Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   seltsame internetabbrüche ! (https://www.trojaner-board.de/133938-seltsame-internetabbrueche.html)

Schicka 19.04.2013 17:36
seltsame internetabbrüche !
 
Hallo zusammen,

Ich habe folgendes Problem:
Mein Browser zeigt mir immer wieder folgende Meldung an: "Seite kann nicht geöffnet werden,blablabla" und das obwohl ich online bin (skype,onlineSpiele etc)...das Problem behebt sich meistens in 5-10 minuten von selber und tritt besonders dann auf wenn ich viel im internet hin und her linke.

Habe mir von der Telekom schon einen neuen Speedport zuschicken lassen,Problem besteht weiterhin.

Ich benutze Mozilla,das Problem tritt allerdings auch mit IE auf.
Ich benutze Win7 HE.
Wüsste nicht welche Informationen noch gebraucht werden könnten...einfach nachfragen.

Habe selber noch kaum entwas ausprobiert,allerdings irgendwas von feste dns ip(?),oder so gelesen.

Wäre für jegliche Lösungsansätze sehr dankbar !

MFG

die genaue Fehlermeldung:

Fehler: Verbindung unterbrochen


Die Verbindung zum Server wurde zurückgesetzt, während die Seite geladen wurde.





Die Website könnte vorübergehend nicht erreichbar sein, versuchen Sie es bitte
später nochmals.
Wenn Sie auch keine andere Website aufrufen können, überprüfen Sie bitte die
Netzwerk-/Internetverbindung.
Wenn Ihr Computer oder Netzwerk von einer Firewall oder einem Proxy geschützt wird,
stellen Sie bitte sicher, dass Firefox auf das Internet zugreifen darf.

cosinus 20.04.2013 18:11
Hallo und :hallo:

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die jemals fündig geworden?
Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Schicka 21.04.2013 14:02
Hallo cosinus und danke für deine schnelle Antwort.
Ich habe leider keine Logs zur Verfügung.
In meiner Avast Version finde ich keine Logdateien und Malware hatte ich bis eben nicht.
Nun lass ich mal beides scannen.

Über Avast habe ich folgendes gefunden:


Web- und Netzwerk-Schutz
Der Web-Schutz überprüft alle besuchten Webseiten, heruntergeladenen Dateien und Java-Scripts während Sie im Internet sind. Beim Fund einer Malware wird der Zugriff auf die Website/Datei/Script blockiert und so einer Infektion Ihres Computers vorgebeugt. Der Netzwerk-Schutz überprüft die Zugangspunkte Ihres Computers auf ungewöhnliche Aktivitäten.

2 196 912Web- und Netzwerk-Objekte wurden geprüft

5Web- und Netzwerk-Objekte waren infiziert und wurden blockiert

Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.04.21.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Agando :: AGANDO_HP_PC [Administrator]

Schutz: Aktiviert

21.04.2013 15:00:08
mbam-log-2013-04-21 (15-00-08).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|Q:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 470509
Laufzeit: 57 Minute(n), 48 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 1
C:\ProgramData\IBUpdaterService (PUP.InstallBrain) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 1
C:\ProgramData\IBUpdaterService\repository.xml (PUP.InstallBrain) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

cosinus 21.04.2013 22:57
Die Logs bitte in CODE-Tags posten



Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Die Logs der aufgegebenen Tools wie zB Malwarebytes sind immer zu posten - egal ob ein Fund dabei war oder nicht!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.


Erstmal eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in CODE-Tags in den Thread.

Schicka 22.04.2013 19:19
[code]suOTL Logfile:
Code:
OTL logfile created on: 22.04.2013 20:09:20 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Agando\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 4,77 Gb Available Physical Memory | 59,70% Memory free
15,96 Gb Paging File | 11,41 Gb Available in Paging File | 71,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 565,81 Gb Free Space | 60,75% Space Free | Partition Type: NTFS
Drive D: | 4,36 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: AGANDO_HP_PC | User Name: Agando | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Agando\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Users\Agando\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\SC2\StarCraft II\Versions\Base24944\SC2.exe (Blizzard Entertainment, Inc.)
PRC - C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe (Blizzard Entertainment)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer USA Ltd)
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
PRC - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
PRC - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
PRC - C:\Program Files (x86)\Gigabyte\ET6\GUI.exe ()
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Windows\SysWOW64\XSrvSetup.exe ()
PRC - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE ()
PRC - C:\Windows\V0330Mon.exe (Creative Technology Ltd.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7d8f6866864f78cf83d3701641c46178\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e963e9f51746f8e23837be7760e187c6\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\5d5b1b0c6e8a714de39a06e3b61f35fe\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\07753c0a8ed7f9bc61b0ee718f3c779d\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\4373d5deea0fd001dfac01a83f6f2bca\System.Runtime.DurableInstancing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8834e734c13d53e65982db2a00563ce7\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\a9ecbe8beef8c04f60f9127ec6599abf\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\2b8c61f577f1ffdd781e18d96d97ee3a\System.Xml.Linq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\b8e60f81fd56934c9f9da7b15bee3376\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\932901ff0ad5e365ffbe705d7459a37e\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\b519f42484e1d488662a9a8a87cb8849\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8abaedf6aecb073b22f8801aa0b8babf\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\7cd4aa51f6e6b9330b8f50bba8bb62c6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\78ecbee4a7444353dce52afb9d9d795c\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\60674dde4b56087c189f576f36f6720f\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\SplitMediaLabs\XSplit\avcodec-54.dll ()
MOD - C:\Program Files (x86)\SplitMediaLabs\XSplit\avformat-54.dll ()
MOD - C:\Program Files (x86)\SplitMediaLabs\XSplit\swscale-2.dll ()
MOD - C:\Program Files (x86)\SplitMediaLabs\XSplit\avutil-51.dll ()
MOD - C:\Program Files (x86)\Gigabyte\ET6\work.dll ()
MOD - C:\Program Files (x86)\Gigabyte\ET6\Normal.dll ()
MOD - C:\Program Files (x86)\Gigabyte\ET6\HM.dll ()
MOD - C:\Program Files (x86)\Gigabyte\ET6\OCK.dll ()
MOD - C:\Program Files (x86)\Gigabyte\ET6\SF.dll ()
MOD - C:\Program Files (x86)\Gigabyte\ET6\MFCCPU.DLL ()
MOD - C:\Program Files (x86)\Gigabyte\ET6\GVTunner.dll ()
MOD - C:\Program Files (x86)\Gigabyte\ET6\STT.dll ()
MOD - C:\Program Files (x86)\Gigabyte\ET6\GUI.exe ()
MOD - C:\Program Files (x86)\Gigabyte\ET6\ycc.dll ()
MOD - C:\Program Files (x86)\Gigabyte\ET6\StabilityLib.dll ()
MOD - C:\Program Files (x86)\Gigabyte\ET6\GPTT.dll ()
MOD - C:\Program Files (x86)\Gigabyte\ET6\IccLibDll.dll ()
MOD - C:\Program Files (x86)\Gigabyte\ET6\AMD8.dll ()
MOD - C:\Program Files (x86)\Gigabyte\ET6\Platform.dll ()
MOD - C:\Program Files (x86)\Gigabyte\ET6\Device.dll ()
MOD - C:\Program Files (x86)\Gigabyte\ET6\CIAMIB.dll ()
MOD - C:\Program Files (x86)\Gigabyte\ET6\Sound.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (JMB36X) -- C:\Windows\SysWOW64\XSrvSetup.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ES lite Service) -- C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (rzudd) -- C:\Windows\SysNative\drivers\rzudd.sys (Razer USA Ltd)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (DRHMSR64) -- C:\Windows\SysNative\drivers\DRHMSR64.sys ()
DRV:64bit: - (DRHARD64) -- C:\Windows\SysNative\drivers\DRHARD64.sys (Licensed for Gebhard Software)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (nmwcdnsux64) -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys (Nokia)
DRV:64bit: - (EtronXHCI) -- C:\Windows\SysNative\drivers\EtronXHCI.sys (Etron Technology Inc)
DRV:64bit: - (EtronHub3) -- C:\Windows\SysNative\drivers\EtronHub3.sys (Etron Technology Inc)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\drivers\ssadmdm.sys (MCCI Corporation)
DRV:64bit: - (ssadbus) -- C:\Windows\SysNative\drivers\ssadbus.sys (MCCI Corporation)
DRV:64bit: - (ssadmdfl) -- C:\Windows\SysNative\drivers\ssadmdfl.sys (MCCI Corporation)
DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.)
DRV:64bit: - (sscdmdm) -- C:\Windows\SysNative\drivers\sscdmdm.sys (MCCI Corporation)
DRV:64bit: - (sscdbus) -- C:\Windows\SysNative\drivers\sscdbus.sys (MCCI Corporation)
DRV:64bit: - (sscdmdfl) -- C:\Windows\SysNative\drivers\sscdmdfl.sys (MCCI Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (dgderdrv) -- C:\Windows\SysNative\drivers\dgderdrv.sys (Devguru Co., Ltd)
DRV:64bit: - (TFsExDisk) -- C:\Windows\SysNative\drivers\TFsExDisk.sys (Teruten Inc)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (V0330VID) -- C:\Windows\SysNative\drivers\V0330Vid.sys (Creative Technology Ltd.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (GVTDrv64) -- C:\Windows\GVTDrv64.sys ()
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (FsUsbExDisk) -- C:\Windows\SysWOW64\FsUsbExDisk.Sys ()
DRV - (etdrv) -- C:\Windows\etdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (DRHMSR64) -- C:\Windows\SysWOW64\drivers\DRHMSR64.sys ()
DRV - (DRHARD64) -- C:\Windows\SysWOW64\drivers\DRHARD64.sys (Licensed for Gebhard Software)
DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)
DRV - (AODDriver) -- C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys (Advanced Micro Devices)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{758B870D-DF78-4A6A-9955-DEDDCACF94DC}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.Agando-Shop.de
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKCU\..\SearchScopes\{758B870D-DF78-4A6A-9955-DEDDCACF94DC}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.3: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Agando\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Agando\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.03.18 22:03:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ [2012.12.21 13:40:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.12 01:26:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.04.12 01:26:30 | 000,000,000 | ---D | M]
 
[2012.04.17 01:55:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Agando\AppData\Roaming\mozilla\Extensions
[2013.04.12 01:26:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.04.12 01:26:33 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.28 17:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012.06.19 06:27:44 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.29 16:41:12 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.19 06:27:44 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.19 06:27:44 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.19 06:27:44 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.19 06:27:44 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Agando\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: avast! WebRep = C:\Users\Agando\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dolby Home Theater v4] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer USA Ltd)
O4 - HKLM..\Run: [V0330Mon.exe] C:\Windows\V0330Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [Facebook Update] "C:\Users\Agando\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver File not found
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKCU..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [Spotify] C:\Users\Agando\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Agando\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKLM..\RunOnce: [EasyTuneVI] C:\Program Files (x86)\Gigabyte\ET6\ETCall.exe ()
O4 - Startup: C:\Users\Agando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Agando\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Agando\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe (PokerStars)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC0BDCAA-7AA0-4ADA-A273-EF18B2E5ABDD}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F76FFE38-9591-4DFE-B871-CF3601E4F8B3}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.04.22 14:29:21 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{EC2F1667-E42B-481F-AC68-930049856D84}
[2013.04.22 02:28:57 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{9B3DED36-70F7-4FC6-A966-D171344FBDEB}
[2013.04.21 14:58:07 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Roaming\Malwarebytes
[2013.04.21 14:57:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.04.21 14:57:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.04.21 14:57:57 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.04.21 14:57:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.04.21 14:57:46 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\Programs
[2013.04.21 14:26:07 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{E4723389-94EA-4C2F-ABAE-A9A1441EA30F}
[2013.04.20 22:59:50 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{C322C37E-B3D9-4062-B7BA-A69578E4E63C}
[2013.04.20 07:04:19 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{25D8E7C4-344B-44B9-9317-3B1A21965443}
[2013.04.20 07:04:05 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{CBEA227B-79F2-47E2-9454-C31C513E5052}
[2013.04.19 17:24:00 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{E2B9CA62-73DA-435A-85A4-2F4556D101B7}
[2013.04.19 17:20:11 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{D04C1025-EA22-4B58-9413-2958B2F9047D}
[2013.04.19 05:02:46 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{C35C9F26-FAFF-4D1C-A1C5-F45CBB10462A}
[2013.04.18 16:19:59 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{4317A680-6CF6-49EA-B54B-7CF534F4EC29}
[2013.04.18 02:21:06 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{DF21AF62-081A-4468-9C0E-E369CEF7DCDF}
[2013.04.17 14:19:36 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{3B2BCF2D-01D3-4395-8A6D-E6FE0BF671FC}
[2013.04.17 07:29:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.04.17 07:29:27 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.04.17 07:29:27 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.04.17 07:29:27 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.04.17 02:18:59 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{A894A65B-BC64-41B4-AACF-2E34CF912AEA}
[2013.04.16 14:15:07 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{4650DE8D-B711-4821-982D-E64DB25833E8}
[2013.04.15 19:50:37 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{52C7422C-DA89-4F20-AC08-4CE498B96E4C}
[2013.04.14 19:43:07 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\Spotify
[2013.04.14 19:41:25 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Roaming\Spotify
[2013.04.14 14:57:30 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{62F988BF-F29C-4E5E-AA32-D822A159F832}
[2013.04.14 02:56:52 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{1EDF5A25-5AA7-4B6F-B96D-6A8359B66A37}
[2013.04.13 14:53:44 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{26574425-9709-41F6-BD2E-BDC5C5E9A146}
[2013.04.13 02:08:25 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{6CAB2BFB-6789-42E7-8BFE-955C39DDCBE5}
[2013.04.12 14:07:54 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{E293790C-3362-405C-B349-F26C26D8C425}
[2013.04.12 01:26:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.04.12 00:12:03 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{FCA24882-E540-4026-AB73-34A1114A35BD}
[2013.04.11 12:11:36 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{42B64B63-9E88-4B87-ADA6-7747D978CC3F}
[2013.04.11 01:01:22 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.04.11 01:01:22 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.04.11 01:01:21 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.04.11 01:01:21 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.04.11 01:01:21 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.04.11 01:01:21 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.04.11 01:01:21 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.04.11 01:01:21 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.04.11 01:01:20 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.04.11 01:01:20 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.04.11 01:01:20 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.04.11 01:01:19 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.04.11 01:01:17 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.04.11 01:01:17 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.04.11 01:01:17 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.04.10 20:38:54 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013.04.10 20:38:54 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013.04.10 20:38:54 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013.04.10 20:38:54 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013.04.10 20:38:54 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013.04.10 20:38:54 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013.04.10 20:38:44 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.04.10 20:38:43 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.04.10 20:38:43 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.04.10 20:38:42 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013.04.10 20:38:42 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013.04.10 20:38:42 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013.04.10 20:31:50 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{7CEFA8FF-B97C-4D50-B6D3-37D67A7C5E7F}
[2013.04.10 04:07:34 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{FF04AFDF-5198-474C-9883-BDA542B40A69}
[2013.04.09 16:07:08 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{25E283B7-AD68-4B59-9266-B07763F93EE2}
[2013.04.09 00:24:50 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{2F471169-E46C-432D-ACCB-E55EE2FAF051}
[2013.04.08 19:17:53 | 000,000,000 | ---D | C] -- C:\Users\Agando\Desktop\Kabel BW
[2013.04.08 12:24:09 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{4B5E7FE7-82E2-4939-8360-E41468AAB97F}
[2013.04.07 07:34:29 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{FA32D6E3-A913-4FBE-BDE1-9582A2743CD8}
[2013.04.06 19:34:04 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{47FBDBB1-B2AB-40C5-9511-984374556350}
[2013.04.06 07:33:27 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{521090C4-E3E0-4DA5-A3EA-0A235D1C8AD1}
[2013.04.06 03:50:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.04.05 23:01:33 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\PunkBuster
[2013.04.05 23:00:59 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\ESN
[2013.04.05 23:00:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins
[2013.04.05 22:51:06 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2013.04.05 22:51:04 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs
[2013.04.05 22:51:00 | 000,000,000 | ---D | C] -- C:\Users\Agando\Documents\Battlefield 3
[2013.04.04 19:21:28 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{894245DE-06C9-4BDA-A50B-270444E8A37E}
[2013.04.04 07:20:55 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{03C1B1DB-1B4F-4887-A191-C3798ED6A010}
[2013.04.04 02:55:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
[2013.04.03 19:18:54 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{A868D650-970F-45C5-ACF7-9371132AB3B5}
[2013.04.03 08:13:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013.04.03 08:13:37 | 000,861,088 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.04.03 08:13:37 | 000,782,240 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.04.03 08:13:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013.04.03 07:09:00 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{A3169D7D-3122-44A5-B96D-2FB7ED93316F}
[2013.04.01 07:11:34 | 000,000,000 | ---D | C] -- C:\Users\Agando\Documents\FIFA 13
[2013.04.01 06:45:01 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
[2013.03.31 18:45:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2013.03.31 18:45:33 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Roaming\Origin
[2013.03.31 18:45:27 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\Origin
[2013.03.31 18:41:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2013.03.31 18:41:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2013.03.31 18:41:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2013.03.31 06:56:55 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{0815EE53-07C6-4D00-8F39-819AB6D661C8}
[2013.03.30 17:31:35 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{CC0CE357-9589-4CBF-B949-020909267929}
[2013.03.30 05:31:05 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{6A9FD74F-085F-449D-9572-DF456EF9B210}
[2013.03.29 12:48:51 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{9C612FFA-30C5-4B32-95C6-903C82022FC5}
[2013.03.29 00:48:14 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{A6DE0ECE-23D7-4AB6-B3CF-B9AFECEFF6E4}
[2013.03.28 12:47:37 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{BC74B03A-052C-4F90-AB31-C73FF61A2A4F}
[2013.03.27 20:51:04 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{B93AA165-130D-4909-A77E-5CAFE97BAD97}
[2013.03.27 06:28:56 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{2D87AB2E-1928-4CC2-9D2C-7F38AD958A51}
[2013.03.26 18:28:22 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{F35FA04D-97A2-413A-BB61-8BEF3CC480F6}
[2013.03.26 05:29:00 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{3E51B536-529F-456C-B3FE-B2BA6A77D7F7}
[2013.03.26 02:52:36 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013.03.25 22:09:48 | 000,000,000 | ---D | C] -- C:\ts3overlay
[2013.03.25 21:51:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA
[2013.03.25 17:04:10 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{1813F227-6DC0-4F98-A13C-05A1B842F740}
[2013.03.24 16:56:34 | 000,000,000 | ---D | C] -- C:\Users\Agando\AppData\Local\{94AFEA7D-5143-420B-A481-ADA4EAA231F5}
[2012.04.22 23:09:10 | 002,748,648 | ---- | C] (Beepa Pty Ltd) -- C:\Users\Agando\fo-fr346.exe
 
========== Files - Modified Within 30 Days ==========
 
[2013.04.22 20:11:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.22 20:09:01 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.22 19:55:50 | 000,021,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.22 19:55:50 | 000,021,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.22 19:48:49 | 000,030,528 | ---- | M] () -- C:\Windows\GVTDrv64.sys
[2013.04.22 19:48:49 | 000,000,004 | ---- | M] () -- C:\Windows\SysWow64\GVTunner.ref
[2013.04.22 19:48:45 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.22 19:48:40 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2013.04.22 19:48:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.22 19:47:59 | 2132,713,471 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.22 07:02:00 | 000,001,142 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2791813957-2553131097-2160486698-1000UA.job
[2013.04.22 01:02:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2791813957-2553131097-2160486698-1000Core.job
[2013.04.21 14:57:59 | 000,001,118 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.04.16 06:21:59 | 001,614,880 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.16 06:21:59 | 000,697,594 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.04.16 06:21:59 | 000,652,894 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.16 06:21:59 | 000,148,818 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.04.16 06:21:59 | 000,121,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.14 20:21:17 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.04.14 20:21:17 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.04.14 19:43:07 | 000,001,818 | ---- | M] () -- C:\Users\Agando\Desktop\Spotify.lnk
[2013.04.11 04:10:57 | 000,291,512 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.09 18:39:57 | 001,503,886 | ---- | M] () -- C:\Users\Agando\Documents\chip.mp3
[2013.04.07 17:27:14 | 002,043,053 | ---- | M] () -- C:\Users\Agando\Documents\beschde.mp3
[2013.04.07 00:56:18 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.04.07 00:56:10 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.04.07 00:56:10 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.04.07 00:51:57 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.04.04 05:35:05 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.04.04 05:30:10 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.04.04 05:29:44 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.04.03 22:45:48 | 000,307,854 | ---- | M] () -- C:\Users\Agando\Documents\video.php
[2013.04.03 08:13:19 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.04.03 08:13:19 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.04.01 06:45:03 | 000,001,255 | ---- | M] () -- C:\Users\Public\Desktop\FIFA 13.lnk
[2013.03.31 18:41:14 | 000,000,988 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2013.03.28 05:16:06 | 011,781,136 | ---- | M] () -- C:\Users\Agando\Desktop\Catalogo.pdf
[2013.03.28 01:50:09 | 000,006,502 | ---- | M] () -- C:\Users\Agando\Documents\155249_170787796287987_5962124_s.jpg
 
========== Files Created - No Company Name ==========
 
[2013.04.21 14:57:59 | 000,001,118 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.04.14 19:43:07 | 000,001,818 | ---- | C] () -- C:\Users\Agando\Desktop\Spotify.lnk
[2013.04.14 19:43:07 | 000,001,804 | ---- | C] () -- C:\Users\Agando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2013.04.09 18:38:19 | 001,503,886 | ---- | C] () -- C:\Users\Agando\Documents\chip.mp3
[2013.04.07 17:26:24 | 002,043,053 | ---- | C] () -- C:\Users\Agando\Documents\beschde.mp3
[2013.04.05 23:01:36 | 000,291,088 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.04.04 02:54:59 | 000,291,088 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.04.04 02:54:59 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.04.04 02:54:58 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.04.03 22:45:46 | 000,307,854 | ---- | C] () -- C:\Users\Agando\Documents\video.php
[2013.04.01 06:45:03 | 000,001,255 | ---- | C] () -- C:\Users\Public\Desktop\FIFA 13.lnk
[2013.03.31 18:41:14 | 000,000,988 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2013.03.28 05:16:04 | 011,781,136 | ---- | C] () -- C:\Users\Agando\Desktop\Catalogo.pdf
[2013.03.28 01:50:07 | 000,006,502 | ---- | C] () -- C:\Users\Agando\Documents\155249_170787796287987_5962124_s.jpg
[2013.03.20 07:18:28 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDevice.Dll
[2013.03.20 07:18:28 | 000,037,344 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDisk.Sys
[2013.02.22 05:16:32 | 000,014,760 | ---- | C] () -- C:\Windows\SysWow64\drivers\DRHMSR64.sys
[2012.07.13 14:14:09 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012.05.08 00:40:40 | 000,000,017 | ---- | C] () -- C:\Users\Agando\AppData\Local\resmon.resmoncfg
[2012.04.27 00:48:09 | 000,242,356 | ---- | C] () -- C:\Users\Agando\chefstatus.php
[2012.04.05 13:53:25 | 001,593,356 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.04.05 12:53:53 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2012.04.05 12:04:26 | 000,072,280 | R--- | C] () -- C:\Windows\SysWow64\XSrvSetup.exe
[2012.04.05 11:56:40 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.06.07 11:13:38 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011.06.07 11:13:38 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.06.07 11:13:38 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.06.07 11:13:38 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.06.07 11:13:38 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:47F1DFAC

< End of report >
--- --- ---


Code:
OTL Extras logfile created on: 22.04.2013 20:09:20 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Agando\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 4,77 Gb Available Physical Memory | 59,70% Memory free
15,96 Gb Paging File | 11,41 Gb Available in Paging File | 71,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 565,81 Gb Free Space | 60,75% Space Free | Partition Type: NTFS
Drive D: | 4,36 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: AGANDO_HP_PC | User Name: Agando | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [CEWE FOTOSCHAU] -- "C:\Program Files (x86)\dm\dm-Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [dm-Fotowelt] -- "C:\Program Files (x86)\dm\dm-Fotowelt\dm-Fotowelt.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [CEWE FOTOSCHAU] -- "C:\Program Files (x86)\dm\dm-Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [dm-Fotowelt] -- "C:\Program Files (x86)\dm\dm-Fotowelt\dm-Fotowelt.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1020F32F-C541-4948-B1CC-4148A9590821}" = rport=138 | protocol=17 | dir=out | app=system |
"{1389879E-0DEC-40CE-A1ED-362EBCB7AC65}" = rport=445 | protocol=6 | dir=out | app=system |
"{18F70871-8EA1-4D22-98FC-DC3AF34E81F7}" = lport=137 | protocol=17 | dir=in | app=system |
"{2B937D46-C481-4D2E-A5A4-0E2C2A86A9EA}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2C016433-97CA-4F41-BF00-5AAA39D59CC0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3D493B42-35F0-4E93-BA00-142891132087}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3FFD13D1-37BE-4A20-BB6E-B30DC85AC9E0}" = rport=137 | protocol=17 | dir=out | app=system |
"{43931C77-88E3-420B-8923-6C2DDF94A511}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4C83D070-C1D5-42AD-BBD7-E96821BB573D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{52A0521C-F45C-44A0-AADD-4CF20773D8D3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{54E99154-6DD5-4009-95D9-02DCF80A8236}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{69FAE490-4710-4DFB-9C28-AE82120D7265}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{77236643-A8C8-4F7E-B6B0-B0CC80100190}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7783682B-89A5-492D-B8C6-9D83C0BF5581}" = lport=138 | protocol=17 | dir=in | app=system |
"{78C8C8BA-9B78-4D84-A539-8094624DD670}" = rport=139 | protocol=6 | dir=out | app=system |
"{7C48CA07-E6C4-4036-AC83-9F5F101D9662}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{85FD34A3-578D-4B5E-B83A-DD355ED91601}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9A70DEE0-EB0D-4C6A-91BC-F05B40D99B24}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9BC28D00-309B-4664-896B-41DAD3EFAA3D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A2BAEE7E-2DD5-412B-9679-CF44F095E157}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A90245AC-AC02-4DE0-B873-78060BFC2D96}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B7B242E0-BB34-4957-8AE8-F27A501AF934}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B9EC2D2A-5108-4FA6-93F9-861FB6E9627D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D236FC48-4E6F-445B-8455-596FAAB5462C}" = lport=139 | protocol=6 | dir=in | app=system |
"{E47F29B9-5600-44F0-81E3-5EDAF4C43B99}" = lport=445 | protocol=6 | dir=in | app=system |
"{EB6CFC51-90AE-4374-ACFB-3D2AB7009654}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00B8D566-F8F1-4926-8F27-5EE78451A2E3}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{014A7CA5-2483-4125-A9F4-3CE3A4DF70C7}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{03C7BA2C-1151-4620-9CDA-EC4409987C07}" = protocol=6 | dir=in | app=c:\program files (x86)\sc2\starcraft ii\starcraft ii public test.exe |
"{04543A6F-EF1C-41EE-8819-555EC027B36E}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{05BA3226-C6BF-493A-8758-26D4B340B2E7}" = protocol=17 | dir=in | app=c:\program files (x86)\sc2\starcraft ii\starcraft ii public test.exe |
"{06D6C1FD-C0A5-40BE-BD2A-F16D9F2B415F}" = protocol=6 | dir=in | app=c:\program files (x86)\sc2\starcraft ii\starcraft ii.exe |
"{07C1B79C-00E8-4097-A1C3-40A75C50B4C6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{098A1C98-6F48-4392-BB02-075140AB1753}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{0BD77D47-2D73-420A-A04C-F8F8097BCBE4}" = protocol=17 | dir=in | app=c:\users\agando\appdata\local\apps\2.0\qhmwe85j.wyn\gywmvatz.yqy\curs..tion_eee711038731a406_0004.0000_2bd39706d04e72c8\curseclient.exe |
"{0F5E6F4D-4ECF-452C-A09B-4685E2C9ED50}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{1203B68A-587F-43CA-8177-30DFC0B7F09F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{12B5D620-BE19-4CB1-BC50-B43E41A29AB9}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{1739D56B-B151-45EB-9AE3-573ED7B4A456}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1F632FAD-3AB5-4500-9A91-7A33FAE9AD0E}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{212C0E29-9772-4F8B-9D5A-7A428D5B2D62}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\microsoft flight\flight.exe |
"{216F3E4A-0F28-4BE0-9440-87E39DB7E3E4}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{217C1F87-1AE1-4A05-9777-3AF0D7556DEB}" = protocol=6 | dir=out | app=system |
"{223FAE6A-69EB-4751-A927-2068487E6FB8}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{227BE733-2B5D-468D-A21B-C302C67C1A45}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{22D0E01D-F031-4F2B-8D63-5E56AA0CFAA4}" = dir=in | app=c:\users\agando\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{262D90ED-D320-4B96-BCD5-3C61318E7FB1}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{31AC4CE0-983E-407E-9C41-E1FDF5728012}" = protocol=17 | dir=in | app=c:\users\agando\downloads\crossfire0212downloader.exe |
"{31D166B0-9BF4-4D22-8304-A9B8A5AB6302}" = protocol=6 | dir=in | app=c:\program files (x86)\z8games\crossfire\cf_g4box.exe |
"{32221D4C-DABE-40E0-A0FB-64BE0E4FE345}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{374E2030-9120-413C-87F3-597096C5676E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{3B6DBC3B-6CA1-46F2-AB8A-646DB070240C}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3C14189F-5325-400A-B058-029A92E9CF01}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{41A74AE5-B055-4A83-9AEB-40CD5FF5CA95}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{43B78B6B-FAB9-4C2D-8B23-F7DF58046EDC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4831B1EA-6861-4763-9727-7A2B87D802DD}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\fifa 13\game\fifa13.exe |
"{487A8203-6DD2-4D74-B39E-175C9885CEA9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football superstars\patchbootstrap.exe |
"{48EBD408-49E6-4AA5-9AA7-677C62C2BEEF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\jensgeller\counter-strike source\hl2.exe |
"{491C8370-0D9B-405C-86F2-616EBF0775CA}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{49C96BCF-B460-4970-B848-8EF7ACE47715}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4AB911CD-F355-463B-808A-2DF3AD483A9C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\fabelyo\counter-strike source\hl2.exe |
"{4D2F786B-6CDE-4DF7-8FE2-09396883D65A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4D476C03-AC13-4EFD-9484-C7CD8D5431CF}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{5B1ADDF9-5295-4426-9C83-11B1BE458CAE}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{5CC5EDE2-29D4-471C-991C-5A4F0D6F92F3}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\fifa 13\game\fifa13.exe |
"{5DC002A4-BF97-4BB2-BA43-E8B87C0D686C}" = protocol=6 | dir=in | app=c:\users\agando\downloads\crossfire0212downloader.exe |
"{5EE0740C-0635-4CF7-84B5-7E9726637A18}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{6038727B-3D1C-4F4A-9E66-5F0F3F6E59D0}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{613FF1A5-F82E-4B6E-BC14-BA27558348FD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6695E038-8EDA-47CF-8EFF-E05B25D5CD7D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{67861042-CFB7-443F-B9A0-DAA257990B96}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{6B9E60B8-338F-4259-A3EC-131CFB69D61C}" = protocol=6 | dir=in | app=c:\users\agando\appdata\local\apps\2.0\qhmwe85j.wyn\gywmvatz.yqy\curs..tion_eee711038731a406_0004.0000_2bd39706d04e72c8\curseclient.exe |
"{6E2259FE-D97C-40FE-A7AE-8F356D0BD039}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{6F3D2EE8-DD36-4D2E-86BF-570E1DF807DA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{72D73666-6ECA-4F4C-A570-1741A71BDDEB}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"{747A938F-2F16-4B1E-ACB3-59FD96345086}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{7F741F86-E71C-455F-ABBC-EE63EF1003A2}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{85F9082A-E4D3-41F1-8026-07DF960941CF}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{860FCD4D-A404-499E-A03B-893A95FB6812}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"{8792D69F-1CA6-4F23-AEA6-FFB33C074E80}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{889ED398-0BC2-445F-A7B5-629618D8706C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8A0C2253-0383-4431-98C2-B68DE77F7D8D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\fabelyo\counter-strike source\hl2.exe |
"{8B4CB241-933E-474B-BA3B-B359E8605983}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{8E7D5FBA-0142-48BE-8D8B-8E4FE63EB618}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{98AADCD1-D55D-4941-9B62-B874D7FE91A3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bloodline champions\binary\bloodlinechampionsloader.exe |
"{9CB14252-A213-4A4E-B3F0-8466CA088052}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{9F8EE933-EADD-4F6F-ADA3-CC8F92BA05E3}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{A3CBB400-F001-415B-ADEA-82049E844309}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A7B0CA84-F614-4B55-9FD4-2AE251C454A4}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{A910F4AE-73C7-4F11-9159-C47ADCBFFE96}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{AA78A967-3B76-4E44-A5EF-3EBE0D5B8917}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe |
"{AAF46F3F-CB51-4562-824C-1B33405A0311}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{ACF954CA-E7EF-46A0-B07D-86E5342BACB5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\jensgeller\counter-strike source\hl2.exe |
"{AD3040A3-5843-4EAA-B837-CF461C121DB5}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{B2CDA1CA-588B-4516-AD27-40A7969C23A9}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{B390AF39-8FFD-4668-B9B9-B5A9270CCECC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C087A48A-3177-4541-8B67-80CE3551A12B}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{C25D07FB-E066-465F-8398-A7C2D87AF507}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{C43CFC32-2AB5-4041-B7B9-3AAA1788BB86}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe |
"{C6301233-728C-4D25-929A-19031804B6BA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C8937A13-623A-4ECA-A49F-F8FADDBE57EB}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{C989564A-5875-4780-966A-B2513943E383}" = protocol=17 | dir=in | app=c:\program files (x86)\z8games\crossfire\cf_g4box.exe |
"{D337867D-F821-436A-980B-4E352D8CE84A}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{D81A1265-8DAB-45FA-807B-4A54125861F9}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{DCAAB3AA-40FA-437B-A940-5A423016D02B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{DCB66201-F66E-4626-9782-8CA8C4B91EC8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E6F45C87-22DB-40F4-B6D6-DA4CA434DCA3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bloodline champions\binary\bloodlinechampionsloader.exe |
"{EEDB85F4-85C9-417C-A9D4-51DCA719333A}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{EF486F02-B01A-4612-A853-2D4507BEC565}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\microsoft flight\flight.exe |
"{F0B6F9EC-6D5B-48A1-A4C9-4E0B7F2BAD8E}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{F420EC33-AAAA-4A25-B0DA-0E2B883DE2E1}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{F4D50540-B477-41C7-928B-3033E67FE8E2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F50C0855-1C0C-426C-BF5A-F303BF040D41}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{F52E9867-EC4B-4B80-AA3A-EEAB679C4F80}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{F682BDB2-BC46-4106-908D-3438D8D91BBB}" = protocol=17 | dir=in | app=c:\program files (x86)\sc2\starcraft ii\starcraft ii.exe |
"{F718093A-463A-40B7-80F0-6168652D5D4A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{F7F7F35F-3C55-488D-ABF9-19FCB5994476}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football superstars\patchbootstrap.exe |
"{FA8FEFB4-0CE8-4350-9545-0DE47C23D444}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"TCP Query User{029B7D68-83FA-401D-82BA-A69763E47D90}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe |
"TCP Query User{107BA9F9-365A-42BE-BE42-8D795DEA91C3}C:\program files (x86)\starcraft ii\versions\base23260\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base23260\sc2.exe |
"TCP Query User{10FA3510-A459-431E-A95F-49CED553FC1B}C:\programdata\battle.net\agent\agent.1637\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"TCP Query User{3867DF65-B43C-4DBE-ABC1-663E878E6428}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe" = protocol=6 | dir=in | app=c:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe |
"TCP Query User{6070A67F-1BCF-4A68-9222-769CB8CA53AC}C:\program files (x86)\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe |
"TCP Query User{71949DB2-0305-49D8-9645-4265F7F43EA5}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe |
"TCP Query User{77828410-BD08-49BA-81FE-AA02D9D65E0A}C:\users\agando\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\agando\appdata\roaming\spotify\spotify.exe |
"TCP Query User{86C3836C-0E57-44C1-AB39-859B6BE3420E}C:\program files (x86)\sc2\starcraft ii\versions\base23260\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sc2\starcraft ii\versions\base23260\sc2.exe |
"TCP Query User{A5002770-33E9-4214-AD6E-44423071C467}C:\program files (x86)\sc2\starcraft ii\versions\base24944\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sc2\starcraft ii\versions\base24944\sc2.exe |
"TCP Query User{C3A86EC7-7275-4988-949F-E40A1B3013ED}C:\program files (x86)\steam\steamapps\common\bloodline champions\binary\bloodlinechampions.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bloodline champions\binary\bloodlinechampions.exe |
"TCP Query User{DBB07C06-F556-4821-8A0B-D881BB269632}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe |
"UDP Query User{0C2C256C-2D6A-408B-BE7B-40EFB01475D6}C:\users\agando\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\agando\appdata\roaming\spotify\spotify.exe |
"UDP Query User{22FA12DF-4357-496E-AE68-40FD4868DE48}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe |
"UDP Query User{4CAAE094-8D36-44E9-BEF3-E944FDBB0D15}C:\programdata\battle.net\agent\agent.1637\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"UDP Query User{5A813648-FA07-401D-9DA5-310E1D5AEFC8}C:\program files (x86)\starcraft ii\versions\base23260\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base23260\sc2.exe |
"UDP Query User{5F4EA89A-15CA-4763-BE57-8770485A10EF}C:\program files (x86)\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe |
"UDP Query User{652FDF58-5100-45C9-AE57-CAF53FC52CD0}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe |
"UDP Query User{6A6C1ED7-3925-47EC-8D23-4C4C51EB5F39}C:\program files (x86)\sc2\starcraft ii\versions\base24944\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sc2\starcraft ii\versions\base24944\sc2.exe |
"UDP Query User{8CD93CB0-B5F6-4E8B-9D24-528E994FA096}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe |
"UDP Query User{A705EFAA-989A-43F9-BDDD-D71D37A1E965}C:\program files (x86)\sc2\starcraft ii\versions\base23260\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sc2\starcraft ii\versions\base23260\sc2.exe |
"UDP Query User{F77B2183-6232-44D4-BF98-F9BF38DFF6EA}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe" = protocol=17 | dir=in | app=c:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe |
"UDP Query User{FCC72665-1F1B-4D4F-9365-BAFDBE158299}C:\program files (x86)\steam\steamapps\common\bloodline champions\binary\bloodlinechampions.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bloodline champions\binary\bloodlinechampions.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{2128559D-BBCD-4744-87F0-7C0CD5CFB464}" = Windows Live Family Safety
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}" = Logitech GamePanel Software 3.06.109
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Creative VF0330" = Creative WebCam Vista/Live! Cam Chat (VF0330) Driver (1.12.01.00)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VLC media player" = VLC media player 2.0.5
"WinRAR archiver" = WinRAR 4.11 (64-Bit)
"ZonerPhotoStudio13_DE_is1" = Zoner Photo Studio 13
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07300F01-89CA-4CF8-92BD-2A605EB83C95}" = EasySaver B9.1214.1
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}" = Razer Synapse 2.0
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}" = Google Earth Plug-in
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Configurer
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.1209.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{520C1D80-935C-42B9-9340-E883849D804F}_is1" = DriverTuner 3.1.0.0
"{5B4383F2-37EE-4E97-AD81-F5FF76F286DA}" = OutlookAddInNet3Setup
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{64029508-2587-4D39-AB83-2AC722FBFCC2}" = XSplit
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}" = FIFA 13
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B26438B4-BF51-49C3-9567-7F14A5E40CB9}" = Dolby Home Theater v4
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"Camfrog 6.4" = Camfrog Video Chat 6.4
"Cross Fire_is1" = Cross Fire En
"dm-Fotowelt" = dm-Fotowelt
"Dr. Hardware 2013_is1" = Dr. Hardware 2013 13.0d
"ESN Sonar-0.70.4" = ESN Sonar
"Fraps" = Fraps (remove only)
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.37.1212
"Google Chrome" = Google Chrome
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.1209.1
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Origin" = Origin
"PokerStars.eu" = PokerStars.eu
"PunkBusterSvc" = PunkBuster Services
"Scribus 1.4.2" = Scribus 1.4.2
"StarCraft II" = StarCraft II
"Steam App 203850" = Microsoft Flight
"Steam App 205790" = Dota 2 Test
"Steam App 219870" = Football Superstars
"Steam App 240" = Counter-Strike: Source
"Steam App 570" = Dota 2
"Steam App 6370" = Bloodline Champions
"Streamripper" = Streamripper (Remove only)
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"World of Warcraft" = World of Warcraft
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"e29bec631eff6625" = ZygorDDL
"MyFreeCodec" = MyFreeCodec
"Spotify" = Spotify
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 20.04.2013 08:22:46 | Computer Name = Agando_HP_PC | Source = WinMgmt | ID = 10
Description =
 
Error - 20.04.2013 17:00:23 | Computer Name = Agando_HP_PC | Source = WinMgmt | ID = 10
Description =
 
Error - 20.04.2013 20:30:09 | Computer Name = Agando_HP_PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\SplitMediaLabs\XSplit\XSplitBroadcasterSrc.exe".  Die abhängige Assemblierung
 "Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0"" konnte nicht gefunden
 werden.  Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
 
Error - 20.04.2013 20:31:55 | Computer Name = Agando_HP_PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\Steam\steamapps\common\football superstars\DevWidgetsR_msvcrt.dll". Fehler
 in Manifest- oder Richtliniendatei "c:\program files (x86)\Steam\steamapps\common\football
 superstars\Microsoft.VC90.CRT.MANIFEST" in Zeile  4.  Die im Manifest gefundene Komponenten-ID
 stimmt nicht mit der ID der angeforderten Komponente überein.  Verweis: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.4148".
Definition:
 Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Verwenden
 Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
Error - 21.04.2013 00:22:07 | Computer Name = Agando_HP_PC | Source = WinMgmt | ID = 10
Description =
 
Error - 21.04.2013 08:25:41 | Computer Name = Agando_HP_PC | Source = WinMgmt | ID = 10
Description =
 
Error - 21.04.2013 15:16:19 | Computer Name = Agando_HP_PC | Source = WinMgmt | ID = 10
Description =
 
Error - 22.04.2013 00:43:04 | Computer Name = Agando_HP_PC | Source = WinMgmt | ID = 10
Description =
 
Error - 22.04.2013 08:02:57 | Computer Name = Agando_HP_PC | Source = WinMgmt | ID = 10
Description =
 
Error - 22.04.2013 13:49:47 | Computer Name = Agando_HP_PC | Source = WinMgmt | ID = 10
Description =
 
[ System Events ]
Error - 11.04.2013 15:16:34 | Computer Name = Agando_HP_PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%1069
 
Error - 11.04.2013 23:05:14 | Computer Name = Agando_HP_PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:  %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 11.04.2013 23:05:14 | Computer Name = Agando_HP_PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%1069
 
Error - 12.04.2013 08:06:18 | Computer Name = Agando_HP_PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:  %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 12.04.2013 08:06:18 | Computer Name = Agando_HP_PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%1069
 
Error - 12.04.2013 19:19:25 | Computer Name = Agando_HP_PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:  %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 12.04.2013 19:19:25 | Computer Name = Agando_HP_PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%1069
 
Error - 13.04.2013 00:52:07 | Computer Name = Agando_HP_PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:  %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 13.04.2013 00:52:07 | Computer Name = Agando_HP_PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%1069
 
Error - 18.04.2013 15:01:31 | Computer Name = Agando_HP_PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?18.?04.?2013 um 20:59:08 unerwartet heruntergefahren.
 
 
< End of report >

cosinus 22.04.2013 21:34
Rootkitscan mit GMER

Bitte lade dir GMER Rootkit Scanner GMER herunter: (Dateiname zufällig)
  • Schließe alle anderen Programme, deaktiviere deinen Virenscanner und trenne den Rechner vom Internet bevor du GMER startest.
  • Sollte sich nach dem Start ein Fenster mit folgender Warnung öffnen:
    WARNING !!!
    GMER has found system modification, which might have been caused by ROOTKIT activity.
    Do you want to fully scan your system ?
    Unbedingt auf "No" klicken.
  • Entferne rechts den Haken bei: IAT/EAT und Show All
  • Setze den Haken bei Quickscan und entferne ihn bei allen anderen Laufwerken.
  • Starte den Scan mit "Scan".
  • Mache nichts am Computer während der Scan läuft.
  • Wenn der Scan fertig ist klicke auf Save und speichere die Logfile unter Gmer.txt auf deinem Desktop. Mit "Ok" wird GMER beendet.
Antiviren-Programm und sonstige Scanner wieder einschalten, bevor Du ins Netz gehst!


Tauchen Probleme auf?
  • Probiere alternativ den abgesicherten Modus.
  • Erhältst du einen Bluescreen, dann entferne den Haken vor Devices.


Anschließend bitte MBAR ausführen:

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Schicka 22.04.2013 22:52
war zu lang,musste es anhängen.

Schicka 22.04.2013 22:53
Code:
Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org

Database version: v2013.03.22.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Agando :: AGANDO_HP_PC [administrator]

22.04.2013 23:31:17
mbar-log-2013-04-22 (23-31-17).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 30660
Time elapsed: 8 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

cosinus 23.04.2013 00:29
aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).




TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Schicka 27.08.2013 21:02
Nachdem ich den Anbieter gewechselt und somit auch ein anderen Router hatte,war das Problem weg.
Nun nachdem ich einige uncoole Seiten besucht habe,habe ich oben beschriebenes Problem wieder ! Ich könnt heulen.

Code:
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-08-27 21:47:20
-----------------------------
21:47:20.591    OS Version: Windows x64 6.1.7601 Service Pack 1
21:47:20.591    Number of processors: 8 586 0x102
21:47:20.593    ComputerName: AGANDO_HP_PC  UserName: Agando
21:47:31.382    Initialize success
21:47:32.736    AVAST engine defs: 13082700
21:48:05.786    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000071
21:48:05.790    Disk 0 Vendor: WDC_WD10 01.0 Size: 953869MB BusType: 11
21:48:05.989    Disk 0 MBR read successfully
21:48:05.991    Disk 0 MBR scan
21:48:05.994    Disk 0 Windows 7 default MBR code
21:48:06.005    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
21:48:06.043    Disk 0 Partition 2 00    07    HPFS/NTFS NTFS      953767 MB offset 206848
21:48:06.068    Disk 0 scanning C:\Windows\system32\drivers
21:48:31.968    Service scanning
21:49:03.957    Modules scanning
21:49:03.962    Disk 0 trace - called modules:
21:49:03.980    ntoskrnl.exe CLASSPNP.SYS disk.sys amdxata.sys storport.sys hal.dll amdsata.sys
21:49:03.983    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007a1c790]
21:49:04.310    3 CLASSPNP.SYS[fffff8800145143f] -> nt!IofCallDriver -> [0xfffffa80077df4c0]
21:49:04.314    5 amdxata.sys[fffff880010f37a8] -> nt!IofCallDriver -> \Device\00000071[0xfffffa80077d66a0]
21:49:06.231    AVAST engine scan C:\Windows
21:49:10.316    AVAST engine scan C:\Windows\system32
21:51:33.511    AVAST engine scan C:\Windows\system32\drivers
21:51:42.547    AVAST engine scan C:\Users\Agando
21:53:01.184    Disk 0 MBR has been saved successfully to "C:\Users\Agando\Desktop\MBR.dat"
21:53:01.188    The log file has been saved successfully to "C:\Users\Agando\Desktop\aswMBR2.txt"
Code:
21:58:46.0900 7208  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:58:47.0101 7208  ============================================================
21:58:47.0101 7208  Current date / time: 2013/08/27 21:58:47.0101
21:58:47.0101 7208  SystemInfo:
21:58:47.0101 7208 
21:58:47.0101 7208  OS Version: 6.1.7601 ServicePack: 1.0
21:58:47.0101 7208  Product type: Workstation
21:58:47.0102 7208  ComputerName: AGANDO_HP_PC
21:58:47.0102 7208  UserName: Agando
21:58:47.0102 7208  Windows directory: C:\Windows
21:58:47.0102 7208  System windows directory: C:\Windows
21:58:47.0102 7208  Running under WOW64
21:58:47.0102 7208  Processor architecture: Intel x64
21:58:47.0102 7208  Number of processors: 8
21:58:47.0102 7208  Page size: 0x1000
21:58:47.0102 7208  Boot type: Normal boot
21:58:47.0102 7208  ============================================================
21:58:48.0873 7208  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:58:48.0900 7208  ============================================================
21:58:48.0900 7208  \Device\Harddisk0\DR0:
21:58:48.0900 7208  MBR partitions:
21:58:48.0900 7208  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:58:48.0900 7208  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
21:58:48.0900 7208  ============================================================
21:58:48.0938 7208  C: <-> \Device\Harddisk0\DR0\Partition2
21:58:48.0939 7208  ============================================================
21:58:48.0939 7208  Initialize success
21:58:48.0939 7208  ============================================================
21:59:13.0030 4864  ============================================================
21:59:13.0030 4864  Scan started
21:59:13.0030 4864  Mode: Manual; SigCheck; TDLFS;
21:59:13.0030 4864  ============================================================
21:59:13.0846 4864  ================ Scan system memory ========================
21:59:13.0846 4864  System memory - ok
21:59:13.0847 4864  ================ Scan services =============================
21:59:13.0966 4864  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
21:59:14.0229 4864  1394ohci - ok
21:59:14.0259 4864  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:59:14.0368 4864  ACPI - ok
21:59:14.0387 4864  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
21:59:14.0542 4864  AcpiPmi - ok
21:59:14.0632 4864  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:59:14.0784 4864  AdobeARMservice - ok
21:59:14.0872 4864  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:59:15.0073 4864  AdobeFlashPlayerUpdateSvc - ok
21:59:15.0090 4864  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx        C:\Windows\system32\drivers\adp94xx.sys
21:59:15.0214 4864  adp94xx - ok
21:59:15.0234 4864  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci        C:\Windows\system32\drivers\adpahci.sys
21:59:15.0766 4864  adpahci - ok
21:59:15.0790 4864  [ E109549C90F62FB570B9540C4B148E54 ] adpu320        C:\Windows\system32\drivers\adpu320.sys
21:59:15.0943 4864  adpu320 - ok
21:59:15.0974 4864  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
21:59:16.0150 4864  AeLookupSvc - ok
21:59:16.0187 4864  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD            C:\Windows\system32\drivers\afd.sys
21:59:16.0332 4864  AFD - ok
21:59:16.0353 4864  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
21:59:16.0498 4864  agp440 - ok
21:59:16.0519 4864  [ 3290D6946B5E30E70414990574883DDB ] ALG            C:\Windows\System32\alg.exe
21:59:16.0710 4864  ALG - ok
21:59:16.0719 4864  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:59:16.0816 4864  aliide - ok
21:59:16.0908 4864  ALSysIO - ok
21:59:16.0934 4864  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
21:59:17.0100 4864  amdide - ok
21:59:17.0120 4864  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8          C:\Windows\system32\drivers\amdk8.sys
21:59:17.0261 4864  AmdK8 - ok
21:59:17.0278 4864  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
21:59:17.0420 4864  AmdPPM - ok
21:59:17.0425 4864  [ 53D8D46D51D390ABDB54ECA623165CB7 ] amdsata        C:\Windows\system32\DRIVERS\amdsata.sys
21:59:17.0559 4864  amdsata - ok
21:59:17.0583 4864  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
21:59:17.0734 4864  amdsbs - ok
21:59:17.0750 4864  [ 75C51148154E34EB3D7BB84749A758D5 ] amdxata        C:\Windows\system32\drivers\amdxata.sys
21:59:17.0859 4864  amdxata - ok
21:59:17.0929 4864  [ B934322C68C30DCECA96C0274A51F7B0 ] AODDriver      C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys
21:59:18.0074 4864  AODDriver - ok
21:59:18.0091 4864  [ 89A69C3F2F319B43379399547526D952 ] AppID          C:\Windows\system32\drivers\appid.sys
21:59:18.0320 4864  AppID - ok
21:59:18.0333 4864  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:59:18.0486 4864  AppIDSvc - ok
21:59:18.0533 4864  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo        C:\Windows\System32\appinfo.dll
21:59:18.0656 4864  Appinfo - ok
21:59:18.0770 4864  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:59:19.0007 4864  Apple Mobile Device - ok
21:59:19.0017 4864  [ C484F8CEB1717C540242531DB7845C4E ] arc            C:\Windows\system32\drivers\arc.sys
21:59:19.0147 4864  arc - ok
21:59:19.0160 4864  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:59:19.0306 4864  arcsas - ok
21:59:19.0395 4864  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:59:19.0524 4864  aspnet_state - ok
21:59:19.0562 4864  [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
21:59:19.0688 4864  aswFsBlk - ok
21:59:19.0716 4864  [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt      C:\Windows\system32\drivers\aswMonFlt.sys
21:59:19.0854 4864  aswMonFlt - ok
21:59:19.0867 4864  [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
21:59:19.0978 4864  aswRdr - ok
21:59:20.0013 4864  [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt        C:\Windows\system32\drivers\aswRvrt.sys
21:59:20.0131 4864  aswRvrt - ok
21:59:20.0155 4864  [ 8C0800CDB501CFC1164B286A0478DC10 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
21:59:20.0335 4864  aswSnx - ok
21:59:20.0358 4864  [ 3815DB16CDA62190F5C0A65118F3D714 ] aswSP          C:\Windows\system32\drivers\aswSP.sys
21:59:20.0533 4864  aswSP - ok
21:59:20.0570 4864  [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
21:59:20.0702 4864  aswTdi - ok
21:59:20.0803 4864  [ 22F521108881DC59837F6FC614E0568F ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
21:59:21.0078 4864  aswVmm - ok
21:59:21.0098 4864  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:59:21.0300 4864  AsyncMac - ok
21:59:21.0334 4864  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi          C:\Windows\system32\drivers\atapi.sys
21:59:21.0494 4864  atapi - ok
21:59:21.0526 4864  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:59:21.0754 4864  AudioEndpointBuilder - ok
21:59:21.0763 4864  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:59:21.0984 4864  AudioSrv - ok
21:59:22.0104 4864  [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:59:22.0332 4864  avast! Antivirus - ok
21:59:22.0345 4864  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:59:22.0568 4864  AxInstSV - ok
21:59:22.0581 4864  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv        C:\Windows\system32\drivers\bxvbda.sys
21:59:22.0817 4864  b06bdrv - ok
21:59:22.0845 4864  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:59:23.0051 4864  b57nd60a - ok
21:59:23.0083 4864  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:59:23.0230 4864  BDESVC - ok
21:59:23.0244 4864  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:59:23.0426 4864  Beep - ok
21:59:23.0455 4864  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE            C:\Windows\System32\bfe.dll
21:59:23.0627 4864  BFE - ok
21:59:23.0660 4864  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
21:59:23.0907 4864  BITS - ok
21:59:23.0922 4864  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:59:24.0172 4864  blbdrive - ok
21:59:24.0238 4864  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:59:24.0396 4864  Bonjour Service - ok
21:59:24.0431 4864  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:59:24.0608 4864  bowser - ok
21:59:24.0623 4864  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
21:59:24.0793 4864  BrFiltLo - ok
21:59:24.0807 4864  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
21:59:24.0993 4864  BrFiltUp - ok
21:59:25.0040 4864  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser        C:\Windows\System32\browser.dll
21:59:25.0227 4864  Browser - ok
21:59:25.0247 4864  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
21:59:25.0447 4864  Brserid - ok
21:59:25.0469 4864  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:59:25.0610 4864  BrSerWdm - ok
21:59:25.0634 4864  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:59:25.0790 4864  BrUsbMdm - ok
21:59:25.0804 4864  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:59:25.0931 4864  BrUsbSer - ok
21:59:25.0942 4864  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:59:26.0177 4864  BTHMODEM - ok
21:59:26.0231 4864  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv        C:\Windows\system32\bthserv.dll
21:59:26.0412 4864  bthserv - ok
21:59:26.0429 4864  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:59:26.0610 4864  cdfs - ok
21:59:26.0641 4864  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
21:59:26.0792 4864  cdrom - ok
21:59:26.0802 4864  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc    C:\Windows\System32\certprop.dll
21:59:27.0107 4864  CertPropSvc - ok
21:59:27.0126 4864  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
21:59:27.0282 4864  circlass - ok
21:59:27.0294 4864  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
21:59:27.0441 4864  CLFS - ok
21:59:27.0502 4864  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:59:27.0660 4864  clr_optimization_v2.0.50727_32 - ok
21:59:27.0714 4864  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:59:27.0857 4864  clr_optimization_v2.0.50727_64 - ok
21:59:27.0927 4864  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:59:28.0137 4864  clr_optimization_v4.0.30319_32 - ok
21:59:28.0154 4864  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:59:28.0302 4864  clr_optimization_v4.0.30319_64 - ok
21:59:28.0318 4864  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
21:59:28.0488 4864  CmBatt - ok
21:59:28.0515 4864  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:59:28.0718 4864  cmdide - ok
21:59:28.0764 4864  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG            C:\Windows\system32\Drivers\cng.sys
21:59:29.0007 4864  CNG - ok
21:59:29.0022 4864  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
21:59:29.0214 4864  Compbatt - ok
21:59:29.0226 4864  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
21:59:29.0386 4864  CompositeBus - ok
21:59:29.0390 4864  COMSysApp - ok
21:59:29.0418 4864  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk        C:\Windows\system32\drivers\crcdisk.sys
21:59:29.0585 4864  crcdisk - ok
21:59:29.0650 4864  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:59:29.0830 4864  CryptSvc - ok
21:59:29.0926 4864  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
21:59:30.0080 4864  cvhsvc - ok
21:59:30.0115 4864  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:59:30.0330 4864  DcomLaunch - ok
21:59:30.0359 4864  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc      C:\Windows\System32\defragsvc.dll
21:59:30.0570 4864  defragsvc - ok
21:59:30.0582 4864  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:59:30.0875 4864  DfsC - ok
21:59:30.0904 4864  [ DEF365F0F6E017888C4B869D3BA4B8E0 ] dgderdrv        C:\Windows\system32\drivers\dgderdrv.sys
21:59:31.0043 4864  dgderdrv - ok
21:59:31.0070 4864  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:59:31.0256 4864  Dhcp - ok
21:59:31.0264 4864  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
21:59:31.0420 4864  discache - ok
21:59:31.0442 4864  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
21:59:31.0579 4864  Disk - ok
21:59:31.0623 4864  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:59:31.0868 4864  Dnscache - ok
21:59:31.0882 4864  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc        C:\Windows\System32\dot3svc.dll
21:59:32.0100 4864  dot3svc - ok
21:59:32.0125 4864  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS            C:\Windows\system32\dps.dll
21:59:32.0374 4864  DPS - ok
21:59:32.0434 4864  [ 8D204535D6E0727DF89AF6D962A36359 ] DRHARD64        C:\Windows\system32\drivers\DRHARD64.sys
21:59:32.0566 4864  DRHARD64 - ok
21:59:32.0589 4864  [ 127332B4B278F0ABDDB9B74BA8F82D5E ] DRHMSR64        C:\Windows\system32\drivers\DRHMSR64.sys
21:59:32.0731 4864  DRHMSR64 - ok
21:59:32.0767 4864  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
21:59:32.0991 4864  drmkaud - ok
21:59:33.0147 4864  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
21:59:33.0291 4864  DXGKrnl - ok
21:59:33.0317 4864  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost        C:\Windows\System32\eapsvc.dll
21:59:33.0503 4864  EapHost - ok
21:59:33.0559 4864  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv          C:\Windows\system32\drivers\evbda.sys
21:59:33.0809 4864  ebdrv - ok
21:59:33.0834 4864  [ C118A82CD78818C29AB228366EBF81C3 ] EFS            C:\Windows\System32\lsass.exe
21:59:34.0074 4864  EFS - ok
21:59:34.0120 4864  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
21:59:34.0335 4864  ehRecvr - ok
21:59:34.0362 4864  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched        C:\Windows\ehome\ehsched.exe
21:59:34.0505 4864  ehSched - ok
21:59:34.0525 4864  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor        C:\Windows\system32\drivers\elxstor.sys
21:59:34.0652 4864  elxstor - ok
21:59:34.0670 4864  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:59:34.0816 4864  ErrDev - ok
21:59:34.0854 4864  [ B8FA96995726D1FA58476E352C02AD82 ] ES lite Service C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
21:59:35.0091 4864  ES lite Service - ok
21:59:35.0106 4864  [ 84486624268E078255BC7AA47F0960BC ] etdrv          C:\Windows\etdrv.sys
21:59:35.0259 4864  etdrv - ok
21:59:35.0280 4864  [ DB6AEC32FAF5BD002D9ED6C38692D42B ] EtronHub3      C:\Windows\system32\Drivers\EtronHub3.sys
21:59:35.0422 4864  EtronHub3 - ok
21:59:35.0443 4864  [ 9CC2F24274741E12F9DF92125EA6D6D8 ] EtronXHCI      C:\Windows\system32\Drivers\EtronXHCI.sys
21:59:35.0621 4864  EtronXHCI - ok
21:59:35.0643 4864  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem    C:\Windows\system32\es.dll
21:59:35.0841 4864  EventSystem - ok
21:59:35.0870 4864  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat          C:\Windows\system32\drivers\exfat.sys
21:59:36.0036 4864  exfat - ok
21:59:36.0241 4864  [ 36A1B6F894F6B3638B12EB8AB4431271 ] F-Secure Gatekeeper C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys
21:59:36.0581 4864  F-Secure Gatekeeper - ok
21:59:36.0713 4864  [ DC62588A2EE14D534B1AE60AEDF6282D ] F-Secure HIPS  C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\HIPS\drivers\fshs.sys
21:59:36.0868 4864  F-Secure HIPS - ok
21:59:36.0876 4864  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat        C:\Windows\system32\drivers\fastfat.sys
21:59:37.0083 4864  fastfat - ok
21:59:37.0129 4864  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax            C:\Windows\system32\fxssvc.exe
21:59:37.0344 4864  Fax - ok
21:59:37.0372 4864  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc            C:\Windows\system32\drivers\fdc.sys
21:59:37.0507 4864  fdc - ok
21:59:37.0516 4864  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost        C:\Windows\system32\fdPHost.dll
21:59:37.0658 4864  fdPHost - ok
21:59:37.0704 4864  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:59:37.0851 4864  FDResPub - ok
21:59:37.0855 4864  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:59:38.0005 4864  FileInfo - ok
21:59:38.0018 4864  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
21:59:38.0192 4864  Filetrace - ok
21:59:38.0195 4864  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
21:59:38.0348 4864  flpydisk - ok
21:59:38.0367 4864  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:59:38.0510 4864  FltMgr - ok
21:59:38.0564 4864  [ C4C183E6551084039EC862DA1C945E3D ] FontCache      C:\Windows\system32\FntCache.dll
21:59:38.0713 4864  FontCache - ok
21:59:38.0749 4864  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:59:38.0849 4864  FontCache3.0.0.0 - ok
21:59:38.0903 4864  [ F59F2C574AA5D84477EB89F87C938F16 ] fsbts          C:\Windows\system32\Drivers\fsbts.sys
21:59:39.0045 4864  fsbts - ok
21:59:39.0069 4864  [ D43703496149971890703B4B1B723EAC ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
21:59:39.0198 4864  FsDepends - ok
21:59:39.0247 4864  [ A876BA917EBD9E629CFD344EEBE240AD ] fshoster        C:\Program Files (x86)\Kabel BW\fshoster32.exe
21:59:39.0389 4864  fshoster - ok
21:59:39.0485 4864  [ F014EC4D8DAF812A5ECB5F667AD6E59C ] FSMA            C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSMA32.EXE
21:59:39.0679 4864  FSMA - ok
21:59:39.0744 4864  [ 4C19B29A6C8736B011AEABB4CEF74862 ] fsni            C:\Program Files (x86)\Kabel BW\apps\CCF_Scanning\fsni64.sys
21:59:39.0925 4864  fsni - ok
21:59:39.0955 4864  [ 45303CDBC1FD8F8D371E726BF126F771 ] FSORSPClient    C:\Program Files (x86)\Kabel BW\apps\CCF_Reputation\fsorsp.exe
21:59:40.0119 4864  FSORSPClient - ok
21:59:40.0192 4864  [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr        C:\Windows\system32\DRIVERS\fssfltr.sys
21:59:40.0328 4864  fssfltr - ok
21:59:40.0405 4864  [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
21:59:40.0664 4864  fsssvc - ok
21:59:40.0737 4864  [ DDEE99DC54EFA20BD5A442CD733C4462 ] FsUsbExDisk    C:\Windows\SysWOW64\FsUsbExDisk.SYS
21:59:41.0049 4864  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
21:59:41.0050 4864  FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
21:59:41.0081 4864  [ 695E2F0F1BA5DD81E112F8E07134CC8E ] fsvista        C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys
21:59:41.0206 4864  fsvista - ok
21:59:41.0248 4864  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:59:41.0373 4864  Fs_Rec - ok
21:59:41.0430 4864  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:59:41.0561 4864  fvevol - ok
21:59:41.0580 4864  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:59:41.0712 4864  gagp30kx - ok
21:59:41.0799 4864  [ 7907E14F9BCF3A4689C9A74A1A873CB6 ] gdrv            C:\Windows\gdrv.sys
21:59:42.0053 4864  gdrv - ok
21:59:42.0076 4864  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM    C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:59:42.0215 4864  GEARAspiWDM - ok
21:59:42.0247 4864  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc          C:\Windows\System32\gpsvc.dll
21:59:42.0403 4864  gpsvc - ok
21:59:42.0475 4864  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:59:42.0631 4864  gupdate - ok
21:59:42.0634 4864  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:59:42.0798 4864  gupdatem - ok
21:59:42.0841 4864  [ 8126331FBD4ED29EB3B356F9C905064D ] GVTDrv64        C:\Windows\GVTDrv64.sys
21:59:42.0986 4864  GVTDrv64 - ok
21:59:43.0009 4864  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:59:43.0223 4864  hcw85cir - ok
21:59:43.0255 4864  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:59:43.0411 4864  HdAudAddService - ok
21:59:43.0431 4864  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:59:43.0593 4864  HDAudBus - ok
21:59:43.0628 4864  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt        C:\Windows\system32\drivers\HidBatt.sys
21:59:43.0766 4864  HidBatt - ok
21:59:43.0780 4864  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:59:43.0892 4864  HidBth - ok
21:59:43.0921 4864  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr          C:\Windows\system32\drivers\hidir.sys
21:59:44.0095 4864  HidIr - ok
21:59:44.0100 4864  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv        C:\Windows\system32\hidserv.dll
21:59:44.0268 4864  hidserv - ok
21:59:44.0302 4864  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:59:44.0427 4864  HidUsb - ok
21:59:44.0443 4864  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:59:44.0613 4864  hkmsvc - ok
21:59:44.0655 4864  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:59:44.0779 4864  HomeGroupListener - ok
21:59:44.0798 4864  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:59:45.0027 4864  HomeGroupProvider - ok
21:59:45.0056 4864  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:59:45.0198 4864  HpSAMD - ok
21:59:45.0238 4864  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:59:45.0424 4864  HTTP - ok
21:59:45.0445 4864  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:59:45.0602 4864  hwpolicy - ok
21:59:45.0607 4864  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
21:59:45.0712 4864  i8042prt - ok
21:59:45.0749 4864  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
21:59:45.0913 4864  iaStorV - ok
21:59:45.0954 4864  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:59:46.0216 4864  IDriverT ( UnsignedFile.Multi.Generic ) - warning
21:59:46.0216 4864  IDriverT - detected UnsignedFile.Multi.Generic (1)
21:59:46.0255 4864  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:59:46.0410 4864  idsvc - ok
21:59:46.0427 4864  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp          C:\Windows\system32\drivers\iirsp.sys
21:59:46.0593 4864  iirsp - ok
21:59:46.0619 4864  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
21:59:46.0861 4864  IKEEXT - ok
21:59:46.0952 4864  [ 4BBB5A55EEB5EC11B20FCBB4CBB49357 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:59:47.0485 4864  IntcAzAudAddService - ok
21:59:47.0511 4864  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
21:59:47.0712 4864  intelide - ok
21:59:47.0736 4864  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
21:59:47.0867 4864  intelppm - ok
21:59:47.0889 4864  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
21:59:48.0021 4864  IPBusEnum - ok
21:59:48.0025 4864  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:59:48.0177 4864  IpFilterDriver - ok
21:59:48.0220 4864  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:59:48.0355 4864  iphlpsvc - ok
21:59:48.0359 4864  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
21:59:48.0532 4864  IPMIDRV - ok
21:59:48.0557 4864  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
21:59:48.0722 4864  IPNAT - ok
21:59:48.0795 4864  [ 78486992AC657AE5065C4A2135838570 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:59:49.0055 4864  iPod Service - ok
21:59:49.0100 4864  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:59:49.0245 4864  IRENUM - ok
21:59:49.0263 4864  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:59:49.0428 4864  isapnp - ok
21:59:49.0447 4864  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:59:49.0605 4864  iScsiPrt - ok
21:59:49.0656 4864  [ 0D2DA1C6D8ED85F51E3758EAE22455F2 ] JMB36X          C:\Windows\SysWOW64\XSrvSetup.exe
21:59:49.0815 4864  JMB36X - ok
21:59:49.0843 4864  [ C0D9BA660A41EE8A269EF804E6CD0D7B ] JRAID          C:\Windows\system32\DRIVERS\jraid.sys
21:59:49.0981 4864  JRAID - ok
21:59:50.0006 4864  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:59:50.0149 4864  kbdclass - ok
21:59:50.0162 4864  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:59:50.0313 4864  kbdhid - ok
21:59:50.0345 4864  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
21:59:50.0464 4864  KeyIso - ok
21:59:50.0504 4864  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:59:50.0622 4864  KSecDD - ok
21:59:50.0640 4864  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
21:59:50.0776 4864  KSecPkg - ok
21:59:50.0794 4864  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
21:59:50.0972 4864  ksthunk - ok
21:59:51.0003 4864  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm          C:\Windows\system32\msdtckrm.dll
21:59:51.0164 4864  KtmRm - ok
21:59:51.0203 4864  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:59:51.0382 4864  LanmanServer - ok
21:59:51.0390 4864  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:59:51.0565 4864  LanmanWorkstation - ok
21:59:51.0626 4864  [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum      C:\Windows\system32\drivers\LGBusEnum.sys
21:59:51.0744 4864  LGBusEnum - ok
21:59:51.0759 4864  [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
21:59:51.0865 4864  LGVirHid - ok
21:59:51.0868 4864  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:59:52.0026 4864  lltdio - ok
21:59:52.0056 4864  [ C1185803384AB3FEED115F79F109427F ] lltdsvc        C:\Windows\System32\lltdsvc.dll
21:59:52.0187 4864  lltdsvc - ok
21:59:52.0220 4864  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts        C:\Windows\System32\lmhsvc.dll
21:59:52.0439 4864  lmhosts - ok
21:59:52.0521 4864  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:59:52.0636 4864  LSI_FC - ok
21:59:52.0640 4864  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS        C:\Windows\system32\drivers\lsi_sas.sys
21:59:52.0758 4864  LSI_SAS - ok
21:59:52.0772 4864  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
21:59:52.0900 4864  LSI_SAS2 - ok
21:59:52.0918 4864  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:59:53.0065 4864  LSI_SCSI - ok
21:59:53.0089 4864  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv          C:\Windows\system32\drivers\luafv.sys
21:59:53.0298 4864  luafv - ok
21:59:53.0348 4864  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector  C:\Windows\system32\drivers\mbam.sys
21:59:53.0456 4864  MBAMProtector - ok
21:59:53.0533 4864  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:59:53.0706 4864  MBAMScheduler - ok
21:59:53.0725 4864  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
21:59:53.0872 4864  MBAMService - ok
21:59:53.0893 4864  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
21:59:54.0003 4864  Mcx2Svc - ok
21:59:54.0019 4864  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas        C:\Windows\system32\drivers\megasas.sys
21:59:54.0110 4864  megasas - ok
21:59:54.0122 4864  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
21:59:54.0270 4864  MegaSR - ok
21:59:54.0295 4864  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS          C:\Windows\system32\mmcss.dll
21:59:54.0459 4864  MMCSS - ok
21:59:54.0483 4864  [ 800BA92F7010378B09F9ED9270F07137 ] Modem          C:\Windows\system32\drivers\modem.sys
21:59:54.0619 4864  Modem - ok
21:59:54.0644 4864  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
21:59:54.0794 4864  monitor - ok
21:59:54.0817 4864  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:59:55.0000 4864  mouclass - ok
21:59:55.0013 4864  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:59:55.0165 4864  mouhid - ok
21:59:55.0196 4864  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:59:55.0341 4864  mountmgr - ok
21:59:55.0380 4864  [ A35576A433F4AEB0D48976A004657CB6 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:59:55.0563 4864  MozillaMaintenance - ok
21:59:55.0580 4864  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:59:55.0729 4864  mpio - ok
21:59:55.0740 4864  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:59:55.0853 4864  mpsdrv - ok
21:59:55.0875 4864  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:59:56.0028 4864  MpsSvc - ok
21:59:56.0054 4864  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:59:56.0227 4864  MRxDAV - ok
21:59:56.0272 4864  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:59:56.0401 4864  mrxsmb - ok
21:59:56.0415 4864  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:59:56.0564 4864  mrxsmb10 - ok
21:59:56.0600 4864  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:59:56.0763 4864  mrxsmb20 - ok
21:59:56.0779 4864  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:59:56.0978 4864  msahci - ok
21:59:56.0993 4864  [ DB801A638D011B9633829EB6F663C900 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
21:59:57.0139 4864  msdsm - ok
21:59:57.0156 4864  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC          C:\Windows\System32\msdtc.exe
21:59:57.0300 4864  MSDTC - ok
21:59:57.0323 4864  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:59:57.0496 4864  Msfs - ok
21:59:57.0536 4864  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
21:59:57.0690 4864  mshidkmdf - ok
21:59:57.0704 4864  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:59:57.0853 4864  msisadrv - ok
21:59:57.0896 4864  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
21:59:58.0079 4864  MSiSCSI - ok
21:59:58.0083 4864  msiserver - ok
21:59:58.0104 4864  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
21:59:58.0292 4864  MSKSSRV - ok
21:59:58.0327 4864  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:59:58.0526 4864  MSPCLOCK - ok
21:59:58.0530 4864  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
21:59:58.0734 4864  MSPQM - ok
21:59:58.0760 4864  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
21:59:58.0946 4864  MsRPC - ok
21:59:58.0971 4864  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:59:59.0147 4864  mssmbios - ok
21:59:59.0164 4864  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
21:59:59.0337 4864  MSTEE - ok
21:59:59.0352 4864  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
21:59:59.0528 4864  MTConfig - ok
21:59:59.0546 4864  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup            C:\Windows\system32\Drivers\mup.sys
21:59:59.0750 4864  Mup - ok
21:59:59.0770 4864  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
21:59:59.0915 4864  napagent - ok
21:59:59.0942 4864  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
22:00:00.0098 4864  NativeWifiP - ok
22:00:00.0170 4864  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:00:00.0544 4864  NDIS - ok
22:00:00.0584 4864  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
22:00:00.0805 4864  NdisCap - ok
22:00:00.0823 4864  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:00:01.0070 4864  NdisTapi - ok
22:00:01.0085 4864  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
22:00:01.0265 4864  Ndisuio - ok
22:00:01.0281 4864  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
22:00:01.0515 4864  NdisWan - ok
22:00:01.0539 4864  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
22:00:01.0744 4864  NDProxy - ok
22:00:01.0757 4864  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
22:00:01.0968 4864  NetBIOS - ok
22:00:01.0988 4864  [ 09594D1089C523423B32A4229263F068 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
22:00:02.0158 4864  NetBT - ok
22:00:02.0181 4864  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
22:00:02.0308 4864  Netlogon - ok
22:00:02.0332 4864  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
22:00:02.0610 4864  Netman - ok
22:00:02.0941 4864  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:00:03.0169 4864  NetMsmqActivator - ok
22:00:03.0173 4864  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:00:03.0326 4864  NetPipeActivator - ok
22:00:03.0356 4864  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
22:00:03.0582 4864  netprofm - ok
22:00:03.0586 4864  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:00:03.0730 4864  NetTcpActivator - ok
22:00:03.0733 4864  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:00:03.0863 4864  NetTcpPortSharing - ok
22:00:03.0880 4864  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960        C:\Windows\system32\drivers\nfrd960.sys
22:00:04.0014 4864  nfrd960 - ok
22:00:04.0069 4864  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:00:04.0243 4864  NlaSvc - ok
22:00:04.0286 4864  [ 9573223E205907247AE6D948E3453770 ] nmwcdnsux64    C:\Windows\system32\drivers\nmwcdnsux64.sys
22:00:04.0456 4864  nmwcdnsux64 - ok
22:00:04.0473 4864  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:00:04.0617 4864  Npfs - ok
22:00:04.0637 4864  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi            C:\Windows\system32\nsisvc.dll
22:00:04.0684 4864  nsi - ok
22:00:04.0696 4864  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:00:04.0760 4864  nsiproxy - ok
22:00:04.0827 4864  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:00:05.0037 4864  Ntfs - ok
22:00:05.0072 4864  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
22:00:05.0156 4864  Null - ok
22:00:05.0206 4864  [ 8D4AAC74B571FC356560E5B308955E93 ] NVHDA          C:\Windows\system32\drivers\nvhda64v.sys
22:00:05.0247 4864  NVHDA - ok
22:00:05.0492 4864  [ FCBA1C22727939E7CFF9EB08FE9692AB ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:00:06.0007 4864  nvlddmkm - ok
22:00:06.0063 4864  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:00:06.0132 4864  nvraid - ok
22:00:06.0177 4864  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:00:06.0206 4864  nvstor - ok
22:00:06.0276 4864  [ 10C232F6CFFD51D2332898AE7AE0FF23 ] nvsvc          C:\Windows\system32\nvvsvc.exe
22:00:06.0321 4864  nvsvc - ok
22:00:06.0405 4864  [ 4789E020D2617046862D1790FC235FF6 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
22:00:06.0482 4864  nvUpdatusService - ok
22:00:06.0513 4864  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:00:06.0539 4864  nv_agp - ok
22:00:06.0543 4864  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:00:06.0723 4864  ohci1394 - ok
22:00:06.0759 4864  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose            C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:00:06.0810 4864  ose - ok
22:00:06.0924 4864  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc        C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:00:07.0175 4864  osppsvc - ok
22:00:07.0219 4864  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:00:07.0331 4864  p2pimsvc - ok
22:00:07.0364 4864  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
22:00:07.0398 4864  p2psvc - ok
22:00:07.0427 4864  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport        C:\Windows\system32\drivers\parport.sys
22:00:07.0468 4864  Parport - ok
22:00:07.0511 4864  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr        C:\Windows\system32\drivers\partmgr.sys
22:00:07.0536 4864  partmgr - ok
22:00:07.0564 4864  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:00:07.0619 4864  PcaSvc - ok
22:00:07.0640 4864  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci            C:\Windows\system32\drivers\pci.sys
22:00:07.0685 4864  pci - ok
22:00:07.0718 4864  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
22:00:07.0762 4864  pciide - ok
22:00:07.0768 4864  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
22:00:07.0818 4864  pcmcia - ok
22:00:07.0828 4864  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw            C:\Windows\system32\drivers\pcw.sys
22:00:07.0853 4864  pcw - ok
22:00:07.0875 4864  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:00:08.0085 4864  PEAUTH - ok
22:00:08.0194 4864  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:00:08.0392 4864  PerfHost - ok
22:00:08.0439 4864  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla            C:\Windows\system32\pla.dll
22:00:08.0579 4864  pla - ok
22:00:08.0627 4864  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:00:08.0721 4864  PlugPlay - ok
22:00:08.0770 4864  PnkBstrA - ok
22:00:08.0781 4864  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
22:00:08.0839 4864  PNRPAutoReg - ok
22:00:08.0845 4864  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
22:00:08.0876 4864  PNRPsvc - ok
22:00:08.0897 4864  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
22:00:08.0973 4864  PolicyAgent - ok
22:00:09.0017 4864  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power          C:\Windows\system32\umpo.dll
22:00:09.0099 4864  Power - ok
22:00:09.0139 4864  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:00:09.0184 4864  PptpMiniport - ok
22:00:09.0194 4864  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor      C:\Windows\system32\drivers\processr.sys
22:00:09.0219 4864  Processor - ok
22:00:09.0276 4864  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc        C:\Windows\system32\profsvc.dll
22:00:09.0337 4864  ProfSvc - ok
22:00:09.0344 4864  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:00:09.0368 4864  ProtectedStorage - ok
22:00:09.0386 4864  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:00:09.0453 4864  Psched - ok
22:00:09.0500 4864  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
22:00:09.0648 4864  ql2300 - ok
22:00:09.0675 4864  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
22:00:09.0700 4864  ql40xx - ok
22:00:09.0750 4864  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE          C:\Windows\system32\qwave.dll
22:00:09.0785 4864  QWAVE - ok
22:00:09.0816 4864  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:00:09.0868 4864  QWAVEdrv - ok
22:00:09.0879 4864  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:00:09.0929 4864  RasAcd - ok
22:00:09.0937 4864  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
22:00:09.0981 4864  RasAgileVpn - ok
22:00:09.0994 4864  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto        C:\Windows\System32\rasauto.dll
22:00:10.0039 4864  RasAuto - ok
22:00:10.0044 4864  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
22:00:10.0104 4864  Rasl2tp - ok
22:00:10.0132 4864  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
22:00:10.0185 4864  RasMan - ok
22:00:10.0204 4864  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:00:10.0249 4864  RasPppoe - ok
22:00:10.0269 4864  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
22:00:10.0314 4864  RasSstp - ok
22:00:10.0333 4864  [ 77F665941019A1594D887A74F301FA2F ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
22:00:10.0406 4864  rdbss - ok
22:00:10.0433 4864  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
22:00:10.0459 4864  rdpbus - ok
22:00:10.0465 4864  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:00:10.0506 4864  RDPCDD - ok
22:00:10.0526 4864  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:00:10.0587 4864  RDPENCDD - ok
22:00:10.0617 4864  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:00:10.0677 4864  RDPREFMP - ok
22:00:10.0706 4864  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
22:00:10.0809 4864  RDPWD - ok
22:00:10.0826 4864  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:00:10.0855 4864  rdyboost - ok
22:00:10.0878 4864  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:00:10.0923 4864  RemoteAccess - ok
22:00:10.0940 4864  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:00:11.0011 4864  RemoteRegistry - ok
22:00:11.0035 4864  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:00:11.0104 4864  RpcEptMapper - ok
22:00:11.0144 4864  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
22:00:11.0186 4864  RpcLocator - ok
22:00:11.0206 4864  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs          C:\Windows\system32\rpcss.dll
22:00:11.0263 4864  RpcSs - ok
22:00:11.0286 4864  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:00:11.0333 4864  rspndr - ok
22:00:11.0394 4864  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167        C:\Windows\system32\DRIVERS\Rt64win7.sys
22:00:11.0445 4864  RTL8167 - ok
22:00:11.0498 4864  [ 7B276C40AF1D1513B8D644ECFB42A741 ] rzudd          C:\Windows\system32\DRIVERS\rzudd.sys
22:00:11.0530 4864  rzudd - ok
22:00:11.0566 4864  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs          C:\Windows\system32\lsass.exe
22:00:11.0596 4864  SamSs - ok
22:00:11.0610 4864  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:00:11.0636 4864  sbp2port - ok
22:00:11.0653 4864  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:00:11.0702 4864  SCardSvr - ok
22:00:11.0717 4864  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:00:11.0775 4864  scfilter - ok
22:00:11.0800 4864  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
22:00:11.0890 4864  Schedule - ok
22:00:11.0943 4864  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc    C:\Windows\System32\certprop.dll
22:00:11.0990 4864  SCPolicySvc - ok
22:00:12.0004 4864  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:00:12.0065 4864  SDRSVC - ok
22:00:12.0074 4864  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:00:12.0136 4864  secdrv - ok
22:00:12.0169 4864  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
22:00:12.0213 4864  seclogon - ok
22:00:12.0227 4864  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
22:00:12.0296 4864  SENS - ok
22:00:12.0328 4864  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:00:12.0413 4864  SensrSvc - ok
22:00:12.0424 4864  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum        C:\Windows\system32\DRIVERS\serenum.sys
22:00:12.0477 4864  Serenum - ok
22:00:12.0502 4864  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
22:00:12.0552 4864  Serial - ok
22:00:12.0569 4864  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
22:00:12.0618 4864  sermouse - ok
22:00:12.0643 4864  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
22:00:12.0716 4864  SessionEnv - ok
22:00:12.0751 4864  [ A554811BCD09279536440C964AE35BBF ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
22:00:12.0777 4864  sffdisk - ok
22:00:12.0793 4864  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:00:12.0820 4864  sffp_mmc - ok
22:00:12.0832 4864  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
22:00:12.0879 4864  sffp_sd - ok
22:00:12.0900 4864  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy        C:\Windows\system32\drivers\sfloppy.sys
22:00:12.0925 4864  sfloppy - ok
22:00:12.0959 4864  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs          C:\Windows\system32\DRIVERS\Sftfslh.sys
22:00:13.0002 4864  Sftfs - ok
22:00:13.0063 4864  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist        C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
22:00:13.0120 4864  sftlist - ok
22:00:13.0133 4864  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay        C:\Windows\system32\DRIVERS\Sftplaylh.sys
22:00:13.0161 4864  Sftplay - ok
22:00:13.0182 4864  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
22:00:13.0203 4864  Sftredir - ok
22:00:13.0207 4864  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
22:00:13.0228 4864  Sftvol - ok
22:00:13.0249 4864  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
22:00:13.0296 4864  sftvsa - ok
22:00:13.0311 4864  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:00:13.0387 4864  SharedAccess - ok
22:00:13.0413 4864  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:00:13.0660 4864  ShellHWDetection - ok
22:00:13.0676 4864  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
22:00:13.0764 4864  SiSRaid2 - ok
22:00:13.0780 4864  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
22:00:13.0872 4864  SiSRaid4 - ok
22:00:13.0934 4864  [ 3E587DBBDFF938DDE5D4CE4047BE9041 ] SkypeUpdate    C:\Program Files (x86)\Skype\Updater\Updater.exe
22:00:14.0048 4864  SkypeUpdate - ok
22:00:14.0075 4864  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
22:00:14.0138 4864  Smb - ok
22:00:14.0171 4864  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:00:14.0198 4864  SNMPTRAP - ok
22:00:14.0211 4864  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr          C:\Windows\system32\drivers\spldr.sys
22:00:14.0234 4864  spldr - ok
22:00:14.0271 4864  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler        C:\Windows\System32\spoolsv.exe
22:00:14.0318 4864  Spooler - ok
22:00:14.0379 4864  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
22:00:14.0508 4864  sppsvc - ok
22:00:14.0522 4864  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
22:00:14.0568 4864  sppuinotify - ok
22:00:14.0606 4864  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv            C:\Windows\system32\DRIVERS\srv.sys
22:00:14.0661 4864  srv - ok
22:00:14.0691 4864  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:00:14.0740 4864  srv2 - ok
22:00:14.0787 4864  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:00:14.0818 4864  srvnet - ok
22:00:14.0863 4864  [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus        C:\Windows\system32\DRIVERS\ssadbus.sys
22:00:14.0929 4864  ssadbus - ok
22:00:14.0947 4864  [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
22:00:14.0974 4864  ssadmdfl - ok
22:00:15.0026 4864  [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm        C:\Windows\system32\DRIVERS\ssadmdm.sys
22:00:15.0099 4864  ssadmdm - ok
22:00:15.0143 4864  [ ED161B91FDF7EAA39469D72D463D5F4E ] sscdbus        C:\Windows\system32\DRIVERS\sscdbus.sys
22:00:15.0169 4864  sscdbus - ok
22:00:15.0200 4864  [ 4CB09E77593DBD8D7AF33B37375CA715 ] sscdmdfl        C:\Windows\system32\DRIVERS\sscdmdfl.sys
22:00:15.0222 4864  sscdmdfl - ok
22:00:15.0237 4864  [ C7B4CF53497A6E5363F3439427663882 ] sscdmdm        C:\Windows\system32\DRIVERS\sscdmdm.sys
22:00:15.0263 4864  sscdmdm - ok
22:00:15.0299 4864  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
22:00:15.0351 4864  SSDPSRV - ok
22:00:15.0364 4864  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc        C:\Windows\system32\sstpsvc.dll
22:00:15.0411 4864  SstpSvc - ok
22:00:15.0463 4864  [ 9E1380328C39D661E085B24D6A6E044E ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
22:00:15.0542 4864  Steam Client Service - ok
22:00:15.0581 4864  [ 5A19667A580B1CE886EAF968B9743F45 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
22:00:15.0646 4864  Stereo Service - ok
22:00:15.0670 4864  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
22:00:15.0693 4864  stexstor - ok
22:00:15.0741 4864  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
22:00:15.0833 4864  stisvc - ok
22:00:15.0855 4864  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
22:00:15.0886 4864  swenum - ok
22:00:15.0904 4864  [ E08E46FDD841B7184194011CA1955A0B ] swprv          C:\Windows\System32\swprv.dll
22:00:15.0961 4864  swprv - ok
22:00:16.0001 4864  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain        C:\Windows\system32\sysmain.dll
22:00:16.0127 4864  SysMain - ok
22:00:16.0148 4864  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:00:16.0198 4864  TabletInputService - ok
22:00:16.0220 4864  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv        C:\Windows\System32\tapisrv.dll
22:00:16.0305 4864  TapiSrv - ok
22:00:16.0323 4864  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS            C:\Windows\System32\tbssvc.dll
22:00:16.0370 4864  TBS - ok
22:00:16.0425 4864  [ DB74544B75566C974815E79A62433F29 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
22:00:16.0512 4864  Tcpip - ok
22:00:16.0569 4864  [ DB74544B75566C974815E79A62433F29 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:00:16.0633 4864  TCPIP6 - ok
22:00:16.0678 4864  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:00:16.0703 4864  tcpipreg - ok
22:00:16.0720 4864  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:00:16.0764 4864  TDPIPE - ok
22:00:16.0795 4864  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
22:00:16.0845 4864  TDTCP - ok
22:00:16.0886 4864  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
22:00:16.0932 4864  tdx - ok
22:00:16.0953 4864  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
22:00:16.0978 4864  TermDD - ok
22:00:17.0008 4864  [ 2E648163254233755035B46DD7B89123 ] TermService    C:\Windows\System32\termsrv.dll
22:00:17.0089 4864  TermService - ok
22:00:17.0138 4864  [ CE4B6956E4E12492715A53076E58761F ] TFsExDisk      C:\Windows\System32\Drivers\TFsExDisk.sys
22:00:17.0191 4864  TFsExDisk - ok
22:00:17.0207 4864  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
22:00:17.0238 4864  Themes - ok
22:00:17.0268 4864  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER    C:\Windows\system32\mmcss.dll
22:00:17.0314 4864  THREADORDER - ok
22:00:17.0330 4864  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
22:00:17.0420 4864  TrkWks - ok
22:00:17.0471 4864  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:00:17.0536 4864  TrustedInstaller - ok
22:00:17.0577 4864  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:00:17.0674 4864  tssecsrv - ok
22:00:17.0698 4864  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:00:17.0723 4864  TsUsbFlt - ok
22:00:17.0742 4864  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD        C:\Windows\system32\drivers\TsUsbGD.sys
22:00:17.0781 4864  TsUsbGD - ok
22:00:17.0823 4864  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:00:17.0900 4864  tunnel - ok
22:00:17.0924 4864  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
22:00:17.0949 4864  uagp35 - ok
22:00:17.0971 4864  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:00:18.0053 4864  udfs - ok
22:00:18.0072 4864  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect      C:\Windows\system32\UI0Detect.exe
22:00:18.0141 4864  UI0Detect - ok
22:00:18.0155 4864  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:00:18.0180 4864  uliagpkx - ok
22:00:18.0195 4864  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
22:00:18.0235 4864  umbus - ok
22:00:18.0261 4864  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
22:00:18.0304 4864  UmPass - ok
22:00:18.0343 4864  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
22:00:18.0414 4864  upnphost - ok
22:00:18.0466 4864  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64      C:\Windows\system32\Drivers\usbaapl64.sys
22:00:18.0490 4864  USBAAPL64 - ok
22:00:18.0544 4864  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
22:00:18.0600 4864  usbaudio - ok
22:00:18.0637 4864  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
22:00:18.0741 4864  usbccgp - ok
22:00:18.0755 4864  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:00:18.0791 4864  usbcir - ok
22:00:18.0830 4864  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
22:00:18.0873 4864  usbehci - ok
22:00:18.0906 4864  [ 2C780746DC44A28FE67004DC58173F05 ] usbfilter      C:\Windows\system32\DRIVERS\usbfilter.sys
22:00:18.0928 4864  usbfilter - ok
22:00:18.0942 4864  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:00:19.0007 4864  usbhub - ok
22:00:19.0043 4864  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci        C:\Windows\system32\DRIVERS\usbohci.sys
22:00:19.0067 4864  usbohci - ok
22:00:19.0084 4864  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:00:19.0133 4864  usbprint - ok
22:00:19.0192 4864  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan        C:\Windows\system32\DRIVERS\usbscan.sys
22:00:19.0220 4864  usbscan - ok
22:00:19.0255 4864  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:00:19.0288 4864  USBSTOR - ok
22:00:19.0299 4864  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci        C:\Windows\system32\drivers\usbuhci.sys
22:00:19.0342 4864  usbuhci - ok
22:00:19.0358 4864  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms          C:\Windows\System32\uxsms.dll
22:00:19.0427 4864  UxSms - ok
22:00:19.0489 4864  [ 102F170CF0F5304ACF7FB663B7ADB5E0 ] V0330VID        C:\Windows\system32\DRIVERS\V0330Vid.sys
22:00:19.0535 4864  V0330VID - ok
22:00:19.0546 4864  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
22:00:19.0571 4864  VaultSvc - ok
22:00:19.0586 4864  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:00:19.0609 4864  vdrvroot - ok
22:00:19.0626 4864  [ 8D6B481601D01A456E75C3210F1830BE ] vds            C:\Windows\System32\vds.exe
22:00:19.0686 4864  vds - ok
22:00:19.0706 4864  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
22:00:19.0732 4864  vga - ok
22:00:19.0749 4864  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave        C:\Windows\System32\drivers\vga.sys
22:00:19.0792 4864  VgaSave - ok
22:00:19.0806 4864  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
22:00:19.0835 4864  vhdmp - ok
22:00:19.0849 4864  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:00:19.0871 4864  viaide - ok
22:00:19.0884 4864  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:00:19.0932 4864  volmgr - ok
22:00:19.0955 4864  [ A255814907C89BE58B79EF2F189B843B ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
22:00:19.0987 4864  volmgrx - ok
22:00:20.0001 4864  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap        C:\Windows\system32\drivers\volsnap.sys
22:00:20.0034 4864  volsnap - ok
22:00:20.0048 4864  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid        C:\Windows\system32\drivers\vsmraid.sys
22:00:20.0076 4864  vsmraid - ok
22:00:20.0110 4864  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS            C:\Windows\system32\vssvc.exe
22:00:20.0204 4864  VSS - ok
22:00:20.0223 4864  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
22:00:20.0270 4864  vwifibus - ok
22:00:20.0302 4864  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time        C:\Windows\system32\w32time.dll
22:00:20.0390 4864  W32Time - ok
22:00:20.0440 4864  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
22:00:20.0464 4864  WacomPen - ok
22:00:20.0526 4864  [ 4AA2CC5979AFF984227364F2C23B04F3 ] WajamUpdater    C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
22:00:20.0558 4864  WajamUpdater ( UnsignedFile.Multi.Generic ) - warning
22:00:20.0558 4864  WajamUpdater - detected UnsignedFile.Multi.Generic (1)
22:00:20.0581 4864  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:00:20.0645 4864  WANARP - ok
22:00:20.0667 4864  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:00:20.0711 4864  Wanarpv6 - ok
22:00:20.0746 4864  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
22:00:20.0846 4864  wbengine - ok
22:00:20.0870 4864  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:00:20.0931 4864  WbioSrvc - ok
22:00:20.0949 4864  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc        C:\Windows\System32\wcncsvc.dll
22:00:21.0006 4864  wcncsvc - ok
22:00:21.0044 4864  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:00:21.0143 4864  WcsPlugInService - ok
22:00:21.0162 4864  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
22:00:21.0198 4864  Wd - ok
22:00:21.0244 4864  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:00:21.0430 4864  Wdf01000 - ok
22:00:21.0446 4864  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:00:21.0547 4864  WdiServiceHost - ok
22:00:21.0552 4864  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost  C:\Windows\system32\wdi.dll
22:00:21.0584 4864  WdiSystemHost - ok
22:00:21.0613 4864  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient      C:\Windows\System32\webclnt.dll
22:00:21.0648 4864  WebClient - ok
22:00:21.0676 4864  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:00:21.0742 4864  Wecsvc - ok
22:00:21.0770 4864  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
22:00:21.0817 4864  wercplsupport - ok
22:00:21.0837 4864  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:00:21.0884 4864  WerSvc - ok
22:00:21.0895 4864  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:00:21.0938 4864  WfpLwf - ok
22:00:21.0961 4864  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:00:21.0986 4864  WIMMount - ok
22:00:22.0010 4864  WinDefend - ok
22:00:22.0030 4864  WinHttpAutoProxySvc - ok
22:00:22.0070 4864  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
22:00:22.0122 4864  Winmgmt - ok
22:00:22.0159 4864  [ BCB1310604AA415C4508708975B3931E ] WinRM          C:\Windows\system32\WsmSvc.dll
22:00:22.0258 4864  WinRM - ok
22:00:22.0317 4864  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
22:00:22.0369 4864  WinUsb - ok
22:00:22.0406 4864  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc        C:\Windows\System32\wlansvc.dll
22:00:22.0482 4864  Wlansvc - ok
22:00:22.0553 4864  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
22:00:22.0577 4864  wlcrasvc - ok
22:00:22.0687 4864  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:00:22.0759 4864  wlidsvc - ok
22:00:22.0784 4864  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi        C:\Windows\system32\DRIVERS\wmiacpi.sys
22:00:22.0809 4864  WmiAcpi - ok
22:00:22.0848 4864  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:00:22.0904 4864  wmiApSrv - ok
22:00:22.0925 4864  WMPNetworkSvc - ok
22:00:22.0929 4864  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:00:22.0973 4864  WPCSvc - ok
22:00:22.0978 4864  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:00:23.0007 4864  WPDBusEnum - ok
22:00:23.0029 4864  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
22:00:23.0073 4864  ws2ifsl - ok
22:00:23.0093 4864  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
22:00:23.0125 4864  wscsvc - ok
22:00:23.0129 4864  WSearch - ok
22:00:23.0205 4864  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:00:23.0316 4864  wuauserv - ok
22:00:23.0355 4864  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:00:23.0392 4864  WudfPf - ok
22:00:23.0442 4864  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:00:23.0486 4864  WUDFRd - ok
22:00:23.0526 4864  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
22:00:23.0579 4864  wudfsvc - ok
22:00:23.0626 4864  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc        C:\Windows\System32\wwansvc.dll
22:00:23.0669 4864  WwanSvc - ok
22:00:23.0990 4864  X6va008 - ok
22:00:24.0025 4864  ================ Scan global ===============================
22:00:24.0039 4864  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:00:24.0068 4864  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:00:24.0076 4864  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:00:24.0087 4864  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:00:24.0108 4864  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:00:24.0114 4864  [Global] - ok
22:00:24.0114 4864  ================ Scan MBR ==================================
22:00:24.0123 4864  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:00:24.0427 4864  \Device\Harddisk0\DR0 - ok
22:00:24.0428 4864  ================ Scan VBR ==================================
22:00:24.0433 4864  [ C921C9BBD6221844F9217BF2FC52944E ] \Device\Harddisk0\DR0\Partition1
22:00:24.0434 4864  \Device\Harddisk0\DR0\Partition1 - ok
22:00:24.0466 4864  [ 1F8A8A2C4BF3801D2A4646E5570B059F ] \Device\Harddisk0\DR0\Partition2
22:00:24.0468 4864  \Device\Harddisk0\DR0\Partition2 - ok
22:00:24.0468 4864  ============================================================
22:00:24.0468 4864  Scan finished
22:00:24.0468 4864  ============================================================
22:00:24.0483 3340  Detected object count: 3
22:00:24.0484 3340  Actual detected object count: 3
22:00:40.0976 3340  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
22:00:40.0976 3340  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:00:40.0978 3340  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
22:00:40.0979 3340  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:00:40.0982 3340  WajamUpdater ( UnsignedFile.Multi.Generic ) - skipped by user
22:00:40.0982 3340  WajamUpdater ( UnsignedFile.Multi.Generic ) - User select action: Skip

cosinus 27.08.2013 22:09
Zitat:
Nun nachdem ich einige uncoole Seiten besucht habe,habe ich oben beschriebenes Problem wieder ! Ich könnt heulen.
Lässt sich das auch mal genauer darstellen?
Was bitte hast du genau gemacht?

Schicka 28.08.2013 12:42
ich war auf xhamster.com....
Mehr nicht und jetzt laagt der gesamte Computer..

cosinus 28.08.2013 15:46
Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Schicka 29.08.2013 22:23
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-08-2013
Ran by Agando at 2013-08-29 22:17:16
Running from C:\Users\Agando\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

 
@BIOS (x32 Version: 2.23)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Reader X (10.1.7) - Deutsch (x32 Version: 10.1.7)
AMD USB Filter Driver (x32 Version: 1.0.15.94)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Battlefield 3™ (x32 Version: 1.6.0.0)
Battlelog Web Plugins (x32 Version: 2.1.3)
Biet-O-Matic v2.14.12 (x32 Version: 2.14.12)
Bonjour (Version: 3.0.0.10)
CHIP System-Check-Tool 1.1.9.15 (x32)
Computer Security 12.83.104.0 (release) (x32 Version: 12.83.104.0)
Counter-Strike: Source (x32)
Creative WebCam Vista/Live! Cam Chat (VF0330) Driver (1.12.01.00)
Curse Client (HKCU Version: 4.0.1.260)
D3DX10 (x32 Version: 15.4.2368.0902)
dm-Fotowelt (x32 Version: 5.0.1)
Dolby Home Theater v4 (x32 Version: 7.2.7000.7)
Dr. Hardware 2013 13.0d (x32)
DriverTuner 3.1.0.0 (x32 Version: 3.1.0.0)
Easy Tune 6 B11.1209.1 (x32 Version: 1.00.0000)
EasySaver B9.1214.1  (x32 Version: 1.00.0000)
ESN Sonar (x32 Version: 0.70.4)
Etron USB3.0 Host Controller (x32 Version: 0.104)
Facebook Video Calling 1.2.0.159 (x32 Version: 1.2.159)
FIFA 13 (x32 Version: 1.7.0.0)
Football Superstars (x32)
Fraps (remove only) (x32)
Free PDF to Word Doc Converter v1.1 (x32 Version: 1.1)
Free YouTube to MP3 Converter version 3.12.10.812 (x32 Version: 3.12.10.812)
F-Secure CCF Reputation (x32 Version: 1.0.25.1877)
F-Secure CCF Scanning 1.23.124.8831 (release) (x32 Version: 1.23.124.8831)
F-Secure Network CCF 1.02.128 (x32 Version: 1.02.128)
Gigabyte Raid Configurer (x32 Version: 1.17.63.1)
Google Earth Plug-in (x32 Version: 7.1.1.1888)
Google Update Helper (x32 Version: 1.3.21.153)
iCloud (Version: 2.1.2.8)
ID CPU-Z 1.66
iTunes (Version: 11.0.5.5)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Kabel BW Programme (x32 Version: 1.83.311.0)
Kaspersky Internet Security (x32 Version: 14.0.0.4651)
League of Legends (x32 Version: 1.3)
Logitech GamePanel Software 3.06.109 (Version: 3.06.109)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Mesh Runtime (x32 Version: 15.4.5722.2)
Messenger Companion (x32 Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30320)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Flight (x32)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
Microsoft XNA Framework Redistributable 3.1 (x32 Version: 3.1.10527.0)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MyFreeCodec (HKCU)
NVIDIA 3D Vision Controller-Treiber 296.10 (Version: 296.10)
NVIDIA 3D Vision Treiber 311.06 (Version: 311.06)
NVIDIA Grafiktreiber 311.06 (Version: 311.06)
NVIDIA HD-Audiotreiber 1.3.12.0 (Version: 1.3.12.0)
NVIDIA Install Application (Version: 2.1002.108.688)
NVIDIA PhysX (x32 Version: 9.12.0213)
NVIDIA PhysX-Systemsoftware 9.12.0213 (Version: 9.12.0213)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106)
NVIDIA Systemsteuerung 311.06 (Version: 311.06)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
Online Safety 2.83.1329.952 (x32 Version: 2.83.1329.952)
Open It! (x32 Version: 1.1.1)
Origin (x32 Version: 9.1.15.109)
OutlookAddInNet3Setup (x32 Version: 1.0.0)
Pando Media Booster (x32 Version: 2.6.0.8)
PokerStars.eu (x32)
PunkBuster Services (x32 Version: 0.991)
Razer Synapse 2.0 (x32 Version: 1.12.8)
Realtek Ethernet Controller Driver (x32 Version: 7.38.113.2011)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6433)
Samsung Kies (x32 Version: 2.0.1.11053_99)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.18.0)
Scribus 1.4.2 (x32 Version: 1.4.2)
Skype™ 6.6 (x32 Version: 6.6.106)
Spotify (HKCU Version: 0.9.1.53.g876fa9df)
StarCraft II (x32 Version: 2.0.11.26825)
Steam (x32 Version: 1.0.0.0)
Streamripper (Remove only) (x32)
TeamSpeak 3 Client (Version: 3.0.11.1)
Trojan Remover 6.8.8 (x32 Version: 6.8.8)
TrojanHunter 5.5 (x32 Version: 5.5)
Unity Web Player (HKCU Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Zip Opener (HKCU)
VLC media player 2.0.5 (Version: 2.0.5)
Winamp (x32 Version: 5.63 )
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)
WinRAR 4.11 (64-Bit) (Version: 4.11.0)
World of Warcraft (x32 Version: 5.3.0.17128)
XSplit (x32 Version: 1.2.1303.0101)
Zip Opener Packages (HKCU)
Zoner Photo Studio 13 (Version: 13.0.1.7)
ZygorDDL (HKCU Version: 3.2.0.3)

==================== Restore Points  =========================

23-08-2013 11:49:43 Geplanter Prüfpunkt
26-08-2013 15:00:11 avast! Free Antivirus Setup
26-08-2013 18:44:13 Wiederherstellungsvorgang
29-08-2013 19:39:41 avast! Free Antivirus Setup
29-08-2013 19:58:36 avast! Free Antivirus Setup

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {088482FA-65B8-4E17-9ABF-1DCD48E8D373} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 => C:\Windows\System32\ndfapi.dll [2009-07-14] (Microsoft Corporation)
Task: {09F06BFE-A3C8-40E3-846A-6E6F4000C238} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 => C:\Windows\System32\ndfapi.dll [2009-07-14] (Microsoft Corporation)
Task: {0C904CFF-1032-4B18-8178-BAB3365219AA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2791813957-2553131097-2160486698-1000Core => C:\Users\Agando\AppData\Local\Facebook\Update\FacebookUpdate.exe No File
Task: {2FF57D2E-E792-4454-9A57-F30AA15FF614} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2791813957-2553131097-2160486698-1000UA => C:\Users\Agando\AppData\Local\Facebook\Update\FacebookUpdate.exe No File
Task: {3A00EE79-1850-408A-83A8-43E7CD1CA988} - System32\Tasks\DSite => C:\Users\Agando\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE [2013-08-27] ()
Task: {499C8F7D-F65A-4A9F-AA22-069785567720} - System32\Tasks\WPD\SqmUpload_S-1-5-21-2791813957-2553131097-2160486698-1000 => C:\Windows\System32\portabledeviceapi.dll [2010-11-21] (Microsoft Corporation)
Task: {51B66863-5830-44F5-B549-DF10494C97E7} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-21] (Microsoft Corporation)
Task: {72DD75BB-DA81-4AA2-917A-B6E29ADF21A3} - System32\Tasks\EPUpdater => C:\Users\Agando\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe No File
Task: {988518AF-0B7F-49CC-8838-9D0A0803729C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-28] (Google Inc.)
Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\System32\srrstr.dll [2010-11-21] (Microsoft Corporation)
Task: {A7C73732-9F11-4281-8D19-764D4EC9D94D} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\System32\aepdu.dll [2010-11-21] (Microsoft Corporation)
Task: {AEA67145-5501-42E2-824A-DE5724C55AF8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-28] (Google Inc.)
Task: {B2935CCA-C4CB-448E-AFC4-899AD3AD34CB} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {D7B6E81D-3CF4-432C-84D2-24213F4316E6} - System32\Tasks\Microsoft\Windows\Autochk\Proxy => C:\Windows\System32\acproxy.dll [2009-07-14] (Microsoft Corporation)
Task: {DDE53DA3-2C3F-4E83-8422-AADBFC2AAF17} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector => C:\Windows\System32\dfdts.dll [2009-07-14] (Microsoft Corporation)
Task: {E22A8667-F75B-4BA9-BA46-067ED4429DE8} - System32\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange => C:\Windows\System32\bfe.dll [2010-11-21] (Microsoft Corporation)
Task: {E73EA745-FDD1-4869-B673-C0E9741B1E81} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {EFFDE8EA-76F4-448A-9C4C-69BC54C28D96} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-20] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DSite.job => C:\Users\Agando\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2791813957-2553131097-2160486698-1000Core.job => C:\Users\Agando\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2791813957-2553131097-2160486698-1000UA.job => C:\Users\Agando\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==========

AlternateDataStreams: C:\Users\Agando\Documents\Thumbs.db:encryptable
AlternateDataStreams: C:\ProgramData\TEMP:47F1DFAC
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9


==================== Faulty Device Manager Devices =============

Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/29/2013 10:10:15 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/29/2013 09:58:41 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSP.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (08/29/2013 09:58:41 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswFsBlk.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (08/29/2013 09:09:13 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/29/2013 05:31:07 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/29/2013 01:24:11 AM) (Source: Application Hang) (User: )
Description: Programm mbam.exe, Version 1.75.0.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: adc

Startzeit: 01cea44099782cf3

Endzeit: 8

Anwendungspfad: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

Berichts-ID: e6f13a48-1038-11e3-b6ec-f8d111109766

Error: (08/29/2013 00:39:03 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/28/2013 11:45:18 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/28/2013 01:45:20 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/28/2013 01:20:37 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (08/29/2013 10:11:06 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (08/29/2013 10:11:06 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (08/29/2013 10:06:51 PM) (Source: Service Control Manager) (User: )
Description: Dienst "avast! Antivirus" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/29/2013 09:10:03 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (08/29/2013 09:10:03 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (08/29/2013 05:32:03 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (08/29/2013 05:32:03 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (08/29/2013 00:39:47 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (08/29/2013 00:39:47 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (08/28/2013 11:46:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069


Microsoft Office Sessions:
=========================
Error: (08/29/2013 10:10:15 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/29/2013 09:58:41 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSP.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (08/29/2013 09:58:41 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswFsBlk.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (08/29/2013 09:09:13 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/29/2013 05:31:07 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/29/2013 01:24:11 AM) (Source: Application Hang)(User: )
Description: mbam.exe1.75.0.1adc01cea44099782cf38C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exee6f13a48-1038-11e3-b6ec-f8d111109766

Error: (08/29/2013 00:39:03 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/28/2013 11:45:18 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/28/2013 01:45:20 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/28/2013 01:20:37 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2013-03-20 06:18:46.807
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-20 06:18:46.749
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-20 06:18:42.597
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-20 06:18:42.537
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-20 06:18:39.674
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-20 06:18:39.612
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-20 06:18:37.299
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-20 06:18:37.239
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-20 06:18:34.807
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-20 06:18:34.761
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-08-2013
Ran by Agando (administrator) on 29-08-2013 22:15:14
Running from C:\Users\Agando\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\CCF_Reputation\fsorsp.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE
() C:\Windows\SysWOW64\XSrvSetup.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSMA32.EXE
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSHDLL64.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\Program Files (x86)\Gigabyte\ET6\GUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Creative Technology Ltd.) C:\Windows\V0330Mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSM32.EXE
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Mischel Internet Security) C:\Program Files (x86)\TrojanHunter 5.5\THGuard.exe
(Curse) C:\Users\Agando\AppData\Local\Apps\2.0\QHMWE85J.WYN\GYWMVATZ.YQY\curs..tion_eee711038731a406_0004.0000_2bd39706d04e72c8\CurseClient.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\wmi64.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12666984 2011-08-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2275944 2011-08-09] (Realtek Semiconductor)
HKLM\...\Run: [Launch LgDeviceAgent] - C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415816 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LGDCore] - C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4725320 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [fssui] - C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe [884584 2012-03-08] (Microsoft Corporation)
HKLM-x32\...\RunOnce: [EasyTuneVI] - C:\Program Files (x86)\Gigabyte\ET6\ETCall.exe [40960 2011-11-24] ()
HKCU\...\Run: [Facebook Update] - "C:\Users\Agando\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [x]
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-02-13] (Samsung)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-02-15] ()
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43608 2010-09-07] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] -  [x]
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [606056 2013-07-23] (Razer Inc.)
HKLM-x32\...\Run: [V0330Mon.exe] - C:\Windows\V0330Mon.exe [32768 2007-04-30] (Creative Technology Ltd.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [F-Secure Hoster (47731)] - C:\Program Files (x86)\Kabel BW\fshoster32.exe [191424 2013-05-15] (F-Secure Corporation)
HKLM-x32\...\Run: [F-Secure Manager] - C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSM32.EXE [310208 2013-08-14] (F-Secure Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
HKLM-x32\...\Run: [THGuard] - C:\Program Files (x86)\TrojanHunter 5.5\THGuard.exe [1086880 2012-10-23] (Mischel Internet Security)
HKLM-x32\...\Run: [TrojanScanner] - C:\Program Files (x86)\Trojan Remover\Trjscan.exe [1655568 2013-07-19] (Simply Super Software)
Startup: C:\Users\Agando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()

==================== Internet (Whitelisted) ====================

SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=9CE0F8D111109766&affID=119357&tsp=4987
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2

FireFox:
========
FF ProfilePath: C:\Users\Agando\AppData\Roaming\Mozilla\Firefox\Profiles\pam7rq1x.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Agando\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Agando\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: No Name - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF HKLM-x32\...\Firefox\Extensions:  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF HKCU\...\Firefox\Extensions: [{4340308e-3e37-4dd7-9192-8cf05ce9c9f2}] C:\Program Files (x86)\LyriXeeker\130.xpi
FF HKCU\...\Firefox\Extensions: [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}] C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi

==================== Services (Whitelisted) =================

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-06-17] (Kaspersky Lab ZAO)
R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
R2 fshoster; C:\Program Files (x86)\Kabel BW\fshoster32.exe [191424 2013-05-15] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSMA32.EXE [216000 2013-08-14] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\Kabel BW\apps\CCF_Reputation\fsorsp.exe [60352 2013-07-24] (F-Secure Corporation)
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72280 2010-09-07] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-04-07] ()

==================== Drivers (Whitelisted) ====================

R3 AODDriver; C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys [52280 2010-03-12] (Advanced Micro Devices)
R3 AODDriver; C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys [52280 2010-03-12] (Advanced Micro Devices)
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20552 2010-09-06] (Devguru Co., Ltd)
R2 DRHARD64; C:\Windows\system32\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHMSR64; C:\Windows\system32\drivers\DRHMSR64.sys [14760 2011-12-06] ()
S3 etdrv; C:\Windows\etdrv.sys [25640 2012-04-12] (Windows (R) Server 2003 DDK provider)
S3 etdrv; C:\Windows\etdrv.sys [25640 2012-04-12] (Windows (R) Server 2003 DDK provider)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [202176 2013-08-26] (F-Secure Corporation)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [202176 2013-08-26] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\HIPS\drivers\fshs.sys [68928 2013-07-24] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\HIPS\drivers\fshs.sys [68928 2013-07-24] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2013-08-26] ()
R3 fsni; C:\Program Files (x86)\Kabel BW\apps\CCF_Scanning\fsni64.sys [80832 2013-04-25] (F-Secure Corporation)
R3 fsni; C:\Program Files (x86)\Kabel BW\apps\CCF_Scanning\fsni64.sys [80832 2013-04-25] (F-Secure Corporation)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
R1 fsvista; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13248 2013-08-14] ()
R1 fsvista; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13248 2013-08-14] ()
R3 gdrv; C:\Windows\gdrv.sys [25640 2013-08-29] (Windows (R) Server 2003 DDK provider)
R3 gdrv; C:\Windows\gdrv.sys [25640 2013-08-29] (Windows (R) Server 2003 DDK provider)
R3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-08-29] ()
R3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-08-29] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-05-06] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [619616 2013-08-14] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2013-06-10] (Kaspersky Lab ZAO)
S3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-05-05] (Kaspersky Lab ZAO)
S3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-05-05] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178784 2013-06-06] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 V0330VID; C:\Windows\System32\DRIVERS\V0330Vid.sys [193408 2009-07-03] (Creative Technology Ltd.)
S3 ALSysIO; \??\C:\Users\Agando\AppData\Local\Temp\ALSysIO64.sys [x]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-29 22:14 - 2013-08-29 22:13 - 00001129 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2013-08-29 22:13 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2013-08-29 22:12 - 2013-08-29 22:14 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-08-29 22:12 - 2013-08-29 22:12 - 00000000 ____D C:\Windows\ELAMBKUP
2013-08-29 22:12 - 2013-08-29 22:12 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2013-08-29 22:12 - 2013-08-14 12:40 - 00619616 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2013-08-29 22:12 - 2013-06-08 20:18 - 00112224 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2013-08-29 21:48 - 2013-08-29 21:48 - 00000000 ____D C:\FRST
2013-08-29 21:46 - 2013-08-29 21:46 - 01579080 _____ (Farbar) C:\Users\Agando\Downloads\FRST64.exe
2013-08-29 21:28 - 2013-08-29 21:31 - 261894976 _____ C:\Users\Agando\Downloads\kis14.0.0.4651aDE_4890.exe
2013-08-29 21:09 - 2013-08-29 21:09 - 00000000 ____D C:\Users\Agando\AppData\Local\{D73BF8D8-8856-4840-BC7E-F9A32DE2F2AB}
2013-08-29 02:25 - 2013-08-29 02:25 - 00001148 _____ C:\Users\Public\Desktop\Trojan Remover.lnk
2013-08-29 02:25 - 2013-08-29 02:25 - 00000000 ____D C:\Users\Agando\Documents\Simply Super Software
2013-08-29 02:25 - 2013-08-29 02:25 - 00000000 ____D C:\Users\Agando\AppData\Roaming\TrojanHunter
2013-08-29 02:25 - 2013-08-29 02:25 - 00000000 ____D C:\Users\Agando\AppData\Roaming\Simply Super Software
2013-08-29 02:24 - 2013-08-29 02:25 - 00000000 ____D C:\Program Files (x86)\Trojan Remover
2013-08-29 02:24 - 2013-08-29 02:24 - 00000000 ____D C:\ProgramData\Simply Super Software
2013-08-29 01:09 - 2013-08-29 01:10 - 00000000 ____D C:\Users\Agando\AppData\Local\{32317155-CF23-4BB4-AE37-4C1E5DB9D96D}
2013-08-29 00:47 - 2013-08-29 00:47 - 00001118 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-29 00:47 - 2013-08-29 00:47 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-29 00:47 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-29 00:46 - 2013-08-29 00:46 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Agando\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-08-29 00:43 - 2013-08-29 00:43 - 23334896 _____ (Simply Super Software                                      ) C:\Users\Agando\Downloads\trjsetup_688.exe
2013-08-29 00:42 - 2013-08-29 00:42 - 00059392 ____R C:\Windows\SysWOW64\streamhlp.dll
2013-08-29 00:42 - 2013-08-29 00:42 - 00001094 _____ C:\Users\Agando\Desktop\TrojanHunter.lnk
2013-08-29 00:42 - 2013-08-29 00:42 - 00000000 ____D C:\ProgramData\TrojanHunter
2013-08-29 00:41 - 2013-08-29 21:16 - 00000000 ____D C:\Program Files (x86)\TrojanHunter 5.5
2013-08-29 00:41 - 2013-08-29 00:41 - 05843488 _____ (Mischel Internet Security                                  ) C:\Users\Agando\Downloads\TrojanHunterSetup_5.5_Build_1003.exe
2013-08-28 23:43 - 2013-08-29 22:08 - 00013764 _____ C:\Windows\PFRO.log
2013-08-28 13:08 - 2013-08-28 13:09 - 00000000 ____D C:\Users\Agando\AppData\Local\{553041C7-DC3C-4A7D-A204-86A6F6FF3B6D}
2013-08-28 13:07 - 2013-08-29 22:08 - 00000728 _____ C:\Windows\setupact.log
2013-08-28 13:07 - 2013-08-28 13:07 - 00000000 _____ C:\Windows\setuperr.log
2013-08-28 08:22 - 2013-08-29 22:08 - 00000144 _____ C:\service.log
2013-08-27 21:58 - 2013-08-27 21:58 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Agando\Downloads\tdsskiller.exe
2013-08-27 21:53 - 2013-08-27 21:53 - 00001812 _____ C:\Users\Agando\Desktop\aswMBR2.txt
2013-08-27 21:53 - 2013-08-27 21:53 - 00000512 _____ C:\Users\Agando\Desktop\MBR.dat
2013-08-27 21:48 - 2013-08-27 21:48 - 00000000 ____D C:\Users\Agando\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
2013-08-27 21:47 - 2013-08-27 21:47 - 00003400 _____ C:\Windows\System32\Tasks\EPUpdater
2013-08-27 21:47 - 2013-08-27 21:47 - 00000000 ____D C:\Program Files (x86)\Delta
2013-08-27 21:46 - 2013-08-27 21:46 - 00000000 ____D C:\Users\Agando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
2013-08-27 21:46 - 2013-08-27 21:46 - 00000000 ____D C:\ProgramData\Babylon
2013-08-27 21:45 - 2013-08-27 21:45 - 00001119 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-08-27 21:45 - 2013-08-27 21:45 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-08-27 21:12 - 2013-08-27 21:12 - 00000000 ____D C:\Users\Agando\AppData\Local\{DE1C6A1E-553C-416A-A913-00CEF9273C60}
2013-08-27 21:12 - 2013-08-27 21:12 - 00000000 ____D C:\Users\Agando\AppData\Local\{9844E0F3-A72E-4491-AA37-159A131C69DD}
2013-08-27 09:10 - 2013-08-27 09:10 - 00000000 ____D C:\Users\Agando\AppData\Local\{BE7BAD09-38C3-4DD9-B140-370BAF9BE03F}
2013-08-27 09:09 - 2013-08-27 09:10 - 00000000 ____D C:\Users\Agando\AppData\Local\{B2686250-ECA9-4D46-B244-F3FF37E8ECE8}
2013-08-26 21:08 - 2013-08-26 21:08 - 00000000 ____D C:\Users\Agando\AppData\Local\{427BEE33-37BD-424D-ABF7-6456CA35BFE3}
2013-08-26 21:07 - 2013-08-26 21:08 - 00000000 ____D C:\Users\Agando\AppData\Local\{BFC99E60-B005-4DCD-AD30-EC4E6426AC01}
2013-08-26 19:03 - 2013-08-28 07:53 - 00000005 _____ C:\Users\Agando\AppData\Roaming\WBPU-TTL.DAT
2013-08-26 19:03 - 2013-08-26 19:03 - 00000055 _____ C:\Users\Agando\AppData\Roaming\WB.CFG
2013-08-26 17:03 - 2013-08-29 21:49 - 00000290 _____ C:\Windows\Tasks\DSite.job
2013-08-26 17:03 - 2013-08-27 21:54 - 00000000 ____D C:\Users\Agando\AppData\Roaming\DSite
2013-08-26 17:03 - 2013-08-27 21:49 - 00003240 _____ C:\Windows\System32\Tasks\DSite
2013-08-26 16:56 - 2013-08-26 16:57 - 117478104 _____ C:\Users\Agando\Downloads\avast_free_antivirus_setup.exe
2013-08-26 12:14 - 2013-08-26 12:14 - 00000000 ____D C:\Users\Agando\AppData\Local\{98909EFF-070B-4528-9875-64AD4A24FE62}
2013-08-26 12:13 - 2013-08-26 12:14 - 00000000 ____D C:\Users\Agando\AppData\Local\{7FB4754F-F322-4E9B-8BF4-8B25E411951A}
2013-08-26 00:44 - 2013-08-27 21:54 - 00000000 ____D C:\Program Files (x86)\CHIP System-Check-Tool
2013-08-26 00:44 - 2013-08-26 00:44 - 00001114 _____ C:\Users\Agando\Desktop\CHIP System-Check-Tool.lnk
2013-08-26 00:44 - 2006-09-29 22:21 - 00077824 _____ C:\Windows\SysWOW64\DriveInfo.dll
2013-08-26 00:44 - 2006-02-03 17:46 - 00032768 _____ (*) C:\Windows\SysWOW64\chipxum.dll
2013-08-26 00:40 - 2013-08-26 00:40 - 05603998 _____ (CHIP, Winfuture, Green Crystal Software                    ) C:\Users\Agando\Downloads\chip_sct_11915.exe
2013-08-26 00:39 - 2013-08-26 00:39 - 00000874 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2013-08-26 00:38 - 2013-08-27 21:54 - 00000000 ____D C:\Program Files\CPUID
2013-08-26 00:38 - 2013-08-26 00:38 - 01458776 _____ (                                                            ) C:\Users\Agando\Downloads\cpu-z_1.66-setup-en.exe
2013-08-25 10:50 - 2013-08-25 22:57 - 00000000 ____D C:\Users\Agando\AppData\Local\{5922E8B5-2CF0-426A-A70C-C8B4B155A3EF}
2013-08-24 16:07 - 2013-08-24 16:07 - 00000000 ____D C:\Users\Agando\AppData\Local\{DC695043-AC67-4EAA-9EEA-54008B4B6702}
2013-08-24 00:04 - 2013-08-24 00:05 - 00000000 ____D C:\Users\Agando\AppData\Local\{4F381444-BB2D-4460-B338-CFE3103BA21C}
2013-08-23 12:03 - 2013-08-23 12:03 - 00000000 ____D C:\Users\Agando\AppData\Local\{4B9CE7DB-E151-4DA8-9399-D65D88DA68C3}
2013-08-22 21:57 - 2013-08-22 21:57 - 00000000 ____D C:\Users\Agando\AppData\Local\{2399E245-AC4B-4D43-9F3F-DE2FA3345E12}
2013-08-22 01:47 - 2013-08-22 01:47 - 00000000 ____D C:\Users\Agando\AppData\Local\{4D52FD10-12E5-4D40-99E5-EB2DAD028EC0}
2013-08-21 13:40 - 2013-08-21 13:40 - 00000000 ____D C:\Users\Agando\AppData\Local\{ADFA1044-F9F8-422F-904F-D3952B78DF33}
2013-08-21 01:39 - 2013-08-21 01:40 - 00000000 ____D C:\Users\Agando\AppData\Local\{C70081E7-0A5E-414F-AE7A-EF389B526381}
2013-08-20 15:17 - 2013-08-20 15:17 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-20 15:17 - 2013-08-20 15:17 - 00000000 ____D C:\Program Files\iTunes
2013-08-20 15:17 - 2013-08-20 15:17 - 00000000 ____D C:\Program Files\iPod
2013-08-20 15:17 - 2013-08-20 15:17 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-08-20 13:38 - 2013-08-20 13:38 - 00000000 ____D C:\Users\Agando\AppData\Local\{860A5D48-4C6A-4415-B616-5B58D66D3A85}
2013-08-19 13:31 - 2013-08-20 01:38 - 00000000 ____D C:\Users\Agando\AppData\Local\{B8A6886B-D253-4011-A753-81BD69E510E1}
2013-08-18 13:23 - 2013-08-19 01:29 - 00000000 ____D C:\Users\Agando\AppData\Local\{F5EAF9F6-80A6-4CFA-8851-57F8DD46C28B}
2013-08-17 18:25 - 2013-08-17 18:25 - 00000000 ____D C:\Users\Agando\AppData\Local\{0F23E30A-6AB5-4A83-9B5A-84FF20D369D4}
2013-08-17 06:45 - 2013-08-27 21:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-17 06:24 - 2013-08-17 06:24 - 00000000 ____D C:\Users\Agando\AppData\Local\{B3616181-C42D-47C6-9987-668F84C45B4D}
2013-08-16 18:23 - 2013-08-16 18:24 - 00000000 ____D C:\Users\Agando\AppData\Local\{D5E3A7A7-703A-4B5E-92C7-787FDA940717}
2013-08-16 06:23 - 2013-08-16 06:23 - 00000000 ____D C:\Users\Agando\AppData\Local\{E8D2D88B-F446-41C2-BCA0-73740D7543D3}
2013-08-15 18:01 - 2013-08-15 18:01 - 00001407 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2013-08-15 18:01 - 2013-08-15 18:01 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-08-15 12:21 - 2013-08-15 12:22 - 00000000 ____D C:\Users\Agando\AppData\Local\{B587A9E0-38A4-4067-BFFB-8A070E1CAD36}
2013-08-15 03:09 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 03:09 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 03:09 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-15 03:09 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 03:09 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 03:09 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-15 03:09 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 03:09 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-15 03:09 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 03:09 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-15 03:09 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-15 03:09 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-15 03:09 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 03:09 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-15 03:09 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 03:09 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 03:09 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 03:09 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-15 03:09 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-15 03:09 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 03:09 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-15 03:09 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 03:09 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-15 03:09 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-15 03:09 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-15 03:09 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 03:09 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 03:09 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-15 03:09 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 03:09 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-15 03:09 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-15 02:25 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 02:25 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 02:25 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 02:25 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 02:25 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 02:25 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 02:25 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-15 02:25 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-15 02:24 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 02:24 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-15 02:24 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 02:24 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-15 02:24 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 02:24 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 02:24 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-15 02:24 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 02:24 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-15 02:24 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-15 02:24 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-15 02:24 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 02:24 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-15 02:24 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-15 02:24 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-15 02:24 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-15 02:24 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-15 02:24 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-15 02:23 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 22:10 - 2013-08-14 22:11 - 00000000 ____D C:\Users\Agando\AppData\Local\{89AC9439-8554-42FB-B45C-258D11053358}
2013-08-14 10:10 - 2013-08-14 10:10 - 00000000 ____D C:\Users\Agando\AppData\Local\{627B12DF-36A2-4897-8738-88D98B870A75}
2013-08-13 22:07 - 2013-08-13 22:07 - 00000000 ____D C:\Users\Agando\AppData\Local\{BEC9840F-D132-401C-96E6-5978AAB17A29}
2013-08-13 07:01 - 2013-08-13 07:01 - 00000000 ____D C:\Users\Agando\AppData\Local\{F67B89CC-CD8C-44E1-B37B-11188CDA5FE6}
2013-08-12 23:28 - 2013-08-20 15:17 - 00001788 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-08-12 19:00 - 2013-08-12 19:00 - 00000000 ____D C:\Users\Agando\AppData\Local\{C1604270-57B9-4F67-A805-5723BEADF638}
2013-08-12 06:28 - 2013-08-12 06:29 - 00000000 ____D C:\Users\Agando\AppData\Local\{36801FA9-1960-4E48-8196-2340CA3379A5}
2013-08-11 16:04 - 2013-08-11 16:05 - 00000000 ____D C:\Users\Agando\AppData\Local\{49A59F05-B79F-4903-BDE3-3D7C967EF3AB}
2013-08-10 15:58 - 2013-08-11 04:04 - 00000000 ____D C:\Users\Agando\AppData\Local\{A919BF10-5945-45AC-984E-51B5384AC3B0}
2013-08-10 01:21 - 2013-08-10 01:21 - 00000000 ____D C:\Users\Agando\AppData\Local\{DC5FDB96-7BBD-41CA-A0D7-A768384C6EE9}
2013-08-09 13:16 - 2013-08-09 13:16 - 00000000 ____D C:\Users\Agando\AppData\Local\{86F010DE-4FFD-40DC-8E1B-0C451DA568C5}
2013-08-09 01:16 - 2013-08-09 01:16 - 00000000 ____D C:\Users\Agando\AppData\Local\{5AAF48FE-A2CF-4C2F-BC98-A7080FE0012A}
2013-08-08 13:12 - 2013-08-08 13:12 - 00000000 ____D C:\Users\Agando\AppData\Local\{5A9402CD-C443-4EF1-8717-17C658E23B01}
2013-08-07 19:51 - 2013-08-07 19:52 - 00000000 ____D C:\Users\Agando\AppData\Local\{EA517739-83EB-4343-B3C7-41FDCFA5ED95}
2013-08-07 00:55 - 2013-08-07 00:56 - 00000000 ____D C:\Users\Agando\AppData\Local\{6BAAF9C1-AB73-4905-9A6B-FF9671156CFB}
2013-08-06 12:54 - 2013-08-06 12:54 - 00000000 ____D C:\Users\Agando\AppData\Local\{131E6AEB-9E42-4D13-8FB5-D7769B70C902}
2013-08-06 00:53 - 2013-08-06 00:53 - 00000000 ____D C:\Users\Agando\AppData\Local\{40D6185E-1888-4C66-928E-F3542E74F198}
2013-08-05 12:48 - 2013-08-05 12:49 - 00000000 ____D C:\Users\Agando\AppData\Local\{0125EB95-FD5D-473D-A44B-7429BE2E8BBC}
2013-08-04 09:29 - 2013-08-04 21:35 - 00000000 ____D C:\Users\Agando\AppData\Local\{181AB8F7-6146-43A2-96EE-A6734447E417}
2013-08-03 19:37 - 2013-08-03 19:38 - 00000000 ____D C:\Users\Agando\AppData\Local\{782139E8-878B-4CF7-B65F-112A688423B8}
2013-08-03 07:34 - 2013-08-03 07:34 - 00000000 ____D C:\Users\Agando\AppData\Local\{70FD5476-30E2-4C67-8EA3-2860A02F74E9}
2013-08-02 19:33 - 2013-08-02 19:33 - 00000000 ____D C:\Users\Agando\AppData\Local\{A2AFC57E-DA3B-4A5E-A01D-13AD9A3E6731}
2013-08-02 00:41 - 2013-08-02 00:42 - 00000000 ____D C:\Users\Agando\AppData\Local\{AD624F2A-CFE3-424B-B7AC-03D28A97029D}
2013-08-01 12:41 - 2013-08-01 12:41 - 00000000 ____D C:\Users\Agando\AppData\Local\{DD933B88-7A4D-46D2-B716-6E9F5CE885E5}
2013-08-01 03:08 - 2013-08-15 03:04 - 00000000 ____D C:\Windows\system32\MRT
2013-08-01 00:40 - 2013-08-01 00:40 - 00000000 ____D C:\Users\Agando\AppData\Local\{E9BCF077-6FFB-40AB-B8B4-A80FBB72FDA8}
2013-07-31 18:34 - 2013-07-31 18:34 - 38151048 _____ (SplitMediaLabs) C:\Users\Agando\Downloads\xsplit_installer_v1.2.1303.0101b(1).exe
2013-07-31 18:34 - 2013-07-31 18:34 - 00000000 ____D C:\Program Files (x86)\SplitMediaLabs
2013-07-31 18:22 - 2013-07-31 18:33 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-07-31 18:21 - 2013-07-31 18:21 - 00001114 _____ C:\Users\Public\Desktop\XSplit Broadcaster.lnk
2013-07-31 18:20 - 2013-07-31 18:20 - 39881432 _____ (SplitMediaLabs) C:\Users\Agando\Downloads\xsplit_installer_v1.3.1307.1904.exe
2013-07-31 12:39 - 2013-07-31 12:40 - 00000000 ____D C:\Users\Agando\AppData\Local\{1A842556-3645-4B57-B392-7A43DF031E24}
2013-07-31 03:06 - 2013-07-31 03:06 - 38151048 _____ (SplitMediaLabs) C:\Users\Agando\Downloads\xsplit_installer_v1.2.1303.0101b.exe
2013-07-31 00:37 - 2013-07-31 00:37 - 00000000 ____D C:\Users\Agando\AppData\Local\{631ADD57-07E2-4D55-811F-DBECCEB6316D}
2013-07-30 12:36 - 2013-07-30 12:37 - 00000000 ____D C:\Users\Agando\AppData\Local\{C1CF89ED-0920-462C-A134-E33599B1BC1B}
2013-07-30 00:35 - 2013-07-30 00:35 - 00000000 ____D C:\Users\Agando\AppData\Local\{D9BDCE57-F3DC-4360-9F49-277220CFE06E}

==================== One Month Modified Files and Folders =======

2013-08-29 22:14 - 2013-08-29 22:14 - 00002339 _____ C:\Users\Agando\Desktop\Sicherer Zahlungsverkehr.lnk
2013-08-29 22:14 - 2013-08-29 22:12 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-08-29 22:14 - 2012-04-05 11:36 - 01763516 _____ C:\Windows\WindowsUpdate.log
2013-08-29 22:13 - 2013-08-29 22:14 - 00001129 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2013-08-29 22:12 - 2013-08-29 22:12 - 00000000 ____D C:\Windows\ELAMBKUP
2013-08-29 22:12 - 2013-08-29 22:12 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2013-08-29 22:11 - 2012-04-17 04:14 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-29 22:11 - 2012-04-17 04:11 - 00000000 ____D C:\Users\Agando\AppData\Local\Deployment
2013-08-29 22:09 - 2012-07-28 23:37 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-29 22:09 - 2012-04-16 22:22 - 00000004 _____ C:\Windows\SysWOW64\GVTunner.ref
2013-08-29 22:09 - 2012-04-05 12:53 - 00030528 _____ C:\Windows\GVTDrv64.sys
2013-08-29 22:09 - 2012-04-05 12:51 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2013-08-29 22:08 - 2013-08-28 23:43 - 00013764 _____ C:\Windows\PFRO.log
2013-08-29 22:08 - 2013-08-28 13:07 - 00000728 _____ C:\Windows\setupact.log
2013-08-29 22:08 - 2013-08-28 08:22 - 00000144 _____ C:\service.log
2013-08-29 22:08 - 2012-04-22 17:27 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-29 22:08 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-29 22:02 - 2012-06-04 15:52 - 00001142 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2791813957-2553131097-2160486698-1000UA.job
2013-08-29 21:49 - 2013-08-26 17:03 - 00000290 _____ C:\Windows\Tasks\DSite.job
2013-08-29 21:48 - 2013-08-29 21:48 - 00000000 ____D C:\FRST
2013-08-29 21:46 - 2013-08-29 21:46 - 01579080 _____ (Farbar) C:\Users\Agando\Downloads\FRST64.exe
2013-08-29 21:31 - 2013-08-29 21:28 - 261894976 _____ C:\Users\Agando\Downloads\kis14.0.0.4651aDE_4890.exe
2013-08-29 21:27 - 2012-07-28 23:37 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-29 21:16 - 2013-08-29 00:41 - 00000000 ____D C:\Program Files (x86)\TrojanHunter 5.5
2013-08-29 21:16 - 2009-07-14 06:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-29 21:16 - 2009-07-14 06:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-29 21:09 - 2013-08-29 21:09 - 00000000 ____D C:\Users\Agando\AppData\Local\{D73BF8D8-8856-4840-BC7E-F9A32DE2F2AB}
2013-08-29 21:09 - 2012-07-12 20:33 - 00000000 ____D C:\Users\Agando\AppData\Local\Windows Live
2013-08-29 21:08 - 2012-04-17 03:19 - 00000000 ____D C:\Users\Agando\AppData\Roaming\Skype
2013-08-29 02:25 - 2013-08-29 02:25 - 00001148 _____ C:\Users\Public\Desktop\Trojan Remover.lnk
2013-08-29 02:25 - 2013-08-29 02:25 - 00000000 ____D C:\Users\Agando\Documents\Simply Super Software
2013-08-29 02:25 - 2013-08-29 02:25 - 00000000 ____D C:\Users\Agando\AppData\Roaming\TrojanHunter
2013-08-29 02:25 - 2013-08-29 02:25 - 00000000 ____D C:\Users\Agando\AppData\Roaming\Simply Super Software
2013-08-29 02:25 - 2013-08-29 02:24 - 00000000 ____D C:\Program Files (x86)\Trojan Remover
2013-08-29 02:24 - 2013-08-29 02:24 - 00000000 ____D C:\ProgramData\Simply Super Software
2013-08-29 01:10 - 2013-08-29 01:09 - 00000000 ____D C:\Users\Agando\AppData\Local\{32317155-CF23-4BB4-AE37-4C1E5DB9D96D}
2013-08-29 01:02 - 2012-06-04 15:52 - 00001120 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2791813957-2553131097-2160486698-1000Core.job
2013-08-29 00:47 - 2013-08-29 00:47 - 00001118 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-29 00:47 - 2013-08-29 00:47 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-29 00:46 - 2013-08-29 00:46 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Agando\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-08-29 00:43 - 2013-08-29 00:43 - 23334896 _____ (Simply Super Software                                      ) C:\Users\Agando\Downloads\trjsetup_688.exe
2013-08-29 00:42 - 2013-08-29 00:42 - 00059392 ____R C:\Windows\SysWOW64\streamhlp.dll
2013-08-29 00:42 - 2013-08-29 00:42 - 00001094 _____ C:\Users\Agando\Desktop\TrojanHunter.lnk
2013-08-29 00:42 - 2013-08-29 00:42 - 00000000 ____D C:\ProgramData\TrojanHunter
2013-08-29 00:41 - 2013-08-29 00:41 - 05843488 _____ (Mischel Internet Security                                  ) C:\Users\Agando\Downloads\TrojanHunterSetup_5.5_Build_1003.exe
2013-08-28 13:09 - 2013-08-28 13:08 - 00000000 ____D C:\Users\Agando\AppData\Local\{553041C7-DC3C-4A7D-A204-86A6F6FF3B6D}
2013-08-28 13:07 - 2013-08-28 13:07 - 00000000 _____ C:\Windows\setuperr.log
2013-08-28 07:53 - 2013-08-26 19:03 - 00000005 _____ C:\Users\Agando\AppData\Roaming\WBPU-TTL.DAT
2013-08-28 07:03 - 2013-04-14 19:41 - 00000000 ____D C:\Users\Agando\AppData\Roaming\Spotify
2013-08-28 07:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-08-28 07:02 - 2012-07-12 21:23 - 00000000 ____D C:\Users\Agando\Tracing
2013-08-28 00:31 - 2012-04-17 03:54 - 00000000 ____D C:\Users\Agando\AppData\Roaming\TS3Client
2013-08-28 00:05 - 2012-04-18 13:21 - 00000000 ____D C:\Users\Agando\AppData\Roaming\SoftGrid Client
2013-08-27 21:58 - 2013-08-27 21:58 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Agando\Downloads\tdsskiller.exe
2013-08-27 21:54 - 2013-08-26 17:03 - 00000000 ____D C:\Users\Agando\AppData\Roaming\DSite
2013-08-27 21:54 - 2013-08-26 00:44 - 00000000 ____D C:\Program Files (x86)\CHIP System-Check-Tool
2013-08-27 21:54 - 2013-08-26 00:38 - 00000000 ____D C:\Program Files\CPUID
2013-08-27 21:54 - 2013-08-17 06:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-27 21:54 - 2013-07-24 07:54 - 00000000 ____D C:\Program Files (x86)\Kabel BW
2013-08-27 21:54 - 2012-05-09 02:13 - 00000000 ____D C:\Program Files (x86)\Steam
2013-08-27 21:54 - 2012-04-17 01:45 - 00000000 ____D C:\ProgramData\AVAST Software
2013-08-27 21:54 - 2012-04-17 01:45 - 00000000 ____D C:\Program Files\AVAST Software
2013-08-27 21:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-08-27 21:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2013-08-27 21:53 - 2013-08-27 21:53 - 00001812 _____ C:\Users\Agando\Desktop\aswMBR2.txt
2013-08-27 21:53 - 2013-08-27 21:53 - 00000512 _____ C:\Users\Agando\Desktop\MBR.dat
2013-08-27 21:49 - 2013-08-26 17:03 - 00003240 _____ C:\Windows\System32\Tasks\DSite
2013-08-27 21:48 - 2013-08-27 21:48 - 00000000 ____D C:\Users\Agando\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
2013-08-27 21:47 - 2013-08-27 21:47 - 00003400 _____ C:\Windows\System32\Tasks\EPUpdater
2013-08-27 21:47 - 2013-08-27 21:47 - 00000000 ____D C:\Program Files (x86)\Delta
2013-08-27 21:46 - 2013-08-27 21:46 - 00000000 ____D C:\Users\Agando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
2013-08-27 21:46 - 2013-08-27 21:46 - 00000000 ____D C:\ProgramData\Babylon
2013-08-27 21:45 - 2013-08-27 21:45 - 00001119 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-08-27 21:45 - 2013-08-27 21:45 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-08-27 21:12 - 2013-08-27 21:12 - 00000000 ____D C:\Users\Agando\AppData\Local\{DE1C6A1E-553C-416A-A913-00CEF9273C60}
2013-08-27 21:12 - 2013-08-27 21:12 - 00000000 ____D C:\Users\Agando\AppData\Local\{9844E0F3-A72E-4491-AA37-159A131C69DD}
2013-08-27 21:10 - 2012-04-05 11:34 - 00000000 ____D C:\Users\Agando
2013-08-27 09:10 - 2013-08-27 09:10 - 00000000 ____D C:\Users\Agando\AppData\Local\{BE7BAD09-38C3-4DD9-B140-370BAF9BE03F}
2013-08-27 09:10 - 2013-08-27 09:09 - 00000000 ____D C:\Users\Agando\AppData\Local\{B2686250-ECA9-4D46-B244-F3FF37E8ECE8}
2013-08-26 21:08 - 2013-08-26 21:08 - 00000000 ____D C:\Users\Agando\AppData\Local\{427BEE33-37BD-424D-ABF7-6456CA35BFE3}
2013-08-26 21:08 - 2013-08-26 21:07 - 00000000 ____D C:\Users\Agando\AppData\Local\{BFC99E60-B005-4DCD-AD30-EC4E6426AC01}
2013-08-26 20:49 - 2011-04-12 09:54 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-08-26 19:03 - 2013-08-26 19:03 - 00000055 _____ C:\Users\Agando\AppData\Roaming\WB.CFG
2013-08-26 17:02 - 2013-06-28 00:43 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-08-26 17:02 - 2013-06-27 02:58 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-08-26 17:02 - 2013-06-27 02:58 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-08-26 17:02 - 2012-04-17 01:46 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-08-26 16:57 - 2013-08-26 16:56 - 117478104 _____ C:\Users\Agando\Downloads\avast_free_antivirus_setup.exe
2013-08-26 12:40 - 2013-07-24 08:14 - 00056016 _____ C:\Windows\system32\Drivers\fsbts.sys
2013-08-26 12:33 - 2013-07-24 08:13 - 00019828 _____ C:\Windows\prodsett_copy.ini
2013-08-26 12:14 - 2013-08-26 12:14 - 00000000 ____D C:\Users\Agando\AppData\Local\{98909EFF-070B-4528-9875-64AD4A24FE62}
2013-08-26 12:14 - 2013-08-26 12:13 - 00000000 ____D C:\Users\Agando\AppData\Local\{7FB4754F-F322-4E9B-8BF4-8B25E411951A}
2013-08-26 00:56 - 2013-07-13 21:40 - 00000000 ____D C:\Program Files (x86)\Biet-O-Matic
2013-08-26 00:56 - 2013-02-07 19:07 - 00000000 ____D C:\ProgramData\tmp
2013-08-26 00:56 - 2012-09-09 16:37 - 00000000 ____D C:\Program Files (x86)\PokerStars.EU
2013-08-26 00:56 - 2012-04-05 12:29 - 00000000 ____D C:\Windows\Panther
2013-08-26 00:56 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-08-26 00:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Msdtc
2013-08-26 00:44 - 2013-08-26 00:44 - 00001114 _____ C:\Users\Agando\Desktop\CHIP System-Check-Tool.lnk
2013-08-26 00:44 - 2011-04-12 09:43 - 00697594 _____ C:\Windows\system32\perfh007.dat
2013-08-26 00:44 - 2011-04-12 09:43 - 00148818 _____ C:\Windows\system32\perfc007.dat
2013-08-26 00:44 - 2009-07-14 07:13 - 01614880 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-26 00:40 - 2013-08-26 00:40 - 05603998 _____ (CHIP, Winfuture, Green Crystal Software                    ) C:\Users\Agando\Downloads\chip_sct_11915.exe
2013-08-26 00:39 - 2013-08-26 00:39 - 00000874 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2013-08-26 00:38 - 2013-08-26 00:38 - 01458776 _____ (                                                            ) C:\Users\Agando\Downloads\cpu-z_1.66-setup-en.exe
2013-08-25 22:57 - 2013-08-25 10:50 - 00000000 ____D C:\Users\Agando\AppData\Local\{5922E8B5-2CF0-426A-A70C-C8B4B155A3EF}
2013-08-24 16:07 - 2013-08-24 16:07 - 00000000 ____D C:\Users\Agando\AppData\Local\{DC695043-AC67-4EAA-9EEA-54008B4B6702}
2013-08-24 00:05 - 2013-08-24 00:04 - 00000000 ____D C:\Users\Agando\AppData\Local\{4F381444-BB2D-4460-B338-CFE3103BA21C}
2013-08-23 12:03 - 2013-08-23 12:03 - 00000000 ____D C:\Users\Agando\AppData\Local\{4B9CE7DB-E151-4DA8-9399-D65D88DA68C3}
2013-08-22 21:57 - 2013-08-22 21:57 - 00000000 ____D C:\Users\Agando\AppData\Local\{2399E245-AC4B-4D43-9F3F-DE2FA3345E12}
2013-08-22 01:47 - 2013-08-22 01:47 - 00000000 ____D C:\Users\Agando\AppData\Local\{4D52FD10-12E5-4D40-99E5-EB2DAD028EC0}
2013-08-21 13:40 - 2013-08-21 13:40 - 00000000 ____D C:\Users\Agando\AppData\Local\{ADFA1044-F9F8-422F-904F-D3952B78DF33}
2013-08-21 01:40 - 2013-08-21 01:39 - 00000000 ____D C:\Users\Agando\AppData\Local\{C70081E7-0A5E-414F-AE7A-EF389B526381}
2013-08-20 22:11 - 2012-04-17 04:14 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-20 22:11 - 2012-04-17 04:14 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-20 22:11 - 2012-04-17 04:14 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-20 22:01 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-20 15:17 - 2013-08-20 15:17 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-20 15:17 - 2013-08-20 15:17 - 00000000 ____D C:\Program Files\iTunes
2013-08-20 15:17 - 2013-08-20 15:17 - 00000000 ____D C:\Program Files\iPod
2013-08-20 15:17 - 2013-08-20 15:17 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-08-20 15:17 - 2013-08-12 23:28 - 00001788 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-08-20 13:38 - 2013-08-20 13:38 - 00000000 ____D C:\Users\Agando\AppData\Local\{860A5D48-4C6A-4415-B616-5B58D66D3A85}
2013-08-20 01:38 - 2013-08-19 13:31 - 00000000 ____D C:\Users\Agando\AppData\Local\{B8A6886B-D253-4011-A753-81BD69E510E1}
2013-08-19 01:29 - 2013-08-18 13:23 - 00000000 ____D C:\Users\Agando\AppData\Local\{F5EAF9F6-80A6-4CFA-8851-57F8DD46C28B}
2013-08-17 18:25 - 2013-08-17 18:25 - 00000000 ____D C:\Users\Agando\AppData\Local\{0F23E30A-6AB5-4A83-9B5A-84FF20D369D4}
2013-08-17 18:21 - 2012-05-02 19:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-17 06:24 - 2013-08-17 06:24 - 00000000 ____D C:\Users\Agando\AppData\Local\{B3616181-C42D-47C6-9987-668F84C45B4D}
2013-08-16 18:24 - 2013-08-16 18:23 - 00000000 ____D C:\Users\Agando\AppData\Local\{D5E3A7A7-703A-4B5E-92C7-787FDA940717}
2013-08-16 08:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-16 06:23 - 2013-08-16 06:23 - 00000000 ____D C:\Users\Agando\AppData\Local\{E8D2D88B-F446-41C2-BCA0-73740D7543D3}
2013-08-15 18:01 - 2013-08-15 18:01 - 00001407 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2013-08-15 18:01 - 2013-08-15 18:01 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-08-15 18:01 - 2012-12-21 13:40 - 00000000 ____D C:\Users\Agando\AppData\Roaming\DVDVideoSoftIEHelpers
2013-08-15 18:01 - 2012-12-21 13:40 - 00000000 ____D C:\Users\Agando\AppData\Roaming\DVDVideoSoft
2013-08-15 12:22 - 2013-08-15 12:21 - 00000000 ____D C:\Users\Agando\AppData\Local\{B587A9E0-38A4-4067-BFFB-8A070E1CAD36}
2013-08-15 03:04 - 2013-08-01 03:08 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 03:02 - 2012-04-17 23:22 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-15 01:05 - 2012-10-05 15:16 - 00000000 ____D C:\Users\Agando\AppData\Roaming\Apple Computer
2013-08-14 22:11 - 2013-08-14 22:10 - 00000000 ____D C:\Users\Agando\AppData\Local\{89AC9439-8554-42FB-B45C-258D11053358}
2013-08-14 12:40 - 2013-08-29 22:12 - 00619616 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2013-08-14 10:10 - 2013-08-14 10:10 - 00000000 ____D C:\Users\Agando\AppData\Local\{627B12DF-36A2-4897-8738-88D98B870A75}
2013-08-13 22:07 - 2013-08-13 22:07 - 00000000 ____D C:\Users\Agando\AppData\Local\{BEC9840F-D132-401C-96E6-5978AAB17A29}
2013-08-13 07:01 - 2013-08-13 07:01 - 00000000 ____D C:\Users\Agando\AppData\Local\{F67B89CC-CD8C-44E1-B37B-11188CDA5FE6}
2013-08-12 23:23 - 2012-10-05 15:14 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-08-12 19:00 - 2013-08-12 19:00 - 00000000 ____D C:\Users\Agando\AppData\Local\{C1604270-57B9-4F67-A805-5723BEADF638}
2013-08-12 06:29 - 2013-08-12 06:28 - 00000000 ____D C:\Users\Agando\AppData\Local\{36801FA9-1960-4E48-8196-2340CA3379A5}
2013-08-11 16:05 - 2013-08-11 16:04 - 00000000 ____D C:\Users\Agando\AppData\Local\{49A59F05-B79F-4903-BDE3-3D7C967EF3AB}
2013-08-11 04:04 - 2013-08-10 15:58 - 00000000 ____D C:\Users\Agando\AppData\Local\{A919BF10-5945-45AC-984E-51B5384AC3B0}
2013-08-10 21:49 - 2012-04-17 02:48 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2013-08-10 01:21 - 2013-08-10 01:21 - 00000000 ____D C:\Users\Agando\AppData\Local\{DC5FDB96-7BBD-41CA-A0D7-A768384C6EE9}
2013-08-09 13:16 - 2013-08-09 13:16 - 00000000 ____D C:\Users\Agando\AppData\Local\{86F010DE-4FFD-40DC-8E1B-0C451DA568C5}
2013-08-09 01:16 - 2013-08-09 01:16 - 00000000 ____D C:\Users\Agando\AppData\Local\{5AAF48FE-A2CF-4C2F-BC98-A7080FE0012A}
2013-08-08 18:56 - 2013-03-15 07:54 - 00000000 ____D C:\Users\Agando\Desktop\Laden
2013-08-08 13:12 - 2013-08-08 13:12 - 00000000 ____D C:\Users\Agando\AppData\Local\{5A9402CD-C443-4EF1-8717-17C658E23B01}
2013-08-07 19:52 - 2013-08-07 19:51 - 00000000 ____D C:\Users\Agando\AppData\Local\{EA517739-83EB-4343-B3C7-41FDCFA5ED95}
2013-08-07 08:54 - 2012-04-17 22:55 - 00000000 ____D C:\Users\Agando\AppData\Local\Adobe
2013-08-07 00:56 - 2013-08-07 00:55 - 00000000 ____D C:\Users\Agando\AppData\Local\{6BAAF9C1-AB73-4905-9A6B-FF9671156CFB}
2013-08-06 21:18 - 2013-02-01 18:35 - 00000000 ____D C:\Users\Agando\AppData\Roaming\vlc
2013-08-06 21:16 - 2012-04-17 01:46 - 00000000 ____D C:\Users\Agando\AppData\Local\Google
2013-08-06 21:16 - 2012-04-17 01:46 - 00000000 ____D C:\Program Files (x86)\Google
2013-08-06 21:14 - 2013-02-18 11:30 - 00000000 ____D C:\Program Files (x86)\Camfrog
2013-08-06 12:54 - 2013-08-06 12:54 - 00000000 ____D C:\Users\Agando\AppData\Local\{131E6AEB-9E42-4D13-8FB5-D7769B70C902}
2013-08-06 00:53 - 2013-08-06 00:53 - 00000000 ____D C:\Users\Agando\AppData\Local\{40D6185E-1888-4C66-928E-F3542E74F198}
2013-08-05 12:49 - 2013-08-05 12:48 - 00000000 ____D C:\Users\Agando\AppData\Local\{0125EB95-FD5D-473D-A44B-7429BE2E8BBC}
2013-08-04 21:35 - 2013-08-04 09:29 - 00000000 ____D C:\Users\Agando\AppData\Local\{181AB8F7-6146-43A2-96EE-A6734447E417}
2013-08-03 19:38 - 2013-08-03 19:37 - 00000000 ____D C:\Users\Agando\AppData\Local\{782139E8-878B-4CF7-B65F-112A688423B8}
2013-08-03 07:34 - 2013-08-03 07:34 - 00000000 ____D C:\Users\Agando\AppData\Local\{70FD5476-30E2-4C67-8EA3-2860A02F74E9}
2013-08-02 19:33 - 2013-08-02 19:33 - 00000000 ____D C:\Users\Agando\AppData\Local\{A2AFC57E-DA3B-4A5E-A01D-13AD9A3E6731}
2013-08-02 00:42 - 2013-08-02 00:41 - 00000000 ____D C:\Users\Agando\AppData\Local\{AD624F2A-CFE3-424B-B7AC-03D28A97029D}
2013-08-01 12:41 - 2013-08-01 12:41 - 00000000 ____D C:\Users\Agando\AppData\Local\{DD933B88-7A4D-46D2-B716-6E9F5CE885E5}
2013-08-01 03:07 - 2012-04-05 13:53 - 01593356 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-08-01 00:40 - 2013-08-01 00:40 - 00000000 ____D C:\Users\Agando\AppData\Local\{E9BCF077-6FFB-40AB-B8B4-A80FBB72FDA8}
2013-07-31 18:34 - 2013-07-31 18:34 - 38151048 _____ (SplitMediaLabs) C:\Users\Agando\Downloads\xsplit_installer_v1.2.1303.0101b(1).exe
2013-07-31 18:34 - 2013-07-31 18:34 - 00000000 ____D C:\Program Files (x86)\SplitMediaLabs
2013-07-31 18:33 - 2013-07-31 18:22 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-07-31 18:21 - 2013-07-31 18:21 - 00001114 _____ C:\Users\Public\Desktop\XSplit Broadcaster.lnk
2013-07-31 18:20 - 2013-07-31 18:20 - 39881432 _____ (SplitMediaLabs) C:\Users\Agando\Downloads\xsplit_installer_v1.3.1307.1904.exe
2013-07-31 12:40 - 2013-07-31 12:39 - 00000000 ____D C:\Users\Agando\AppData\Local\{1A842556-3645-4B57-B392-7A43DF031E24}
2013-07-31 03:06 - 2013-07-31 03:06 - 38151048 _____ (SplitMediaLabs) C:\Users\Agando\Downloads\xsplit_installer_v1.2.1303.0101b.exe
2013-07-31 00:37 - 2013-07-31 00:37 - 00000000 ____D C:\Users\Agando\AppData\Local\{631ADD57-07E2-4D55-811F-DBECCEB6316D}
2013-07-30 12:37 - 2013-07-30 12:36 - 00000000 ____D C:\Users\Agando\AppData\Local\{C1CF89ED-0920-462C-A134-E33599B1BC1B}
2013-07-30 00:35 - 2013-07-30 00:35 - 00000000 ____D C:\Users\Agando\AppData\Local\{D9BDCE57-F3DC-4360-9F49-277220CFE06E}

Files to move or delete:
====================
C:\Users\Agando\AppData\Local\Temp\D40E5187-10E1-11E3-8382-F8D111109766\DOTNETFX40_CLIENT_X86_X64.EXE
C:\Users\Agando\AppData\Local\Temp\6BE748706E013E1138288F1D11017966\SETUP.DLL
C:\Users\Agando\AppData\Local\Temp\368BB7B06E013E1138288F1D11017966\SETUP.DLL
C:\Users\Agando\AppData\Local\Temp\2C8AC55C1E013E1138288F1D11017966\SETUP.DLL
C:\Users\Agando\AppData\Local\Temp\28C3F9FE-10E2-11E3-8382-F8D111109766\Cleaner\cleanapi.dll
C:\Users\Agando\AppData\Local\Temp\1B2CAC75-10E6-11E3-8382-F8D111109766\Cleaner\cleanapi.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-23 13:42

==================== End Of Log ============================
--- --- ---

--- --- ---

cosinus 29.08.2013 22:23
Edit: da isses ja :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 00:48 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131