Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Delta Search (https://www.trojaner-board.de/136220-delta-search.html)

Tobi1985K 08.06.2013 18:51
Delta Search
 
Habe mir Delta Search durch Zufall eingefangen.... was muss ich tun? Bitte dringend!

markusg 08.06.2013 18:57
Hi
alle Anfragen hier sind dringend, Antworten können dauern, ist ja unsere Freizeit hier.

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

Tobi1985K 08.06.2013 19:23
OTL Logfile:
Code:
OTL logfile created on: 08.06.2013 20:00:07 - Run 4
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\XXX\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,25 Gb Available Physical Memory | 56,23% Memory free
7,99 Gb Paging File | 5,93 Gb Available in Paging File | 74,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,74 Gb Total Space | 290,95 Gb Free Space | 64,41% Space Free | Partition Type: NTFS
Drive D: | 13,72 Gb Total Space | 2,27 Gb Free Space | 16,58% Space Free | Partition Type: NTFS
Drive E: | 99,02 Mb Total Space | 96,46 Mb Free Space | 97,41% Space Free | Partition Type: FAT32
 
Computer Name: XXX-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\XXX\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Admin\AppData\Roaming\WebCake\WebCakeDesktop.exe (WebCake LLC)
PRC - C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe (WebCake LLC)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe ()
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
PRC - C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GmbH)
PRC - C:\Program Files (x86)\PDF Architect\ConversionService.exe (pdfforge GmbH)
PRC - C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe (Siber Systems)
PRC - C:\Program Files (x86)\Secunia\PSI\psia.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
PRC - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 6\TotalMedia Server\TM Server.exe (ArcSoft Inc.)
PRC - C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe (ArcSoft, Inc.)
PRC - C:\Windows\SysWOW64\schtasks.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe (Telefónica I+D)
PRC - C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe ()
PRC - C:\Program Files (x86)\Lexmark 2600 Series\ezprint.exe (Lexmark International Inc.)
PRC - C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe ()
PRC - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe (Panda Security)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ffmpegsumo.dll ()
MOD - c:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\Unlocker\UnlockerHook.dll ()
MOD - C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe ()
MOD - C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe ()
MOD - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\Lexmark 2600 Series\lxdndrs.dll ()
MOD - C:\Program Files (x86)\Lexmark 2600 Series\lxdnscw.dll ()
MOD - C:\Program Files (x86)\Lexmark 2600 Series\lxdncaps.dll ()
MOD - C:\Program Files (x86)\Lexmark 2600 Series\iptk.dll ()
MOD - C:\Program Files (x86)\Lexmark 2600 Series\lxdncnv4.dll ()
MOD - C:\Program Files (x86)\Lexmark 2600 Series\lxdndatr.dll ()
MOD - C:\Program Files (x86)\Lexmark 2600 Series\lxdncats.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard Company)
SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe (IDT, Inc.)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (lxdn_device) -- C:\Windows\SysNative\lxdncoms.exe ( )
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (BrowserDefendert) -- C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe ()
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (BingDesktopUpdate) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
SRV - (PDF Architect Helper Service) -- C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GmbH)
SRV - (PDF Architect Service) -- C:\Program Files (x86)\PDF Architect\ConversionService.exe (pdfforge GmbH)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\psia.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.)
SRV - (SbieSvc) -- C:\Programme\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company)
SRV - (ADExchange) -- C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe (ArcSoft, Inc.)
SRV - (TGCM_ImportWiFiSvc) -- C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe (Telefónica I+D)
SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe (IDT, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (AESTFilters) -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe (Andrea Electronics Corporation)
SRV - (ezSharedSvc) -- C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)
SRV - (lxdn_device) -- C:\Windows\SysWOW64\lxdncoms.exe ( )
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (PSI) -- C:\Windows\SysNative\drivers\psi_mf_amd64.sys (Secunia)
DRV:64bit: - (ArcCtrl) -- C:\Windows\SysNative\drivers\ArcCtrl.sys ()
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (NBVol) -- C:\Windows\SysNative\drivers\NBVol.sys (Nero AG)
DRV:64bit: - (NBVolUp) -- C:\Windows\SysNative\drivers\NBVolUp.sys (Nero AG)
DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard Company)
DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard Company)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (ZTEusbser6k) -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV:64bit: - (ZTEusbnmea) -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV:64bit: - (ZTEusbmdm6k) -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV:64bit: - (massfilter) -- C:\Windows\SysNative\drivers\massfilter.sys (ZTE Incorporated)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (enecir) -- C:\Windows\SysNative\drivers\enecir.sys (ENE TECHNOLOGY INC.)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corp)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (AtiPcie) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (massfilter_hs) -- C:\Windows\SysNative\drivers\massfilter_hs.sys (ZTE Incorporated)
DRV - (SbieDrv) -- C:\Programme\Sandboxie\SbieDrv.sys (SANDBOXIE L.T.D)
DRV - ({55662437-DA8C-40c0-AADA-2C816A897A49}) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl (CyberLink Corp.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{F0E73948-74C1-4CF4-BEE3-A2AA50FF11E8}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{F0E73948-74C1-4CF4-BEE3-A2AA50FF11E8}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-1044226639-1867335067-3542661926-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
IE - HKU\S-1-5-21-1044226639-1867335067-3542661926-1001\..\SearchScopes,DefaultScope = {7A25A554-4A95-47F3-9620-B124742D1B83}
IE - HKU\S-1-5-21-1044226639-1867335067-3542661926-1001\..\SearchScopes\{4D9CE09C-E5BE-4E53-89B3-4F7F14CDFBC5}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
IE - HKU\S-1-5-21-1044226639-1867335067-3542661926-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SUNC_de
IE - HKU\S-1-5-21-1044226639-1867335067-3542661926-1001\..\SearchScopes\{7A25A554-4A95-47F3-9620-B124742D1B83}: "URL" = hxxp://www.bing.com/search?FORM=BDKTDF&PC=BDT3&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-1044226639-1867335067-3542661926-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-1044226639-1867335067-3542661926-1005\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = Delta Search
IE - HKU\S-1-5-21-1044226639-1867335067-3542661926-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
IE - HKU\S-1-5-21-1044226639-1867335067-3542661926-1005\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
IE - HKU\S-1-5-21-1044226639-1867335067-3542661926-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Delta Search
IE - HKU\S-1-5-21-1044226639-1867335067-3542661926-1005\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1044226639-1867335067-3542661926-1005\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1044226639-1867335067-3542661926-1005\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.delta-search.com/?q={searchTerms}&affID=119781&babsrc=SP_ss&mntrId=D8B72617FEC4A785
IE - HKU\S-1-5-21-1044226639-1867335067-3542661926-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Delta Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.delta-search.com/?affID=119781&babsrc=HP_ss&mntrId=D8B72617FEC4A785"
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.05.13 17:28:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2013.03.01 18:38:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013.05.06 19:17:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.06.08 10:39:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.06.08 10:39:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.03.26 20:10:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2013.06.08 19:43:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Extensions
[2013.06.08 19:43:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\extensions
[2013.06.08 19:43:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\extensions\extensions
[2013.06.08 19:43:35 | 000,000,000 | ---D | M] (WebCake) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\extensions\extensions\plugin@getwebcake.com
[2013.06.08 19:43:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\rt1s26ru.default\extensions
[2013.06.08 19:43:59 | 000,000,000 | ---D | M] (Delta Toolbar) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\rt1s26ru.default\extensions\ffxtlbr@delta.com
[2013.06.08 19:43:35 | 000,000,000 | ---D | M] (WebCake) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\rt1s26ru.default\extensions\plugin@getwebcake.com
[2013.05.28 18:09:42 | 000,197,611 | ---- | M] () (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\extensions\ftdownloader4@ftdownloader.com.xpi
[2013.06.08 19:43:53 | 000,006,470 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\rt1s26ru.default\searchplugins\babylon.xml
[2013.06.08 19:44:00 | 000,001,294 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\rt1s26ru.default\searchplugins\delta.xml
[2013.06.08 19:43:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.06.08 10:39:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013.06.08 10:39:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013.06.08 10:39:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013.06.08 10:39:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}
[2013.06.08 19:43:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com
[2013.06.08 10:39:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.06.08 10:39:28 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - Extension: No name found = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: No name found = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: No name found = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bebnnlollpcjnfpkafhoclljaojgnfok\4.0_0\
CHR - Extension: No name found = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0\
CHR - Extension: No name found = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh\1.0.3_0\
CHR - Extension: No name found = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013.02.26 21:15:37 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (PDF Architect Toolbar) - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark 2600 Series\ezprint.exe (Lexmark International Inc.)
O4:64bit: - HKLM..\Run: [lxdnmon.exe] C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe ()
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe ()
O4 - HKU\S-1-5-21-1044226639-1867335067-3542661926-1001..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKU\S-1-5-21-1044226639-1867335067-3542661926-1001..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKU\S-1-5-21-1044226639-1867335067-3542661926-1005..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKU\S-1-5-21-1044226639-1867335067-3542661926-1005..\Run: [WebCake Desktop] C:\Users\Admin\AppData\Roaming\WebCake\WebCakeDesktop.exe (WebCake LLC)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKU\S-1-5-21-1044226639-1867335067-3542661926-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-1044226639-1867335067-3542661926-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O13 - gopher Prefix: missing
O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_Win32.cab (20-20 3D Viewer)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{83FA5D62-306C-4DC6-ACB7-224A51B61C53}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FBFB82D4-F78D-4FE9-B52A-4807B1133424}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll) - c:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll ()
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
 
NetSvcs: ezSharedSvc - C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)
 
MsConfig:64bit - State: "startup" - Reg Error: Key error.
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.08 19:44:12 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
[2013.06.08 19:44:08 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserDefender
[2013.06.08 19:44:02 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\BabSolution
[2013.06.08 19:43:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Delta
[2013.06.08 19:43:57 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Delta
[2013.06.08 19:43:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2013.06.08 19:43:44 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Babylon
[2013.06.08 19:43:34 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\WebCake
[2013.06.08 19:43:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WebCake
[2013.06.08 19:43:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2013.06.08 19:43:21 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\PutLockerDownloader
[2013.06.08 19:43:17 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Mozilla
[2013.06.08 19:43:15 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Mozilla
[2013.06.08 19:43:04 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com
[2013.06.08 19:43:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FTDownloader.com
[2013.06.08 10:39:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.05.15 20:02:25 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.05.15 20:02:24 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.05.15 20:02:23 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.05.15 20:02:22 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.05.15 20:02:21 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.05.15 20:02:21 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.05.15 20:02:21 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.05.15 20:02:21 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.05.15 20:02:20 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.05.15 20:02:20 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.05.15 20:02:20 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.05.15 20:02:19 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.05.15 20:02:14 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.05.15 20:02:14 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.05.15 20:02:12 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.05.15 18:57:10 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013.05.15 18:57:10 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013.05.15 18:56:38 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013.05.15 18:56:38 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013.05.15 18:56:37 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2013.05.15 18:56:36 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013.05.15 18:56:16 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2013.05.12 14:30:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.08 19:50:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.08 19:43:04 | 000,000,870 | ---- | M] () -- C:\Users\Admin\Desktop\FTDownloader.lnk
[2013.06.08 19:19:01 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.08 19:19:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.08 09:24:28 | 000,023,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.08 09:24:28 | 000,023,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.08 09:14:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.08 09:14:21 | 3218,235,392 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.06 20:22:28 | 000,002,143 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.06.04 20:02:04 | 000,003,320 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2013.06.01 19:41:31 | 001,512,418 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.06.01 19:41:31 | 000,659,238 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.06.01 19:41:31 | 000,620,384 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.06.01 19:41:31 | 000,132,776 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.06.01 19:41:31 | 000,108,566 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.05.16 19:04:47 | 000,353,864 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.05.14 20:50:13 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.05.14 20:50:13 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.05.13 17:28:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.05.12 14:30:41 | 000,002,006 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2013.05.12 14:30:41 | 000,002,006 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.06.08 19:43:04 | 000,000,870 | ---- | C] () -- C:\Users\Admin\Desktop\FTDownloader.lnk
[2013.05.12 14:30:41 | 000,002,006 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2013.04.19 17:58:25 | 000,069,632 | R--- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2013.04.19 17:58:25 | 000,036,864 | R--- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2013.02.28 22:09:08 | 000,003,320 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2013.02.26 21:05:01 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.02.26 21:05:01 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.02.26 21:05:01 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.02.26 21:05:01 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.02.26 21:05:01 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.01.25 21:40:49 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.06.08 19:44:05 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\BabSolution
[2013.06.08 19:43:44 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Babylon
[2013.06.08 19:43:57 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Delta
[2013.05.06 19:17:04 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\OpenCandy
[2013.05.06 19:17:11 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\pdfforge
[2013.03.09 13:48:06 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Softland
[2013.06.08 19:43:40 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\WebCake
[2013.02.24 21:27:57 | 000,000,000 | ---D | M] -- C:\Users\XXX\AppData\Roaming\DSite
[2013.03.09 14:03:19 | 000,000,000 | ---D | M] -- C:\Users\XXX\AppData\Roaming\elsterformular
[2012.04.02 20:21:59 | 000,000,000 | ---D | M] -- C:\Users\XXX\AppData\Roaming\LockHunter
[2013.05.06 19:18:51 | 000,000,000 | ---D | M] -- C:\Users\XXX\AppData\Roaming\PDF Architect
[2013.03.01 18:39:47 | 000,000,000 | ---D | M] -- C:\Users\XXX\AppData\Roaming\RoboForm
[2013.03.09 13:48:30 | 000,000,000 | ---D | M] -- C:\Users\XXX\AppData\Roaming\Softland
[2011.04.29 20:41:23 | 000,000,000 | ---D | M] -- C:\Users\XXX\AppData\Roaming\Telefónica
[2010.06.08 14:36:28 | 000,000,000 | ---D | M] -- C:\Users\XXX\AppData\Roaming\Thunderbird
[2010.06.14 11:31:53 | 000,000,000 | ---D | M] -- C:\Users\XXX\AppData\Roaming\Tific
[2010.07.14 20:18:58 | 000,000,000 | ---D | M] -- C:\Users\XXX\AppData\Roaming\WildTangent
[2010.06.08 14:24:20 | 000,000,000 | ---D | M] -- C:\Users\XXX\AppData\Roaming\_MDLogs
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2013.03.01 17:57:23 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2010.06.26 23:48:16 | 000,000,000 | ---D | M] -- C:\8fc2bc764aeedf0fe8bbce84cbec6ade
[2013.04.19 17:58:15 | 000,000,000 | ---D | M] -- C:\BlueByte
[2009.11.14 13:52:04 | 000,000,000 | ---D | M] -- C:\boot
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2010.06.08 13:14:20 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2010.06.08 17:46:06 | 000,000,000 | ---D | M] -- C:\drivers
[2013.03.01 16:22:52 | 000,000,000 | ---D | M] -- C:\HP
[2011.08.14 12:42:42 | 000,000,000 | ---D | M] -- C:\HP Pavilion dv6-2120eg
[2009.11.14 02:24:22 | 000,000,000 | R--D | M] -- C:\MSOCache
[2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2013.04.01 17:13:46 | 000,000,000 | R--D | M] -- C:\Program Files
[2013.06.08 19:43:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)
[2013.06.08 19:44:08 | 000,000,000 | ---D | M] -- C:\ProgramData
[2010.06.08 13:14:20 | 000,000,000 | -HSD | M] -- C:\Programme
[2013.02.26 21:19:01 | 000,000,000 | ---D | M] -- C:\Qoobox
[2010.06.08 14:15:53 | 000,000,000 | ---D | M] -- C:\Recovery
[2013.01.21 12:47:54 | 000,000,000 | ---D | M] -- C:\SwSetup
[2013.06.08 20:02:35 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2010.06.08 14:15:57 | 000,000,000 | ---D | M] -- C:\SYSTEM.SAV
[2012.06.29 14:06:14 | 000,000,000 | ---D | M] -- C:\temp
[2013.05.04 19:30:11 | 000,000,000 | R--D | M] -- C:\Users
[2013.06.04 20:02:04 | 000,000,000 | ---D | M] -- C:\Windows
[2013.02.26 20:47:50 | 000,000,000 | ---D | M] -- C:\_OTL
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009.07.14 03:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2010.11.20 04:16:54 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.02.27 20:56:47 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.02.28 22:06:24 | 000,001,104 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.02.28 22:06:25 | 000,001,108 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\erdnt\cache86\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\erdnt\cache64\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2007.05.17 22:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\CyberLink\PowerDirector\EventLog.dll
 
< MD5 for: EXPLORER.EXE  >
[2010.03.07 11:16:24 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 04:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010.03.07 11:16:24 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=6D4F9E4B640B413C6F73414327484C80 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 05:24:46 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2010.03.07 11:16:24 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=CA17F8620815267DC838E30B68CB5052 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2010.03.07 11:16:24 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2010.11.20 05:33:40 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 05:33:40 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 05:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\erdnt\cache64\netlogon.dll
[2010.11.20 05:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 05:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 04:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\erdnt\cache86\netlogon.dll
[2010.11.20 04:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 04:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 05:33:50 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 05:33:50 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 04:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010.11.20 04:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 04:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 05:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010.11.20 05:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 05:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.20 04:08:58 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\erdnt\cache86\user32.dll
[2010.11.20 04:08:58 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.20 04:08:58 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010.11.20 05:27:28 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\erdnt\cache64\user32.dll
[2010.11.20 05:27:28 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.20 05:27:28 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 04:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010.11.20 04:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 04:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 05:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010.11.20 05:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 05:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.20 05:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010.11.20 05:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 05:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012.12.14 17:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
 
< %USERPROFILE%\*.* >
[2013.06.08 20:01:54 | 001,048,576 | -HS- | M] () -- C:\Users\Admin\NTUSER.DAT
[2013.06.08 20:01:54 | 000,262,144 | -HS- | M] () -- C:\Users\Admin\ntuser.dat.LOG1
[2013.02.28 21:59:27 | 000,000,000 | -HS- | M] () -- C:\Users\Admin\ntuser.dat.LOG2
[2013.02.28 21:59:46 | 000,065,536 | -HS- | M] () -- C:\Users\Admin\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2013.02.28 21:59:46 | 000,524,288 | -HS- | M] () -- C:\Users\Admin\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2013.02.28 21:59:46 | 000,524,288 | -HS- | M] () -- C:\Users\Admin\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2013.03.09 13:47:15 | 000,065,536 | -HS- | M] () -- C:\Users\Admin\NTUSER.DAT{1d75b619-889e-11e2-90e9-c80aa92978a4}.TM.blf
[2013.03.09 13:47:15 | 000,524,288 | -HS- | M] () -- C:\Users\Admin\NTUSER.DAT{1d75b619-889e-11e2-90e9-c80aa92978a4}.TMContainer00000000000000000001.regtrans-ms
[2013.03.09 13:47:15 | 000,524,288 | -HS- | M] () -- C:\Users\Admin\NTUSER.DAT{1d75b619-889e-11e2-90e9-c80aa92978a4}.TMContainer00000000000000000002.regtrans-ms
[2013.02.28 21:59:28 | 000,000,020 | -HS- | M] () -- C:\Users\Admin\ntuser.ini
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
 
<          >

< End of report >
--- --- ---

markusg 08.06.2013 19:33
hatten wir das Thema eigendlich nicht schon mal?
hast du deine Programme immer nutzerdefiniert instaliert, vom hersteller und dich vorher darüber informiert?
nutzt du die von mir empfohlenen Programme, wie Sandboxie?
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Tobi1985K 08.06.2013 20:29
21:21:07.0775 4004 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:21:07.0955 4004 ============================================================
21:21:07.0955 4004 Current date / time: 2013/06/08 21:21:07.0955
21:21:07.0955 4004 SystemInfo:
21:21:07.0955 4004
21:21:07.0955 4004 OS Version: 6.1.7601 ServicePack: 1.0
21:21:07.0955 4004 Product type: Workstation
21:21:07.0955 4004 ComputerName: TOBI-PC
21:21:07.0956 4004 UserName: Admin
21:21:07.0956 4004 Windows directory: C:\Windows
21:21:07.0956 4004 System windows directory: C:\Windows
21:21:07.0956 4004 Running under WOW64
21:21:07.0956 4004 Processor architecture: Intel x64
21:21:07.0956 4004 Number of processors: 2
21:21:07.0956 4004 Page size: 0x1000
21:21:07.0956 4004 Boot type: Normal boot
21:21:07.0956 4004 ============================================================
21:21:09.0040 4004 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:21:09.0079 4004 ============================================================
21:21:09.0079 4004 \Device\Harddisk0\DR0:
21:21:09.0090 4004 MBR partitions:
21:21:09.0090 4004 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
21:21:09.0090 4004 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x3877C800
21:21:09.0090 4004 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x387E0800, BlocksNum 0x1B71800
21:21:09.0090 4004 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
21:21:09.0090 4004 ============================================================
21:21:09.0110 4004 C: <-> \Device\Harddisk0\DR0\Partition2
21:21:09.0145 4004 D: <-> \Device\Harddisk0\DR0\Partition3
21:21:09.0155 4004 E: <-> \Device\Harddisk0\DR0\Partition4
21:21:09.0156 4004 ============================================================
21:21:09.0156 4004 Initialize success
21:21:09.0156 4004 ============================================================
21:21:41.0827 1316 ============================================================
21:21:41.0827 1316 Scan started
21:21:41.0827 1316 Mode: Manual; SigCheck; TDLFS;
21:21:41.0827 1316 ============================================================
21:21:42.0502 1316 ================ Scan system memory ========================
21:21:42.0502 1316 System memory - ok
21:21:42.0503 1316 ================ Scan services =============================
21:21:42.0648 1316 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:21:42.0818 1316 1394ohci - ok
21:21:42.0849 1316 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
21:21:42.0872 1316 Accelerometer - ok
21:21:42.0894 1316 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:21:42.0916 1316 ACPI - ok
21:21:42.0951 1316 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:21:43.0047 1316 AcpiPmi - ok
21:21:43.0118 1316 [ C330710CF95587DCB7806BB6A22CF044 ] ADExchange C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
21:21:43.0161 1316 ADExchange - ok
21:21:43.0257 1316 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:21:43.0290 1316 AdobeARMservice - ok
21:21:43.0409 1316 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:21:43.0442 1316 AdobeFlashPlayerUpdateSvc - ok
21:21:43.0487 1316 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:21:43.0514 1316 adp94xx - ok
21:21:43.0554 1316 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:21:43.0578 1316 adpahci - ok
21:21:43.0596 1316 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:21:43.0615 1316 adpu320 - ok
21:21:43.0639 1316 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:21:43.0688 1316 AeLookupSvc - ok
21:21:43.0798 1316 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
21:21:43.0903 1316 AESTFilters - ok
21:21:43.0957 1316 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
21:21:44.0030 1316 AFD - ok
21:21:44.0078 1316 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
21:21:44.0123 1316 AgereSoftModem - ok
21:21:44.0152 1316 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:21:44.0169 1316 agp440 - ok
21:21:44.0199 1316 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:21:44.0279 1316 ALG - ok
21:21:44.0306 1316 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
21:21:44.0323 1316 aliide - ok
21:21:44.0413 1316 ALSysIO - ok
21:21:44.0450 1316 [ BCC32BF5EBB5DFD4380FA053D3651949 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:21:44.0538 1316 AMD External Events Utility - ok
21:21:44.0556 1316 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
21:21:44.0573 1316 amdide - ok
21:21:44.0607 1316 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:21:44.0658 1316 AmdK8 - ok
21:21:44.0685 1316 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:21:44.0727 1316 AmdPPM - ok
21:21:44.0758 1316 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:21:44.0777 1316 amdsata - ok
21:21:44.0800 1316 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:21:44.0819 1316 amdsbs - ok
21:21:44.0833 1316 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:21:44.0849 1316 amdxata - ok
21:21:44.0906 1316 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
21:21:44.0985 1316 AppID - ok
21:21:45.0005 1316 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:21:45.0067 1316 AppIDSvc - ok
21:21:45.0105 1316 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
21:21:45.0149 1316 Appinfo - ok
21:21:45.0199 1316 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
21:21:45.0230 1316 arc - ok
21:21:45.0309 1316 [ 0F38B8225C393FD63F4C6097622821D4 ] ArcCtrl C:\Windows\system32\drivers\ArcCtrl.sys
21:21:45.0362 1316 ArcCtrl - ok
21:21:45.0368 1316 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:21:45.0386 1316 arcsas - ok
21:21:45.0414 1316 [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
21:21:45.0431 1316 aswFsBlk - ok
21:21:45.0465 1316 [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
21:21:45.0483 1316 aswMonFlt - ok
21:21:45.0507 1316 [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
21:21:45.0524 1316 aswRdr - ok
21:21:45.0550 1316 [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
21:21:45.0568 1316 aswRvrt - ok
21:21:45.0605 1316 [ 10ED1CAB84AA65983C41A11F60294C9B ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
21:21:45.0642 1316 aswSnx - ok
21:21:45.0701 1316 [ 00E5253353717D3CA12A0F5A6F9991EC ] aswSP C:\Windows\system32\drivers\aswSP.sys
21:21:45.0750 1316 aswSP - ok
21:21:45.0780 1316 [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
21:21:45.0799 1316 aswTdi - ok
21:21:45.0816 1316 [ 6359B99C955DB9F40B653159A0EED261 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
21:21:45.0837 1316 aswVmm - ok
21:21:45.0863 1316 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:21:45.0915 1316 AsyncMac - ok
21:21:45.0939 1316 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
21:21:45.0954 1316 atapi - ok
21:21:46.0055 1316 [ B4421D8CDADC441F76BA39532A3E3414 ] athr C:\Windows\system32\DRIVERS\athrx.sys
21:21:46.0170 1316 athr - ok
21:21:46.0215 1316 [ 3B9014FB7CE9E20FD726321C7DB7D8B0 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
21:21:46.0232 1316 AtiHdmiService - ok
21:21:46.0509 1316 [ A29087680A1C3B049E3C05438E8FF2B8 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:21:46.0626 1316 atikmdag - ok
21:21:46.0671 1316 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
21:21:46.0705 1316 AtiPcie - ok
21:21:46.0758 1316 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:21:46.0822 1316 AudioEndpointBuilder - ok
21:21:46.0832 1316 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:21:46.0878 1316 AudioSrv - ok
21:21:46.0945 1316 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:21:46.0990 1316 avast! Antivirus - ok
21:21:47.0044 1316 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:21:47.0106 1316 AxInstSV - ok
21:21:47.0152 1316 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
21:21:47.0197 1316 b06bdrv - ok
21:21:47.0237 1316 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:21:47.0280 1316 b57nd60a - ok
21:21:47.0327 1316 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:21:47.0365 1316 BDESVC - ok
21:21:47.0378 1316 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:21:47.0442 1316 Beep - ok
21:21:47.0498 1316 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
21:21:47.0559 1316 BFE - ok
21:21:47.0665 1316 [ 85D5E6AC46A2AE4672C1AC813AE45B95 ] BingDesktopUpdate C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
21:21:47.0704 1316 BingDesktopUpdate - ok
21:21:47.0749 1316 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
21:21:47.0831 1316 BITS - ok
21:21:47.0862 1316 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:21:47.0893 1316 blbdrive - ok
21:21:47.0944 1316 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:21:47.0991 1316 bowser - ok
21:21:48.0024 1316 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:21:48.0081 1316 BrFiltLo - ok
21:21:48.0092 1316 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:21:48.0112 1316 BrFiltUp - ok
21:21:48.0161 1316 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
21:21:48.0212 1316 BridgeMP - ok
21:21:48.0250 1316 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
21:21:48.0278 1316 Browser - ok
21:21:48.0441 1316 [ 013A330F16B1CECBDE5CB6F921689523 ] BrowserDefendert C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
21:21:48.0498 1316 BrowserDefendert - ok
21:21:48.0527 1316 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:21:48.0563 1316 Brserid - ok
21:21:48.0575 1316 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:21:48.0605 1316 BrSerWdm - ok
21:21:48.0642 1316 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:21:48.0687 1316 BrUsbMdm - ok
21:21:48.0699 1316 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:21:48.0728 1316 BrUsbSer - ok
21:21:48.0746 1316 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:21:48.0777 1316 BTHMODEM - ok
21:21:48.0819 1316 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:21:48.0867 1316 bthserv - ok
21:21:48.0898 1316 catchme - ok
21:21:48.0924 1316 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:21:48.0976 1316 cdfs - ok
21:21:49.0016 1316 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:21:49.0074 1316 cdrom - ok
21:21:49.0128 1316 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
21:21:49.0182 1316 CertPropSvc - ok
21:21:49.0217 1316 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:21:49.0249 1316 circlass - ok
21:21:49.0270 1316 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:21:49.0293 1316 CLFS - ok
21:21:49.0350 1316 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:21:49.0391 1316 clr_optimization_v2.0.50727_32 - ok
21:21:49.0430 1316 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:21:49.0465 1316 clr_optimization_v2.0.50727_64 - ok
21:21:49.0579 1316 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:21:49.0617 1316 clr_optimization_v4.0.30319_32 - ok
21:21:49.0657 1316 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:21:49.0675 1316 clr_optimization_v4.0.30319_64 - ok
21:21:49.0703 1316 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:21:49.0728 1316 CmBatt - ok
21:21:49.0755 1316 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:21:49.0771 1316 cmdide - ok
21:21:49.0796 1316 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
21:21:49.0835 1316 CNG - ok
21:21:49.0868 1316 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:21:49.0884 1316 Compbatt - ok
21:21:49.0917 1316 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:21:49.0943 1316 CompositeBus - ok
21:21:49.0958 1316 COMSysApp - ok
21:21:49.0984 1316 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:21:50.0001 1316 crcdisk - ok
21:21:50.0044 1316 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:21:50.0081 1316 CryptSvc - ok
21:21:50.0128 1316 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:21:50.0217 1316 DcomLaunch - ok
21:21:50.0241 1316 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:21:50.0295 1316 defragsvc - ok
21:21:50.0331 1316 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:21:50.0414 1316 DfsC - ok
21:21:50.0483 1316 [ 388039F99CE8769024EE0438352ACA99 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
21:21:50.0519 1316 dg_ssudbus - ok
21:21:50.0541 1316 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
21:21:50.0575 1316 Dhcp - ok
21:21:50.0601 1316 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:21:50.0645 1316 discache - ok
21:21:50.0664 1316 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:21:50.0681 1316 Disk - ok
21:21:50.0713 1316 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:21:50.0740 1316 Dnscache - ok
21:21:50.0838 1316 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:21:50.0908 1316 dot3svc - ok
21:21:50.0939 1316 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
21:21:50.0990 1316 DPS - ok
21:21:51.0009 1316 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:21:51.0043 1316 drmkaud - ok
21:21:51.0096 1316 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:21:51.0147 1316 DXGKrnl - ok
21:21:51.0181 1316 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:21:51.0230 1316 EapHost - ok
21:21:51.0303 1316 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
21:21:51.0375 1316 ebdrv - ok
21:21:51.0421 1316 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
21:21:51.0495 1316 EFS - ok
21:21:51.0566 1316 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:21:51.0629 1316 ehRecvr - ok
21:21:51.0649 1316 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:21:51.0679 1316 ehSched - ok
21:21:51.0715 1316 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:21:51.0775 1316 elxstor - ok
21:21:51.0813 1316 [ 524C79054636D2E5751169005006460B ] enecir C:\Windows\system32\DRIVERS\enecir.sys
21:21:51.0843 1316 enecir - ok
21:21:51.0873 1316 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:21:51.0905 1316 ErrDev - ok
21:21:51.0945 1316 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:21:52.0010 1316 EventSystem - ok
21:21:52.0036 1316 ewusbnet - ok
21:21:52.0062 1316 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:21:52.0114 1316 exfat - ok
21:21:52.0127 1316 ezSharedSvc - ok
21:21:52.0146 1316 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:21:52.0194 1316 fastfat - ok
21:21:52.0250 1316 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
21:21:52.0346 1316 Fax - ok
21:21:52.0363 1316 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:21:52.0402 1316 fdc - ok
21:21:52.0433 1316 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:21:52.0481 1316 fdPHost - ok
21:21:52.0493 1316 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:21:52.0543 1316 FDResPub - ok
21:21:52.0578 1316 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:21:52.0595 1316 FileInfo - ok
21:21:52.0604 1316 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:21:52.0656 1316 Filetrace - ok
21:21:52.0673 1316 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:21:52.0700 1316 flpydisk - ok
21:21:52.0740 1316 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:21:52.0780 1316 FltMgr - ok
21:21:52.0812 1316 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
21:21:52.0848 1316 FontCache - ok
21:21:52.0901 1316 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:21:52.0928 1316 FontCache3.0.0.0 - ok
21:21:52.0946 1316 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:21:52.0963 1316 FsDepends - ok
21:21:52.0995 1316 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:21:53.0011 1316 Fs_Rec - ok
21:21:53.0058 1316 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:21:53.0081 1316 fvevol - ok
21:21:53.0105 1316 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:21:53.0122 1316 gagp30kx - ok
21:21:53.0173 1316 [ C1BBCE4B30B45410178EE674C818D10C ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
21:21:53.0190 1316 GameConsoleService - ok
21:21:53.0233 1316 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
21:21:53.0292 1316 gpsvc - ok
21:21:53.0411 1316 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:21:53.0451 1316 gupdate - ok
21:21:53.0461 1316 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:21:53.0482 1316 gupdatem - ok
21:21:53.0501 1316 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:21:53.0520 1316 hcw85cir - ok
21:21:53.0542 1316 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:21:53.0567 1316 HdAudAddService - ok
21:21:53.0595 1316 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
21:21:53.0626 1316 HDAudBus - ok
21:21:53.0637 1316 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:21:53.0669 1316 HidBatt - ok
21:21:53.0692 1316 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:21:53.0725 1316 HidBth - ok
21:21:53.0754 1316 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:21:53.0782 1316 HidIr - ok
21:21:53.0800 1316 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
21:21:53.0850 1316 hidserv - ok
21:21:53.0891 1316 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:21:53.0910 1316 HidUsb - ok
21:21:53.0941 1316 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:21:53.0989 1316 hkmsvc - ok
21:21:54.0032 1316 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:21:54.0064 1316 HomeGroupListener - ok
21:21:54.0105 1316 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:21:54.0134 1316 HomeGroupProvider - ok
21:21:54.0225 1316 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
21:21:54.0250 1316 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - warning
21:21:54.0250 1316 HP Support Assistant Service - detected UnsignedFile.Multi.Generic (1)
21:21:54.0279 1316 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
21:21:54.0307 1316 hpdskflt - ok
21:21:54.0350 1316 [ 9AF482D058BE59CC28BCE52E7C4B747C ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
21:21:54.0394 1316 HpqKbFiltr - ok
21:21:54.0472 1316 [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
21:21:54.0529 1316 hpqwmiex - ok
21:21:54.0553 1316 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:21:54.0570 1316 HpSAMD - ok
21:21:54.0597 1316 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
21:21:54.0613 1316 hpsrv - ok
21:21:54.0668 1316 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:21:54.0728 1316 HTTP - ok
21:21:54.0748 1316 hwdatacard - ok
21:21:54.0784 1316 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:21:54.0799 1316 hwpolicy - ok
21:21:54.0806 1316 hwusbdev - ok
21:21:54.0841 1316 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:21:54.0860 1316 i8042prt - ok
21:21:54.0907 1316 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:21:54.0931 1316 iaStorV - ok
21:21:54.0981 1316 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:21:55.0011 1316 idsvc - ok
21:21:55.0150 1316 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
21:21:55.0274 1316 igfx - ok
21:21:55.0295 1316 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:21:55.0311 1316 iirsp - ok
21:21:55.0367 1316 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
21:21:55.0434 1316 IKEEXT - ok
21:21:55.0463 1316 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
21:21:55.0479 1316 intelide - ok
21:21:55.0504 1316 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:21:55.0537 1316 intelppm - ok
21:21:55.0562 1316 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:21:55.0617 1316 IPBusEnum - ok
21:21:55.0651 1316 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:21:55.0698 1316 IpFilterDriver - ok
21:21:55.0757 1316 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:21:55.0824 1316 iphlpsvc - ok
21:21:55.0851 1316 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:21:55.0877 1316 IPMIDRV - ok
21:21:55.0903 1316 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:21:55.0957 1316 IPNAT - ok
21:21:55.0983 1316 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:21:56.0064 1316 IRENUM - ok
21:21:56.0072 1316 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:21:56.0089 1316 isapnp - ok
21:21:56.0118 1316 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:21:56.0139 1316 iScsiPrt - ok
21:21:56.0176 1316 [ F8844B00C10E386C704C610E95A9847D ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
21:21:56.0225 1316 JMCR - ok
21:21:56.0266 1316 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
21:21:56.0282 1316 kbdclass - ok
21:21:56.0310 1316 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
21:21:56.0339 1316 kbdhid - ok
21:21:56.0354 1316 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
21:21:56.0374 1316 KeyIso - ok
21:21:56.0410 1316 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:21:56.0428 1316 KSecDD - ok
21:21:56.0449 1316 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:21:56.0468 1316 KSecPkg - ok
21:21:56.0490 1316 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:21:56.0541 1316 ksthunk - ok
21:21:56.0571 1316 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:21:56.0625 1316 KtmRm - ok
21:21:56.0676 1316 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
21:21:56.0731 1316 LanmanServer - ok
21:21:56.0773 1316 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:21:56.0823 1316 LanmanWorkstation - ok
21:21:56.0878 1316 [ C34411A244029F1C08687F7C752C4563 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
21:21:56.0900 1316 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
21:21:56.0900 1316 LightScribeService - detected UnsignedFile.Multi.Generic (1)
21:21:56.0930 1316 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:21:57.0037 1316 lltdio - ok
21:21:57.0076 1316 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:21:57.0122 1316 lltdsvc - ok
21:21:57.0146 1316 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:21:57.0188 1316 lmhosts - ok
21:21:57.0224 1316 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:21:57.0242 1316 LSI_FC - ok
21:21:57.0263 1316 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:21:57.0281 1316 LSI_SAS - ok
21:21:57.0291 1316 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:21:57.0308 1316 LSI_SAS2 - ok
21:21:57.0322 1316 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:21:57.0340 1316 LSI_SCSI - ok
21:21:57.0361 1316 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:21:57.0414 1316 luafv - ok
21:21:57.0429 1316 lxdn_device - ok
21:21:57.0494 1316 [ 1B4DBCAA0321BBB76255983148051F09 ] massfilter C:\Windows\system32\drivers\massfilter.sys
21:21:57.0527 1316 massfilter - ok
21:21:57.0541 1316 [ 7AD627CDB12F5F451F24C8A97CA6E175 ] massfilter_hs C:\Windows\system32\drivers\massfilter_hs.sys
21:21:57.0585 1316 massfilter_hs - ok
21:21:57.0668 1316 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
21:21:57.0716 1316 McComponentHostService - ok
21:21:57.0752 1316 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:21:57.0788 1316 Mcx2Svc - ok
21:21:57.0810 1316 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:21:57.0827 1316 megasas - ok
21:21:57.0850 1316 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:21:57.0871 1316 MegaSR - ok
21:21:57.0910 1316 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:21:57.0961 1316 MMCSS - ok
21:21:57.0985 1316 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:21:58.0037 1316 Modem - ok
21:21:58.0057 1316 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:21:58.0091 1316 monitor - ok
21:21:58.0117 1316 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:21:58.0133 1316 mouclass - ok
21:21:58.0157 1316 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:21:58.0185 1316 mouhid - ok
21:21:58.0225 1316 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:21:58.0270 1316 mountmgr - ok
21:21:58.0362 1316 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:21:58.0404 1316 MozillaMaintenance - ok
21:21:58.0426 1316 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
21:21:58.0446 1316 mpio - ok
21:21:58.0471 1316 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:21:58.0514 1316 mpsdrv - ok
21:21:58.0570 1316 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:21:58.0660 1316 MpsSvc - ok
21:21:58.0675 1316 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:21:58.0700 1316 MRxDAV - ok
21:21:58.0739 1316 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:21:58.0799 1316 mrxsmb - ok
21:21:58.0841 1316 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:21:58.0878 1316 mrxsmb10 - ok
21:21:58.0892 1316 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:21:58.0911 1316 mrxsmb20 - ok
21:21:58.0938 1316 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
21:21:58.0954 1316 msahci - ok
21:21:58.0978 1316 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:21:58.0997 1316 msdsm - ok
21:21:59.0012 1316 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:21:59.0046 1316 MSDTC - ok
21:21:59.0088 1316 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:21:59.0128 1316 Msfs - ok
21:21:59.0145 1316 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:21:59.0240 1316 mshidkmdf - ok
21:21:59.0256 1316 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:21:59.0273 1316 msisadrv - ok
21:21:59.0298 1316 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:21:59.0349 1316 MSiSCSI - ok
21:21:59.0354 1316 msiserver - ok
21:21:59.0379 1316 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:21:59.0426 1316 MSKSSRV - ok
21:21:59.0439 1316 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:21:59.0479 1316 MSPCLOCK - ok
21:21:59.0493 1316 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:21:59.0547 1316 MSPQM - ok
21:21:59.0582 1316 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:21:59.0604 1316 MsRPC - ok
21:21:59.0627 1316 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:21:59.0644 1316 mssmbios - ok
21:21:59.0659 1316 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:21:59.0708 1316 MSTEE - ok
21:21:59.0729 1316 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:21:59.0759 1316 MTConfig - ok
21:21:59.0777 1316 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:21:59.0794 1316 Mup - ok
21:21:59.0845 1316 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
21:21:59.0917 1316 napagent - ok
21:21:59.0953 1316 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:21:59.0991 1316 NativeWifiP - ok
21:22:00.0069 1316 [ 7B2D90BBBBED11C8DFBA441D34AE901E ] NBVol C:\Windows\system32\DRIVERS\NBVol.sys
21:22:00.0113 1316 NBVol - ok
21:22:00.0165 1316 [ 4FE7B5757279D82C4D171E9F7FD52A75 ] NBVolUp C:\Windows\system32\DRIVERS\NBVolUp.sys
21:22:00.0205 1316 NBVolUp - ok
21:22:00.0256 1316 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:22:00.0292 1316 NDIS - ok
21:22:00.0313 1316 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:22:00.0361 1316 NdisCap - ok
21:22:00.0394 1316 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:22:00.0434 1316 NdisTapi - ok
21:22:00.0475 1316 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:22:00.0555 1316 Ndisuio - ok
21:22:00.0574 1316 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:22:00.0622 1316 NdisWan - ok
21:22:00.0657 1316 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:22:00.0709 1316 NDProxy - ok
21:22:00.0736 1316 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:22:00.0781 1316 NetBIOS - ok
21:22:00.0825 1316 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:22:00.0876 1316 NetBT - ok
21:22:00.0888 1316 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
21:22:00.0907 1316 Netlogon - ok
21:22:00.0941 1316 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:22:00.0997 1316 Netman - ok
21:22:01.0015 1316 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:22:01.0074 1316 netprofm - ok
21:22:01.0101 1316 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:22:01.0117 1316 NetTcpPortSharing - ok
21:22:01.0248 1316 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
21:22:01.0359 1316 netw5v64 - ok
21:22:01.0380 1316 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:22:01.0397 1316 nfrd960 - ok
21:22:01.0423 1316 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:22:01.0453 1316 NlaSvc - ok
21:22:01.0481 1316 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:22:01.0521 1316 Npfs - ok
21:22:01.0540 1316 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:22:01.0590 1316 nsi - ok
21:22:01.0608 1316 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:22:01.0654 1316 nsiproxy - ok
21:22:01.0692 1316 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:22:01.0739 1316 Ntfs - ok
21:22:01.0755 1316 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:22:01.0806 1316 Null - ok
21:22:01.0843 1316 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:22:01.0862 1316 nvraid - ok
21:22:01.0901 1316 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:22:01.0920 1316 nvstor - ok
21:22:01.0947 1316 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:22:01.0965 1316 nv_agp - ok
21:22:02.0017 1316 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:22:02.0067 1316 odserv - ok
21:22:02.0091 1316 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:22:02.0127 1316 ohci1394 - ok
21:22:02.0153 1316 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:22:02.0172 1316 ose - ok
21:22:02.0195 1316 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:22:02.0232 1316 p2pimsvc - ok
21:22:02.0255 1316 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:22:02.0281 1316 p2psvc - ok
21:22:02.0306 1316 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:22:02.0325 1316 Parport - ok
21:22:02.0353 1316 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:22:02.0370 1316 partmgr - ok
21:22:02.0380 1316 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:22:02.0420 1316 PcaSvc - ok
21:22:02.0445 1316 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
21:22:02.0464 1316 pci - ok
21:22:02.0478 1316 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
21:22:02.0494 1316 pciide - ok
21:22:02.0514 1316 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:22:02.0534 1316 pcmcia - ok
21:22:02.0553 1316 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:22:02.0570 1316 pcw - ok
21:22:02.0676 1316 [ 20372BE109FEE1C37E2D5216680DB9EB ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
21:22:02.0731 1316 PDF Architect Helper Service - ok
21:22:02.0757 1316 [ B90A279073A815A4AA2C45A09EE004FA ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
21:22:02.0785 1316 PDF Architect Service - ok
21:22:02.0803 1316 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:22:02.0853 1316 PEAUTH - ok
21:22:02.0926 1316 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:22:02.0961 1316 PerfHost - ok
21:22:03.0035 1316 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
21:22:03.0111 1316 pla - ok
21:22:03.0167 1316 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:22:03.0207 1316 PlugPlay - ok
21:22:03.0231 1316 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:22:03.0259 1316 PNRPAutoReg - ok
21:22:03.0279 1316 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:22:03.0301 1316 PNRPsvc - ok
21:22:03.0343 1316 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:22:03.0407 1316 PolicyAgent - ok
21:22:03.0436 1316 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:22:03.0493 1316 Power - ok
21:22:03.0539 1316 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:22:03.0587 1316 PptpMiniport - ok
21:22:03.0611 1316 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:22:03.0640 1316 Processor - ok
21:22:03.0687 1316 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
21:22:03.0715 1316 ProfSvc - ok
21:22:03.0730 1316 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:22:03.0750 1316 ProtectedStorage - ok
21:22:03.0794 1316 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:22:03.0835 1316 Psched - ok
21:22:03.0865 1316 [ DD3FD48D69F5FBBB21D46D1514C1C2DB ] PSI C:\Windows\system32\DRIVERS\psi_mf_amd64.sys
21:22:03.0881 1316 PSI - ok
21:22:03.0934 1316 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:22:03.0995 1316 ql2300 - ok
21:22:04.0021 1316 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:22:04.0040 1316 ql40xx - ok
21:22:04.0065 1316 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:22:04.0101 1316 QWAVE - ok
21:22:04.0126 1316 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:22:04.0148 1316 QWAVEdrv - ok
21:22:04.0161 1316 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:22:04.0209 1316 RasAcd - ok
21:22:04.0229 1316 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:22:04.0281 1316 RasAgileVpn - ok
21:22:04.0311 1316 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:22:04.0354 1316 RasAuto - ok
21:22:04.0389 1316 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:22:04.0435 1316 Rasl2tp - ok
21:22:04.0460 1316 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
21:22:04.0528 1316 RasMan - ok
21:22:04.0548 1316 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:22:04.0598 1316 RasPppoe - ok
21:22:04.0623 1316 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:22:04.0670 1316 RasSstp - ok
21:22:04.0692 1316 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:22:04.0743 1316 rdbss - ok
21:22:04.0760 1316 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:22:04.0793 1316 rdpbus - ok
21:22:04.0816 1316 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:22:04.0857 1316 RDPCDD - ok
21:22:04.0868 1316 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:22:04.0919 1316 RDPENCDD - ok
21:22:04.0931 1316 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:22:04.0971 1316 RDPREFMP - ok
21:22:05.0015 1316 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:22:05.0107 1316 RdpVideoMiniport - ok
21:22:05.0209 1316 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:22:05.0273 1316 RDPWD - ok
21:22:05.0317 1316 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:22:05.0338 1316 rdyboost - ok
21:22:05.0368 1316 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:22:05.0429 1316 RemoteAccess - ok
21:22:05.0455 1316 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:22:05.0507 1316 RemoteRegistry - ok
21:22:05.0558 1316 [ 498EB62A160674E793FA40FD65390625 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
21:22:05.0575 1316 RichVideo - ok
21:22:05.0594 1316 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:22:05.0637 1316 RpcEptMapper - ok
21:22:05.0663 1316 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:22:05.0694 1316 RpcLocator - ok
21:22:05.0733 1316 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
21:22:05.0780 1316 RpcSs - ok
21:22:05.0810 1316 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:22:05.0859 1316 rspndr - ok
21:22:05.0893 1316 [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:22:05.0938 1316 RTL8167 - ok
21:22:05.0946 1316 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
21:22:05.0966 1316 SamSs - ok
21:22:06.0042 1316 [ CCBF62280DAF6D94A4C73E391CDAC68C ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
21:22:06.0089 1316 SbieDrv - ok
21:22:06.0116 1316 [ 8A1F63C6EC01C56C9EC4C681E593FE34 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
21:22:06.0133 1316 SbieSvc - ok
21:22:06.0154 1316 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:22:06.0172 1316 sbp2port - ok
21:22:06.0196 1316 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:22:06.0241 1316 SCardSvr - ok
21:22:06.0280 1316 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:22:06.0365 1316 scfilter - ok
21:22:06.0413 1316 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
21:22:06.0475 1316 Schedule - ok
21:22:06.0513 1316 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:22:06.0552 1316 SCPolicySvc - ok
21:22:06.0581 1316 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
21:22:06.0614 1316 sdbus - ok
21:22:06.0650 1316 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:22:06.0696 1316 SDRSVC - ok
21:22:06.0732 1316 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:22:06.0780 1316 secdrv - ok
21:22:06.0794 1316 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
21:22:06.0843 1316 seclogon - ok
21:22:06.0920 1316 [ E43C0D32FF2D9A72F2D975B83B916964 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
21:22:06.0967 1316 Secunia PSI Agent - ok
21:22:07.0000 1316 [ CB2D183E27D1443F7D4CF10665B2BDED ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
21:22:07.0027 1316 Secunia Update Agent - ok
21:22:07.0049 1316 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
21:22:07.0101 1316 SENS - ok
21:22:07.0121 1316 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:22:07.0141 1316 SensrSvc - ok
21:22:07.0162 1316 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:22:07.0180 1316 Serenum - ok
21:22:07.0198 1316 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:22:07.0225 1316 Serial - ok
21:22:07.0241 1316 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:22:07.0265 1316 sermouse - ok
21:22:07.0306 1316 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
21:22:07.0361 1316 SessionEnv - ok
21:22:07.0380 1316 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:22:07.0409 1316 sffdisk - ok
21:22:07.0419 1316 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:22:07.0445 1316 sffp_mmc - ok
21:22:07.0459 1316 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:22:07.0490 1316 sffp_sd - ok
21:22:07.0505 1316 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:22:07.0524 1316 sfloppy - ok
21:22:07.0556 1316 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:22:07.0609 1316 SharedAccess - ok
21:22:07.0652 1316 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:22:07.0712 1316 ShellHWDetection - ok
21:22:07.0722 1316 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:22:07.0739 1316 SiSRaid2 - ok
21:22:07.0762 1316 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:22:07.0779 1316 SiSRaid4 - ok
21:22:07.0825 1316 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:22:07.0859 1316 SkypeUpdate - ok
21:22:07.0897 1316 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:22:07.0954 1316 Smb - ok
21:22:07.0987 1316 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:22:08.0014 1316 SNMPTRAP - ok
21:22:08.0027 1316 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:22:08.0043 1316 spldr - ok
21:22:08.0089 1316 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
21:22:08.0131 1316 Spooler - ok
21:22:08.0243 1316 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
21:22:08.0352 1316 sppsvc - ok
21:22:08.0372 1316 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:22:08.0423 1316 sppuinotify - ok
21:22:08.0463 1316 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
21:22:08.0506 1316 srv - ok
21:22:08.0515 1316 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:22:08.0550 1316 srv2 - ok
21:22:08.0591 1316 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
21:22:08.0626 1316 SrvHsfHDA - ok
21:22:08.0665 1316 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
21:22:08.0704 1316 SrvHsfV92 - ok
21:22:08.0733 1316 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
21:22:08.0777 1316 SrvHsfWinac - ok
21:22:08.0800 1316 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:22:08.0835 1316 srvnet - ok
21:22:08.0871 1316 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:22:08.0923 1316 SSDPSRV - ok
21:22:08.0934 1316 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:22:08.0978 1316 SstpSvc - ok
21:22:09.0028 1316 [ AD42CA614E086BCADBD53FFFC404AC24 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
21:22:09.0062 1316 ssudmdm - ok
21:22:09.0161 1316 [ 7595D53EE8E8B0BAA9A2DDDE867EBB0C ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
21:22:09.0233 1316 STacSV - ok
21:22:09.0256 1316 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:22:09.0280 1316 stexstor - ok
21:22:09.0334 1316 [ DFFBC024DFC7BB05B2129E05CBC7A201 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
21:22:09.0412 1316 STHDA - ok
21:22:09.0461 1316 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
21:22:09.0510 1316 stisvc - ok
21:22:09.0537 1316 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
21:22:09.0555 1316 swenum - ok
21:22:09.0601 1316 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:22:09.0687 1316 swprv - ok
21:22:09.0717 1316 [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
21:22:09.0739 1316 SynTP - ok
21:22:09.0817 1316 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
21:22:09.0891 1316 SysMain - ok
21:22:09.0928 1316 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:22:09.0979 1316 TabletInputService - ok
21:22:10.0025 1316 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:22:10.0124 1316 TapiSrv - ok
21:22:10.0153 1316 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:22:10.0205 1316 TBS - ok
21:22:10.0297 1316 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:22:10.0362 1316 Tcpip - ok
21:22:10.0394 1316 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:22:10.0437 1316 TCPIP6 - ok
21:22:10.0475 1316 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:22:10.0505 1316 tcpipreg - ok
21:22:10.0532 1316 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:22:10.0557 1316 TDPIPE - ok
21:22:10.0592 1316 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:22:10.0619 1316 TDTCP - ok
21:22:10.0662 1316 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:22:10.0714 1316 tdx - ok
21:22:10.0737 1316 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
21:22:10.0754 1316 TermDD - ok
21:22:10.0806 1316 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
21:22:10.0875 1316 TermService - ok

21:22:10.0973 1316 [ 8F14DE79EBE73D6D717B8455E64DDA86 ] TGCM_ImportWiFiSvc C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
21:22:11.0008 1316 TGCM_ImportWiFiSvc - ok
21:22:11.0031 1316 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:22:11.0063 1316 Themes - ok
21:22:11.0095 1316 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:22:11.0136 1316 THREADORDER - ok
21:22:11.0160 1316 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:22:11.0204 1316 TrkWks - ok
21:22:11.0254 1316 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:22:11.0315 1316 TrustedInstaller - ok
21:22:11.0361 1316 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:22:11.0428 1316 tssecsrv - ok
21:22:11.0467 1316 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:22:11.0485 1316 TsUsbFlt - ok
21:22:11.0504 1316 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:22:11.0564 1316 tunnel - ok
21:22:11.0595 1316 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:22:11.0612 1316 uagp35 - ok
21:22:11.0630 1316 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:22:11.0682 1316 udfs - ok
21:22:11.0713 1316 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:22:11.0743 1316 UI0Detect - ok
21:22:11.0762 1316 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:22:11.0780 1316 uliagpkx - ok
21:22:11.0815 1316 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
21:22:11.0869 1316 umbus - ok
21:22:11.0894 1316 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:22:11.0945 1316 UmPass - ok
21:22:11.0984 1316 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:22:12.0035 1316 upnphost - ok
21:22:12.0068 1316 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:22:12.0090 1316 usbaudio - ok
21:22:12.0131 1316 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:22:12.0158 1316 usbccgp - ok
21:22:12.0181 1316 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:22:12.0203 1316 usbcir - ok
21:22:12.0242 1316 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:22:12.0274 1316 usbehci - ok
21:22:12.0305 1316 [ 44D9C773FEBFF10593B50DDFC2D6BC27 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
21:22:12.0321 1316 usbfilter - ok
21:22:12.0374 1316 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:22:12.0404 1316 usbhub - ok
21:22:12.0421 1316 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
21:22:12.0451 1316 usbohci - ok
21:22:12.0491 1316 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:22:12.0522 1316 usbprint - ok
21:22:12.0543 1316 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:22:12.0564 1316 usbscan - ok
21:22:12.0618 1316 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:22:12.0660 1316 USBSTOR - ok
21:22:12.0677 1316 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:22:12.0709 1316 usbuhci - ok
21:22:12.0745 1316 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
21:22:12.0769 1316 usbvideo - ok
21:22:12.0799 1316 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:22:12.0856 1316 UxSms - ok
21:22:12.0881 1316 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
21:22:12.0900 1316 VaultSvc - ok
21:22:12.0927 1316 [ 47499FE912F0B4E7664F8498F2906F0E ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
21:22:12.0945 1316 VBoxNetAdp - ok
21:22:12.0958 1316 VBoxNetFlt - ok
21:22:12.0979 1316 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:22:12.0995 1316 vdrvroot - ok
21:22:13.0037 1316 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
21:22:13.0098 1316 vds - ok
21:22:13.0119 1316 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:22:13.0140 1316 vga - ok
21:22:13.0155 1316 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:22:13.0201 1316 VgaSave - ok
21:22:13.0226 1316 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:22:13.0246 1316 vhdmp - ok
21:22:13.0275 1316 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
21:22:13.0291 1316 viaide - ok
21:22:13.0299 1316 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:22:13.0317 1316 volmgr - ok
21:22:13.0337 1316 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:22:13.0360 1316 volmgrx - ok
21:22:13.0392 1316 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:22:13.0414 1316 volsnap - ok
21:22:13.0442 1316 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:22:13.0462 1316 vsmraid - ok
21:22:13.0523 1316 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
21:22:13.0590 1316 VSS - ok
21:22:13.0611 1316 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:22:13.0641 1316 vwifibus - ok
21:22:13.0668 1316 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:22:13.0699 1316 vwififlt - ok
21:22:13.0716 1316 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
21:22:13.0739 1316 vwifimp - ok
21:22:13.0766 1316 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:22:13.0835 1316 W32Time - ok
21:22:13.0872 1316 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:22:13.0900 1316 WacomPen - ok
21:22:13.0953 1316 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:22:14.0047 1316 WANARP - ok
21:22:14.0051 1316 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:22:14.0091 1316 Wanarpv6 - ok
21:22:14.0151 1316 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
21:22:14.0193 1316 wbengine - ok
21:22:14.0220 1316 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:22:14.0248 1316 WbioSrvc - ok
21:22:14.0287 1316 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:22:14.0326 1316 wcncsvc - ok
21:22:14.0338 1316 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:22:14.0358 1316 WcsPlugInService - ok
21:22:14.0385 1316 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:22:14.0401 1316 Wd - ok
21:22:14.0450 1316 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:22:14.0483 1316 Wdf01000 - ok
21:22:14.0495 1316 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:22:14.0531 1316 WdiServiceHost - ok
21:22:14.0538 1316 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:22:14.0564 1316 WdiSystemHost - ok
21:22:14.0612 1316 [ E89D463AB373CFACCCBB0645E9AE8154 ] WebCake Desktop Updater C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe
21:22:14.0625 1316 WebCake Desktop Updater ( UnsignedFile.Multi.Generic ) - warning
21:22:14.0625 1316 WebCake Desktop Updater - detected UnsignedFile.Multi.Generic (1)
21:22:14.0673 1316 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
21:22:14.0736 1316 WebClient - ok
21:22:14.0760 1316 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:22:14.0815 1316 Wecsvc - ok
21:22:14.0833 1316 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:22:14.0889 1316 wercplsupport - ok
21:22:14.0921 1316 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:22:14.0982 1316 WerSvc - ok
21:22:15.0010 1316 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:22:15.0050 1316 WfpLwf - ok
21:22:15.0064 1316 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:22:15.0081 1316 WIMMount - ok
21:22:15.0100 1316 WinDefend - ok
21:22:15.0106 1316 WinHttpAutoProxySvc - ok
21:22:15.0158 1316 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:22:15.0224 1316 Winmgmt - ok
21:22:15.0506 1316 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
21:22:15.0585 1316 WinRM - ok
21:22:15.0656 1316 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:22:15.0716 1316 WinUsb - ok
21:22:15.0746 1316 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:22:15.0801 1316 Wlansvc - ok
21:22:15.0839 1316 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:22:15.0871 1316 WmiAcpi - ok
21:22:15.0902 1316 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:22:15.0932 1316 wmiApSrv - ok
21:22:15.0954 1316 WMPNetworkSvc - ok
21:22:15.0982 1316 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:22:16.0003 1316 WPCSvc - ok
21:22:16.0042 1316 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:22:16.0089 1316 WPDBusEnum - ok
21:22:16.0112 1316 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:22:16.0160 1316 ws2ifsl - ok
21:22:16.0187 1316 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
21:22:16.0225 1316 wscsvc - ok
21:22:16.0229 1316 WSearch - ok
21:22:16.0304 1316 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:22:16.0367 1316 wuauserv - ok
21:22:16.0401 1316 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:22:16.0457 1316 WudfPf - ok
21:22:16.0484 1316 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:22:16.0516 1316 WUDFRd - ok
21:22:16.0549 1316 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:22:16.0584 1316 wudfsvc - ok
21:22:16.0620 1316 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
21:22:16.0653 1316 WwanSvc - ok
21:22:16.0690 1316 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
21:22:16.0723 1316 yukonw7 - ok
21:22:16.0765 1316 [ AD6558FBC66691959BA4AC55A57C3921 ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
21:22:16.0801 1316 ZTEusbmdm6k - ok
21:22:16.0824 1316 [ AD6558FBC66691959BA4AC55A57C3921 ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
21:22:16.0843 1316 ZTEusbnmea - ok
21:22:16.0859 1316 [ AD6558FBC66691959BA4AC55A57C3921 ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
21:22:16.0876 1316 ZTEusbser6k - ok
21:22:16.0994 1316 [ 74983ADDCA2D9618512C088D856D6615 ] {55662437-DA8C-40c0-AADA-2C816A897A49} c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
21:22:17.0036 1316 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
21:22:17.0054 1316 ================ Scan global ===============================
21:22:17.0068 1316 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:22:17.0106 1316 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:22:17.0120 1316 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:22:17.0150 1316 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:22:17.0166 1316 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:22:17.0175 1316 [Global] - ok
21:22:17.0175 1316 ================ Scan MBR ==================================
21:22:17.0190 1316 [ A3673A5356641CE5018401BC42D7286C ] \Device\Harddisk0\DR0
21:22:17.0536 1316 \Device\Harddisk0\DR0 - ok
21:22:17.0547 1316 ================ Scan VBR ==================================
21:22:17.0548 1316 [ CC48EE85835CD47CC34DAE84610889FA ] \Device\Harddisk0\DR0\Partition1
21:22:17.0550 1316 \Device\Harddisk0\DR0\Partition1 - ok
21:22:17.0578 1316 [ E6A501A7A22918ABA3047789405B2D3A ] \Device\Harddisk0\DR0\Partition2
21:22:17.0579 1316 \Device\Harddisk0\DR0\Partition2 - ok
21:22:17.0607 1316 [ 858B7EE477227C58BD3ABB87DA56C101 ] \Device\Harddisk0\DR0\Partition3
21:22:17.0609 1316 \Device\Harddisk0\DR0\Partition3 - ok
21:22:17.0621 1316 [ BE80C4F106F9E4CAF13367D2145578EE ] \Device\Harddisk0\DR0\Partition4
21:22:17.0622 1316 \Device\Harddisk0\DR0\Partition4 - ok
21:22:17.0623 1316 ============================================================
21:22:17.0623 1316 Scan finished
21:22:17.0623 1316 ============================================================
21:22:17.0638 4568 Detected object count: 3
21:22:17.0638 4568 Actual detected object count: 3
21:22:45.0055 4568 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe - copied to quarantine
21:22:45.0163 4568 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
21:22:45.0225 4568 C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe - copied to quarantine
21:22:45.0274 4568 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
21:22:45.0315 4568 C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe - copied to quarantine
21:22:45.0330 4568 WebCake Desktop Updater ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
21:23:12.0465 3656 ============================================================
21:23:12.0465 3656 Scan started
21:23:12.0465 3656 Mode: Manual; SigCheck; TDLFS;
21:23:12.0465 3656 ============================================================
21:23:13.0719 3656 ================ Scan system memory ========================
21:23:13.0719 3656 System memory - ok
21:23:13.0725 3656 ================ Scan services =============================
21:23:13.0859 3656 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:23:13.0927 3656 1394ohci - ok
21:23:13.0951 3656 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
21:23:13.0972 3656 Accelerometer - ok
21:23:13.0995 3656 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:23:14.0019 3656 ACPI - ok
21:23:14.0061 3656 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:23:14.0103 3656 AcpiPmi - ok
21:23:14.0245 3656 [ C330710CF95587DCB7806BB6A22CF044 ] ADExchange C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
21:23:14.0280 3656 ADExchange - ok
21:23:14.0358 3656 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:23:14.0396 3656 AdobeARMservice - ok
21:23:14.0500 3656 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:23:14.0519 3656 AdobeFlashPlayerUpdateSvc - ok
21:23:14.0555 3656 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:23:14.0578 3656 adp94xx - ok
21:23:14.0605 3656 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:23:14.0626 3656 adpahci - ok
21:23:14.0648 3656 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:23:14.0667 3656 adpu320 - ok
21:23:14.0691 3656 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:23:14.0732 3656 AeLookupSvc - ok
21:23:14.0816 3656 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
21:23:14.0864 3656 AESTFilters - ok
21:23:14.0920 3656 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
21:23:14.0969 3656 AFD - ok
21:23:14.0996 3656 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
21:23:15.0028 3656 AgereSoftModem - ok
21:23:15.0054 3656 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:23:15.0070 3656 agp440 - ok
21:23:15.0092 3656 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:23:15.0111 3656 ALG - ok
21:23:15.0124 3656 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
21:23:15.0140 3656 aliide - ok
21:23:15.0214 3656 ALSysIO - ok
21:23:15.0252 3656 [ BCC32BF5EBB5DFD4380FA053D3651949 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:23:15.0297 3656 AMD External Events Utility - ok
21:23:15.0310 3656 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
21:23:15.0327 3656 amdide - ok
21:23:15.0351 3656 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:23:15.0369 3656 AmdK8 - ok
21:23:15.0386 3656 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:23:15.0405 3656 AmdPPM - ok
21:23:15.0435 3656 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:23:15.0452 3656 amdsata - ok
21:23:15.0468 3656 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:23:15.0487 3656 amdsbs - ok
21:23:15.0501 3656 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:23:15.0517 3656 amdxata - ok
21:23:15.0557 3656 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
21:23:15.0596 3656 AppID - ok
21:23:15.0615 3656 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:23:15.0656 3656 AppIDSvc - ok
21:23:15.0690 3656 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
21:23:15.0708 3656 Appinfo - ok
21:23:15.0724 3656 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
21:23:15.0742 3656 arc - ok
21:23:15.0790 3656 [ 0F38B8225C393FD63F4C6097622821D4 ] ArcCtrl C:\Windows\system32\drivers\ArcCtrl.sys
21:23:15.0818 3656 ArcCtrl - ok
21:23:15.0843 3656 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:23:15.0860 3656 arcsas - ok
21:23:15.0882 3656 [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
21:23:15.0899 3656 aswFsBlk - ok
21:23:15.0917 3656 [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
21:23:15.0934 3656 aswMonFlt - ok
21:23:15.0950 3656 [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
21:23:15.0968 3656 aswRdr - ok
21:23:15.0993 3656 [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
21:23:16.0010 3656 aswRvrt - ok
21:23:16.0048 3656 [ 10ED1CAB84AA65983C41A11F60294C9B ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
21:23:16.0084 3656 aswSnx - ok
21:23:16.0116 3656 [ 00E5253353717D3CA12A0F5A6F9991EC ] aswSP C:\Windows\system32\drivers\aswSP.sys
21:23:16.0140 3656 aswSP - ok
21:23:16.0165 3656 [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
21:23:16.0183 3656 aswTdi - ok
21:23:16.0194 3656 [ 6359B99C955DB9F40B653159A0EED261 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
21:23:16.0214 3656 aswVmm - ok
21:23:16.0232 3656 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:23:16.0273 3656 AsyncMac - ok
21:23:16.0291 3656 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
21:23:16.0308 3656 atapi - ok
21:23:16.0407 3656 [ B4421D8CDADC441F76BA39532A3E3414 ] athr C:\Windows\system32\DRIVERS\athrx.sys
21:23:16.0481 3656 athr - ok
21:23:16.0517 3656 [ 3B9014FB7CE9E20FD726321C7DB7D8B0 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
21:23:16.0535 3656 AtiHdmiService - ok
21:23:16.0684 3656 [ A29087680A1C3B049E3C05438E8FF2B8 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:23:16.0774 3656 atikmdag - ok
21:23:16.0790 3656 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
21:23:16.0805 3656 AtiPcie - ok
21:23:16.0852 3656 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:23:16.0919 3656 AudioEndpointBuilder - ok
21:23:16.0930 3656 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:23:16.0976 3656 AudioSrv - ok
21:23:17.0039 3656 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:23:17.0075 3656 avast! Antivirus - ok
21:23:17.0121 3656 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:23:17.0168 3656 AxInstSV - ok
21:23:17.0195 3656 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
21:23:17.0232 3656 b06bdrv - ok
21:23:17.0263 3656 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:23:17.0285 3656 b57nd60a - ok
21:23:17.0313 3656 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:23:17.0337 3656 BDESVC - ok
21:23:17.0347 3656 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:23:17.0387 3656 Beep - ok
21:23:17.0439 3656 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
21:23:17.0515 3656 BFE - ok
21:23:17.0584 3656 [ 85D5E6AC46A2AE4672C1AC813AE45B95 ] BingDesktopUpdate C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
21:23:17.0624 3656 BingDesktopUpdate - ok
21:23:17.0675 3656 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
21:23:17.0765 3656 BITS - ok
21:23:17.0781 3656 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:23:17.0799 3656 blbdrive - ok
21:23:17.0838 3656 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:23:17.0859 3656 bowser - ok
21:23:17.0876 3656 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:23:17.0897 3656 BrFiltLo - ok
21:23:17.0911 3656 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:23:17.0932 3656 BrFiltUp - ok
21:23:17.0955 3656 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
21:23:17.0997 3656 BridgeMP - ok
21:23:18.0028 3656 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
21:23:18.0050 3656 Browser - ok
21:23:18.0206 3656 [ 013A330F16B1CECBDE5CB6F921689523 ] BrowserDefendert C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
21:23:18.0265 3656 BrowserDefendert - ok
21:23:18.0296 3656 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:23:18.0319 3656 Brserid - ok
21:23:18.0344 3656 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:23:18.0366 3656 BrSerWdm - ok
21:23:18.0395 3656 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:23:18.0418 3656 BrUsbMdm - ok
21:23:18.0435 3656 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:23:18.0453 3656 BrUsbSer - ok
21:23:18.0473 3656 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:23:18.0500 3656 BTHMODEM - ok
21:23:18.0529 3656 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:23:18.0570 3656 bthserv - ok
21:23:18.0579 3656 catchme - ok
21:23:18.0601 3656 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:23:18.0643 3656 cdfs - ok
21:23:18.0667 3656 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:23:18.0687 3656 cdrom - ok
21:23:18.0729 3656 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
21:23:18.0770 3656 CertPropSvc - ok
21:23:18.0777 3656 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:23:18.0799 3656 circlass - ok
21:23:18.0813 3656 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:23:18.0837 3656 CLFS - ok
21:23:18.0892 3656 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:23:18.0930 3656 clr_optimization_v2.0.50727_32 - ok
21:23:18.0964 3656 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:23:18.0988 3656 clr_optimization_v2.0.50727_64 - ok
21:23:19.0064 3656 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:23:19.0105 3656 clr_optimization_v4.0.30319_32 - ok
21:23:19.0150 3656 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:23:19.0168 3656 clr_optimization_v4.0.30319_64 - ok
21:23:19.0188 3656 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:23:19.0207 3656 CmBatt - ok
21:23:19.0240 3656 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:23:19.0257 3656 cmdide - ok
21:23:19.0330 3656 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
21:23:19.0437 3656 CNG - ok
21:23:19.0453 3656 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:23:19.0470 3656 Compbatt - ok
21:23:19.0493 3656 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:23:19.0515 3656 CompositeBus - ok
21:23:19.0519 3656 COMSysApp - ok
21:23:19.0544 3656 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:23:19.0561 3656 crcdisk - ok
21:23:19.0604 3656 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:23:19.0631 3656 CryptSvc - ok
21:23:19.0680 3656 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:23:19.0751 3656 DcomLaunch - ok
21:23:19.0776 3656 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:23:19.0823 3656 defragsvc - ok
21:23:19.0857 3656 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:23:19.0897 3656 DfsC - ok
21:23:19.0933 3656 [ 388039F99CE8769024EE0438352ACA99 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
21:23:19.0951 3656 dg_ssudbus - ok
21:23:19.0967 3656 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
21:23:19.0995 3656 Dhcp - ok
21:23:20.0019 3656 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:23:20.0060 3656 discache - ok
21:23:20.0073 3656 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:23:20.0091 3656 Disk - ok
21:23:20.0132 3656 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:23:20.0180 3656 Dnscache - ok
21:23:20.0223 3656 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:23:20.0287 3656 dot3svc - ok
21:23:20.0323 3656 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
21:23:20.0365 3656 DPS - ok
21:23:20.0378 3656 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:23:20.0398 3656 drmkaud - ok
21:23:20.0448 3656 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:23:20.0482 3656 DXGKrnl - ok
21:23:20.0507 3656 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:23:20.0550 3656 EapHost - ok
21:23:20.0638 3656 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
21:23:20.0704 3656 ebdrv - ok
21:23:20.0739 3656 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
21:23:20.0758 3656 EFS - ok
21:23:20.0825 3656 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:23:20.0870 3656 ehRecvr - ok
21:23:20.0892 3656 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:23:20.0996 3656 ehSched - ok
21:23:21.0031 3656 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:23:21.0058 3656 elxstor - ok
21:23:21.0081 3656 [ 524C79054636D2E5751169005006460B ] enecir C:\Windows\system32\DRIVERS\enecir.sys
21:23:21.0100 3656 enecir - ok
21:23:21.0116 3656 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:23:21.0134 3656 ErrDev - ok
21:23:21.0163 3656 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:23:21.0210 3656 EventSystem - ok
21:23:21.0215 3656 ewusbnet - ok
21:23:21.0246 3656 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:23:21.0289 3656 exfat - ok
21:23:21.0296 3656 ezSharedSvc - ok
21:23:21.0314 3656 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:23:21.0357 3656 fastfat - ok
21:23:21.0401 3656 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
21:23:21.0441 3656 Fax - ok
21:23:21.0456 3656 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:23:21.0474 3656 fdc - ok
21:23:21.0492 3656 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:23:21.0535 3656 fdPHost - ok
21:23:21.0545 3656 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:23:21.0586 3656 FDResPub - ok
21:23:21.0613 3656 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:23:21.0630 3656 FileInfo - ok
21:23:21.0639 3656 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:23:21.0679 3656 Filetrace - ok
21:23:21.0692 3656 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:23:21.0710 3656 flpydisk - ok
21:23:21.0749 3656 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:23:21.0781 3656 FltMgr - ok
21:23:21.0814 3656 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
21:23:21.0856 3656 FontCache - ok
21:23:21.0911 3656 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:23:21.0949 3656 FontCache3.0.0.0 - ok
21:23:21.0981 3656 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:23:22.0017 3656 FsDepends - ok
21:23:22.0055 3656 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:23:22.0073 3656 Fs_Rec - ok
21:23:22.0109 3656 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:23:22.0134 3656 fvevol - ok
21:23:22.0157 3656 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:23:22.0175 3656 gagp30kx - ok
21:23:22.0216 3656 [ C1BBCE4B30B45410178EE674C818D10C ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
21:23:22.0235 3656 GameConsoleService - ok
21:23:22.0276 3656 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
21:23:22.0327 3656 gpsvc - ok
21:23:22.0396 3656 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:23:22.0434 3656 gupdate - ok
21:23:22.0439 3656 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:23:22.0455 3656 gupdatem - ok
21:23:22.0478 3656 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:23:22.0507 3656 hcw85cir - ok
21:23:22.0543 3656 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:23:22.0569 3656 HdAudAddService - ok
21:23:22.0596 3656 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
21:23:22.0619 3656 HDAudBus - ok
21:23:22.0630 3656 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:23:22.0648 3656 HidBatt - ok
21:23:22.0668 3656 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:23:22.0690 3656 HidBth - ok
21:23:22.0713 3656 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:23:22.0734 3656 HidIr - ok
21:23:22.0759 3656 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
21:23:22.0800 3656 hidserv - ok
21:23:22.0826 3656 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:23:22.0844 3656 HidUsb - ok
21:23:22.0876 3656 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:23:22.0917 3656 hkmsvc - ok
21:23:22.0958 3656 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:23:22.0984 3656 HomeGroupListener - ok
21:23:23.0023 3656 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:23:23.0045 3656 HomeGroupProvider - ok
21:23:23.0109 3656 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
21:23:23.0124 3656 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - warning
21:23:23.0124 3656 HP Support Assistant Service - detected UnsignedFile.Multi.Generic (1)
21:23:23.0138 3656 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
21:23:23.0163 3656 hpdskflt - ok
21:23:23.0176 3656 [ 9AF482D058BE59CC28BCE52E7C4B747C ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
21:23:23.0199 3656 HpqKbFiltr - ok
21:23:23.0265 3656 [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
21:23:23.0308 3656 hpqwmiex - ok
21:23:23.0330 3656 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:23:23.0347 3656 HpSAMD - ok
21:23:23.0365 3656 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
21:23:23.0382 3656 hpsrv - ok
21:23:23.0419 3656 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:23:23.0469 3656 HTTP - ok
21:23:23.0476 3656 hwdatacard - ok
21:23:23.0510 3656 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:23:23.0547 3656 hwpolicy - ok
21:23:23.0554 3656 hwusbdev - ok
21:23:23.0576 3656 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:23:23.0595 3656 i8042prt - ok
21:23:23.0634 3656 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:23:23.0675 3656 iaStorV - ok
21:23:23.0727 3656 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:23:23.0793 3656 idsvc - ok
21:23:23.0949 3656 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
21:23:24.0061 3656 igfx - ok
21:23:24.0080 3656 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:23:24.0096 3656 iirsp - ok
21:23:24.0140 3656 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
21:23:24.0192 3656 IKEEXT - ok
21:23:24.0222 3656 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
21:23:24.0239 3656 intelide - ok
21:23:24.0255 3656 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:23:24.0274 3656 intelppm - ok
21:23:24.0296 3656 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:23:24.0339 3656 IPBusEnum - ok
21:23:24.0353 3656 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:23:24.0392 3656 IpFilterDriver - ok
21:23:24.0467 3656 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:23:24.0514 3656 iphlpsvc - ok
21:23:24.0544 3656 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:23:24.0563 3656 IPMIDRV - ok
21:23:24.0588 3656 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:23:24.0629 3656 IPNAT - ok
21:23:24.0643 3656 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:23:24.0665 3656 IRENUM - ok
21:23:24.0674 3656 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:23:24.0690 3656 isapnp - ok
21:23:24.0702 3656 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:23:24.0723 3656 iScsiPrt - ok
21:23:24.0752 3656 [ F8844B00C10E386C704C610E95A9847D ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
21:23:24.0786 3656 JMCR - ok
21:23:24.0803 3656 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
21:23:24.0820 3656 kbdclass - ok
21:23:24.0836 3656 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
21:23:24.0855 3656 kbdhid - ok
21:23:24.0864 3656 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
21:23:24.0883 3656 KeyIso - ok
21:23:24.0920 3656 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:23:24.0957 3656 KSecDD - ok
21:23:24.0976 3656 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:23:24.0996 3656 KSecPkg - ok
21:23:25.0010 3656 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:23:25.0054 3656 ksthunk - ok
21:23:25.0080 3656 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:23:25.0128 3656 KtmRm - ok
21:23:25.0171 3656 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
21:23:25.0237 3656 LanmanServer - ok
21:23:25.0274 3656 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:23:25.0318 3656 LanmanWorkstation - ok
21:23:25.0354 3656 [ C34411A244029F1C08687F7C752C4563 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
21:23:25.0360 3656 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
21:23:25.0360 3656 LightScribeService - detected UnsignedFile.Multi.Generic (1)
21:23:25.0372 3656 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:23:25.0413 3656 lltdio - ok
21:23:25.0444 3656 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:23:25.0490 3656 lltdsvc - ok
21:23:25.0506 3656 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:23:25.0549 3656 lmhosts - ok
21:23:25.0575 3656 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:23:25.0593 3656 LSI_FC - ok
21:23:25.0615 3656 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:23:25.0633 3656 LSI_SAS - ok
21:23:25.0643 3656 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:23:25.0660 3656 LSI_SAS2 - ok
21:23:25.0674 3656 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:23:25.0692 3656 LSI_SCSI - ok
21:23:25.0712 3656 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:23:25.0754 3656 luafv - ok
21:23:25.0758 3656 lxdn_device - ok
21:23:25.0787 3656 [ 1B4DBCAA0321BBB76255983148051F09 ] massfilter C:\Windows\system32\drivers\massfilter.sys
21:23:25.0817 3656 massfilter - ok
21:23:25.0834 3656 [ 7AD627CDB12F5F451F24C8A97CA6E175 ] massfilter_hs C:\Windows\system32\drivers\massfilter_hs.sys
21:23:25.0858 3656 massfilter_hs - ok
21:23:25.0909 3656 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
21:23:25.0944 3656 McComponentHostService - ok
21:23:25.0979 3656 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:23:25.0999 3656 Mcx2Svc - ok
21:23:26.0020 3656 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:23:26.0037 3656 megasas - ok
21:23:26.0059 3656 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:23:26.0081 3656 MegaSR - ok
21:23:26.0103 3656 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:23:26.0144 3656 MMCSS - ok
21:23:26.0170 3656 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:23:26.0210 3656 Modem - ok
21:23:26.0225 3656 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:23:26.0246 3656 monitor - ok
21:23:26.0268 3656 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:23:26.0286 3656 mouclass - ok
21:23:26.0300 3656 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:23:26.0319 3656 mouhid - ok
21:23:26.0359 3656 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:23:26.0396 3656 mountmgr - ok
21:23:26.0446 3656 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:23:26.0464 3656 MozillaMaintenance - ok
21:23:26.0486 3656 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
21:23:26.0506 3656 mpio - ok
21:23:26.0514 3656 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:23:26.0556 3656 mpsdrv - ok
21:23:26.0613 3656 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:23:26.0677 3656 MpsSvc - ok
21:23:26.0693 3656 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:23:26.0718 3656 MRxDAV - ok
21:23:26.0757 3656 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:23:26.0801 3656 mrxsmb - ok
21:23:26.0842 3656 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:23:26.0894 3656 mrxsmb10 - ok
21:23:26.0910 3656 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:23:26.0931 3656 mrxsmb20 - ok
21:23:26.0956 3656 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
21:23:26.0972 3656 msahci - ok
21:23:26.0996 3656 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:23:27.0015 3656 msdsm - ok
21:23:27.0030 3656 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:23:27.0053 3656 MSDTC - ok
21:23:27.0081 3656 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:23:27.0121 3656 Msfs - ok
21:23:27.0130 3656 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:23:27.0170 3656 mshidkmdf - ok
21:23:27.0183 3656 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:23:27.0199 3656 msisadrv - ok
21:23:27.0224 3656 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:23:27.0268 3656 MSiSCSI - ok
21:23:27.0272 3656 msiserver - ok
21:23:27.0288 3656 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:23:27.0329 3656 MSKSSRV - ok
21:23:27.0340 3656 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:23:27.0381 3656 MSPCLOCK - ok
21:23:27.0395 3656 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:23:27.0435 3656 MSPQM - ok
21:23:27.0477 3656 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:23:27.0515 3656 MsRPC - ok
21:23:27.0545 3656 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:23:27.0562 3656 mssmbios - ok
21:23:27.0568 3656 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:23:27.0609 3656 MSTEE - ok
21:23:27.0630 3656 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:23:27.0648 3656 MTConfig - ok
21:23:27.0670 3656 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:23:27.0687 3656 Mup - ok
21:23:27.0736 3656 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
21:23:27.0783 3656 napagent - ok
21:23:27.0796 3656 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:23:27.0823 3656 NativeWifiP - ok
21:23:27.0862 3656 [ 7B2D90BBBBED11C8DFBA441D34AE901E ] NBVol C:\Windows\system32\DRIVERS\NBVol.sys
21:23:27.0898 3656 NBVol - ok
21:23:27.0933 3656 [ 4FE7B5757279D82C4D171E9F7FD52A75 ] NBVolUp C:\Windows\system32\DRIVERS\NBVolUp.sys
21:23:27.0956 3656 NBVolUp - ok
21:23:28.0009 3656 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:23:28.0052 3656 NDIS - ok
21:23:28.0064 3656 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:23:28.0105 3656 NdisCap - ok
21:23:28.0128 3656 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:23:28.0169 3656 NdisTapi - ok
21:23:28.0201 3656 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:23:28.0240 3656 Ndisuio - ok
21:23:28.0251 3656 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:23:28.0291 3656 NdisWan - ok
21:23:28.0334 3656 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:23:28.0373 3656 NDProxy - ok
21:23:28.0387 3656 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:23:28.0429 3656 NetBIOS - ok
21:23:28.0476 3656 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:23:28.0518 3656 NetBT - ok
21:23:28.0531 3656 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
21:23:28.0550 3656 Netlogon - ok
21:23:28.0584 3656 [ 847D3AE376C0817161A14A82C8922A9E ] Netman

Tobi1985K 08.06.2013 20:30
C:\Windows\System32\netman.dll
21:23:28.0631 3656 Netman - ok
21:23:28.0650 3656 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:23:28.0698 3656 netprofm - ok
21:23:28.0727 3656 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:23:28.0743 3656 NetTcpPortSharing - ok
21:23:28.0870 3656 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
21:23:28.0972 3656 netw5v64 - ok
21:23:28.0998 3656 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:23:29.0014 3656 nfrd960 - ok
21:23:29.0033 3656 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:23:29.0057 3656 NlaSvc - ok
21:23:29.0082 3656 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:23:29.0122 3656 Npfs - ok
21:23:29.0141 3656 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:23:29.0183 3656 nsi - ok
21:23:29.0193 3656 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:23:29.0232 3656 nsiproxy - ok
21:23:29.0298 3656 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:23:29.0346 3656 Ntfs - ok
21:23:29.0357 3656 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:23:29.0397 3656 Null - ok
21:23:29.0437 3656 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:23:29.0492 3656 nvraid - ok
21:23:29.0556 3656 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:23:29.0676 3656 nvstor - ok
21:23:29.0698 3656 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:23:29.0717 3656 nv_agp - ok
21:23:29.0768 3656 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:23:29.0805 3656 odserv - ok
21:23:29.0834 3656 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:23:29.0853 3656 ohci1394 - ok
21:23:29.0880 3656 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:23:29.0897 3656 ose - ok
21:23:29.0922 3656 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:23:29.0950 3656 p2pimsvc - ok
21:23:29.0973 3656 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:23:29.0998 3656 p2psvc - ok
21:23:30.0024 3656 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:23:30.0043 3656 Parport - ok
21:23:30.0071 3656 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:23:30.0088 3656 partmgr - ok
21:23:30.0098 3656 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:23:30.0125 3656 PcaSvc - ok
21:23:30.0146 3656 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
21:23:30.0165 3656 pci - ok
21:23:30.0179 3656 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
21:23:30.0195 3656 pciide - ok
21:23:30.0215 3656 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:23:30.0235 3656 pcmcia - ok
21:23:30.0255 3656 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:23:30.0272 3656 pcw - ok
21:23:30.0369 3656 [ 20372BE109FEE1C37E2D5216680DB9EB ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
21:23:30.0412 3656 PDF Architect Helper Service - ok
21:23:30.0433 3656 [ B90A279073A815A4AA2C45A09EE004FA ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
21:23:30.0461 3656 PDF Architect Service - ok
21:23:30.0480 3656 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:23:30.0530 3656 PEAUTH - ok
21:23:30.0610 3656 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:23:30.0631 3656 PerfHost - ok
21:23:30.0705 3656 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
21:23:30.0772 3656 pla - ok
21:23:30.0810 3656 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:23:30.0845 3656 PlugPlay - ok
21:23:30.0874 3656 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:23:30.0894 3656 PNRPAutoReg - ok
21:23:30.0905 3656 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:23:30.0928 3656 PNRPsvc - ok
21:23:30.0969 3656 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:23:31.0017 3656 PolicyAgent - ok
21:23:31.0046 3656 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:23:31.0091 3656 Power - ok
21:23:31.0133 3656 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:23:31.0186 3656 PptpMiniport - ok
21:23:31.0212 3656 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:23:31.0231 3656 Processor - ok
21:23:31.0264 3656 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
21:23:31.0292 3656 ProfSvc - ok
21:23:31.0306 3656 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:23:31.0325 3656 ProtectedStorage - ok
21:23:31.0338 3656 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:23:31.0378 3656 Psched - ok
21:23:31.0400 3656 [ DD3FD48D69F5FBBB21D46D1514C1C2DB ] PSI C:\Windows\system32\DRIVERS\psi_mf_amd64.sys
21:23:31.0416 3656 PSI - ok
21:23:31.0461 3656 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:23:31.0505 3656 ql2300 - ok
21:23:31.0531 3656 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:23:31.0551 3656 ql40xx - ok
21:23:31.0575 3656 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:23:31.0602 3656 QWAVE - ok
21:23:31.0619 3656 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:23:31.0641 3656 QWAVEdrv - ok
21:23:31.0654 3656 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:23:31.0694 3656 RasAcd - ok
21:23:31.0713 3656 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:23:31.0754 3656 RasAgileVpn - ok
21:23:31.0762 3656 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:23:31.0806 3656 RasAuto - ok
21:23:31.0840 3656 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:23:31.0881 3656 Rasl2tp - ok
21:23:31.0894 3656 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
21:23:31.0940 3656 RasMan - ok
21:23:31.0958 3656 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:23:31.0999 3656 RasPppoe - ok
21:23:32.0016 3656 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:23:32.0057 3656 RasSstp - ok
21:23:32.0068 3656 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:23:32.0111 3656 rdbss - ok
21:23:32.0128 3656 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:23:32.0148 3656 rdpbus - ok
21:23:32.0159 3656 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:23:32.0200 3656 RDPCDD - ok
21:23:32.0211 3656 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:23:32.0251 3656 RDPENCDD - ok
21:23:32.0265 3656 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:23:32.0307 3656 RDPREFMP - ok
21:23:32.0333 3656 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:23:32.0361 3656 RdpVideoMiniport - ok
21:23:32.0401 3656 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:23:32.0434 3656 RDPWD - ok
21:23:32.0468 3656 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:23:32.0489 3656 rdyboost - ok
21:23:32.0511 3656 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:23:32.0555 3656 RemoteAccess - ok
21:23:32.0581 3656 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:23:32.0627 3656 RemoteRegistry - ok
21:23:32.0678 3656 [ 498EB62A160674E793FA40FD65390625 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
21:23:32.0726 3656 RichVideo - ok
21:23:32.0752 3656 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:23:32.0813 3656 RpcEptMapper - ok
21:23:32.0840 3656 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:23:32.0860 3656 RpcLocator - ok
21:23:32.0901 3656 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
21:23:32.0969 3656 RpcSs - ok
21:23:32.0995 3656 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:23:33.0036 3656 rspndr - ok
21:23:33.0061 3656 [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:23:33.0089 3656 RTL8167 - ok
21:23:33.0098 3656 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
21:23:33.0117 3656 SamSs - ok
21:23:33.0166 3656 [ CCBF62280DAF6D94A4C73E391CDAC68C ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
21:23:33.0189 3656 SbieDrv - ok
21:23:33.0200 3656 [ 8A1F63C6EC01C56C9EC4C681E593FE34 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
21:23:33.0218 3656 SbieSvc - ok
21:23:33.0239 3656 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:23:33.0257 3656 sbp2port - ok
21:23:33.0281 3656 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:23:33.0327 3656 SCardSvr - ok
21:23:33.0364 3656 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:23:33.0403 3656 scfilter - ok
21:23:33.0463 3656 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
21:23:33.0546 3656 Schedule - ok
21:23:33.0588 3656 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:23:33.0627 3656 SCPolicySvc - ok
21:23:33.0648 3656 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
21:23:33.0670 3656 sdbus - ok
21:23:33.0709 3656 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:23:33.0768 3656 SDRSVC - ok
21:23:33.0800 3656 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:23:33.0843 3656 secdrv - ok
21:23:33.0853 3656 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
21:23:33.0895 3656 seclogon - ok
21:23:33.0953 3656 [ E43C0D32FF2D9A72F2D975B83B916964 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
21:23:33.0988 3656 Secunia PSI Agent - ok
21:23:34.0010 3656 [ CB2D183E27D1443F7D4CF10665B2BDED ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
21:23:34.0037 3656 Secunia Update Agent - ok
21:23:34.0058 3656 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
21:23:34.0103 3656 SENS - ok
21:23:34.0130 3656 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:23:34.0159 3656 SensrSvc - ok
21:23:34.0180 3656 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:23:34.0198 3656 Serenum - ok
21:23:34.0215 3656 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:23:34.0235 3656 Serial - ok
21:23:34.0250 3656 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:23:34.0268 3656 sermouse - ok
21:23:34.0317 3656 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
21:23:34.0378 3656 SessionEnv - ok
21:23:34.0398 3656 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:23:34.0426 3656 sffdisk - ok
21:23:34.0437 3656 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:23:34.0455 3656 sffp_mmc - ok
21:23:34.0468 3656 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:23:34.0489 3656 sffp_sd - ok
21:23:34.0498 3656 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:23:34.0516 3656 sfloppy - ok
21:23:34.0549 3656 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:23:34.0596 3656 SharedAccess - ok
21:23:34.0642 3656 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:23:34.0716 3656 ShellHWDetection - ok
21:23:34.0732 3656 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:23:34.0749 3656 SiSRaid2 - ok
21:23:34.0771 3656 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:23:34.0789 3656 SiSRaid4 - ok
21:23:34.0817 3656 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:23:34.0836 3656 SkypeUpdate - ok
21:23:34.0857 3656 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:23:34.0899 3656 Smb - ok
21:23:34.0922 3656 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:23:34.0943 3656 SNMPTRAP - ok
21:23:34.0953 3656 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:23:34.0970 3656 spldr - ok
21:23:35.0020 3656 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
21:23:35.0067 3656 Spooler - ok
21:23:35.0160 3656 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
21:23:35.0254 3656 sppsvc - ok
21:23:35.0273 3656 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:23:35.0317 3656 sppuinotify - ok
21:23:35.0355 3656 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
21:23:35.0391 3656 srv - ok
21:23:35.0400 3656 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:23:35.0423 3656 srv2 - ok
21:23:35.0450 3656 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
21:23:35.0473 3656 SrvHsfHDA - ok
21:23:35.0507 3656 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
21:23:35.0549 3656 SrvHsfV92 - ok
21:23:35.0576 3656 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
21:23:35.0605 3656 SrvHsfWinac - ok
21:23:35.0626 3656 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:23:35.0645 3656 srvnet - ok
21:23:35.0672 3656 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:23:35.0717 3656 SSDPSRV - ok
21:23:35.0727 3656 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:23:35.0771 3656 SstpSvc - ok
21:23:35.0811 3656 [ AD42CA614E086BCADBD53FFFC404AC24 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
21:23:35.0849 3656 ssudmdm - ok
21:23:35.0946 3656 [ 7595D53EE8E8B0BAA9A2DDDE867EBB0C ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
21:23:35.0994 3656 STacSV - ok
21:23:36.0015 3656 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:23:36.0040 3656 stexstor - ok
21:23:36.0074 3656 [ DFFBC024DFC7BB05B2129E05CBC7A201 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
21:23:36.0110 3656 STHDA - ok
21:23:36.0157 3656 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
21:23:36.0199 3656 stisvc - ok
21:23:36.0222 3656 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
21:23:36.0238 3656 swenum - ok
21:23:36.0265 3656 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:23:36.0316 3656 swprv - ok
21:23:36.0343 3656 [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
21:23:36.0366 3656 SynTP - ok
21:23:36.0443 3656 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
21:23:36.0511 3656 SysMain - ok
21:23:36.0554 3656 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:23:36.0580 3656 TabletInputService - ok
21:23:36.0635 3656 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:23:36.0722 3656 TapiSrv - ok
21:23:36.0754 3656 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:23:36.0814 3656 TBS - ok
21:23:36.0891 3656 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:23:36.0948 3656 Tcpip - ok
21:23:36.0974 3656 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:23:37.0019 3656 TCPIP6 - ok
21:23:37.0051 3656 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:23:37.0070 3656 tcpipreg - ok
21:23:37.0100 3656 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:23:37.0130 3656 TDPIPE - ok
21:23:37.0168 3656 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:23:37.0204 3656 TDTCP - ok
21:23:37.0247 3656 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:23:37.0298 3656 tdx - ok
21:23:37.0322 3656 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
21:23:37.0339 3656 TermDD - ok
21:23:37.0391 3656 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
21:23:37.0469 3656 TermService - ok
21:23:37.0532 3656 [ 8F14DE79EBE73D6D717B8455E64DDA86 ] TGCM_ImportWiFiSvc C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
21:23:37.0570 3656 TGCM_ImportWiFiSvc - ok
21:23:37.0599 3656 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:23:37.0624 3656 Themes - ok
21:23:37.0646 3656 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:23:37.0688 3656 THREADORDER - ok
21:23:37.0703 3656 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:23:37.0749 3656 TrkWks - ok
21:23:37.0797 3656 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:23:37.0874 3656 TrustedInstaller - ok
21:23:37.0921 3656 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:23:37.0994 3656 tssecsrv - ok
21:23:38.0019 3656 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:23:38.0045 3656 TsUsbFlt - ok
21:23:38.0055 3656 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:23:38.0100 3656 tunnel - ok
21:23:38.0129 3656 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:23:38.0147 3656 uagp35 - ok
21:23:38.0164 3656 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:23:38.0209 3656 udfs - ok
21:23:38.0231 3656 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:23:38.0254 3656 UI0Detect - ok
21:23:38.0263 3656 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:23:38.0281 3656 uliagpkx - ok
21:23:38.0308 3656 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
21:23:38.0327 3656 umbus - ok
21:23:38.0345 3656 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:23:38.0365 3656 UmPass - ok
21:23:38.0394 3656 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:23:38.0443 3656 upnphost - ok
21:23:38.0477 3656 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:23:38.0503 3656 usbaudio - ok
21:23:38.0541 3656 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:23:38.0569 3656 usbccgp - ok
21:23:38.0583 3656 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:23:38.0605 3656 usbcir - ok
21:23:38.0644 3656 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:23:38.0661 3656 usbehci - ok
21:23:38.0690 3656 [ 44D9C773FEBFF10593B50DDFC2D6BC27 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
21:23:38.0707 3656 usbfilter - ok
21:23:38.0751 3656 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:23:38.0796 3656 usbhub - ok
21:23:38.0806 3656 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
21:23:38.0826 3656 usbohci - ok
21:23:38.0851 3656 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:23:38.0873 3656 usbprint - ok
21:23:38.0903 3656 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:23:38.0924 3656 usbscan - ok
21:23:38.0961 3656 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:23:39.0020 3656 USBSTOR - ok
21:23:39.0036 3656 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:23:39.0056 3656 usbuhci - ok
21:23:39.0080 3656 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
21:23:39.0104 3656 usbvideo - ok
21:23:39.0133 3656 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:23:39.0177 3656 UxSms - ok
21:23:39.0182 3656 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
21:23:39.0201 3656 VaultSvc - ok
21:23:39.0237 3656 [ 47499FE912F0B4E7664F8498F2906F0E ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
21:23:39.0256 3656 VBoxNetAdp - ok
21:23:39.0260 3656 VBoxNetFlt - ok
21:23:39.0272 3656 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:23:39.0289 3656 vdrvroot - ok
21:23:39.0335 3656 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
21:23:39.0423 3656 vds - ok
21:23:39.0446 3656 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:23:39.0467 3656 vga - ok
21:23:39.0481 3656 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:23:39.0522 3656 VgaSave - ok
21:23:39.0553 3656 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:23:39.0573 3656 vhdmp - ok
21:23:39.0601 3656 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
21:23:39.0618 3656 viaide - ok
21:23:39.0634 3656 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:23:39.0652 3656 volmgr - ok
21:23:39.0672 3656 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:23:39.0695 3656 volmgrx - ok
21:23:39.0727 3656 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:23:39.0772 3656 volsnap - ok
21:23:39.0794 3656 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:23:39.0871 3656 vsmraid - ok
21:23:39.0946 3656 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
21:23:40.0033 3656 VSS - ok
21:23:40.0054 3656 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:23:40.0075 3656 vwifibus - ok
21:23:40.0086 3656 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:23:40.0109 3656 vwififlt - ok
21:23:40.0114 3656 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
21:23:40.0137 3656 vwifimp - ok
21:23:40.0167 3656 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:23:40.0215 3656 W32Time - ok
21:23:40.0240 3656 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:23:40.0259 3656 WacomPen - ok
21:23:40.0295 3656 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:23:40.0336 3656 WANARP - ok
21:23:40.0340 3656 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:23:40.0380 3656 Wanarpv6 - ok
21:23:40.0456 3656 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
21:23:40.0517 3656 wbengine - ok
21:23:40.0538 3656 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:23:40.0566 3656 WbioSrvc - ok
21:23:40.0605 3656 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:23:40.0636 3656 wcncsvc - ok
21:23:40.0647 3656 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:23:40.0671 3656 WcsPlugInService - ok
21:23:40.0694 3656 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:23:40.0711 3656 Wd - ok
21:23:40.0759 3656 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:23:40.0793 3656 Wdf01000 - ok
21:23:40.0805 3656 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:23:40.0836 3656 WdiServiceHost - ok
21:23:40.0840 3656 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:23:40.0866 3656 WdiSystemHost - ok
21:23:40.0905 3656 [ E89D463AB373CFACCCBB0645E9AE8154 ] WebCake Desktop Updater C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe
21:23:40.0911 3656 WebCake Desktop Updater ( UnsignedFile.Multi.Generic ) - warning
21:23:40.0911 3656 WebCake Desktop Updater - detected UnsignedFile.Multi.Generic (1)
21:23:40.0947 3656 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
21:23:40.0977 3656 WebClient - ok
21:23:41.0003 3656 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:23:41.0068 3656 Wecsvc - ok
21:23:41.0084 3656 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:23:41.0129 3656 wercplsupport - ok
21:23:41.0139 3656 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:23:41.0183 3656 WerSvc - ok
21:23:41.0211 3656 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:23:41.0252 3656 WfpLwf - ok
21:23:41.0265 3656 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:23:41.0282 3656 WIMMount - ok
21:23:41.0301 3656 WinDefend - ok
21:23:41.0307 3656 WinHttpAutoProxySvc - ok
21:23:41.0357 3656 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:23:41.0401 3656 Winmgmt - ok
21:23:41.0485 3656 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
21:23:41.0565 3656 WinRM - ok
21:23:41.0615 3656 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:23:41.0645 3656 WinUsb - ok
21:23:41.0680 3656 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:23:41.0718 3656 Wlansvc - ok
21:23:41.0740 3656 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:23:41.0758 3656 WmiAcpi - ok
21:23:41.0787 3656 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:23:41.0808 3656 wmiApSrv - ok
21:23:41.0830 3656 WMPNetworkSvc - ok
21:23:41.0842 3656 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:23:41.0886 3656 WPCSvc - ok
21:23:41.0927 3656 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:23:41.0996 3656 WPDBusEnum - ok
21:23:42.0013 3656 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:23:42.0056 3656 ws2ifsl - ok
21:23:42.0080 3656 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
21:23:42.0106 3656 wscsvc - ok
21:23:42.0110 3656 WSearch - ok
21:23:42.0204 3656 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:23:42.0273 3656 wuauserv - ok
21:23:42.0311 3656 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:23:42.0339 3656 WudfPf - ok
21:23:42.0352 3656 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:23:42.0373 3656 WUDFRd - ok
21:23:42.0392 3656 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:23:42.0414 3656 wudfsvc - ok
21:23:42.0454 3656 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
21:23:42.0487 3656 WwanSvc - ok
21:23:42.0516 3656 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
21:23:42.0540 3656 yukonw7 - ok
21:23:42.0582 3656 [ AD6558FBC66691959BA4AC55A57C3921 ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
21:23:42.0608 3656 ZTEusbmdm6k - ok
21:23:42.0625 3656 [ AD6558FBC66691959BA4AC55A57C3921 ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
21:23:42.0643 3656 ZTEusbnmea - ok
21:23:42.0660 3656 [ AD6558FBC66691959BA4AC55A57C3921 ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
21:23:42.0679 3656 ZTEusbser6k - ok
21:23:42.0779 3656 [ 74983ADDCA2D9618512C088D856D6615 ] {55662437-DA8C-40c0-AADA-2C816A897A49} c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
21:23:42.0825 3656 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
21:23:42.0843 3656 ================ Scan global ===============================
21:23:42.0861 3656 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:23:42.0899 3656 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:23:42.0913 3656 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:23:42.0943 3656 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:23:42.0958 3656 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:23:42.0964 3656 [Global] - ok
21:23:42.0965 3656 ================ Scan MBR ==================================
21:23:42.0974 3656 [ A3673A5356641CE5018401BC42D7286C ] \Device\Harddisk0\DR0
21:23:43.0261 3656 \Device\Harddisk0\DR0 - ok
21:23:43.0262 3656 ================ Scan VBR ==================================
21:23:43.0267 3656 [ CC48EE85835CD47CC34DAE84610889FA ] \Device\Harddisk0\DR0\Partition1
21:23:43.0269 3656 \Device\Harddisk0\DR0\Partition1 - ok
21:23:43.0296 3656 [ E6A501A7A22918ABA3047789405B2D3A ] \Device\Harddisk0\DR0\Partition2
21:23:43.0297 3656 \Device\Harddisk0\DR0\Partition2 - ok
21:23:43.0325 3656 [ 858B7EE477227C58BD3ABB87DA56C101 ] \Device\Harddisk0\DR0\Partition3
21:23:43.0328 3656 \Device\Harddisk0\DR0\Partition3 - ok
21:23:43.0347 3656 [ BE80C4F106F9E4CAF13367D2145578EE ] \Device\Harddisk0\DR0\Partition4
21:23:43.0350 3656 \Device\Harddisk0\DR0\Partition4 - ok
21:23:43.0351 3656 ============================================================
21:23:43.0351 3656 Scan finished
21:23:43.0351 3656 ============================================================
21:23:43.0371 5208 Detected object count: 3
21:23:43.0371 5208 Actual detected object count: 3
21:23:46.0420 5208 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:23:46.0420 5208 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:23:46.0423 5208 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
21:23:46.0423 5208 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:23:46.0426 5208 WebCake Desktop Updater ( UnsignedFile.Multi.Generic ) - skipped by user
21:23:46.0426 5208 WebCake Desktop Updater ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:23:50.0078 5728 Deinitialize success

markusg 08.06.2013 20:31
hatte ich was von löschen geschrieben, da steht doch skip!
update mal deine hp software.
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Tobi1985K 08.06.2013 21:00
Tja, nach dem Neustart poppt Combofix immer auf und weg und auf und weg und auf und weg... habe genau die Anweisung befolgt. Antiviren deaktiviert, combofix gestartet und nix gemacht.

markusg 08.06.2013 21:08
combofix als admin ausgeführt, bzw im selben konto angemeldet aus dem Combofix gestartet wurde

Tobi1985K 08.06.2013 21:09
ja, als admin ausgeführt

markusg 08.06.2013 21:12
gehe mal, nach neustart über f8, in den abgesicherten Modus, schau ob combofix durchläuft, dann wieder in den normalen Modus, log posten

Tobi1985K 10.06.2013 19:28
Es funktioniert nicht! Halte F8 gedrückt, habe mehrmals neugestartet, es funktioniert nicht mit dem abgesicherten Modus. Und Combofix poppt jedes Mal tausend mal in der Minute auf, ich kriegs noch nicht mal mit dem Taskmanager zu. Was ist da los?

markusg 10.06.2013 21:10
bist du im selben Konto angemeldet in dem du cf gestartet hattest?
versuch auch mal über start ausführen
combofix /uninstall
enter, neustart

Tobi1985K 10.06.2013 21:20
Ja, im selben Konto. Durch das uninstall habe ich es weg, aber nun? Noch mal neu runterladen und installieren?

markusg 10.06.2013 22:54
ja, versuchs noch mal

Tobi1985K 11.06.2013 19:50
Jetzt gings...
Combofix Logfile:
Code:
ComboFix 13-06-08.02 - Admin 11.06.2013  20:36:43.3.2 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.4092.2529 [GMT 2:00]
ausgeführt von:: c:\users\Tobi\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Vorheriger Suchlauf -------
.
c:\windows\IsUn0407.exe
.
.
(((((((((((((((((((((((((((((((((((((((  Treiber/Dienste  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_BrowserDefendert
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-05-11 bis 2013-06-11  ))))))))))))))))))))))))))))))
.
.
2013-06-11 18:45 . 2013-06-11 18:45        --------        d-----w-        c:\users\Public\AppData\Local\temp
2013-06-11 18:45 . 2013-06-11 18:45        --------        d-----w-        c:\users\Default\AppData\Local\temp
2013-06-11 18:45 . 2013-06-11 18:45        --------        d-----w-        c:\users\Administrator\AppData\Local\temp
2013-06-11 18:45 . 2013-06-11 18:45        --------        d-----w-        c:\users\Admin\AppData\Local\temp
2013-06-08 19:22 . 2013-06-08 19:22        --------        d-----w-        C:\TDSSKiller_Quarantine
2013-06-08 17:44 . 2013-06-08 17:44        --------        d-----w-        c:\programdata\BrowserDefender
2013-06-08 17:44 . 2013-06-08 17:44        --------        d-----w-        c:\users\Admin\AppData\Roaming\BabSolution
2013-06-08 17:43 . 2013-06-08 17:43        --------        d-----w-        c:\program files (x86)\Delta
2013-06-08 17:43 . 2013-06-08 17:43        --------        d-----w-        c:\users\Admin\AppData\Roaming\Delta
2013-06-08 17:43 . 2013-06-08 17:43        --------        d-----w-        c:\programdata\Babylon
2013-06-08 17:43 . 2013-06-08 17:43        --------        d-----w-        c:\users\Admin\AppData\Roaming\Babylon
2013-06-08 17:43 . 2013-06-08 17:43        --------        d-----w-        c:\users\Admin\AppData\Roaming\WebCake
2013-06-08 17:43 . 2013-06-08 17:43        --------        d-----w-        c:\program files (x86)\WebCake
2013-06-08 17:43 . 2013-06-08 17:43        --------        d-----w-        c:\programdata\Tarma Installer
2013-06-08 17:43 . 2013-06-08 17:43        --------        d-----w-        c:\users\Admin\AppData\Local\PutLockerDownloader
2013-06-08 17:43 . 2013-06-08 17:43        --------        d-----w-        c:\users\Admin\AppData\Local\Mozilla
2013-06-08 17:43 . 2013-06-08 17:43        --------        d-----w-        c:\program files (x86)\FTDownloader.com
2013-06-07 18:43 . 2013-05-13 06:37        9460464        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{44601B31-07C0-4C62-B1D4-6ACBA6586D37}\mpengine.dll
2013-05-15 18:01 . 2013-04-05 06:50        15404032        ----a-w-        c:\windows\system32\ieframe.dll
2013-05-15 16:57 . 2013-04-10 06:01        265064        ----a-w-        c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 16:57 . 2013-04-10 06:01        983400        ----a-w-        c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 16:57 . 2011-02-03 11:25        144384        ----a-w-        c:\windows\system32\cdd.dll
2013-05-15 16:56 . 2013-02-27 05:52        14172672        ----a-w-        c:\windows\system32\shell32.dll
2013-05-15 16:56 . 2013-02-27 05:52        197120        ----a-w-        c:\windows\system32\shdocvw.dll
2013-05-15 16:56 . 2013-02-27 05:48        1930752        ----a-w-        c:\windows\system32\authui.dll
2013-05-15 16:56 . 2013-02-27 06:02        111448        ----a-w-        c:\windows\system32\consent.exe
2013-05-15 16:56 . 2013-02-27 05:47        70144        ----a-w-        c:\windows\system32\appinfo.dll
2013-05-15 16:56 . 2013-02-27 04:49        1796096        ----a-w-        c:\windows\SysWow64\authui.dll
2013-05-15 16:56 . 2013-03-19 05:53        48640        ----a-w-        c:\windows\system32\wwanprotdim.dll
2013-05-15 16:56 . 2013-03-19 05:53        230400        ----a-w-        c:\windows\system32\wwansvc.dll
2013-05-15 16:56 . 2013-04-10 03:30        3153920        ----a-w-        c:\windows\system32\win32k.sys
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 18:08 . 2010-06-13 09:39        75016696        ----a-w-        c:\windows\system32\MRT.exe
2013-05-14 18:50 . 2013-02-27 18:56        692104        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-14 18:50 . 2013-02-27 18:56        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-09 08:59 . 2013-03-01 16:03        189936        ----a-w-        c:\windows\system32\drivers\aswVmm.sys
2013-05-09 08:59 . 2013-03-01 16:03        65336        ----a-w-        c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59 . 2013-02-28 20:22        378432        ----a-w-        c:\windows\system32\drivers\aswSP.sys
2013-05-09 08:59 . 2013-02-28 20:22        72016        ----a-w-        c:\windows\system32\drivers\aswRdr2.sys
2013-05-09 08:59 . 2013-02-28 20:22        64288        ----a-w-        c:\windows\system32\drivers\aswTdi.sys
2013-05-09 08:59 . 2013-02-28 20:22        1025808        ----a-w-        c:\windows\system32\drivers\aswSnx.sys
2013-05-09 08:59 . 2013-02-28 20:22        33400        ----a-w-        c:\windows\system32\drivers\aswFsBlk.sys
2013-05-09 08:59 . 2013-02-28 20:22        80816        ----a-w-        c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:58 . 2013-02-28 20:21        41664        ----a-w-        c:\windows\avastSS.scr
2013-05-09 08:58 . 2013-02-28 20:22        287840        ----a-w-        c:\windows\system32\aswBoot.exe
2013-05-06 17:14 . 2013-03-01 11:14        318300        ----a-w-        c:\windows\SysWow64\~.tmp
2013-05-02 00:06 . 2010-06-08 12:40        278800        ------w-        c:\windows\system32\MpSigStub.exe
2013-04-13 05:49 . 2013-05-15 16:57        135168        ----a-w-        c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 16:57        350208        ----a-w-        c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 16:57        308736        ----a-w-        c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 16:57        111104        ----a-w-        c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 16:57        474624        ----a-w-        c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 16:57        2176512        ----a-w-        c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 15:59        1656680        ----a-w-        c:\windows\system32\drivers\ntfs.sys
2013-04-09 13:13 . 2013-05-06 17:17        110264        ----a-w-        c:\windows\system32\pdfcmon.dll
2013-03-22 14:32 . 2013-02-28 19:10        92248        ----a-w-        c:\programdata\Microsoft\BingDesktop\Updater\BingDesktopRestarter.exe
2013-03-19 06:04 . 2013-04-10 18:43        5550424        ----a-w-        c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 18:43        43520        ----a-w-        c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 18:43        3968856        ----a-w-        c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 18:43        3913560        ----a-w-        c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 18:43        6656        ----a-w-        c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 18:43        112640        ----a-w-        c:\windows\system32\smss.exe
2013-03-16 10:25 . 2013-03-16 10:25        73728        ----a-w-        c:\windows\SysWow64\SetIEInstalledDate.exe
2013-03-16 10:25 . 2013-03-16 10:25        719360        ----a-w-        c:\windows\SysWow64\mshtmlmedia.dll
2013-03-16 10:25 . 2013-03-16 10:25        61952        ----a-w-        c:\windows\SysWow64\tdc.ocx
2013-03-16 10:25 . 2013-03-16 10:25        523264        ----a-w-        c:\windows\SysWow64\vbscript.dll
2013-03-16 10:25 . 2013-03-16 10:25        48640        ----a-w-        c:\windows\SysWow64\mshtmler.dll
2013-03-16 10:25 . 2013-03-16 10:25        38400        ----a-w-        c:\windows\SysWow64\imgutil.dll
2013-03-16 10:25 . 2013-03-16 10:25        361984        ----a-w-        c:\windows\SysWow64\html.iec
2013-03-16 10:25 . 2013-03-16 10:25        23040        ----a-w-        c:\windows\SysWow64\licmgr10.dll
2013-03-16 10:25 . 2013-03-16 10:25        226304        ----a-w-        c:\windows\system32\elshyph.dll
2013-03-16 10:25 . 2013-03-16 10:25        197120        ----a-w-        c:\windows\system32\msrating.dll
2013-03-16 10:25 . 2013-03-16 10:25        185344        ----a-w-        c:\windows\SysWow64\elshyph.dll
2013-03-16 10:25 . 2013-03-16 10:25        158720        ----a-w-        c:\windows\SysWow64\msls31.dll
2013-03-16 10:25 . 2013-03-16 10:25        150528        ----a-w-        c:\windows\SysWow64\iexpress.exe
2013-03-16 10:25 . 2013-03-16 10:25        1441280        ----a-w-        c:\windows\SysWow64\inetcpl.cpl
2013-03-16 10:25 . 2013-03-16 10:25        138752        ----a-w-        c:\windows\SysWow64\wextract.exe
2013-03-16 10:25 . 2013-03-16 10:25        137216        ----a-w-        c:\windows\SysWow64\ieUnatt.exe
2013-03-16 10:25 . 2013-03-16 10:25        12800        ----a-w-        c:\windows\SysWow64\mshta.exe
2013-03-16 10:25 . 2013-03-16 10:25        110592        ----a-w-        c:\windows\SysWow64\IEAdvpack.dll
2013-03-16 10:25 . 2013-03-16 10:25        1054720        ----a-w-        c:\windows\system32\MsSpellCheckingFacility.exe
2013-03-16 10:25 . 2013-03-16 10:25        97280        ----a-w-        c:\windows\system32\mshtmled.dll
2013-03-16 10:25 . 2013-03-16 10:25        92160        ----a-w-        c:\windows\system32\SetIEInstalledDate.exe
2013-03-16 10:25 . 2013-03-16 10:25        905728        ----a-w-        c:\windows\system32\mshtmlmedia.dll
2013-03-16 10:25 . 2013-03-16 10:25        81408        ----a-w-        c:\windows\system32\icardie.dll
2013-03-16 10:25 . 2013-03-16 10:25        77312        ----a-w-        c:\windows\system32\tdc.ocx
2013-03-16 10:25 . 2013-03-16 10:25        762368        ----a-w-        c:\windows\system32\ieapfltr.dll
2013-03-16 10:25 . 2013-03-16 10:25        62976        ----a-w-        c:\windows\system32\pngfilt.dll
2013-03-16 10:25 . 2013-03-16 10:25        599552        ----a-w-        c:\windows\system32\vbscript.dll
2013-03-16 10:25 . 2013-03-16 10:25        52224        ----a-w-        c:\windows\system32\msfeedsbs.dll
2013-03-16 10:25 . 2013-03-16 10:25        51200        ----a-w-        c:\windows\system32\imgutil.dll
2013-03-16 10:25 . 2013-03-16 10:25        48640        ----a-w-        c:\windows\system32\mshtmler.dll
2013-03-16 10:25 . 2013-03-16 10:25        452096        ----a-w-        c:\windows\system32\dxtmsft.dll
2013-03-16 10:25 . 2013-03-16 10:25        441856        ----a-w-        c:\windows\system32\html.iec
2013-03-16 10:25 . 2013-03-16 10:25        281600        ----a-w-        c:\windows\system32\dxtrans.dll
2013-03-16 10:25 . 2013-03-16 10:25        27648        ----a-w-        c:\windows\system32\licmgr10.dll
2013-03-16 10:25 . 2013-03-16 10:25        270848        ----a-w-        c:\windows\system32\iedkcs32.dll
2013-03-16 10:25 . 2013-03-16 10:25        247296        ----a-w-        c:\windows\system32\webcheck.dll
2013-03-16 10:25 . 2013-03-16 10:25        235008        ----a-w-        c:\windows\system32\url.dll
2013-03-16 10:25 . 2013-03-16 10:25        216064        ----a-w-        c:\windows\system32\msls31.dll
2013-03-16 10:25 . 2013-03-16 10:25        173568        ----a-w-        c:\windows\system32\ieUnatt.exe
2013-03-16 10:25 . 2013-03-16 10:25        167424        ----a-w-        c:\windows\system32\iexpress.exe
2013-03-16 10:25 . 2013-03-16 10:25        1509376        ----a-w-        c:\windows\system32\inetcpl.cpl
2013-03-16 10:25 . 2013-03-16 10:25        149504        ----a-w-        c:\windows\system32\occache.dll
2013-03-16 10:25 . 2013-03-16 10:25        144896        ----a-w-        c:\windows\system32\wextract.exe
2013-03-16 10:25 . 2013-03-16 10:25        1400416        ----a-w-        c:\windows\system32\ieapfltr.dat
2013-03-16 10:25 . 2013-03-16 10:25        13824        ----a-w-        c:\windows\system32\mshta.exe
2013-03-16 10:25 . 2013-03-16 10:25        136192        ----a-w-        c:\windows\system32\iepeers.dll
2013-03-16 10:25 . 2013-03-16 10:25        135680        ----a-w-        c:\windows\system32\IEAdvpack.dll
2013-03-16 10:25 . 2013-03-16 10:25        12800        ----a-w-        c:\windows\system32\msfeedssync.exe
2013-03-16 10:25 . 2013-03-16 10:25        102912        ----a-w-        c:\windows\system32\inseng.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]
2013-05-20 10:02        295832        ----a-w-        c:\program files (x86)\Delta\delta\1.8.21.5\bh\delta.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{82E1477C-B154-48D3-9891-33D83C26BCD3}"= "c:\program files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll" [2013-05-20 284056]
.
[HKEY_CLASSES_ROOT\clsid\{82e1477c-b154-48d3-9891-33d83c26bcd3}]
[HKEY_CLASSES_ROOT\delta.deltadskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\delta.deltadskBnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FileHippo.com"="c:\program files (x86)\FileHippo.com\UpdateChecker.exe" [2012-11-23 307712]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2011-03-04 2741616]
"WebCake Desktop"="c:\users\Admin\AppData\Roaming\WebCake\WebCakeDesktop.exe" [2013-06-07 47896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-04 98304]
"HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2010-02-25 323640]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2010-03-23 500792]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"UnlockerAssistant"="c:\program files (x86)\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"BingDesktop"="c:\program files (x86)\Microsoft\BingDesktop\BingDesktop.exe" [2013-04-10 2387088]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2013-2-7 575000]
TotalMedia Server.lnk - c:\program files (x86)\ArcSoft\TotalMedia Theatre 6\TotalMedia Server\TM Server.exe [2012-11-26 520296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~3\BROWSE~1\261339~1.144\{C16C1~1\BrowserDefender.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ALSysIO;ALSysIO;c:\users\Tobi\AppData\Local\Temp\ALSysIO64.sys;c:\users\Tobi\AppData\Local\Temp\ALSysIO64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 massfilter_hs;USB Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys;c:\windows\SYSNATIVE\drivers\massfilter_hs.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys;c:\windows\SYSNATIVE\DRIVERS\NBVol.sys [x]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys;c:\windows\SYSNATIVE\DRIVERS\NBVolUp.sys [x]
S1 ArcCtrl;ArcCtrl;c:\windows\system32\drivers\ArcCtrl.sys;c:\windows\SYSNATIVE\drivers\ArcCtrl.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2013/03/01 15:25];c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl;c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl [x]
S2 ADExchange;ArcSoft Exchange Service;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 BingDesktopUpdate;Bing Desktop Update service;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 lxdn_device;lxdn_device;c:\windows\system32\lxdncoms.exe;c:\windows\SYSNATIVE\lxdncoms.exe [x]
S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files (x86)\PDF Architect\HelperService.exe;c:\program files (x86)\PDF Architect\HelperService.exe [x]
S2 PDF Architect Service;PDF Architect Service;c:\program files (x86)\PDF Architect\ConversionService.exe;c:\program files (x86)\PDF Architect\ConversionService.exe [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S2 TGCM_ImportWiFiSvc;TGCM_ImportWiFiSvc;c:\program files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe;c:\program files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [x]
S2 WebCake Desktop Updater;WebCake Desktop Updater;c:\program files (x86)\WebCake\WebCakeDesktop.Updater.exe;c:\program files (x86)\WebCake\WebCakeDesktop.Updater.exe [x]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys;c:\windows\SYSNATIVE\DRIVERS\enecir.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-03-04 11:29        451872        ----a-w-        c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-06 18:19        1165776        ----a-w-        c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-27 18:50]
.
2013-06-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-28 20:06]
.
2013-06-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-28 20:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58        133840        ----a-w-        c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-08-25 610872]
"lxdnmon.exe"="c:\program files (x86)\Lexmark 2600 Series\lxdnmon.exe" [2010-02-04 660136]
"EzPrint"="c:\program files (x86)\Lexmark 2600 Series\ezprint.exe" [2010-02-04 107176]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-23 487424]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.delta-search.com/?affID=119781&babsrc=HP_ss&mntrId=D8B72617FEC4A785
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rt1s26ru.default\
FF - prefs.js: browser.search.selectedEngine - Delta Search
FF - prefs.js: browser.startup.homepage - hxxp://www.delta-search.com/?affID=119781&babsrc=HP_ss&mntrId=D8B72617FEC4A785
FF - ExtSQL: 2013-05-06 19:17; FFPDFArchitectConverter@pdfarchitect.com; c:\program files (x86)\PDF Architect\FFPDFArchitectExt
FF - ExtSQL: 2013-05-13 17:28; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - user.js: extentions.webcake.installId - b239d215-737b-40d6-a01c-dac88071e6de
FF - user.js: extentions.webcake.defaultEnableAppsList - layers,brain/features,newOffers/wc
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - d8b73e3e0000000000002617fec4a785
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15864
FF - user.js: extensions.delta.vrsn - 1.8.21.5
FF - user.js: extensions.delta.vrsni - 1.8.21.5
FF - user.js: extensions.delta.vrsnTs - 1.8.21.519:44
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=119781
FF - user.js: extensions.delta_i.babExt -
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Adobe SVG Viewer - c:\windows\System32\Adobe\SVG Viewer\Uninst.isu
AddRemove-S4Uninst - c:\windows\IsUn0407.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
"ImagePath"="\??\c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1044226639-1867335067-3542661926-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:15,0a,54,20,cf,20,b3,e4,4a,49,79,b7,83,6e,eb,2d,41,78,3b,77,ed,c9,7d,
  c6,f7,31,27,25,b8,23,36,70,73,7c,02,cc,69,88,9d,be,89,7b,86,ba,0c,94,e6,6f,\
"??"=hex:dc,81,5b,60,c7,9a,b6,94,93,3e,f7,8a,c7,a2,0e,c0
.
[HKEY_USERS\S-1-5-21-1044226639-1867335067-3542661926-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:39,c6,33,17,01,ee,00,45,a0,23,26,5e,f8,3a,aa,d1,68,ca,d3,47,c5,88,16,
  63,39,bf,0c,7a,81,86,c4,81,f4,e8,3e,f3,fb,6f,1e,38,b2,14,0d,13,bb,77,62,dc,\
"??"=hex:09,fd,9b,43,f5,52,93,b5,ce,78,4d,42,32,66,74,39
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OOSE05.00.00.01PRO"="5B76EF1F201DFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A9C6AECB7A5D14078EDD5E5BE2F6E6675D575E7D6A3B9808C6F4577CA8001157A7DAE46BF2A80803BAF5C0BE81CE7F59A2AF4A83155F8EE824CDD53B29F1E6C9866C4B05EFC1568735038D57A43F9DAB3BFBB9CA2EAF904D0E5AB2738BD712321F6E80CD173E5183CC9EF8B614F7618E933DBE7916861F979C710CE5A74AE2BE10A8CFFED3F806EDC4201DAF70B3B85F317BE01D42A4A32F3B6C74FBE9A85F7C4AE47A792911B81D33E2053C6FF341DFF0C218E8BC093ADEACA7743E5014C1E013F2B2C129E9DE4F84C732795A7DCFB4032453B0A5F8B2530586855DEDF376C18625A180FDABA2A375321BA68D566BE8E9347570ACFD9120AB6E172BEB711F5A10D1640062BF641F9A88A7AAFB4CCEE7FD8B53C399E5113B60C78D9F03FA12CB72D2083127D6B429D938348D296EEA83EBC637EE46C01C803100BD5384C35898430813A7AF63DA8F6E2F92FB2F1262F23207DFD5A164D32C048AF308D2402FA76B54FD1AF59CD002E5620847BA4E8CCC25F07E042D690DE212DCEE1F64AA08C42B1EB1E6057C4694A5C8CD648E007611EC2CB82780ADCF2867EEE19F4783899F914E110C7D441DC061DE906B7E47DD1F04662A10445158696540F33597890CCA06D5EE2E93F56CE2A5A3F01A7487B6BDBBCFDF35373A1873BF5140AE0A461EBFC1A6941410D87EB9D09A04516DE8A916379D5BAF2B9233780028557D66817FD6D1B6BCAB4F78D06A95CB53957BD91135ED07923F8845818F03CE363907C9A7519A011783402416FE7B42DB8F43077C8C2CCA71C5C6041133F9D1D91D5BF14053CE8548D0E7ECB661DB0F0E0E7DE72FF1912754C6F5469FC1E8432C09E690A4E179C469E9DEAC4B6366C34F7FF732221E91630EED3842A5FC28B98BFDC1FDE7EAF84705CAD17DA2B91EF9F87A146200AEF3C66388C377488BE44E4A2494D9503B7E171C93003E407CD8CCD736C7B9A825569D8F096125E578A19E31C5220655090F4121893E925AA643DAAC919BBCAE66A539410672D08E3230CBF952BB2826E986DAFD92F3615A9A59482D8C2CB15A3DA6ED1837E5C40689BBFCD3DC48AA235911798EBC1F555F1C70BE81CA2B26A65572942C7C448D4636405A621AC33C63B730B7A035CE5E3D532E66C697DFE844C2F2890856A6FBFA528D11BA68BDCE2F47B9B3FA52282FF8CC8DF18F5E9F109577E8ADA6EBBBA5845DC9D46BC4D81804B05991550AE13FCDF85C92DDB0DBF132CF6866FC0746E2F7B7ECD9EFD14D13147E8A76597A4A4A2A2C3F02AEC2932C6686D81BF0939B529DA9C45ABD57E47CC39F210E296240CD309EABFAEA6E5B1D31BF76385A26A653715CEF933ABF0057ADE84106"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-06-11  20:49:06
ComboFix-quarantined-files.txt  2013-06-11 18:49
.
Vor Suchlauf: 20 Verzeichnis(se), 314.503.831.552 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 314.083.713.024 Bytes frei
.
- - End Of File - - D0EB06CCA196836D04A3E546CF700DB3
--- --- ---
A3673A5356641CE5018401BC42D7286C

markusg 12.06.2013 11:11
Hi,
malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.

Tobi1985K 12.06.2013 20:17
Also er hat nix gefunden, sagt er.

Log-file:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.04.04.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16614
Tobi :: TOBI-PC [limitiert]

12.06.2013 20:04:59
mbam-log-2013-06-12 (20-04-59).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 421664
Laufzeit: 1 Stunde(n), 3 Minute(n), 1 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

markusg 12.06.2013 20:27
Hi,
lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

Tobi1985K 12.06.2013 20:39
Acrobat.com Adobe Systems Incorporated 14.11.2009 1,60MB 1.6.65
Adobe Acrobat 6.0 Limited - English, Français, Deutsch Adobe Systems 08.06.2010 255MB 006.000.001
Adobe AIR Adobe Systems Incorporated 15.05.2013 3.7.0.1860
Adobe Flash Player 11 Plugin Adobe Systems Incorporated 11.06.2013 6,00MB 11.7.700.224
Adobe Photoshop 6.0 Adobe Systems, Inc. 08.06.2010 6.0
Adobe Reader XI (11.0.03) - Deutsch Adobe Systems Incorporated 18.05.2013 133MB 11.0.03
Adobe Shockwave Player 12.0 Adobe Systems, Inc. 10.04.2013 12.0.2.122
Adobe SVG Viewer Adobe Systems, Inc. 08.06.2010 1.0
ALLE ADOBE BEKANNT
AMD USB Filter Driver Advanced Micro Devices, Inc. 07.03.2010 56,0KB 1.0.10.84
BEKANNT
Apple Application Support Apple Inc. 06.01.2013 64,9MB 2.3
Apple Software Update Apple Inc. 13.07.2011 2,38MB 2.1.3.127
ArcSoft TotalMedia Theatre 6 ArcSoft 18.03.2013 157MB 6.0.1.119
Atheros Driver Installation Program Atheros 14.08.2011 9.0
ATI Catalyst Install Manager ATI Technologies, Inc. 07.03.2010 18,2MB 3.0.732.0
avast! Free Antivirus AVAST Software 13.05.2013 8.0.1489.0
Bibliographix 8 Bibliographix GbR 02.11.2011
Bing-Desktop Microsoft Corporation 07.05.2013 11,4MB 1.2.126.0
Blue Byte Game Channel UbiSoft 19.04.2013
BrowserDefender Bit89 Inc 08.06.2013
CCleaner Piriform 25.02.2013 3.28
Cisco EAP-FAST Module Cisco Systems, Inc. 14.08.2011 1,55MB 2.2.14
Cisco LEAP Module Cisco Systems, Inc. 14.08.2011 644KB 1.0.19
Cisco PEAP Module Cisco Systems, Inc. 14.08.2011 1,23MB 1.1.6
Compatibility Pack für 2007 Office System Microsoft Corporation 09.01.2013 266MB 12.0.6612.1000
CyberLink DVD Suite CyberLink Corp. 14.11.2009 37,2MB 7.0.2111
BISHER ALLES BEKANNT
Delta Chrome Toolbar Visual Tools 08.06.2013
Delta toolbar Delta 08.06.2013 1.8.21.5
UNBEKANNT BZW UNERWÜNSCHT
Die Siedler II - Die nächste Generation 04.05.2013
Die Siedler IV 19.04.2013
doPDF 7.3 printer Softland 09.03.2013 13,7MB
DVDx 4.0 Open Edition labDV 28.11.2011 4.0 (Open Edition)
ElsterFormular Landesfinanzdirektion Thüringen 09.03.2013 188MB 14.1.20130301
ENE CIR Receiver Driver ENE 07.03.2010 2.7.4.0
ALLES BEKANNT BISHER
FileHippo.com Update Checker 28.02.2013
UNBEKANNT!
FTDownloader FTDownloader.com 08.06.2013 2.1 Build 26473
UNBEKANNT!
Google Chrome Google Inc. 28.02.2013 27.0.1453.110
HP 3D DriveGuard Hewlett-Packard 07.03.2010 3,27MB 4.0.3.1
HP Advisor Hewlett-Packard 14.11.2009 50,0MB 3.3.9512.3162
HP Games WildTangent 07.03.2010 1.0.0.71
HP MediaSmart DVD CyberLink Corp. 01.03.2013 96,9MB 3.1
HP MediaSmart Internet TV Hewlett-Packard 07.03.2010 40,6MB 3.1.2125
HP MediaSmart Live TV Hewlett-Packard 07.03.2010 68,7MB 3.1.2206
HP MediaSmart Music/Photo/Video Hewlett-Packard 07.03.2010 314MB 3.1.3405
HP MediaSmart SmartMenu Hewlett-Packard 07.03.2010 1,95MB 3.1.0.1
HP MediaSmart Webcam Hewlett-Packard 07.03.2010 120MB 3.1.2207
HP Quick Launch Buttons Hewlett-Packard Company 13.06.2010 6.50.16.1
HP Setup Hewlett-Packard 14.11.2009 1.2.3560.3170
HP Support Assistant Hewlett-Packard Company 21.01.2013 91,5MB 7.0.39.15
HP Update Hewlett-Packard 14.11.2009 2,96MB 5.001.000.014
HP User Guides 0154 Hewlett-Packard 14.11.2009 153MB 1.01.0001
HP Wireless Assistant Hewlett-Packard 13.06.2010 4,00MB 3.50.11.27
HP ALLES BEKANNT
IDT Audio IDT 07.03.2010 1.0.6225.0
JMicron Flash Media Controller Driver JMicron Technology Corp. 07.03.2010 1.0.32.1
DIE BEIDEN UNBEKANNT
Lexmark 2600 Series Lexmark International, Inc. 08.06.2010
LightScribe System Software LightScribe 28.11.2011 25,1MB 1.18.22.2
Malwarebytes Anti-Malware Version 1.75.0.1300 Malwarebytes Corporation 12.06.2013 19,2MB 1.75.0.1300
McAfee Security Scan Plus McAfee, Inc. 12.05.2013 10,2MB 3.0.318.3
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 11.07.2010 38,8MB 4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 11.07.2010 2,93MB 4.0.30319
Microsoft Office File Validation Add-In Microsoft Corporation 13.09.2011 7,95MB 14.0.5130.5003
Microsoft Office Home and Student 2007 Microsoft Corporation 01.03.2012 12.0.6612.1000
Microsoft Office Live Add-in 1.5 Microsoft Corporation 22.04.2012 508KB 2.0.4024.1
Microsoft Office PowerPoint Viewer 2007 (German) Microsoft Corporation 09.01.2013 100MB 12.0.6612.1000
Microsoft Office Suite Activation Assistant Microsoft Corporation 14.11.2009 8,36MB 2.9
Microsoft Silverlight Microsoft Corporation 14.03.2013 149MB 5.1.20125.0
Microsoft Sync Framework 2.0 Core Components (x64) ENU Microsoft Corporation 18.08.2012 1,33MB 2.0.1578.0
Microsoft Sync Framework 2.0 Provider Services (x64) ENU Microsoft Corporation 18.08.2012 3,20MB 2.0.1578.0
Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Corporation 07.03.2010 625KB 1.0.1215.0
Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Corporation 25.02.2011 1,44MB 1.0.1215.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Corporation 12.06.2010 260KB 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 12.06.2010 250KB 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 16.06.2011 300KB 8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 02.04.2012 3,00MB 8.0.61000
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 Microsoft Corporation 13.05.2011 580KB 8.0.51011
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 Microsoft Corporation 30.04.2011 790KB 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Corporation 30.04.2011 598KB 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 13.11.2011 252KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 07.03.2010 788KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 16.06.2011 788KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 05.03.2011 234KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 07.03.2010 596KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 07.03.2010 596KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 16.06.2011 600KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 29.11.2011 13,8MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 29.11.2011 15,0MB 10.0.40219
Microsoft Works Microsoft Corporation 13.10.2012 1,18GB 9.7.0621
Mobile Connection Manager Mobile Connection Manager 29.04.2011
Movie Theme Pack for HP MediaSmart Video Hewlett-Packard 07.03.2010 332MB 3.1.3310
Mozilla Firefox 21.0 (x86 en-US) Mozilla 08.06.2013 46,7MB 21.0
Mozilla Maintenance Service Mozilla 08.06.2013 333KB 21.0
Mozilla Thunderbird 17.0.4 (x86 de) Mozilla 26.03.2013 43,3MB 17.0.4
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 12.06.2010 1,27MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 12.06.2010 1,33MB 4.20.9876.0
Nero Backup Drivers Nero AG 28.11.2011 94,0KB 1.0.10000.1.0
Panda USB Vaccine 1.0.1.4 Panda Security 28.02.2013
PDF Architect pdfforge GmbH 06.05.2013 93,1MB 1.1.83.9982
PDFCreator pdfforge 06.05.2013 1.7.0
PhotoNow! CyberLink Corp. 07.03.2010 39,3MB 1.1.6622
Power2Go CyberLink Corp. 14.11.2009 199MB 6.0.3311
PowerDirector CyberLink Corp. 14.11.2009 546MB 7.0.3311
QuickTime Apple Inc. 06.01.2013 73,1MB 7.73.80.64
Realtek 8136 8168 8169 Ethernet Driver Realtek 07.03.2010 1.00.0007
Sandboxie 3.76 (64-bit) SANDBOXIE L.T.D 28.02.2013 3.76
Secunia PSI (3.0.0.6005) Secunia 28.02.2013 5,92MB 3.0.0.6005
Skype™ 6.3 Skype Technologies S.A. 28.05.2013 38,8MB 6.3.107
Sony XDCAM Viewer Sony Corporation 07.10.2011 30,5MB 2.30.0149
Stronghold 2 Deluxe Firefly Studios 20.01.2013 1.40.100
Synaptics Pointing Device Driver Synaptics Incorporated 28.02.2013 46,4MB 15.3.29.0
SyncToy 2.1 (x64) Microsoft 18.08.2012 1,45MB 2.1.0
VirtuaGuyHD version 1.0.6.01 Totem Entertainment 27.04.2011 29,5MB 1.0.6.01
VLC media player 2.0.6 VideoLAN 23.04.2013 2.0.6
BISHER ALLES BEKANNT
WebCake 3.00 WebCake LLC 08.06.2013 1,04MB 3.00
UNBEKANNT
Windows Media Player Firefox Plugin Microsoft Corp 12.08.2010 296KB 1.0.0.8
WinRAR 10.06.2010
WinRAR 4.20 (64-bit) win.rar GmbH 28.02.2013 4.20.0
ZTE USB Driver ZTE Corporation 29.04.2011 1.0.1.25_TME
ALLES BEKANNT

markusg 12.06.2013 20:41
beschriftungen fehlen

Tobi1985K 12.06.2013 20:48
Ne, habe viele Programme übersprungen, die mir bekannt sind und in Großbuchstaben dann geschrieben "BISHER BEKANNT" etc.

Hier noch mal:
Acrobat.com Adobe Systems Incorporated 14.11.2009 1,60MB 1.6.65 BEKANNT
Adobe Acrobat 6.0 Limited - English, Français, Deutsch Adobe Systems 08.06.2010 255MB 006.000.001 BEKANNT
Adobe AIR Adobe Systems Incorporated 15.05.2013 3.7.0.1860 BEKANNT
Adobe Flash Player 11 Plugin Adobe Systems Incorporated 11.06.2013 6,00MB 11.7.700.224 BEKANNT
Adobe Photoshop 6.0 Adobe Systems, Inc. 08.06.2010 6.0 BEKANNT
Adobe Reader XI (11.0.03) - Deutsch Adobe Systems Incorporated 18.05.2013 133MB 11.0.03 BEKANNT
Adobe Shockwave Player 12.0 Adobe Systems, Inc. 10.04.2013 12.0.2.122 BEKANNT
Adobe SVG Viewer Adobe Systems, Inc. 08.06.2010 1.0 BEKANNT
AMD USB Filter Driver Advanced Micro Devices, Inc. 07.03.2010 56,0KB 1.0.10.84 BEKANNT
Apple Application Support Apple Inc. 06.01.2013 64,9MB 2.3 BEKANNT
Apple Software Update Apple Inc. 13.07.2011 2,38MB 2.1.3.127 BEKANNT
ArcSoft TotalMedia Theatre 6 ArcSoft 18.03.2013 157MB 6.0.1.119 BEKANNT
Atheros Driver Installation Program Atheros 14.08.2011 9.0 BEKANNT
ATI Catalyst Install Manager ATI Technologies, Inc. 07.03.2010 18,2MB 3.0.732.0 BEKANNT
avast! Free Antivirus AVAST Software 13.05.2013 8.0.1489.0 BEKANNT
Bibliographix 8 Bibliographix GbR 02.11.2011 BEKANNT
Bing-Desktop Microsoft Corporation 07.05.2013 11,4MB 1.2.126.0 UNBEKANNT!
Blue Byte Game Channel UbiSoft 19.04.2013 BEKANNT
BrowserDefender Bit89 Inc 08.06.2013 UNBEKANNT!
CCleaner Piriform 25.02.2013 3.28 BEKANNT
Cisco EAP-FAST Module Cisco Systems, Inc. 14.08.2011 1,55MB 2.2.14 BEKANNT
Cisco LEAP Module Cisco Systems, Inc. 14.08.2011 644KB 1.0.19 BEKANNT
Cisco PEAP Module Cisco Systems, Inc. 14.08.2011 1,23MB 1.1.6 BEKANNT
Compatibility Pack für 2007 Office System Microsoft Corporation 09.01.2013 266MB 12.0.6612.1000 BEKANNT
CyberLink DVD Suite CyberLink Corp. 14.11.2009 37,2MB 7.0.2111 BEKANNT
Delta Chrome Toolbar Visual Tools 08.06.2013 UNBEKANNT!
Delta toolbar Delta 08.06.2013 1.8.21.5 UNBEKANNT!
Die Siedler II - Die nächste Generation 04.05.2013 BEKANNT
Die Siedler IV 19.04.2013 BEKANNT
doPDF 7.3 printer Softland 09.03.2013 13,7MB BEKANNT
DVDx 4.0 Open Edition labDV 28.11.2011 4.0 (Open Edition) BEKANNT
ElsterFormular Landesfinanzdirektion Thüringen 09.03.2013 188MB 14.1.20130301 BEKANNT
ENE CIR Receiver Driver ENE 07.03.2010 2.7.4.0 BEKANNT
FileHippo.com Update Checker 28.02.2013 UNBEKANNT!
FTDownloader FTDownloader.com 08.06.2013 2.1 Build 26473 UNBEKANNT!
Google Chrome Google Inc. 28.02.2013 27.0.1453.110 BEKANNT
HP 3D DriveGuard Hewlett-Packard 07.03.2010 3,27MB 4.0.3.1 BEKANNT
HP Advisor Hewlett-Packard 14.11.2009 50,0MB 3.3.9512.3162 BEKANNT
HP Games WildTangent 07.03.2010 1.0.0.71 BEKANNT
HP MediaSmart DVD CyberLink Corp. 01.03.2013 96,9MB 3.1 BEKANNT
HP MediaSmart Internet TV Hewlett-Packard 07.03.2010 40,6MB 3.1.2125 BEKANNT
HP MediaSmart Live TV Hewlett-Packard 07.03.2010 68,7MB 3.1.2206 BEKANNT
HP MediaSmart Music/Photo/Video Hewlett-Packard 07.03.2010 314MB 3.1.34 05 BEKANNT
HP MediaSmart SmartMenu Hewlett-Packard 07.03.2010 1,95MB 3.1.0.1 BEKANNT
HP MediaSmart Webcam Hewlett-Packard 07.03.2010 120MB 3.1.2207 BEKANNT
HP Quick Launch Buttons Hewlett-Packard Company 13.06.2010 6.50.16.1 BEKANNT
HP Setup Hewlett-Packard 14.11.2009 1.2.3560.3170 BEKANNT
HP Support Assistant Hewlett-Packard Company 21.01.2013 91,5MB 7.0.39.15 BEKANNT
HP Update Hewlett-Packard 14.11.2009 2,96MB 5.001.000.014 BEKANNT
HP User Guides 0154 Hewlett-Packard 14.11.2009 153MB 1.01.0001 BEKANNT
HP Wireless Assistant Hewlett-Packard 13.06.2010 4,00MB 3.50.11.27 BEKANNT
IDT Audio IDT 07.03.2010 1.0.6225.0 UNBEKANNT!
JMicron Flash Media Controller Driver JMicron Technology Corp. 07.03.2010 1.0.32.1 UNBEKANNT!
Lexmark 2600 Series Lexmark International, Inc. 08.06.2010 BEKANNT
LightScribe System Software LightScribe 28.11.2011 25,1MB 1.18.22.2 BEKANNT
Malwarebytes Anti-Malware Version 1.75.0.1300 Malwarebytes Corporation 12.06.2013 19,2MB 1.75.0.1300 BEKANNT
McAfee Security Scan Plus McAfee, Inc. 12.05.2013 10,2MB 3.0.318.3 BEKANNT
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 11.07.2010 38,8MB 4.0.30319 BEKANNT
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 11.07.2010 2,93MB 4.0.30319 BEKANNT
Microsoft Office File Validation Add-In Microsoft Corporation 13.09.2011 7,95MB 14.0.5130.5003 BEKANNT
Microsoft Office Home and Student 2007 Microsoft Corporation 01.03.2012 12.0.6612.1000 BEKANNT
Microsoft Office Live Add-in 1.5 Microsoft Corporation 22.04.2012 508KB 2.0.4024.1 BEKANNT
Microsoft Office PowerPoint Viewer 2007 (German) Microsoft Corporation 09.01.2013 100MB 12.0.6612.1000 BEKANNT
Microsoft Office Suite Activation Assistant Microsoft Corporation 14.11.2009 8,36MB 2.9 BEKANNT
Microsoft Silverlight Microsoft Corporation 14.03.2013 149MB 5.1.20125.0 BEKANNT
Microsoft Sync Framework 2.0 Core Components (x64) ENU Microsoft Corporation 18.08.2012 1,33MB 2.0.1578.0 BEKANNT
Microsoft Sync Framework 2.0 Provider Services (x64) ENU Microsoft Corporation 18.08.2012 3,20MB 2.0.1578.0 BEKANNT
Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Corporation 07.03.2010 625KB 1.0.1215.0 BEKANNT
Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Corporation 25.02.2011 1,44MB 1.0.1215.0 BEKANNT
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Corporation 12.06.2010 260KB 8.0.50727.4053 BEKANNT
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 12.06.2010 250KB 8.0.50727.4053 BEKANNT
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 16.06.2011 300KB 8.0.59193 BEKANNT
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 02.04.2012 3,00MB 8.0.61000 BEKANNT
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 Microsoft Corporation 13.05.2011 580KB 8.0.51011 BEKANNT
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 Microsoft Corporation 30.04.2011 790KB 9.0.30729.5570 BEKANNT
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Corporation 30.04.2011 598KB 9.0.30729.5570 BEKANNT
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 13.11.2011 252KB 9.0.30729 BEKANNT
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 07.03.2010 788KB 9.0.30729.4148 BEKANNT
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 16.06.2011 788KB 9.0.30729.6161 BEKANNT
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 05.03.2011 234KB 9.0.30729 BEKANNT
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 07.03.2010 596KB 9.0.30729 BEKANNT
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 07.03.2010 596KB BEKANNT9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 16.06.2011 600KB 9.0.30729.6161 BEKANNT
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 29.11.2011 13,8MB 10.0.40219 BEKANNT
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 29.11.2011 15,0MB 10.0.40219 BEKANNT
Microsoft Works Microsoft Corporation 13.10.2012 1,18GB 9.7.0621 BEKANNT
Mobile Connection Manager Mobile Connection Manager 29.04.2011 BEKANNT
Movie Theme Pack for HP MediaSmart Video Hewlett-Packard 07.03.2010 332MB 3.1.3310 BEKANNT
Mozilla Firefox 21.0 (x86 en-US) Mozilla 08.06.2013 46,7MB 21.0 BEKANNT
Mozilla Maintenance Service Mozilla 08.06.2013 333KB 21.0 BEKANNT
Mozilla Thunderbird 17.0.4 (x86 de) Mozilla 26.03.2013 43,3MB 17.0.4 BEKANNT
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 12.06.2010 1,27MB 4.20.9870.0 BEKANNT
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 12.06.2010 1,33MB 4.20.9876.0 BEKANNT
Nero Backup Drivers Nero AG 28.11.2011 94,0KB 1.0.10000.1.0 BEKANNT
Panda USB Vaccine 1.0.1.4 Panda Security 28.02.2013 BEKANNT
PDF Architect pdfforge GmbH 06.05.2013 93,1MB 1.1.83.9982 BEKANNT
PDFCreator pdfforge 06.05.2013 1.7.0 BEKANNT
PhotoNow! CyberLink Corp. 07.03.2010 39,3MB 1.1.6622 BEKANNT
Power2Go CyberLink Corp. 14.11.2009 199MB 6.0.3311 BEKANNT
PowerDirector CyberLink Corp. 14.11.2009 546MB 7.0.3311 BEKANNT
QuickTime Apple Inc. 06.01.2013 73,1MB 7.73.80.64 BEKANNT
Realtek 8136 8168 8169 Ethernet Driver Realtek 07.03.2010 1.00.0007 BEKANNT
Sandboxie 3.76 (64-bit) SANDBOXIE L.T.D 28.02.2013 3.76 BEKANNT
Secunia PSI (3.0.0.6005) Secunia 28.02.2013 5,92MB 3.0.0.6005 BEKANNT
Skype™ 6.3 Skype Technologies S.A. 28.05.2013 38,8MB 6.3.107 BEKANNT
Sony XDCAM Viewer Sony Corporation 07.10.2011 30,5MB 2.30.0149 BEKANNT
Stronghold 2 Deluxe Firefly Studios 20.01.2013 1.40.100 BEKANNT
Synaptics Pointing Device Driver Synaptics Incorporated 28.02.2013 46,4MB 15.3.29.0 BEKANNT
SyncToy 2.1 (x64) Microsoft 18.08.2012 1,45MB 2.1.0 BEKANNT
VirtuaGuyHD version 1.0.6.01 Totem Entertainment 27.04.2011 29,5MB 1.0.6.01 BEKANNT
VLC media player 2.0.6 VideoLAN 23.04.2013 2.0.6 BEKANNT
WebCake 3.00 WebCake LLC 08.06.2013 1,04MB 3.00 UNBEKANNT!
Windows Media Player Firefox Plugin Microsoft Corp 12.08.2010 296KB 1.0.0.8 BEKANNT
WinRAR 10.06.2010 BEKANNT
WinRAR 4.20 (64-bit) win.rar GmbH 28.02.2013 4.20.0 BEKANNT
ZTE USB Driver ZTE Corporation 29.04.2011 1.0.1.25_TME BEKANNT

markusg 12.06.2013 20:57
deinstaliere:
Adobe Flash Player alle
Adobe - Adobe Flash Player installieren
neueste version laden, instalieren.
bitte auch mal den adobe reader wie folgt konfigurieren:
adobe reader öffnen, bearbeiten, voreinstellungen.
allgemein:
nur zertifizierte zusatz module verwenden, anhaken.
Sicherheit (erweitert)
Erweiterte Sicherheit anhaken
und alle Dateien auswählen.
internet:
hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc.
es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht.
bei javascript den haken bei java script verwenden raus nehmen
bei updater, automatisch instalieren wählen.
übernehmen /ok

deinstaliere:
BrowserDefender
Delta : alle
FTDownloader
WebCake

Öffne CCleaner, analysieren, starten, PC neustarten
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Tobi1985K 12.06.2013 22:35
Also, ich er hat jetzt 15 mal gelöscht und neu gestartet... das muss doch mal aufhören, oder?

markusg 13.06.2013 11:22
poste mal die logs bitte

Tobi1985K 13.06.2013 18:04
AdwCleaner Logfile:
Code:
# AdwCleaner v2.303 - Datei am 12/06/2013 um 22:13:11 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Admin - TOBI-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Tobi\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rt1s26ru.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rt1s26ru.default\searchplugins\delta.xml
Datei Gelöscht : C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Datei Gelöscht : C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Datei Gelöscht : C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\kig34tlw.default\bProtector_extensions.rdf
Datei Gelöscht : C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\kig34tlw.default\bprotector_prefs.js
Ordner Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Users\Admin\AppData\Local\PutLockerDownloader
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\Tobi\AppData\Roaming\DSite

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\1ClickDownload
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\fe8cdeb769ef14
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16611

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-search.com/?affID=119781&babsrc=HP_ss&mntrId=D8B72617FEC4A785 --> hxxp://www.google.com

-\\ Mozilla Firefox v21.0 (en-US)

Datei : C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\kig34tlw.default\prefs.js

Gelöscht : user_pref("avg.install.userSPSettings", "Delta Search");
Gelöscht : user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?affID=119781&babsrc=NT_ss&mntrId=D8B72[...]
Gelöscht : user_pref("browser.search.order.1", "Delta Search");
Gelöscht : user_pref("browser.search.selectedEngine", "Delta Search");
Gelöscht : user_pref("browser.startup.homepage", "hxxp://www.delta-search.com/?affID=119781&babsrc=HP_ss&mntrId[...]

Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rt1s26ru.default\prefs.js

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rt1s26ru.default\user.js ... Gelöscht !

[OK] Die Datei ist sauber.

-\\ Google Chrome v27.0.1453.110

Datei : C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S2].txt - [4033 octets] - [12/06/2013 22:13:11]

########## EOF - \AdwCleaner[S2].txt - [4093 octets] ##########
--- --- ---
AdwCleaner Logfile:
Code:
# AdwCleaner v2.303 - Datei am 12/06/2013 um 22:21:49 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Admin - TOBI-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Tobi\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (en-US)

Datei : C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\kig34tlw.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rt1s26ru.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v27.0.1453.110

Datei : C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S2].txt - [4158 octets] - [12/06/2013 22:13:11]
AdwCleaner[S3].txt - [1170 octets] - [12/06/2013 22:21:50]

########## EOF - \AdwCleaner[S3].txt - [1230 octets] ##########
--- --- ---
AdwCleaner Logfile:
Code:
# AdwCleaner v2.303 - Datei am 12/06/2013 um 22:29:56 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Admin - TOBI-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Tobi\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (en-US)

Datei : C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\kig34tlw.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rt1s26ru.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v27.0.1453.110

Datei : C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S2].txt - [4158 octets] - [12/06/2013 22:13:11]
AdwCleaner[S3].txt - [1297 octets] - [12/06/2013 22:21:50]
AdwCleaner[S4].txt - [1230 octets] - [12/06/2013 22:29:56]

########## EOF - \AdwCleaner[S4].txt - [1290 octets] ##########
--- --- ---
AdwCleaner Logfile:
Code:
# AdwCleaner v2.303 - Datei am 12/06/2013 um 22:33:03 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Admin - TOBI-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Tobi\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (en-US)

Datei : C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\kig34tlw.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rt1s26ru.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v27.0.1453.110

Datei : C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S2].txt - [4158 octets] - [12/06/2013 22:13:11]
AdwCleaner[S3].txt - [1297 octets] - [12/06/2013 22:21:50]
AdwCleaner[S4].txt - [1357 octets] - [12/06/2013 22:29:56]
AdwCleaner[S5].txt - [1290 octets] - [12/06/2013 22:33:03]

########## EOF - \AdwCleaner[S5].txt - [1350 octets] ##########
--- --- ---
AdwCleaner Logfile:
Code:
# AdwCleaner v2.303 - Datei am 12/06/2013 um 22:37:55 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Admin - TOBI-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Tobi\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (en-US)

Datei : C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\kig34tlw.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rt1s26ru.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v27.0.1453.110

Datei : C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S2].txt - [4158 octets] - [12/06/2013 22:13:11]
AdwCleaner[S3].txt - [1297 octets] - [12/06/2013 22:21:50]
AdwCleaner[S4].txt - [1357 octets] - [12/06/2013 22:29:56]
AdwCleaner[S5].txt - [1417 octets] - [12/06/2013 22:33:03]
AdwCleaner[S6].txt - [1350 octets] - [12/06/2013 22:37:55]

########## EOF - \AdwCleaner[S6].txt - [1410 octets] ##########
--- --- ---
AdwCleaner Logfile:
Code:
# AdwCleaner v2.303 - Datei am 12/06/2013 um 22:41:05 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Admin - TOBI-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Tobi\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (en-US)

Datei : C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\kig34tlw.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rt1s26ru.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v27.0.1453.110

Datei : C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S2].txt - [4158 octets] - [12/06/2013 22:13:11]
AdwCleaner[S3].txt - [1297 octets] - [12/06/2013 22:21:50]
AdwCleaner[S4].txt - [1357 octets] - [12/06/2013 22:29:56]
AdwCleaner[S5].txt - [1417 octets] - [12/06/2013 22:33:03]
AdwCleaner[S6].txt - [1477 octets] - [12/06/2013 22:37:55]
AdwCleaner[S7].txt - [1410 octets] - [12/06/2013 22:41:05]

########## EOF - \AdwCleaner[S7].txt - [1470 octets] ##########
--- --- ---
AdwCleaner Logfile:
Code:
# AdwCleaner v2.303 - Datei am 12/06/2013 um 22:43:53 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Admin - TOBI-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Tobi\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (en-US)

Datei : C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\kig34tlw.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rt1s26ru.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v27.0.1453.110

Datei : C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S2].txt - [4158 octets] - [12/06/2013 22:13:11]
AdwCleaner[S3].txt - [1297 octets] - [12/06/2013 22:21:50]
AdwCleaner[S4].txt - [1357 octets] - [12/06/2013 22:29:56]
AdwCleaner[S5].txt - [1417 octets] - [12/06/2013 22:33:03]
AdwCleaner[S6].txt - [1477 octets] - [12/06/2013 22:37:55]
AdwCleaner[S7].txt - [1537 octets] - [12/06/2013 22:41:05]
AdwCleaner[S8].txt - [1470 octets] - [12/06/2013 22:43:53]

########## EOF - \AdwCleaner[S8].txt - [1530 octets] ##########
--- --- ---
AdwCleaner Logfile:
Code:
# AdwCleaner v2.303 - Datei am 12/06/2013 um 22:46:24 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Admin - TOBI-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Tobi\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (en-US)

Datei : C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\kig34tlw.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rt1s26ru.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v27.0.1453.110

Datei : C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S2].txt - [4158 octets] - [12/06/2013 22:13:11]
AdwCleaner[S3].txt - [1297 octets] - [12/06/2013 22:21:50]
AdwCleaner[S4].txt - [1357 octets] - [12/06/2013 22:29:56]
AdwCleaner[S5].txt - [1417 octets] - [12/06/2013 22:33:03]
AdwCleaner[S6].txt - [1477 octets] - [12/06/2013 22:37:55]
AdwCleaner[S7].txt - [1537 octets] - [12/06/2013 22:41:05]
AdwCleaner[S8].txt - [1597 octets] - [12/06/2013 22:43:53]
AdwCleaner[S9].txt - [1530 octets] - [12/06/2013 22:46:25]

########## EOF - \AdwCleaner[S9].txt - [1590 octets] ##########
--- --- ---
AdwCleaner Logfile:
Code:
# AdwCleaner v2.303 - Datei am 12/06/2013 um 22:48:54 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Admin - TOBI-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Tobi\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (en-US)

Datei : C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\kig34tlw.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rt1s26ru.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v27.0.1453.110

Datei : C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S10].txt - [1110 octets] - [12/06/2013 22:48:54]
AdwCleaner[S2].txt - [4158 octets] - [12/06/2013 22:13:11]
AdwCleaner[S3].txt - [1297 octets] - [12/06/2013 22:21:50]
AdwCleaner[S4].txt - [1357 octets] - [12/06/2013 22:29:56]
AdwCleaner[S5].txt - [1417 octets] - [12/06/2013 22:33:03]
AdwCleaner[S6].txt - [1477 octets] - [12/06/2013 22:37:55]
AdwCleaner[S7].txt - [1537 octets] - [12/06/2013 22:41:05]
AdwCleaner[S8].txt - [1597 octets] - [12/06/2013 22:43:53]
AdwCleaner[S9].txt - [1657 octets] - [12/06/2013 22:46:25]

########## EOF - \AdwCleaner[S10].txt - [1651 octets] ##########
--- --- ---
AdwCleaner Logfile:
Code:
# AdwCleaner v2.303 - Datei am 12/06/2013 um 22:51:33 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Admin - TOBI-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Tobi\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (en-US)

Datei : C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\kig34tlw.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rt1s26ru.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v27.0.1453.110

Datei : C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S10].txt - [1719 octets] - [12/06/2013 22:48:54]
AdwCleaner[S11].txt - [1171 octets] - [12/06/2013 22:51:33]
AdwCleaner[S2].txt - [4158 octets] - [12/06/2013 22:13:11]
AdwCleaner[S3].txt - [1297 octets] - [12/06/2013 22:21:50]
AdwCleaner[S4].txt - [1357 octets] - [12/06/2013 22:29:56]
AdwCleaner[S5].txt - [1417 octets] - [12/06/2013 22:33:03]
AdwCleaner[S6].txt - [1477 octets] - [12/06/2013 22:37:55]
AdwCleaner[S7].txt - [1537 octets] - [12/06/2013 22:41:05]
AdwCleaner[S8].txt - [1597 octets] - [12/06/2013 22:43:53]
AdwCleaner[S9].txt - [1657 octets] - [12/06/2013 22:46:25]

########## EOF - \AdwCleaner[S11].txt - [1712 octets] ##########
--- --- ---
AdwCleaner Logfile:
Code:
# AdwCleaner v2.303 - Datei am 12/06/2013 um 22:54:35 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Admin - TOBI-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Tobi\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (en-US)

Datei : C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\kig34tlw.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rt1s26ru.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v27.0.1453.110

Datei : C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S10].txt - [1719 octets] - [12/06/2013 22:48:54]
AdwCleaner[S11].txt - [1780 octets] - [12/06/2013 22:51:33]
AdwCleaner[S12].txt - [1232 octets] - [12/06/2013 22:54:35]
AdwCleaner[S2].txt - [4158 octets] - [12/06/2013 22:13:11]
AdwCleaner[S3].txt - [1297 octets] - [12/06/2013 22:21:50]
AdwCleaner[S4].txt - [1357 octets] - [12/06/2013 22:29:56]
AdwCleaner[S5].txt - [1417 octets] - [12/06/2013 22:33:03]
AdwCleaner[S6].txt - [1477 octets] - [12/06/2013 22:37:55]
AdwCleaner[S7].txt - [1537 octets] - [12/06/2013 22:41:05]
AdwCleaner[S8].txt - [1597 octets] - [12/06/2013 22:43:53]
AdwCleaner[S9].txt - [1657 octets] - [12/06/2013 22:46:25]

########## EOF - \AdwCleaner[S12].txt - [1773 octets] ##########
--- --- ---
AdwCleaner Logfile:
Code:
# AdwCleaner v2.303 - Datei am 12/06/2013 um 22:57:05 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Admin - TOBI-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Tobi\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (en-US)

Datei : C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\kig34tlw.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rt1s26ru.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v27.0.1453.110

Datei : C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S10].txt - [1719 octets] - [12/06/2013 22:48:54]
AdwCleaner[S11].txt - [1780 octets] - [12/06/2013 22:51:33]
AdwCleaner[S12].txt - [1841 octets] - [12/06/2013 22:54:35]
AdwCleaner[S13].txt - [1293 octets] - [12/06/2013 22:57:05]
AdwCleaner[S2].txt - [4158 octets] - [12/06/2013 22:13:11]
AdwCleaner[S3].txt - [1297 octets] - [12/06/2013 22:21:50]
AdwCleaner[S4].txt - [1357 octets] - [12/06/2013 22:29:56]
AdwCleaner[S5].txt - [1417 octets] - [12/06/2013 22:33:03]
AdwCleaner[S6].txt - [1477 octets] - [12/06/2013 22:37:55]
AdwCleaner[S7].txt - [1537 octets] - [12/06/2013 22:41:05]
AdwCleaner[S8].txt - [1597 octets] - [12/06/2013 22:43:53]
AdwCleaner[S9].txt - [1657 octets] - [12/06/2013 22:46:25]

########## EOF - \AdwCleaner[S13].txt - [1834 octets] ##########
--- --- ---
AdwCleaner Logfile:
Code:
# AdwCleaner v2.303 - Datei am 12/06/2013 um 22:59:34 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Admin - TOBI-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Tobi\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (en-US)

Datei : C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\kig34tlw.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rt1s26ru.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v27.0.1453.110

Datei : C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S10].txt - [1719 octets] - [12/06/2013 22:48:54]
AdwCleaner[S11].txt - [1780 octets] - [12/06/2013 22:51:33]
AdwCleaner[S12].txt - [1841 octets] - [12/06/2013 22:54:35]
AdwCleaner[S13].txt - [1902 octets] - [12/06/2013 22:57:05]
AdwCleaner[S14].txt - [1354 octets] - [12/06/2013 22:59:34]
AdwCleaner[S2].txt - [4158 octets] - [12/06/2013 22:13:11]
AdwCleaner[S3].txt - [1297 octets] - [12/06/2013 22:21:50]
AdwCleaner[S4].txt - [1357 octets] - [12/06/2013 22:29:56]
AdwCleaner[S5].txt - [1417 octets] - [12/06/2013 22:33:03]
AdwCleaner[S6].txt - [1477 octets] - [12/06/2013 22:37:55]
AdwCleaner[S7].txt - [1537 octets] - [12/06/2013 22:41:05]
AdwCleaner[S8].txt - [1597 octets] - [12/06/2013 22:43:53]
AdwCleaner[S9].txt - [1657 octets] - [12/06/2013 22:46:25]

########## EOF - \AdwCleaner[S14].txt - [1895 octets] ##########
--- --- ---
AdwCleaner Logfile:
Code:
# AdwCleaner v2.303 - Datei am 12/06/2013 um 23:02:26 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Admin - TOBI-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Tobi\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (en-US)

Datei : C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\kig34tlw.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rt1s26ru.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v27.0.1453.110

Datei : C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S10].txt - [1719 octets] - [12/06/2013 22:48:54]
AdwCleaner[S11].txt - [1780 octets] - [12/06/2013 22:51:33]
AdwCleaner[S12].txt - [1841 octets] - [12/06/2013 22:54:35]
AdwCleaner[S13].txt - [1902 octets] - [12/06/2013 22:57:05]
AdwCleaner[S14].txt - [1963 octets] - [12/06/2013 22:59:34]
AdwCleaner[S15].txt - [1415 octets] - [12/06/2013 23:02:26]
AdwCleaner[S2].txt - [4158 octets] - [12/06/2013 22:13:11]
AdwCleaner[S3].txt - [1297 octets] - [12/06/2013 22:21:50]
AdwCleaner[S4].txt - [1357 octets] - [12/06/2013 22:29:56]
AdwCleaner[S5].txt - [1417 octets] - [12/06/2013 22:33:03]
AdwCleaner[S6].txt - [1477 octets] - [12/06/2013 22:37:55]
AdwCleaner[S7].txt - [1537 octets] - [12/06/2013 22:41:05]
AdwCleaner[S8].txt - [1597 octets] - [12/06/2013 22:43:53]
AdwCleaner[S9].txt - [1657 octets] - [12/06/2013 22:46:25]

########## EOF - \AdwCleaner[S15].txt - [1956 octets] ##########
--- --- ---
AdwCleaner Logfile:
Code:
# AdwCleaner v2.303 - Datei am 12/06/2013 um 23:05:05 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Admin - TOBI-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Tobi\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (en-US)

Datei : C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\kig34tlw.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rt1s26ru.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v27.0.1453.110

Datei : C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S10].txt - [1719 octets] - [12/06/2013 22:48:54]
AdwCleaner[S11].txt - [1780 octets] - [12/06/2013 22:51:33]
AdwCleaner[S12].txt - [1841 octets] - [12/06/2013 22:54:35]
AdwCleaner[S13].txt - [1902 octets] - [12/06/2013 22:57:05]
AdwCleaner[S14].txt - [1963 octets] - [12/06/2013 22:59:34]
AdwCleaner[S15].txt - [2024 octets] - [12/06/2013 23:02:26]
AdwCleaner[S16].txt - [1476 octets] - [12/06/2013 23:05:05]
AdwCleaner[S2].txt - [4158 octets] - [12/06/2013 22:13:11]
AdwCleaner[S3].txt - [1297 octets] - [12/06/2013 22:21:50]
AdwCleaner[S4].txt - [1357 octets] - [12/06/2013 22:29:56]
AdwCleaner[S5].txt - [1417 octets] - [12/06/2013 22:33:03]
AdwCleaner[S6].txt - [1477 octets] - [12/06/2013 22:37:55]
AdwCleaner[S7].txt - [1537 octets] - [12/06/2013 22:41:05]
AdwCleaner[S8].txt - [1597 octets] - [12/06/2013 22:43:53]
AdwCleaner[S9].txt - [1657 octets] - [12/06/2013 22:46:25]

########## EOF - \AdwCleaner[S16].txt - [2017 octets] ##########
--- --- ---
AdwCleaner Logfile:
Code:
# AdwCleaner v2.303 - Datei am 12/06/2013 um 23:13:50 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Admin - TOBI-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Tobi\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (en-US)

Datei : C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\kig34tlw.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rt1s26ru.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v27.0.1453.110

Datei : C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S10].txt - [1719 octets] - [12/06/2013 22:48:54]
AdwCleaner[S11].txt - [1780 octets] - [12/06/2013 22:51:33]
AdwCleaner[S12].txt - [1841 octets] - [12/06/2013 22:54:35]
AdwCleaner[S13].txt - [1902 octets] - [12/06/2013 22:57:05]
AdwCleaner[S14].txt - [1963 octets] - [12/06/2013 22:59:34]
AdwCleaner[S15].txt - [2024 octets] - [12/06/2013 23:02:26]
AdwCleaner[S16].txt - [2085 octets] - [12/06/2013 23:05:05]
AdwCleaner[S18].txt - [1537 octets] - [12/06/2013 23:13:50]
AdwCleaner[S2].txt - [4158 octets] - [12/06/2013 22:13:11]
AdwCleaner[S3].txt - [1297 octets] - [12/06/2013 22:21:50]
AdwCleaner[S4].txt - [1357 octets] - [12/06/2013 22:29:56]
AdwCleaner[S5].txt - [1417 octets] - [12/06/2013 22:33:03]
AdwCleaner[S6].txt - [1477 octets] - [12/06/2013 22:37:55]
AdwCleaner[S7].txt - [1537 octets] - [12/06/2013 22:41:05]
AdwCleaner[S8].txt - [1597 octets] - [12/06/2013 22:43:53]
AdwCleaner[S9].txt - [1657 octets] - [12/06/2013 22:46:25]

########## EOF - \AdwCleaner[S18].txt - [2078 octets] ##########
--- --- ---
AdwCleaner Logfile:
Code:
# AdwCleaner v2.303 - Datei am 12/06/2013 um 23:16:04 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Admin - TOBI-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Tobi\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (en-US)

Datei : C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\kig34tlw.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rt1s26ru.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v27.0.1453.110

Datei : C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S10].txt - [1719 octets] - [12/06/2013 22:48:54]
AdwCleaner[S11].txt - [1780 octets] - [12/06/2013 22:51:33]
AdwCleaner[S12].txt - [1841 octets] - [12/06/2013 22:54:35]
AdwCleaner[S13].txt - [1902 octets] - [12/06/2013 22:57:05]
AdwCleaner[S14].txt - [1963 octets] - [12/06/2013 22:59:34]
AdwCleaner[S15].txt - [2024 octets] - [12/06/2013 23:02:26]
AdwCleaner[S16].txt - [2085 octets] - [12/06/2013 23:05:05]
AdwCleaner[S18].txt - [2146 octets] - [12/06/2013 23:13:50]
AdwCleaner[S19].txt - [1598 octets] - [12/06/2013 23:16:04]
AdwCleaner[S2].txt - [4158 octets] - [12/06/2013 22:13:11]
AdwCleaner[S3].txt - [1297 octets] - [12/06/2013 22:21:50]
AdwCleaner[S4].txt - [1357 octets] - [12/06/2013 22:29:56]
AdwCleaner[S5].txt - [1417 octets] - [12/06/2013 22:33:03]
AdwCleaner[S6].txt - [1477 octets] - [12/06/2013 22:37:55]
AdwCleaner[S7].txt - [1537 octets] - [12/06/2013 22:41:05]
AdwCleaner[S8].txt - [1597 octets] - [12/06/2013 22:43:53]
AdwCleaner[S9].txt - [1657 octets] - [12/06/2013 22:46:25]

########## EOF - \AdwCleaner[S19].txt - [2139 octets] ##########
--- --- ---
AdwCleaner Logfile:
Code:
# AdwCleaner v2.303 - Datei am 12/06/2013 um 23:18:19 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Admin - TOBI-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Tobi\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (en-US)

Datei : C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\kig34tlw.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rt1s26ru.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v27.0.1453.110

Datei : C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S10].txt - [1719 octets] - [12/06/2013 22:48:54]
AdwCleaner[S11].txt - [1780 octets] - [12/06/2013 22:51:33]
AdwCleaner[S12].txt - [1841 octets] - [12/06/2013 22:54:35]
AdwCleaner[S13].txt - [1902 octets] - [12/06/2013 22:57:05]
AdwCleaner[S14].txt - [1963 octets] - [12/06/2013 22:59:34]
AdwCleaner[S15].txt - [2024 octets] - [12/06/2013 23:02:26]
AdwCleaner[S16].txt - [2085 octets] - [12/06/2013 23:05:05]
AdwCleaner[S18].txt - [2146 octets] - [12/06/2013 23:13:50]
AdwCleaner[S19].txt - [2207 octets] - [12/06/2013 23:16:04]
AdwCleaner[S20].txt - [1659 octets] - [12/06/2013 23:18:19]
AdwCleaner[S2].txt - [4158 octets] - [12/06/2013 22:13:11]
AdwCleaner[S3].txt - [1297 octets] - [12/06/2013 22:21:50]
AdwCleaner[S4].txt - [1357 octets] - [12/06/2013 22:29:56]
AdwCleaner[S5].txt - [1417 octets] - [12/06/2013 22:33:03]
AdwCleaner[S6].txt - [1477 octets] - [12/06/2013 22:37:55]
AdwCleaner[S7].txt - [1537 octets] - [12/06/2013 22:41:05]
AdwCleaner[S8].txt - [1597 octets] - [12/06/2013 22:43:53]
AdwCleaner[S9].txt - [1657 octets] - [12/06/2013 22:46:25]

########## EOF - \AdwCleaner[S20].txt - [2200 octets] ##########
--- --- ---
AdwCleaner Logfile:
Code:
# AdwCleaner v2.303 - Datei am 12/06/2013 um 23:20:29 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Admin - TOBI-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Tobi\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (en-US)

Datei : C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\kig34tlw.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rt1s26ru.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v27.0.1453.110

Datei : C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S10].txt - [1719 octets] - [12/06/2013 22:48:54]
AdwCleaner[S11].txt - [1780 octets] - [12/06/2013 22:51:33]
AdwCleaner[S12].txt - [1841 octets] - [12/06/2013 22:54:35]
AdwCleaner[S13].txt - [1902 octets] - [12/06/2013 22:57:05]
AdwCleaner[S14].txt - [1963 octets] - [12/06/2013 22:59:34]
AdwCleaner[S15].txt - [2024 octets] - [12/06/2013 23:02:26]
AdwCleaner[S16].txt - [2085 octets] - [12/06/2013 23:05:05]
AdwCleaner[S18].txt - [2146 octets] - [12/06/2013 23:13:50]
AdwCleaner[S19].txt - [2207 octets] - [12/06/2013 23:16:04]
AdwCleaner[S20].txt - [2268 octets] - [12/06/2013 23:18:19]
AdwCleaner[S21].txt - [1720 octets] - [12/06/2013 23:20:29]
AdwCleaner[S2].txt - [4158 octets] - [12/06/2013 22:13:11]
AdwCleaner[S3].txt - [1297 octets] - [12/06/2013 22:21:50]
AdwCleaner[S4].txt - [1357 octets] - [12/06/2013 22:29:56]
AdwCleaner[S5].txt - [1417 octets] - [12/06/2013 22:33:03]
AdwCleaner[S6].txt - [1477 octets] - [12/06/2013 22:37:55]
AdwCleaner[S7].txt - [1537 octets] - [12/06/2013 22:41:05]
AdwCleaner[S8].txt - [1597 octets] - [12/06/2013 22:43:53]
AdwCleaner[S9].txt - [1657 octets] - [12/06/2013 22:46:25]

########## EOF - \AdwCleaner[S21].txt - [2261 octets] ##########
--- --- ---
AdwCleaner Logfile:
Code:
# AdwCleaner v2.303 - Datei am 12/06/2013 um 23:22:40 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Admin - TOBI-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Tobi\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (en-US)

Datei : C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\kig34tlw.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rt1s26ru.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v27.0.1453.110

Datei : C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S10].txt - [1719 octets] - [12/06/2013 22:48:54]
AdwCleaner[S11].txt - [1780 octets] - [12/06/2013 22:51:33]
AdwCleaner[S12].txt - [1841 octets] - [12/06/2013 22:54:35]
AdwCleaner[S13].txt - [1902 octets] - [12/06/2013 22:57:05]
AdwCleaner[S14].txt - [1963 octets] - [12/06/2013 22:59:34]
AdwCleaner[S15].txt - [2024 octets] - [12/06/2013 23:02:26]
AdwCleaner[S16].txt - [2085 octets] - [12/06/2013 23:05:05]
AdwCleaner[S18].txt - [2146 octets] - [12/06/2013 23:13:50]
AdwCleaner[S19].txt - [2207 octets] - [12/06/2013 23:16:04]
AdwCleaner[S20].txt - [2268 octets] - [12/06/2013 23:18:19]
AdwCleaner[S21].txt - [2329 octets] - [12/06/2013 23:20:29]
AdwCleaner[S22].txt - [1781 octets] - [12/06/2013 23:22:40]
AdwCleaner[S2].txt - [4158 octets] - [12/06/2013 22:13:11]
AdwCleaner[S3].txt - [1297 octets] - [12/06/2013 22:21:50]
AdwCleaner[S4].txt - [1357 octets] - [12/06/2013 22:29:56]
AdwCleaner[S5].txt - [1417 octets] - [12/06/2013 22:33:03]
AdwCleaner[S6].txt - [1477 octets] - [12/06/2013 22:37:55]
AdwCleaner[S7].txt - [1537 octets] - [12/06/2013 22:41:05]
AdwCleaner[S8].txt - [1597 octets] - [12/06/2013 22:43:53]
AdwCleaner[S9].txt - [1657 octets] - [12/06/2013 22:46:25]

########## EOF - \AdwCleaner[S22].txt - [2322 octets] ##########
--- --- ---

markusg 13.06.2013 18:08
du sagtest doch, es findet noch was, also ich sehe da nichts, zeigt dir das programm irgendwas an?

Tobi1985K 13.06.2013 18:11
Na jedes Mal wenn ich auf "Löschen" nach dem Hochfahren klicke, macht er was, dann sagt er es muss neu gestartet werden. Und das hat er 22 mal gemacht. Aber ich musste das Programm selber öffnen, das hat er nicht selber gemacht.

markusg 13.06.2013 18:15
komisch.
ok lade mal Hitmanpro:
HitmanPro - Download - Filepony

doppelklicken, Scan klicken.
Nichts löschen, auf weiter klicken.
Log speichern und posten, bzw als XML exportieren, packen und anhängen

Tobi1985K 13.06.2013 18:32
Code:
HitmanPro 3.7.6.201
www.hitmanpro.com

  Computer name . . . . : TOBI-PC
  Windows . . . . . . . : 6.1.1.7601.X64/2
  User name . . . . . . : Tobi-PC\Admin
  UAC . . . . . . . . . : Enabled
  License . . . . . . . : Free

  Scan date . . . . . . : 2013-06-13 19:26:15
  Scan mode . . . . . . : Normal
  Scan duration . . . . : 3m 23s
  Disk access mode  . . : Direct disk access (SRB)
  Cloud . . . . . . . . : Internet
  Reboot  . . . . . . . : No

  Threats . . . . . . . : 0
  Traces  . . . . . . . : 44

  Objects scanned . . . : 1.580.578
  Files scanned . . . . : 17.930
  Remnants scanned  . . : 483.551 files / 1.079.097 keys

Potential Unwanted Programs _________________________________________________

  HKU\S-1-5-21-1044226639-1867335067-3542661926-1001\Software\Softonic\ (Softonic)

Cookies _____________________________________________________________________

  C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\0M5C6XLV.txt
  C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\R3Z1H00M.txt
  C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\UL1R76R5.txt
  C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\kig34tlw.default\cookies.sqlite:track.webtrekk.net
Ich hab auf "weiter" gedrückt, aber gelöscht hat er dennoch irgendwelche 4 cookies

markusg 13.06.2013 18:34
ok, dann mal alle Hitmanpro funde löschen lassen, neustart, neues otl log

Tobi1985K 13.06.2013 20:55
Code:
HitmanPro 3.7.6.201
www.hitmanpro.com

  Computer name . . . . : TOBI-PC
  Windows . . . . . . . : 6.1.1.7601.X64/2
  User name . . . . . . : Tobi-PC\Admin
  UAC . . . . . . . . . : Enabled
  License . . . . . . . : Trial (30 days left)

  Scan date . . . . . . : 2013-06-13 21:50:45
  Scan mode . . . . . . : Normal
  Scan duration . . . . : 3m 51s
  Disk access mode  . . : Direct disk access (SRB)
  Cloud . . . . . . . . : Internet
  Reboot  . . . . . . . : No

  Threats . . . . . . . : 0
  Traces  . . . . . . . : 0

  Objects scanned . . . : 1.575.807
  Files scanned . . . . : 17.591
  Remnants scanned  . . : 483.712 files / 1.074.504 keys

markusg 13.06.2013 21:16
sieht gut aus, neues otl log bitte

Tobi1985K 14.06.2013 20:07
Code:
HitmanPro 3.7.6.201
www.hitmanpro.com

  Computer name . . . . : TOBI-PC
  Windows . . . . . . . : 6.1.1.7601.X64/2
  User name . . . . . . : Tobi-PC\Admin
  UAC . . . . . . . . . : Enabled
  License . . . . . . . : Trial (29 days left)

  Scan date . . . . . . : 2013-06-14 21:00:12
  Scan mode . . . . . . : Normal
  Scan duration . . . . : 5m 55s
  Disk access mode  . . : Direct disk access (SRB)
  Cloud . . . . . . . . : Internet
  Reboot  . . . . . . . : No

  Threats . . . . . . . : 0
  Traces  . . . . . . . : 9

  Objects scanned . . . : 1.892.886
  Files scanned . . . . : 17.946
  Remnants scanned  . . : 483.820 files / 1.391.120 keys

Cookies _____________________________________________________________________

  C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\kig34tlw.default\cookies.sqlite:smartadserver.com

markusg 14.06.2013 20:31
sieht gut aus, neues otl log bitte

Tobi1985K 14.06.2013 20:43
Code:
HitmanPro 3.7.6.201
www.hitmanpro.com

  Computer name . . . . : TOBI-PC
  Windows . . . . . . . : 6.1.1.7601.X64/2
  User name . . . . . . : Tobi-PC\Admin
  UAC . . . . . . . . . : Enabled
  License . . . . . . . : Trial (29 days left)

  Scan date . . . . . . : 2013-06-14 21:39:13
  Scan mode . . . . . . : Normal
  Scan duration . . . . : 2m 39s
  Disk access mode  . . : Direct disk access (SRB)
  Cloud . . . . . . . . : Internet
  Reboot  . . . . . . . : No

  Threats . . . . . . . : 0
  Traces  . . . . . . . : 54

  Objects scanned . . . : 1.575.937
  Files scanned . . . . : 18.148
  Remnants scanned  . . : 484.855 files / 1.072.934 keys

Cookies _____________________________________________________________________

  C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\kig34tlw.default\cookies.sqlite:atdmt.com
  C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\kig34tlw.default\cookies.sqlite:de.sitestat.com
  C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\kig34tlw.default\cookies.sqlite:doubleclick.net
  C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\kig34tlw.default\cookies.sqlite:fr.sitestat.com
  C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\kig34tlw.default\cookies.sqlite:www.etracker.de
  C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\kig34tlw.default\cookies.sqlite:xiti.com

markusg 14.06.2013 20:46
aber ich wollte ein neues otl log

Tobi1985K 14.06.2013 21:32
Ah, sorry, war grad mit den Gedanken bei Hitman ;-)OTL Logfile:
Code:
OTL logfile created on: 14.06.2013 21:49:41 - Run 5
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Tobi\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 62,84% Memory free
7,99 Gb Paging File | 6,48 Gb Available in Paging File | 81,14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,74 Gb Total Space | 290,73 Gb Free Space | 64,36% Space Free | Partition Type: NTFS
Drive D: | 13,72 Gb Total Space | 2,27 Gb Free Space | 16,58% Space Free | Partition Type: NTFS
Drive E: | 99,02 Mb Total Space | 96,46 Mb Free Space | 97,41% Space Free | Partition Type: FAT32
 
Computer Name: TOBI-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Tobi\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
PRC - C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GmbH)
PRC - C:\Program Files (x86)\PDF Architect\ConversionService.exe (pdfforge GmbH)
PRC - C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe (Siber Systems)
PRC - C:\Program Files (x86)\Secunia\PSI\psia.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
PRC - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 6\TotalMedia Server\TM Server.exe (ArcSoft Inc.)
PRC - C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe (ArcSoft, Inc.)
PRC - C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe (Telefónica I+D)
PRC - C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe ()
PRC - C:\Program Files (x86)\Lexmark 2600 Series\ezprint.exe (Lexmark International Inc.)
PRC - C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe ()
PRC - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe (Panda Security)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll ()
MOD - C:\Program Files (x86)\Unlocker\UnlockerHook.dll ()
MOD - C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe ()
MOD - C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe ()
MOD - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\Lexmark 2600 Series\lxdndrs.dll ()
MOD - C:\Program Files (x86)\Lexmark 2600 Series\lxdnscw.dll ()
MOD - C:\Program Files (x86)\Lexmark 2600 Series\lxdncaps.dll ()
MOD - C:\Program Files (x86)\Lexmark 2600 Series\iptk.dll ()
MOD - C:\Program Files (x86)\Lexmark 2600 Series\lxdncnv4.dll ()
MOD - C:\Program Files (x86)\Lexmark 2600 Series\lxdndatr.dll ()
MOD - C:\Program Files (x86)\Lexmark 2600 Series\lxdncats.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard Company)
SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe (IDT, Inc.)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (lxdn_device) -- C:\Windows\SysNative\lxdncoms.exe ( )
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (BingDesktopUpdate) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
SRV - (PDF Architect Helper Service) -- C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GmbH)
SRV - (PDF Architect Service) -- C:\Program Files (x86)\PDF Architect\ConversionService.exe (pdfforge GmbH)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\psia.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.)
SRV - (SbieSvc) -- C:\Programme\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company)
SRV - (ADExchange) -- C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe (ArcSoft, Inc.)
SRV - (TGCM_ImportWiFiSvc) -- C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe (Telefónica I+D)
SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe (IDT, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (AESTFilters) -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe (Andrea Electronics Corporation)
SRV - (ezSharedSvc) -- C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)
SRV - (lxdn_device) -- C:\Windows\SysWOW64\lxdncoms.exe ( )
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (PSI) -- C:\Windows\SysNative\drivers\psi_mf_amd64.sys (Secunia)
DRV:64bit: - (ArcCtrl) -- C:\Windows\SysNative\drivers\ArcCtrl.sys ()
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(DEVGURU :: DEVGURU? ????? ?????.))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(DEVGURU :: DEVGURU? ????? ?????.))
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (NBVol) -- C:\Windows\SysNative\drivers\NBVol.sys (Nero AG)
DRV:64bit: - (NBVolUp) -- C:\Windows\SysNative\drivers\NBVolUp.sys (Nero AG)
DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard Company)
DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard Company)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (ZTEusbser6k) -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV:64bit: - (ZTEusbnmea) -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV:64bit: - (ZTEusbmdm6k) -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV:64bit: - (massfilter) -- C:\Windows\SysNative\drivers\massfilter.sys (ZTE Incorporated)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (enecir) -- C:\Windows\SysNative\drivers\enecir.sys (ENE TECHNOLOGY INC.)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corp)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (AtiPcie) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (massfilter_hs) -- C:\Windows\SysNative\drivers\massfilter_hs.sys (ZTE Incorporated)
DRV - (SbieDrv) -- C:\Programme\Sandboxie\SbieDrv.sys (SANDBOXIE L.T.D)
DRV - ({55662437-DA8C-40c0-AADA-2C816A897A49}) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl (CyberLink Corp.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{F0E73948-74C1-4CF4-BEE3-A2AA50FF11E8}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{F0E73948-74C1-4CF4-BEE3-A2AA50FF11E8}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-1044226639-1867335067-3542661926-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
IE - HKU\S-1-5-21-1044226639-1867335067-3542661926-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1044226639-1867335067-3542661926-1001\..\SearchScopes\{4D9CE09C-E5BE-4E53-89B3-4F7F14CDFBC5}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
IE - HKU\S-1-5-21-1044226639-1867335067-3542661926-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SUNC_de
IE - HKU\S-1-5-21-1044226639-1867335067-3542661926-1001\..\SearchScopes\{7A25A554-4A95-47F3-9620-B124742D1B83}: "URL" = hxxp://www.bing.com/search?FORM=BDKTDF&PC=BDT3&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-1044226639-1867335067-3542661926-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-1044226639-1867335067-3542661926-1005\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
IE - HKU\S-1-5-21-1044226639-1867335067-3542661926-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKU\S-1-5-21-1044226639-1867335067-3542661926-1005\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1044226639-1867335067-3542661926-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.05.13 17:28:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2013.03.01 18:38:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013.05.06 19:17:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.06.08 10:39:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.06.08 10:39:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.03.26 20:10:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2013.06.08 19:43:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Extensions
[2013.06.08 19:43:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\extensions
[2013.06.12 22:04:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\extensions\extensions
[2013.06.12 22:04:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\rt1s26ru.default\extensions
[2013.05.28 18:09:42 | 000,197,611 | ---- | M] () (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\extensions\ftdownloader4@ftdownloader.com.xpi
[2013.06.12 22:13:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.06.08 10:39:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013.06.08 10:39:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013.06.08 10:39:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013.06.08 10:39:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}
[2013.06.08 10:39:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.06.08 10:39:28 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
 
O1 HOSTS File: ([2013.06.08 21:47:23 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark 2600 Series\ezprint.exe (Lexmark International Inc.)
O4:64bit: - HKLM..\Run: [lxdnmon.exe] C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe ()
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe ()
O4 - HKU\S-1-5-21-1044226639-1867335067-3542661926-1001..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKU\S-1-5-21-1044226639-1867335067-3542661926-1001..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKU\S-1-5-21-1044226639-1867335067-3542661926-1005..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4:64bit: - HKLM..\RunOnce: [*WerKernelReporting] C:\Windows\SysNative\WerFault.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-21-1044226639-1867335067-3542661926-1005..\RunOnce: [Report] \AdwCleaner[S22].txt File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1044226639-1867335067-3542661926-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1044226639-1867335067-3542661926-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-1044226639-1867335067-3542661926-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O7 - HKU\S-1-5-21-1044226639-1867335067-3542661926-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1044226639-1867335067-3542661926-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1044226639-1867335067-3542661926-501\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O13 - gopher Prefix: missing
O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_Win32.cab (20-20 3D Viewer)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{83FA5D62-306C-4DC6-ACB7-224A51B61C53}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FBFB82D4-F78D-4FE9-B52A-4807B1133424}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261339~1.144\{c16c1~1\browserdefender.dll) -  File not found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
 
NetSvcs: ezSharedSvc - C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)
 
MsConfig:64bit - State: "startup" - Reg Error: Key error.
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.12 22:00:19 | 000,692,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.06.12 22:00:19 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.06.12 21:58:40 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Macromedia
[2013.06.12 21:58:39 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Adobe
[2013.06.12 19:47:40 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.06.11 22:49:13 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.06.11 22:49:12 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.06.11 22:49:11 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.06.11 22:49:11 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.06.11 22:49:11 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.06.11 22:49:11 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.06.11 22:49:11 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.06.11 22:49:11 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.06.11 22:49:11 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.06.11 22:49:11 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.06.11 22:49:11 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.06.11 22:49:10 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.06.11 22:49:09 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.06.11 22:49:09 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.06.11 22:49:09 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.06.11 21:41:09 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2013.06.11 21:41:09 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2013.06.11 21:41:05 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013.06.11 21:41:05 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013.06.11 21:41:00 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.06.11 21:40:44 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013.06.11 21:40:44 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2013.06.11 21:40:44 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2013.06.11 21:40:43 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013.06.11 21:40:43 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2013.06.11 21:40:43 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2013.06.11 21:40:28 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.06.11 21:40:28 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.06.11 20:49:09 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\temp
[2013.06.11 20:45:34 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.06.08 21:22:44 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013.06.08 19:43:17 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Mozilla
[2013.06.08 19:43:15 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Mozilla
[2013.06.08 19:43:04 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com
[2013.06.08 10:39:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.14 21:19:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.14 20:59:51 | 000,023,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.14 20:59:51 | 000,023,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.14 20:54:19 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.14 20:54:01 | 000,003,320 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2013.06.14 20:52:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.14 20:52:40 | 3218,235,392 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.13 19:30:01 | 000,001,798 | ---- | M] () -- C:\Users\Admin\Desktop\HitmanPro_20130613_1929.xml
[2013.06.12 23:09:42 | 365,353,613 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.06.12 22:00:19 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.06.12 22:00:19 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.06.12 20:04:14 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.06.08 21:47:23 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.06.08 19:43:04 | 000,000,870 | ---- | M] () -- C:\Users\Admin\Desktop\FTDownloader.lnk
[2013.06.06 20:22:28 | 000,002,143 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.06.01 19:41:31 | 001,512,418 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.06.01 19:41:31 | 000,659,238 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.06.01 19:41:31 | 000,620,384 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.06.01 19:41:31 | 000,132,776 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.06.01 19:41:31 | 000,108,566 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.05.17 03:25:27 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.05.17 03:25:26 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.05.17 03:25:26 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.05.17 03:25:26 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.05.17 03:25:26 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.05.17 02:59:12 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.05.17 02:58:20 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.05.17 02:58:10 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.05.17 02:58:10 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.05.17 02:58:08 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.05.17 02:58:08 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.05.17 02:58:08 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.05.17 02:58:08 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.05.16 19:04:47 | 000,353,864 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.06.13 19:30:01 | 000,001,798 | ---- | C] () -- C:\Users\Admin\Desktop\HitmanPro_20130613_1929.xml
[2013.06.12 23:09:42 | 365,353,613 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013.06.12 20:04:14 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.06.08 19:43:04 | 000,000,870 | ---- | C] () -- C:\Users\Admin\Desktop\FTDownloader.lnk
[2013.04.19 17:58:25 | 000,069,632 | R--- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2013.04.19 17:58:25 | 000,036,864 | R--- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2013.02.28 22:09:08 | 000,003,320 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2013.02.26 21:05:01 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.02.26 21:05:01 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.02.26 21:05:01 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.02.26 21:05:01 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.02.26 21:05:01 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.01.25 21:40:49 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.03.09 13:48:06 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Softland
[2013.03.09 14:03:19 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\elsterformular
[2012.04.02 20:21:59 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\LockHunter
[2013.05.06 19:18:51 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\PDF Architect
[2013.03.01 18:39:47 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\RoboForm
[2013.03.09 13:48:30 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\Softland
[2011.04.29 20:41:23 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\Telefónica
[2010.06.08 14:36:28 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\Thunderbird
[2010.06.14 11:31:53 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\Tific
[2010.07.14 20:18:58 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\WildTangent
[2010.06.08 14:24:20 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\_MDLogs
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2013.06.12 19:47:40 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2010.06.26 23:48:16 | 000,000,000 | ---D | M] -- C:\8fc2bc764aeedf0fe8bbce84cbec6ade
[2013.04.19 17:58:15 | 000,000,000 | ---D | M] -- C:\BlueByte
[2009.11.14 13:52:04 | 000,000,000 | ---D | M] -- C:\boot
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2010.06.08 13:14:20 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2010.06.08 17:46:06 | 000,000,000 | ---D | M] -- C:\drivers
[2013.03.01 16:22:52 | 000,000,000 | ---D | M] -- C:\HP
[2011.08.14 12:42:42 | 000,000,000 | ---D | M] -- C:\HP Pavilion dv6-2120eg
[2009.11.14 02:24:22 | 000,000,000 | R--D | M] -- C:\MSOCache
[2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2013.04.01 17:13:46 | 000,000,000 | R--D | M] -- C:\Program Files
[2013.06.12 22:04:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)
[2013.06.14 20:54:12 | 000,000,000 | ---D | M] -- C:\ProgramData
[2010.06.08 13:14:20 | 000,000,000 | -HSD | M] -- C:\Programme
[2013.06.11 20:49:12 | 000,000,000 | ---D | M] -- C:\Qoobox
[2010.06.08 14:15:53 | 000,000,000 | ---D | M] -- C:\Recovery
[2013.01.21 12:47:54 | 000,000,000 | ---D | M] -- C:\SwSetup
[2013.06.14 21:51:16 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2010.06.08 14:15:57 | 000,000,000 | ---D | M] -- C:\SYSTEM.SAV
[2013.06.08 21:22:44 | 000,000,000 | ---D | M] -- C:\TDSSKiller_Quarantine
[2012.06.29 14:06:14 | 000,000,000 | ---D | M] -- C:\temp
[2013.05.04 19:30:11 | 000,000,000 | R--D | M] -- C:\Users
[2013.06.14 20:54:01 | 000,000,000 | ---D | M] -- C:\Windows
[2013.02.26 20:47:50 | 000,000,000 | ---D | M] -- C:\_OTL
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009.07.14 03:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2010.11.20 04:16:54 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.02.28 22:06:24 | 000,001,104 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.02.28 22:06:25 | 000,001,108 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\erdnt\cache86\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\erdnt\cache64\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2007.05.17 22:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\CyberLink\PowerDirector\EventLog.dll
 
< MD5 for: EXPLORER.EXE  >
[2010.03.07 11:16:24 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 04:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010.03.07 11:16:24 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=6D4F9E4B640B413C6F73414327484C80 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 05:24:46 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2010.03.07 11:16:24 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=CA17F8620815267DC838E30B68CB5052 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2010.03.07 11:16:24 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2010.11.20 05:33:40 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 05:33:40 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 05:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\erdnt\cache64\netlogon.dll
[2010.11.20 05:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 05:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 04:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\erdnt\cache86\netlogon.dll
[2010.11.20 04:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 04:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 05:33:50 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 05:33:50 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 04:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010.11.20 04:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 04:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 05:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010.11.20 05:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 05:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.20 04:08:58 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\erdnt\cache86\user32.dll
[2010.11.20 04:08:58 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.20 04:08:58 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010.11.20 05:27:28 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\erdnt\cache64\user32.dll
[2010.11.20 05:27:28 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.20 05:27:28 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 04:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010.11.20 04:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 04:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 05:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010.11.20 05:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 05:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.20 05:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010.11.20 05:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 05:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
 
< %USERPROFILE%\*.* >
[2013.06.14 21:49:52 | 001,048,576 | -HS- | M] () -- C:\Users\Admin\NTUSER.DAT
[2013.06.14 21:49:52 | 000,262,144 | -HS- | M] () -- C:\Users\Admin\ntuser.dat.LOG1
[2013.02.28 21:59:27 | 000,000,000 | -HS- | M] () -- C:\Users\Admin\ntuser.dat.LOG2
[2013.02.28 21:59:46 | 000,065,536 | -HS- | M] () -- C:\Users\Admin\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2013.02.28 21:59:46 | 000,524,288 | -HS- | M] () -- C:\Users\Admin\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2013.02.28 21:59:46 | 000,524,288 | -HS- | M] () -- C:\Users\Admin\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2013.03.09 13:47:15 | 000,065,536 | -HS- | M] () -- C:\Users\Admin\NTUSER.DAT{1d75b619-889e-11e2-90e9-c80aa92978a4}.TM.blf
[2013.03.09 13:47:15 | 000,524,288 | -HS- | M] () -- C:\Users\Admin\NTUSER.DAT{1d75b619-889e-11e2-90e9-c80aa92978a4}.TMContainer00000000000000000001.regtrans-ms
[2013.03.09 13:47:15 | 000,524,288 | -HS- | M] () -- C:\Users\Admin\NTUSER.DAT{1d75b619-889e-11e2-90e9-c80aa92978a4}.TMContainer00000000000000000002.regtrans-ms
[2013.06.12 20:03:56 | 000,065,536 | -HS- | M] () -- C:\Users\Admin\NTUSER.DAT{d8bf568b-d387-11e2-9d21-c80aa92978a4}.TM.blf
[2013.06.12 20:03:56 | 000,524,288 | -HS- | M] () -- C:\Users\Admin\NTUSER.DAT{d8bf568b-d387-11e2-9d21-c80aa92978a4}.TMContainer00000000000000000001.regtrans-ms
[2013.06.12 20:03:56 | 000,524,288 | -HS- | M] () -- C:\Users\Admin\NTUSER.DAT{d8bf568b-d387-11e2-9d21-c80aa92978a4}.TMContainer00000000000000000002.regtrans-ms
[2013.02.28 21:59:28 | 000,000,020 | -HS- | M] () -- C:\Users\Admin\ntuser.ini
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

< End of report >
--- --- ---

markusg 15.06.2013 14:47
Hi,


otl fix

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:
:OTL
O4 - HKU\S-1-5-21-1044226639-1867335067-3542661926-1005..\RunOnce: [Report] \AdwCleaner[S22].txt File not found
:files
:Commands
[emptytemp]
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread


bitte teste, ob es im Firefox, internet explorer, und sonstigen
evtl. instalierte Browser, irgendwelche ungewollten toolbars, umleitungen oder sonstigen Probleme gibt.
Teste wie pc und programme allgemein laufen.

Tobi1985K 16.06.2013 09:58
Funtkioniert alles wunderbar!

All processes killed
Error: Unable to interpret <---------> in the current context!
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-1044226639-1867335067-3542661926-1005\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Report deleted successfully.
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Admin
->Temp folder emptied: 399991 bytes
->Temporary Internet Files folder emptied: 460565 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 6199504 bytes
->Flash cache emptied: 379 bytes

User: Administrator
->Temp folder emptied: 0 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 57472 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Gast
->Temp folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Tobi
->Temp folder emptied: 1201831 bytes
->Temporary Internet Files folder emptied: 1188163 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 44499437 bytes
->Google Chrome cache emptied: 6261136 bytes
->Flash cache emptied: 611 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 318300 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 41938366 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 78140 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 98,00 mb

Error: Unable to interpret <---------> in the current context!

OTL by OldTimer - Version 3.2.69.0 log created on 06162013_105056

markusg 17.06.2013 12:18
HI
otl öffnen, bereinigen, PC startet neu, Remover werden gelöscht.
lösche übrig gebliebene Logs, Setups, von uns verwendete Programme.
PC absichern:
als antimalware programm würde ich emsisoft empfehlen.
diese haben für mich den besten schutz kostet aber etwas.
Computeractive Software Store - Emsisoft Anti-Malware 7 [1-PC] - 63% off RRP
testversion:
Meine Antivirus-Empfehlung: Emsisoft Anti-Malware
insbesondere wenn du onlinebanking, einkäufe, sonstige zahlungsabwicklungen oder ähnlich wichtiges, wie zb berufliches machst, also sensible daten zu schützen sind, solltest du in sicherheitssoftware investieren.
vor dem aktivieren der lizenz die 30 tage testzeitraum ausnutzen.

kostenlos, aber eben nicht ganz so gut währe avast zu empfehlen.
http://www.trojaner-board.de/110895-...antivirus.html

sag mir welches du nutzt, dann gebe ich konfigurationshinweise.
bitte dein bisheriges av deinstalieren
die folgende anleitung ist umfangreich, dass ist mir klar, sie sollte aber umgesetzt werden, da nur dann dein pc sicher ist. stelle so viele fragen wie nötig, ich arbeite gern alles mit dir durch!

http://www.trojaner-board.de/96344-a...-rechners.html
Starte bitte mit der Passage, Windows Vista und Windows 7
Bitte beginne damit, Windows Updates zu instalieren.
Am besten geht dies, wenn du über Start, Suchen gehst, und dort Windows Updates eingibst.
Prüfe unter "Einstellungen ändern" dass folgendes ausgewählt ist:
- Updates automatisch Instalieren,
- Täglich
- Uhrzeit wählen
- Bitte den gesammten rest anhaken, außer:
- detailierte benachichtungen anzeigen, wenn neue Microsoft software verfügbar ist.
Klicke jetzt die Schaltfläche "OK"
Klicke jetzt "nach Updates suchen".
Bitte instaliere zunächst wichtige Updates.
Es wird nötig sein, den PC zwischendurch neu zu starten. falls dies der Fall ist, musst du erneut über Start, Suchen, Windows Update aufrufen, auf Updates suchen klicken und die nächsten instalieren.
Mache das selbe bitte mit den optionalen Updates.
Bitte übernimm den rest so, wie es im Abschnitt windows 7 / Vista zu lesen ist.
aus dem Abschnitt xp, bitte den punkt "datenausführungsverhinderung, dep" übernehmen.
als browser rate ich dir zu chrome:
http://support.google.com/chrome/bin...&answer=118663
anleitung lesen bitte
falls du nen andern nutzen willst, sags mir dann muss ich teile der nun folgenden anleitung anpassen.


Sandboxie
Die devinition einer Sandbox ist hier nachzulesen:
Sandbox
Kurz gesagt, man kann Programme fast 100 %ig isuliert vom System ausführen.

Der Vorteil liegt klar auf der Hand, wenn über den Browser Schadcode eingeschläust wird, kann dieser nicht nach außen dringen.
Download Link:
Sandboxie - Download - Filepony

anleitung:
http://www.trojaner-board.de/71542-a...sandboxie.html
ausführliche anleitung als pdf, auch abarbeiten:
Sandbox Einstellungen |

bitte folgende zusatz konfiguration machen:
sandboxie control öffnen, menü sandbox anklicken, defauldbox wählen.
dort klicke auf sandbox einstellungen.
beschrenkungen, bei programm start und internet zugriff schreibe:
chrome.exe
dann gehe auf anwendungen, webbrowser, chrome.
dort aktiviere alles außer gesammten profil ordner freigeben.
Wie du evtl. schon gesehen hast, kannst du einige Funktionen nicht nutzen.
Dies ist nur in der Vollversion nötig, zu deren Kauf ich dir rate.
Du kannst zb unter "Erzwungene Programmstarts" festlegen, dass alle Browser in der Sandbox starten.
Ansonsten musst du immer auf "Sandboxed webbrowser" klicken bzw Rechtsklick, in Sandboxie starten.
Eine lebenslange Lizenz kostet 30 €, und ist auf allen deinen PC's nutzbar.

Weiter mit:
Maßnahmen für ALLE Windows-Versionen
alles komplett durcharbeiten
anmerkung zu file hippo.
in den settings zusätzlich auswählen:
hide beta updates.
Run updateChecker when Windows starts

Backup Programm:
in meiner Anleitung ist bereits ein Backup Programm verlinkt, als Alternative bietet sich auch das Windows eigene Backup Programm an:
http://www.trojaner-board.de/82962-w...en-backup.html
Dies ist aber leider nur für Windows 7 Nutzer vernünftig nutzbar.
Alle Anderen sollten sich aber auf jeden fall auch ein Backup Programm instalieren, denn dies kann unter Umständen sehr wichtig sein, zum Beispiel, wenn die Festplatte einmal kaputt ist.

Zum Schluss, die allgemeinen sicherheitstipps beachten, wenn es dich betrifft, den Tipp zum Onlinebanking beachten und alle Passwörter ändern
bitte auch lesen, wie mache ich programme für alle sichtbar:
Programme für alle Konten nutzbar machen - PCtipp.ch - Praxis & Hilfe
surfe jetzt also nur noch im standard nutzer konto und dort in der sandbox.
wenn du die kostenlose version nutzt, dann mit klick auf sandboxed web browser, wenn du die bezahlversion hast, kannst du erzwungene programm starts festlegen, dann wird sandboxie immer gestartet wenn du nen browser aufrufst.
wenn du mit der maus über den browser fährst sollte der eingerahmt sein, dann bist du im sandboxed web browser

passwort sicherheit:
jeder dienst benötigt ein eigenes, mindestens 12-stelliges passwort
bei der passwort verwaltung und erstellung hilft roboform
Passwort Manager, Formular Ausfueller, Passwort Management | RoboForm Passwort Manager
anleitung:
RoboForm-Bedienungsanleitung: Passwort-Manager, Verwalten von Passwörtern und persönlichen Daten

Tobi1985K 17.06.2013 19:02
Ich habe Avast, ist auch auf dem neuesten Stand...
Windows Updates sind schon so gewesen, sind aktualisiert
Benutzerkonten habe ich sowieso in Admin und Tobi (mit eingeschränkten Rechten) getrennt
Chrome benutze ich sowieso
Panda usb ist an, autorun deaktiviert, secunia und filehippo habe ich auch, jede woche checke ich updates
sandboxie und passwörter, alles gemacht

markusg 18.06.2013 16:47
Hi
chrome konfig:
adblock für chrome:
http://filepony.de/download-adblock_chrome/
damit sollte das leben werbefreier von statten gehen.
ghostery um tracking zu verhindern:
http://filepony.de/download-ghostery_chrome/
HTTPS Everywhere
https://chrome.google.com/webstore/d...jekcdonpmejbdp
wählt, wenn möglich, eine sichere Verbindung
sicher surfen mit chrome:
Sicher surfen mit Google Chrome | Verbraucher sicher online

ich möchte erst mal anhand einer checkliste prüfen ob du alles hast.

- instalieren von optionalen und wichtigen updates.
- konfigurieren von windows updates.
- dep für alle prozesse aktivieren.
- sehop aktivieren.
- chrome instalieren.
- sandboxie instalieren.
- autorun deaktivieren.
- panda vaccine instalieren.
- secunia instalieren.
- file hippo instalieren.
beachte:
secunia und file hippo bieten englische updates, überall wo du auf die nutzeroberfläche zugreifst, wie zb reader, browser, etc benötigst du deutsche updates, also hier die hersteller seiten in den favoriten deines browsers speichern und wenn ein update gezeigt wird, von dort hohlen, bei java, flash quicktime, ist es egal ob deutsch oder englisch.
- backup software instalieren, backup und rettungsdvd erstellen.
hier ne kurze anleitung:
Anleitung: Systemabbild mit Paragon Drive Backup - NETZWELT

- wenn du onlinebanking machst, kann ich noch kurz was über die vorteile von card reader und banking software sagen.
- passwort manager instaliert.


wenn das alles durch is, haben wwirs.
Hinweisen möchte ich noch auf die Möglichkeit zu spenden, damit halten wir das Forum am laufen.

Tobi1985K 19.06.2013 18:52
Hi,

chrome konfig: -> HABE ICH BEREITS
ghostery um tracking zu verhindern: -> AUCH DIES, ebenso HTTPS Everywhere

checkliste:
- instalieren von optionalen und wichtigen updates. DU MEINST WINDOWS UPDATES? WENN JA: IST GESCHEHEN
- konfigurieren von windows updates. SIND KONFIGURIERT
- dep für alle prozesse aktivieren. IST AKTIVIERT
- sehop aktivieren. IST AKTIVIERT
- chrome instalieren. INSTALLIERT
- sandboxie instalieren. INSTALLIERT
- autorun deaktivieren. DEAKTIVIERT
- panda vaccine instalieren. INSTALLIERT
- secunia instalieren. INSTALLIERT
- file hippo instalieren. INSTALLIERT- backup software instalieren, backup und rettungsdvd erstellen. HIER MUSS ICH NOCH RAN
- passwort manager instaliert. JA

markusg 19.06.2013 19:36
ok dann haben wirs soweit, falls noch fragen sind, stell sie, bin aber erst mal ne Woche im Urlaub

Tobi1985K 19.06.2013 19:41
Alles klar, danke vielmals!!!
Derzeit keine Fragen.
Einen schönen Urlaub wünsche ich!!!
lg


Alle Zeitangaben in WEZ +1. Es ist jetzt 12:46 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131