Google/rocketnews.com Problem
Hallo zusammen,
hab hier einen Rechner von einem Nachbarn, der das gleiche Problem wie bei folgenden Threats hat: http://www.trojaner-board.de/116423-...ocketnews.html http://www.trojaner-board.de/117703-...ocketnews.html http://www.trojaner-board.de/117623-...gebnissen.html
Hier 2 Logs von
-Malwarebytes (Quickscan mit Fund) Code:
Malwarebytes Anti-Malware (Test) 1.61.0.1400
www.malwarebytes.org
Datenbank Version: v2012.06.26.07
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
Horst Falch :: ZUHAUSE [Administrator]
Schutz: Aktiviert
26.06.2012 19:44:46
mbam-log-2012-06-26 (19-44-46).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 205065
Laufzeit: 3 Minute(n), 53 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 1
C:\winstackxx.exe (Trojan.SpyEyes.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
Infizierte Dateien: 1
C:\winstackxx.exe\config.bin (Trojan.SpyEyes.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
(Ende)
-Malwarebytes (anschließender Fullscan ohne Fund) Code:
Malwarebytes Anti-Malware (Test) 1.61.0.1400
www.malwarebytes.org
Datenbank Version: v2012.06.26.07
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
Horst Falch :: ZUHAUSE [Administrator]
Schutz: Aktiviert
26.06.2012 21:22:03
mbam-log-2012-06-26 (21-22-03).txt
Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 346320
Laufzeit: 58 Minute(n), 38 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)
(Ende)
Ein Log von TDSSKiller (mit 1 Fund; bisher nicht behoben) Code:
21:16:24.0094 3204 TDSS rootkit removing tool 2.7.42.0 Jun 25 2012 21:18:44
21:16:24.0125 3204 ============================================================
21:16:24.0125 3204 Current date / time: 2012/06/26 21:16:24.0125
21:16:24.0125 3204 SystemInfo:
21:16:24.0125 3204
21:16:24.0125 3204 OS Version: 6.1.7601 ServicePack: 1.0
21:16:24.0125 3204 Product type: Workstation
21:16:24.0125 3204 ComputerName: ZUHAUSE
21:16:24.0125 3204 UserName: Horst Falch
21:16:24.0125 3204 Windows directory: C:\Windows
21:16:24.0125 3204 System windows directory: C:\Windows
21:16:24.0125 3204 Processor architecture: Intel x86
21:16:24.0125 3204 Number of processors: 4
21:16:24.0125 3204 Page size: 0x1000
21:16:24.0125 3204 Boot type: Normal boot
21:16:24.0125 3204 ============================================================
21:16:24.0608 3204 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:16:24.0640 3204 Drive \Device\Harddisk4\DR8 - Size: 0x7DDBFE00 (1.97 Gb), SectorSize: 0x200, Cylinders: 0x100, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:16:24.0640 3204 ============================================================
21:16:24.0640 3204 \Device\Harddisk0\DR0:
21:16:24.0640 3204 MBR partitions:
21:16:24.0640 3204 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:16:24.0640 3204 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x71CD3000
21:16:24.0640 3204 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x71D05800, BlocksNum 0x2800000
21:16:24.0640 3204 \Device\Harddisk4\DR8:
21:16:24.0640 3204 MBR partitions:
21:16:24.0640 3204 ============================================================
21:16:24.0671 3204 C: <-> \Device\Harddisk0\DR0\Partition1
21:16:24.0718 3204 D: <-> \Device\Harddisk0\DR0\Partition2
21:16:24.0718 3204 ============================================================
21:16:24.0718 3204 Initialize success
21:16:24.0718 3204 ============================================================
21:16:31.0940 3700 ============================================================
21:16:31.0940 3700 Scan started
21:16:31.0940 3700 Mode: Manual; SigCheck; TDLFS;
21:16:31.0940 3700 ============================================================
21:16:32.0268 3700 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\drivers\1394ohci.sys
21:16:32.0330 3700 1394ohci - ok
21:16:32.0471 3700 ABBYY.Licensing.FineReader.Sprint.9.0 (b33cf4de909a5b30f526d82053a63c8e) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
21:16:32.0502 3700 ABBYY.Licensing.FineReader.Sprint.9.0 - ok
21:16:32.0564 3700 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
21:16:32.0580 3700 ACPI - ok
21:16:32.0611 3700 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
21:16:32.0689 3700 AcpiPmi - ok
21:16:32.0767 3700 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:16:32.0783 3700 AdobeFlashPlayerUpdateSvc - ok
21:16:32.0861 3700 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
21:16:32.0908 3700 adp94xx - ok
21:16:32.0970 3700 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
21:16:33.0017 3700 adpahci - ok
21:16:33.0048 3700 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
21:16:33.0064 3700 adpu320 - ok
21:16:33.0095 3700 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
21:16:33.0126 3700 AeLookupSvc - ok
21:16:33.0173 3700 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
21:16:33.0266 3700 AFD - ok
21:16:33.0282 3700 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
21:16:33.0298 3700 agp440 - ok
21:16:33.0329 3700 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
21:16:33.0344 3700 aic78xx - ok
21:16:33.0376 3700 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
21:16:33.0422 3700 ALG - ok
21:16:33.0422 3700 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
21:16:33.0438 3700 aliide - ok
21:16:33.0454 3700 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
21:16:33.0469 3700 amdagp - ok
21:16:33.0485 3700 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
21:16:33.0500 3700 amdide - ok
21:16:33.0516 3700 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
21:16:33.0547 3700 AmdK8 - ok
21:16:33.0563 3700 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
21:16:33.0594 3700 AmdPPM - ok
21:16:33.0641 3700 amdsata (e7f4d42d8076ec60e21715cd11743a0d) C:\Windows\system32\drivers\amdsata.sys
21:16:33.0656 3700 amdsata - ok
21:16:33.0688 3700 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
21:16:33.0719 3700 amdsbs - ok
21:16:33.0734 3700 amdxata (146459d2b08bfdcbfa856d9947043c81) C:\Windows\system32\drivers\amdxata.sys
21:16:33.0750 3700 amdxata - ok
21:16:33.0812 3700 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files\Avira\AntiVir Desktop\sched.exe
21:16:33.0828 3700 AntiVirSchedulerService - ok
21:16:33.0859 3700 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
21:16:33.0890 3700 AntiVirService - ok
21:16:33.0922 3700 AntiVirWebService (676894fa57b671fec5c3f05f8929e03b) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
21:16:33.0953 3700 AntiVirWebService - ok
21:16:33.0984 3700 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
21:16:34.0093 3700 AppID - ok
21:16:34.0109 3700 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
21:16:34.0156 3700 AppIDSvc - ok
21:16:34.0171 3700 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
21:16:34.0234 3700 Appinfo - ok
21:16:34.0265 3700 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
21:16:34.0280 3700 arc - ok
21:16:34.0312 3700 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
21:16:34.0327 3700 arcsas - ok
21:16:34.0374 3700 aspnet_state (39cdcb109bf200cc8a05b9c7e6272d11) C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
21:16:34.0390 3700 aspnet_state - ok
21:16:34.0390 3700 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
21:16:34.0514 3700 AsyncMac - ok
21:16:34.0577 3700 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
21:16:34.0592 3700 atapi - ok
21:16:34.0655 3700 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
21:16:34.0733 3700 AudioEndpointBuilder - ok
21:16:34.0748 3700 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
21:16:34.0764 3700 Audiosrv - ok
21:16:34.0795 3700 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
21:16:34.0826 3700 avgntflt - ok
21:16:34.0858 3700 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
21:16:34.0873 3700 avipbb - ok
21:16:34.0873 3700 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
21:16:34.0889 3700 avkmgr - ok
21:16:34.0920 3700 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
21:16:34.0998 3700 AxInstSV - ok
21:16:35.0029 3700 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
21:16:35.0092 3700 b06bdrv - ok
21:16:35.0123 3700 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
21:16:35.0154 3700 b57nd60x - ok
21:16:35.0248 3700 BBSvc (483f1162eeebd10bf77fbb32db963370) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
21:16:35.0263 3700 BBSvc - ok
21:16:35.0310 3700 BBUpdate (78779ee07231c658b483b1f38b5088df) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
21:16:35.0341 3700 BBUpdate - ok
21:16:35.0388 3700 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
21:16:35.0450 3700 BDESVC - ok
21:16:35.0466 3700 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
21:16:35.0528 3700 Beep - ok
21:16:35.0591 3700 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
21:16:35.0622 3700 BFE - ok
21:16:35.0684 3700 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
21:16:35.0747 3700 BITS - ok
21:16:35.0778 3700 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
21:16:35.0809 3700 blbdrive - ok
21:16:35.0965 3700 Bonjour Service (a065f048e9e23e6c026a7bb548d126a7) C:\Program Files\Bonjour\mDNSResponder.exe
21:16:35.0981 3700 Bonjour Service - ok
21:16:36.0012 3700 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
21:16:36.0059 3700 bowser - ok
21:16:36.0074 3700 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:16:36.0152 3700 BrFiltLo - ok
21:16:36.0168 3700 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:16:36.0199 3700 BrFiltUp - ok
21:16:36.0230 3700 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
21:16:36.0293 3700 Browser - ok
21:16:36.0324 3700 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
21:16:36.0355 3700 Brserid - ok
21:16:36.0371 3700 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
21:16:36.0386 3700 BrSerWdm - ok
21:16:36.0402 3700 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:16:36.0449 3700 BrUsbMdm - ok
21:16:36.0464 3700 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
21:16:36.0480 3700 BrUsbSer - ok
21:16:36.0480 3700 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
21:16:36.0527 3700 BTHMODEM - ok
21:16:36.0542 3700 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
21:16:36.0605 3700 bthserv - ok
21:16:36.0620 3700 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
21:16:36.0667 3700 cdfs - ok
21:16:36.0698 3700 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
21:16:36.0730 3700 cdrom - ok
21:16:36.0761 3700 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
21:16:36.0808 3700 CertPropSvc - ok
21:16:36.0839 3700 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
21:16:36.0854 3700 circlass - ok
21:16:36.0886 3700 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
21:16:36.0901 3700 CLFS - ok
21:16:36.0948 3700 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:16:36.0964 3700 clr_optimization_v2.0.50727_32 - ok
21:16:36.0979 3700 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
21:16:37.0010 3700 CmBatt - ok
21:16:37.0026 3700 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
21:16:37.0042 3700 cmdide - ok
21:16:37.0073 3700 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
21:16:37.0120 3700 CNG - ok
21:16:37.0120 3700 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
21:16:37.0135 3700 Compbatt - ok
21:16:37.0182 3700 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
21:16:37.0213 3700 CompositeBus - ok
21:16:37.0229 3700 COMSysApp - ok
21:16:37.0244 3700 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
21:16:37.0260 3700 crcdisk - ok
21:16:37.0291 3700 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
21:16:37.0338 3700 CryptSvc - ok
21:16:37.0369 3700 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
21:16:37.0416 3700 DcomLaunch - ok
21:16:37.0447 3700 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
21:16:37.0478 3700 defragsvc - ok
21:16:37.0510 3700 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
21:16:37.0556 3700 DfsC - ok
21:16:37.0619 3700 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
21:16:37.0650 3700 Dhcp - ok
21:16:37.0666 3700 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
21:16:37.0697 3700 discache - ok
21:16:37.0712 3700 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
21:16:37.0712 3700 Disk - ok
21:16:37.0744 3700 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
21:16:37.0775 3700 Dnscache - ok
21:16:37.0806 3700 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
21:16:37.0853 3700 dot3svc - ok
21:16:37.0884 3700 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
21:16:37.0915 3700 DPS - ok
21:16:37.0962 3700 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
21:16:37.0993 3700 drmkaud - ok
21:16:38.0056 3700 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
21:16:38.0087 3700 DXGKrnl - ok
21:16:38.0118 3700 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
21:16:38.0149 3700 EapHost - ok
21:16:38.0321 3700 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
21:16:38.0508 3700 ebdrv - ok
21:16:38.0617 3700 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
21:16:38.0648 3700 EFS - ok
21:16:38.0711 3700 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
21:16:38.0804 3700 ehRecvr - ok
21:16:38.0836 3700 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
21:16:38.0867 3700 ehSched - ok
21:16:38.0929 3700 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
21:16:38.0976 3700 elxstor - ok
21:16:38.0992 3700 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
21:16:39.0023 3700 ErrDev - ok
21:16:39.0070 3700 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
21:16:39.0116 3700 EventSystem - ok
21:16:39.0148 3700 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
21:16:39.0210 3700 exfat - ok
21:16:39.0272 3700 Fabs - ok
21:16:39.0304 3700 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
21:16:39.0335 3700 fastfat - ok
21:16:39.0413 3700 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
21:16:39.0444 3700 Fax - ok
21:16:39.0460 3700 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
21:16:39.0491 3700 fdc - ok
21:16:39.0506 3700 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
21:16:39.0553 3700 fdPHost - ok
21:16:39.0584 3700 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
21:16:39.0631 3700 FDResPub - ok
21:16:39.0647 3700 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
21:16:39.0678 3700 FileInfo - ok
21:16:39.0740 3700 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
21:16:39.0787 3700 Filetrace - ok
21:16:39.0943 3700 FirebirdServerMAGIXInstance (fff1130f7c9fa01d093a1edfc5cce8fc) C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
21:16:40.0115 3700 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
21:16:40.0115 3700 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
21:16:40.0193 3700 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
21:16:40.0224 3700 flpydisk - ok
21:16:40.0255 3700 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
21:16:40.0302 3700 FltMgr - ok
21:16:40.0380 3700 FontCache (fa6c66e4364d7da57aade5dcc03bb999) C:\Windows\system32\FntCache.dll
21:16:40.0427 3700 FontCache - ok
21:16:40.0474 3700 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:16:40.0505 3700 FontCache3.0.0.0 - ok
21:16:40.0520 3700 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
21:16:40.0536 3700 FsDepends - ok
21:16:40.0567 3700 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
21:16:40.0598 3700 Fs_Rec - ok
21:16:40.0630 3700 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
21:16:40.0645 3700 fvevol - ok
21:16:40.0692 3700 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
21:16:40.0723 3700 gagp30kx - ok
21:16:40.0786 3700 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
21:16:40.0848 3700 gpsvc - ok
21:16:40.0926 3700 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
21:16:40.0942 3700 gupdate - ok
21:16:40.0957 3700 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
21:16:40.0973 3700 gupdatem - ok
21:16:40.0988 3700 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
21:16:41.0051 3700 hcw85cir - ok
21:16:41.0113 3700 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
21:16:41.0176 3700 HdAudAddService - ok
21:16:41.0207 3700 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
21:16:41.0254 3700 HDAudBus - ok
21:16:41.0269 3700 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
21:16:41.0285 3700 HidBatt - ok
21:16:41.0316 3700 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
21:16:41.0363 3700 HidBth - ok
21:16:41.0378 3700 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
21:16:41.0410 3700 HidIr - ok
21:16:41.0425 3700 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
21:16:41.0472 3700 hidserv - ok
21:16:41.0472 3700 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
21:16:41.0503 3700 HidUsb - ok
21:16:41.0519 3700 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
21:16:41.0566 3700 hkmsvc - ok
21:16:41.0612 3700 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
21:16:41.0659 3700 HomeGroupListener - ok
21:16:41.0690 3700 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
21:16:41.0722 3700 HomeGroupProvider - ok
21:16:41.0737 3700 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
21:16:41.0753 3700 HpSAMD - ok
21:16:41.0784 3700 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
21:16:41.0831 3700 HTTP - ok
21:16:41.0878 3700 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
21:16:41.0878 3700 hwpolicy - ok
21:16:41.0893 3700 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
21:16:41.0924 3700 i8042prt - ok
21:16:41.0956 3700 iaStor (d5edb998656e6ecf1a17c78dab019a3c) C:\Windows\system32\DRIVERS\iaStor.sys
21:16:41.0971 3700 iaStor - ok
21:16:42.0049 3700 IAStorDataMgrSvc (7493ea4de41348f7d3edbf9db298f56a) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
21:16:42.0065 3700 IAStorDataMgrSvc - ok
21:16:42.0096 3700 iaStorV (a3cae5d281db4cff7cff8233507ee5ad) C:\Windows\system32\drivers\iaStorV.sys
21:16:42.0143 3700 iaStorV - ok
21:16:42.0268 3700 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:16:42.0346 3700 idsvc - ok
21:16:42.0424 3700 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
21:16:42.0455 3700 iirsp - ok
21:16:42.0517 3700 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
21:16:42.0564 3700 IKEEXT - ok
21:16:42.0704 3700 IntcAzAudAddService (3914ea9111dbeffaf1c68200817768ad) C:\Windows\system32\drivers\RTKVHDA.sys
21:16:42.0782 3700 IntcAzAudAddService - ok
21:16:42.0860 3700 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
21:16:42.0876 3700 intelide - ok
21:16:42.0923 3700 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
21:16:42.0938 3700 intelppm - ok
21:16:42.0954 3700 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
21:16:43.0032 3700 IPBusEnum - ok
21:16:43.0048 3700 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:16:43.0094 3700 IpFilterDriver - ok
21:16:43.0157 3700 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
21:16:43.0204 3700 iphlpsvc - ok
21:16:43.0219 3700 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
21:16:43.0250 3700 IPMIDRV - ok
21:16:43.0266 3700 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
21:16:43.0328 3700 IPNAT - ok
21:16:43.0344 3700 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
21:16:43.0360 3700 IRENUM - ok
21:16:43.0391 3700 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
21:16:43.0406 3700 isapnp - ok
21:16:43.0469 3700 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
21:16:43.0500 3700 iScsiPrt - ok
21:16:43.0531 3700 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
21:16:43.0547 3700 kbdclass - ok
21:16:43.0578 3700 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
21:16:43.0578 3700 kbdhid - ok
21:16:43.0594 3700 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
21:16:43.0594 3700 KeyIso - ok
21:16:43.0609 3700 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
21:16:43.0625 3700 KSecDD - ok
21:16:43.0656 3700 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
21:16:43.0672 3700 KSecPkg - ok
21:16:43.0718 3700 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
21:16:43.0750 3700 KtmRm - ok
21:16:43.0781 3700 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
21:16:43.0812 3700 LanmanServer - ok
21:16:43.0843 3700 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
21:16:43.0874 3700 LanmanWorkstation - ok
21:16:43.0906 3700 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
21:16:43.0937 3700 lltdio - ok
21:16:43.0968 3700 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
21:16:43.0999 3700 lltdsvc - ok
21:16:44.0015 3700 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
21:16:44.0046 3700 lmhosts - ok
21:16:44.0077 3700 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
21:16:44.0093 3700 LSI_FC - ok
21:16:44.0108 3700 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
21:16:44.0124 3700 LSI_SAS - ok
21:16:44.0124 3700 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:16:44.0140 3700 LSI_SAS2 - ok
21:16:44.0171 3700 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:16:44.0186 3700 LSI_SCSI - ok
21:16:44.0202 3700 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
21:16:44.0233 3700 luafv - ok
21:16:44.0249 3700 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
21:16:44.0264 3700 MBAMProtector - ok
21:16:44.0374 3700 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
21:16:44.0389 3700 MBAMService - ok
21:16:44.0420 3700 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
21:16:44.0436 3700 Mcx2Svc - ok
21:16:44.0452 3700 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
21:16:44.0467 3700 megasas - ok
21:16:44.0498 3700 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
21:16:44.0514 3700 MegaSR - ok
21:16:44.0545 3700 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
21:16:44.0592 3700 MMCSS - ok
21:16:44.0608 3700 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
21:16:44.0654 3700 Modem - ok
21:16:44.0670 3700 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
21:16:44.0701 3700 monitor - ok
21:16:44.0748 3700 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
21:16:44.0764 3700 mouclass - ok
21:16:44.0810 3700 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
21:16:44.0842 3700 mouhid - ok
21:16:44.0857 3700 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
21:16:44.0888 3700 mountmgr - ok
21:16:44.0935 3700 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:16:44.0951 3700 MozillaMaintenance - ok
21:16:44.0982 3700 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
21:16:44.0998 3700 mpio - ok
21:16:45.0013 3700 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
21:16:45.0060 3700 mpsdrv - ok
21:16:45.0107 3700 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
21:16:45.0185 3700 MpsSvc - ok
21:16:45.0216 3700 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
21:16:45.0247 3700 MRxDAV - ok
21:16:45.0263 3700 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:16:45.0310 3700 mrxsmb - ok
21:16:45.0356 3700 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:16:45.0388 3700 mrxsmb10 - ok
21:16:45.0403 3700 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:16:45.0450 3700 mrxsmb20 - ok
21:16:45.0466 3700 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
21:16:45.0481 3700 msahci - ok
21:16:45.0512 3700 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
21:16:45.0544 3700 msdsm - ok
21:16:45.0575 3700 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
21:16:45.0622 3700 MSDTC - ok
21:16:45.0637 3700 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
21:16:45.0700 3700 Msfs - ok
21:16:45.0715 3700 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
21:16:45.0762 3700 mshidkmdf - ok
21:16:45.0778 3700 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
21:16:45.0793 3700 msisadrv - ok
21:16:45.0824 3700 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
21:16:45.0856 3700 MSiSCSI - ok
21:16:45.0856 3700 msiserver - ok
21:16:45.0871 3700 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
21:16:45.0902 3700 MSKSSRV - ok
21:16:45.0918 3700 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
21:16:45.0980 3700 MSPCLOCK - ok
21:16:45.0996 3700 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
21:16:46.0043 3700 MSPQM - ok
21:16:46.0058 3700 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
21:16:46.0090 3700 MsRPC - ok
21:16:46.0090 3700 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
21:16:46.0105 3700 mssmbios - ok
21:16:46.0105 3700 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
21:16:46.0136 3700 MSTEE - ok
21:16:46.0168 3700 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
21:16:46.0183 3700 MTConfig - ok
21:16:46.0199 3700 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
21:16:46.0214 3700 Mup - ok
21:16:46.0261 3700 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
21:16:46.0292 3700 napagent - ok
21:16:46.0339 3700 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
21:16:46.0386 3700 NativeWifiP - ok
21:16:46.0464 3700 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
21:16:46.0480 3700 NDIS - ok
21:16:46.0511 3700 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
21:16:46.0526 3700 NdisCap - ok
21:16:46.0542 3700 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
21:16:46.0573 3700 NdisTapi - ok
21:16:46.0604 3700 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
21:16:46.0636 3700 Ndisuio - ok
21:16:46.0682 3700 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
21:16:46.0745 3700 NdisWan - ok
21:16:46.0760 3700 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
21:16:46.0792 3700 NDProxy - ok
21:16:46.0807 3700 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
21:16:46.0838 3700 NetBIOS - ok
21:16:46.0870 3700 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
21:16:46.0932 3700 NetBT - ok
21:16:46.0948 3700 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
21:16:46.0963 3700 Netlogon - ok
21:16:47.0026 3700 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
21:16:47.0088 3700 Netman - ok
21:16:47.0104 3700 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
21:16:47.0135 3700 netprofm - ok
21:16:47.0213 3700 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:16:47.0244 3700 NetTcpPortSharing - ok
21:16:47.0291 3700 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
21:16:47.0306 3700 nfrd960 - ok
21:16:47.0338 3700 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
21:16:47.0369 3700 NlaSvc - ok
21:16:47.0384 3700 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
21:16:47.0416 3700 Npfs - ok
21:16:47.0416 3700 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
21:16:47.0447 3700 nsi - ok
21:16:47.0462 3700 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
21:16:47.0478 3700 nsiproxy - ok
21:16:47.0587 3700 Ntfs (33c3093d09017cfe2e219f2472bff6eb) C:\Windows\system32\drivers\Ntfs.sys
21:16:47.0634 3700 Ntfs - ok
21:16:47.0743 3700 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
21:16:47.0790 3700 Null - ok
21:16:47.0821 3700 NVHDA (8571011b62ce0207fa1dc95d88308f1d) C:\Windows\system32\drivers\nvhda32v.sys
21:16:47.0837 3700 NVHDA - ok
21:16:48.0274 3700 nvlddmkm (19f5c4949b2e4cbd2e95b8ecdfc84d25) C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:16:48.0664 3700 nvlddmkm - ok
21:16:48.0742 3700 nvraid (af2eec9580c1d32fb7eaf105d9784061) C:\Windows\system32\drivers\nvraid.sys
21:16:48.0773 3700 nvraid - ok
21:16:48.0788 3700 nvstor (9283c58ebaa2618f93482eb5dabcec82) C:\Windows\system32\drivers\nvstor.sys
21:16:48.0820 3700 nvstor - ok
21:16:48.0866 3700 nvsvc (7a68320fa236ed0479eff93540391568) C:\Windows\system32\nvvsvc.exe
21:16:48.0866 3700 nvsvc - ok
21:16:48.0882 3700 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
21:16:48.0913 3700 nv_agp - ok
21:16:48.0991 3700 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:16:49.0038 3700 odserv - ok
21:16:49.0069 3700 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
21:16:49.0100 3700 ohci1394 - ok
21:16:49.0163 3700 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:16:49.0194 3700 ose - ok
21:16:49.0225 3700 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
21:16:49.0272 3700 p2pimsvc - ok
21:16:49.0319 3700 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
21:16:49.0350 3700 p2psvc - ok
21:16:49.0381 3700 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
21:16:49.0428 3700 Parport - ok
21:16:49.0459 3700 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
21:16:49.0475 3700 partmgr - ok
21:16:49.0490 3700 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
21:16:49.0522 3700 Parvdm - ok
21:16:49.0537 3700 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
21:16:49.0553 3700 PcaSvc - ok
21:16:49.0600 3700 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
21:16:49.0631 3700 pci - ok
21:16:49.0662 3700 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
21:16:49.0678 3700 pciide - ok
21:16:49.0693 3700 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
21:16:49.0724 3700 pcmcia - ok
21:16:49.0771 3700 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
21:16:49.0787 3700 pcw - ok
21:16:49.0818 3700 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
21:16:49.0912 3700 PEAUTH - ok
21:16:50.0021 3700 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
21:16:50.0083 3700 pla - ok
21:16:50.0177 3700 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
21:16:50.0239 3700 PlugPlay - ok
21:16:50.0255 3700 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
21:16:50.0270 3700 PNRPAutoReg - ok
21:16:50.0286 3700 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
21:16:50.0302 3700 PNRPsvc - ok
21:16:50.0348 3700 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
21:16:50.0395 3700 PolicyAgent - ok
21:16:50.0426 3700 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
21:16:50.0458 3700 Power - ok
21:16:50.0489 3700 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
21:16:50.0520 3700 PptpMiniport - ok
21:16:50.0536 3700 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
21:16:50.0567 3700 Processor - ok
21:16:50.0614 3700 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
21:16:50.0676 3700 ProfSvc - ok
21:16:50.0692 3700 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
21:16:50.0707 3700 ProtectedStorage - ok
21:16:50.0738 3700 ProtexisLicensing (f115af58abe5605d7d709cbfbd83f418) C:\Windows\system32\PSIService.exe
21:16:50.0738 3700 ProtexisLicensing - ok
21:16:50.0785 3700 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
21:16:50.0832 3700 Psched - ok
21:16:50.0926 3700 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
21:16:51.0004 3700 ql2300 - ok
21:16:51.0082 3700 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
21:16:51.0113 3700 ql40xx - ok
21:16:51.0144 3700 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
21:16:51.0160 3700 QWAVE - ok
21:16:51.0175 3700 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
21:16:51.0191 3700 QWAVEdrv - ok
21:16:51.0206 3700 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
21:16:51.0238 3700 RasAcd - ok
21:16:51.0253 3700 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:16:51.0284 3700 RasAgileVpn - ok
21:16:51.0300 3700 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
21:16:51.0316 3700 RasAuto - ok
21:16:51.0331 3700 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:16:51.0378 3700 Rasl2tp - ok
21:16:51.0409 3700 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
21:16:51.0456 3700 RasMan - ok
21:16:51.0472 3700 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
21:16:51.0518 3700 RasPppoe - ok
21:16:51.0550 3700 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
21:16:51.0596 3700 RasSstp - ok
21:16:51.0628 3700 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
21:16:51.0674 3700 rdbss - ok
21:16:51.0690 3700 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
21:16:51.0706 3700 rdpbus - ok
21:16:51.0737 3700 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:16:51.0784 3700 RDPCDD - ok
21:16:51.0799 3700 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
21:16:51.0830 3700 RDPENCDD - ok
21:16:51.0830 3700 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
21:16:51.0862 3700 RDPREFMP - ok
21:16:51.0893 3700 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
21:16:51.0955 3700 RDPWD - ok
21:16:52.0002 3700 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
21:16:52.0033 3700 rdyboost - ok
21:16:52.0064 3700 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
21:16:52.0111 3700 RemoteAccess - ok
21:16:52.0142 3700 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
21:16:52.0189 3700 RemoteRegistry - ok
21:16:52.0220 3700 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
21:16:52.0252 3700 RpcEptMapper - ok
21:16:52.0267 3700 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
21:16:52.0283 3700 RpcLocator - ok
21:16:52.0330 3700 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
21:16:52.0361 3700 RpcSs - ok
21:16:52.0392 3700 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
21:16:52.0408 3700 rspndr - ok
21:16:52.0470 3700 RTL8167 (06bd46be6141556125f89df738333720) C:\Windows\system32\DRIVERS\Rt86win7.sys
21:16:52.0501 3700 RTL8167 - ok
21:16:52.0564 3700 RTL8192su (51adef77e4c929535fd50da153774e79) C:\Windows\system32\DRIVERS\RTL8192su.sys
21:16:52.0626 3700 RTL8192su - ok
21:16:52.0657 3700 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
21:16:52.0673 3700 SamSs - ok
21:16:52.0704 3700 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
21:16:52.0720 3700 sbp2port - ok
21:16:52.0735 3700 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
21:16:52.0766 3700 SCardSvr - ok
21:16:52.0782 3700 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
21:16:52.0844 3700 scfilter - ok
21:16:52.0907 3700 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
21:16:52.0954 3700 Schedule - ok
21:16:52.0985 3700 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
21:16:53.0000 3700 SCPolicySvc - ok
21:16:53.0032 3700 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
21:16:53.0078 3700 SDRSVC - ok
21:16:53.0094 3700 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
21:16:53.0141 3700 secdrv - ok
21:16:53.0156 3700 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
21:16:53.0219 3700 seclogon - ok
21:16:53.0234 3700 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
21:16:53.0266 3700 SENS - ok
21:16:53.0281 3700 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
21:16:53.0344 3700 SensrSvc - ok
21:16:53.0359 3700 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
21:16:53.0390 3700 Serenum - ok
21:16:53.0437 3700 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
21:16:53.0453 3700 Serial - ok
21:16:53.0484 3700 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
21:16:53.0515 3700 sermouse - ok
21:16:53.0546 3700 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
21:16:53.0578 3700 SessionEnv - ok
21:16:53.0609 3700 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
21:16:53.0640 3700 sffdisk - ok
21:16:53.0656 3700 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
21:16:53.0671 3700 sffp_mmc - ok
21:16:53.0687 3700 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
21:16:53.0702 3700 sffp_sd - ok
21:16:53.0718 3700 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
21:16:53.0734 3700 sfloppy - ok
21:16:53.0780 3700 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
21:16:53.0827 3700 SharedAccess - ok
21:16:53.0858 3700 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
21:16:53.0890 3700 ShellHWDetection - ok
21:16:53.0921 3700 SipIMNDI - ok
21:16:53.0952 3700 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
21:16:53.0968 3700 sisagp - ok
21:16:53.0983 3700 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:16:53.0999 3700 SiSRaid2 - ok
21:16:54.0030 3700 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
21:16:54.0046 3700 SiSRaid4 - ok
21:16:54.0077 3700 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
21:16:54.0108 3700 Smb - ok
21:16:54.0108 3700 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
21:16:54.0124 3700 SNMPTRAP - ok
21:16:54.0139 3700 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
21:16:54.0155 3700 spldr - ok
21:16:54.0202 3700 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
21:16:54.0248 3700 Spooler - ok
21:16:54.0420 3700 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
21:16:54.0514 3700 sppsvc - ok
21:16:54.0654 3700 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
21:16:54.0701 3700 sppuinotify - ok
21:16:54.0779 3700 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
21:16:54.0826 3700 srv - ok
21:16:54.0857 3700 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
21:16:54.0904 3700 srv2 - ok
21:16:54.0904 3700 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
21:16:54.0919 3700 srvnet - ok
21:16:54.0950 3700 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
21:16:54.0982 3700 SSDPSRV - ok
21:16:55.0013 3700 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
21:16:55.0028 3700 ssmdrv - ok
21:16:55.0044 3700 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
21:16:55.0091 3700 SstpSvc - ok
21:16:55.0106 3700 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
21:16:55.0122 3700 stexstor - ok
21:16:55.0169 3700 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
21:16:55.0200 3700 StiSvc - ok
21:16:55.0200 3700 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
21:16:55.0216 3700 swenum - ok
21:16:55.0247 3700 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
21:16:55.0278 3700 swprv - ok
21:16:55.0356 3700 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
21:16:55.0372 3700 SysMain - ok
21:16:55.0418 3700 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
21:16:55.0450 3700 TabletInputService - ok
21:16:55.0496 3700 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
21:16:55.0528 3700 TapiSrv - ok
21:16:55.0543 3700 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
21:16:55.0590 3700 TBS - ok
21:16:55.0684 3700 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
21:16:55.0746 3700 Tcpip - ok
21:16:55.0871 3700 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
21:16:55.0902 3700 TCPIP6 - ok
21:16:55.0949 3700 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
21:16:56.0011 3700 tcpipreg - ok
21:16:56.0042 3700 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
21:16:56.0089 3700 TDPIPE - ok
21:16:56.0105 3700 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
21:16:56.0120 3700 TDTCP - ok
21:16:56.0152 3700 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
21:16:56.0183 3700 tdx - ok
21:16:56.0183 3700 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
21:16:56.0198 3700 TermDD - ok
21:16:56.0261 3700 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
21:16:56.0308 3700 TermService - ok
21:16:56.0308 3700 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
21:16:56.0323 3700 Themes - ok
21:16:56.0339 3700 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
21:16:56.0370 3700 THREADORDER - ok
21:16:56.0401 3700 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
21:16:56.0417 3700 TrkWks - ok
21:16:56.0464 3700 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
21:16:56.0526 3700 TrustedInstaller - ok
21:16:56.0557 3700 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:16:56.0573 3700 tssecsrv - ok
21:16:56.0604 3700 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
21:16:56.0635 3700 TsUsbFlt - ok
21:16:56.0682 3700 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
21:16:56.0744 3700 tunnel - ok
21:16:56.0776 3700 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
21:16:56.0791 3700 uagp35 - ok
21:16:56.0838 3700 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
21:16:56.0885 3700 udfs - ok
21:16:56.0900 3700 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
21:16:56.0916 3700 UI0Detect - ok
21:16:56.0932 3700 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
21:16:56.0932 3700 uliagpkx - ok
21:16:56.0963 3700 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
21:16:56.0978 3700 umbus - ok
21:16:57.0025 3700 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
21:16:57.0041 3700 UmPass - ok
21:16:57.0072 3700 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
21:16:57.0103 3700 upnphost - ok
21:16:57.0119 3700 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
21:16:57.0134 3700 usbccgp - ok
21:16:57.0166 3700 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
21:16:57.0197 3700 usbcir - ok
21:16:57.0197 3700 usbehci (cfbce999c057d78979a181c9c60f208e) C:\Windows\system32\drivers\usbehci.sys
21:16:57.0228 3700 usbehci - ok
21:16:57.0259 3700 usbhub (9d22aad9ac6a07c691a1113e5f860868) C:\Windows\system32\drivers\usbhub.sys
21:16:57.0290 3700 usbhub - ok
21:16:57.0306 3700 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\drivers\usbohci.sys
21:16:57.0337 3700 usbohci - ok
21:16:57.0368 3700 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
21:16:57.0400 3700 usbprint - ok
21:16:57.0431 3700 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
21:16:57.0446 3700 usbscan - ok
21:16:57.0462 3700 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:16:57.0493 3700 USBSTOR - ok
21:16:57.0524 3700 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\drivers\usbuhci.sys
21:16:57.0540 3700 usbuhci - ok
21:16:57.0540 3700 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
21:16:57.0571 3700 UxSms - ok
21:16:57.0602 3700 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
21:16:57.0618 3700 VaultSvc - ok
21:16:57.0618 3700 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
21:16:57.0634 3700 vdrvroot - ok
21:16:57.0680 3700 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
21:16:57.0743 3700 vds - ok
21:16:57.0758 3700 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
21:16:57.0774 3700 vga - ok
21:16:57.0790 3700 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
21:16:57.0805 3700 VgaSave - ok
21:16:57.0836 3700 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
21:16:57.0852 3700 vhdmp - ok
21:16:57.0883 3700 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
21:16:57.0899 3700 viaagp - ok
21:16:57.0914 3700 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
21:16:57.0930 3700 ViaC7 - ok
21:16:57.0946 3700 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
21:16:57.0946 3700 viaide - ok
21:16:57.0977 3700 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
21:16:57.0992 3700 volmgr - ok
21:16:58.0008 3700 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
21:16:58.0008 3700 volmgrx - ok
21:16:58.0039 3700 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
21:16:58.0055 3700 volsnap - ok
21:16:58.0070 3700 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
21:16:58.0086 3700 vsmraid - ok
21:16:58.0164 3700 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
21:16:58.0211 3700 VSS - ok
21:16:58.0226 3700 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
21:16:58.0258 3700 vwifibus - ok
21:16:58.0289 3700 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
21:16:58.0320 3700 vwififlt - ok
21:16:58.0351 3700 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
21:16:58.0382 3700 W32Time - ok
21:16:58.0398 3700 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
21:16:58.0414 3700 WacomPen - ok
21:16:58.0445 3700 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
21:16:58.0492 3700 WANARP - ok
21:16:58.0492 3700 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
21:16:58.0523 3700 Wanarpv6 - ok
21:16:58.0601 3700 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
21:16:58.0679 3700 wbengine - ok
21:16:58.0710 3700 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
21:16:58.0741 3700 WbioSrvc - ok
21:16:58.0757 3700 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
21:16:58.0804 3700 wcncsvc - ok
21:16:58.0819 3700 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
21:16:58.0850 3700 WcsPlugInService - ok
21:16:58.0897 3700 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
21:16:58.0913 3700 Wd - ok
21:16:58.0960 3700 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
21:16:59.0006 3700 Wdf01000 - ok
21:16:59.0022 3700 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
21:16:59.0084 3700 WdiServiceHost - ok
21:16:59.0084 3700 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
21:16:59.0116 3700 WdiSystemHost - ok
21:16:59.0147 3700 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
21:16:59.0178 3700 WebClient - ok
21:16:59.0209 3700 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
21:16:59.0240 3700 Wecsvc - ok
21:16:59.0256 3700 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
21:16:59.0287 3700 wercplsupport - ok
21:16:59.0318 3700 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
21:16:59.0350 3700 WerSvc - ok
21:16:59.0365 3700 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
21:16:59.0396 3700 WfpLwf - ok
21:16:59.0412 3700 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
21:16:59.0428 3700 WIMMount - ok
21:16:59.0506 3700 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
21:16:59.0552 3700 WinDefend - ok
21:16:59.0552 3700 WinHttpAutoProxySvc - ok
21:16:59.0615 3700 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
21:16:59.0708 3700 Winmgmt - ok
21:16:59.0771 3700 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
21:16:59.0833 3700 WinRM - ok
21:16:59.0911 3700 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
21:16:59.0942 3700 Wlansvc - ok
21:17:00.0114 3700 wlidsvc (d9250b31b353ee3322c1cad411997e38) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:17:00.0161 3700 wlidsvc - ok
21:17:00.0254 3700 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
21:17:00.0286 3700 WmiAcpi - ok
21:17:00.0317 3700 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
21:17:00.0332 3700 wmiApSrv - ok
21:17:00.0426 3700 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
21:17:00.0488 3700 WMPNetworkSvc - ok
21:17:00.0535 3700 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
21:17:00.0566 3700 WPCSvc - ok
21:17:00.0613 3700 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
21:17:00.0676 3700 WPDBusEnum - ok
21:17:00.0691 3700 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
21:17:00.0738 3700 ws2ifsl - ok
21:17:00.0769 3700 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
21:17:00.0785 3700 wscsvc - ok
21:17:00.0785 3700 WSearch - ok
21:17:00.0910 3700 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
21:17:00.0972 3700 wuauserv - ok
21:17:01.0034 3700 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
21:17:01.0097 3700 WudfPf - ok
21:17:01.0112 3700 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:17:01.0128 3700 WUDFRd - ok
21:17:01.0159 3700 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
21:17:01.0175 3700 wudfsvc - ok
21:17:01.0206 3700 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
21:17:01.0253 3700 WwanSvc - ok
21:17:01.0284 3700 MBR (0x1B8) (c79b30cb8852157f6f908e4698cfe0d0) \Device\Harddisk0\DR0
21:17:03.0624 3700 \Device\Harddisk0\DR0 - ok
21:17:03.0640 3700 MBR (0x1B8) (09c9d8ce5b6591cee5221ba76476bdf0) \Device\Harddisk4\DR8
21:17:08.0850 3700 \Device\Harddisk4\DR8 - ok
21:17:08.0866 3700 Boot (0x1200) (32e95ed9b9e62ab4f1dd17aa8b27a84c) \Device\Harddisk0\DR0\Partition0
21:17:08.0866 3700 \Device\Harddisk0\DR0\Partition0 - ok
21:17:08.0881 3700 Boot (0x1200) (568ccff13a57dd582e5ae8c4722b57b0) \Device\Harddisk0\DR0\Partition1
21:17:08.0881 3700 \Device\Harddisk0\DR0\Partition1 - ok
21:17:08.0912 3700 Boot (0x1200) (7c2d3ee2251e2dc9a7a223b94a914617) \Device\Harddisk0\DR0\Partition2
21:17:08.0912 3700 \Device\Harddisk0\DR0\Partition2 - ok
21:17:08.0912 3700 ============================================================
21:17:08.0912 3700 Scan finished
21:17:08.0912 3700 ============================================================
21:17:08.0928 3840 Detected object count: 1
21:17:08.0928 3840 Actual detected object count: 1
21:17:45.0541 3840 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
21:17:45.0541 3840 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
ein OTL-Scan mit Custom Scans "Scripts" aus dem ersten Thread, den ich verlinkt habe: (Bei Scanning FireFox Settings hängt das Tool mehrere Minuten); extras.txt wurde keine erstellt. Code:
OTL logfile created on: 26.06.2012 22:32:18 - Run 2
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\Horst Falch\Desktop\Rocketnews-Problem
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,99 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 62,49% Memory free
5,98 Gb Paging File | 4,78 Gb Available in Paging File | 79,94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 910,41 Gb Total Space | 878,78 Gb Free Space | 96,53% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 11,70 Gb Free Space | 58,48% Space Free | Partition Type: NTFS
Drive I: | 1,96 Gb Total Space | 1,96 Gb Free Space | 99,89% Space Free | Partition Type: FAT32
Computer Name: ZUHAUSE | User Name: Horst Falch | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.06.26 18:48:37 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Horst Falch\Desktop\Rocketnews-Problem\OTL.exe
PRC - [2012.05.29 17:25:52 | 001,564,880 | ---- | M] (Ask) -- C:\Programme\Ask.com\Updater\Updater.exe
PRC - [2012.05.09 23:28:57 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2012.05.09 23:28:57 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.09 23:28:57 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.09 23:28:57 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.09 23:28:57 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.06.24 06:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011.03.10 20:57:04 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.05.21 01:52:06 | 011,312,128 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.bin
PRC - [2010.05.21 01:52:04 | 011,318,784 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.exe
PRC - [2009.12.03 10:12:12 | 000,976,320 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Programme\Epson Software\Event Manager\EEventManager.exe
PRC - [2009.10.02 14:26:12 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009.10.02 14:26:10 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009.09.14 09:00:00 | 000,200,704 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FATIGGE.EXE
PRC - [2009.06.03 21:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Programme\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009.05.14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Programme\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
PRC - [2009.03.30 17:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009.03.30 17:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.02.03 15:53:00 | 001,155,072 | ---- | M] (MAGIX AG) -- C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2007.06.05 14:20:32 | 000,177,704 | ---- | M] () -- C:\Windows\System32\PSIService.exe
========== Modules (No Company Name) ==========
MOD - [2012.06.13 13:53:16 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012.06.13 13:53:11 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012.05.12 18:08:02 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012.05.12 18:07:24 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012.05.12 18:07:18 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012.05.12 18:07:15 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012.05.12 18:07:14 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.05.12 18:07:09 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2010.11.13 02:02:21 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.05.04 16:36:28 | 000,970,752 | ---- | M] () -- C:\Programme\OpenOffice.org 3\program\libxml2.dll
MOD - [2009.06.03 21:59:14 | 000,013,096 | ---- | M] () -- C:\Programme\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009.06.03 21:59:02 | 000,619,816 | ---- | M] () -- C:\Programme\CyberLink\Power2Go\CLMediaLibrary.dll
========== Win32 Services (SafeList) ==========
SRV - [2012.06.23 14:09:18 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.06.23 10:09:32 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.09 23:28:57 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012.05.09 23:28:57 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.09 23:28:57 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.07.20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011.05.26 14:34:34 | 000,191,752 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Programme\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.03.10 20:57:04 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2009.10.02 14:26:12 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.05.14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Programme\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
SRV - [2009.03.30 17:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.02.03 15:53:00 | 001,155,072 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2008.08.07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2007.06.05 14:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)
SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SipIMNDI.sys -- (SipIMNDI)
DRV - [2012.05.09 23:28:57 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.05.09 23:28:57 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.09.16 17:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2009.11.21 04:34:54 | 011,515,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009.11.12 06:14:28 | 000,066,664 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009.10.08 17:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.09.22 15:34:44 | 000,579,072 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8192su.sys -- (RTL8192su)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-893424397-1668057907-3998358512-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
IE - HKU\S-1-5-21-893424397-1668057907-3998358512-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com [binary data]
IE - HKU\S-1-5-21-893424397-1668057907-3998358512-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-893424397-1668057907-3998358512-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://medion.msn.com [binary data]
IE - HKU\S-1-5-21-893424397-1668057907-3998358512-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
IE - HKU\S-1-5-21-893424397-1668057907-3998358512-1000\..\SearchScopes,DefaultScope = {2DA5029E-FBEA-4A02-8064-1006701CC60F}
IE - HKU\S-1-5-21-893424397-1668057907-3998358512-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-893424397-1668057907-3998358512-1000\..\SearchScopes\{2DA5029E-FBEA-4A02-8064-1006701CC60F}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
IE - HKU\S-1-5-21-893424397-1668057907-3998358512-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-893424397-1668057907-3998358512-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p="
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "hxxp://de.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:de:official"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.23 10:09:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.12 11:45:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.23 10:09:33 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.12 11:45:48 | 000,000,000 | ---D | M]
[2010.05.18 15:03:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Horst Falch\AppData\Roaming\mozilla\Extensions
[2012.05.18 14:36:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Horst Falch\AppData\Roaming\mozilla\Firefox\Profiles\lv6qbu68.default\extensions
[2012.05.18 14:36:07 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Horst Falch\AppData\Roaming\mozilla\Firefox\Profiles\lv6qbu68.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012.06.16 11:20:25 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus Web Protection) -- C:\Users\Horst Falch\AppData\Roaming\mozilla\Firefox\Profiles\lv6qbu68.default\extensions\toolbar@ask.com
[2012.04.17 21:34:37 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.06.23 10:09:33 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.03.23 20:11:53 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.06.23 10:09:31 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.23 10:09:31 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.06.23 10:09:31 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.23 10:09:31 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.23 10:09:31 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.23 10:09:31 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google ()
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-893424397-1668057907-3998358512-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-893424397-1668057907-3998358512-1000\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-893424397-1668057907-3998358512-1000\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [IAStorIcon] C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-21-893424397-1668057907-3998358512-1000..\Run: [EPSON SX125 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIGGE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-893424397-1668057907-3998358512-1000..\Run: [MPATEN] C:\Users\Horst Falch\AppData\Roaming\ReAgentb.dll (Pgzkjbihy Onhugpjxhnm)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Horst Falch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} hxxp://download.microsoft.com/download/7/4/9/749b0dc5-2175-4d5b-a6dd-9c4bc923683e/Selfhelpcontrol.cab (Microsoft Genuine Advantage Self Support Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{680700B6-0399-4F4F-BAA3-E06032E8987E}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{f2b1107a-7489-11df-9fc1-4061867ecbba}\Shell - "" = AutoRun
O33 - MountPoints2\{f2b1107a-7489-11df-9fc1-4061867ecbba}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012.06.26 21:00:55 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
[2012.06.26 20:07:14 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.06.26 18:52:55 | 000,000,000 | ---D | C] -- C:\Users\Horst Falch\AppData\Roaming\Malwarebytes
[2012.06.26 18:52:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.06.26 18:52:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.06.26 18:52:43 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.06.26 18:52:43 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.06.26 18:42:21 | 000,000,000 | ---D | C] -- C:\Users\Horst Falch\Desktop\Rocketnews-Problem
[2012.06.16 12:33:51 | 000,155,648 | RHS- | C] (Pgzkjbihy Onhugpjxhnm) -- C:\Users\Horst Falch\AppData\Roaming\ReAgentb.dll
[2012.06.10 19:31:53 | 000,000,000 | ---D | C] -- C:\Users\Horst Falch\AppData\Local\Macromedia
========== Files - Modified Within 30 Days ==========
[2012.06.26 22:09:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.06.26 21:53:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.06.26 21:17:26 | 000,654,096 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.06.26 21:17:26 | 000,615,760 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.06.26 21:17:26 | 000,130,952 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.06.26 21:17:26 | 000,107,396 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.06.26 21:07:42 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.26 21:07:42 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.26 21:00:21 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.06.26 21:00:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.26 21:00:13 | 2408,927,232 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.19 13:07:16 | 000,014,067 | ---- | M] () -- C:\Users\Horst Falch\Desktop\Documents\Renten.ods
[2012.06.16 12:33:51 | 000,155,648 | RHS- | M] (Pgzkjbihy Onhugpjxhnm) -- C:\Users\Horst Falch\AppData\Roaming\ReAgentb.dll
[2012.06.13 13:52:20 | 000,390,752 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.06.09 13:23:43 | 000,002,052 | ---- | M] () -- C:\Users\Horst Falch\AppData\Roaming\wklnhst.dat
[2012.06.01 21:39:10 | 000,015,818 | ---- | M] () -- C:\Users\Horst Falch\Desktop\Documents\e-on Waldeck .odt
========== Files Created - No Company Name ==========
[2012.06.01 21:35:43 | 000,015,818 | ---- | C] () -- C:\Users\Horst Falch\Desktop\Documents\e-on Waldeck .odt
[2012.02.15 02:19:38 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2012.02.15 02:19:38 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2012.02.15 02:19:38 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2012.02.15 02:19:38 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2012.02.15 02:19:38 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2012.02.15 02:19:38 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2012.02.15 02:19:38 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2012.02.15 02:19:38 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2012.02.15 02:19:38 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2012.02.15 02:19:38 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2012.02.15 02:19:38 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2012.02.15 02:19:38 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2012.02.15 02:19:38 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2012.02.15 02:19:38 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2012.02.15 02:19:38 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2012.02.15 02:19:38 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2012.02.12 17:57:51 | 000,003,584 | ---- | C] () -- C:\Users\Horst Falch\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.12 17:57:39 | 000,003,764 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2012.02.12 17:57:39 | 000,000,008 | RHS- | C] () -- C:\Windows\System32\1C0C51EE85.sys
[2011.07.01 13:44:12 | 000,000,000 | ---- | C] () -- C:\Users\Horst Falch\AppData\Local\{AF9324A6-B48B-4E37-B6B4-FDB5B215C616}
[2011.04.15 03:59:50 | 000,000,099 | ---- | C] () -- C:\Users\Horst Falch\AppData\Local\fusioncache.dat
[2010.11.11 11:17:01 | 000,000,032 | ---- | C] () -- C:\ProgramData\io.ini
[2010.08.05 13:35:28 | 000,002,052 | ---- | C] () -- C:\Users\Horst Falch\AppData\Roaming\wklnhst.dat
========== LOP Check ==========
[2011.03.03 10:20:00 | 000,000,000 | ---D | M] -- C:\Users\Horst Falch\AppData\Roaming\Atzy
[2012.02.15 02:25:44 | 000,000,000 | ---D | M] -- C:\Users\Horst Falch\AppData\Roaming\Epson
[2010.05.06 22:54:26 | 000,000,000 | ---D | M] -- C:\Users\Horst Falch\AppData\Roaming\MAGIX
[2010.11.22 15:14:27 | 000,000,000 | ---D | M] -- C:\Users\Horst Falch\AppData\Roaming\OpenOffice.org
[2010.09.27 12:33:53 | 000,000,000 | ---D | M] -- C:\Users\Horst Falch\AppData\Roaming\Smart Panel
[2011.03.01 19:08:41 | 000,000,000 | ---D | M] -- C:\Users\Horst Falch\AppData\Roaming\Sosyz
[2010.05.06 17:59:23 | 000,000,000 | ---D | M] -- C:\Users\Horst Falch\AppData\Roaming\T-Online
[2010.09.30 14:26:32 | 000,000,000 | ---D | M] -- C:\Users\Horst Falch\AppData\Roaming\Template
[2010.05.24 08:50:09 | 000,000,000 | ---D | M] -- C:\Users\Horst Falch\AppData\Roaming\Windows Live Writer
[2012.05.28 17:11:08 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.05.07 11:16:23 | 000,000,000 | ---D | M] -- C:\Users\Horst Falch\AppData\Roaming\Adobe
[2010.05.18 14:38:48 | 000,000,000 | ---D | M] -- C:\Users\Horst Falch\AppData\Roaming\Apple Computer
[2011.03.03 10:20:00 | 000,000,000 | ---D | M] -- C:\Users\Horst Falch\AppData\Roaming\Atzy
[2012.02.16 17:10:45 | 000,000,000 | ---D | M] -- C:\Users\Horst Falch\AppData\Roaming\Avira
[2012.02.12 17:57:40 | 000,000,000 | ---D | M] -- C:\Users\Horst Falch\AppData\Roaming\Corel
[2010.12.04 17:07:07 | 000,000,000 | ---D | M] -- C:\Users\Horst Falch\AppData\Roaming\CyberLink
[2012.02.15 02:25:44 | 000,000,000 | ---D | M] -- C:\Users\Horst Falch\AppData\Roaming\Epson
[2010.05.06 14:06:10 | 000,000,000 | ---D | M] -- C:\Users\Horst Falch\AppData\Roaming\Identities
[2011.08.12 22:47:24 | 000,000,000 | ---D | M] -- C:\Users\Horst Falch\AppData\Roaming\InstallShield
[2010.05.06 14:06:33 | 000,000,000 | ---D | M] -- C:\Users\Horst Falch\AppData\Roaming\Intel Corporation
[2010.05.06 17:59:11 | 000,000,000 | ---D | M] -- C:\Users\Horst Falch\AppData\Roaming\Macromedia
[2010.05.06 22:54:26 | 000,000,000 | ---D | M] -- C:\Users\Horst Falch\AppData\Roaming\MAGIX
[2012.06.26 18:52:55 | 000,000,000 | ---D | M] -- C:\Users\Horst Falch\AppData\Roaming\Malwarebytes
[2009.07.14 10:56:41 | 000,000,000 | ---D | M] -- C:\Users\Horst Falch\AppData\Roaming\Media Center Programs
[2012.06.10 19:31:53 | 000,000,000 | --SD | M] -- C:\Users\Horst Falch\AppData\Roaming\Microsoft
[2010.05.18 15:03:00 | 000,000,000 | ---D | M] -- C:\Users\Horst Falch\AppData\Roaming\Mozilla
[2010.11.22 15:14:27 | 000,000,000 | ---D | M] -- C:\Users\Horst Falch\AppData\Roaming\OpenOffice.org
[2010.09.27 12:33:53 | 000,000,000 | ---D | M] -- C:\Users\Horst Falch\AppData\Roaming\Smart Panel
[2011.03.01 19:08:41 | 000,000,000 | ---D | M] -- C:\Users\Horst Falch\AppData\Roaming\Sosyz
[2010.05.06 17:59:23 | 000,000,000 | ---D | M] -- C:\Users\Horst Falch\AppData\Roaming\T-Online
[2010.09.30 14:26:32 | 000,000,000 | ---D | M] -- C:\Users\Horst Falch\AppData\Roaming\Template
[2012.05.23 16:05:40 | 000,000,000 | ---D | M] -- C:\Users\Horst Falch\AppData\Roaming\U3
[2010.05.24 08:50:09 | 000,000,000 | ---D | M] -- C:\Users\Horst Falch\AppData\Roaming\Windows Live Writer
< %APPDATA%\*.exe /s >
[2010.11.20 15:00:01 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Horst Falch\AppData\Roaming\Microsoft\Installer\{41B55736-84CD-42B0-8C49-1729B178EAE0}\NewShortcut1_41B5573684CD42B08C491729B178EAE0.exe
[2010.11.20 15:00:01 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Horst Falch\AppData\Roaming\Microsoft\Installer\{41B55736-84CD-42B0-8C49-1729B178EAE0}\NewShortcut3_41B5573684CD42B08C491729B178EAE0.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
< MD5 for: IASTOR.SYS >
[2009.10.02 13:40:50 | 000,432,664 | ---- | M] (Intel Corporation) MD5=D5EDB998656E6ECF1A17C78DAB019A3C -- C:\Windows\System32\drivers\iaStor.sys
[2009.10.02 13:40:50 | 000,432,664 | ---- | M] (Intel Corporation) MD5=D5EDB998656E6ECF1A17C78DAB019A3C -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_c08288e6bf102290\iaStor.sys
< MD5 for: IASTORV.SYS >
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\drivers\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\drivers\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: USER32.DLL >
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WININIT.EXE >
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
< MD5 for: WINLOGON.EXE >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< End of report >
Ich bin wirklich ratlos, wie ich das wieder weg bekomme.:confused:
Vielen Dank im Voraus!:dankeschoen:
MfG
Jogibub |
