Also auch im Abgesicherten Modus hängt sich der aswMBR auf.
Die anderen Programme ergeben folgendes:
TDSS: Code:
17:43:41.0605 5312 TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32
17:43:42.0853 5312 ============================================================
17:43:42.0853 5312 Current date / time: 2012/06/21 17:43:42.0853
17:43:42.0853 5312 SystemInfo:
17:43:42.0853 5312
17:43:42.0853 5312 OS Version: 6.1.7601 ServicePack: 1.0
17:43:42.0853 5312 Product type: Workstation
17:43:42.0853 5312 ComputerName: DEIM-PC
17:43:42.0853 5312 UserName: Gerrit
17:43:42.0853 5312 Windows directory: C:\Windows
17:43:42.0853 5312 System windows directory: C:\Windows
17:43:42.0853 5312 Running under WOW64
17:43:42.0853 5312 Processor architecture: Intel x64
17:43:42.0853 5312 Number of processors: 4
17:43:42.0853 5312 Page size: 0x1000
17:43:42.0853 5312 Boot type: Normal boot
17:43:42.0853 5312 ============================================================
17:43:43.0883 5312 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:43:43.0883 5312 ============================================================
17:43:43.0883 5312 \Device\Harddisk0\DR0:
17:43:43.0883 5312 MBR partitions:
17:43:43.0883 5312 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:43:43.0883 5312 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
17:43:43.0883 5312 ============================================================
17:43:43.0914 5312 C: <-> \Device\Harddisk0\DR0\Partition1
17:43:43.0914 5312 ============================================================
17:43:43.0914 5312 Initialize success
17:43:43.0914 5312 ============================================================
17:44:01.0277 4132 ============================================================
17:44:01.0277 4132 Scan started
17:44:01.0277 4132 Mode: Manual; TDLFS;
17:44:01.0277 4132 ============================================================
17:44:02.0462 4132 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
17:44:02.0478 4132 1394ohci - ok
17:44:02.0540 4132 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:44:02.0540 4132 ACPI - ok
17:44:02.0556 4132 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:44:02.0556 4132 AcpiPmi - ok
17:44:02.0696 4132 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:44:02.0743 4132 AdobeFlashPlayerUpdateSvc - ok
17:44:02.0790 4132 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
17:44:02.0790 4132 adp94xx - ok
17:44:02.0821 4132 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
17:44:02.0821 4132 adpahci - ok
17:44:02.0852 4132 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
17:44:02.0852 4132 adpu320 - ok
17:44:02.0883 4132 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
17:44:02.0883 4132 AeLookupSvc - ok
17:44:02.0946 4132 AF9035BDA (0a0889d0b7afd2577d49f6799a26e05d) C:\Windows\system32\DRIVERS\AF15BDA.sys
17:44:02.0961 4132 AF9035BDA - ok
17:44:03.0008 4132 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
17:44:03.0024 4132 AFD - ok
17:44:03.0102 4132 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:44:03.0117 4132 agp440 - ok
17:44:03.0195 4132 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
17:44:03.0211 4132 ALG - ok
17:44:03.0242 4132 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:44:03.0242 4132 aliide - ok
17:44:03.0336 4132 AMD External Events Utility (a2f5bea5b45a8e7c4776f39c25e8699d) C:\Windows\system32\atiesrxx.exe
17:44:03.0336 4132 AMD External Events Utility - ok
17:44:03.0367 4132 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:44:03.0367 4132 amdide - ok
17:44:03.0414 4132 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
17:44:03.0414 4132 amdiox64 - ok
17:44:03.0445 4132 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
17:44:03.0445 4132 AmdK8 - ok
17:44:03.0866 4132 amdkmdag (5b03217859b014b090cb5060c1d96875) C:\Windows\system32\DRIVERS\atikmdag.sys
17:44:03.0991 4132 amdkmdag - ok
17:44:04.0085 4132 amdkmdap (35d2184a99ad4cd5d17284d6c9f382c9) C:\Windows\system32\DRIVERS\atikmpag.sys
17:44:04.0085 4132 amdkmdap - ok
17:44:04.0116 4132 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:44:04.0116 4132 AmdPPM - ok
17:44:04.0163 4132 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
17:44:04.0163 4132 amdsata - ok
17:44:04.0178 4132 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
17:44:04.0178 4132 amdsbs - ok
17:44:04.0194 4132 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
17:44:04.0194 4132 amdxata - ok
17:44:04.0256 4132 AnyDVD (2d71d1eed26923802c1c1b26e603fe0c) C:\Windows\system32\Drivers\AnyDVD.sys
17:44:04.0256 4132 AnyDVD - ok
17:44:04.0287 4132 AODDriver4.01 - ok
17:44:04.0334 4132 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:44:04.0350 4132 AppID - ok
17:44:04.0365 4132 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
17:44:04.0365 4132 AppIDSvc - ok
17:44:04.0412 4132 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
17:44:04.0412 4132 Appinfo - ok
17:44:04.0490 4132 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:44:04.0490 4132 Apple Mobile Device - ok
17:44:04.0521 4132 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
17:44:04.0521 4132 AppMgmt - ok
17:44:04.0553 4132 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
17:44:04.0553 4132 arc - ok
17:44:04.0553 4132 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
17:44:04.0568 4132 arcsas - ok
17:44:04.0584 4132 aspnet_state - ok
17:44:04.0599 4132 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:44:04.0599 4132 AsyncMac - ok
17:44:04.0615 4132 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:44:04.0615 4132 atapi - ok
17:44:04.0677 4132 AtiHDAudioService (dbb487d09f56c674430ac454fd8bcab9) C:\Windows\system32\drivers\AtihdW76.sys
17:44:04.0693 4132 AtiHDAudioService - ok
17:44:04.0724 4132 AtiPcie (e82e61f46d1336447f4deff8c074f13e) C:\Windows\system32\DRIVERS\AtiPcie64.sys
17:44:04.0724 4132 AtiPcie - ok
17:44:04.0771 4132 atksgt (fc0e8778c000291caf60eb88c011e931) C:\Windows\system32\DRIVERS\atksgt.sys
17:44:04.0771 4132 atksgt - ok
17:44:04.0849 4132 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:44:04.0849 4132 AudioEndpointBuilder - ok
17:44:04.0849 4132 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:44:04.0849 4132 AudioSrv - ok
17:44:04.0989 4132 AVKProxy (b0a3876af08b4cbe7044bb1721e8a86e) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe
17:44:05.0005 4132 AVKProxy - ok
17:44:05.0067 4132 AVKService (1ec1623d18f51d2dab1090155456ab3d) C:\Program Files (x86)\G Data\TotalCare\AVK\AVKService.exe
17:44:05.0067 4132 AVKService - ok
17:44:05.0192 4132 AVKWCtl (0255c17c2dca5fe8a99ce03a7cc6886e) C:\Program Files (x86)\G Data\TotalCare\AVK\AVKWCtlX64.exe
17:44:05.0208 4132 AVKWCtl - ok
17:44:05.0301 4132 avmeject (1dc2f715792cf33428ad7993acbd224d) C:\Windows\system32\drivers\avmeject.sys
17:44:05.0301 4132 avmeject - ok
17:44:05.0473 4132 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
17:44:05.0489 4132 AxInstSV - ok
17:44:05.0754 4132 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
17:44:05.0769 4132 b06bdrv - ok
17:44:05.0801 4132 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:44:05.0816 4132 b57nd60a - ok
17:44:05.0894 4132 BCMH43XX (e49110a58a32e9450356686a95dd7763) C:\Windows\system32\DRIVERS\bcmwlhigh664.sys
17:44:05.0925 4132 BCMH43XX - ok
17:44:05.0972 4132 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
17:44:05.0972 4132 BDESVC - ok
17:44:05.0988 4132 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:44:05.0988 4132 Beep - ok
17:44:06.0081 4132 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
17:44:06.0097 4132 BFE - ok
17:44:06.0175 4132 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
17:44:06.0191 4132 BITS - ok
17:44:06.0253 4132 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:44:06.0253 4132 blbdrive - ok
17:44:06.0362 4132 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
17:44:06.0362 4132 Bonjour Service - ok
17:44:06.0393 4132 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:44:06.0393 4132 bowser - ok
17:44:06.0440 4132 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:44:06.0440 4132 BrFiltLo - ok
17:44:06.0440 4132 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:44:06.0440 4132 BrFiltUp - ok
17:44:06.0487 4132 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
17:44:06.0487 4132 Browser - ok
17:44:06.0518 4132 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:44:06.0518 4132 Brserid - ok
17:44:06.0518 4132 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:44:06.0534 4132 BrSerWdm - ok
17:44:06.0534 4132 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:44:06.0534 4132 BrUsbMdm - ok
17:44:06.0534 4132 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:44:06.0534 4132 BrUsbSer - ok
17:44:06.0549 4132 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
17:44:06.0549 4132 BTHMODEM - ok
17:44:06.0565 4132 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
17:44:06.0565 4132 bthserv - ok
17:44:06.0581 4132 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:44:06.0581 4132 cdfs - ok
17:44:06.0627 4132 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
17:44:06.0627 4132 cdrom - ok
17:44:06.0674 4132 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:44:06.0674 4132 CertPropSvc - ok
17:44:06.0690 4132 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
17:44:06.0690 4132 circlass - ok
17:44:06.0721 4132 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:44:06.0721 4132 CLFS - ok
17:44:06.0752 4132 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:44:06.0768 4132 clr_optimization_v2.0.50727_32 - ok
17:44:06.0799 4132 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:44:06.0799 4132 clr_optimization_v2.0.50727_64 - ok
17:44:06.0893 4132 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:44:06.0908 4132 clr_optimization_v4.0.30319_32 - ok
17:44:06.0955 4132 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:44:06.0955 4132 clr_optimization_v4.0.30319_64 - ok
17:44:06.0971 4132 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
17:44:06.0971 4132 CmBatt - ok
17:44:07.0002 4132 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:44:07.0002 4132 cmdide - ok
17:44:07.0049 4132 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
17:44:07.0049 4132 CNG - ok
17:44:07.0064 4132 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
17:44:07.0064 4132 Compbatt - ok
17:44:07.0111 4132 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
17:44:07.0111 4132 CompositeBus - ok
17:44:07.0127 4132 COMSysApp - ok
17:44:07.0127 4132 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
17:44:07.0127 4132 crcdisk - ok
17:44:07.0205 4132 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
17:44:07.0205 4132 Creative ALchemy AL6 Licensing Service - ok
17:44:07.0220 4132 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
17:44:07.0220 4132 Creative Audio Engine Licensing Service - ok
17:44:07.0251 4132 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
17:44:07.0251 4132 CryptSvc - ok
17:44:07.0298 4132 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
17:44:07.0345 4132 CSC - ok
17:44:07.0407 4132 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
17:44:07.0407 4132 CscService - ok
17:44:07.0485 4132 CTAudSvcService (5ce3d0e1d1b3832ee052cfc442eee0fa) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
17:44:07.0485 4132 CTAudSvcService - ok
17:44:07.0548 4132 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:44:07.0548 4132 DcomLaunch - ok
17:44:07.0610 4132 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
17:44:07.0626 4132 defragsvc - ok
17:44:07.0688 4132 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:44:07.0688 4132 DfsC - ok
17:44:07.0719 4132 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
17:44:07.0719 4132 Dhcp - ok
17:44:07.0735 4132 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:44:07.0735 4132 discache - ok
17:44:07.0797 4132 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
17:44:07.0797 4132 Disk - ok
17:44:07.0922 4132 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
17:44:07.0922 4132 Dnscache - ok
17:44:08.0000 4132 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
17:44:08.0016 4132 dot3svc - ok
17:44:08.0047 4132 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
17:44:08.0047 4132 DPS - ok
17:44:08.0078 4132 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:44:08.0078 4132 drmkaud - ok
17:44:08.0141 4132 dtsoftbus01 (400582b09e0bb557d0ec28a945150eeb) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:44:08.0141 4132 dtsoftbus01 - ok
17:44:08.0219 4132 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:44:08.0219 4132 DXGKrnl - ok
17:44:08.0281 4132 E1G60 (edc6e9c057c9d7f83eea22b4cef5dcad) C:\Windows\system32\DRIVERS\E1G6032E.sys
17:44:08.0281 4132 E1G60 - ok
17:44:08.0312 4132 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
17:44:08.0312 4132 EapHost - ok
17:44:08.0468 4132 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
17:44:08.0499 4132 ebdrv - ok
17:44:08.0593 4132 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
17:44:08.0593 4132 EFS - ok
17:44:08.0640 4132 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
17:44:08.0671 4132 ehRecvr - ok
17:44:08.0702 4132 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
17:44:08.0702 4132 ehSched - ok
17:44:08.0765 4132 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys
17:44:08.0765 4132 ElbyCDIO - ok
17:44:08.0811 4132 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
17:44:08.0827 4132 elxstor - ok
17:44:08.0858 4132 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:44:08.0858 4132 ErrDev - ok
17:44:08.0905 4132 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
17:44:08.0905 4132 EventSystem - ok
17:44:08.0999 4132 EverestDriver (13a2b915f6d93e52505656773d53096f) C:\Installierte Programme\EVEREST Ultimate Edition\kerneld.amd64
17:44:08.0999 4132 EverestDriver - ok
17:44:09.0014 4132 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:44:09.0030 4132 exfat - ok
17:44:09.0045 4132 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:44:09.0045 4132 fastfat - ok
17:44:09.0108 4132 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
17:44:09.0123 4132 Fax - ok
17:44:09.0139 4132 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
17:44:09.0139 4132 fdc - ok
17:44:09.0139 4132 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
17:44:09.0139 4132 fdPHost - ok
17:44:09.0155 4132 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
17:44:09.0155 4132 FDResPub - ok
17:44:09.0170 4132 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:44:09.0170 4132 FileInfo - ok
17:44:09.0186 4132 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:44:09.0186 4132 Filetrace - ok
17:44:09.0217 4132 FlashUSB (af44fcb577661690e59b6bdb8db0e28e) C:\Windows\system32\DRIVERS\FlashUSB_x64.sys
17:44:09.0233 4132 FlashUSB - ok
17:44:09.0233 4132 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
17:44:09.0233 4132 flpydisk - ok
17:44:09.0279 4132 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:44:09.0279 4132 FltMgr - ok
17:44:09.0357 4132 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
17:44:09.0373 4132 FontCache - ok
17:44:09.0420 4132 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:44:09.0420 4132 FontCache3.0.0.0 - ok
17:44:09.0451 4132 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:44:09.0451 4132 FsDepends - ok
17:44:09.0482 4132 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
17:44:09.0482 4132 Fs_Rec - ok
17:44:09.0545 4132 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:44:09.0545 4132 fvevol - ok
17:44:09.0607 4132 FWLANUSB (444534cba693dd23c1cc589681e01656) C:\Windows\system32\DRIVERS\fwlanusb.sys
17:44:09.0607 4132 FWLANUSB - ok
17:44:09.0638 4132 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:44:09.0638 4132 gagp30kx - ok
17:44:09.0763 4132 GDBackupSvc (be8d41cdf5dec88c55c8b559ad6c9f4a) C:\Program Files (x86)\G Data\TotalCare\AVKBackup\AVKBackupService.exe
17:44:09.0825 4132 GDBackupSvc - ok
17:44:09.0903 4132 GDBehave (70f2b7c787602c857525fd1939ef680a) C:\Windows\system32\drivers\GDBehave.sys
17:44:09.0903 4132 GDBehave - ok
17:44:10.0153 4132 GDFwSvc (9b510af4a6a63261f5c9a961a7508963) C:\Program Files (x86)\G Data\TotalCare\Firewall\GDFwSvcx64.exe
17:44:10.0169 4132 GDFwSvc - ok
17:44:10.0418 4132 GDMnIcpt (185b4958bf8ccc6ffa0eea5c0e7f65f6) C:\Windows\system32\drivers\MiniIcpt.sys
17:44:10.0418 4132 GDMnIcpt - ok
17:44:10.0465 4132 GdNetMon (cebda28d56f0ca2f08367c93741e5f76) C:\Windows\system32\drivers\GdNetMon64.sys
17:44:10.0465 4132 GdNetMon - ok
17:44:10.0481 4132 GDPkIcpt (a7dbc5e8767e70dbf59114f826d4b1b6) C:\Windows\system32\drivers\PktIcpt.sys
17:44:10.0481 4132 GDPkIcpt - ok
17:44:10.0605 4132 GDScan (b6bf441373adc1596d8bb1d61281814d) C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe
17:44:10.0605 4132 GDScan - ok
17:44:10.0683 4132 GDTunerSvc (7ec5ceefed97f1ab48a48c1df1d0af7f) C:\Program Files (x86)\G Data\TotalCare\AVKTuner\AVKTunerService.exe
17:44:10.0715 4132 GDTunerSvc - ok
17:44:10.0777 4132 gdwfpcd (a59e3e53fa5ba6355a300b31782d2e34) C:\Windows\system32\drivers\gdwfpcd64.sys
17:44:10.0777 4132 gdwfpcd - ok
17:44:10.0839 4132 GearAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\drivers\GEARAspiWDM.sys
17:44:10.0839 4132 GearAspiWDM - ok
17:44:10.0886 4132 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
17:44:10.0902 4132 gpsvc - ok
17:44:10.0917 4132 GRD (18281d981f422e61aeb5a6fdac577401) C:\Windows\system32\drivers\GRD.sys
17:44:10.0917 4132 GRD - ok
17:44:11.0027 4132 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:44:11.0027 4132 gupdate - ok
17:44:11.0042 4132 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:44:11.0042 4132 gupdatem - ok
17:44:11.0167 4132 HauppaugeTVServer (6b1768972fb81d31de294ed8827dc6f7) C:\INSTAL~1\HAUPPA~1\WinTV\TVServer\HAUPPA~1.EXE
17:44:11.0183 4132 HauppaugeTVServer - ok
17:44:11.0229 4132 hcw17bda (edab8aa9f2b68e52ad0ff26dc7ff8448) C:\Windows\system32\drivers\hcw17bda.sys
17:44:11.0229 4132 hcw17bda - ok
17:44:11.0261 4132 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:44:11.0261 4132 hcw85cir - ok
17:44:11.0307 4132 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
17:44:11.0307 4132 HdAudAddService - ok
17:44:11.0323 4132 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:44:11.0323 4132 HDAudBus - ok
17:44:11.0339 4132 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
17:44:11.0354 4132 HidBatt - ok
17:44:11.0370 4132 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
17:44:11.0370 4132 HidBth - ok
17:44:11.0385 4132 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
17:44:11.0385 4132 HidIr - ok
17:44:11.0401 4132 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
17:44:11.0401 4132 hidserv - ok
17:44:11.0448 4132 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
17:44:11.0448 4132 HidUsb - ok
17:44:11.0495 4132 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
17:44:11.0495 4132 hkmsvc - ok
17:44:11.0526 4132 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
17:44:11.0541 4132 HomeGroupListener - ok
17:44:11.0573 4132 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
17:44:11.0573 4132 HomeGroupProvider - ok
17:44:11.0635 4132 HookCentre (3bcb98418bf3cffb152109d3b10b1c85) C:\Windows\system32\drivers\HookCentre.sys
17:44:11.0635 4132 HookCentre - ok
17:44:11.0666 4132 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:44:11.0666 4132 HpSAMD - ok
17:44:11.0697 4132 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys
17:44:11.0697 4132 HTCAND64 - ok
17:44:11.0744 4132 htcnprot (b8b1b284362e1d8135112573395d5da5) C:\Windows\system32\DRIVERS\htcnprot.sys
17:44:11.0744 4132 htcnprot - ok
17:44:11.0822 4132 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:44:11.0822 4132 HTTP - ok
17:44:11.0853 4132 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:44:11.0853 4132 hwpolicy - ok
17:44:11.0885 4132 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
17:44:11.0885 4132 i8042prt - ok
17:44:11.0916 4132 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:44:11.0931 4132 iaStorV - ok
17:44:12.0009 4132 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:44:12.0025 4132 idsvc - ok
17:44:12.0087 4132 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
17:44:12.0087 4132 iirsp - ok
17:44:12.0134 4132 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
17:44:12.0134 4132 IKEEXT - ok
17:44:12.0165 4132 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:44:12.0165 4132 intelide - ok
17:44:12.0181 4132 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:44:12.0181 4132 intelppm - ok
17:44:12.0212 4132 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
17:44:12.0212 4132 IPBusEnum - ok
17:44:12.0243 4132 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:44:12.0243 4132 IpFilterDriver - ok
17:44:12.0306 4132 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
17:44:12.0306 4132 iphlpsvc - ok
17:44:12.0321 4132 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:44:12.0321 4132 IPMIDRV - ok
17:44:12.0337 4132 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:44:12.0337 4132 IPNAT - ok
17:44:12.0727 4132 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
17:44:12.0727 4132 iPod Service - ok
17:44:12.0758 4132 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:44:12.0758 4132 IRENUM - ok
17:44:12.0805 4132 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:44:12.0805 4132 isapnp - ok
17:44:12.0836 4132 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:44:12.0852 4132 iScsiPrt - ok
17:44:12.0867 4132 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
17:44:12.0867 4132 kbdclass - ok
17:44:12.0899 4132 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
17:44:12.0899 4132 kbdhid - ok
17:44:12.0914 4132 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:44:12.0914 4132 KeyIso - ok
17:44:13.0023 4132 ksaud (e5e6ed52e30e1dfc05ccf83286faa1ad) C:\Windows\system32\drivers\ksaud.sys
17:44:13.0086 4132 ksaud - ok
17:44:13.0164 4132 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
17:44:13.0164 4132 KSecDD - ok
17:44:13.0179 4132 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
17:44:13.0179 4132 KSecPkg - ok
17:44:13.0195 4132 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:44:13.0195 4132 ksthunk - ok
17:44:13.0242 4132 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
17:44:13.0242 4132 KtmRm - ok
17:44:13.0273 4132 L1C (2377ec4cc3e356655b996f39b43486b6) C:\Windows\system32\DRIVERS\L1C62x64.sys
17:44:13.0273 4132 L1C - ok
17:44:13.0320 4132 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
17:44:13.0335 4132 LanmanServer - ok
17:44:13.0367 4132 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
17:44:13.0367 4132 LanmanWorkstation - ok
17:44:13.0429 4132 LgBttPort (174803f2eea3b22165dfe0e5a1f20685) C:\Windows\system32\DRIVERS\lgbtpt64.sys
17:44:13.0429 4132 LgBttPort - ok
17:44:13.0460 4132 lgbusenum (565f93bb7c0361e61b3daea670c354d6) C:\Windows\system32\DRIVERS\lgbtbs64.sys
17:44:13.0460 4132 lgbusenum - ok
17:44:13.0476 4132 LGVMODEM (abf477857b7ced873362ec92c6ce10a7) C:\Windows\system32\DRIVERS\lgvmdm64.sys
17:44:13.0476 4132 LGVMODEM - ok
17:44:13.0538 4132 lirsgt (156ab2e56dc3ca0b582e3362e07cded7) C:\Windows\system32\DRIVERS\lirsgt.sys
17:44:13.0538 4132 lirsgt - ok
17:44:13.0585 4132 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:44:13.0585 4132 lltdio - ok
17:44:13.0632 4132 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
17:44:13.0632 4132 lltdsvc - ok
17:44:13.0663 4132 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
17:44:13.0663 4132 lmhosts - ok
17:44:13.0710 4132 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
17:44:13.0710 4132 LSI_FC - ok
17:44:13.0725 4132 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
17:44:13.0725 4132 LSI_SAS - ok
17:44:13.0741 4132 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:44:13.0741 4132 LSI_SAS2 - ok
17:44:13.0757 4132 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:44:13.0757 4132 LSI_SCSI - ok
17:44:13.0788 4132 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:44:13.0803 4132 luafv - ok
17:44:13.0944 4132 MBAMProtector (9c4fb231b6e02f84580de2f00f3c5293) C:\Windows\system32\drivers\mbam.sys
17:44:13.0944 4132 MBAMProtector - ok
17:44:14.0583 4132 MBAMService (37036c07983ef1024b2ff3c28aae5700) C:\Installierte Programme\Malwarebytes' Anti-Malware\mbamservice.exe
17:44:14.0583 4132 MBAMService - ok
17:44:14.0927 4132 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
17:44:15.0005 4132 Mcx2Svc - ok
17:44:15.0176 4132 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
17:44:15.0207 4132 megasas - ok
17:44:15.0582 4132 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
17:44:15.0597 4132 MegaSR - ok
17:44:15.0691 4132 Microsoft SharePoint Workspace Audit Service - ok
17:44:15.0722 4132 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:44:15.0722 4132 MMCSS - ok
17:44:15.0738 4132 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:44:15.0738 4132 Modem - ok
17:44:15.0769 4132 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:44:15.0769 4132 monitor - ok
17:44:15.0800 4132 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:44:15.0816 4132 mouclass - ok
17:44:15.0816 4132 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:44:15.0831 4132 mouhid - ok
17:44:15.0863 4132 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:44:15.0863 4132 mountmgr - ok
17:44:15.0925 4132 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:44:15.0941 4132 MozillaMaintenance - ok
17:44:15.0972 4132 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:44:15.0972 4132 mpio - ok
17:44:15.0987 4132 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:44:15.0987 4132 mpsdrv - ok
17:44:16.0050 4132 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
17:44:16.0065 4132 MpsSvc - ok
17:44:16.0112 4132 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:44:16.0112 4132 MRxDAV - ok
17:44:16.0159 4132 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:44:16.0159 4132 mrxsmb - ok
17:44:16.0206 4132 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:44:16.0206 4132 mrxsmb10 - ok
17:44:16.0221 4132 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:44:16.0221 4132 mrxsmb20 - ok
17:44:16.0237 4132 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:44:16.0237 4132 msahci - ok
17:44:16.0315 4132 MSCamSvc (ab94aa7a8c00ad8d9ed6c9b8261b0c1e) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
17:44:16.0315 4132 MSCamSvc - ok
17:44:16.0346 4132 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:44:16.0362 4132 msdsm - ok
17:44:16.0377 4132 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
17:44:16.0377 4132 MSDTC - ok
17:44:16.0393 4132 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:44:16.0393 4132 Msfs - ok
17:44:16.0409 4132 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:44:16.0409 4132 mshidkmdf - ok
17:44:16.0440 4132 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:44:16.0440 4132 msisadrv - ok
17:44:16.0471 4132 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
17:44:16.0487 4132 MSiSCSI - ok
17:44:16.0487 4132 msiserver - ok
17:44:16.0518 4132 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:44:16.0518 4132 MSKSSRV - ok
17:44:16.0533 4132 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:44:16.0533 4132 MSPCLOCK - ok
17:44:16.0549 4132 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:44:16.0549 4132 MSPQM - ok
17:44:16.0596 4132 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:44:16.0611 4132 MsRPC - ok
17:44:16.0627 4132 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
17:44:16.0627 4132 mssmbios - ok
17:44:16.0643 4132 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:44:16.0643 4132 MSTEE - ok
17:44:16.0658 4132 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
17:44:16.0658 4132 MTConfig - ok
17:44:16.0689 4132 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:44:16.0689 4132 Mup - ok
17:44:16.0736 4132 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
17:44:16.0736 4132 napagent - ok
17:44:16.0783 4132 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:44:16.0799 4132 NativeWifiP - ok
17:44:16.0845 4132 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
17:44:16.0845 4132 NDIS - ok
17:44:16.0861 4132 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:44:16.0861 4132 NdisCap - ok
17:44:16.0892 4132 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:44:16.0892 4132 NdisTapi - ok
17:44:16.0939 4132 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:44:16.0939 4132 Ndisuio - ok
17:44:16.0970 4132 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:44:16.0970 4132 NdisWan - ok
17:44:17.0017 4132 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:44:17.0017 4132 NDProxy - ok
17:44:17.0033 4132 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:44:17.0033 4132 NetBIOS - ok
17:44:17.0079 4132 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:44:17.0079 4132 NetBT - ok
17:44:17.0111 4132 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:44:17.0111 4132 Netlogon - ok
17:44:17.0173 4132 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
17:44:17.0173 4132 Netman - ok
17:44:17.0204 4132 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
17:44:17.0204 4132 netprofm - ok
17:44:17.0251 4132 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:44:17.0251 4132 NetTcpPortSharing - ok
17:44:17.0267 4132 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
17:44:17.0282 4132 nfrd960 - ok
17:44:17.0407 4132 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
17:44:17.0407 4132 NlaSvc - ok
17:44:17.0469 4132 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:44:17.0469 4132 Npfs - ok
17:44:17.0501 4132 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
17:44:17.0501 4132 nsi - ok
17:44:17.0501 4132 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:44:17.0501 4132 nsiproxy - ok
17:44:17.0781 4132 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:44:17.0797 4132 Ntfs - ok
17:44:17.0875 4132 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:44:17.0875 4132 Null - ok
17:44:18.0483 4132 nvlddmkm (ba0b4889c40380a01ecdf84c227a89c9) C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:44:18.0593 4132 nvlddmkm - ok
17:44:18.0686 4132 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:44:18.0686 4132 nvraid - ok
17:44:18.0717 4132 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:44:18.0733 4132 nvstor - ok
17:44:18.0811 4132 nvsvc (06633cf95bea62164c3bfca24bce6b11) C:\Windows\system32\nvvsvc.exe
17:44:18.0827 4132 nvsvc - ok
17:44:18.0951 4132 nvUpdatusService (53b629ce436b110c5689c2f6439e567b) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:44:18.0951 4132 nvUpdatusService - ok
17:44:18.0998 4132 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:44:18.0998 4132 nv_agp - ok
17:44:19.0045 4132 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:44:19.0045 4132 ohci1394 - ok
17:44:19.0107 4132 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:44:19.0107 4132 ose - ok
17:44:19.0388 4132 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:44:19.0419 4132 osppsvc - ok
17:44:19.0482 4132 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:44:19.0482 4132 p2pimsvc - ok
17:44:19.0513 4132 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
17:44:19.0529 4132 p2psvc - ok
17:44:19.0560 4132 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
17:44:19.0575 4132 Parport - ok
17:44:19.0607 4132 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
17:44:19.0607 4132 partmgr - ok
17:44:19.0700 4132 PassThru Service (39b9dcd7040654c2e57d7396736c718e) C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
17:44:19.0700 4132 PassThru Service - ok
17:44:19.0716 4132 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
17:44:19.0731 4132 PcaSvc - ok
17:44:19.0841 4132 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:44:19.0841 4132 pci - ok
17:44:19.0872 4132 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:44:19.0872 4132 pciide - ok
17:44:20.0012 4132 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
17:44:20.0028 4132 pcmcia - ok
17:44:20.0043 4132 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:44:20.0043 4132 pcw - ok
17:44:20.0075 4132 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:44:20.0090 4132 PEAUTH - ok
17:44:20.0199 4132 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
17:44:20.0199 4132 PeerDistSvc - ok
17:44:20.0262 4132 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
17:44:20.0262 4132 PerfHost - ok
17:44:20.0387 4132 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
17:44:20.0402 4132 pla - ok
17:44:20.0465 4132 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
17:44:20.0465 4132 PlugPlay - ok
17:44:20.0480 4132 PnkBstrA - ok
17:44:20.0496 4132 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
17:44:20.0496 4132 PNRPAutoReg - ok
17:44:20.0511 4132 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:44:20.0527 4132 PNRPsvc - ok
17:44:20.0574 4132 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
17:44:20.0574 4132 PolicyAgent - ok
17:44:20.0605 4132 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
17:44:20.0605 4132 Power - ok
17:44:20.0683 4132 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:44:20.0683 4132 PptpMiniport - ok
17:44:20.0699 4132 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
17:44:20.0699 4132 Processor - ok
17:44:20.0745 4132 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
17:44:20.0745 4132 ProfSvc - ok
17:44:20.0777 4132 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:44:20.0777 4132 ProtectedStorage - ok
17:44:20.0808 4132 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:44:20.0808 4132 Psched - ok
17:44:20.0855 4132 PStrip64 (23eed24b0a780863df35b500c4ea0733) C:\Windows\system32\drivers\pstrip64.sys
17:44:20.0855 4132 PStrip64 - ok
17:44:20.0917 4132 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
17:44:20.0964 4132 ql2300 - ok
17:44:21.0026 4132 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
17:44:21.0042 4132 ql40xx - ok
17:44:21.0073 4132 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
17:44:21.0073 4132 QWAVE - ok
17:44:21.0089 4132 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:44:21.0089 4132 QWAVEdrv - ok
17:44:21.0104 4132 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:44:21.0104 4132 RasAcd - ok
17:44:21.0120 4132 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:44:21.0120 4132 RasAgileVpn - ok
17:44:21.0135 4132 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
17:44:21.0135 4132 RasAuto - ok
17:44:21.0182 4132 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:44:21.0182 4132 Rasl2tp - ok
17:44:21.0245 4132 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
17:44:21.0245 4132 RasMan - ok
17:44:21.0260 4132 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:44:21.0260 4132 RasPppoe - ok
17:44:21.0276 4132 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:44:21.0276 4132 RasSstp - ok
17:44:21.0323 4132 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:44:21.0323 4132 rdbss - ok
17:44:21.0323 4132 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
17:44:21.0323 4132 rdpbus - ok
17:44:21.0338 4132 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:44:21.0338 4132 RDPCDD - ok
17:44:21.0369 4132 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
17:44:21.0369 4132 RDPDR - ok
17:44:21.0385 4132 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:44:21.0401 4132 RDPENCDD - ok
17:44:21.0401 4132 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:44:21.0401 4132 RDPREFMP - ok
17:44:21.0494 4132 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
17:44:21.0510 4132 RdpVideoMiniport - ok
17:44:21.0557 4132 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
17:44:21.0557 4132 RDPWD - ok
17:44:21.0603 4132 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:44:21.0619 4132 rdyboost - ok
17:44:21.0635 4132 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
17:44:21.0635 4132 RemoteAccess - ok
17:44:21.0666 4132 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
17:44:21.0666 4132 RemoteRegistry - ok
17:44:21.0681 4132 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
17:44:21.0681 4132 RpcEptMapper - ok
17:44:21.0697 4132 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
17:44:21.0697 4132 RpcLocator - ok
17:44:21.0744 4132 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:44:21.0759 4132 RpcSs - ok
17:44:21.0791 4132 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:44:21.0791 4132 rspndr - ok
17:44:21.0822 4132 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
17:44:21.0822 4132 s3cap - ok
17:44:21.0853 4132 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:44:21.0853 4132 SamSs - ok
17:44:21.0884 4132 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:44:21.0900 4132 sbp2port - ok
17:44:21.0915 4132 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
17:44:21.0915 4132 SCardSvr - ok
17:44:21.0947 4132 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:44:21.0947 4132 scfilter - ok
17:44:22.0025 4132 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
17:44:22.0025 4132 Schedule - ok
17:44:22.0103 4132 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:44:22.0103 4132 SCPolicySvc - ok
17:44:22.0196 4132 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
17:44:22.0196 4132 SDRSVC - ok
17:44:22.0227 4132 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:44:22.0227 4132 secdrv - ok
17:44:22.0259 4132 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
17:44:22.0259 4132 seclogon - ok
17:44:22.0290 4132 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
17:44:22.0290 4132 SENS - ok
17:44:22.0305 4132 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
17:44:22.0305 4132 SensrSvc - ok
17:44:22.0321 4132 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
17:44:22.0321 4132 Serenum - ok
17:44:22.0337 4132 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
17:44:22.0337 4132 Serial - ok
17:44:22.0383 4132 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
17:44:22.0383 4132 sermouse - ok
17:44:22.0415 4132 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
17:44:22.0430 4132 SessionEnv - ok
17:44:22.0446 4132 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:44:22.0461 4132 sffdisk - ok
17:44:22.0461 4132 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:44:22.0461 4132 sffp_mmc - ok
17:44:22.0461 4132 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:44:22.0461 4132 sffp_sd - ok
17:44:22.0477 4132 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
17:44:22.0477 4132 sfloppy - ok
17:44:22.0524 4132 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
17:44:22.0524 4132 SharedAccess - ok
17:44:22.0571 4132 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
17:44:22.0586 4132 ShellHWDetection - ok
17:44:22.0602 4132 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:44:22.0602 4132 SiSRaid2 - ok
17:44:22.0617 4132 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
17:44:22.0617 4132 SiSRaid4 - ok
17:44:22.0649 4132 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:44:22.0649 4132 Smb - ok
17:44:22.0664 4132 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
17:44:22.0664 4132 SNMPTRAP - ok
17:44:22.0680 4132 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:44:22.0680 4132 spldr - ok
17:44:22.0742 4132 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
17:44:22.0742 4132 Spooler - ok
17:44:22.0945 4132 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
17:44:22.0961 4132 sppsvc - ok
17:44:23.0023 4132 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
17:44:23.0023 4132 sppuinotify - ok
17:44:23.0132 4132 sptd (602884696850c86434530790b110e8eb) C:\Windows\System32\Drivers\sptd.sys
17:44:23.0148 4132 sptd - ok
17:44:23.0210 4132 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:44:23.0210 4132 srv - ok
17:44:23.0241 4132 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:44:23.0257 4132 srv2 - ok
17:44:23.0288 4132 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:44:23.0288 4132 srvnet - ok
17:44:23.0319 4132 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
17:44:23.0319 4132 SSDPSRV - ok
17:44:23.0351 4132 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
17:44:23.0351 4132 SstpSvc - ok
17:44:23.0397 4132 Steam Client Service - ok
17:44:23.0507 4132 Stereo Service (c354621b6b94e10ae7f5cdbe745feb86) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:44:23.0507 4132 Stereo Service - ok
17:44:23.0538 4132 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
17:44:23.0538 4132 stexstor - ok
17:44:23.0585 4132 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
17:44:23.0600 4132 stisvc - ok
17:44:23.0647 4132 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
17:44:23.0647 4132 storflt - ok
17:44:23.0663 4132 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
17:44:23.0663 4132 storvsc - ok
17:44:23.0678 4132 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
17:44:23.0678 4132 swenum - ok
17:44:23.0709 4132 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
17:44:23.0741 4132 swprv - ok
17:44:23.0772 4132 Synth3dVsc - ok
17:44:23.0865 4132 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
17:44:23.0881 4132 SysMain - ok
17:44:23.0959 4132 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
17:44:23.0959 4132 TabletInputService - ok
17:44:24.0006 4132 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
17:44:24.0006 4132 TapiSrv - ok
17:44:24.0021 4132 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
17:44:24.0037 4132 TBS - ok
17:44:24.0131 4132 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
17:44:24.0162 4132 Tcpip - ok
17:44:24.0365 4132 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
17:44:24.0380 4132 TCPIP6 - ok
17:44:24.0427 4132 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:44:24.0427 4132 tcpipreg - ok
17:44:24.0443 4132 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:44:24.0458 4132 TDPIPE - ok
17:44:24.0474 4132 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
17:44:24.0489 4132 TDTCP - ok
17:44:24.0521 4132 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:44:24.0521 4132 tdx - ok
17:44:24.0567 4132 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
17:44:24.0567 4132 TermDD - ok
17:44:24.0630 4132 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
17:44:24.0661 4132 TermService - ok
17:44:24.0692 4132 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
17:44:24.0692 4132 Themes - ok
17:44:24.0708 4132 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:44:24.0708 4132 THREADORDER - ok
17:44:24.0723 4132 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
17:44:24.0739 4132 TrkWks - ok
17:44:24.0786 4132 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
17:44:24.0786 4132 TrustedInstaller - ok
17:44:24.0817 4132 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:44:24.0817 4132 tssecsrv - ok
17:44:24.0848 4132 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:44:24.0848 4132 TsUsbFlt - ok
17:44:24.0864 4132 tsusbhub - ok
17:44:24.0911 4132 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:44:24.0911 4132 tunnel - ok
17:44:25.0035 4132 tvnserver (aaf458cc200326bef602b5339400bf86) C:\Program Files (x86)\TightVNC\tvnserver.exe
17:44:25.0035 4132 tvnserver - ok
17:44:25.0051 4132 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
17:44:25.0051 4132 uagp35 - ok
17:44:25.0098 4132 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:44:25.0098 4132 udfs - ok
17:44:25.0113 4132 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
17:44:25.0113 4132 UI0Detect - ok
17:44:25.0145 4132 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:44:25.0145 4132 uliagpkx - ok
17:44:25.0160 4132 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
17:44:25.0160 4132 umbus - ok
17:44:25.0191 4132 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
17:44:25.0207 4132 UmPass - ok
17:44:25.0238 4132 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
17:44:25.0238 4132 UmRdpService - ok
17:44:25.0269 4132 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
17:44:25.0269 4132 upnphost - ok
17:44:25.0316 4132 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
17:44:25.0316 4132 USBAAPL64 - ok
17:44:25.0347 4132 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
17:44:25.0347 4132 usbaudio - ok
17:44:25.0394 4132 usbbus (c73cb90e6a2ff90fd02451a8dfc6af8a) C:\Windows\system32\DRIVERS\lgx64bus.sys
17:44:25.0394 4132 usbbus - ok
17:44:25.0425 4132 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
17:44:25.0425 4132 usbccgp - ok
17:44:25.0457 4132 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:44:25.0457 4132 usbcir - ok
17:44:25.0472 4132 UsbDiag (856ce1f23785369bb5a2de0aedad0aa7) C:\Windows\system32\DRIVERS\lgx64diag.sys
17:44:25.0488 4132 UsbDiag - ok
17:44:25.0519 4132 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
17:44:25.0519 4132 usbehci - ok
17:44:25.0581 4132 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
17:44:25.0581 4132 usbhub - ok
17:44:25.0597 4132 USBModem (f81055629778d33c9317b32e4d2b58db) C:\Windows\system32\DRIVERS\lgx64modem.sys
17:44:25.0613 4132 USBModem - ok
17:44:25.0628 4132 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
17:44:25.0628 4132 usbohci - ok
17:44:25.0644 4132 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:44:25.0644 4132 usbprint - ok
17:44:25.0675 4132 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
17:44:25.0675 4132 usbscan - ok
17:44:25.0691 4132 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:44:25.0691 4132 USBSTOR - ok
17:44:25.0722 4132 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
17:44:25.0722 4132 usbuhci - ok
17:44:25.0737 4132 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
17:44:25.0737 4132 UxSms - ok
17:44:25.0769 4132 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:44:25.0769 4132 VaultSvc - ok
17:44:25.0800 4132 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:44:25.0815 4132 vdrvroot - ok
17:44:25.0862 4132 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
17:44:25.0893 4132 vds - ok
17:44:25.0925 4132 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:44:25.0925 4132 vga - ok
17:44:25.0925 4132 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:44:25.0925 4132 VgaSave - ok
17:44:25.0940 4132 VGPU - ok
17:44:25.0987 4132 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:44:25.0987 4132 vhdmp - ok
17:44:26.0112 4132 VIAHdAudAddService (f41d49d99a12057841547ff4224fb580) C:\Windows\system32\drivers\viahduaa.sys
17:44:26.0127 4132 VIAHdAudAddService - ok
17:44:26.0205 4132 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:44:26.0205 4132 viaide - ok
17:44:26.0221 4132 VIAKaraokeService (d60ed94ba878fee30810fc17a798c290) C:\Windows\system32\viakaraokesrv.exe
17:44:26.0221 4132 VIAKaraokeService - ok
17:44:26.0237 4132 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
17:44:26.0237 4132 vmbus - ok
17:44:26.0252 4132 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
17:44:26.0252 4132 VMBusHID - ok
17:44:26.0268 4132 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:44:26.0268 4132 volmgr - ok
17:44:26.0315 4132 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:44:26.0315 4132 volmgrx - ok
17:44:26.0439 4132 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:44:26.0455 4132 volsnap - ok
17:44:26.0627 4132 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
17:44:26.0642 4132 vsmraid - ok
17:44:26.0845 4132 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
17:44:26.0876 4132 VSS - ok
17:44:26.0970 4132 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:44:26.0970 4132 vwifibus - ok
17:44:26.0970 4132 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:44:26.0970 4132 vwififlt - ok
17:44:27.0095 4132 VX1000 (ce6c085771812d5ee863cc7ef93caef2) C:\Windows\system32\DRIVERS\VX1000.sys
17:44:27.0110 4132 VX1000 - ok
17:44:27.0173 4132 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
17:44:27.0173 4132 W32Time - ok
17:44:27.0204 4132 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
17:44:27.0204 4132 WacomPen - ok
17:44:27.0251 4132 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:44:27.0251 4132 WANARP - ok
17:44:27.0266 4132 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:44:27.0266 4132 Wanarpv6 - ok
17:44:27.0344 4132 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
17:44:27.0375 4132 wbengine - ok
17:44:27.0422 4132 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
17:44:27.0422 4132 WbioSrvc - ok
17:44:27.0485 4132 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
17:44:27.0485 4132 wcncsvc - ok
17:44:27.0516 4132 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
17:44:27.0516 4132 WcsPlugInService - ok
17:44:27.0531 4132 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
17:44:27.0531 4132 Wd - ok
17:44:27.0563 4132 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:44:27.0578 4132 Wdf01000 - ok
17:44:27.0594 4132 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:44:27.0594 4132 WdiServiceHost - ok
17:44:27.0594 4132 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:44:27.0594 4132 WdiSystemHost - ok
17:44:27.0641 4132 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
17:44:27.0641 4132 WebClient - ok
17:44:27.0672 4132 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
17:44:27.0672 4132 Wecsvc - ok
17:44:27.0687 4132 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
17:44:27.0687 4132 wercplsupport - ok
17:44:27.0703 4132 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
17:44:27.0703 4132 WerSvc - ok
17:44:27.0734 4132 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:44:27.0734 4132 WfpLwf - ok
17:44:27.0750 4132 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:44:27.0750 4132 WIMMount - ok
17:44:27.0765 4132 WinDefend - ok
17:44:27.0765 4132 WinHttpAutoProxySvc - ok
17:44:27.0828 4132 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
17:44:27.0828 4132 Winmgmt - ok
17:44:27.0937 4132 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
17:44:27.0984 4132 WinRM - ok
17:44:28.0093 4132 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
17:44:28.0093 4132 WinUsb - ok
17:44:28.0155 4132 WLANBelkinService (0f695800783c3f9e577b94bf1e71d95a) C:\Installierte Programme\Belkin\wlansrv.exe
17:44:28.0155 4132 WLANBelkinService - ok
17:44:28.0218 4132 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
17:44:28.0218 4132 Wlansvc - ok
17:44:28.0405 4132 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:44:28.0405 4132 wlidsvc - ok
17:44:28.0483 4132 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
17:44:28.0483 4132 WmiAcpi - ok
17:44:28.0530 4132 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
17:44:28.0530 4132 wmiApSrv - ok
17:44:28.0561 4132 WMPNetworkSvc - ok
17:44:28.0577 4132 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
17:44:28.0577 4132 WPCSvc - ok
17:44:28.0608 4132 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
17:44:28.0623 4132 WPDBusEnum - ok
17:44:28.0639 4132 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:44:28.0639 4132 ws2ifsl - ok
17:44:28.0655 4132 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
17:44:28.0655 4132 wscsvc - ok
17:44:28.0686 4132 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
17:44:28.0686 4132 WSDPrintDevice - ok
17:44:28.0717 4132 WSDScan (4a2a5c50dd1a63577d3aca94269fbc7f) C:\Windows\system32\DRIVERS\WSDScan.sys
17:44:28.0717 4132 WSDScan - ok
17:44:28.0717 4132 WSearch - ok
17:44:28.0982 4132 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
17:44:28.0998 4132 wuauserv - ok
17:44:29.0091 4132 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:44:29.0091 4132 WudfPf - ok
17:44:29.0123 4132 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:44:29.0138 4132 WUDFRd - ok
17:44:29.0169 4132 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
17:44:29.0169 4132 wudfsvc - ok
17:44:29.0185 4132 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
17:44:29.0201 4132 WwanSvc - ok
17:44:29.0216 4132 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
17:44:29.0419 4132 \Device\Harddisk0\DR0 - ok
17:44:29.0419 4132 Boot (0x1200) (47e067664aeb9f296da4b17d69ff7b1e) \Device\Harddisk0\DR0\Partition0
17:44:29.0419 4132 \Device\Harddisk0\DR0\Partition0 - ok
17:44:29.0450 4132 Boot (0x1200) (ab16179d0ed382f9d0aca5d24cfebf8d) \Device\Harddisk0\DR0\Partition1
17:44:29.0450 4132 \Device\Harddisk0\DR0\Partition1 - ok
17:44:29.0450 4132 ============================================================
17:44:29.0450 4132 Scan finished
17:44:29.0450 4132 ============================================================
17:44:29.0466 3604 Detected object count: 0
17:44:29.0466 3604 Actual detected object count: 0
17:44:54.0719 3464 Deinitialize success
und Code:
17:42:19.0337 3192 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
17:42:21.0350 3192 ============================================================
17:42:21.0350 3192 Current date / time: 2012/06/21 17:42:21.0350
17:42:21.0350 3192 SystemInfo:
17:42:21.0350 3192
17:42:21.0350 3192 OS Version: 6.1.7601 ServicePack: 1.0
17:42:21.0350 3192 Product type: Workstation
17:42:21.0350 3192 ComputerName: DEIM-PC
17:42:21.0350 3192 UserName: Gerrit
17:42:21.0350 3192 Windows directory: C:\Windows
17:42:21.0350 3192 System windows directory: C:\Windows
17:42:21.0350 3192 Running under WOW64
17:42:21.0350 3192 Processor architecture: Intel x64
17:42:21.0350 3192 Number of processors: 4
17:42:21.0350 3192 Page size: 0x1000
17:42:21.0350 3192 Boot type: Normal boot
17:42:21.0350 3192 ============================================================
17:42:25.0390 3192 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:42:25.0390 3192 ============================================================
17:42:25.0390 3192 \Device\Harddisk0\DR0:
17:42:25.0390 3192 MBR partitions:
17:42:25.0390 3192 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:42:25.0390 3192 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
17:42:25.0390 3192 ============================================================
17:42:25.0437 3192 C: <-> \Device\Harddisk0\DR0\Partition1
17:42:25.0437 3192 ============================================================
17:42:25.0437 3192 Initialize success
17:42:25.0437 3192 ============================================================
17:43:38.0611 5836 Deinitialize success
ckscan: Code:
CKScanner - Additional Security Risks - These are not necessarily bad
c:\installierte programme\gimp\share\gimp\2.0\patterns\cracked.pat
c:\installierte programme\jdownloader\jd\plugins\hoster\crackedcom.class
c:\installierte programme\steam\steamapps\common\audiosurf\engine\crypt.dll
c:\installierte programme\steam\steamapps\common\audiosurf\engine\channels\crypt.dll
c:\users\***\desktop\challenger4life\cracker\flax-chili.docx
c:\users\***\desktop\challenger4life\cracker\noch im test\400 g leinsamen.docx
c:\users\***\desktop\challenger4life\cracker\noch im test\challenge.docx
c:\users\***\desktop\challenger4life\rezepte_update_01\challenge-chili-cracker.docx
c:\users\***\desktop\challenger_rezepte\challenger_rezepte(1)\cracker\flax-chili.docx
c:\users\***\desktop\challenger_rezepte\challenger_rezepte(1)\cracker\noch im test\400 g leinsamen.docx
c:\users\***\desktop\challenger_rezepte\challenger_rezepte(1)\cracker\noch im test\challenge.docx
c:\users\***\desktop\challenger_rezepte\cracker\flax-chili.docx
c:\users\***\desktop\challenger_rezepte\cracker\noch im test\400 g leinsamen.docx
c:\users\***\desktop\challenger_rezepte\cracker\noch im test\challenge.docx
c:\users\***\desktop\challenger_rezepte\rezepte_update_01\challenge-chili-cracker.docx
scanner sequence 3.DK.11.PLLBHV
----- EOF -----
und
OTL gibt auch einen Fehler a ´la "List index out of bound" aus. Leider vergessen einen Screen zu erstellen :-/ http://s14.directupload.net/images/120621/eo66khrx.gif Code:
OTL logfile created on: 21.06.2012 18:06:24 - Run 3
OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\***\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,09 Gb Available Physical Memory | 52,14% Memory free
8,00 Gb Paging File | 5,72 Gb Available in Paging File | 71,48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 106,05 Gb Free Space | 22,77% Space Free | Partition Type: NTFS
Computer Name: DEIM-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\TotalCare\Firewall\GDFirewallTray.exe (G Data Software AG)
PRC - C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe (G Data Software AG)
PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
PRC - C:\Program Files (x86)\TightVNC\tvnserver.exe (GlavSoft LLC.)
PRC - C:\Installierte Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\G Data\TotalCare\AVKTray\AVKTray.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\TotalCare\AVK\AVKService.exe (G Data Software AG)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Installierte Programme\EVEREST Ultimate Edition\everest.exe (Lavalys, Inc.)
PRC - C:\Installierte Programme\Creative Sound\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\Installierte Programme\StrokeIT\strokeit.exe ()
PRC - C:\Installierte Programme\Belkin\wlansrv.exe ()
PRC - C:\Installierte Programme\Belkin\PBN.exe ()
PRC - C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
========== Modules (No Company Name) ==========
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()
MOD - C:\Windows\SysWOW64\APOMngr.DLL ()
MOD - C:\Installierte Programme\StrokeIT\Plugins\exec.dll ()
MOD - C:\Installierte Programme\StrokeIT\Plugins\msg.dll ()
MOD - C:\Installierte Programme\StrokeIT\Plugins\OSD.dll ()
MOD - C:\Installierte Programme\StrokeIT\Plugins\keys.dll ()
MOD - C:\Installierte Programme\StrokeIT\Plugins\win.dll ()
MOD - C:\Installierte Programme\StrokeIT\Plugins\utilities.dll ()
MOD - C:\Installierte Programme\StrokeIT\Plugins\multimon.dll ()
MOD - C:\Installierte Programme\StrokeIT\Plugins\siControl.dll ()
MOD - C:\Installierte Programme\StrokeIT\strokeit.exe ()
MOD - C:\Installierte Programme\StrokeIT\mhook.dll ()
MOD - C:\Windows\SysWOW64\CmdRtr.DLL ()
MOD - C:\Installierte Programme\Belkin\PBN.exe ()
MOD - C:\Installierte Programme\Belkin\BelkinwcuiDLL.dll ()
========== Win32 Services (SafeList) ==========
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (VIAKaraokeService) -- C:\Windows\SysNative\ViakaraokeSrv.exe (VIA Technologies, Inc.)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (GDBackupSvc) -- C:\Program Files (x86)\G Data\TotalCare\AVKBackup\AVKBackupService.exe (G Data Software AG)
SRV - (AVKProxy) -- C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe (G Data Software AG)
SRV - (GDScan) -- C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe (G Data Software AG)
SRV - (AVKWCtl) -- C:\Program Files (x86)\G Data\TotalCare\AVK\AVKWCtlX64.exe (G Data Software AG)
SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (GDFwSvc) -- C:\Program Files (x86)\G Data\TotalCare\Firewall\GDFwSvcx64.exe (G Data Software AG)
SRV - (tvnserver) -- C:\Program Files (x86)\TightVNC\tvnserver.exe (GlavSoft LLC.)
SRV - (MBAMService) -- C:\Installierte Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (GDTunerSvc) -- C:\Program Files (x86)\G Data\TotalCare\AVKTuner\AVKTunerService.exe (G Data Software AG)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (AVKService) -- C:\Program Files (x86)\G Data\TotalCare\AVK\AVKService.exe (G Data Software AG)
SRV - (Creative ALchemy AL6 Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (MSCamSvc) -- C:\Programme\Microsoft LifeCam\MSCamS64.exe (Microsoft Corporation)
SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (WLANBelkinService) -- C:\Installierte Programme\Belkin\wlansrv.exe ()
SRV - (HauppaugeTVServer) -- C:\Installierte Programme\Hauppauge\WinTV\TVServer\HauppaugeTVServer.exe (Hauppauge Computer Works)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (AODDriver4.01) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys File not found
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (HookCentre) -- C:\Windows\SysNative\drivers\HookCentre.sys (G Data Software AG)
DRV:64bit: - (GDMnIcpt) -- C:\Windows\SysNative\drivers\MiniIcpt.sys (G Data Software AG)
DRV:64bit: - (gdwfpcd) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys (G Data Software AG)
DRV:64bit: - (GDBehave) -- C:\Windows\SysNative\drivers\GDBehave.sys (G Data Software AG)
DRV:64bit: - (GDPkIcpt) -- C:\Windows\SysNative\drivers\PktIcpt.sys (G Data Software AG)
DRV:64bit: - (GRD) -- C:\Windows\SysNative\drivers\GRD.sys (G Data Software)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AnyDVD) -- C:\Windows\SysNative\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV:64bit: - (GdNetMon) -- C:\Windows\SysNative\drivers\GdNetMon64.sys (G Data Software AG)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (AF9035BDA) -- C:\Windows\SysNative\drivers\AF15BDA.sys (ITETech )
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (ksaud) -- C:\Windows\SysNative\drivers\ksaud.sys (Creative Technology Ltd.)
DRV:64bit: - (htcnprot) -- C:\Windows\SysNative\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie64.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (VX1000) -- C:\Windows\SysNative\drivers\VX1000.sys (Microsoft Corporation)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (UsbDiag) -- C:\Windows\SysNative\drivers\lgx64diag.sys (LG Electronics Inc.)
DRV:64bit: - (USBModem) -- C:\Windows\SysNative\drivers\lgx64modem.sys (LG Electronics Inc.)
DRV:64bit: - (usbbus) -- C:\Windows\SysNative\drivers\lgx64bus.sys (LG Electronics Inc.)
DRV:64bit: - (BCMH43XX) -- C:\Windows\SysNative\drivers\bcmwlhigh664.sys (Broadcom Corporation)
DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV:64bit: - (LgBttPort) -- C:\Windows\SysNative\drivers\lgbtpt64.sys (LG Electronics Inc.)
DRV:64bit: - (LGVMODEM) -- C:\Windows\SysNative\drivers\lgvmdm64.sys (LG Electronics Inc.)
DRV:64bit: - (lgbusenum) -- C:\Windows\SysNative\drivers\lgbtbs64.sys (LG Electronics Inc.)
DRV:64bit: - (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (WSDScan) -- C:\Windows\SysNative\drivers\WSDScan.sys (Microsoft Corporation)
DRV:64bit: - (hcw17bda) -- C:\Windows\SysNative\drivers\hcw17bda.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GearAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (FlashUSB) -- C:\Windows\SysNative\drivers\FlashUSB_x64.sys (Danish Wireless Design A/S)
DRV:64bit: - (FWLANUSB) -- C:\Windows\SysNative\drivers\fwlanusb.sys (AVM GmbH)
DRV:64bit: - (avmeject) -- C:\Windows\SysNative\drivers\avmeject.sys (AVM Berlin)
DRV:64bit: - (PStrip64) -- C:\Windows\SysNative\drivers\pstrip64.sys ()
DRV - (AnyDVD) -- C:\Windows\SysWOW64\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (GRD) -- C:\Windows\SysWOW64\drivers\GRD.sys (G Data Software)
DRV - (EverestDriver) -- C:\Installierte Programme\EVEREST Ultimate Edition\kerneld.amd64 ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (FlashUSB) -- C:\Windows\SysWOW64\drivers\FlashUsb_x64.sys (Danish Wireless Design A/S)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2653012
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 20 CC AA 56 C6 AD CA 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {9DF2771F-8AF1-4CDE-8068-7B93E8C53E78}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{9DF2771F-8AF1-4CDE-8068-7B93E8C53E78}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2653012
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de"
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.0.2
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:21.1.10084.997
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..keyword.URL: "chrome://browser-region/locale/region.properties"
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Installierte Programme\Adobe Acrobat\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\***\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\***\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.10 21:17:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.06.10 21:17:25 | 000,000,000 | ---D | M]
[2010.01.15 01:22:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2012.06.19 11:36:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\4ozyzd4c.default\extensions
[2010.01.15 01:58:06 | 000,000,000 | ---D | M] (Dr.Web anti-virus link checker) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\4ozyzd4c.default\extensions\{6614d11d-d21d-b211-ae23-815234e1ebb5}(2)
[2010.01.15 01:58:06 | 000,000,000 | ---D | M] ("BetterPrivacy") -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\4ozyzd4c.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}(2)
[2012.05.17 22:32:29 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\4ozyzd4c.default\extensions\ich@maltegoetz.de
[2011.03.11 23:25:11 | 000,000,000 | ---D | M] (Personas) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\4ozyzd4c.default\extensions\personas@christopher.beard
[2011.03.21 14:46:56 | 000,000,933 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4ozyzd4c.default\searchplugins\conduit.xml
[2011.11.05 13:05:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.01.06 08:06:20 | 000,000,000 | ---D | M] (G Data BankGuard) -- C:\Program Files (x86)\mozilla firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}
[2011.11.05 13:05:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
[2012.06.12 23:34:33 | 000,525,301 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4OZYZD4C.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
[2012.01.06 04:11:13 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4OZYZD4C.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012.05.04 13:43:38 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.10.26 20:49:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2011.09.29 03:24:37 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.09.29 03:16:42 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.09.29 03:24:37 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.09.29 03:24:37 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.09.29 03:24:37 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.09.29 03:24:37 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\***\AppData\Local\Google\Chrome\Application\17.0.963.78\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\***\AppData\Local\Google\Chrome\Application\17.0.963.78\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\***\AppData\Local\Google\Chrome\Application\17.0.963.78\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Installierte Programme\Adobe Acrobat\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Installierte Programme\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Installierte Programme\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Installierte Programme\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Installierte Programme\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Installierte Programme\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Installierte Programme\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Installierte Programme\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Skype Click to Call = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\TotalCare\Webfilter\AVKWebIEx64.dll (G Data Software AG)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\TotalCare\WebFilter\AvkWebIE.dll (G Data Software AG)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G Data\AVKProxy\BanksafeBHO.dll (G Data Software AG)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O3:64bit: - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\TotalCare\Webfilter\AVKWebIEx64.dll (G Data Software AG)
O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\TotalCare\WebFilter\AvkWebIE.dll (G Data Software AG)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~2\TerraTec\TERRAT~1\THCDES~1.DLL (TerraTec Electronic GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [Creative SB Monitoring Utility] C:\Windows\SysNative\SBAVMon.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Installierte Programme\Adobe Acrobat\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\TotalCare\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\TotalCare\Firewall\GDFirewallTray.exe (G Data Software AG)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Installierte Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Module Loader] C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [tvncontrol] C:\Program Files (x86)\TightVNC\tvnserver.exe (GlavSoft LLC.)
O4 - HKLM..\Run: [VolPanel] C:\Installierte Programme\Creative Sound\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKCU..\Run: [StrokeIt] C:\Installierte Programme\StrokeIT\strokeit.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: BID Link Explorer: Öffne aktuelle Seite - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlinkexplorer.htm ()
O8:64bit: - Extra context menu item: BID: Link in Queue einreihen - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlinkqueue.htm ()
O8:64bit: - Extra context menu item: BID: Öffne aktuelle Seite - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebid.htm ()
O8:64bit: - Extra context menu item: BID: Öffne diesen &Link - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlink.htm ()
O8:64bit: - Extra context menu item: BID: Seite in &Queue einreihen - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidqueue.htm ()
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: BID Link Explorer: Öffne aktuelle Seite - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlinkexplorer.htm ()
O8 - Extra context menu item: BID: Link in Queue einreihen - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlinkqueue.htm ()
O8 - Extra context menu item: BID: Öffne aktuelle Seite - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebid.htm ()
O8 - Extra context menu item: BID: Öffne diesen &Link - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlink.htm ()
O8 - Extra context menu item: BID: Seite in &Queue einreihen - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidqueue.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Installierte Programme\ICQ\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Installierte Programme\ICQ\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{188A2009-2BDF-484F-AFD4-B012853F2240}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8F24F444-F3C5-405A-9CE8-A795140CA3AB}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B1789511-27C6-4128-8CBE-E4325EEE1A52}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{00529125-79e9-11df-8d86-40618658d82c}\Shell - "" = AutoRun
O33 - MountPoints2\{00529125-79e9-11df-8d86-40618658d82c}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{e816693f-d62c-11df-92ff-40618658d82c}\Shell - "" = AutoRun
O33 - MountPoints2\{e816693f-d62c-11df-92ff-40618658d82c}\Shell\AutoRun\command - "" = H:\pushinst.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.06.21 16:20:25 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.06.21 16:20:25 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012.06.21 16:20:25 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.06.21 16:19:52 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012.06.21 16:19:52 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012.06.20 21:33:41 | 002,127,960 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\***\Desktop\tdsskiller.exe
[2012.06.20 21:30:24 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\***\Desktop\aswMBR.exe
[2012.06.19 11:37:35 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2012.06.13 15:56:00 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.06.13 15:56:00 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.06.13 15:55:59 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.06.13 15:55:59 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.06.13 15:55:58 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.06.13 15:55:58 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.06.13 15:55:57 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.06.13 15:55:57 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.06.13 15:55:54 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.06.13 15:55:54 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.06.13 15:55:54 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.06.13 15:55:54 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.06.13 15:55:53 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.06.13 14:26:09 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012.06.13 14:26:09 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012.06.13 14:26:09 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012.06.13 14:26:01 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.06.13 14:26:01 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.06.13 14:26:00 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.06.13 14:25:58 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2012.06.13 14:25:53 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012.06.13 14:25:49 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.06.13 14:25:49 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.06.12 10:07:32 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\challenger4life
[2012.06.11 02:25:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Apps Sync
[2012.06.11 02:25:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012.06.11 02:21:18 | 008,105,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012.06.11 02:21:17 | 025,743,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012.06.11 02:21:17 | 025,248,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012.06.11 02:21:17 | 019,607,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012.06.11 02:21:17 | 018,044,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012.06.11 02:21:17 | 017,551,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012.06.11 02:21:17 | 015,322,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012.06.11 02:21:17 | 008,139,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012.06.11 02:21:17 | 005,982,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012.06.11 02:21:17 | 002,881,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012.06.11 02:21:17 | 002,681,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012.06.11 02:21:17 | 002,524,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012.06.11 02:21:17 | 002,445,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012.06.11 01:22:27 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Macromedia
[2012.06.10 22:13:09 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Diablo III
[2012.06.10 21:17:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012.06.10 21:13:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
[2012.06.10 21:13:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diablo III
[2012.06.10 21:00:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.06.21 17:48:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1293076610-2430302069-3362149001-1001UA.job
[2012.06.21 17:48:00 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1293076610-2430302069-3362149001-1001Core.job
[2012.06.21 17:46:07 | 000,020,672 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.21 17:46:07 | 000,020,672 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.21 17:41:16 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2012.06.21 17:39:51 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.06.21 17:39:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.21 17:24:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.06.21 17:19:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.06.21 13:35:12 | 000,685,331 | ---- | M] () -- C:\Windows\SysWow64\sig.bin
[2012.06.21 13:35:12 | 000,040,886 | ---- | M] () -- C:\Windows\SysWow64\nmp.map
[2012.06.20 21:34:42 | 000,458,240 | ---- | M] () -- C:\Users\***\Desktop\CKScanner.exe
[2012.06.20 21:33:49 | 002,127,960 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\***\Desktop\tdsskiller.exe
[2012.06.20 21:30:33 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\***\Desktop\aswMBR.exe
[2012.06.19 11:37:37 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2012.06.19 00:00:03 | 001,527,740 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.06.19 00:00:03 | 000,664,618 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.06.19 00:00:03 | 000,624,800 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.06.19 00:00:03 | 000,134,786 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.06.19 00:00:03 | 000,110,438 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.06.18 23:57:59 | 000,002,076 | ---- | M] () -- C:\Users\***\.recently-used.xbel
[2012.06.13 20:57:27 | 005,011,888 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.06.11 01:18:50 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.06.11 01:18:50 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.06.03 00:19:42 | 000,057,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012.06.03 00:19:42 | 000,044,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.06.03 00:15:31 | 002,622,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.06.02 15:19:42 | 000,186,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012.06.02 15:15:12 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.06.20 21:34:42 | 000,458,240 | ---- | C] () -- C:\Users\***\Desktop\CKScanner.exe
[2012.06.18 23:57:59 | 000,002,076 | ---- | C] () -- C:\Users\***\.recently-used.xbel
[2012.05.15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012.01.26 23:58:44 | 000,000,600 | ---- | C] () -- C:\Users\***\AppData\Roaming\winscp.rnd
[2011.09.09 21:36:51 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.09.05 18:42:19 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.08.24 20:19:10 | 000,056,320 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011.07.22 00:16:58 | 000,921,600 | ---- | C] () -- C:\Windows\SysWow64\vorbisenc.dll
[2011.07.22 00:16:58 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\OggDS.dll
[2011.07.22 00:16:58 | 000,188,416 | ---- | C] () -- C:\Windows\SysWow64\vorbis.dll
[2011.07.22 00:16:58 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\ogg.dll
[2011.07.16 22:44:23 | 000,685,331 | ---- | C] () -- C:\Windows\SysWow64\sig.bin
[2011.06.07 22:03:12 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.03.17 19:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.11.30 19:34:11 | 000,181,760 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2010.11.30 19:34:11 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2010.11.30 19:33:14 | 000,001,772 | ---- | C] () -- C:\ProgramData\cfSB1095.ini
[2010.09.21 23:27:22 | 000,045,568 | R--- | C] () -- C:\Windows\UniFish3.exe
[2010.09.18 13:01:59 | 000,000,094 | ---- | C] () -- C:\Users\***\AppData\Local\fusioncache.dat
[2010.09.17 15:28:28 | 001,526,730 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.09.17 15:26:56 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.09.17 15:26:54 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.09.17 15:26:54 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.09.16 12:16:09 | 000,000,132 | ---- | C] () -- C:\Users\***\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2010.09.10 00:33:04 | 000,065,536 | ---- | C] () -- C:\Windows\IFinst27.exe
[2010.09.03 23:33:36 | 000,000,088 | RHS- | C] () -- C:\ProgramData\69C5FFC5C3.sys
[2010.09.03 23:33:35 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.08.21 18:31:28 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
========== Files - Unicode (All) ==========
[2010.08.09 17:26:56 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G??{d6124de8-a3c6-11df-8757-40618658d82c}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\坝G쀜㬲{d6124de8-a3c6-11df-8757-40618658d82c}.TMContainer00000000000000000002.regtrans-ms
[2010.08.09 17:26:56 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G??{d6124de8-a3c6-11df-8757-40618658d82c}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\坝G쀜㬲{d6124de8-a3c6-11df-8757-40618658d82c}.TMContainer00000000000000000001.regtrans-ms
[2010.08.09 17:26:56 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G??{d6124de4-a3c6-11df-8757-40618658d82c}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\坝G쀜㬲{d6124de4-a3c6-11df-8757-40618658d82c}.TMContainer00000000000000000002.regtrans-ms
[2010.08.09 17:26:56 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G??{d6124de4-a3c6-11df-8757-40618658d82c}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\坝G쀜㬲{d6124de4-a3c6-11df-8757-40618658d82c}.TMContainer00000000000000000001.regtrans-ms
[2010.08.09 17:26:56 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G??{d6124de8-a3c6-11df-8757-40618658d82c}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\坝G쀜㬲{d6124de8-a3c6-11df-8757-40618658d82c}.TMContainer00000000000000000002.regtrans-ms
[2010.08.09 17:26:56 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G??{d6124de8-a3c6-11df-8757-40618658d82c}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\坝G쀜㬲{d6124de8-a3c6-11df-8757-40618658d82c}.TMContainer00000000000000000001.regtrans-ms
[2010.08.09 17:26:56 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G??{d6124de4-a3c6-11df-8757-40618658d82c}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\坝G쀜㬲{d6124de4-a3c6-11df-8757-40618658d82c}.TMContainer00000000000000000002.regtrans-ms
[2010.08.09 17:26:56 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G??{d6124de4-a3c6-11df-8757-40618658d82c}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\坝G쀜㬲{d6124de4-a3c6-11df-8757-40618658d82c}.TMContainer00000000000000000001.regtrans-ms
[2010.08.09 17:26:56 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G??) -- C:\Windows\SysWow64\坝G쀜㬲
[2010.08.09 17:26:56 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G??) -- C:\Windows\SysWow64\坝G쀜㬲
[2010.08.09 17:26:56 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G??{d6124de8-a3c6-11df-8757-40618658d82c}.TM.blf) -- C:\Windows\SysWow64\坝G쀜㬲{d6124de8-a3c6-11df-8757-40618658d82c}.TM.blf
[2010.08.09 17:26:56 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G??{d6124de4-a3c6-11df-8757-40618658d82c}.TM.blf) -- C:\Windows\SysWow64\坝G쀜㬲{d6124de4-a3c6-11df-8757-40618658d82c}.TM.blf
[2010.08.09 17:26:56 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G??{d6124de8-a3c6-11df-8757-40618658d82c}.TM.blf) -- C:\Windows\SysWow64\坝G쀜㬲{d6124de8-a3c6-11df-8757-40618658d82c}.TM.blf
[2010.08.09 17:26:56 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G??{d6124de4-a3c6-11df-8757-40618658d82c}.TM.blf) -- C:\Windows\SysWow64\坝G쀜㬲{d6124de4-a3c6-11df-8757-40618658d82c}.TM.blf
[2010.08.09 17:26:56 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G??.LOG1) -- C:\Windows\SysWow64\坝G쀜㬲.LOG1
[2010.08.09 17:26:56 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G??.LOG1) -- C:\Windows\SysWow64\坝G쀜㬲.LOG1
[2010.08.09 17:26:56 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G??.LOG2) -- C:\Windows\SysWow64\坝G쀜㬲.LOG2
[2010.08.09 17:26:56 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G??.LOG2) -- C:\Windows\SysWow64\坝G쀜㬲.LOG2
[2010.03.08 19:54:43 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?F??) -- C:\Windows\SysWow64\F滋䱜
[2010.03.08 19:54:43 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?F??.LOG1) -- C:\Windows\SysWow64\F滋䱜.LOG1
[2010.03.08 19:54:42 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?F??{ec44a248-2abb-11df-ab12-40618658d82c}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\F滋䱜{ec44a248-2abb-11df-ab12-40618658d82c}.TMContainer00000000000000000002.regtrans-ms
[2010.03.08 19:54:42 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?F??{ec44a248-2abb-11df-ab12-40618658d82c}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\F滋䱜{ec44a248-2abb-11df-ab12-40618658d82c}.TMContainer00000000000000000001.regtrans-ms
[2010.03.08 19:54:42 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?F??{ec44a244-2abb-11df-ab12-40618658d82c}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\F滋䱜{ec44a244-2abb-11df-ab12-40618658d82c}.TMContainer00000000000000000002.regtrans-ms
[2010.03.08 19:54:42 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?F??{ec44a244-2abb-11df-ab12-40618658d82c}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\F滋䱜{ec44a244-2abb-11df-ab12-40618658d82c}.TMContainer00000000000000000001.regtrans-ms
[2010.03.08 19:54:42 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?F??{ec44a248-2abb-11df-ab12-40618658d82c}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\F滋䱜{ec44a248-2abb-11df-ab12-40618658d82c}.TMContainer00000000000000000002.regtrans-ms
[2010.03.08 19:54:42 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?F??{ec44a248-2abb-11df-ab12-40618658d82c}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\F滋䱜{ec44a248-2abb-11df-ab12-40618658d82c}.TMContainer00000000000000000001.regtrans-ms
[2010.03.08 19:54:42 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?F??{ec44a244-2abb-11df-ab12-40618658d82c}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\F滋䱜{ec44a244-2abb-11df-ab12-40618658d82c}.TMContainer00000000000000000002.regtrans-ms
[2010.03.08 19:54:42 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?F??{ec44a244-2abb-11df-ab12-40618658d82c}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\F滋䱜{ec44a244-2abb-11df-ab12-40618658d82c}.TMContainer00000000000000000001.regtrans-ms
[2010.03.08 19:54:42 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?F??) -- C:\Windows\SysWow64\F滋䱜
[2010.03.08 19:54:42 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?F??{ec44a248-2abb-11df-ab12-40618658d82c}.TM.blf) -- C:\Windows\SysWow64\F滋䱜{ec44a248-2abb-11df-ab12-40618658d82c}.TM.blf
[2010.03.08 19:54:42 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?F??{ec44a244-2abb-11df-ab12-40618658d82c}.TM.blf) -- C:\Windows\SysWow64\F滋䱜{ec44a244-2abb-11df-ab12-40618658d82c}.TM.blf
[2010.03.08 19:54:42 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?F??{ec44a248-2abb-11df-ab12-40618658d82c}.TM.blf) -- C:\Windows\SysWow64\F滋䱜{ec44a248-2abb-11df-ab12-40618658d82c}.TM.blf
[2010.03.08 19:54:42 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?F??{ec44a244-2abb-11df-ab12-40618658d82c}.TM.blf) -- C:\Windows\SysWow64\F滋䱜{ec44a244-2abb-11df-ab12-40618658d82c}.TM.blf
[2010.03.08 19:54:42 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?F??.LOG1) -- C:\Windows\SysWow64\F滋䱜.LOG1
[2010.03.08 19:54:42 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?F??.LOG2) -- C:\Windows\SysWow64\F滋䱜.LOG2
[2010.03.08 19:54:42 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?F??.LOG2) -- C:\Windows\SysWow64\F滋䱜.LOG2
< End of report >
Habe mich nun dazu entschieden, meinen Computer einfach mal zu formatieren, wird wohl generell das Beste für ihn sein. ;)
Gibt es irgendeinen Tipp, wie ich die Datensicherung mit einer externen Festplatte am sichersten gestalte? Nicht, dass ich später noch jegliche schädliche Software auf der Externen habe :wtf: |
