1.327)
TrojanHunter 5.5 (Version: 5.5)
True Image 2013 (Version: 16.0.5551)
True Image 2013 Plus Pack (Version: 16.0.5551)
Tweak UI
TweakRAM (Version: 7.1.5.31)
Tweak-XP Pro 4
Typograf 5.1c (Version: 5.1c)
UltraSearch V1.7.1 (Version: 1.7.1)
Unlocker 1.9.2 (Version: 1.9.2)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update für Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update für Windows Internet Explorer 8 (KB2632503) (Version: 1)
USB Safely Remove 5.1
UseNeXT by Tangysoft
User Profile Hive Cleanup Service (Version: 1.6.36)
Vidalia 0.2.21
VirtualCloneDrive
VirusKeeper 2011 Pro Probeversion
VirusTotal Uploader 2.0
Vit Registry Fix 12.5 (remove only)
VLC media player 2.0.7 (Version: 2.0.7)
WebFldrs XP (Version: 9.50.7523)
WebTemp 3.38 (kostenlose Version)
WindowManager (Version: 3.3.3)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
Windows Messenger 5.1 (Version: 5.1.0715)
Windows Mobile Device Updater Component (Version: 04.08.2345.00)
WindowSpace (Version: 2.5.8)
WinRAR 5.00 beta 7 (32-bit) (Version: 5.00.7)
WinSplit Revolution (v11.04) (Version: 11.04)
WinXP Cleaner (Version: 2.0.0)
Wise Care 365 version 2.49 (Version: 2.49)
Wise Disk Cleaner 7.85 (Version: 7.85)
Wise Registry Cleaner 7.73 (Version: 7.73)
WSCC 2.1.2.0
XP Services Optimizer (Version: 1.0.52)
xplorer² professional 32 bit (Version: 2.3.0.1)
XQDC X-Setup Pro 9.2.100 (Version: 9.2.100)
Zune (Version: 04.08.2345.00)
Zune Language Pack (CHS) (Version: 04.08.2345.00)
Zune Language Pack (CHT) (Version: 04.08.2345.00)
Zune Language Pack (CSY) (Version: 04.08.2345.00)
Zune Language Pack (DAN) (Version: 04.08.2345.00)
Zune Language Pack (DEU) (Version: 04.08.2345.00)
Zune Language Pack (ELL) (Version: 04.08.2345.00)
Zune Language Pack (ESP) (Version: 04.08.2345.00)
Zune Language Pack (FIN) (Version: 04.08.2345.00)
Zune Language Pack (FRA) (Version: 04.08.2345.00)
Zune Language Pack (HUN) (Version: 04.08.2345.00)
Zune Language Pack (IND) (Version: 04.08.2345.00)
Zune Language Pack (ITA) (Version: 04.08.2345.00)
Zune Language Pack (JPN) (Version: 04.08.2345.00)
Zune Language Pack (KOR) (Version: 04.08.2345.00)
Zune Language Pack (MSL) (Version: 04.08.2345.00)
Zune Language Pack (NLD) (Version: 04.08.2345.00)
Zune Language Pack (NOR) (Version: 04.08.2345.00)
Zune Language Pack (PLK) (Version: 04.08.2345.00)
Zune Language Pack (PTB) (Version: 04.08.2345.00)
Zune Language Pack (PTG) (Version: 04.08.2345.00)
Zune Language Pack (RUS) (Version: 04.08.2345.00)
Zune Language Pack (SVE) (Version: 04.08.2345.00)
==================== Restore Points =========================
29-07-2013 10:04:32 O&O DriveLED Professional wurde entfernt.
==================== Hosts content: ==========================
2001-08-18 13:00 - 2013-07-11 17:04 - 00447984 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 activation.acronis.com
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Alternative Flash Player Auto-Updater.job => D:\_updates\Alternative Flash Player Auto-Updater\Alternative Flash Player Auto-Updater.exe
Task: C:\WINDOWS\Tasks\DriverEasy Scheduled Scan.job => D:\_updates\DriverEasy\DriverEasy.exe
Task: C:\WINDOWS\Tasks\GlaryInitialize 3.job => D:\_tweak\Glary Utilities 3\Initialize.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Programme\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Programme\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-854245398-1960408961-1801674531-1003Core.job => C:\Dokumente und Einstellungen\Elmar-Admin\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-854245398-1960408961-1801674531-1003UA.job => C:\Dokumente und Einstellungen\Elmar-Admin\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Wise Care 365.job => D:\_tweak\Wise Care 365\WiseTray.exe
Task: C:\WINDOWS\Tasks\Wise Turbo Checker.job => D:\_tweak\Wise Care 365\WiseTurbo.exe
Task: C:\WINDOWS\Tasks\XP Services Optimizer Update Task.job => C:\WINDOWS\system32\WebUpdate.exe
==================== Faulty Device Manager Devices =============
Name: NVIDIA nForce 10/100/1000 Mbps Ethernet #2
Description: NVIDIA nForce Networking Controller
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: NVIDIA
Service: NVENETFD
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Parport
Description: Parport
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Parport
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Serial
Description: Serial
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Serial
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/29/2013 00:28:21 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
Error: (07/29/2013 11:47:27 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
Error: (07/29/2013 11:42:57 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
Error: (07/29/2013 11:38:27 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
Error: (07/29/2013 11:33:57 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
Error: (07/29/2013 11:20:26 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
Error: (07/29/2013 11:15:55 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
Error: (07/28/2013 10:17:27 PM) (Source: Microsoft Office 11) (User: )
Description: Accepted Safe Mode action : Microsoft Office Word.
Error: (07/28/2013 07:34:07 PM) (Source: Microsoft Office 11) (User: )
Description: Accepted Safe Mode action : Microsoft Office Word.
Error: (07/28/2013 07:33:48 PM) (Source: Microsoft Office 11) (User: )
Description: Faulting application winword.exe, version 11.0.8402.0, stamp 5156197e, faulting module ole32.dll, version 5.1.2600.6168, stamp 4eb018d0, debug? 0, fault address 0x00027008.
System errors:
=============
Error: (07/29/2013 03:34:39 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Soluto PCGenome Core Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/29/2013 03:34:38 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Soluto Launcher Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/29/2013 03:07:52 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Logitech Beep Suppression Driver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%31
Error: (07/29/2013 00:37:36 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Soluto PCGenome Core Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/29/2013 00:37:35 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Soluto Launcher Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/29/2013 00:28:03 PM) (Source: 0) (User: )
Description: 0xC000000DMSI28400.tmpArchiCryptVDc1
Error: (07/29/2013 00:27:18 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Logitech Beep Suppression Driver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%31
Error: (07/29/2013 00:26:19 PM) (Source: 0) (User: )
Description: 0xC0000010Au_.exeFancyRdRawPort0Target0
Error: (07/29/2013 00:17:32 PM) (Source: 0) (User: )
Description: 0xC000000DLOG.oldArchiCryptVDc1
Error: (07/29/2013 11:46:05 AM) (Source: 0) (User: )
Description: 0xC000000DLOG.oldArchiCryptVDc1
Microsoft Office Sessions:
=========================
Error: (07/29/2013 00:28:21 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
Error: (07/29/2013 11:47:27 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
Error: (07/29/2013 11:42:57 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
Error: (07/29/2013 11:38:27 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
Error: (07/29/2013 11:33:57 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
Error: (07/29/2013 11:20:26 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
Error: (07/29/2013 11:15:55 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
Error: (07/28/2013 10:17:27 PM) (Source: Microsoft Office 11)(User: )
Description: Microsoft Office WordWord hat festgestellt, dass sie die STRG-Taste gedrückt halten. Möchten Sie Word im abgesicherten Modus starten?
Error: (07/28/2013 07:34:07 PM) (Source: Microsoft Office 11)(User: )
Description: Microsoft Office WordWord konnte zuletzt nicht korrekt gestartet werden. Das Starten von Word im abgesicherten Modus hilft Ihnen, ein Startproblem zu korrigieren oder zu isolieren, so dass Sie das Programm erfolgreich starten können. Einige Funktionen können in diesem Modus deaktiviert sein.
Möchten Sie Word im abgesicherten Modus starten?
Error: (07/28/2013 07:33:48 PM) (Source: Microsoft Office 11)(User: )
Description: winword.exe11.0.8402.05156197eole32.dll5.1.2600.61684eb018d0000027008
==================== Memory info ===========================
Percentage of memory in use: 71%
Total physical RAM: 2815.48 MB
Available physical RAM: 814 MB
Total Pagefile: 5719.57 MB
Available Pagefile: 2255.21 MB
Total Virtual: 2047.88 MB
Available Virtual: 1940.34 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:25.73 GB) (Free:8.53 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (Programme) (Fixed) (Total:6.01 GB) (Free:0.91 GB) NTFS
Drive e: (Eigenes) (Fixed) (Total:21.03 GB) (Free:5.48 GB) NTFS
Drive f: (_) (Fixed) (Total:30.91 GB) (Free:14.35 GB) NTFS
Drive g: (Acronis Media) (CDROM) (Total:0.34 GB) (Free:0 GB) CDFS
Drive i: (Backup Daten) (Fixed) (Total:90.82 GB) (Free:12.29 GB) NTFS
Drive q: (_) (Fixed) (Total:0.29 GB) (Free:0.14 GB) NTFS
Drive r: (_) (Fixed) (Total:1.12 GB) (Free:0.34 GB) NTFS
Drive t: (500 GB Tr) (Fixed) (Total:465.76 GB) (Free:134.56 GB) NTFS
Drive u: (300 GB BU) (Fixed) (Total:383.85 GB) (Free:269.18 GB) NTFS
Drive v: (640 GB 2,5) (Fixed) (Total:596.16 GB) (Free:110.51 GB) NTFS
Drive w: (025 GB WD (W:)) (Fixed) (Total:25.59 GB) (Free:13.76 GB) NTFS ==>[Drive with boot components (Windows XP)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 1 GB) (Disk ID: CE7AF322)
Partition 1: (Not Active) - (Size=1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 112 GB) (Disk ID: A3F54628)
Partition 1: (Active) - (Size=21 GB) - (Type=17)
Partition 2: (Not Active) - (Size=91 GB) - (Type=05)
========================================================
Disk: 2 (Size: 84 GB) (Disk ID: 317EB258)
Partition 1: (Active) - (Size=26 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=84 GB) - (Type=OF Extended)
========================================================
Disk: 3 (Size: 466 GB) (Disk ID: A13BC6F8)
Partition 1: (Active) - (Size=26 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=26 GB) - (Type=17)
Partition 3: (Not Active) - (Size=31 GB) - (Type=17)
Partition 4: (Not Active) - (Size=384 GB) - (Type=OF Extended)
==================== End Of Log ============================
Wahnsinnnnnn, was ihr da jetzt alles anschauen müßt...... Vielen Vielen Dank!! Elmar |
|
29.07.2013, 22:43
| #7 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Immer wieder Abstürze einfach so - WIN XP SP3Zitat:
Oder ist das rein zufällig ein Büro-/Firmen-PC bzw. ein Uni-Rechner?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.07.2013, 06:22
| #8 |
| | Immer wieder Abstürze einfach so - WIN XP SP3 Hallo Cosinus, schön, dass Du Dich darum kümmerst, Vielen Dank! Pro deswegen, weil es erweiterte Funktionen gibt, z.B. gpedt.msc, da kann ich über den Anlagen Manager ausschalten, dass jedes Mal die Sicherheitswarnung bei geöffneten .exe und .msi Dateien kommt. Ich war mal selbständig, aber momentan nicht. Ich installiere NIE die HomeVersion, irgendwas fehlt dann doch immer... Es ist ein Privatrechner, definitiv! herzliche Grüße Elmar NOch ein Ergebnis von SpyWareHunter  |
|
30.07.2013, 08:51
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Immer wieder Abstürze einfach so - WIN XP SP3 Ok, danke für die Erklärung Rootkitscan mit GMER Bitte lade dir  GMER herunter: (Dateiname zufällig)
Tauchen Probleme auf?
Anschließend bitte MBAR ausführen: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.07.2013, 14:17
| #10 |
| | Immer wieder Abstürze einfach so - WIN XP SP3 GMER Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-07-30 15:10:26
Windows 5.1.2600 Service Pack 3 \Device\Harddisk2\DR2 -> \Device\Scsi\nvgts1Port2Path0Target0Lun0 KINGSTON rev.502A 83,85GB
Running: gmer_2.1.19163.exe; Driver: R:\z_temp\TEMP\kwlyrpoc.sys
---- System - GMER 2.1 ----
SSDT \??\C:\WINDOWS\system32\Drivers\uphcleanhlp.sys ZwUnloadKey [0xB6FEF75C]
---- Kernel code sections - GMER 2.1 ----
? imofugc.sys Das System kann die angegebene Datei nicht finden. !
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xF525E3C0, 0x74AA7A, 0xE8000020]
? C:\WINDOWS\system32\Drivers\uphcleanhlp.sys Das System kann die angegebene Datei nicht finden. !
---- User code sections - GMER 2.1 ----
.text D:\_improve system\Free Extended Task Manager\Extensions\TaskManager\ExtensionsTaskManager32.exe[796] ntdll.dll!NtCreateFile 7C91D0AE 1 Byte [FF]
.text D:\_improve system\Free Extended Task Manager\Extensions\TaskManager\ExtensionsTaskManager32.exe[796] ntdll.dll!NtCreateFile 7C91D0AE 3 Bytes [FF, 25, 1E]
.text D:\_improve system\Free Extended Task Manager\Extensions\TaskManager\ExtensionsTaskManager32.exe[796] ntdll.dll!NtCreateFile + 4 7C91D0B2 2 Bytes [7A, 71] {JP 0x73}
.text D:\_improve system\Free Extended Task Manager\Extensions\TaskManager\ExtensionsTaskManager32.exe[796] ntdll.dll!NtDeleteValueKey 7C91D26E 3 Bytes [FF, 25, 1E]
.text D:\_improve system\Free Extended Task Manager\Extensions\TaskManager\ExtensionsTaskManager32.exe[796] ntdll.dll!NtDeleteValueKey + 4 7C91D272 2 Bytes [80, 71]
.text D:\_improve system\Free Extended Task Manager\Extensions\TaskManager\ExtensionsTaskManager32.exe[796] ntdll.dll!NtOpenFile 7C91D59E 3 Bytes [FF, 25, 1E]
.text D:\_improve system\Free Extended Task Manager\Extensions\TaskManager\ExtensionsTaskManager32.exe[796] ntdll.dll!NtOpenFile + 4 7C91D5A2 2 Bytes [77, 71] {JA 0x73}
.text D:\_improve system\Free Extended Task Manager\Extensions\TaskManager\ExtensionsTaskManager32.exe[796] ntdll.dll!NtOpenProcess 7C91D5FE 3 Bytes [FF, 25, 1E]
.text D:\_improve system\Free Extended Task Manager\Extensions\TaskManager\ExtensionsTaskManager32.exe[796] ntdll.dll!NtOpenProcess + 4 7C91D602 2 Bytes [7D, 71] {JGE 0x73}
.text D:\_improve system\Free Extended Task Manager\Extensions\TaskManager\ExtensionsTaskManager32.exe[796] ntdll.dll!NtSetContextThread 7C91DBAE 3 Bytes [FF, 25, 1E]
.text D:\_improve system\Free Extended Task Manager\Extensions\TaskManager\ExtensionsTaskManager32.exe[796] ntdll.dll!NtSetContextThread + 4 7C91DBB2 2 Bytes [74, 71] {JZ 0x73}
.text D:\_improve system\Free Extended Task Manager\Extensions\TaskManager\ExtensionsTaskManager32.exe[796] ntdll.dll!NtSetValueKey 7C91DDCE 3 Bytes [FF, 25, 1E]
.text D:\_improve system\Free Extended Task Manager\Extensions\TaskManager\ExtensionsTaskManager32.exe[796] ntdll.dll!NtSetValueKey + 4 7C91DDD2 2 Bytes [83, 71]
.text D:\_improve system\Free Extended Task Manager\Extensions\TaskManager\ExtensionsTaskManager32.exe[796] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 71AF0001
.text D:\_improve system\Free Extended Task Manager\Extensions\TaskManager\ExtensionsTaskManager32.exe[796] kernel32.dll!CreateProcessInternalW 7C819EA8 3 Bytes [FF, 25, 1E]
.text D:\_improve system\Free Extended Task Manager\Extensions\TaskManager\ExtensionsTaskManager32.exe[796] kernel32.dll!CreateProcessInternalW + 4 7C819EAC 2 Bytes [71, 71] {JNO 0x73}
.text D:\_improve system\Free Extended Task Manager\Extensions\TaskManager\ExtensionsTaskManager32.exe[796] WS2_32.dll!WSALookupServiceBeginW 71A135EF 6 Bytes JMP 71A5000A
.text D:\_improve system\Free Extended Task Manager\Extensions\TaskManager\ExtensionsTaskManager32.exe[796] WS2_32.dll!connect 71A14A07 6 Bytes JMP 71AB000A
.text D:\_improve system\Free Extended Task Manager\Extensions\TaskManager\ExtensionsTaskManager32.exe[796] WS2_32.dll!listen 71A18CD3 6 Bytes JMP 71A8000A
.text D:\_improve system\Free Extended Task Manager\Extensions\TaskManager\ExtensionsTaskManager32.exe[796] ADVAPI32.dll!CreateServiceA 77E07219 6 Bytes JMP 718A000A
.text D:\_improve system\Free Extended Task Manager\Extensions\TaskManager\ExtensionsTaskManager32.exe[796] ADVAPI32.dll!CreateServiceW 77E073B1 6 Bytes JMP 7187000A
.text D:\_improve system\Free Extended Task Manager\Extensions\TaskManager\ExtensionsTaskManager32.exe[796] USER32.dll!PostMessageW 7E368CCB 6 Bytes JMP 718D000A
.text D:\_improve system\Free Extended Task Manager\Extensions\TaskManager\ExtensionsTaskManager32.exe[796] USER32.dll!SendMessageW 7E37929A 6 Bytes JMP 7193000A
.text D:\_improve system\Free Extended Task Manager\Extensions\TaskManager\ExtensionsTaskManager32.exe[796] USER32.dll!PostMessageA 7E37AAFD 6 Bytes JMP 7190000A
.text D:\_improve system\Free Extended Task Manager\Extensions\TaskManager\ExtensionsTaskManager32.exe[796] USER32.dll!SendInput 7E37F140 3 Bytes [FF, 25, 1E]
.text D:\_improve system\Free Extended Task Manager\Extensions\TaskManager\ExtensionsTaskManager32.exe[796] USER32.dll!SendInput + 4 7E37F144 2 Bytes [98, 71]
.text D:\_improve system\Free Extended Task Manager\Extensions\TaskManager\ExtensionsTaskManager32.exe[796] USER32.dll!SendMessageA 7E37F3C2 6 Bytes JMP 7196000A
.text D:\_improve system\Free Extended Task Manager\Extensions\TaskManager\ExtensionsTaskManager32.exe[796] USER32.dll!mouse_event 7E3B673F 6 Bytes JMP 719F000A
.text D:\_improve system\Free Extended Task Manager\Extensions\TaskManager\ExtensionsTaskManager32.exe[796] USER32.dll!keybd_event 7E3B6783 6 Bytes JMP 719C000A
.text C:\WINDOWS\Explorer.EXE[972] ntdll.dll!NtCreateFile 7C91D0AE 1 Byte [FF]
.text C:\WINDOWS\Explorer.EXE[972] ntdll.dll!NtCreateFile 7C91D0AE 3 Bytes [FF, 25, 1E]
.text C:\WINDOWS\Explorer.EXE[972] ntdll.dll!NtCreateFile + 4 7C91D0B2 2 Bytes [86, 71]
.text C:\WINDOWS\Explorer.EXE[972] ntdll.dll!NtDeleteValueKey 7C91D26E 3 Bytes [FF, 25, 1E]
.text C:\WINDOWS\Explorer.EXE[972] ntdll.dll!NtDeleteValueKey + 4 7C91D272 2 Bytes [8C, 71]
.text C:\WINDOWS\Explorer.EXE[972] ntdll.dll!NtOpenFile 7C91D59E 3 Bytes [FF, 25, 1E]
.text C:\WINDOWS\Explorer.EXE[972] ntdll.dll!NtOpenFile + 4 7C91D5A2 2 Bytes [83, 71]
.text C:\WINDOWS\Explorer.EXE[972] ntdll.dll!NtOpenProcess 7C91D5FE 3 Bytes [FF, 25, 1E]
.text C:\WINDOWS\Explorer.EXE[972] ntdll.dll!NtOpenProcess + 4 7C91D602 2 Bytes [89, 71]
.text C:\WINDOWS\Explorer.EXE[972] ntdll.dll!NtSetContextThread 7C91DBAE 3 Bytes [FF, 25, 1E]
.text C:\WINDOWS\Explorer.EXE[972] ntdll.dll!NtSetContextThread + 4 7C91DBB2 2 Bytes [80, 71]
.text C:\WINDOWS\Explorer.EXE[972] ntdll.dll!NtSetValueKey 7C91DDCE 3 Bytes [FF, 25, 1E]
.text C:\WINDOWS\Explorer.EXE[972] ntdll.dll!NtSetValueKey + 4 7C91DDD2 2 Bytes [8F, 71]
.text C:\WINDOWS\Explorer.EXE[972] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 71AF0001
.text C:\WINDOWS\Explorer.EXE[972] kernel32.dll!CreateProcessInternalW 7C819EA8 3 Bytes [FF, 25, 1E]
.text C:\WINDOWS\Explorer.EXE[972] kernel32.dll!CreateProcessInternalW + 4 7C819EAC 2 Bytes [7D, 71] {JGE 0x73}
.text C:\WINDOWS\Explorer.EXE[972] ADVAPI32.dll!CreateServiceA 77E07219 6 Bytes JMP 7196000A
.text C:\WINDOWS\Explorer.EXE[972] ADVAPI32.dll!CreateServiceW 77E073B1 6 Bytes JMP 7193000A
.text C:\WINDOWS\Explorer.EXE[972] USER32.dll!PostMessageW 7E368CCB 6 Bytes JMP 7199000A
.text C:\WINDOWS\Explorer.EXE[972] USER32.dll!SendMessageW 7E37929A 6 Bytes JMP 719F000A
.text C:\WINDOWS\Explorer.EXE[972] USER32.dll!PostMessageA 7E37AAFD 6 Bytes JMP 719C000A
.text C:\WINDOWS\Explorer.EXE[972] USER32.dll!SendInput 7E37F140 3 Bytes [FF, 25, 1E]
.text C:\WINDOWS\Explorer.EXE[972] USER32.dll!SendInput + 4 7E37F144 2 Bytes [A4, 71]
.text C:\WINDOWS\Explorer.EXE[972] USER32.dll!SendMessageA 7E37F3C2 6 Bytes JMP 71A2000A
.text C:\WINDOWS\Explorer.EXE[972] USER32.dll!mouse_event 7E3B673F 6 Bytes JMP 71AB000A
.text C:\WINDOWS\Explorer.EXE[972] USER32.dll!keybd_event 7E3B6783 6 Bytes JMP 71A8000A
.text C:\WINDOWS\Explorer.EXE[972] WS2_32.dll!WSALookupServiceBeginW 038A35EF 6 Bytes JMP 716C000A
.text C:\WINDOWS\Explorer.EXE[972] WS2_32.dll!connect 038A4A07 6 Bytes JMP 7172000A
.text C:\WINDOWS\Explorer.EXE[972] WS2_32.dll!listen 038A8CD3 6 Bytes JMP 716F000A
.text C:\Programme\Microsoft IntelliType Pro\itype.exe[1592] ntdll.dll!NtCreateFile 7C91D0AE 1 Byte [FF]
.text C:\Programme\Microsoft IntelliType Pro\itype.exe[1592] ntdll.dll!NtCreateFile 7C91D0AE 3 Bytes [FF, 25, 1E]
.text C:\Programme\Microsoft IntelliType Pro\itype.exe[1592] ntdll.dll!NtCreateFile + 4 7C91D0B2 2 Bytes [70, 71] {JO 0x73}
.text C:\Programme\Microsoft IntelliType Pro\itype.exe[1592] ntdll.dll!NtDeleteValueKey 7C91D26E 3 Bytes [FF, 25, 1E]
.text C:\Programme\Microsoft IntelliType Pro\itype.exe[1592] ntdll.dll!NtDeleteValueKey + 4 7C91D272 2 Bytes [76, 71] {JBE 0x73}
.text C:\Programme\Microsoft IntelliType Pro\itype.exe[1592] ntdll.dll!NtOpenFile 7C91D59E 3 Bytes [FF, 25, 1E]
.text C:\Programme\Microsoft IntelliType Pro\itype.exe[1592] ntdll.dll!NtOpenFile + 4 7C91D5A2 2 Bytes [6D, 71]
.text C:\Programme\Microsoft IntelliType Pro\itype.exe[1592] ntdll.dll!NtOpenProcess 7C91D5FE 3 Bytes [FF, 25, 1E]
.text C:\Programme\Microsoft IntelliType Pro\itype.exe[1592] ntdll.dll!NtOpenProcess + 4 7C91D602 2 Bytes [73, 71] {JAE 0x73}
.text C:\Programme\Microsoft IntelliType Pro\itype.exe[1592] ntdll.dll!NtSetContextThread 7C91DBAE 3 Bytes [FF, 25, 1E]
.text C:\Programme\Microsoft IntelliType Pro\itype.exe[1592] ntdll.dll!NtSetContextThread + 4 7C91DBB2 2 Bytes [6A, 71] {PUSH 0x71}
.text C:\Programme\Microsoft IntelliType Pro\itype.exe[1592] ntdll.dll!NtSetValueKey 7C91DDCE 3 Bytes [FF, 25, 1E]
.text C:\Programme\Microsoft IntelliType Pro\itype.exe[1592] ntdll.dll!NtSetValueKey + 4 7C91DDD2 2 Bytes [79, 71] {JNS 0x73}
.text C:\Programme\Microsoft IntelliType Pro\itype.exe[1592] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 71AC0001
.text C:\Programme\Microsoft IntelliType Pro\itype.exe[1592] kernel32.dll!CreateProcessInternalW 7C819EA8 3 Bytes [FF, 25, 1E]
.text C:\Programme\Microsoft IntelliType Pro\itype.exe[1592] kernel32.dll!CreateProcessInternalW + 4 7C819EAC 2 Bytes [67, 71]
.text C:\Programme\Microsoft IntelliType Pro\itype.exe[1592] ADVAPI32.dll!CreateServiceA 77E07219 6 Bytes JMP 7180000A
.text C:\Programme\Microsoft IntelliType Pro\itype.exe[1592] ADVAPI32.dll!CreateServiceW 77E073B1 6 Bytes JMP 717D000A
.text C:\Programme\Microsoft IntelliType Pro\itype.exe[1592] USER32.dll!PostMessageW 7E368CCB 6 Bytes JMP 7183000A
.text C:\Programme\Microsoft IntelliType Pro\itype.exe[1592] USER32.dll!SendMessageW 7E37929A 6 Bytes JMP 7189000A
.text C:\Programme\Microsoft IntelliType Pro\itype.exe[1592] USER32.dll!PostMessageA 7E37AAFD 6 Bytes JMP 7186000A
.text C:\Programme\Microsoft IntelliType Pro\itype.exe[1592] USER32.dll!SendInput 7E37F140 3 Bytes [FF, 25, 1E]
.text C:\Programme\Microsoft IntelliType Pro\itype.exe[1592] USER32.dll!SendInput + 4 7E37F144 2 Bytes [8E, 71]
.text C:\Programme\Microsoft IntelliType Pro\itype.exe[1592] USER32.dll!SendMessageA 7E37F3C2 6 Bytes JMP 718C000A
.text C:\Programme\Microsoft IntelliType Pro\itype.exe[1592] USER32.dll!mouse_event 7E3B673F 6 Bytes JMP 7195000A
.text C:\Programme\Microsoft IntelliType Pro\itype.exe[1592] USER32.dll!keybd_event 7E3B6783 6 Bytes JMP 7192000A
.text C:\Programme\Microsoft IntelliType Pro\itype.exe[1592] WS2_32.dll!WSALookupServiceBeginW 71A135EF 6 Bytes JMP 7198000A
.text C:\Programme\Microsoft IntelliType Pro\itype.exe[1592] WS2_32.dll!connect 71A14A07 6 Bytes JMP 719E000A
.text C:\Programme\Microsoft IntelliType Pro\itype.exe[1592] WS2_32.dll!listen 71A18CD3 6 Bytes JMP 719B000A
.text C:\WINDOWS\system32\RunDLL32.exe[1940] ntdll.dll!NtCreateFile 7C91D0AE 1 Byte [FF]
.text C:\WINDOWS\system32\RunDLL32.exe[1940] ntdll.dll!NtCreateFile 7C91D0AE 3 Bytes [FF, 25, 1E]
.text C:\WINDOWS\system32\RunDLL32.exe[1940] ntdll.dll!NtCreateFile + 4 7C91D0B2 2 Bytes [86, 71]
.text C:\WINDOWS\system32\RunDLL32.exe[1940] ntdll.dll!NtDeleteValueKey 7C91D26E 3 Bytes [FF, 25, 1E]
.text C:\WINDOWS\system32\RunDLL32.exe[1940] ntdll.dll!NtDeleteValueKey + 4 7C91D272 2 Bytes [8C, 71]
.text C:\WINDOWS\system32\RunDLL32.exe[1940] ntdll.dll!NtOpenFile 7C91D59E 3 Bytes [FF, 25, 1E]
.text C:\WINDOWS\system32\RunDLL32.exe[1940] ntdll.dll!NtOpenFile + 4 7C91D5A2 2 Bytes [83, 71]
.text C:\WINDOWS\system32\RunDLL32.exe[1940] ntdll.dll!NtOpenProcess 7C91D5FE 3 Bytes [FF, 25, 1E]
.text C:\WINDOWS\system32\RunDLL32.exe[1940] ntdll.dll!NtOpenProcess + 4 7C91D602 2 Bytes [89, 71]
.text C:\WINDOWS\system32\RunDLL32.exe[1940] ntdll.dll!NtSetContextThread 7C91DBAE 3 Bytes [FF, 25, 1E]
.text C:\WINDOWS\system32\RunDLL32.exe[1940] ntdll.dll!NtSetContextThread + 4 7C91DBB2 2 Bytes [80, 71]
.text C:\WINDOWS\system32\RunDLL32.exe[1940] ntdll.dll!NtSetValueKey 7C91DDCE 3 Bytes [FF, 25, 1E]
.text C:\WINDOWS\system32\RunDLL32.exe[1940] ntdll.dll!NtSetValueKey + 4 7C91DDD2 2 Bytes [8F, 71]
.text C:\WINDOWS\system32\RunDLL32.exe[1940] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 71AF0001
.text C:\WINDOWS\system32\RunDLL32.exe[1940] kernel32.dll!CreateProcessInternalW 7C819EA8 3 Bytes [FF, 25, 1E]
.text C:\WINDOWS\system32\RunDLL32.exe[1940] kernel32.dll!CreateProcessInternalW + 4 7C819EAC 2 Bytes [7D, 71] {JGE 0x73}
.text C:\WINDOWS\system32\RunDLL32.exe[1940] USER32.dll!PostMessageW 7E368CCB 6 Bytes JMP 7199000A
.text C:\WINDOWS\system32\RunDLL32.exe[1940] USER32.dll!SendMessageW 7E37929A 6 Bytes JMP 719F000A
.text C:\WINDOWS\system32\RunDLL32.exe[1940] USER32.dll!PostMessageA 7E37AAFD 6 Bytes JMP 719C000A
.text C:\WINDOWS\system32\RunDLL32.exe[1940] USER32.dll!SendInput 7E37F140 3 Bytes [FF, 25, 1E]
.text C:\WINDOWS\system32\RunDLL32.exe[1940] USER32.dll!SendInput + 4 7E37F144 2 Bytes [A4, 71]
.text C:\WINDOWS\system32\RunDLL32.exe[1940] USER32.dll!SendMessageA 7E37F3C2 6 Bytes JMP 71A2000A
.text C:\WINDOWS\system32\RunDLL32.exe[1940] USER32.dll!mouse_event 7E3B673F 6 Bytes JMP 71AB000A
.text C:\WINDOWS\system32\RunDLL32.exe[1940] USER32.dll!keybd_event 7E3B6783 6 Bytes JMP 71A8000A
.text C:\WINDOWS\system32\RunDLL32.exe[1940] ADVAPI32.dll!CreateServiceA 77E07219 6 Bytes JMP 7196000A
.text C:\WINDOWS\system32\RunDLL32.exe[1940] ADVAPI32.dll!CreateServiceW 77E073B1 6 Bytes JMP 7193000A
.text C:\WINDOWS\system32\RunDLL32.exe[1940] WS2_32.dll!WSALookupServiceBeginW 00BD35EF 6 Bytes JMP 716A000A
.text C:\WINDOWS\system32\RunDLL32.exe[1940] WS2_32.dll!connect 00BD4A07 6 Bytes JMP 7172000A
.text C:\WINDOWS\system32\RunDLL32.exe[1940] WS2_32.dll!listen 00BD8CD3 6 Bytes JMP 716D000A
.text C:\WINDOWS\system32\rundll32.exe[2052] ntdll.dll!NtCreateFile 7C91D0AE 1 Byte [FF]
.text C:\WINDOWS\system32\rundll32.exe[2052] ntdll.dll!NtCreateFile 7C91D0AE 3 Bytes [FF, 25, 1E]
.text C:\WINDOWS\system32\rundll32.exe[2052] ntdll.dll!NtCreateFile + 4 7C91D0B2 2 Bytes [86, 71]
.text C:\WINDOWS\system32\rundll32.exe[2052] ntdll.dll!NtDeleteValueKey 7C91D26E 3 Bytes [FF, 25, 1E]
.text C:\WINDOWS\system32\rundll32.exe[2052] ntdll.dll!NtDeleteValueKey + 4 7C91D272 2 Bytes [8C, 71]
.text C:\WINDOWS\system32\rundll32.exe[2052] ntdll.dll!NtOpenFile 7C91D59E 3 Bytes [FF, 25, 1E]
.text C:\WINDOWS\system32\rundll32.exe[2052] ntdll.dll!NtOpenFile + 4 7C91D5A2 2 Bytes [83, 71]
.text C:\WINDOWS\system32\rundll32.exe[2052] ntdll.dll!NtOpenProcess 7C91D5FE 3 Bytes [FF, 25, 1E]
.text C:\WINDOWS\system32\rundll32.exe[2052] ntdll.dll!NtOpenProcess + 4 7C91D602 2 Bytes [89, 71]
.text C:\WINDOWS\system32\rundll32.exe[2052] ntdll.dll!NtSetContextThread 7C91DBAE 3 Bytes [FF, 25, 1E]
.text C:\WINDOWS\system32\rundll32.exe[2052] ntdll.dll!NtSetContextThread + 4 7C91DBB2 2 Bytes [80, 71]
.text C:\WINDOWS\system32\rundll32.exe[2052] ntdll.dll!NtSetValueKey 7C91DDCE 3 Bytes [FF, 25, 1E]
.text C:\WINDOWS\system32\rundll32.exe[2052] ntdll.dll!NtSetValueKey + 4 7C91DDD2 2 Bytes [8F, 71]
.text C:\WINDOWS\system32\rundll32.exe[2052] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 71AF0001
.text C:\WINDOWS\system32\rundll32.exe[2052] kernel32.dll!CreateProcessInternalW 7C819EA8 3 Bytes [FF, 25, 1E]
.text C:\WINDOWS\system32\rundll32.exe[2052] kernel32.dll!CreateProcessInternalW + 4 7C819EAC 2 Bytes [7D, 71] {JGE 0x73}
.text C:\WINDOWS\system32\rundll32.exe[2052] USER32.dll!PostMessageW 7E368CCB 6 Bytes JMP 7199000A
.text C:\WINDOWS\system32\rundll32.exe[2052] USER32.dll!SendMessageW 7E37929A 6 Bytes JMP 719F000A
.text C:\WINDOWS\system32\rundll32.exe[2052] USER32.dll!PostMessageA 7E37AAFD 6 Bytes JMP 719C000A
.text C:\WINDOWS\system32\rundll32.exe[2052] USER32.dll!SendInput 7E37F140 3 Bytes [FF, 25, 1E]
.text C:\WINDOWS\system32\rundll32.exe[2052] USER32.dll!SendInput + 4 7E37F144 2 Bytes [A4, 71]
.text C:\WINDOWS\system32\rundll32.exe[2052] USER32.dll!SendMessageA 7E37F3C2 6 Bytes JMP 71A2000A
.text C:\WINDOWS\system32\rundll32.exe[2052] USER32.dll!mouse_event 7E3B673F 6 Bytes JMP 71AB000A
.text C:\WINDOWS\system32\rundll32.exe[2052] USER32.dll!keybd_event 7E3B6783 6 Bytes JMP 71A8000A
.text C:\WINDOWS\system32\rundll32.exe[2052] ADVAPI32.dll!CreateServiceA 77E07219 6 Bytes JMP 7196000A
.text C:\WINDOWS\system32\rundll32.exe[2052] ADVAPI32.dll!CreateServiceW 77E073B1 6 Bytes JMP 7193000A
.text D:\_improve system\MMTaskbar 3.0\MultiMon.exe[2072] ntdll.dll!NtCreateFile 7C91D0AE 1 Byte [FF]
.text D:\_improve system\MMTaskbar 3.0\MultiMon.exe[2072] ntdll.dll!NtCreateFile 7C91D0AE 3 Bytes [FF, 25, 1E]
.text D:\_improve system\MMTaskbar 3.0\MultiMon.exe[2072] ntdll.dll!NtCreateFile + 4 7C91D0B2 2 Bytes [80, 71]
.text D:\_improve system\MMTaskbar 3.0\MultiMon.exe[2072] ntdll.dll!NtDeleteValueKey 7C91D26E 3 Bytes [FF, 25, 1E]
.text D:\_improve system\MMTaskbar 3.0\MultiMon.exe[2072] ntdll.dll!NtDeleteValueKey + 4 7C91D272 2 Bytes [86, 71]
.text D:\_improve system\MMTaskbar 3.0\MultiMon.exe[2072] ntdll.dll!NtOpenFile 7C91D59E 3 Bytes [FF, 25, 1E]
.text D:\_improve system\MMTaskbar 3.0\MultiMon.exe[2072] ntdll.dll!NtOpenFile + 4 7C91D5A2 2 Bytes [7D, 71] {JGE 0x73}
.text D:\_improve system\MMTaskbar 3.0\MultiMon.exe[2072] ntdll.dll!NtOpenProcess 7C91D5FE 3 Bytes [FF, 25, 1E]
.text D:\_improve system\MMTaskbar 3.0\MultiMon.exe[2072] ntdll.dll!NtOpenProcess + 4 7C91D602 2 Bytes [83, 71]
.text D:\_improve system\MMTaskbar 3.0\MultiMon.exe[2072] ntdll.dll!NtSetContextThread 7C91DBAE 3 Bytes [FF, 25, 1E]
.text D:\_improve system\MMTaskbar 3.0\MultiMon.exe[2072] ntdll.dll!NtSetContextThread + 4 7C91DBB2 2 Bytes [7A, 71] {JP 0x73}
.text D:\_improve system\MMTaskbar 3.0\MultiMon.exe[2072] ntdll.dll!NtSetValueKey 7C91DDCE 3 Bytes [FF, 25, 1E]
.text D:\_improve system\MMTaskbar 3.0\MultiMon.exe[2072] ntdll.dll!NtSetValueKey + 4 7C91DDD2 2 Bytes [89, 71]
.text D:\_improve system\MMTaskbar 3.0\MultiMon.exe[2072] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 71AF0001
.text D:\_improve system\MMTaskbar 3.0\MultiMon.exe[2072] kernel32.dll!CreateProcessInternalW 7C819EA8 3 Bytes [FF, 25, 1E]
.text D:\_improve system\MMTaskbar 3.0\MultiMon.exe[2072] kernel32.dll!CreateProcessInternalW + 4 7C819EAC 2 Bytes [77, 71] {JA 0x73}
.text D:\_improve system\MMTaskbar 3.0\MultiMon.exe[2072] USER32.dll!PostMessageW 7E368CCB 6 Bytes JMP 7193000A
.text D:\_improve system\MMTaskbar 3.0\MultiMon.exe[2072] USER32.dll!SendMessageW 7E37929A 6 Bytes JMP 7199000A
.text D:\_improve system\MMTaskbar 3.0\MultiMon.exe[2072] USER32.dll!PostMessageA 7E37AAFD 6 Bytes JMP 7196000A
.text D:\_improve system\MMTaskbar 3.0\MultiMon.exe[2072] USER32.dll!SendInput 7E37F140 3 Bytes [FF, 25, 1E]
.text D:\_improve system\MMTaskbar 3.0\MultiMon.exe[2072] USER32.dll!SendInput + 4 7E37F144 2 Bytes [9E, 71]
.text D:\_improve system\MMTaskbar 3.0\MultiMon.exe[2072] USER32.dll!SendMessageA 7E37F3C2 6 Bytes JMP 719C000A
.text D:\_improve system\MMTaskbar 3.0\MultiMon.exe[2072] USER32.dll!mouse_event 7E3B673F 6 Bytes JMP 71A5000A
.text D:\_improve system\MMTaskbar 3.0\MultiMon.exe[2072] USER32.dll!keybd_event 7E3B6783 6 Bytes JMP 71A2000A
.text D:\_improve system\MMTaskbar 3.0\MultiMon.exe[2072] ADVAPI32.dll!CreateServiceA 77E07219 6 Bytes JMP 7190000A
.text D:\_improve system\MMTaskbar 3.0\MultiMon.exe[2072] ADVAPI32.dll!CreateServiceW 77E073B1 6 Bytes JMP 718D000A
.text D:\_filemanagement\xplorer² pro\xplorer2_UC.exe[2788] ntdll.dll!NtCreateFile 7C91D0AE 1 Byte [FF]
.text D:\_filemanagement\xplorer² pro\xplorer2_UC.exe[2788] ntdll.dll!NtCreateFile 7C91D0AE 3 Bytes [FF, 25, 1E]
.text D:\_filemanagement\xplorer² pro\xplorer2_UC.exe[2788] ntdll.dll!NtCreateFile + 4 7C91D0B2 2 Bytes [84, 71]
.text D:\_filemanagement\xplorer² pro\xplorer2_UC.exe[2788] ntdll.dll!NtDeleteValueKey 7C91D26E 3 Bytes [FF, 25, 1E]
.text D:\_filemanagement\xplorer² pro\xplorer2_UC.exe[2788] ntdll.dll!NtDeleteValueKey + 4 7C91D272 2 Bytes [8A, 71]
.text D:\_filemanagement\xplorer² pro\xplorer2_UC.exe[2788] ntdll.dll!NtOpenFile 7C91D59E 3 Bytes [FF, 25, 1E]
.text D:\_filemanagement\xplorer² pro\xplorer2_UC.exe[2788] ntdll.dll!NtOpenFile + 4 7C91D5A2 2 Bytes [81, 71]
.text D:\_filemanagement\xplorer² pro\xplorer2_UC.exe[2788] ntdll.dll!NtOpenProcess 7C91D5FE 3 Bytes [FF, 25, 1E]
.text D:\_filemanagement\xplorer² pro\xplorer2_UC.exe[2788] ntdll.dll!NtOpenProcess + 4 7C91D602 2 Bytes [87, 71]
.text D:\_filemanagement\xplorer² pro\xplorer2_UC.exe[2788] ntdll.dll!NtSetContextThread 7C91DBAE 3 Bytes [FF, 25, 1E]
.text D:\_filemanagement\xplorer² pro\xplorer2_UC.exe[2788] ntdll.dll!NtSetContextThread + 4 7C91DBB2 2 Bytes [7E, 71] {JLE 0x73}
.text D:\_filemanagement\xplorer² pro\xplorer2_UC.exe[2788] ntdll.dll!NtSetValueKey 7C91DDCE 3 Bytes [FF, 25, 1E]
.text D:\_filemanagement\xplorer² pro\xplorer2_UC.exe[2788] ntdll.dll!NtSetValueKey + 4 7C91DDD2 2 Bytes [8D, 71]
.text D:\_filemanagement\xplorer² pro\xplorer2_UC.exe[2788] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 71AF0001
.text D:\_filemanagement\xplorer² pro\xplorer2_UC.exe[2788] kernel32.dll!CreateProcessInternalW 7C819EA8 3 Bytes [FF, 25, 1E]
.text D:\_filemanagement\xplorer² pro\xplorer2_UC.exe[2788] kernel32.dll!CreateProcessInternalW + 4 7C819EAC 2 Bytes [7B, 71] {JNP 0x73}
.text D:\_filemanagement\xplorer² pro\xplorer2_UC.exe[2788] ADVAPI32.dll!CreateServiceA 77E07219 6 Bytes JMP 7194000A
.text D:\_filemanagement\xplorer² pro\xplorer2_UC.exe[2788] ADVAPI32.dll!CreateServiceW 77E073B1 6 Bytes JMP 7191000A
.text D:\_filemanagement\xplorer² pro\xplorer2_UC.exe[2788] USER32.dll!PostMessageW 7E368CCB 6 Bytes JMP 7197000A
.text D:\_filemanagement\xplorer² pro\xplorer2_UC.exe[2788] USER32.dll!SendMessageW 7E37929A 6 Bytes JMP 719D000A
.text D:\_filemanagement\xplorer² pro\xplorer2_UC.exe[2788] USER32.dll!PostMessageA 7E37AAFD 6 Bytes JMP 719A000A
.text D:\_filemanagement\xplorer² pro\xplorer2_UC.exe[2788] USER32.dll!SendInput 7E37F140 3 Bytes [FF, 25, 1E]
.text D:\_filemanagement\xplorer² pro\xplorer2_UC.exe[2788] USER32.dll!SendInput + 4 7E37F144 2 Bytes [A2, 71]
.text D:\_filemanagement\xplorer² pro\xplorer2_UC.exe[2788] USER32.dll!SendMessageA 7E37F3C2 6 Bytes JMP 71A0000A
.text D:\_filemanagement\xplorer² pro\xplorer2_UC.exe[2788] USER32.dll!mouse_event 7E3B673F 6 Bytes JMP 71AB000A
.text D:\_filemanagement\xplorer² pro\xplorer2_UC.exe[2788] USER32.dll!keybd_event 7E3B6783 6 Bytes JMP 71A6000A
.text C:\Programme\Launchy\Launchy.exe[3008] ntdll.dll!NtCreateFile 7C91D0AE 1 Byte [FF]
.text C:\Programme\Launchy\Launchy.exe[3008] ntdll.dll!NtCreateFile 7C91D0AE 3 Bytes [FF, 25, 1E]
.text C:\Programme\Launchy\Launchy.exe[3008] ntdll.dll!NtCreateFile + 4 7C91D0B2 2 Bytes [74, 71] {JZ 0x73}
.text C:\Programme\Launchy\Launchy.exe[3008] ntdll.dll!NtDeleteValueKey 7C91D26E 3 Bytes [FF, 25, 1E]
.text C:\Programme\Launchy\Launchy.exe[3008] ntdll.dll!NtDeleteValueKey + 4 7C91D272 2 Bytes [7A, 71] {JP 0x73}
.text C:\Programme\Launchy\Launchy.exe[3008] ntdll.dll!NtOpenFile 7C91D59E 3 Bytes [FF, 25, 1E]
.text C:\Programme\Launchy\Launchy.exe[3008] ntdll.dll!NtOpenFile + 4 7C91D5A2 2 Bytes [71, 71] {JNO 0x73}
.text C:\Programme\Launchy\Launchy.exe[3008] ntdll.dll!NtOpenProcess 7C91D5FE 3 Bytes [FF, 25, 1E]
.text C:\Programme\Launchy\Launchy.exe[3008] ntdll.dll!NtOpenProcess + 4 7C91D602 2 Bytes [77, 71] {JA 0x73}
.text C:\Programme\Launchy\Launchy.exe[3008] ntdll.dll!NtSetContextThread 7C91DBAE 3 Bytes [FF, 25, 1E]
.text C:\Programme\Launchy\Launchy.exe[3008] ntdll.dll!NtSetContextThread + 4 7C91DBB2 2 Bytes [6E, 71]
.text C:\Programme\Launchy\Launchy.exe[3008] ntdll.dll!NtSetValueKey 7C91DDCE 3 Bytes [FF, 25, 1E]
.text C:\Programme\Launchy\Launchy.exe[3008] ntdll.dll!NtSetValueKey + 4 7C91DDD2 2 Bytes [7D, 71] {JGE 0x73}
.text C:\Programme\Launchy\Launchy.exe[3008] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 71AF0001
.text C:\Programme\Launchy\Launchy.exe[3008] kernel32.dll!CreateProcessInternalW 7C819EA8 3 Bytes [FF, 25, 1E]
.text C:\Programme\Launchy\Launchy.exe[3008] kernel32.dll!CreateProcessInternalW + 4 7C819EAC 2 Bytes [6B, 71]
.text C:\Programme\Launchy\Launchy.exe[3008] ADVAPI32.dll!CreateServiceA 77E07219 6 Bytes JMP 7184000A
.text C:\Programme\Launchy\Launchy.exe[3008] ADVAPI32.dll!CreateServiceW 77E073B1 6 Bytes JMP 7181000A
.text C:\Programme\Launchy\Launchy.exe[3008] USER32.dll!PostMessageW 7E368CCB 6 Bytes JMP 7187000A
.text C:\Programme\Launchy\Launchy.exe[3008] USER32.dll!SendMessageW 7E37929A 6 Bytes JMP 718D000A
.text C:\Programme\Launchy\Launchy.exe[3008] USER32.dll!PostMessageA 7E37AAFD 6 Bytes JMP 718A000A
.text C:\Programme\Launchy\Launchy.exe[3008] USER32.dll!SendInput 7E37F140 3 Bytes [FF, 25, 1E]
.text C:\Programme\Launchy\Launchy.exe[3008] USER32.dll!SendInput + 4 7E37F144 2 Bytes [92, 71]
.text C:\Programme\Launchy\Launchy.exe[3008] USER32.dll!SendMessageA 7E37F3C2 6 Bytes JMP 7190000A
.text C:\Programme\Launchy\Launchy.exe[3008] USER32.dll!mouse_event 7E3B673F 6 Bytes JMP 7199000A
.text C:\Programme\Launchy\Launchy.exe[3008] USER32.dll!keybd_event 7E3B6783 6 Bytes JMP 7196000A
.text C:\Programme\Launchy\Launchy.exe[3008] WS2_32.dll!WSALookupServiceBeginW 71A135EF 6 Bytes JMP 719C000A
.text C:\Programme\Launchy\Launchy.exe[3008] WS2_32.dll!connect 71A14A07 6 Bytes JMP 71A5000A
.text C:\Programme\Launchy\Launchy.exe[3008] WS2_32.dll!listen 71A18CD3 6 Bytes JMP 719F000A
.text D:\_improve system\WindowManager\WindowManager.exe[3028] ntdll.dll!NtCreateFile 7C91D0AE 1 Byte [FF]
.text D:\_improve system\WindowManager\WindowManager.exe[3028] ntdll.dll!NtCreateFile 7C91D0AE 3 Bytes [FF, 25, 1E]
.text D:\_improve system\WindowManager\WindowManager.exe[3028] ntdll.dll!NtCreateFile + 4 7C91D0B2 2 Bytes [79, 71] {JNS 0x73}
.text D:\_improve system\WindowManager\WindowManager.exe[3028] ntdll.dll!NtDeleteValueKey 7C91D26E 3 Bytes [FF, 25, 1E]
.text D:\_improve system\WindowManager\WindowManager.exe[3028] ntdll.dll!NtDeleteValueKey + 4 7C91D272 2 Bytes [7F, 71] {JG 0x73}
.text D:\_improve system\WindowManager\WindowManager.exe[3028] ntdll.dll!NtOpenFile 7C91D59E 3 Bytes [FF, 25, 1E]
.text D:\_improve system\WindowManager\WindowManager.exe[3028] ntdll.dll!NtOpenFile + 4 7C91D5A2 2 Bytes [76, 71] {JBE 0x73}
.text D:\_improve system\WindowManager\WindowManager.exe[3028] ntdll.dll!NtOpenProcess 7C91D5FE 3 Bytes [FF, 25, 1E]
.text D:\_improve system\WindowManager\WindowManager.exe[3028] ntdll.dll!NtOpenProcess + 4 7C91D602 2 Bytes [7C, 71] {JL 0x73}
.text D:\_improve system\WindowManager\WindowManager.exe[3028] ntdll.dll!NtSetContextThread 7C91DBAE 3 Bytes [FF, 25, 1E]
.text D:\_improve system\WindowManager\WindowManager.exe[3028] ntdll.dll!NtSetContextThread + 4 7C91DBB2 2 Bytes [73, 71] {JAE 0x73}
.text D:\_improve system\WindowManager\WindowManager.exe[3028] ntdll.dll!NtSetValueKey 7C91DDCE 3 Bytes [FF, 25, 1E]
.text D:\_improve system\WindowManager\WindowManager.exe[3028] ntdll.dll!NtSetValueKey + 4 7C91DDD2 2 Bytes [82, 71]
.text D:\_improve system\WindowManager\WindowManager.exe[3028] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 71AF0001
.text D:\_improve system\WindowManager\WindowManager.exe[3028] kernel32.dll!CreateProcessInternalW 7C819EA8 3 Bytes [FF, 25, 1E]
.text D:\_improve system\WindowManager\WindowManager.exe[3028] kernel32.dll!CreateProcessInternalW + 4 7C819EAC 2 Bytes [70, 71] {JO 0x73}
.text D:\_improve system\WindowManager\WindowManager.exe[3028] USER32.dll!PostMessageW 7E368CCB 6 Bytes JMP 718C000A
.text D:\_improve system\WindowManager\WindowManager.exe[3028] USER32.dll!SendMessageW 7E37929A 6 Bytes JMP 7192000A
.text D:\_improve system\WindowManager\WindowManager.exe[3028] USER32.dll!PostMessageA 7E37AAFD 6 Bytes JMP 718F000A
.text D:\_improve system\WindowManager\WindowManager.exe[3028] USER32.dll!SendInput 7E37F140 3 Bytes [FF, 25, 1E]
.text D:\_improve system\WindowManager\WindowManager.exe[3028] USER32.dll!SendInput + 4 7E37F144 2 Bytes [97, 71]
.text D:\_improve system\WindowManager\WindowManager.exe[3028] USER32.dll!SendMessageA 7E37F3C2 6 Bytes JMP 7195000A
.text D:\_improve system\WindowManager\WindowManager.exe[3028] USER32.dll!mouse_event 7E3B673F 6 Bytes JMP 719E000A
.text D:\_improve system\WindowManager\WindowManager.exe[3028] USER32.dll!keybd_event 7E3B6783 6 Bytes JMP 719B000A
.text D:\_improve system\WindowManager\WindowManager.exe[3028] ADVAPI32.dll!CreateServiceA 77E07219 6 Bytes JMP 7189000A
.text D:\_improve system\WindowManager\WindowManager.exe[3028] ADVAPI32.dll!CreateServiceW 77E073B1 6 Bytes JMP 7186000A
.text D:\_improve system\WindowManager\WindowManager.exe[3028] WS2_32.dll!WSALookupServiceBeginW 71A135EF 6 Bytes JMP 71A5000A
.text D:\_improve system\WindowManager\WindowManager.exe[3028] WS2_32.dll!connect 71A14A07 6 Bytes JMP 71AB000A
.text D:\_improve system\WindowManager\WindowManager.exe[3028] WS2_32.dll!listen 71A18CD3 6 Bytes JMP 71A8000A
.text C:\Programme\TweakRAM\TweakRAM.exe[3568] ntdll.dll!NtCreateFile 7C91D0AE 1 Byte [FF]
.text C:\Programme\TweakRAM\TweakRAM.exe[3568] ntdll.dll!NtCreateFile 7C91D0AE 3 Bytes [FF, 25, 1E]
.text C:\Programme\TweakRAM\TweakRAM.exe[3568] ntdll.dll!NtCreateFile + 4 7C91D0B2 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Programme\TweakRAM\TweakRAM.exe[3568] ntdll.dll!NtDeleteValueKey 7C91D26E 3 Bytes [FF, 25, 1E]
.text C:\Programme\TweakRAM\TweakRAM.exe[3568] ntdll.dll!NtDeleteValueKey + 4 7C91D272 2 Bytes [84, 71]
.text C:\Programme\TweakRAM\TweakRAM.exe[3568] ntdll.dll!NtOpenFile 7C91D59E 3 Bytes [FF, 25, 1E]
.text C:\Programme\TweakRAM\TweakRAM.exe[3568] ntdll.dll!NtOpenFile + 4 7C91D5A2 2 Bytes [7B, 71] {JNP 0x73}
.text C:\Programme\TweakRAM\TweakRAM.exe[3568] ntdll.dll!NtOpenProcess 7C91D5FE 3 Bytes [FF, 25, 1E]
.text C:\Programme\TweakRAM\TweakRAM.exe[3568] ntdll.dll!NtOpenProcess + 4 7C91D602 2 Bytes [81, 71]
.text C:\Programme\TweakRAM\TweakRAM.exe[3568] ntdll.dll!NtSetContextThread 7C91DBAE 3 Bytes [FF, 25, 1E]
.text C:\Programme\TweakRAM\TweakRAM.exe[3568] ntdll.dll!NtSetContextThread + 4 7C91DBB2 2 Bytes [78, 71] {JS 0x73}
.text C:\Programme\TweakRAM\TweakRAM.exe[3568] ntdll.dll!NtSetValueKey 7C91DDCE 3 Bytes [FF, 25, 1E]
.text C:\Programme\TweakRAM\TweakRAM.exe[3568] ntdll.dll!NtSetValueKey + 4 7C91DDD2 2 Bytes [87, 71]
.text C:\Programme\TweakRAM\TweakRAM.exe[3568] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 71AF0001
.text C:\Programme\TweakRAM\TweakRAM.exe[3568] kernel32.dll!CreateProcessInternalW 7C819EA8 3 Bytes [FF, 25, 1E]
.text C:\Programme\TweakRAM\TweakRAM.exe[3568] kernel32.dll!CreateProcessInternalW + 4 7C819EAC 2 Bytes [75, 71] {JNZ 0x73}
.text C:\Programme\TweakRAM\TweakRAM.exe[3568] user32.dll!PostMessageW 7E368CCB 6 Bytes JMP 7191000A
.text C:\Programme\TweakRAM\TweakRAM.exe[3568] user32.dll!SendMessageW 7E37929A 6 Bytes JMP 7197000A
.text C:\Programme\TweakRAM\TweakRAM.exe[3568] user32.dll!PostMessageA 7E37AAFD 6 Bytes JMP 7194000A
.text C:\Programme\TweakRAM\TweakRAM.exe[3568] user32.dll!SendInput 7E37F140 3 Bytes [FF, 25, 1E]
.text C:\Programme\TweakRAM\TweakRAM.exe[3568] user32.dll!SendInput + 4 7E37F144 2 Bytes [9C, 71]
.text C:\Programme\TweakRAM\TweakRAM.exe[3568] user32.dll!SendMessageA 7E37F3C2 6 Bytes JMP 719A000A
.text C:\Programme\TweakRAM\TweakRAM.exe[3568] user32.dll!mouse_event 7E3B673F 6 Bytes JMP 71A3000A
.text C:\Programme\TweakRAM\TweakRAM.exe[3568] user32.dll!keybd_event 7E3B6783 6 Bytes JMP 71A0000A
.text C:\Programme\TweakRAM\TweakRAM.exe[3568] advapi32.dll!CreateServiceA 77E07219 6 Bytes JMP 718E000A
.text C:\Programme\TweakRAM\TweakRAM.exe[3568] advapi32.dll!CreateServiceW 77E073B1 6 Bytes JMP 718B000A
.text C:\Programme\TweakRAM\TweakRAM.exe[3568] WS2_32.dll!WSALookupServiceBeginW 010535EF 6 Bytes JMP 716D000A
.text C:\Programme\TweakRAM\TweakRAM.exe[3568] WS2_32.dll!connect 01054A07 6 Bytes JMP 7173000A
.text C:\Programme\TweakRAM\TweakRAM.exe[3568] WS2_32.dll!listen 01058CD3 6 Bytes JMP 7170000A
.text E:\_ dropbox _\Dropbox\_ install new\__new\z_security\gmer_2.1.19163.exe[3880] ntdll.dll!NtCreateFile 7C91D0AE 1 Byte [FF]
.text E:\_ dropbox _\Dropbox\_ install new\__new\z_security\gmer_2.1.19163.exe[3880] ntdll.dll!NtCreateFile 7C91D0AE 3 Bytes [FF, 25, 1E]
.text E:\_ dropbox _\Dropbox\_ install new\__new\z_security\gmer_2.1.19163.exe[3880] ntdll.dll!NtCreateFile + 4 7C91D0B2 2 Bytes [86, 71]
.text E:\_ dropbox _\Dropbox\_ install new\__new\z_security\gmer_2.1.19163.exe[3880] ntdll.dll!NtDeleteValueKey 7C91D26E 3 Bytes [FF, 25, 1E]
.text E:\_ dropbox _\Dropbox\_ install new\__new\z_security\gmer_2.1.19163.exe[3880] ntdll.dll!NtDeleteValueKey + 4 7C91D272 2 Bytes [8C, 71]
.text E:\_ dropbox _\Dropbox\_ install new\__new\z_security\gmer_2.1.19163.exe[3880] ntdll.dll!NtOpenFile 7C91D59E 3 Bytes [FF, 25, 1E]
.text E:\_ dropbox _\Dropbox\_ install new\__new\z_security\gmer_2.1.19163.exe[3880] ntdll.dll!NtOpenFile + 4 7C91D5A2 2 Bytes [83, 71]
.text E:\_ dropbox _\Dropbox\_ install new\__new\z_security\gmer_2.1.19163.exe[3880] ntdll.dll!NtOpenProcess 7C91D5FE 3 Bytes [FF, 25, 1E]
.text E:\_ dropbox _\Dropbox\_ install new\__new\z_security\gmer_2.1.19163.exe[3880] ntdll.dll!NtOpenProcess + 4 7C91D602 2 Bytes [89, 71]
.text E:\_ dropbox _\Dropbox\_ install new\__new\z_security\gmer_2.1.19163.exe[3880] ntdll.dll!NtSetContextThread 7C91DBAE 3 Bytes [FF, 25, 1E]
.text E:\_ dropbox _\Dropbox\_ install new\__new\z_security\gmer_2.1.19163.exe[3880] ntdll.dll!NtSetContextThread + 4 7C91DBB2 2 Bytes [80, 71]
.text E:\_ dropbox _\Dropbox\_ install new\__new\z_security\gmer_2.1.19163.exe[3880] ntdll.dll!NtSetValueKey 7C91DDCE 3 Bytes [FF, 25, 1E]
.text E:\_ dropbox _\Dropbox\_ install new\__new\z_security\gmer_2.1.19163.exe[3880] ntdll.dll!NtSetValueKey + 4 7C91DDD2 2 Bytes [8F, 71]
.text E:\_ dropbox _\Dropbox\_ install new\__new\z_security\gmer_2.1.19163.exe[3880] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 71AF0001
.text E:\_ dropbox _\Dropbox\_ install new\__new\z_security\gmer_2.1.19163.exe[3880] kernel32.dll!CreateProcessInternalW 7C819EA8 3 Bytes [FF, 25, 1E]
.text E:\_ dropbox _\Dropbox\_ install new\__new\z_security\gmer_2.1.19163.exe[3880] kernel32.dll!CreateProcessInternalW + 4 7C819EAC 2 Bytes [7D, 71] {JGE 0x73}
.text E:\_ dropbox _\Dropbox\_ install new\__new\z_security\gmer_2.1.19163.exe[3880] USER32.dll!PostMessageW 7E368CCB 6 Bytes JMP 7199000A
.text E:\_ dropbox _\Dropbox\_ install new\__new\z_security\gmer_2.1.19163.exe[3880] USER32.dll!SendMessageW 7E37929A 6 Bytes JMP 719F000A
.text E:\_ dropbox _\Dropbox\_ install new\__new\z_security\gmer_2.1.19163.exe[3880] USER32.dll!PostMessageA 7E37AAFD 6 Bytes JMP 719C000A
.text E:\_ dropbox _\Dropbox\_ install new\__new\z_security\gmer_2.1.19163.exe[3880] USER32.dll!SendInput 7E37F140 3 Bytes [FF, 25, 1E]
.text E:\_ dropbox _\Dropbox\_ install new\__new\z_security\gmer_2.1.19163.exe[3880] USER32.dll!SendInput + 4 7E37F144 2 Bytes [A4, 71]
.text E:\_ dropbox _\Dropbox\_ install new\__new\z_security\gmer_2.1.19163.exe[3880] USER32.dll!SendMessageA 7E37F3C2 6 Bytes JMP 71A2000A
.text E:\_ dropbox _\Dropbox\_ install new\__new\z_security\gmer_2.1.19163.exe[3880] USER32.dll!mouse_event 7E3B673F 6 Bytes JMP 71AB000A
.text E:\_ dropbox _\Dropbox\_ install new\__new\z_security\gmer_2.1.19163.exe[3880] USER32.dll!keybd_event 7E3B6783 6 Bytes JMP 71A8000A
.text E:\_ dropbox _\Dropbox\_ install new\__new\z_security\gmer_2.1.19163.exe[3880] ADVAPI32.dll!CreateServiceA 77E07219 6 Bytes JMP 7196000A
.text E:\_ dropbox _\Dropbox\_ install new\__new\z_security\gmer_2.1.19163.exe[3880] ADVAPI32.dll!CreateServiceW 77E073B1 6 Bytes JMP 7193000A
---- Devices - GMER 2.1 ----
AttachedDevice \FileSystem\Ntfs \Ntfs tdrpman.sys
Device \FileSystem\Fastfat \FatCdrom B6C0BD20
Device \Driver\Ftdisk \Device\HarddiskVolume12 fltsrv.sys
Device \Driver\Ftdisk \Device\HarddiskVolume13 fltsrv.sys
Device \FileSystem\mbamchameleon \Device\devmbamchameleon B7C48690
Device \Driver\Ftdisk \Device\HarddiskVolume1 fltsrv.sys
Device \Driver\Ftdisk \Device\HarddiskVolume2 fltsrv.sys
Device \Driver\Ftdisk \Device\HarddiskVolume3 fltsrv.sys
Device \Driver\Ftdisk \Device\HarddiskVolume4 fltsrv.sys
Device \Driver\Ftdisk \Device\HarddiskVolume5 fltsrv.sys
Device \Driver\Ftdisk \Device\HarddiskVolume6 fltsrv.sys
Device \Driver\Ftdisk \Device\HarddiskVolume7 fltsrv.sys
Device \Driver\Ftdisk \Device\HarddiskVolume8 fltsrv.sys
Device \Driver\Ftdisk \Device\HarddiskVolume9 fltsrv.sys
Device \Driver\Disk \Device\Harddisk0\DR0 fltsrv.sys
Device \Driver\Disk \Device\Harddisk1\DR1 fltsrv.sys
Device \Driver\Disk \Device\Harddisk2\DR2 fltsrv.sys
Device \Driver\Disk \Device\Harddisk3\DR3 fltsrv.sys
Device \Driver\Disk \Device\Harddisk4\DR15 fltsrv.sys
Device \Driver\Disk \Device\Harddisk5\DR17 fltsrv.sys
Device \Driver\Disk \Device\Harddisk6\DR18 fltsrv.sys
Device \Driver\Disk \Device\Harddisk6\DP(1)0-0+14 fltsrv.sys
Device \Driver\Ftdisk \Device\FtControl fltsrv.sys
Device \Driver\Ftdisk \Device\HarddiskVolume10 fltsrv.sys
Device \Driver\Ftdisk \Device\HarddiskVolume11 fltsrv.sys
Device \FileSystem\Fastfat \Fat B6C0BD20
AttachedDevice \FileSystem\Fastfat \Fat tdrpman.sys
AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\Video\{ACF7F00A-9B7C-4D40-AAED-C312A9DDBC3F}\0000@D3D_\x3332\x3331 2089309684
Reg HKLM\SYSTEM\CurrentControlSet\Control\Video\{ACF7F00A-9B7C-4D40-AAED-C312A9DDBC3F}\0001@D3D_\x3332\x3331 2089309684
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System@OODLED04.00.00.01PRO F7C90C2AC8D53403A2FB679DB2ADB952034760D4970E4B5D902751551A7F82C05576423479BF298BCB4DD9353F413F46D1266931F87B01462FD3FCDC80898F55A15087C9DB2114A004D096CD21490884002F1825F3F3FD9952A2B2F71259811F15C72BA1EAA8072BAEFA5DCB4B0BE8B3BAFD3DE19673F4DB8F72F2C793BB0E21D0A27E644699D84A15166F87D65E77AD10022B0D9205DE4460F8C1DA70132E0FD5F756332F4B224EDFC095CCFEAF1001F6FCBA3DBA4A783D223B28B9B4559FD10CB58CA10E2AC23C216B185CA47FD1714586C7818AF940E6961733DD138E6204BB1DFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407BA7FD869164D6794A6171C11EC38DE3DA2D97226D213B555A99332BF30528C42E977DA8E1C6D6CBB24E314FB4BAC987BAD52806BA8192D7C8EB8A3B8068BA828D483649581123E5F0064303DEC9FB6CF716D9F725597601D767F3452089F995DDF839EF13941D95BA8799FD1AD625AB225566F9DF806443A54ABB2B8CE667AB6AF2891A55FD1E2E812E2453248E5CEE33278C9770F926CB3A17697ACB469C75B6C976CC6CECA5E15395327683A51C3F2803431A2579ECF42D88C7A05DAE9E146C26D0100A868384018F07094467CCCC602DDC75255C1CA6FF89096AAA55B8F49E235C410531
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System@OOCC7.00.00.01PROSTATION AB867CD6552FEDAC1F1E44BDFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407A2D97226D213B555FEBC9E127BECC74CA9C6AECB7A5D14072B2ADC3BF16A3C3468F6FB8565377C9DC0043D8F39596D3EA801DFC2BDBABBBA2DEE702F1A4ED291979DE9288569C559B5EAEC270E6E465522D97B086C4FB6D4257351916AD2BC63A27DC24B5DB8EE469880B028A89E12542F990C7ED6C2DD8ED220E551BD8ADE15681B93643665D8668884612D6476C6F04E5DD283898E6471B512792DF0FA46268A32D1B75F24074CE7EF3B9EA07683F4C4F9764316219D9D1399393B6620A0AAEFAE54DE2C9C2322DE6DDD3BBF1508BB9A767EC48FDD064375BB39E2826940C841B1D5C7F1E9F522D6594F96AC3A39B79C0ED85E1019B82AA8AEED63B0B99D3DEE9275B40B9D721E01C7F6174FC2A06ED93158BB349D7AAB3EE1B24BDD6752D5A95838BAD8BA2A78507F21F71A01EA79270330DC1AA9AEB58B75C600FABD9E75E7C384C33AB956AB7AFA7EC67E37E8851D5AFA16E96EE14C293B4ABA7EFCE315E343260F998653C27AE7A367F6228FD29644B68EC992BF8475BE46086155A9BE1B7ECB2CDD019FDD91290891FCEBF7B9347E44C268AF9B888F3C24C722711B93D04D8A0279FCDF32C1D4094E11375E205AFDE701745469175E22B0B
---- EOF - GMER 2.1 ----
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.06.0.1004
www.malwarebytes.org
Database version: v2013.07.30.05
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Elmar-Admin :: ASUS-A8N [administrator]
30.07.13 14:00:24
mbar-log-2013-07-30 (14-00-24).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: PUP
Objects scanned: 328107
Time elapsed: 9 minute(s), 59 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 1
HKLM\SOFTWARE\CLASSES\CLSID\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> Delete on reboot.
Registry Values Detected: 2
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Data: 1 -> No action taken.
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|NoFolderOptions (Hijack.FolderOptions) -> Data: 1 -> No action taken.
Registry Data Items Detected: 1
HKLM\SOFTWARE\CLASSES\DRIVE\SHELL| (Hijack.Drives) -> Bad: (open) Good: (none) -> Replace on reboot.
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
c:\windows\kb971513.log (Extension.Mismatch) -> Delete on reboot.
Physical Sectors Detected: 2
Physical Sector #64 on Drive #1 (Unknown.Rootkit.VBR) -> Replace on reboot.
Master Boot Record on Drive #1 (Unknown.Rootkit.VBR) -> Replace on reboot.
(end)
MBAR2 Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.06.0.1004
www.malwarebytes.org
Database version: v2013.07.30.05
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Elmar-Admin :: ASUS-A8N [administrator]
30.07.13 14:27:15
mbar-log-2013-07-30 (14-27-15).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: PUP
Objects scanned: 325185
Time elapsed: 7 minute(s), 11 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 2
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Data: 1 -> No action taken.
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|NoFolderOptions (Hijack.FolderOptions) -> Data: 1 -> No action taken.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
VIELEN DANK für Deine Mühen!!! Elmar |
|
30.07.2013, 15:06
| #11 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Immer wieder Abstürze einfach so - WIN XP SP3Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
31.07.2013, 00:55
| #12 |
| | Immer wieder Abstürze einfach so - WIN XP SP3 wollte erst mal selber schauen, ob ich das nicht irgendwie absichtlich eingestellt habe. Nicht dass das dann weg ist. Und ich nicht wei0, warum. Wenns ich nicht war, dann fliegts raus natürlich... |
|
31.07.2013, 08:45
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Immer wieder Abstürze einfach so - WIN XP SP3 Bitte mit MBAR alle Funde löschen lassen
__________________ Logfiles bitte immer in CODE-Tags posten |
|
31.07.2013, 16:19
| #14 |
| | Immer wieder Abstürze einfach so - WIN XP SP3 OK, mach ich. Ich hab noch den Spybot drüberlaufen lassen, hier das Ergebnis.  Soll ich die roten Einträge löschen lassen? Melde mich wieder, wenn MBAR gelaufen ist.... Vielen Dank für Deine Mühen!! |
|
31.07.2013, 16:33
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Immer wieder Abstürze einfach so - WIN XP SP3 Bitte keine Tools mehr ohne Absprache/Anweisung starten
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Immer wieder Abstürze einfach so - WIN XP SP3 |
| askbar, chromium, defender, einstellungen, emsisoft, explorer, extension.mismatch, fontcache, google, hijack.controlpanelstyle, hijack.drives, hijack.folderoptions, hijackthis, hkus\s-1-5-18, hängen, internet browser, internet explorer, monitor, nvidia, plug-in, policyagent, programm, registrierungsdatenbank, registry, required, schutz, secunia psi, sigcheck, software, system, taskmanager, trojan.downloader, windows xp |
Linear-Darstellung
