Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   System Sauber oder doch nicht? (https://www.trojaner-board.de/125867-system-sauber.html)

Sunbeam83 19.10.2012 04:54
System Sauber oder doch nicht?
 
Ich Grüße euch alle Miteinander.

Ich habe folgende frage zu meinem System ist es Sauber oder nicht?

Warum Ich diese Frage stelle, hat folgenden Grund.

" PlayStation(R)Network Downloader Check Plug-in "

Ich habe in dieser Nacht durch Zufall folgendes Addon in Firefox gefunden.

Kann mir aber nicht erklären woher es kommt und was es dort soll.

Ich bin weder in Besitz einer Playstadion, noch habe Ich irgend welche anderen Hardware. Die Ich damit verknüpfen würde.
Durch Suche per Googel bin Ich hier auf das Forum gestoßen und hoffe das es nicht schlimmer wird.

Ich kann auch nicht sagen was mein Bruder ewentuell verursacht hat oder Installiert hat.
Ich persönlich war die Letzten Woche nicht da.

Und da vor war es Defenetiv nicht da.


Ich habe mich an die Anleitung für neulinge gehalten und die Punkte
1- Download von Malwarebytes Anti-Malware und dem Scannen

2- Download Defogger und dem Starten, habe eine fehler meldung bekommen nach dem Starten und ich habe mich an die folgende anweißung gehalten. (Klicke den Re-enable Button nicht ohne Anweisung.)

defogger_disable Inhalt:

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 04:54 on 19/10/2012 (Robert Köppen)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-




3- Download von OTL und dem dem Anschließenden Quick scan.


Ich habe die Log Datein per 7-zip gepackt und hier angehangen.


Das Posten der Beiden Log hier im Tread habe ich erst ein mal unterlassen da sie beide recht lang sind. Wenn es aber noch Gewünscht wird tu Ich es auch noch.


Ich hoffe doch mal das mein System nix abbekommen hat.

cosinus 19.10.2012 13:22
Die Logs bitte nur in den Anhang (gezippt) legen, wenn sie zu groß sind um direkt gepostet zu werden!
Ansonsten bitte alles nach Möglichkeit hier in CODE-Tags posten. Das ist einfacher übersichtlicher und man spart sich ne Menge Rumklickerei

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

Sunbeam83 20.10.2012 10:43
Der Text, den Sie eingegeben haben, besteht aus 128237 Zeichen und ist damit zu lang. Bitte kürzen Sie den Text auf die maximale Länge von 120000 Zeichen.

Logs bitte als Archiv an den Beitrag anhängen!


Das Bekomme Ich als Meldung wen Ich es nach deiner Anleitung mache..

cosinus 21.10.2012 12:12
Die Logs bitte einzeln posten, pro Beitrag ein Log, dann müsste es passen

Sunbeam83 21.10.2012 20:43
Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 11:23 on 20/10/2012 (Robert Köppen)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.


Extra

OTL EXTRAS Logfile:
Code:
OTL Extras logfile created on: 19.10.2012 04:58:01 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = D:\Users\**************************\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 6,01 Gb Available Physical Memory | 75,17% Memory free
20,00 Gb Paging File | 17,77 Gb Available in Paging File | 88,89% Paging File free
Paging file location(s): d:\pagefile.sys 12288 12288 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = D:\Program Files (x86)
Drive C: | 59,52 Gb Total Space | 45,91 Gb Free Space | 77,14% Space Free | Partition Type: NTFS
Drive D: | 97,66 Gb Total Space | 62,38 Gb Free Space | 63,87% Space Free | Partition Type: NTFS
Drive E: | 833,85 Gb Total Space | 832,36 Gb Free Space | 99,82% Space Free | Partition Type: NTFS
Drive K: | 929,32 Gb Total Space | 268,65 Gb Free Space | 28,91% Space Free | Partition Type: NTFS
Drive M: | 1863,01 Gb Total Space | 1774,86 Gb Free Space | 95,27% Space Free | Partition Type: NTFS
Drive Y: | 933,68 Gb Total Space | 932,40 Gb Free Space | 99,86% Space Free | Partition Type: NTFS
 
Computer Name: **************************-PC | User Name: ************************** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- D:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- D:\Program Files (x86)\Opera\Opera.exe (Opera Software)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "D:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "D:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "D:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "D:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = D:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"D:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = D:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"D:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = D:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"D:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = D:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04B83563-5F4B-4B8B-8836-885BD6419767}" = rport=139 | protocol=6 | dir=out | app=system |
"{22E8C608-4A6E-4437-9D2B-8D28F095FF5D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{26F50ABA-DBDC-4E43-85AB-4901004BCB98}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2919629F-18A1-4C37-8A85-8337EBEE00A3}" = lport=10243 | protocol=6 | dir=in | app=system |
"{3FF2C4A9-2EA6-4476-8520-528EAD22FA10}" = rport=445 | protocol=6 | dir=out | app=system |
"{46CD71E3-10A3-433C-9ABD-9C9C54104255}" = rport=138 | protocol=17 | dir=out | app=system |
"{4796E067-2ECD-42B1-AAF4-082AC5A5C84D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4942BCFA-F4C8-4B69-91F3-D2D4CFB53333}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4EF84696-3520-4159-AED8-4A2BD42DAA50}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{511D7112-2F85-43B3-BC1A-93FD156AFFF0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6A361DD4-7394-43A5-8FA5-11F935446730}" = rport=10243 | protocol=6 | dir=out | app=system |
"{75A48BE0-D991-4DD8-8464-D0B510CEA286}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{775E56DB-8E04-41A2-A3D1-EC68D0E9E550}" = lport=445 | protocol=6 | dir=in | app=system |
"{7BDA3B97-C07E-48B4-9EFC-D3939FC80E95}" = rport=137 | protocol=17 | dir=out | app=system |
"{7C26BD9D-9271-4077-8C80-B468F2E01251}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8412D266-D0FB-418B-A1EA-418F45C74BB7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{86C16AAB-2A3B-42B0-B2ED-D6AA5040BDF6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{93B069FE-A88A-40B0-800A-DD8FEA868B65}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{961C5B60-3E8B-4907-BFCC-81720B5E55AA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9ACB29CB-F699-4D9B-A70F-3A2A6CEC8ED0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A8B473AC-1830-41CD-90B9-6EA1118D2778}" = lport=138 | protocol=17 | dir=in | app=system |
"{AC7BEF5E-0236-475E-9986-835E0E8392BE}" = lport=137 | protocol=17 | dir=in | app=system |
"{AEBD141D-5929-4019-BE83-3197987B6F05}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{AF91C9A9-38E2-416A-9BB1-4B7971D84298}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B760D869-1391-4D49-A9DD-E3DFFA93B622}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CD66E903-7D9A-481D-8D23-82E151E1BCEE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D48D691D-A71A-45A5-95BA-1960D88BF0DB}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{DAC49ED6-1110-43BE-ABD1-4ECC97675EE1}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{DC4FF5CA-888E-47BD-9567-DEAD4167DAC6}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{DCE12EBC-AD42-445C-9F44-619D2DDA9553}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E095DE5E-7D22-4738-836C-BCB397AA81ED}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F2D6F3D7-6E9F-465D-8293-024AFE5AB25D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FFB6DB74-9677-4557-A7F9-B77438F680EB}" = lport=139 | protocol=6 | dir=in | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{34AB7462-3DDC-4219-9932-05890FC64990}" = protocol=17 | dir=in | app=d:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{35D8EBA7-6143-4FD2-BFC8-8634FE64A106}" = dir=in | app=d:\program files (x86)\windows live\contacts\wlcomm.exe |
"{36C531E5-7CE7-4663-90AA-3D3D30042962}" = dir=in | app=d:\users\**************************\appdata\local\microsoft\skydrive\skydrive.exe |
"{378B492E-9B5C-4881-A143-4E177969A67D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3A86C683-07F4-45C7-965D-DCFFD9A9623D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{418C352A-9DFB-427E-B9E0-EE3792F01204}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{42EE7B8C-8E6B-4C27-A380-78DA675B4110}" = protocol=6 | dir=in | app=d:\program files (x86)\opera\opera.exe |
"{43D36B44-62A3-4A33-978B-2E39BB2A121A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4B255D73-0BEF-4213-AD1D-FE1BA32CAE34}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5292B5B2-BBB0-4CC5-BDCC-67E3BA7E84D0}" = protocol=6 | dir=in | app=d:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{53B52D1A-5AE1-4B12-90F9-D96F7F4D13E3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{540A65BB-6A32-45B3-86FE-6240AFD7AE70}" = protocol=6 | dir=in | app=d:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{574135BE-D3A8-4AE0-B125-FF631E73F361}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6633C9B1-F36E-499E-B808-ED7594C0ABD8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6C436D85-F0DC-4172-BC59-E572040F1AD1}" = protocol=17 | dir=in | app=d:\program files (x86)\icq7m\icq.exe |
"{6D8ACE58-7BFB-406E-9EDB-E9F11EDD3212}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{6DD81023-DCA1-45C6-BEFD-729762B2989C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{71D47265-424F-471B-AA5D-32703E2CCEDD}" = protocol=17 | dir=in | app=d:\program files (x86)\opera\opera.exe |
"{793FA024-783F-4889-B2A4-2913324A0C0E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7CF24584-DE49-46CA-82E4-F50E6317DD47}" = dir=in | app=d:\program files (x86)\skype\phone\skype.exe |
"{81F455B3-FE1F-4CDC-8D25-3DF31542FD52}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{8BD12FF8-3633-4432-938C-78F4D04FD48B}" = protocol=6 | dir=in | app=d:\program files (x86)\icq7m\icq.exe |
"{90FA6CC4-C51E-4348-BEB6-92F29CB8E7E5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{95D8A93F-D9F8-49E5-9ABF-C975B1D946DA}" = protocol=17 | dir=in | app=d:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{9D31604A-193D-4D03-B8C1-2690E42505B1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9E89A5F4-77BE-49AF-A346-1E9F95AE7F95}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A726CF1A-16AE-4392-B684-0BEEFDFFC1EC}" = protocol=17 | dir=in | app=d:\program files (x86)\icq7m\icq.exe |
"{ACFC32C9-0567-4D2C-A20A-D822F32ED4F0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B8856B97-91DF-4100-94E3-DF518482918B}" = protocol=6 | dir=out | app=system |
"{BC3B53DB-2068-425D-BAFB-F4A396DD5AF0}" = dir=in | app=d:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{CD52C852-3245-48D1-8BD7-1BD41CEAE9D0}" = protocol=6 | dir=in | app=d:\program files (x86)\icq7m\icq.exe |
"{D4D864E5-0B33-403C-AD0C-9E49BAE85A15}" = protocol=6 | dir=in | app=d:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{E44FFD75-AA23-4805-89DF-9F3A97FCF1BC}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{FA108C49-5CC2-49BA-92F3-40F9D4976B27}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FDD81A77-0BD4-4C3E-9093-C6BFE3F4EA76}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FF353E5C-9D3B-418B-B644-C286DCE4C872}" = protocol=17 | dir=in | app=d:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"TCP Query User{2D7190F6-4B12-4E95-BA8C-EAC60C475BA2}D:\program files (x86)\jdownloader\jdownloader2.exe" = protocol=6 | dir=in | app=d:\program files (x86)\jdownloader\jdownloader2.exe |
"TCP Query User{43E4E99E-9C83-47D9-AB0B-089ED5D83E30}D:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{6ECA8B57-7774-4CA4-9B8C-345E55A7E468}D:\program files (x86)\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=d:\program files (x86)\myphoneexplorer\myphoneexplorer.exe |
"TCP Query User{B0E9D937-A1A1-454E-ADD6-88C5EDF2F496}D:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=d:\program files (x86)\orbitdownloader\orbitnet.exe |
"TCP Query User{C9BF61FD-8293-41AD-A73C-3C321F28EC40}D:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=d:\program files (x86)\orbitdownloader\orbitnet.exe |
"TCP Query User{D3D59935-A75B-49A8-854C-0AE0A3B2C56D}D:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=d:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{FC72D730-AA02-4459-AE1F-A82E70D0A572}D:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=d:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{02639F04-AEFC-4EE0-BB24-602F07F2266F}D:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{0C599EA4-161D-467D-A760-1D25DAF411C6}D:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=d:\program files (x86)\orbitdownloader\orbitnet.exe |
"UDP Query User{39C8CCA5-2FAA-4D96-8C73-B9FE93F5AEBB}D:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=d:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{47F5FC05-583D-4620-A476-86B9FE5503D1}D:\program files (x86)\jdownloader\jdownloader2.exe" = protocol=17 | dir=in | app=d:\program files (x86)\jdownloader\jdownloader2.exe |
"UDP Query User{542A7D6C-844C-4CD8-A97E-3C9E1289A30D}D:\program files (x86)\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=d:\program files (x86)\myphoneexplorer\myphoneexplorer.exe |
"UDP Query User{73394810-52B5-4F23-B2C0-D6FE4C3465F8}D:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=d:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{EEF13D97-5A75-4937-A2BC-9EAE85A91851}D:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=d:\program files (x86)\orbitdownloader\orbitnet.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02359FE8-6BBF-407A-B7E1-39AA26C09525}" = MAGIX Foto Manager MX
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5F611ADA-B98C-4DBB-ADDE-414F08457ECF}" = Windows Live Family Safety
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6C2E334F-37F5-C312-53BA-1482F9A6FD4D}" = ccc-utility64
"{81D00339-968D-15D1-3499-8431658E896F}" = AMD Catalyst Install Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{DB33E7CB-D489-4CE5-8FD4-9CCCB4188C2F}" = MAGIX Screenshare
"{E6F5D8BE-0B00-6DD9-18F9-D4045798FCBE}" = AMD Media Foundation Decoders
"{E7D9D138-7DFA-441A-B1A9-703193C5D6D3}_is1" = USBLogon 1.5.0.0
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F55458B0-DCA9-38C9-6C8D-829F22463A55}" = AMD Drag and Drop Transcoding
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"Creative VF0470" = Creative Live! Cam Notebook (VF0470) Driver (1.03.01.00)
"EnhanceMySe7en_is1" = EnhanceMySe7en
"KLiteCodecPack64_is1" = K-Lite Codec Pack 9.3.0 (64-bit)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"sp6" = Logitech SetPoint 6.32
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VLC media player" = VLC media player 2.0.2
"x64 Components_is1" = x64 Components v3.8.0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01496C89-6117-AD97-3CB3-98AF2026070C}" = CCC Help German
"{03CC9D58-B132-4CC0-A521-4F3660AA43C7}" = Movie Maker
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{0486991B-63F4-5106-06CE-404D7BA55041}" = CCC Help Italian
"{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1" = MiniTool Partition Wizard Home Edition 7.6
"{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{15F3A6F5-06AE-4332-AE3E-21CD0416827A}" = Windows Live Mail
"{177A3BC5-ECD3-BFF1-4D87-C4B417924DF2}" = CCC Help Russian
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{19D368B2-5601-007B-A296-535706E00D97}" = CCC Help English
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{278FA289-F502-D888-A3BA-5FA10308AAAD}" = CCC Help Danish
"{2BF9702B-52EE-4841-83C4-B5E640B6C97A}" = Media Go
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3C3DCD2B-6FC7-41BF-BB80-40A936E1A785}" = Windows Live Writer
"{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}" = Fotogalerie
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{44F77218-4BBD-1B74-88B7-FC302868F2B3}" = CCC Help Japanese
"{489BC3B4-AEF9-E14A-11BC-B70FDE9D543D}" = CCC Help Chinese Traditional
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A85AE1B-9727-261D-9EAF-07C1AECCF977}" = CCC Help Turkish
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4E1E1394-F813-420E-A4D0-63D6FE26ACBE}" = BlueStacks
"{502699FF-F586-54B1-91E8-E85D9FAE0D6D}" = CCC Help Greek
"{53EF1C4D-0705-98F2-1889-A69BBF9F03F3}" = CCC Help Thai
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{548A4EF3-BD97-0813-B469-E1E2FC9DE487}" = CCC Help Korean
"{55533224-CAD0-39B5-6297-E1B2D1D8F176}" = Catalyst Control Center
"{590828E0-9BA6-3E4D-8491-A1D9CC3EB8CE}" = CCC Help French
"{6563FAF5-84F9-0A35-C032-182EBC4C3BDB}" = CCC Help Finnish
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{69437EE7-060C-4A38-BDF4-C4585C986D23}" = Radeon RAMDisk
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6C5F8503-55D2-4398-858C-362B7A7AF51C}" = Firebird SQL Server - MAGIX Edition
"{6D46F639-5F2F-90F3-4B60-EB2EF264B82E}" = CCC Help Spanish
"{70210CF8-CAB1-8FEB-D964-C33AFE18730B}" = CCC Help Czech
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{85CE9026-C02A-46B4-B08C-4C77CCCC54FF}" = Windows Live Family Safety
"{8913AC02-67B8-4B52-91B2-BBA7B9C265B5}" = Windows Live Writer Resources
"{89F1F5CF-144F-466B-A939-1675B0022ADE}" = Pacemaker Editor
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8B1AEC85-4507-28BD-F3BA-4A5D732752E7}" = CCC Help Hungarian
"{8C5ACED4-34D3-23BB-F90E-2F90420321BC}" = Catalyst Control Center Localization All
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3DAD349-E48E-AE45-3F26-7B80A4FFCD26}" = Catalyst Control Center InstallProxy
"{A4F094CE-9B05-FB0C-DD73-A85DE5D8D283}" = Media Go Video Playback Engine 1.92.169.06150
"{AE364ACC-B9DF-466B-B4EA-AEECD0CD581E}" = Windows Live Messenger
"{B0B1A8A5-4711-BB6C-DD59-9794AD928368}" = CCC Help Dutch
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B33D2348-2938-1A03-0CD3-E6F7101244E0}" = CCC Help Polish
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{B7C8D838-9C3A-1177-B80A-E3C512FD8AF5}" = CCC Help Swedish
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{DDCB737A-EEC8-3815-42DA-69011A55E3E5}" = Catalyst Control Center Graphics Previews Common
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{E170E984-6B20-79C2-1E9F-0256EC5ADFB4}" = CCC Help Chinese Standard
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E866E52C-1F56-4CCF-0071-CA915F8CFEDA}" = CCC Help Norwegian
"{EC3825A1-02C6-4A83-8CA4-3F97A25CD37B}" = simplitec simplicheck
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.094
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F5D245CC-C332-1E8E-CCB1-75E0C3C4D6F1}" = CCC Help Portuguese
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"CrystalDiskInfo_is1" = CrystalDiskInfo 5.0.0
"Free Studio_is1" = Free Studio version 5.7.5.1005
"FreeCommander XE_is1" = FreeCommander XE
"jdownloader2" = JDownloader 2.0
"MAGIX_{02359FE8-6BBF-407A-B7E1-39AA26C09525}" = MAGIX Foto Manager MX
"MAGIX_{DB33E7CB-D489-4CE5-8FD4-9CCCB4188C2F}" = MAGIX Screenshare
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Mixxx (1.10.1)" = Mixxx 1.10.1 (64-bit)
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 16.0.1 (x86 de)" = Mozilla Firefox 16.0.1 (x86 de)
"Mozilla Thunderbird 16.0.1 (x86 de)" = Mozilla Thunderbird 16.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MPE" = MyPhoneExplorer
"Opera 12.02.1578" = Opera 12.02
"Orbit_is1" = Orbit Downloader
"PriceGong" = PriceGong 2.6.7
"RMPrepUSB" = RMPrepUSB
"Secunia PSI" = Secunia PSI (3.0.0.4001)
"SpeedFan" = SpeedFan (remove only)
"TeamViewer 7" = TeamViewer 7
"Update Engine" = Sony Ericsson Update Engine
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-Bit)
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SkyDriveSetup.exe" = Microsoft SkyDrive
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 18.10.2012 12:47:01 | Computer Name = **************************-PC | Source = VSS | ID = 8193
Description =
 
Error - 18.10.2012 12:47:01 | Computer Name = **************************-PC | Source = VSS | ID = 13
Description =
 
Error - 18.10.2012 12:47:01 | Computer Name = **************************-PC | Source = VSS | ID = 8193
Description =
 
Error - 18.10.2012 17:02:37 | Computer Name = **************************-PC | Source = VSS | ID = 13
Description =
 
Error - 18.10.2012 17:02:37 | Computer Name = **************************-PC | Source = VSS | ID = 8193
Description =
 
Error - 18.10.2012 17:02:37 | Computer Name = **************************-PC | Source = System Restore | ID = 8193
Description =
 
Error - 18.10.2012 17:29:12 | Computer Name = **************************-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 18.10.2012 17:30:40 | Computer Name = **************************-PC | Source = .NET Runtime Optimization Service | ID = 1103
Description =
 
Error - 18.10.2012 17:30:40 | Computer Name = **************************-PC | Source = .NET Runtime Optimization Service | ID = 1103
Description =
 
Error - 18.10.2012 17:44:32 | Computer Name = **************************-PC | Source = WinMgmt | ID = 10
Description =
 
[ System Events ]
Error - 18.10.2012 17:38:20 | Computer Name = **************************-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
 Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde:  %%-2140993535
 
Error - 18.10.2012 17:38:20 | Computer Name = **************************-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
 beendet:  %%-2140993535
 
Error - 18.10.2012 17:38:20 | Computer Name = **************************-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
 Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde:  %%-2140993535
 
Error - 18.10.2012 17:42:52 | Computer Name = **************************-PC | Source = NETLOGON | ID = 3095
Description = Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert,
 nicht als  Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser  Konfiguration
 nicht gestartet zu sein.
 
Error - 18.10.2012 17:43:00 | Computer Name = **************************-PC | Source = SNMP | ID = 16713180
Description = Beim Zugreifen auf den Registrierungsschlüssel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration
 ist ein Fehler aufgetreten.
 
Error - 18.10.2012 17:43:08 | Computer Name = **************************-PC | Source = RemoteAccess | ID = 20152
Description = Der momentan konfigurierte Authentifizierungsanbieter konnte nicht
 geladen und initialisiert werden. Der angeforderte Name ist gültig, es wurden jedoch
 keine Daten des angeforderten Typs gefunden. 
 
Error - 18.10.2012 17:43:10 | Computer Name = **************************-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Routing und RAS" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%11004.
 
Error - 18.10.2012 17:44:28 | Computer Name = **************************-PC | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Diagnosediensthost" wurde nicht richtig gestartet.
 
Error - 18.10.2012 17:44:30 | Computer Name = **************************-PC | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Diagnosesystemhost" wurde nicht richtig gestartet.
 
Error - 18.10.2012 17:44:30 | Computer Name = **************************-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
  cdrom
 
 
< End of report >
--- --- ---
[/code]




Beim dem Log der OTl bekomme ich auch einzeln die Meldung das es zu Groß ist

Tut mir leid

cosinus 22.10.2012 10:15
Dann poste bitte die Logs verteilt über zwei Postings, notfalls kann ich mir das OTL-Log aber auch aus dem ersten Posting rausholen
Ich will nur vermeiden JEDES Log erst mal runterladen und entpacken zu müssen, diese Infos sieht man direkter ohne Umwege wenn die Logs direkt im Beitrag gepostet sind

Sunbeam83 24.10.2012 11:55
OTL Logfile:
Code:
OTL logfile created on: 19.10.2012 04:58:01 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = D:\Users\******\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 6,01 Gb Available Physical Memory | 75,17% Memory free
20,00 Gb Paging File | 17,77 Gb Available in Paging File | 88,89% Paging File free
Paging file location(s): d:\pagefile.sys 12288 12288 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = D:\Program Files (x86)
Drive C: | 59,52 Gb Total Space | 45,91 Gb Free Space | 77,14% Space Free | Partition Type: NTFS
Drive D: | 97,66 Gb Total Space | 62,38 Gb Free Space | 63,87% Space Free | Partition Type: NTFS
Drive E: | 833,85 Gb Total Space | 832,36 Gb Free Space | 99,82% Space Free | Partition Type: NTFS
Drive K: | 929,32 Gb Total Space | 268,65 Gb Free Space | 28,91% Space Free | Partition Type: NTFS
Drive M: | 1863,01 Gb Total Space | 1774,86 Gb Free Space | 95,27% Space Free | Partition Type: NTFS
Drive Y: | 933,68 Gb Total Space | 932,40 Gb Free Space | 99,86% Space Free | Partition Type: NTFS
 
Computer Name: ******KÖPPEN-PC | User Name: ****** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.19 04:55:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Users\******\Desktop\OTL.exe
PRC - [2012.10.19 04:48:56 | 000,050,477 | ---- | M] () -- D:\Users\******\Desktop\Defogger.exe
PRC - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.09.24 16:05:00 | 000,384,888 | ---- | M] (BlueStack Systems, Inc.) -- D:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
PRC - [2012.09.24 16:04:32 | 000,393,080 | ---- | M] (BlueStack Systems, Inc.) -- D:\Program Files (x86)\BlueStacks\HD-Service.exe
PRC - [2012.09.24 16:04:28 | 000,367,480 | ---- | M] (BlueStack Systems) -- D:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
PRC - [2012.09.24 16:04:20 | 000,260,472 | ---- | M] (BlueStack Systems) -- D:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
PRC - [2012.09.24 16:04:16 | 000,375,672 | ---- | M] (BlueStack Systems) -- D:\Program Files (x86)\BlueStacks\HD-Network.exe
PRC - [2012.09.24 14:46:16 | 001,328,736 | ---- | M] (Secunia) -- D:\Program Files (x86)\Secunia\PSI\PSIA.exe
PRC - [2012.09.24 14:46:16 | 000,656,480 | ---- | M] (Secunia) -- D:\Program Files (x86)\Secunia\PSI\sua.exe
PRC - [2012.09.07 15:23:10 | 002,637,624 | ---- | M] (Orbitdownloader.com) -- D:\Program Files (x86)\Orbitdownloader\orbitdm.exe
PRC - [2012.09.07 15:14:36 | 000,557,056 | ---- | M] (Orbitdownloader.com) -- D:\Program Files (x86)\Orbitdownloader\orbitnet.exe
PRC - [2012.08.31 16:02:02 | 002,754,984 | ---- | M] (TeamViewer GmbH) -- D:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- D:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- D:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.08.17 04:37:56 | 000,277,504 | ---- | M] (Intel Corporation) -- D:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2012.08.17 04:37:50 | 000,007,168 | ---- | M] (Intel Corporation) -- D:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.05.24 10:33:30 | 001,840,128 | ---- | M] (MAGIX AG) -- D:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.10.19 04:48:56 | 000,050,477 | ---- | M] () -- D:\Users\******\Desktop\Defogger.exe
MOD - [2012.10.08 06:10:06 | 001,226,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\6831f648f5b925f1194f691b0b491662\System.WorkflowServices.ni.dll
MOD - [2012.10.08 06:09:37 | 000,369,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\dc86fe1c7a6e3a7ce9e9c1f13d9b1e8e\System.ServiceModel.Routing.ni.dll
MOD - [2012.10.08 06:09:36 | 001,140,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\ec057796972ce41b751eaa3a8306fbcb\System.ServiceModel.Discovery.ni.dll
MOD - [2012.10.08 06:09:35 | 000,082,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\d09c237ee72af3935f1a01388ef8e315\System.ServiceModel.Channels.ni.dll
MOD - [2012.10.08 06:09:25 | 001,086,464 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\f42c2acdb000001066c78acfc6cd8655\System.ServiceModel.Web.ni.dll
MOD - [2012.10.08 06:07:52 | 001,393,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\5055b60e339143bbace5871f5fe4b114\System.ServiceModel.Activities.ni.dll
MOD - [2012.10.08 06:07:48 | 001,072,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\bd28f26b18b8ffeee1a0fbaa98f5810e\System.IdentityModel.ni.dll
MOD - [2012.10.08 06:07:46 | 018,058,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\cfece6f67593b4d8bb58d23b7fdcc470\System.ServiceModel.ni.dll
MOD - [2012.10.08 06:07:32 | 000,027,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorDataMgrSvcInt#\d4adb751b6243b8669237a5259e4a035\IAStorDataMgrSvcInterfaces.ni.dll
MOD - [2012.10.08 06:07:29 | 000,026,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorCommon\7da8678130c6186e5635f0dab9de8bae\IAStorCommon.ni.dll
MOD - [2012.10.08 06:07:26 | 000,361,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorUtil\eaf38851778a2b0b790de0f2f41af37b\IAStorUtil.ni.dll
MOD - [2012.10.08 06:07:07 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\79ac99fe5274fb82ffcff2c15f71854c\System.Runtime.DurableInstancing.ni.dll
MOD - [2012.10.08 06:07:06 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8a9fac9cb825b5d2db0bdb867fff940e\System.Runtime.Serialization.ni.dll
MOD - [2012.10.08 06:07:06 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\bb97517e4ca64e02282fca24612ce8ad\SMDiagnostics.ni.dll
MOD - [2012.10.08 06:06:56 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d234eceae699d070b5a5712ce776c01f\System.Xaml.ni.dll
MOD - [2012.10.08 04:47:35 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll
MOD - [2012.10.08 04:47:28 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll
MOD - [2012.10.08 04:45:30 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll
MOD - [2012.10.08 04:45:28 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll
MOD - [2012.10.08 04:45:26 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll
MOD - [2012.10.08 04:45:21 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll
MOD - [2012.10.08 04:45:17 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
MOD - [2012.09.07 15:19:12 | 000,397,312 | ---- | M] () -- D:\Program Files (x86)\Orbitdownloader\wtlctrl.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012.10.06 14:49:46 | 000,009,216 | ---- | M] () [Auto | Running] -- D:\Program Files\USBLogon\usblonsvc.exe -- (USBLogonService)
SRV:64bit: - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- D:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012.07.28 04:09:44 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.09.27 21:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- D:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe -- (LBTServ)
SRV:64bit: - [2011.01.26 13:38:11 | 000,350,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\ftpsvc.dll -- (ftpsvc)
SRV:64bit: - [2010.11.21 05:24:51 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\snmp.exe -- (SNMP)
SRV:64bit: - [2010.11.21 05:24:38 | 000,189,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqtgsvc.exe -- (MSMQTriggers)
SRV:64bit: - [2010.11.21 05:24:38 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\inetinfo.exe -- (IISADMIN)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:41:10 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iprip.dll -- (iprip)
SRV:64bit: - [2009.07.14 03:39:56 | 000,010,752 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\WMSvc.exe -- (WMSVC)
SRV:64bit: - [2009.07.14 03:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp)
SRV:64bit: - [2009.07.14 03:39:20 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqsvc.exe -- (MSMQ)
SRV:64bit: - [2009.07.14 03:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
SRV - [2012.10.14 07:24:19 | 000,115,168 | ---- | M] (Mozilla Foundation) [Auto | Stopped] -- D:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.13 10:59:52 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.09.24 16:05:00 | 000,384,888 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- D:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2012.09.24 16:04:32 | 000,393,080 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- D:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2012.09.24 14:46:16 | 001,328,736 | ---- | M] (Secunia) [Auto | Running] -- D:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2012.09.24 14:46:16 | 000,656,480 | ---- | M] (Secunia) [Auto | Running] -- D:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2012.08.31 16:02:02 | 002,754,984 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- D:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.08.17 04:37:50 | 000,007,168 | ---- | M] (Intel Corporation) [Auto | Running] -- D:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- D:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- D:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011.05.24 10:33:30 | 001,840,128 | ---- | M] (MAGIX AG) [Auto | Running] -- D:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2011.04.26 13:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- D:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2010.11.21 05:25:10 | 000,047,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\snmp.exe -- (SNMP)
SRV - [2010.11.21 05:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010.11.21 05:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010.11.21 05:24:51 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.07.14 03:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.10.14 08:19:29 | 000,027,760 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2012.10.14 08:19:29 | 000,014,448 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2012.09.12 15:20:04 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012.08.21 11:13:13 | 000,969,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012.08.21 11:13:13 | 000,359,464 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012.08.21 11:13:13 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012.08.21 11:13:12 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012.08.21 11:13:12 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012.08.21 11:13:11 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.08.20 14:48:50 | 000,019,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2012.08.20 14:48:48 | 000,012,384 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2012.08.17 04:33:42 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012.08.17 04:33:38 | 000,027,456 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:64bit: - [2012.07.28 06:07:44 | 010,278,912 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.07.28 03:14:46 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.06.05 13:45:16 | 000,237,968 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.16 16:20:10 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)
DRV:64bit: - [2011.09.02 08:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011.09.02 08:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:24:15 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:26:13 | 000,189,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mqac.sys -- (MQAC)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.01 23:05:32 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2007.05.09 01:00:00 | 000,183,200 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\V0470Vid.sys -- (VF0470Vid)
DRV - [2012.10.08 02:22:42 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2012.09.24 16:04:50 | 000,071,032 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- D:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D4 A4 66 F9 21 A3 CD 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "https://www.google.de/"
FF - prefs.js..extensions.enabledAddons: wrc@avast.com:7.0.1466
FF - prefs.js..extensions.enabledAddons: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.10
FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.10
FF - prefs.js..extensions.enabledAddons: {988da70d-b78d-44a1-a9c7-ed11832a9e2e}:1.3
FF - prefs.js..extensions.enabledAddons: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.6.7
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: D:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: D:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: D:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: D:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: D:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: D:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: D:\Program Files\AVAST Software\Avast\WebRep\FF [2012.10.05 21:04:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: D:\Program Files (x86)\Mozilla Firefox\components [2012.10.14 07:24:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: D:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Components: D:\Program Files (x86)\Mozilla Thunderbird\components [2012.10.11 16:54:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Plugins: D:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2012.10.05 21:51:11 | 000,000,000 | ---D | M] (No name found) -- D:\Users\******\AppData\Roaming\Mozilla\Extensions
[2012.10.05 21:51:11 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- D:\Users\******\AppData\Roaming\Mozilla\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.10.05 21:51:11 | 000,000,000 | ---D | M] (DownloadHelper) -- D:\Users\******\AppData\Roaming\Mozilla\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.10.05 21:51:11 | 000,000,000 | ---D | M] (IMinent Toolbar) -- D:\Users\******\AppData\Roaming\Mozilla\Extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2012.10.05 21:51:11 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- D:\Users\******\AppData\Roaming\Mozilla\Extensions\battlefieldplay4free@ea.com
[2012.10.05 21:51:11 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- D:\Users\******\AppData\Roaming\Mozilla\Extensions\ich@maltegoetz.de
[2012.10.18 18:16:10 | 000,000,000 | ---D | M] (No name found) -- D:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\5g4bf4er.default\extensions
[2012.10.18 18:16:10 | 000,000,000 | ---D | M] (PriceGong) -- D:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\5g4bf4er.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}
[2012.10.06 01:20:40 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- D:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\5g4bf4er.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.10.08 23:50:25 | 000,000,000 | ---D | M] (DownloadHelper) -- D:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\5g4bf4er.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.08.30 18:22:28 | 000,079,759 | ---- | M] () (No name found) -- D:\Users\******\AppData\Roaming\Mozilla\Extensions\jid0-VYmz57LiwomhDdFigX6o1UAZnIE@jetpack.xpi
[2012.08.31 00:13:38 | 000,340,132 | ---- | M] () (No name found) -- D:\Users\******\AppData\Roaming\Mozilla\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
[2012.08.31 00:12:48 | 000,709,293 | ---- | M] () (No name found) -- D:\Users\******\AppData\Roaming\Mozilla\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2012.10.12 21:28:29 | 000,015,162 | ---- | M] () (No name found) -- D:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\5g4bf4er.default\extensions\{988da70d-b78d-44a1-a9c7-ed11832a9e2e}.xpi
[2012.10.14 07:24:16 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files (x86)\mozilla firefox\extensions
[2012.10.14 07:24:16 | 000,000,000 | ---D | M] (Skype Click to Call) -- D:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.10.05 21:04:17 | 000,000,000 | ---D | M] (avast! WebRep) -- D:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
File not found (No name found) -- D:\USERS\****** ******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5G4BF4ER.DEFAULT\EXTENSIONS\{8A9386B4-E958-4C4C-ADF4-8F26DB3E4829}
File not found (No name found) -- D:\USERS\****** ******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5G4BF4ER.DEFAULT\EXTENSIONS\{988DA70D-B78D-44A1-A9C7-ED11832A9E2E}.XPI
File not found (No name found) -- D:\USERS\****** ******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5G4BF4ER.DEFAULT\EXTENSIONS\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
File not found (No name found) -- D:\USERS\****** ******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5G4BF4ER.DEFAULT\EXTENSIONS\{B9DB16A4-6EDC-47EC-A1F4-B86292ED211D}
[2012.10.14 07:24:20 | 000,261,600 | ---- | M] (Mozilla Foundation) -- D:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.08.25 04:49:52 | 000,001,392 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.25 04:49:52 | 000,002,465 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.08.25 04:49:52 | 000,001,153 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.08.25 04:49:52 | 000,006,805 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.08.25 04:49:52 | 000,001,178 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.08.25 04:49:52 | 000,001,105 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (Shopping Assistant Plugin) - {1631550F-191D-4826-B069-D9439253D926} - D:\Program Files (x86)\PriceGong\2.6.7\PriceGongIE.dll (PriceGong)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - D:\Program Files (x86)\Orbitdownloader\GrabPro.dll ()
O4:64bit: - HKLM..\Run: [EvtMgr6] D:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [MsmqIntCert] C:\Windows\SysNative\mqrt.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] D:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast] D:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IAStorIcon] D:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: D:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk = D:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
O4 - Startup: D:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SystemExplorerDisabled [2012.10.13 11:06:50 | 000,000,000 | -H-D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: &Download by Orbit - D:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: &Grab video by Orbit - D:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Do&wnload selected by Orbit - D:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Down&load all by Orbit - D:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Free YouTube Download - D:\Users\******\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - D:\Users\******\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: &Download by Orbit - D:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - D:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - D:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - D:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Free YouTube Download - D:\Users\******\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - D:\Users\******\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - D:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - D:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4BF905C7-4B4C-420D-8345-806629704CEA}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EFA8E424-6B7C-4AA9-8D78-2E9AF48B83F9}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (d:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - d:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{e37e847d-15a3-11e2-a9d9-001fd0a154cb}\Shell - "" = AutoRun
O33 - MountPoints2\{e37e847d-15a3-11e2-a9d9-001fd0a154cb}\Shell\AutoRun\command - "" = L:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.19 04:55:25 | 000,602,112 | ---- | C] (OldTimer Tools) -- D:\Users\******\Desktop\OTL.exe
[2012.10.19 04:54:16 | 000,000,000 | ---D | C] -- D:\Users\******\Desktop\Log Daten
[2012.10.19 04:53:08 | 000,000,000 | ---D | C] -- D:\Users\******\Desktop\Programme
[2012.10.19 04:44:16 | 010,669,952 | ---- | C] (Malwarebytes Corporation                                    ) -- D:\Users\******\Desktop\mbam-setup-1.65.1.1000.exe
[2012.10.19 03:04:15 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\MyPhoneExplorer
[2012.10.18 23:29:11 | 000,000,000 | ---D | C] -- C:\Users
[2012.10.18 21:06:24 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\TeamViewer
[2012.10.18 18:54:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
[2012.10.18 18:16:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong
[2012.10.18 18:16:09 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\PriceGong
[2012.10.18 18:16:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
[2012.10.18 18:16:01 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\MyPhoneExplorer
[2012.10.18 08:31:36 | 000,000,000 | ---D | C] -- D:\Users\******\Documents\DVDVideoSoft
[2012.10.18 07:58:28 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Local\FreeCommanderXE
[2012.10.18 07:58:27 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\FreeCommander XE
[2012.10.18 06:54:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7M
[2012.10.18 06:54:27 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\ICQ Search
[2012.10.18 06:54:07 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\ICQ
[2012.10.18 06:54:03 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\ICQ7M
[2012.10.18 06:50:18 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacksSetup
[2012.10.18 06:50:08 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\BlueStacks
[2012.10.18 06:50:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
[2012.10.18 06:50:08 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacks
[2012.10.18 06:14:27 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Radeon RAMDisk
[2012.10.18 06:06:28 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\ProgSense
[2012.10.18 06:06:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orbit
[2012.10.18 06:06:25 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\GrabPro
[2012.10.18 06:06:25 | 000,000,000 | ---D | C] -- C:\downloads
[2012.10.18 06:06:22 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Orbitdownloader
[2012.10.18 06:05:36 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Orbit
[2012.10.18 05:59:49 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\JDownloader
[2012.10.15 00:25:06 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012.10.14 11:31:33 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Opera
[2012.10.14 11:31:33 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Local\Opera
[2012.10.14 11:31:30 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Opera
[2012.10.14 08:19:29 | 000,027,760 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggsemc.sys
[2012.10.14 08:19:29 | 000,014,448 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggflt.sys
[2012.10.14 08:19:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Ericsson
[2012.10.14 08:19:24 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Sony Ericsson
[2012.10.14 08:19:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012.10.14 08:19:05 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\Java
[2012.10.14 08:18:55 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Java
[2012.10.14 08:16:56 | 000,000,000 | ---D | C] -- D:\Users\******\Podcasts
[2012.10.14 08:16:56 | 000,000,000 | ---D | C] -- D:\Users\******\Documents\Media Go
[2012.10.14 08:14:36 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Local\Sony
[2012.10.14 08:14:34 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\Sony Shared
[2012.10.14 08:14:04 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Local\Downloaded Installations
[2012.10.14 08:13:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Corporation
[2012.10.14 08:12:36 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Sony Media Go Install
[2012.10.14 08:12:36 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Sony
[2012.10.14 08:07:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2012.10.14 08:07:29 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Sony
[2012.10.14 08:07:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
[2012.10.14 07:24:16 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Mozilla Firefox
[2012.10.13 12:18:35 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RMPrepUSB
[2012.10.13 12:18:34 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\RMPrepUSB
[2012.10.13 11:09:13 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\SeriousBit
[2012.10.13 11:06:50 | 000,000,000 | -H-D | C] -- D:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SystemExplorerDisabled
[2012.10.13 10:59:09 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Local\Secunia PSI
[2012.10.13 10:52:37 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\System Explorer
[2012.10.13 10:52:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnhanceMySe7en
[2012.10.13 10:52:24 | 000,000,000 | ---D | C] -- D:\Program Files\EnhanceMySe7en
[2012.10.13 10:52:06 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Secunia
[2012.10.13 10:51:48 | 000,000,000 | ---D | C] -- D:\Program Files\USBLogon
[2012.10.13 10:51:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quadsoft USBLogon
[2012.10.13 04:24:11 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\MAGIX
[2012.10.13 04:24:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
[2012.10.13 04:24:09 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\simplitec
[2012.10.13 04:24:09 | 000,000,000 | ---D | C] -- C:\ProgramData\simplitec
[2012.10.13 04:24:08 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\simplitec
[2012.10.13 04:24:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec
[2012.10.13 04:24:06 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2012.10.13 04:24:04 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\MAGIX Services
[2012.10.13 04:24:02 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\MSXML 4.0
[2012.10.13 04:23:23 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Tonium
[2012.10.13 04:22:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tonium
[2012.10.13 04:22:48 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Tonium
[2012.10.13 04:22:10 | 000,000,000 | ---D | C] -- D:\Users\******\Documents\MAGIX Downloads
[2012.10.13 04:22:09 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\MAGIX
[2012.10.12 21:38:01 | 000,000,000 | ---D | C] -- D:\Users\******\dwhelper
[2012.10.10 22:59:47 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\CrystalDiskInfo
[2012.10.09 05:38:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Home Edition 7.6
[2012.10.09 05:38:52 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\MiniTool Partition Wizard Home Edition 7.6
[2012.10.08 22:51:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard Company
[2012.10.08 21:22:08 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Malwarebytes
[2012.10.08 21:22:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.08 21:22:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.10.08 21:22:03 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.10.08 21:22:03 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.10.08 03:40:01 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Seagate
[2012.10.08 03:40:00 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Seagate
[2012.10.08 03:39:29 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012.10.08 03:29:30 | 000,000,000 | ---D | C] -- D:\Users\******\Documents\TCeinstellung
[2012.10.08 03:16:05 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.10.08 01:33:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
[2012.10.08 01:33:45 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\GIGABYTE
[2012.10.08 00:31:36 | 000,000,000 | ---D | C] -- D:\Program Files\Tracker Software
[2012.10.07 23:08:02 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2012.10.07 23:08:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2012.10.07 23:08:01 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\SpeedFan
[2012.10.07 19:29:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012.10.07 19:28:22 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft Silverlight
[2012.10.07 19:28:22 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Microsoft Silverlight
[2012.10.07 19:20:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack x64
[2012.10.07 19:20:23 | 000,000,000 | ---D | C] -- D:\Program Files\K-Lite Codec Pack x64
[2012.10.07 14:37:55 | 000,000,000 | ---D | C] -- D:\Users\******\Documents\iMacros
[2012.10.07 12:36:36 | 000,000,000 | ---D | C] -- D:\Users\******\Tracing
[2012.10.07 12:34:24 | 000,000,000 | ---D | C] -- C:\Windows\de
[2012.10.07 12:33:47 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2012.10.07 12:33:31 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2012.10.07 12:33:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2012.10.07 12:33:29 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Live
[2012.10.07 12:33:23 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012.10.07 12:33:16 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Windows Live
[2012.10.07 12:32:40 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Microsoft SkyDrive
[2012.10.07 12:32:39 | 000,000,000 | R--D | C] -- D:\Users\******\SkyDrive
[2012.10.07 12:32:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive
[2012.10.07 12:32:12 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Local\Windows Live
[2012.10.07 12:31:56 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\Windows Live
[2012.10.07 08:23:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emerge Desktop
[2012.10.07 08:09:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs
[2012.10.07 08:09:01 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Shark007
[2012.10.07 08:09:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Shark007
[2012.10.07 08:08:58 | 001,416,704 | ---- | C] (MPC-HC Team) -- C:\Windows\SysNative\VSFilter.dll
[2012.10.07 08:08:58 | 000,361,472 | ---- | C] (fccHandler) -- C:\Windows\SysNative\aacacm.acm
[2012.10.07 08:08:58 | 000,180,736 | ---- | C] (fccHandler) -- C:\Windows\SysNative\ac3acm.acm
[2012.10.07 08:08:58 | 000,124,909 | ---- | C] (Open Source Software community project) -- C:\Windows\SysNative\pthreadGC2.dll
[2012.10.07 08:08:58 | 000,000,000 | ---D | C] -- D:\Program Files\Shark007
[2012.10.06 21:45:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
[2012.10.06 21:44:53 | 000,811,008 | ---- | C] (Pizzolato Davide - www.xdp.it) -- C:\Windows\SysWow64\cximage.dll
[2012.10.06 21:41:24 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Skype
[2012.10.06 21:41:21 | 000,000,000 | R--D | C] -- D:\Program Files (x86)\Skype
[2012.10.06 21:41:21 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\Skype
[2012.10.06 21:41:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.10.06 21:41:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012.10.06 19:25:29 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\vlc
[2012.10.06 19:01:09 | 000,000,000 | ---D | C] -- D:\Users\******\Local Settings
[2012.10.06 18:57:08 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\SoundControl
[2012.10.06 18:57:03 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SoundControl
[2012.10.06 18:57:03 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\SoundControl
[2012.10.06 18:56:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mixxx
[2012.10.06 18:56:50 | 000,000,000 | ---D | C] -- D:\Program Files\Mixxx
[2012.10.06 01:30:13 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Microsoft
[2012.10.06 01:20:39 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.10.06 01:20:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2012.10.06 01:19:11 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\DVDVideoSoft
[2012.10.06 01:19:11 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\DVDVideoSoft
[2012.10.06 01:18:39 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\DVDVideoSoft
[2012.10.05 23:39:30 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\wargaming.net
[2012.10.05 23:39:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
[2012.10.05 23:39:20 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012.10.05 23:11:02 | 000,000,000 | ---D | C] -- D:\Program Files\Easersoft
[2012.10.05 23:05:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012.10.05 23:05:27 | 000,000,000 | ---D | C] -- D:\Program Files\VideoLAN
[2012.10.05 23:00:24 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Mozilla Maintenance Service
[2012.10.05 23:00:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.10.05 22:17:43 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\TeamViewer
[2012.10.05 22:08:06 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Microsoft.NET
[2012.10.05 21:22:04 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\TS3Client
[2012.10.05 21:20:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2012.10.05 21:04:25 | 000,359,464 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012.10.05 21:04:25 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012.10.05 21:04:25 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012.10.05 21:04:25 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012.10.05 21:04:25 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Local\Google
[2012.10.05 21:04:25 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Google
[2012.10.05 21:04:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012.10.05 21:04:24 | 000,969,200 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012.10.05 21:04:24 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012.10.05 21:04:24 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012.10.05 21:04:12 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012.10.05 21:04:12 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.10.05 21:04:04 | 000,000,000 | ---D | C] -- D:\Program Files\AVAST Software
[2012.10.05 21:04:04 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012.10.05 21:00:39 | 000,000,000 | ---D | C] -- D:\Program Files\TeamSpeak 3 Client
[2012.10.05 20:55:38 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Local\Macromedia
[2012.10.05 20:52:42 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Local\Mozilla
[2012.10.05 20:50:21 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Thunderbird
[2012.10.05 20:50:21 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Local\Thunderbird
[2012.10.05 20:50:21 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Mozilla
[2012.10.05 20:47:21 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\MozBackup
[2012.10.05 20:46:37 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Mozilla Thunderbird
[2012.10.05 20:16:25 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\WinRAR
[2012.10.05 20:16:25 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.10.05 20:16:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.10.05 20:16:23 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\WinRAR
[2012.10.05 20:16:19 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\7-Zip
[2012.10.05 20:16:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012.10.05 20:10:20 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Local\ElevatedDiagnostics
[2012.10.05 19:55:15 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Macromedia
[2012.10.05 19:55:15 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Adobe
[2012.10.05 19:55:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012.10.05 19:17:23 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\Intel Corporation
[2012.10.05 19:16:43 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Intel Corporation
[2012.10.05 19:15:43 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\ATI
[2012.10.05 19:15:43 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Local\ATI
[2012.10.05 19:15:43 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012.10.05 19:07:49 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2012.10.05 19:04:25 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012.10.05 19:04:25 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Intel
[2012.10.05 19:04:13 | 000,000,000 | ---D | C] -- C:\Intel
[2012.10.05 19:03:07 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\AMD APP
[2012.10.05 19:03:06 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\ATI Technologies
[2012.10.05 19:03:06 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\ATI Technologies
[2012.10.05 19:03:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2012.10.05 19:02:47 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\ATI Technologies
[2012.10.05 19:02:46 | 000,000,000 | ---D | C] -- D:\Program Files\ATI
[2012.10.05 19:02:01 | 000,000,000 | ---D | C] -- D:\Program Files\ATI Technologies
[2012.10.05 18:59:23 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Local\LogiShrd
[2012.10.05 18:58:38 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Leadertech
[2012.10.05 18:58:37 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\LogiShrd
[2012.10.05 18:58:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2012.10.05 18:58:25 | 000,000,000 | ---D | C] -- D:\Users\Public\Documents\LogiShrd
[2012.10.05 18:58:23 | 000,000,000 | ---D | C] -- D:\Program Files\Logitech
[2012.10.05 18:58:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Logishrd
[2012.10.05 18:58:19 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012.10.05 18:57:10 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\LogiShrd
[2012.10.05 18:57:08 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Logitech
[2012.10.05 18:57:08 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Logishrd
[2012.10.05 18:55:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2012.10.05 18:55:47 | 002,080,120 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2012.10.05 18:55:47 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2012.10.05 18:55:47 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2012.10.05 18:55:47 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2012.10.05 18:55:47 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2012.10.05 18:55:47 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2012.10.05 18:55:47 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2012.10.05 18:55:47 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2012.10.05 18:55:47 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2012.10.05 18:55:47 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2012.10.05 18:55:47 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2012.10.05 18:55:46 | 002,535,008 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012.10.05 18:55:46 | 002,028,920 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2012.10.05 18:55:46 | 000,834,936 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2012.10.05 18:55:46 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2012.10.05 18:55:46 | 000,110,592 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2012.10.05 18:55:46 | 000,000,000 | -H-D | C] -- D:\Program Files (x86)\InstallShield Installation Information
[2012.10.05 18:55:46 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Realtek
[2012.10.05 18:54:51 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\InstallShield
[2012.10.05 18:53:29 | 000,000,000 | ---D | C] -- D:\Program Files\Realtek
[2012.10.05 18:53:27 | 007,163,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64H.dll
[2012.10.05 18:53:27 | 000,433,504 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64H.dll
[2012.10.05 18:53:27 | 000,372,056 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64H.dll
[2012.10.05 18:53:27 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DHT64.dll
[2012.10.05 18:53:27 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DAA64.dll
[2012.10.05 18:53:27 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64H.dll
[2012.10.05 18:53:27 | 000,141,152 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64H.dll
[2012.10.05 18:53:27 | 000,123,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64H.dll
[2012.10.05 18:53:27 | 000,097,624 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64H.dll
[2012.10.05 18:53:27 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64H.dll
[2012.10.05 18:53:27 | 000,074,592 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64H.dll
[2012.10.05 18:53:16 | 000,000,000 | -H-D | C] -- D:\Program Files (x86)\Temp
[2012.10.05 18:43:21 | 000,000,000 | ---D | C] -- D:\Users\Public\Documents\DriverGenius
[2012.10.05 18:42:56 | 000,000,000 | ---D | C] -- C:\ProgramData\DriverGenius
[2012.10.05 18:34:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer
[2012.10.05 18:34:33 | 000,000,000 | ---D | C] -- C:\Windows\ShellNew
[2012.10.05 18:34:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\msmq
[2012.10.05 18:34:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\FxsTmp
[2012.10.05 18:34:33 | 000,000,000 | ---D | C] -- C:\Windows\ehome
[2012.10.05 18:34:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\BestPractices
[2012.10.05 18:34:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\BestPractices
[2012.10.05 18:34:33 | 000,000,000 | ---D | C] -- C:\Windows\addins
[2012.10.05 18:34:32 | 000,000,000 | RH-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2012.10.05 18:34:32 | 000,000,000 | ---D | C] -- C:\inetpub
[2012.10.05 18:34:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\FxsTmp
[2012.10.05 18:34:30 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Windows Sidebar
[2012.10.05 18:34:30 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Windows Media Player
[2012.10.05 18:34:30 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Reference Assemblies
[2012.10.05 18:34:30 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\MSBuild
[2012.10.05 18:34:28 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Sidebar
[2012.10.05 18:34:27 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Journal
[2012.10.05 18:34:27 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft Games
[2012.10.05 18:34:26 | 000,000,000 | ---D | C] -- D:\Program Files\Reference Assemblies
[2012.10.05 18:34:26 | 000,000,000 | ---D | C] -- D:\Program Files\MSBuild
[2012.10.05 18:29:31 | 000,000,000 | -H-D | C] -- D:\Program Files (x86)\Uninstall Information
[2012.10.05 18:29:31 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Portable Devices
[2012.10.05 18:29:31 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Windows Portable Devices
[2012.10.05 18:29:31 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Photo Viewer
[2012.10.05 18:29:31 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Windows Photo Viewer
[2012.10.05 18:29:31 | 000,000,000 | ---D | C] -- D:\Program Files\Windows NT
[2012.10.05 18:29:31 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Windows NT
[2012.10.05 18:29:31 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Media Player
[2012.10.05 18:29:31 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Windows Mail
[2012.10.05 18:29:31 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Windows Defender
[2012.10.05 18:29:31 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\System
[2012.10.05 18:29:31 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\SpeechEngines
[2012.10.05 18:29:31 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\Services
[2012.10.05 18:29:31 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\microsoft shared
[2012.10.05 18:29:31 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Internet Explorer
[2012.10.05 18:29:31 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files
[2012.10.05 18:29:30 | 000,000,000 | -H-D | C] -- D:\Program Files\Uninstall Information
[2012.10.05 18:29:30 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Mail
[2012.10.05 18:29:30 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Defender
[2012.10.05 18:29:30 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\System
[2012.10.05 18:29:30 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\SpeechEngines
[2012.10.05 18:29:30 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Services
[2012.10.05 18:29:30 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Microsoft Shared
[2012.10.05 18:29:30 | 000,000,000 | ---D | C] -- D:\Program Files\DVD Maker
[2012.10.05 18:29:30 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files
[2012.10.05 17:54:15 | 000,000,000 | R--D | C] -- D:\Users\******\Videos
[2012.10.05 17:54:15 | 000,000,000 | R--D | C] -- D:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.10.05 17:54:15 | 000,000,000 | R--D | C] -- D:\Users\******\Saved Games
[2012.10.05 17:54:15 | 000,000,000 | R--D | C] -- D:\Users\******\Pictures
[2012.10.05 17:54:15 | 000,000,000 | R--D | C] -- D:\Users\******\Music
[2012.10.05 17:54:15 | 000,000,000 | R--D | C] -- D:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.10.05 17:54:15 | 000,000,000 | R--D | C] -- D:\Users\******\Links
[2012.10.05 17:54:15 | 000,000,000 | R--D | C] -- D:\Users\******\Favorites
[2012.10.05 17:54:15 | 000,000,000 | R--D | C] -- D:\Users\******\Downloads
[2012.10.05 17:54:15 | 000,000,000 | R--D | C] -- D:\Users\******\Documents
[2012.10.05 17:54:15 | 000,000,000 | R--D | C] -- D:\Users\******\Desktop
[2012.10.05 17:54:15 | 000,000,000 | R--D | C] -- D:\Users\******\Contacts
[2012.10.05 17:54:15 | 000,000,000 | R--D | C] -- D:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.10.05 17:54:15 | 000,000,000 | R--D | C] -- D:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.10.05 17:54:15 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Local\VirtualStore
[2012.10.05 17:54:15 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Local\Temp
[2012.10.05 17:54:15 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Media Center Programs
[2012.10.05 17:54:15 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Identities
[2012.10.05 17:52:08 | 000,000,000 | R--D | C] -- D:\Users\******\Searches
[2012.10.05 17:50:43 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Local\Microsoft
[2012.10.05 17:50:26 | 000,000,000 | ---D | C] -- D:\Users\******\AppData\Roaming\Microsoft
[2012.10.05 17:50:26 | 000,000,000 | ---D | C] -- D:\Users\******\AppData
[2012.10.05 17:12:49 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012.10.05 16:55:36 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012.10.05 16:19:22 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012.10.05 16:19:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2012.10.05 16:19:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2012.10.05 16:19:21 | 000,000,000 | -HSD | C] -- C:\Programme
[2012.10.05 16:19:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2012.10.05 16:19:21 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2012.10.05 16:19:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2012.10.05 16:19:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2012.10.05 16:19:19 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.10.05 16:13:40 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012.10.05 16:13:27 | 000,000,000 | -HSD | C] -- C:\System Volume Information
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.19 04:55:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Users\******\Desktop\OTL.exe
[2012.10.19 04:54:53 | 000,000,000 | ---- | M] () -- D:\Users\******\defogger_reenable
[2012.10.19 04:48:56 | 000,050,477 | ---- | M] () -- D:\Users\******\Desktop\Defogger.exe
[2012.10.19 04:45:27 | 000,001,149 | ---- | M] () -- D:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.10.19 04:44:19 | 010,669,952 | ---- | M] (Malwarebytes Corporation                                    ) -- D:\Users\******\Desktop\mbam-setup-1.65.1.1000.exe
[2012.10.19 04:44:02 | 000,001,781 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Orbit.lnk
[2012.10.19 03:04:28 | 001,833,466 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.10.19 03:04:28 | 000,784,310 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.10.19 03:04:28 | 000,723,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.10.19 03:04:28 | 000,179,100 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.10.19 03:04:28 | 000,146,200 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.10.19 01:01:10 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.19 01:01:10 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.18 23:42:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.17 14:28:15 | 000,000,000 | -H-- | M] () -- D:\Users\******\Documents\Default.rdp
[2012.10.14 08:35:36 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggsemc_01009.Wdf
[2012.10.14 08:35:36 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggflt_01009.Wdf
[2012.10.14 08:19:29 | 000,027,760 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggsemc.sys
[2012.10.14 08:19:29 | 000,014,448 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggflt.sys
[2012.10.13 17:22:55 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.08 22:11:50 | 001,801,110 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.10.08 01:46:06 | 000,001,376 | ---- | M] () -- D:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2012.10.07 23:08:01 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2012.10.05 22:03:55 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.10.05 21:30:34 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.10.05 21:30:34 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012.10.05 21:04:24 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012.10.05 19:15:14 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2012.10.05 18:36:44 | 000,000,535 | ---- | M] () -- C:\Windows\SysWow64\mapisvc.inf
[2012.10.05 17:20:20 | 000,000,035 | ---- | M] () -- C:\Windows\VB.MNM
[2012.10.05 16:15:52 | 000,159,772 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012.10.05 16:15:52 | 000,159,772 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012.10.05 16:14:14 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.09.29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.09.20 20:00:00 | 000,127,488 | ---- | M] () -- C:\Windows\SysNative\ff_vfw.dll
 
========== Files Created - No Company Name ==========
 
[2012.10.19 04:54:53 | 000,000,000 | ---- | C] () -- D:\Users\******\defogger_reenable
[2012.10.19 04:48:55 | 000,050,477 | ---- | C] () -- D:\Users\******\Desktop\Defogger.exe
[2012.10.18 18:22:05 | 000,001,149 | ---- | C] () -- D:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.10.18 06:06:29 | 000,001,781 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Orbit.lnk
[2012.10.18 06:00:19 | 000,002,051 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
[2012.10.18 06:00:19 | 000,002,035 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2012.10.18 06:00:19 | 000,001,980 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2012.10.17 14:28:15 | 000,000,000 | -H-- | C] () -- D:\Users\******\Documents\Default.rdp
[2012.10.14 11:31:31 | 000,001,761 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2012.10.14 08:35:36 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggsemc_01009.Wdf
[2012.10.14 08:35:36 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggflt_01009.Wdf
[2012.10.13 10:59:58 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.13 10:52:07 | 000,000,981 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2012.10.09 05:38:58 | 002,966,720 | ---- | C] () -- C:\Windows\SysNative\pwNative.exe
[2012.10.09 05:38:58 | 000,019,032 | ---- | C] () -- C:\Windows\SysNative\pwdrvio.sys
[2012.10.09 05:38:58 | 000,012,384 | ---- | C] () -- C:\Windows\SysNative\pwdspio.sys
[2012.10.08 01:46:06 | 000,001,376 | ---- | C] () -- D:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2012.10.07 23:08:01 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2012.10.07 12:34:18 | 000,001,183 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
[2012.10.07 12:34:14 | 000,001,246 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
[2012.10.07 12:33:44 | 000,001,356 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2012.10.07 12:33:42 | 000,002,372 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2012.10.07 12:32:39 | 000,002,231 | ---- | C] () -- D:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
[2012.10.07 08:09:00 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2012.10.07 08:08:58 | 004,408,832 | ---- | C] () -- C:\Windows\SysNative\x264vfw.dll
[2012.10.07 08:08:58 | 000,580,096 | ---- | C] () -- C:\Windows\SysNative\ac3filter.acm
[2012.10.07 08:08:58 | 000,206,336 | ---- | C] () -- C:\Windows\SysNative\unrar.dll
[2012.10.07 08:08:58 | 000,148,992 | ---- | C] ( ) -- C:\Windows\SysNative\lagarith.dll
[2012.10.07 08:08:58 | 000,137,216 | ---- | C] () -- C:\Windows\SysNative\mlc.dll
[2012.10.07 08:08:58 | 000,127,488 | ---- | C] () -- C:\Windows\SysNative\ff_vfw.dll
[2012.10.06 21:44:54 | 000,057,656 | ---- | C] () -- C:\Windows\SysNative\drivers\V0470PC.bmp
[2012.10.06 21:44:54 | 000,003,632 | ---- | C] () -- C:\Windows\VF0470.uns
[2012.10.06 21:44:53 | 000,188,891 | ---- | C] () -- C:\Windows\SysWow64\V0470Cvw.bff
[2012.10.05 22:17:46 | 000,000,988 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk
[2012.10.05 21:30:34 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.10.05 21:30:34 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012.10.05 21:04:24 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012.10.05 20:47:05 | 000,001,044 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.10.05 20:46:38 | 000,001,990 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2012.10.05 19:15:14 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.10.05 18:55:47 | 000,336,393 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2012.10.05 18:37:40 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012.10.05 18:37:38 | 000,001,246 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
[2012.10.05 18:37:37 | 000,001,222 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012.10.05 18:37:37 | 000,001,216 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
[2012.10.05 18:37:36 | 000,001,409 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2012.10.05 18:37:22 | 001,801,110 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.10.05 18:36:44 | 000,001,210 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
[2012.10.05 17:20:20 | 000,000,035 | ---- | C] () -- C:\Windows\VB.MNM
[2012.10.05 16:19:43 | 000,001,461 | ---- | C] () -- D:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.10.05 16:14:14 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.07.28 03:39:50 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.07.28 03:39:50 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.10.11 02:18:55 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\DVDVideoSoft
[2012.10.06 01:20:40 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.10.18 06:06:25 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\GrabPro
[2012.10.18 22:25:09 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\ICQ
[2012.10.18 06:54:27 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\ICQ Search
[2012.10.05 18:58:38 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\Leadertech
[2012.10.13 04:29:19 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\MAGIX
[2012.10.19 03:08:09 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\MyPhoneExplorer
[2012.10.14 11:31:33 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\Opera
[2012.10.19 04:44:02 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\Orbit
[2012.10.18 06:06:28 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\ProgSense
[2012.10.13 11:09:13 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\SeriousBit
[2012.10.07 08:09:01 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\Shark007
[2012.10.13 04:24:09 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\simplitec
[2012.10.14 08:16:54 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\Sony
[2012.10.07 16:58:22 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\SoundControl
[2012.10.18 21:56:41 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\TeamViewer
[2012.10.05 20:50:21 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\Thunderbird
[2012.10.13 04:23:23 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\Tonium
[2012.10.06 02:28:15 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\TS3Client
[2012.10.06 01:32:43 | 000,000,000 | ---D | M] -- D:\Users\******\AppData\Roaming\wargaming.net
 
========== Purity Check ==========
 
 

< End of report >
--- --- ---

cosinus 24.10.2012 16:30
Passt ja doch in einem - ich hab mal die CODE-Tags korrigiert
Bitte die nächsten angeforderten Logs nicht mehr als Anhang wenn es direkt passt

Wie ich sehe ist dein Malwarebytes-Log ohne Funde. War das der erste und einzige Scan, sprich hat Malwarebytes nie etwas gefunden?

Sunbeam83 24.10.2012 19:46
Malwarebytes läuft immer und Ich habe bis heute keinen einzigen Fund.
Als Antiviren Software habe Ich Avast free auch dort ist bis heute kein Fund.
Bis auf ein paar kleineren Meldungen bei E-Mails oder Internet Seiten nix.

cosinus 24.10.2012 20:43
Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm!
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

Sunbeam83 24.10.2012 22:38
Log aswMBR.txt

Code:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-24 23:26:31
-----------------------------
23:26:31.410    OS Version: Windows x64 6.1.7601 Service Pack 1
23:26:31.410    Number of processors: 4 586 0xF0B
23:26:31.411    ComputerName: ROBERTKÖPPEN-PC  UserName: Robert Köppen
23:26:31.604    Initialize success
23:26:31.658    AVAST engine defs: 12102400
23:26:51.402    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000064
23:26:51.404    Disk 0 Vendor: ATA_____ M011 Size: 61053MB BusType: 11
23:26:51.406    Disk 1  \Device\Harddisk1\DR1 -> \Device\00000065
23:26:51.407    Disk 1 Vendor: ATA_____ A31B Size: 953868MB BusType: 11
23:26:51.409    Disk 2  \Device\Harddisk2\DR2 -> \Device\00000067
23:26:51.412    Disk 2 Vendor: ATA_____ 0003 Size: 1907729MB BusType: 11
23:26:51.416    Disk 0 MBR read successfully
23:26:51.418    Disk 0 MBR scan
23:26:51.422    Disk 0 Windows 7 default MBR code
23:26:51.424    Disk 0 Partition 1 00    07    HPFS/NTFS NTFS          100 MB offset 2048
23:26:51.428    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        60951 MB offset 206848
23:26:51.434    Disk 0 scanning C:\Windows\system32\drivers
23:26:53.858    Service scanning
23:26:59.336    Modules scanning
23:26:59.343    Disk 0 trace - called modules:
23:26:59.351    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys ACPI.sys storport.sys hal.dll iaStorA.sys
23:26:59.354    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80093b1060]
23:26:59.358    3 CLASSPNP.SYS[fffff88000db843f] -> nt!IofCallDriver -> [0xfffffa80092b0c50]
23:26:59.362    5 iaStorF.sys[fffff880018af168] -> nt!IofCallDriver -> [0xfffffa80091c0040]
23:26:59.366    7 ACPI.sys[fffff88000ee27a1] -> nt!IofCallDriver -> \Device\00000064[0xfffffa80081be660]
23:26:59.479    AVAST engine scan C:\Windows
23:26:59.697    File: C:\Windows\notepad.exe  **INFECTED** Win32:Ransom-WH [Trj]
23:26:59.914    AVAST engine scan C:\Windows\system32
23:27:15.791    File: C:\Windows\system32\notepad.exe  **INFECTED** Win32:Ransom-WH [Trj]
23:27:47.091    AVAST engine scan C:\Windows\system32\drivers
23:27:49.455    AVAST engine scan D:\Users\******
23:35:14.723    Disk 0 MBR has been saved successfully to "D:\Users\****\Desktop\MBR.dat"
23:35:14.729    The log file has been saved successfully to "D:\Users\****\Desktop\aswMBR.txt"

cosinus 25.10.2012 10:26
Code:
File: C:\Windows\notepad.exe  **INFECTED** Win32:Ransom-WH [Trj]
Normalweise ist diese Datei legitim. Entweder ist das ein Fehlalarm oder sie wurde manipuliert.
Bitte diese Datei bei Virustotal auswerten lassen und den Ergebnislink posten. Falls Du die Datei nicht siehst, musst Du sie evtl. vorher sichtbar machen.
Wenn die Datei schon ausgewertet sein sollte, bitte eine weitere Auswertung starten.

Sunbeam83 26.10.2012 09:43
Das Bekomme Ich nach dem Scan der Datei angezeigt.

File already analysed

This file was already analysed by VirusTotal on 2012-10-26 07:48:15.

Detection ratio: 0/41

You can take a look at the last analysis or analyse it again now.

cosinus 26.10.2012 13:22
Entweder ist das ein Fehlalarm oder eine Manipulation

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtg4nzy0ywy5/settings_2012-09-04.png

Sunbeam83 26.10.2012 18:11
Code:
19:09:35.0927 8076  TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
19:09:36.0257 8076  ============================================================
19:09:36.0257 8076  Current date / time: 2012/10/26 19:09:36.0257
19:09:36.0257 8076  SystemInfo:
19:09:36.0257 8076 
19:09:36.0257 8076  OS Version: 6.1.7601 ServicePack: 1.0
19:09:36.0257 8076  Product type: Workstation
19:09:36.0257 8076  ComputerName: ROBERTKÖPPEN-PC
19:09:36.0257 8076  UserName: Robert Köppen
19:09:36.0257 8076  Windows directory: C:\Windows
19:09:36.0257 8076  System windows directory: C:\Windows
19:09:36.0257 8076  Running under WOW64
19:09:36.0257 8076  Processor architecture: Intel x64
19:09:36.0257 8076  Number of processors: 4
19:09:36.0257 8076  Page size: 0x1000
19:09:36.0257 8076  Boot type: Normal boot
19:09:36.0257 8076  ============================================================
19:09:36.0496 8076  Drive \Device\Harddisk0\DR0 - Size: 0xEE7D4DE00 (59.62 Gb), SectorSize: 0x200, Cylinders: 0x2A65E, SectorsPerTrack: 0xC, TracksPerCylinder: 0x3C, Type 'K0', Flags 0x00000040
19:09:36.0505 8076  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0CADE00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:09:36.0505 8076  Drive \Device\Harddisk2\DR2 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:09:36.0521 8076  Drive \Device\Harddisk3\DR12 - Size: 0x3BC000000 (14.94 Gb), SectorSize: 0x200, Cylinders: 0x79D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:09:36.0548 8076  Drive \Device\Harddisk8\DR13 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:09:36.0814 8076  ============================================================
19:09:36.0814 8076  \Device\Harddisk0\DR0:
19:09:36.0815 8076  MBR partitions:
19:09:36.0815 8076  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:09:36.0815 8076  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x770B800
19:09:36.0815 8076  \Device\Harddisk1\DR1:
19:09:36.0815 8076  MBR partitions:
19:09:36.0815 8076  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xC350000
19:09:36.0815 8076  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0xC350800, BlocksNum 0x683B5000
19:09:36.0815 8076  \Device\Harddisk2\DR2:
19:09:36.0815 8076  MBR partitions:
19:09:36.0815 8076  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
19:09:36.0815 8076  \Device\Harddisk3\DR12:
19:09:36.0816 8076  MBR partitions:
19:09:36.0816 8076  \Device\Harddisk3\DR12\Partition1: MBR, Type 0xC, StartLBA 0x800, BlocksNum 0x1DDB800
19:09:36.0816 8076  \Device\Harddisk8\DR13:
19:09:36.0816 8076  MBR partitions:
19:09:36.0816 8076  \Device\Harddisk8\DR13\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xDF92800
19:09:36.0816 8076  ============================================================
19:09:36.0820 8076  C: <-> \Device\Harddisk0\DR0\Partition2
19:09:36.0833 8076  D: <-> \Device\Harddisk1\DR1\Partition1
19:09:36.0852 8076  E: <-> \Device\Harddisk1\DR1\Partition2
19:09:36.0940 8076  L: <-> \Device\Harddisk8\DR13\Partition1
19:09:37.0711 8076  F: <-> \Device\Harddisk2\DR2\Partition1
19:09:37.0711 8076  ============================================================
19:09:37.0711 8076  Initialize success
19:09:37.0711 8076  ============================================================
19:09:51.0349 9792  ============================================================
19:09:51.0349 9792  Scan started
19:09:51.0349 9792  Mode: Manual; SigCheck; TDLFS;
19:09:51.0349 9792  ============================================================
19:09:51.0991 9792  ================ Scan system memory ========================
19:09:51.0991 9792  System memory - ok
19:09:51.0992 9792  ================ Scan services =============================
19:09:52.0064 9792  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
19:09:52.0129 9792  1394ohci - ok
19:09:52.0137 9792  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:09:52.0156 9792  ACPI - ok
19:09:52.0160 9792  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
19:09:52.0194 9792  AcpiPmi - ok
19:09:52.0242 9792  [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:09:52.0258 9792  AdobeFlashPlayerUpdateSvc - ok
19:09:52.0267 9792  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx        C:\Windows\system32\drivers\adp94xx.sys
19:09:52.0290 9792  adp94xx - ok
19:09:52.0298 9792  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci        C:\Windows\system32\drivers\adpahci.sys
19:09:52.0318 9792  adpahci - ok
19:09:52.0325 9792  [ E109549C90F62FB570B9540C4B148E54 ] adpu320        C:\Windows\system32\drivers\adpu320.sys
19:09:52.0342 9792  adpu320 - ok
19:09:52.0349 9792  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
19:09:52.0403 9792  AeLookupSvc - ok
19:09:52.0412 9792  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD            C:\Windows\system32\drivers\afd.sys
19:09:52.0435 9792  AFD - ok
19:09:52.0439 9792  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
19:09:52.0452 9792  agp440 - ok
19:09:52.0457 9792  [ 3290D6946B5E30E70414990574883DDB ] ALG            C:\Windows\System32\alg.exe
19:09:52.0476 9792  ALG - ok
19:09:52.0481 9792  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:09:52.0493 9792  aliide - ok
19:09:52.0500 9792  [ B3B263B419FC9E7B1D41E61FDAE45BD9 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:09:52.0539 9792  AMD External Events Utility - ok
19:09:52.0543 9792  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
19:09:52.0556 9792  amdide - ok
19:09:52.0561 9792  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8          C:\Windows\system32\drivers\amdk8.sys
19:09:52.0576 9792  AmdK8 - ok
19:09:52.0672 9792  [ 9A6E9363F7A5E5A06629D9DDC76EE6B5 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
19:09:52.0817 9792  amdkmdag - ok
19:09:52.0828 9792  [ 957A4C13E1981B1701E600EF1E823C68 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
19:09:52.0852 9792  amdkmdap - ok
19:09:52.0857 9792  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
19:09:52.0872 9792  AmdPPM - ok
19:09:52.0877 9792  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
19:09:52.0891 9792  amdsata - ok
19:09:52.0897 9792  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
19:09:52.0913 9792  amdsbs - ok
19:09:52.0917 9792  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata        C:\Windows\system32\drivers\amdxata.sys
19:09:52.0930 9792  amdxata - ok
19:09:52.0942 9792  [ 59D01FA91962C9C1E9B4022B2D3B46DB ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
19:09:52.0958 9792  AppHostSvc - ok
19:09:52.0966 9792  [ 89A69C3F2F319B43379399547526D952 ] AppID          C:\Windows\system32\drivers\appid.sys
19:09:53.0046 9792  AppID - ok
19:09:53.0050 9792  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:09:53.0084 9792  AppIDSvc - ok
19:09:53.0089 9792  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo        C:\Windows\System32\appinfo.dll
19:09:53.0120 9792  Appinfo - ok
19:09:53.0125 9792  [ C484F8CEB1717C540242531DB7845C4E ] arc            C:\Windows\system32\drivers\arc.sys
19:09:53.0139 9792  arc - ok
19:09:53.0143 9792  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:09:53.0157 9792  arcsas - ok
19:09:53.0186 9792  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:09:53.0197 9792  aspnet_state - ok
19:09:53.0202 9792  [ F9278A56E92DF6B16476431B582236B4 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
19:09:53.0219 9792  aswFsBlk - ok
19:09:53.0224 9792  [ FA86861F5B30A2909F8A555ACCF10F33 ] aswMonFlt      C:\Windows\system32\drivers\aswMonFlt.sys
19:09:53.0237 9792  aswMonFlt - ok
19:09:53.0243 9792  [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
19:09:53.0255 9792  aswRdr - ok
19:09:53.0269 9792  [ 0CB9A8CFB177E4FBA9F3A3D7EB038AC7 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
19:09:53.0298 9792  aswSnx - ok
19:09:53.0308 9792  [ 27215E171E212EA5770406EC216F7409 ] aswSP          C:\Windows\system32\drivers\aswSP.sys
19:09:53.0326 9792  aswSP - ok
19:09:53.0331 9792  [ 88AF99223812186A8046001EA22DAB86 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
19:09:53.0344 9792  aswTdi - ok
19:09:53.0349 9792  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:09:53.0384 9792  AsyncMac - ok
19:09:53.0388 9792  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi          C:\Windows\system32\drivers\atapi.sys
19:09:53.0401 9792  atapi - ok
19:09:53.0413 9792  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:09:53.0453 9792  AudioEndpointBuilder - ok
19:09:53.0463 9792  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:09:53.0497 9792  AudioSrv - ok
19:09:53.0581 9792  [ FB05FF189FC5F57DE636315B1F5E56DB ] avast! Antivirus D:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:09:53.0591 9792  avast! Antivirus - ok
19:09:53.0602 9792  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:09:53.0629 9792  AxInstSV - ok
19:09:53.0639 9792  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv        C:\Windows\system32\drivers\bxvbda.sys
19:09:53.0661 9792  b06bdrv - ok
19:09:53.0669 9792  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:09:53.0688 9792  b57nd60a - ok
19:09:53.0696 9792  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:09:53.0711 9792  BDESVC - ok
19:09:53.0715 9792  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:09:53.0747 9792  Beep - ok
19:09:53.0760 9792  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE            C:\Windows\System32\bfe.dll
19:09:53.0804 9792  BFE - ok
19:09:53.0818 9792  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
19:09:53.0864 9792  BITS - ok
19:09:53.0869 9792  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:09:53.0884 9792  blbdrive - ok
19:09:53.0890 9792  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:09:53.0905 9792  bowser - ok
19:09:53.0909 9792  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
19:09:53.0927 9792  BrFiltLo - ok
19:09:53.0931 9792  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
19:09:53.0946 9792  BrFiltUp - ok
19:09:53.0953 9792  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser        C:\Windows\System32\browser.dll
19:09:53.0971 9792  Browser - ok
19:09:53.0978 9792  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
19:09:54.0002 9792  Brserid - ok
19:09:54.0007 9792  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:09:54.0024 9792  BrSerWdm - ok
19:09:54.0029 9792  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:09:54.0046 9792  BrUsbMdm - ok
19:09:54.0051 9792  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:09:54.0066 9792  BrUsbSer - ok
19:09:54.0072 9792  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
19:09:54.0091 9792  BTHMODEM - ok
19:09:54.0098 9792  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv        C:\Windows\system32\bthserv.dll
19:09:54.0132 9792  bthserv - ok
19:09:54.0139 9792  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:09:54.0174 9792  cdfs - ok
19:09:54.0179 9792  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
19:09:54.0196 9792  cdrom - ok
19:09:54.0203 9792  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc    C:\Windows\System32\certprop.dll
19:09:54.0253 9792  CertPropSvc - ok
19:09:54.0259 9792  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
19:09:54.0298 9792  circlass - ok
19:09:54.0303 9792  [ FF60401F1C659CA2ED4BAE85D3FD14DA ] CISVC          C:\Windows\system32\CISVC.EXE
19:09:54.0340 9792  CISVC - ok
19:09:54.0349 9792  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
19:09:54.0367 9792  CLFS - ok
19:09:54.0381 9792  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:09:54.0392 9792  clr_optimization_v2.0.50727_32 - ok
19:09:54.0406 9792  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:09:54.0418 9792  clr_optimization_v2.0.50727_64 - ok
19:09:54.0435 9792  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:09:54.0448 9792  clr_optimization_v4.0.30319_32 - ok
19:09:54.0453 9792  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:09:54.0466 9792  clr_optimization_v4.0.30319_64 - ok
19:09:54.0470 9792  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
19:09:54.0485 9792  CmBatt - ok
19:09:54.0489 9792  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:09:54.0501 9792  cmdide - ok
19:09:54.0512 9792  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG            C:\Windows\system32\Drivers\cng.sys
19:09:54.0538 9792  CNG - ok
19:09:54.0543 9792  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
19:09:54.0556 9792  Compbatt - ok
19:09:54.0561 9792  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
19:09:54.0593 9792  CompositeBus - ok
19:09:54.0596 9792  COMSysApp - ok
19:09:54.0699 9792  cpuz135 - ok
19:09:54.0703 9792  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk        C:\Windows\system32\drivers\crcdisk.sys
19:09:54.0716 9792  crcdisk - ok
19:09:54.0725 9792  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:09:54.0742 9792  CryptSvc - ok
19:09:54.0753 9792  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:09:54.0812 9792  DcomLaunch - ok
19:09:54.0820 9792  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc      C:\Windows\System32\defragsvc.dll
19:09:54.0859 9792  defragsvc - ok
19:09:54.0864 9792  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:09:54.0896 9792  DfsC - ok
19:09:54.0902 9792  [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
19:09:54.0915 9792  dg_ssudbus - ok
19:09:54.0922 9792  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:09:54.0960 9792  Dhcp - ok
19:09:54.0964 9792  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
19:09:54.0996 9792  discache - ok
19:09:55.0001 9792  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
19:09:55.0015 9792  Disk - ok
19:09:55.0022 9792  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:09:55.0038 9792  Dnscache - ok
19:09:55.0048 9792  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc        C:\Windows\System32\dot3svc.dll
19:09:55.0084 9792  dot3svc - ok
19:09:55.0090 9792  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS            C:\Windows\system32\dps.dll
19:09:55.0125 9792  DPS - ok
19:09:55.0129 9792  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
19:09:55.0145 9792  drmkaud - ok
19:09:55.0159 9792  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
19:09:55.0187 9792  DXGKrnl - ok
19:09:55.0193 9792  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost        C:\Windows\System32\eapsvc.dll
19:09:55.0226 9792  EapHost - ok
19:09:55.0260 9792  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv          C:\Windows\system32\drivers\evbda.sys
19:09:55.0316 9792  ebdrv - ok
19:09:55.0322 9792  [ C118A82CD78818C29AB228366EBF81C3 ] EFS            C:\Windows\System32\lsass.exe
19:09:55.0339 9792  EFS - ok
19:09:55.0352 9792  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
19:09:55.0381 9792  ehRecvr - ok
19:09:55.0389 9792  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched        C:\Windows\ehome\ehsched.exe
19:09:55.0405 9792  ehSched - ok
19:09:55.0415 9792  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor        C:\Windows\system32\drivers\elxstor.sys
19:09:55.0436 9792  elxstor - ok
19:09:55.0441 9792  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:09:55.0455 9792  ErrDev - ok
19:09:55.0468 9792  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem    C:\Windows\system32\es.dll
19:09:55.0508 9792  EventSystem - ok
19:09:55.0515 9792  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat          C:\Windows\system32\drivers\exfat.sys
19:09:55.0550 9792  exfat - ok
19:09:55.0556 9792  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat        C:\Windows\system32\drivers\fastfat.sys
19:09:55.0591 9792  fastfat - ok
19:09:55.0604 9792  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax            C:\Windows\system32\fxssvc.exe
19:09:55.0630 9792  Fax - ok
19:09:55.0634 9792  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc            C:\Windows\system32\DRIVERS\fdc.sys
19:09:55.0650 9792  fdc - ok
19:09:55.0654 9792  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost        C:\Windows\system32\fdPHost.dll
19:09:55.0687 9792  fdPHost - ok
19:09:55.0692 9792  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:09:55.0724 9792  FDResPub - ok
19:09:55.0728 9792  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:09:55.0741 9792  FileInfo - ok
19:09:55.0746 9792  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
19:09:55.0779 9792  Filetrace - ok
19:09:55.0783 9792  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
19:09:55.0797 9792  flpydisk - ok
19:09:55.0805 9792  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:09:55.0823 9792  FltMgr - ok
19:09:55.0838 9792  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache      C:\Windows\system32\FntCache.dll
19:09:55.0869 9792  FontCache - ok
19:09:55.0875 9792  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:09:55.0885 9792  FontCache3.0.0.0 - ok
19:09:55.0889 9792  [ D43703496149971890703B4B1B723EAC ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
19:09:55.0902 9792  FsDepends - ok
19:09:55.0908 9792  [ B16B626996C74B564005BA855C5DEE90 ] fssfltr        C:\Windows\system32\DRIVERS\fssfltr.sys
19:09:55.0924 9792  fssfltr - ok
19:09:56.0012 9792  [ 812E1BA5C52A78F13EA6AA10DF708B1D ] fsssvc          D:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
19:09:56.0048 9792  fsssvc - ok
19:09:56.0053 9792  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:09:56.0066 9792  Fs_Rec - ok
19:09:56.0078 9792  [ 79179C6F8A3784CC3A20CDE998D5BD2C ] ftpsvc          C:\Windows\system32\inetsrv\ftpsvc.dll
19:09:56.0099 9792  ftpsvc - ok
19:09:56.0108 9792  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:09:56.0126 9792  fvevol - ok
19:09:56.0131 9792  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:09:56.0144 9792  gagp30kx - ok
19:09:56.0148 9792  [ 7907E14F9BCF3A4689C9A74A1A873CB6 ] gdrv            C:\Windows\gdrv.sys
19:09:56.0160 9792  gdrv - ok
19:09:56.0163 9792  GEARAspiWDM - ok
19:09:56.0169 9792  [ 16C2A6BCDDA8952C2035DEC861492A19 ] ggflt          C:\Windows\system32\DRIVERS\ggflt.sys
19:09:56.0180 9792  ggflt - ok
19:09:56.0184 9792  [ 6B503DF845EABF3457E49FBBDA26C10E ] ggsemc          C:\Windows\system32\DRIVERS\ggsemc.sys
19:09:56.0195 9792  ggsemc - ok
19:09:56.0206 9792  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc          C:\Windows\System32\gpsvc.dll
19:09:56.0249 9792  gpsvc - ok
19:09:56.0255 9792  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:09:56.0271 9792  hcw85cir - ok
19:09:56.0280 9792  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:09:56.0302 9792  HdAudAddService - ok
19:09:56.0308 9792  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
19:09:56.0325 9792  HDAudBus - ok
19:09:56.0330 9792  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt        C:\Windows\system32\drivers\HidBatt.sys
19:09:56.0344 9792  HidBatt - ok
19:09:56.0349 9792  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
19:09:56.0367 9792  HidBth - ok
19:09:56.0372 9792  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr          C:\Windows\system32\drivers\hidir.sys
19:09:56.0388 9792  HidIr - ok
19:09:56.0393 9792  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv        C:\Windows\system32\hidserv.dll
19:09:56.0426 9792  hidserv - ok
19:09:56.0431 9792  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:09:56.0445 9792  HidUsb - ok
19:09:56.0451 9792  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:09:56.0484 9792  hkmsvc - ok
19:09:56.0491 9792  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:09:56.0511 9792  HomeGroupListener - ok
19:09:56.0518 9792  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:09:56.0538 9792  HomeGroupProvider - ok
19:09:56.0543 9792  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:09:56.0557 9792  HpSAMD - ok
19:09:56.0568 9792  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:09:56.0610 9792  HTTP - ok
19:09:56.0614 9792  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:09:56.0625 9792  hwpolicy - ok
19:09:56.0630 9792  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
19:09:56.0645 9792  i8042prt - ok
19:09:56.0657 9792  [ 6C024B3AE192D72B216166802AF345DD ] iaStorA        C:\Windows\system32\DRIVERS\iaStorA.sys
19:09:56.0674 9792  iaStorA - ok
19:09:56.0735 9792  [ 7F7A03D03FA18A0DB2DAC37A8D620E7F ] IAStorDataMgrSvc D:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
19:09:56.0740 9792  IAStorDataMgrSvc ( UnsignedFile.Multi.Generic ) - warning
19:09:56.0740 9792  IAStorDataMgrSvc - detected UnsignedFile.Multi.Generic (1)
19:09:56.0744 9792  [ 661594437CA343CC89C586283442AF73 ] iaStorF        C:\Windows\system32\DRIVERS\iaStorF.sys
19:09:56.0755 9792  iaStorF - ok
19:09:56.0764 9792  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
19:09:56.0784 9792  iaStorV - ok
19:09:56.0800 9792  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:09:56.0824 9792  idsvc - ok
19:09:56.0829 9792  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp          C:\Windows\system32\drivers\iirsp.sys
19:09:56.0842 9792  iirsp - ok
19:09:56.0846 9792  [ AB55B8A9B13130F638546881CE4425F8 ] IISADMIN        C:\Windows\system32\inetsrv\inetinfo.exe
19:09:56.0864 9792  IISADMIN - ok
19:09:56.0877 9792  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
19:09:56.0921 9792  IKEEXT - ok
19:09:56.0965 9792  [ 900A45658DCB6BAE1003764991BB5FAB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:09:57.0040 9792  IntcAzAudAddService - ok
19:09:57.0046 9792  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
19:09:57.0059 9792  intelide - ok
19:09:57.0064 9792  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:09:57.0079 9792  intelppm - ok
19:09:57.0086 9792  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
19:09:57.0120 9792  IPBusEnum - ok
19:09:57.0126 9792  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:09:57.0157 9792  IpFilterDriver - ok
19:09:57.0167 9792  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:09:57.0208 9792  iphlpsvc - ok
19:09:57.0213 9792  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
19:09:57.0229 9792  IPMIDRV - ok
19:09:57.0233 9792  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
19:09:57.0266 9792  IPNAT - ok
19:09:57.0275 9792  [ 11FE7637A49B67D9B1F895B2AD4D982F ] iprip          C:\Windows\System32\iprip.dll
19:09:57.0292 9792  iprip - ok
19:09:57.0296 9792  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:09:57.0315 9792  IRENUM - ok
19:09:57.0321 9792  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:09:57.0333 9792  isapnp - ok
19:09:57.0341 9792  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
19:09:57.0359 9792  iScsiPrt - ok
19:09:57.0364 9792  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:09:57.0377 9792  kbdclass - ok
19:09:57.0382 9792  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:09:57.0396 9792  kbdhid - ok
19:09:57.0400 9792  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
19:09:57.0414 9792  KeyIso - ok
19:09:57.0419 9792  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:09:57.0433 9792  KSecDD - ok
19:09:57.0438 9792  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
19:09:57.0453 9792  KSecPkg - ok
19:09:57.0457 9792  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
19:09:57.0490 9792  ksthunk - ok
19:09:57.0498 9792  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm          C:\Windows\system32\msdtckrm.dll
19:09:57.0539 9792  KtmRm - ok
19:09:57.0546 9792  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:09:57.0583 9792  LanmanServer - ok
19:09:57.0590 9792  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:09:57.0625 9792  LanmanWorkstation - ok
19:09:57.0679 9792  [ 7772DFAB22611050B79504E671B06E6E ] LBTServ        D:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
19:09:57.0696 9792  LBTServ - ok
19:09:57.0702 9792  [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
19:09:57.0715 9792  LHidFilt - ok
19:09:57.0720 9792  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:09:57.0752 9792  lltdio - ok
19:09:57.0760 9792  [ C1185803384AB3FEED115F79F109427F ] lltdsvc        C:\Windows\System32\lltdsvc.dll
19:09:57.0800 9792  lltdsvc - ok
19:09:57.0804 9792  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts        C:\Windows\System32\lmhsvc.dll
19:09:57.0837 9792  lmhosts - ok
19:09:57.0843 9792  [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
19:09:57.0855 9792  LMouFilt - ok
19:09:57.0863 9792  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
19:09:57.0877 9792  LSI_FC - ok
19:09:57.0882 9792  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS        C:\Windows\system32\drivers\lsi_sas.sys
19:09:57.0896 9792  LSI_SAS - ok
19:09:57.0901 9792  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
19:09:57.0914 9792  LSI_SAS2 - ok
19:09:57.0918 9792  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
19:09:57.0932 9792  LSI_SCSI - ok
19:09:57.0937 9792  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv          C:\Windows\system32\drivers\luafv.sys
19:09:57.0970 9792  luafv - ok
19:09:57.0975 9792  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
19:09:57.0992 9792  Mcx2Svc - ok
19:09:57.0996 9792  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas        C:\Windows\system32\drivers\megasas.sys
19:09:58.0009 9792  megasas - ok
19:09:58.0017 9792  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
19:09:58.0035 9792  MegaSR - ok
19:09:58.0042 9792  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS          C:\Windows\system32\mmcss.dll
19:09:58.0076 9792  MMCSS - ok
19:09:58.0080 9792  [ 800BA92F7010378B09F9ED9270F07137 ] Modem          C:\Windows\system32\drivers\modem.sys
19:09:58.0113 9792  Modem - ok
19:09:58.0117 9792  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
19:09:58.0134 9792  monitor - ok
19:09:58.0138 9792  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:09:58.0151 9792  mouclass - ok
19:09:58.0157 9792  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:09:58.0171 9792  mouhid - ok
19:09:58.0176 9792  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:09:58.0189 9792  mountmgr - ok
19:09:58.0202 9792  [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance D:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:09:58.0213 9792  MozillaMaintenance - ok
19:09:58.0219 9792  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:09:58.0235 9792  mpio - ok
19:09:58.0240 9792  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:09:58.0273 9792  mpsdrv - ok
19:09:58.0285 9792  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:09:58.0329 9792  MpsSvc - ok
19:09:58.0336 9792  [ CD22D2563039DDA6793F7624719363A7 ] MQAC            C:\Windows\system32\drivers\mqac.sys
19:09:58.0355 9792  MQAC - ok
19:09:58.0362 9792  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:09:58.0382 9792  MRxDAV - ok
19:09:58.0389 9792  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:09:58.0406 9792  mrxsmb - ok
19:09:58.0413 9792  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:09:58.0431 9792  mrxsmb10 - ok
19:09:58.0438 9792  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:09:58.0452 9792  mrxsmb20 - ok
19:09:58.0457 9792  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:09:58.0469 9792  msahci - ok
19:09:58.0475 9792  [ DB801A638D011B9633829EB6F663C900 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
19:09:58.0490 9792  msdsm - ok
19:09:58.0497 9792  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC          C:\Windows\System32\msdtc.exe
19:09:58.0516 9792  MSDTC - ok
19:09:58.0524 9792  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:09:58.0556 9792  Msfs - ok
19:09:58.0560 9792  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
19:09:58.0592 9792  mshidkmdf - ok
19:09:58.0596 9792  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:09:58.0608 9792  msisadrv - ok
19:09:58.0615 9792  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
19:09:58.0651 9792  MSiSCSI - ok
19:09:58.0654 9792  msiserver - ok
19:09:58.0658 9792  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
19:09:58.0690 9792  MSKSSRV - ok
19:09:58.0695 9792  [ FAAEAEF99E53561BEEE58F946CA56F0D ] MSMQ            C:\Windows\system32\mqsvc.exe
19:09:58.0709 9792  MSMQ - ok
19:09:58.0716 9792  [ 59ED174FD4314B0218DC91F9BFA6CD3D ] MSMQTriggers    C:\Windows\system32\mqtgsvc.exe
19:09:58.0735 9792  MSMQTriggers - ok
19:09:58.0739 9792  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:09:58.0772 9792  MSPCLOCK - ok
19:09:58.0776 9792  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
19:09:58.0808 9792  MSPQM - ok
19:09:58.0816 9792  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
19:09:58.0835 9792  MsRPC - ok
19:09:58.0842 9792  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
19:09:58.0855 9792  mssmbios - ok
19:09:58.0859 9792  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
19:09:58.0892 9792  MSTEE - ok
19:09:58.0895 9792  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
19:09:58.0910 9792  MTConfig - ok
19:09:58.0914 9792  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup            C:\Windows\system32\Drivers\mup.sys
19:09:58.0927 9792  Mup - ok
19:09:58.0937 9792  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
19:09:58.0978 9792  napagent - ok
19:09:58.0987 9792  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
19:09:59.0011 9792  NativeWifiP - ok
19:09:59.0024 9792  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:09:59.0052 9792  NDIS - ok
19:09:59.0057 9792  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
19:09:59.0090 9792  NdisCap - ok
19:09:59.0095 9792  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:09:59.0127 9792  NdisTapi - ok
19:09:59.0131 9792  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
19:09:59.0163 9792  Ndisuio - ok
19:09:59.0169 9792  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
19:09:59.0203 9792  NdisWan - ok
19:09:59.0207 9792  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
19:09:59.0238 9792  NDProxy - ok
19:09:59.0243 9792  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
19:09:59.0275 9792  NetBIOS - ok
19:09:59.0281 9792  [ 09594D1089C523423B32A4229263F068 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
19:09:59.0315 9792  NetBT - ok
19:09:59.0320 9792  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
19:09:59.0334 9792  Netlogon - ok
19:09:59.0344 9792  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
19:09:59.0384 9792  Netman - ok
19:09:59.0391 9792  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:09:59.0402 9792  NetMsmqActivator - ok
19:09:59.0406 9792  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:09:59.0417 9792  NetPipeActivator - ok
19:09:59.0427 9792  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
19:09:59.0467 9792  netprofm - ok
19:09:59.0472 9792  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:09:59.0482 9792  NetTcpActivator - ok
19:09:59.0486 9792  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:09:59.0497 9792  NetTcpPortSharing - ok
19:09:59.0502 9792  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960        C:\Windows\system32\drivers\nfrd960.sys
19:09:59.0515 9792  nfrd960 - ok
19:09:59.0522 9792  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:09:59.0561 9792  NlaSvc - ok
19:09:59.0566 9792  [ 4903177FC90E77ABEB19021451E9475E ] nmwcd          C:\Windows\system32\drivers\ccdcmbx64.sys
19:09:59.0594 9792  nmwcd - ok
19:09:59.0600 9792  [ E6844A4C97E5409BBE24BB4ED000320D ] nmwcdc          C:\Windows\system32\drivers\ccdcmbox64.sys
19:09:59.0625 9792  nmwcdc - ok
19:09:59.0630 9792  [ F59F8CF59F7905622686637177E2A828 ] nmwcdnsucx64    C:\Windows\system32\drivers\nmwcdnsucx64.sys
19:09:59.0654 9792  nmwcdnsucx64 - ok
19:09:59.0661 9792  [ A0E7F80157AF77B1CEAA8ADD3A3E7D85 ] nmwcdnsux64    C:\Windows\system32\drivers\nmwcdnsux64.sys
19:09:59.0689 9792  nmwcdnsux64 - ok
19:09:59.0694 9792  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:09:59.0726 9792  Npfs - ok
19:09:59.0730 9792  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi            C:\Windows\system32\nsisvc.dll
19:09:59.0764 9792  nsi - ok
19:09:59.0767 9792  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:09:59.0799 9792  nsiproxy - ok
19:09:59.0821 9792  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:09:59.0862 9792  Ntfs - ok
19:09:59.0867 9792  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
19:09:59.0899 9792  Null - ok
19:09:59.0905 9792  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:09:59.0920 9792  nvraid - ok
19:09:59.0927 9792  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:09:59.0942 9792  nvstor - ok
19:09:59.0948 9792  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:09:59.0962 9792  nv_agp - ok
19:09:59.0966 9792  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:09:59.0982 9792  ohci1394 - ok
19:09:59.0990 9792  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:10:00.0013 9792  p2pimsvc - ok
19:10:00.0025 9792  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
19:10:00.0049 9792  p2psvc - ok
19:10:00.0066 9792  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport        C:\Windows\system32\drivers\parport.sys
19:10:00.0082 9792  Parport - ok
19:10:00.0087 9792  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr        C:\Windows\system32\drivers\partmgr.sys
19:10:00.0101 9792  partmgr - ok
19:10:00.0108 9792  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:10:00.0131 9792  PcaSvc - ok
19:10:00.0137 9792  [ 3FDE033DFB0D07F8B7D5C9A3044AA121 ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
19:10:00.0150 9792  pccsmcfd - ok
19:10:00.0156 9792  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci            C:\Windows\system32\drivers\pci.sys
19:10:00.0171 9792  pci - ok
19:10:00.0175 9792  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
19:10:00.0187 9792  pciide - ok
19:10:00.0194 9792  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:10:00.0211 9792  pcmcia - ok
19:10:00.0215 9792  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw            C:\Windows\system32\drivers\pcw.sys
19:10:00.0228 9792  pcw - ok
19:10:00.0239 9792  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:10:00.0281 9792  PEAUTH - ok
19:10:00.0323 9792  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:10:00.0339 9792  PerfHost - ok
19:10:00.0362 9792  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla            C:\Windows\system32\pla.dll
19:10:00.0415 9792  pla - ok
19:10:00.0425 9792  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:10:00.0449 9792  PlugPlay - ok
19:10:00.0454 9792  PnkBstrA - ok
19:10:00.0460 9792  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
19:10:00.0475 9792  PNRPAutoReg - ok
19:10:00.0483 9792  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
19:10:00.0500 9792  PNRPsvc - ok
19:10:00.0511 9792  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
19:10:00.0552 9792  PolicyAgent - ok
19:10:00.0561 9792  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power          C:\Windows\system32\umpo.dll
19:10:00.0600 9792  Power - ok
19:10:00.0607 9792  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:10:00.0639 9792  PptpMiniport - ok
19:10:00.0644 9792  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor      C:\Windows\system32\drivers\processr.sys
19:10:00.0659 9792  Processor - ok
19:10:00.0665 9792  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc        C:\Windows\system32\profsvc.dll
19:10:00.0686 9792  ProfSvc - ok
19:10:00.0690 9792  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:10:00.0705 9792  ProtectedStorage - ok
19:10:00.0712 9792  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:10:00.0744 9792  Psched - ok
19:10:00.0749 9792  [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI            C:\Windows\system32\DRIVERS\psi_mf.sys
19:10:00.0760 9792  PSI - ok
19:10:00.0767 9792  [ DEFD557D9B8C0FA3CEA6CC576400114E ] pwdrvio        C:\Windows\system32\pwdrvio.sys
19:10:00.0783 9792  pwdrvio - ok
19:10:00.0789 9792  [ A2EE3B70A9E05F651B888078726C2787 ] pwdspio        C:\Windows\system32\pwdspio.sys
19:10:00.0803 9792  pwdspio - ok
19:10:00.0821 9792  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
19:10:00.0859 9792  ql2300 - ok
19:10:00.0865 9792  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
19:10:00.0880 9792  ql40xx - ok
19:10:00.0887 9792  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE          C:\Windows\system32\qwave.dll
19:10:00.0910 9792  QWAVE - ok
19:10:00.0915 9792  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:10:00.0933 9792  QWAVEdrv - ok
19:10:00.0939 9792  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:10:00.0972 9792  RasAcd - ok
19:10:00.0978 9792  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
19:10:01.0010 9792  RasAgileVpn - ok
19:10:01.0016 9792  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto        C:\Windows\System32\rasauto.dll
19:10:01.0051 9792  RasAuto - ok
19:10:01.0057 9792  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
19:10:01.0090 9792  Rasl2tp - ok
19:10:01.0098 9792  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
19:10:01.0138 9792  RasMan - ok
19:10:01.0143 9792  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:10:01.0177 9792  RasPppoe - ok
19:10:01.0182 9792  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
19:10:01.0215 9792  RasSstp - ok
19:10:01.0222 9792  [ 77F665941019A1594D887A74F301FA2F ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
19:10:01.0259 9792  rdbss - ok
19:10:01.0263 9792  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
19:10:01.0280 9792  rdpbus - ok
19:10:01.0284 9792  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:10:01.0315 9792  RDPCDD - ok
19:10:01.0322 9792  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:10:01.0354 9792  RDPENCDD - ok
19:10:01.0359 9792  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:10:01.0390 9792  RDPREFMP - ok
19:10:01.0397 9792  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
19:10:01.0415 9792  RDPWD - ok
19:10:01.0422 9792  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:10:01.0439 9792  rdyboost - ok
19:10:01.0445 9792  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:10:01.0480 9792  RemoteAccess - ok
19:10:01.0486 9792  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:10:01.0523 9792  RemoteRegistry - ok
19:10:01.0529 9792  [ CAF88D6573D21CD2AA27001DDBFDC74D ] RMCAST          C:\Windows\system32\DRIVERS\RMCAST.sys
19:10:01.0562 9792  RMCAST - ok
19:10:01.0567 9792  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:10:01.0602 9792  RpcEptMapper - ok
19:10:01.0607 9792  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
19:10:01.0623 9792  RpcLocator - ok
19:10:01.0631 9792  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs          C:\Windows\system32\rpcss.dll
19:10:01.0667 9792  RpcSs - ok
19:10:01.0673 9792  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:10:01.0706 9792  rspndr - ok
19:10:01.0713 9792  [ C435AC77704EB16E85C9D630F4D4B4F7 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
19:10:01.0729 9792  RTHDMIAzAudService - ok
19:10:01.0736 9792  [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167        C:\Windows\system32\DRIVERS\Rt64win7.sys
19:10:01.0766 9792  RTL8167 - ok
19:10:01.0771 9792  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs          C:\Windows\system32\lsass.exe
19:10:01.0785 9792  SamSs - ok
19:10:01.0791 9792  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:10:01.0804 9792  sbp2port - ok
19:10:01.0811 9792  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:10:01.0847 9792  SCardSvr - ok
19:10:01.0853 9792  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:10:01.0884 9792  scfilter - ok
19:10:01.0899 9792  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
19:10:01.0946 9792  Schedule - ok
19:10:01.0952 9792  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc    C:\Windows\System32\certprop.dll
19:10:01.0983 9792  SCPolicySvc - ok
19:10:01.0989 9792  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:10:02.0010 9792  SDRSVC - ok
19:10:02.0014 9792  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:10:02.0047 9792  secdrv - ok
19:10:02.0051 9792  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
19:10:02.0084 9792  seclogon - ok
19:10:02.0168 9792  [ 9901DCF2B6DD2AD12CB42BD559E0C92D ] Secunia PSI Agent D:\Program Files (x86)\Secunia\PSI\PSIA.exe
19:10:02.0199 9792  Secunia PSI Agent - ok
19:10:02.0252 9792  [ 4F2056349F8BA4154D5213BF8A476B14 ] Secunia Update Agent D:\Program Files (x86)\Secunia\PSI\sua.exe
19:10:02.0272 9792  Secunia Update Agent - ok
19:10:02.0277 9792  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
19:10:02.0312 9792  SENS - ok
19:10:02.0316 9792  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:10:02.0334 9792  SensrSvc - ok
19:10:02.0339 9792  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum        C:\Windows\system32\DRIVERS\serenum.sys
19:10:02.0355 9792  Serenum - ok
19:10:02.0360 9792  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
19:10:02.0375 9792  Serial - ok
19:10:02.0379 9792  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
19:10:02.0394 9792  sermouse - ok
19:10:02.0441 9792  [ 9BDE8F1F5D060E912FCF9FB58B71CBC1 ] ServiceLayer    D:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
19:10:02.0462 9792  ServiceLayer - ok
19:10:02.0474 9792  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
19:10:02.0509 9792  SessionEnv - ok
19:10:02.0513 9792  [ A554811BCD09279536440C964AE35BBF ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
19:10:02.0529 9792  sffdisk - ok
19:10:02.0533 9792  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:10:02.0549 9792  sffp_mmc - ok
19:10:02.0554 9792  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
19:10:02.0571 9792  sffp_sd - ok
19:10:02.0575 9792  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy        C:\Windows\system32\drivers\sfloppy.sys
19:10:02.0590 9792  sfloppy - ok
19:10:02.0599 9792  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:10:02.0639 9792  SharedAccess - ok
19:10:02.0648 9792  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:10:02.0687 9792  ShellHWDetection - ok
19:10:02.0692 9792  [ E9E830D540EDEDED650F906628468548 ] simptcp        C:\Windows\System32\tcpsvcs.exe
19:10:02.0710 9792  simptcp - ok
19:10:02.0714 9792  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
19:10:02.0727 9792  SiSRaid2 - ok
19:10:02.0732 9792  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:10:02.0746 9792  SiSRaid4 - ok
19:10:02.0780 9792  [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
19:10:02.0838 9792  Skype C2C Service - ok
19:10:02.0864 9792  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate    D:\Program Files (x86)\Skype\Updater\Updater.exe
19:10:02.0874 9792  SkypeUpdate - ok
19:10:02.0879 9792  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
19:10:02.0914 9792  Smb - ok
19:10:02.0922 9792  [ CA62AE004E98374BF7F082CD765EEA02 ] SNMP            C:\Windows\System32\snmp.exe
19:10:02.0940 9792  SNMP - ok
19:10:02.0945 9792  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:10:02.0961 9792  SNMPTRAP - ok
19:10:02.0971 9792  Sony PC Companion - ok
19:10:02.0976 9792  [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan        C:\Windows\syswow64\speedfan.sys
19:10:02.0990 9792  speedfan - ok
19:10:02.0994 9792  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr          C:\Windows\system32\drivers\spldr.sys
19:10:03.0007 9792  spldr - ok
19:10:03.0017 9792  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler        C:\Windows\System32\spoolsv.exe
19:10:03.0042 9792  Spooler - ok
19:10:03.0078 9792  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
19:10:03.0158 9792  sppsvc - ok
19:10:03.0163 9792  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
19:10:03.0198 9792  sppuinotify - ok
19:10:03.0207 9792  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv            C:\Windows\system32\DRIVERS\srv.sys
19:10:03.0230 9792  srv - ok
19:10:03.0239 9792  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:10:03.0260 9792  srv2 - ok
19:10:03.0267 9792  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:10:03.0283 9792  srvnet - ok
19:10:03.0291 9792  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
19:10:03.0328 9792  SSDPSRV - ok
19:10:03.0333 9792  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc        C:\Windows\system32\sstpsvc.dll
19:10:03.0368 9792  SstpSvc - ok
19:10:03.0375 9792  [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm        C:\Windows\system32\DRIVERS\ssudmdm.sys
19:10:03.0390 9792  ssudmdm - ok
19:10:03.0395 9792  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
19:10:03.0408 9792  stexstor - ok
19:10:03.0418 9792  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
19:10:03.0448 9792  stisvc - ok
19:10:03.0453 9792  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
19:10:03.0465 9792  swenum - ok
19:10:03.0475 9792  [ E08E46FDD841B7184194011CA1955A0B ] swprv          C:\Windows\System32\swprv.dll
19:10:03.0517 9792  swprv - ok
19:10:03.0538 9792  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain        C:\Windows\system32\sysmain.dll
19:10:03.0582 9792  SysMain - ok
19:10:03.0588 9792  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:10:03.0610 9792  TabletInputService - ok
19:10:03.0617 9792  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv        C:\Windows\System32\tapisrv.dll
19:10:03.0657 9792  TapiSrv - ok
19:10:03.0663 9792  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS            C:\Windows\System32\tbssvc.dll
19:10:03.0698 9792  TBS - ok
19:10:03.0720 9792  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
19:10:03.0765 9792  Tcpip - ok
19:10:03.0788 9792  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:10:03.0821 9792  TCPIP6 - ok
19:10:03.0828 9792  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:10:03.0861 9792  tcpipreg - ok
19:10:03.0867 9792  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:10:03.0882 9792  TDPIPE - ok
19:10:03.0887 9792  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
19:10:03.0901 9792  TDTCP - ok
19:10:03.0906 9792  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
19:10:03.0938 9792  tdx - ok
19:10:04.0009 9792  [ 5E53CF8AD0FD33B35000C113656AB37B ] TeamViewer7    D:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
19:10:04.0060 9792  TeamViewer7 - ok
19:10:04.0066 9792  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
19:10:04.0079 9792  TermDD - ok
19:10:04.0090 9792  [ 2E648163254233755035B46DD7B89123 ] TermService    C:\Windows\System32\termsrv.dll
19:10:04.0135 9792  TermService - ok
19:10:04.0140 9792  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
19:10:04.0161 9792  Themes - ok
19:10:04.0166 9792  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER    C:\Windows\system32\mmcss.dll
19:10:04.0199 9792  THREADORDER - ok
19:10:04.0205 9792  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
19:10:04.0240 9792  TrkWks - ok
19:10:04.0247 9792  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:10:04.0282 9792  TrustedInstaller - ok
19:10:04.0288 9792  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:10:04.0319 9792  tssecsrv - ok
19:10:04.0325 9792  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:10:04.0339 9792  TsUsbFlt - ok
19:10:04.0343 9792  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD        C:\Windows\system32\drivers\TsUsbGD.sys
19:10:04.0358 9792  TsUsbGD - ok
19:10:04.0363 9792  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:10:04.0397 9792  tunnel - ok
19:10:04.0401 9792  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:10:04.0414 9792  uagp35 - ok
19:10:04.0422 9792  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:10:04.0461 9792  udfs - ok
19:10:04.0469 9792  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect      C:\Windows\system32\UI0Detect.exe
19:10:04.0488 9792  UI0Detect - ok
19:10:04.0492 9792  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:10:04.0505 9792  uliagpkx - ok
19:10:04.0510 9792  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
19:10:04.0525 9792  umbus - ok
19:10:04.0528 9792  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
19:10:04.0543 9792  UmPass - ok
19:10:04.0551 9792  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
19:10:04.0591 9792  upnphost - ok
19:10:04.0597 9792  [ 907F50B8695DAA65A9445D27AD306E65 ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
19:10:04.0622 9792  upperdev - ok
19:10:04.0628 9792  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
19:10:04.0645 9792  usbaudio - ok
19:10:04.0650 9792  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
19:10:04.0666 9792  usbccgp - ok
19:10:04.0672 9792  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:10:04.0689 9792  usbcir - ok
19:10:04.0693 9792  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
19:10:04.0708 9792  usbehci - ok
19:10:04.0717 9792  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:10:04.0737 9792  usbhub - ok
19:10:04.0764 9792  [ 6CA7B1B31E6E3180F4CC3811BE3D190E ] USBLogonService D:\Program Files\USBLogon\usblonsvc.exe
19:10:04.0769 9792  USBLogonService ( UnsignedFile.Multi.Generic ) - warning
19:10:04.0769 9792  USBLogonService - detected UnsignedFile.Multi.Generic (1)
19:10:04.0773 9792  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci        C:\Windows\system32\drivers\usbohci.sys
19:10:04.0787 9792  usbohci - ok
19:10:04.0792 9792  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
19:10:04.0808 9792  usbprint - ok
19:10:04.0813 9792  [ 3F7498527B48657091C355F683BEB0DD ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
19:10:04.0838 9792  UsbserFilt - ok
19:10:04.0844 9792  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:10:04.0860 9792  USBSTOR - ok
19:10:04.0863 9792  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci        C:\Windows\system32\DRIVERS\usbuhci.sys
19:10:04.0878 9792  usbuhci - ok
19:10:04.0882 9792  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms          C:\Windows\System32\uxsms.dll
19:10:04.0918 9792  UxSms - ok
19:10:04.0922 9792  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
19:10:04.0936 9792  VaultSvc - ok
19:10:04.0941 9792  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:10:04.0954 9792  vdrvroot - ok
19:10:04.0963 9792  [ 8D6B481601D01A456E75C3210F1830BE ] vds            C:\Windows\System32\vds.exe
19:10:05.0005 9792  vds - ok
19:10:05.0012 9792  [ 8108E4573F819A6C76C7EFB4021B4DFE ] VF0470Vid      C:\Windows\system32\DRIVERS\V0470Vid.sys
19:10:05.0029 9792  VF0470Vid - ok
19:10:05.0034 9792  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
19:10:05.0051 9792  vga - ok
19:10:05.0055 9792  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave        C:\Windows\System32\drivers\vga.sys
19:10:05.0088 9792  VgaSave - ok
19:10:05.0094 9792  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
19:10:05.0111 9792  vhdmp - ok
19:10:05.0115 9792  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:10:05.0128 9792  viaide - ok
19:10:05.0133 9792  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:10:05.0147 9792  volmgr - ok
19:10:05.0154 9792  [ A255814907C89BE58B79EF2F189B843B ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
19:10:05.0172 9792  volmgrx - ok
19:10:05.0180 9792  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap        C:\Windows\system32\drivers\volsnap.sys
19:10:05.0199 9792  volsnap - ok
19:10:05.0206 9792  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid        C:\Windows\system32\drivers\vsmraid.sys
19:10:05.0221 9792  vsmraid - ok
19:10:05.0240 9792  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS            C:\Windows\system32\vssvc.exe
19:10:05.0296 9792  VSS - ok
19:10:05.0301 9792  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
19:10:05.0318 9792  vwifibus - ok
19:10:05.0327 9792  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time        C:\Windows\system32\w32time.dll
19:10:05.0367 9792  W32Time - ok
19:10:05.0381 9792  [ B32009DB1972E7F2C227499289C4384A ] W3SVC          C:\Windows\system32\inetsrv\iisw3adm.dll
19:10:05.0401 9792  W3SVC - ok
19:10:05.0407 9792  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
19:10:05.0422 9792  WacomPen - ok
19:10:05.0428 9792  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:10:05.0460 9792  WANARP - ok
19:10:05.0464 9792  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:10:05.0495 9792  Wanarpv6 - ok
19:10:05.0506 9792  [ B32009DB1972E7F2C227499289C4384A ] WAS            C:\Windows\system32\inetsrv\iisw3adm.dll
19:10:05.0522 9792  WAS - ok
19:10:05.0541 9792  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
19:10:05.0578 9792  wbengine - ok
19:10:05.0585 9792  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:10:05.0608 9792  WbioSrvc - ok
19:10:05.0617 9792  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc        C:\Windows\System32\wcncsvc.dll
19:10:05.0644 9792  wcncsvc - ok
19:10:05.0648 9792  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:10:05.0667 9792  WcsPlugInService - ok
19:10:05.0672 9792  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
19:10:05.0684 9792  Wd - ok
19:10:05.0695 9792  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:10:05.0719 9792  Wdf01000 - ok
19:10:05.0725 9792  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:10:05.0769 9792  WdiServiceHost - ok
19:10:05.0773 9792  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost  C:\Windows\system32\wdi.dll
19:10:05.0793 9792  WdiSystemHost - ok
19:10:05.0800 9792  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient      C:\Windows\System32\webclnt.dll
19:10:05.0824 9792  WebClient - ok
19:10:05.0831 9792  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:10:05.0870 9792  Wecsvc - ok
19:10:05.0876 9792  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
19:10:05.0911 9792  wercplsupport - ok
19:10:05.0916 9792  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:10:05.0952 9792  WerSvc - ok
19:10:05.0957 9792  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:10:05.0989 9792  WfpLwf - ok
19:10:05.0993 9792  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:10:06.0006 9792  WIMMount - ok
19:10:06.0011 9792  WinDefend - ok
19:10:06.0017 9792  WinHttpAutoProxySvc - ok
19:10:06.0037 9792  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
19:10:06.0073 9792  Winmgmt - ok
19:10:06.0097 9792  [ BCB1310604AA415C4508708975B3931E ] WinRM          C:\Windows\system32\WsmSvc.dll
19:10:06.0157 9792  WinRM - ok
19:10:06.0167 9792  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
19:10:06.0184 9792  WinUsb - ok
19:10:06.0197 9792  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc        C:\Windows\System32\wlansvc.dll
19:10:06.0231 9792  Wlansvc - ok
19:10:06.0289 9792  [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc        D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:10:06.0334 9792  wlidsvc - ok
19:10:06.0340 9792  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi        C:\Windows\system32\drivers\wmiacpi.sys
19:10:06.0354 9792  WmiAcpi - ok
19:10:06.0364 9792  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:10:06.0383 9792  wmiApSrv - ok
19:10:06.0399 9792  WMPNetworkSvc - ok
19:10:06.0403 9792  [ B5BD872122A2CE82D196ABF2D5D8D80A ] WMSVC          C:\Windows\system32\inetsrv\wmsvc.exe
19:10:06.0421 9792  WMSVC - ok
19:10:06.0426 9792  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:10:06.0442 9792  WPCSvc - ok
19:10:06.0448 9792  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:10:06.0472 9792  WPDBusEnum - ok
19:10:06.0478 9792  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
19:10:06.0510 9792  ws2ifsl - ok
19:10:06.0515 9792  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
19:10:06.0538 9792  wscsvc - ok
19:10:06.0541 9792  WSearch - ok
19:10:06.0570 9792  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:10:06.0623 9792  wuauserv - ok
19:10:06.0630 9792  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:10:06.0662 9792  WudfPf - ok
19:10:06.0668 9792  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:10:06.0703 9792  WUDFRd - ok
19:10:06.0709 9792  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
19:10:06.0742 9792  wudfsvc - ok
19:10:06.0750 9792  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc        C:\Windows\System32\wwansvc.dll
19:10:06.0776 9792  WwanSvc - ok
19:10:06.0783 9792  ================ Scan global ===============================
19:10:06.0787 9792  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:10:06.0795 9792  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:10:06.0807 9792  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:10:06.0815 9792  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:10:06.0825 9792  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:10:06.0833 9792  [Global] - ok
19:10:06.0833 9792  ================ Scan MBR ==================================
19:10:06.0836 9792  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:10:06.0946 9792  \Device\Harddisk0\DR0 - ok
19:10:06.0953 9792  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk1\DR1
19:10:07.0015 9792  \Device\Harddisk1\DR1 - ok
19:10:07.0023 9792  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
19:10:07.0075 9792  \Device\Harddisk2\DR2 - ok
19:10:07.0079 9792  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR12
19:10:07.0217 9792  \Device\Harddisk3\DR12 - ok
19:10:07.0497 9792  [ A863475757CC50891AA8458C415E4B25 ] \Device\Harddisk8\DR13
19:10:09.0514 9792  \Device\Harddisk8\DR13 - ok
19:10:09.0514 9792  ================ Scan VBR ==================================
19:10:09.0516 9792  [ 2A6810F9031FA296E3073AB5CCD4C45C ] \Device\Harddisk0\DR0\Partition1
19:10:09.0520 9792  \Device\Harddisk0\DR0\Partition1 - ok
19:10:09.0523 9792  [ 2700F5C7A27BA3EA40DAB1595D279A87 ] \Device\Harddisk0\DR0\Partition2
19:10:09.0526 9792  \Device\Harddisk0\DR0\Partition2 - ok
19:10:09.0535 9792  [ CA78DFD62C8E90C311B535ED059DD0E6 ] \Device\Harddisk1\DR1\Partition1
19:10:09.0536 9792  \Device\Harddisk1\DR1\Partition1 - ok
19:10:09.0549 9792  [ 2B6A859D33D116253FE64511CD9F18AC ] \Device\Harddisk1\DR1\Partition2
19:10:09.0550 9792  \Device\Harddisk1\DR1\Partition2 - ok
19:10:09.0553 9792  [ 5D3D6AF6FFA3F3019D89DEA05364CA22 ] \Device\Harddisk2\DR2\Partition1
19:10:09.0554 9792  \Device\Harddisk2\DR2\Partition1 - ok
19:10:09.0558 9792  [ E5AD5DFAA2A6A6AA952298E7D9D2FB10 ] \Device\Harddisk3\DR12\Partition1
19:10:09.0559 9792  \Device\Harddisk3\DR12\Partition1 - ok
19:10:09.0594 9792  [ BD93561BAB51365901584781A3471917 ] \Device\Harddisk8\DR13\Partition1
19:10:09.0596 9792  \Device\Harddisk8\DR13\Partition1 - ok
19:10:09.0596 9792  ============================================================
19:10:09.0596 9792  Scan finished
19:10:09.0596 9792  ============================================================
19:10:09.0604 0552  Detected object count: 2
19:10:09.0604 0552  Actual detected object count: 2
19:10:22.0957 0552  IAStorDataMgrSvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:10:22.0957 0552  IAStorDataMgrSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:10:22.0958 0552  USBLogonService ( UnsignedFile.Multi.Generic ) - skipped by user
19:10:22.0958 0552  USBLogonService ( UnsignedFile.Multi.Generic ) - User select action: Skip


Alle Zeitangaben in WEZ +1. Es ist jetzt 07:12 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19