Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Probleme mit Virenscanner (https://www.trojaner-board.de/138374-probleme-virenscanner.html)

Basti1995 17.07.2013 17:12
Probleme mit Virenscanner
 
Hallo Zusammen,

seit einigen Tagen zeigte mir mein KIS2013 an: "Aufgabenstart IM-Antivirus nicht möglich". Nach 4 Tagen experimentieren installierte ich KIS2013 schlussendlich neu. Jetzt geht es wieder. Ich habe mir eben Malwarebytes Anti-Malware runtergeladen, dabei und auch während des Nutzens, den KIS ausgeschaltet. M. A-M fand 21 "infizierte Objekte", als ich sie nach dem Test auswählte und auf "Löschen" klickte, stürzte das Programm ab - auch nach mehrmaligen Wiederholen. Nun dachte ich mir, teste ich eben Kaspersky´s Suchfunktion aus, doch das Programm wurde in der Taskleiste grau und zeigte nur noch an: "Der Serviceteil des Programms wurde aus dem Arbeitsspeicher des Computers entladen."

Und jetzt?

Kann mir bitte bitte irgendwer helfen?

Vielen Dank euch schon einmal im Voraus! :)

Viele Grüße,
Basti

DerJazzer 17.07.2013 17:17
Hallo und :hallo:

Ich bin Christoph alias DerJazzer. Ich werde dich durch die Bereinigung begleiten und bin währenddessen dein Ansprechpartner für dieses Thema.

Je nach Art der vorliegenden Infektion kann viel Arbeit und ein großer Zeiteinsatz auf dich (und auf mich) zukommen. Ein Neuaufsetzen ist damit meist als der schnellere, aber immer als der sicherere Weg zu betrachten.

Für den Erfolg der Bereinigung gilt:
Ich kann dir zu keinem Zeitpunkt garantieren, dass der PC nach der Bereinigung auch wirklich frei von Malware ist!

Wenn du das akzeptierst, bitte ich dich, hier so lange mitzuarbeiten, bis ich dir sage, dass der PC aus meiner Sicht malwarefrei ist.

Um die Bereinigung so effektiv und nervenschonend wie möglich zu gestalten, bitte ich dich, folgende Punkte ebenfalls zu beachten:
  • Bitte arbeite alle Schritte in der von mir genannten Reihenfolge nacheinander ab.
  • Bitte lies dir meine Anleitungen einmal kurz durch, bevor du beginnst. Solltest du Fragen haben, stelle sie bitte hier im Thema.
  • Sollten während des Abarbeitens der Anleitungen und des Einsaztes der geforderten Tools Probleme auftauchen, stoppe bitte bei dem betreffenden Schritt und beschreibe dein Problem so genau wie möglich.
  • Bitte setze keine Tools auf eigene Faust ein, sondern benutze nur von mir ausdrücklich geforderte Tools. Ebenso bitte ich dich, während der Bereinigung keine neuen Programme ohne meine Aufforderung zu installieren.
  • Im Interesse der Höflichkeit (auch im "anonymen" Internet!) appelliere ich an dich, sog. Crossposting (Posten deines Problems in mehreren Foren) auch aus Wertschätzung meiner Arbeit zu unterlassen.

Um mir das Auswerten deiner Logs (Berichte der verwendeten Programme) zu erleichtern, bitte ich dich, diese zwischen Code-Tags zu posten. Dazu drückst du einfach den #-Button im Antwortfenster und fügst dort zwischen den eckigen Klammern dein Log ein. Das sieht dann so aus: [CODE] eingefügtes Log [/CODE]

Vista und Win7 User
Alle Tools mit Rechtsklick "als Administrator ausführen" starten.


Schritt 1

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Basti1995 17.07.2013 17:29
Hallo Cristoph,

besten Dank für Deine Hilfe!

Ich werde alles, nach besten Wissen und Gewissen, erledigen! Übrigens, während der Nutzung von dem Programm kam auch wieder ein Fehler "FRST.exe" ist beschädtigt ..

FRST.txt:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-07-2013 02
Ran by Basti (administrator) on 17-07-2013 18:21:44
Running from C:\Users\Basti\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Saitek) C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
(Saitek) C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
(IDT, Inc.) C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAC7311\Monitor.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Lee-Soft.com, Lee Matthew Chantrey) C:\Program Files\ViGlance\ViGlance.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CrypKey (Canada) Ltd.) C:\Windows\system32\crypserv.exe
(TEAC Corporation) C:\teac\iconmgr\iconmgr.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
(Logitech Inc.) C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
(Nitro PDF Software) C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
() C:\Program Files\Common Files\NMSAccessU.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(iZ3D Inc.) C:\Program Files\iZ3D Driver\Win32\S3DCService.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_6fa9efce\STacSV.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\ehome\ehRecvr.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Microsoft Corporation) C:\PROGRA~1\MICROS~3\Office12\OIS.EXE
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE

==================== Registry (Whitelisted) ==================

MountPoints2: {02344763-724c-11e0-a08d-0019d147cca9} - L:\setup.exe
MountPoints2: {754d7061-0eca-11e2-a633-0019d147cca9} - E:\stub.exe
MountPoints2: {a771a69f-5733-11e2-80b8-806e6f6e6963} - E:\stub.exe
itek)
HKLM\...\Run: [SigmatelSysTrayApp] - C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2008-02-15] (IDT, Inc.)
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM\...\Run: [AVP] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356376 2013-05-16] (Kaspersky Lab ZAO)
HKLM\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKCU\...\Run: [] -  [x]
HKCU\...\Run: [PAC7311_Monitor] - C:\Windows\PixArt\PAC7311\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-07-12] (Google Inc.)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-18] (Microsoft Corporation)
HKCU\...\Run: [ViGlance] - C:\Program Files\ViGlance\ViGlance.exe [495616 2012-05-15] (Lee-Soft.com, Lee Matthew Chantrey)
HKCU\...\Run: [ISUSPM] - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [213936 2006-05-16] (Macrovision Corporation)
HKCU\...\Run: [Steam] - C:\Program Files\Steam\Steam.exe [1672616 2013-07-10] (Valve Corporation)
Startup: C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dsl-start.computerbild.de/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=0070413
URLSearchHook: Yahoo! Toolbar mit Pop-Up-Blocker - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -  No File
SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://startsear.ch/?aff=7&src=sp&cf=31c1e9d5-776a-11e1-96a0-0019d147cca9&q={searchTerms}
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://startsear.ch/?aff=7&src=sp&cf=31c1e9d5-776a-11e1-96a0-0019d147cca9&q={searchTerms}
SearchScopes: HKLM - {CF739809-1C6C-47C0-85B9-569DBB141420} URL = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q={searchTerms}&crm=1
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=113480&tt=010812_rbt_3112_4&babsrc=SP_ss&mntrId=ee5d832d0000000000000019d147cca9
SearchScopes: HKCU - {2A4EA81C-4ED2-41C3-9A5D-40BF57092860} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei=UTF-8&fr=freeze&type=20080831_IE7DefaultSearch
SearchScopes: HKCU - {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = hxxp://www.bigseekpro.com/search/browser/splitcam/{7F0168A5-B1C6-4D45-84FF-7249417F2931}?q={searchTerms}
SearchScopes: HKCU - {CF739809-1C6C-47C0-85B9-569DBB141420} URL = hxxp://toolbar.ask.com/toolbarv/askRedirect?gct=&gc=1&q={searchTerms}&crm=1&toolbar=DVS
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: af0.Adblock.BHO - {90EFF544-3981-4d46-85C9-C0361D0931D6} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
Toolbar: HKCU -No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Toolbar: HKCU -No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  No File
Toolbar: HKCU -StartSearchToolBar - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {B49C4597-8721-4789-9250-315DFBD9F525} hxxp://www.euer-radio.de/activex/ampx2.6.1.11_en_dl.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\st3fbf1u.default
FF user.js: detected! => C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\st3fbf1u.default\user.js
FF NewTab: about:blank
FF Homepage: hxxp://www.sxf-spotter.de.tl/
FF NetworkProxy: "ftp", "91.120.21.169"
FF NetworkProxy: "ftp_port", 80
FF NetworkProxy: "http", "91.120.21.169"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "socks", "91.120.21.169"
FF NetworkProxy: "socks_port", 80
FF NetworkProxy: "ssl", "91.120.21.169"
FF NetworkProxy: "ssl_port", 80
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @bittorrent.com/BitTorrentDNA - C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF Plugin: @gametap.com/npdd,version=1.0 - C:\Program Files\Downloader\npdd.dll (Metaboli)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @real.com/nppl3260;version=6.0.12.448 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.3.448 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 - C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\Basti\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF SearchPlugin: C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\st3fbf1u.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\st3fbf1u.default\searchplugins\startsear.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF Extension: No Name - C:\Users\Basti\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Deutsches Wörterbuch - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\st3fbf1u.default\Extensions\de-DE@dictionaries.addons.mozilla.org
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\st3fbf1u.default\Extensions\ich@maltegoetz.de
FF Extension: No Name - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\st3fbf1u.default\Extensions\nostmp
FF Extension: No Name - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\st3fbf1u.default\Extensions\support@predictad.com
FF Extension: CookieCuller - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\st3fbf1u.default\Extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}
FF Extension: No Name - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\st3fbf1u.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF Extension: DownloadHelper - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\st3fbf1u.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: suspendtab - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\st3fbf1u.default\Extensions\suspendtab@piro.sakura.ne.jp.xpi
FF Extension: unplug - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\st3fbf1u.default\Extensions\unplug@compunach.xpi
FF Extension: No Name - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\st3fbf1u.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\st3fbf1u.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi
FF Extension: No Name - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\st3fbf1u.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\st3fbf1u.default\Extensions\{d49175b3-3fd8-43b8-b28e-da5d47f3c398}.xpi
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [bkmrksync@nokia.com] C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
FF Extension: PC Sync 2 Synchronisation Extension - C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] C:\Program Files\Real\RealPlayer\browserrecord\firefox\ext
FF Extension: RealPlayer Browser Record Plugin - C:\Program Files\Real\RealPlayer\browserrecord\firefox\ext
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions:  C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Content Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF HKLM\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\
FF StartMenuInternet: FIREFOX.EXE - "C:\Program Files\Mozilla Firefox\firefox.exe"

========================== Services (Whitelisted) =================

R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AdobeActiveFileMonitor10.0; C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated)
S2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356376 2013-05-16] (Kaspersky Lab ZAO)
R2 Crypkey License; C:\Windows\System32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2010-01-11] (Stardock Corporation)
S3 DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [70656 2006-11-07] ()
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG)
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®)
R3 hpqcxs08; C:\Program Files\HP\C4180\Digital Imaging\bin\hpqcxs08.dll [217088 2008-11-19] (Hewlett-Packard Co.)
R2 hpqddsvc; C:\Program Files\HP\C4180\Digital Imaging\bin\hpqddsvc.dll [135168 2008-03-25] (Hewlett-Packard Co.)
R2 iconmgr; C:\teac\iconmgr\iconmgr.exe [110592 2009-03-20] (TEAC Corporation)
R2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [121240 2013-01-03] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NitroReaderDriverReadSpool; C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe [196912 2011-02-04] (Nitro PDF Software)
R2 NMSAccessU; C:\Program Files\Common Files\NMSAccessU.exe [65536 2007-01-25] ()
S3 nosGetPlusHelper; C:\Windows\System32\svchost.exe [21504 2008-01-18] (Microsoft Corporation)
R2 S3DSvc32; C:\Program Files\iZ3D Driver\Win32\S3DCService.exe [360960 2010-10-23] (iZ3D Inc.)
S2 sfrem01; C:\Windows\system32\sfrem01.exe [358008 2006-07-05] (Protection Technology (StarForce))
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_6fa9efce\STacSV.exe [102400 2008-02-15] (IDT, Inc.)
S2 SystemStoreService; C:\Program Files\SoftwareUpdater\SystemStore.exe [296448 2013-07-04] ()
S2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [1529152 2012-04-05] (TuneUp Software)
S3 TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [746392 2013-03-20] (Tunngle.net GmbH)

==================== Drivers (Whitelisted) ====================

R2 ACEDRV07; C:\Windows\system32\drivers\ACEDRV07.sys [101376 2009-12-14] (Protect Software GmbH)
R2 ACEDRV08; C:\Windows\system32\drivers\ACEDRV08.sys [108768 2008-02-03] (Protect Software GmbH)
R2 ACEDRV09; C:\Windows\system32\drivers\ACEDRV09.sys [110304 2009-02-04] (Protect Software GmbH)
R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [501560 2008-01-23] (Protect Software GmbH)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R3 AmdLLD; C:\Windows\System32\DRIVERS\AmdLLD.sys [34304 2007-06-29] (AMD, Inc.)
S3 ASPI; C:\Windows\System32\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [278728 2007-12-07] ()
S3 BDA_Capture_220A; C:\Windows\System32\Drivers\BDA_Capture_220A.sys [17152 2007-02-27] (WideViewer Electronics CO., LTD)
S3 DrvAgent32; C:\Windows\system32\Drivers\DrvAgent32.sys [23456 2013-07-03] (Phoenix Technologies)
S3 DSproct; C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys [4736 2006-10-05] (Gteko Ltd.)
R2 dsunidrv; C:\Program Files\DellSupport\Drivers\dsunidrv.sys [7424 2006-08-17] (Gteko Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [218688 2011-04-29] (DT Soft Ltd)
R2 enodpl; C:\Windows\System32\drivers\enodpl.sys [7552 2003-03-02] ()
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 HidNt; C:\Windows\System32\DRIVERS\HIDNt.sys [18992 2008-04-18] (Microsoft Corporation)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49664 2006-04-13] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2006-04-13] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2006-04-13] (HP)
R1 iZ3DInjectionDriver; C:\Program Files\iZ3D Driver\Win32\S3DInjectionDriver.sys [34968 2010-05-20] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [136024 2012-06-19] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [594528 2013-05-16] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [24408 2012-08-02] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [25944 2013-05-16] (Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25944 2013-05-16] (Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [44000 2013-07-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [145040 2013-05-16] (Kaspersky Lab ZAO)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25416 2007-12-07] ()
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25824 2010-05-07] ()
S3 Mac606; C:\Windows\System32\DRIVERS\Mac606.sys [26672 2008-04-18] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R1 NetworkX; C:\Windows\system32\ckldrv.sys [19584 2008-03-17] ()
S3 nmwcdnsu; C:\Windows\System32\drivers\nmwcdnsu.sys [137600 2011-05-18] (Nokia)
S3 nmwcdnsuc; C:\Windows\System32\drivers\nmwcdnsuc.sys [8576 2011-05-18] (Nokia)
S3 PAC7311; C:\Windows\System32\DRIVERS\PA707UCM.SYS [449024 2007-03-14] (PixArt Imaging Inc.)
R0x01000000 papycpu; C:\Windows\system32\drivers\papycpu.sys [1984 1998-10-06] ()
R0x01000000 papyjoy; C:\Windows\system32\drivers\papyjoy.sys [1888 1998-10-06] ()
R0 prosync1; C:\Windows\System32\drivers\prosync1.sys [7136 2005-12-21] (Protection Technology)
S3 RTL2832UBDA; C:\Windows\System32\drivers\RTL2832UBDA.sys [91168 2009-07-06] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832UUSB; C:\Windows\System32\Drivers\RTL2832UUSB.sys [32800 2009-07-06] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832U_IRHID; C:\Windows\System32\DRIVERS\RTL2832U_IRHID.sys [37280 2009-07-13] (Realtek)
S3 SaiH0C2D; C:\Windows\System32\DRIVERS\SaiH0C2D.sys [135168 2007-07-13] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [14080 2007-07-13] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [35072 2007-07-13] (Saitek)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12872 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67656 2010-05-10] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 sfsync03; C:\Windows\System32\drivers\sfsync03.sys [35328 2005-12-06] (Protection Technology)
R0 speedfan; C:\Windows\System32\speedfan.sys [25240 2011-03-18] (Almico Software)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [721904 2009-10-29] (Duplex Secure Ltd.)
R2 tandpl; C:\Windows\System32\drivers\tandpl.sys [4736 2003-04-19] ()
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [27136 2009-09-16] (Tunngle.net)
S3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [10064 2012-02-09] (TuneUp Software)
S3 WinRing0_1_2_0; C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [14416 2010-11-01] (OpenLibSys.org)
S2 adfs; No ImagePath
S3 BDA_Loader_220A; System32\Drivers\BDA_Loader_220A.sys [x]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 cpuz134; \??\C:\Users\Basti\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 SPLITCAM; system32\DRIVERS\splitcam.sys [x]
S3 yeddef; System32\Drivers\yeddef.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-17 18:21 - 2013-07-17 18:21 - 01218860 _____ (Farbar) C:\Users\Basti\Desktop\FRST.exe
2013-07-17 18:21 - 2013-07-17 18:21 - 00000000 ____D C:\FRST
2013-07-17 17:45 - 2013-07-17 18:21 - 00001587 _____ C:\Users\Basti\Desktop\TK.txt
2013-07-17 17:37 - 2013-07-17 17:37 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2013-07-17 17:09 - 2013-07-17 17:09 - 00000902 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-07-17 17:09 - 2013-07-17 17:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-17 17:09 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-07-17 17:04 - 2013-07-17 17:05 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Basti\Desktop\mbam-setup-1.75.0.1300.exe
2013-07-16 17:49 - 2013-07-16 17:49 - 00000000 ____D C:\Users\Basti\AppData\Roaming\CrystalIdea Software
2013-07-16 17:37 - 2013-05-16 07:27 - 00594528 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2013-07-16 17:37 - 2013-05-16 07:27 - 00074848 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2013-07-16 15:41 - 2013-07-17 14:28 - 00000372 _____ C:\Windows\error.log
2013-07-16 15:41 - 2013-07-17 14:28 - 00000081 _____ C:\Windows\errord.log
2013-07-16 15:41 - 2013-07-16 17:14 - 00002048 _____ C:\Windows\PFRO.log
2013-07-15 19:30 - 2013-07-15 19:30 - 00000000 ____D C:\Users\Basti\Desktop\201307
2013-07-15 19:24 - 2013-07-15 19:24 - 00000000 ____D C:\Users\Basti\Desktop\Nokia
2013-07-15 19:05 - 2013-07-15 19:05 - 00000000 ____D C:\Users\Basti\AppData\Local\TA_Software
2013-07-15 18:49 - 2013-07-15 18:49 - 00000107 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2013-07-15 18:49 - 2013-07-15 18:49 - 00000000 ____D C:\Users\Basti\AppData\Local\GMap.NET
2013-07-14 17:45 - 2013-07-14 17:59 - 376291535 _____ () C:\Users\Basti\Desktop\777.exe
2013-07-14 16:58 - 2013-07-14 17:33 - 00000000 ____D C:\Users\Basti\Desktop\CDG-V
2013-07-14 15:54 - 2013-07-14 15:54 - 00001912 _____ C:\Users\Public\Desktop\Shortcut to Plan-G v3.03.lnk
2013-07-14 15:53 - 2013-07-14 15:53 - 00000000 ____D C:\Program Files\TA Software
2013-07-14 15:50 - 2013-07-14 15:50 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2013-07-14 14:27 - 2013-07-14 14:27 - 00000000 __SHD C:\found.003
2013-07-13 15:09 - 2013-07-13 15:09 - 00000000 ____D C:\Program Files\dumps
2013-07-13 15:06 - 2013-07-15 16:27 - 00000000 ____D C:\Program Files\Steam
2013-07-12 17:56 - 2013-07-12 17:58 - 08850873 _____ C:\Users\Basti\Desktop\aeu7.zip
2013-07-12 17:56 - 2013-07-12 17:57 - 02927694 _____ C:\Users\Basti\Desktop\aeu8.zip
2013-07-12 17:15 - 2013-07-12 17:15 - 00000000 ____D C:\Program Files\Shockwave 3D Lights Redux for FS9
2013-07-07 18:01 - 2013-05-17 01:08 - 12329984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-07 18:01 - 2013-05-17 00:49 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-07 18:01 - 2013-05-17 00:39 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-07 18:01 - 2013-05-17 00:28 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-07 18:01 - 2013-05-17 00:28 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-07 18:01 - 2013-05-17 00:27 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-07 18:01 - 2013-05-17 00:26 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-07 18:01 - 2013-05-17 00:23 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-07 18:01 - 2013-05-17 00:21 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-07 18:01 - 2013-05-17 00:21 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-07 18:01 - 2013-05-17 00:20 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-07 18:01 - 2013-05-17 00:19 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-07 18:01 - 2013-05-17 00:17 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-07 18:01 - 2013-05-17 00:17 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-07 18:01 - 2013-05-17 00:16 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-07 18:01 - 2013-05-17 00:12 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-07 17:27 - 2012-06-02 16:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2013-07-07 17:27 - 2012-06-02 16:34 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2013-07-07 17:26 - 2012-07-26 05:39 - 00526952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-07-07 17:26 - 2012-07-26 05:39 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-07-07 17:26 - 2012-07-26 05:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2013-07-07 17:26 - 2012-07-26 05:20 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2013-07-07 17:26 - 2012-07-26 05:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2013-07-07 17:26 - 2012-07-26 05:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2013-07-07 17:26 - 2012-07-26 05:20 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2013-07-07 17:26 - 2012-07-26 04:46 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2013-07-07 17:26 - 2012-07-26 04:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2013-07-07 17:26 - 2012-07-26 04:32 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2013-07-07 17:26 - 2009-07-14 14:12 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\winusb.dll
2013-07-07 17:14 - 2012-12-16 15:12 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-07-07 17:14 - 2012-12-16 12:50 - 00293376 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-07-07 17:12 - 2013-04-24 06:00 - 00985600 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-07-07 17:12 - 2013-04-24 06:00 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-07-07 17:12 - 2013-04-24 06:00 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-07-07 17:12 - 2013-04-24 06:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-07-07 17:12 - 2013-04-24 03:46 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-07-07 17:12 - 2012-11-22 05:54 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
2013-07-07 17:12 - 2012-11-02 12:18 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2013-07-07 17:12 - 2012-11-02 10:26 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2013-07-07 17:11 - 2013-05-08 06:37 - 00905576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-07 17:11 - 2013-05-03 00:03 - 03603832 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-07-07 17:11 - 2013-05-03 00:03 - 03551096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-07-07 17:11 - 2013-05-02 06:04 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-07-07 17:11 - 2013-05-02 06:03 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\printcom.dll
2013-07-07 17:11 - 2013-04-17 14:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-07-07 17:11 - 2013-04-15 16:20 - 00638328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-07-07 17:11 - 2013-04-13 12:56 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-07-07 17:11 - 2013-04-09 03:36 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-07 17:11 - 2013-03-09 05:45 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-07-07 17:11 - 2013-03-09 03:28 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-07-07 17:11 - 2013-03-08 05:53 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-07-07 17:11 - 2013-03-08 05:52 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-07-07 17:11 - 2013-03-03 21:07 - 01082232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2013-07-07 17:11 - 2012-11-20 06:22 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-07-07 17:11 - 2012-11-13 03:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-07-07 17:11 - 2012-11-08 05:48 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2013-07-07 17:11 - 2012-11-02 12:19 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2013-07-07 17:11 - 2012-09-28 18:11 - 00892928 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-07-07 17:11 - 2012-08-21 13:47 - 00224640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2013-07-07 17:05 - 2013-02-12 03:57 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2013-07-06 15:56 - 2013-07-06 16:00 - 00262144 _____ C:\Windows\system32\config\elam
2013-07-05 17:22 - 2013-07-05 17:22 - 00000000 ____D C:\Program Files\AGEIA Technologies
2013-07-05 17:07 - 2013-06-21 14:02 - 21102368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2013-07-05 17:07 - 2013-06-21 14:02 - 17560352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-07-05 17:07 - 2013-06-21 14:02 - 13411896 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll
2013-07-05 17:07 - 2013-06-21 14:02 - 09069344 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-07-05 17:07 - 2013-06-21 14:02 - 07687592 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-07-05 17:07 - 2013-06-21 14:02 - 06324360 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-07-05 17:07 - 2013-06-21 14:02 - 02777888 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-07-05 17:07 - 2013-06-21 14:02 - 02002720 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-07-05 17:07 - 2013-06-21 14:02 - 01024288 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3232049.dll
2013-07-05 17:07 - 2013-06-21 14:02 - 00893728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3232049.dll
2013-07-05 17:07 - 2013-06-21 14:02 - 00016437 _____ C:\Windows\system32\nvinfo.pb
2013-07-05 11:10 - 2013-07-05 11:10 - 00000000 ____D C:\Program Files\Common Files\Intel Corporation
2013-07-05 11:07 - 2013-07-05 11:07 - 00000000 ____D C:\Users\Basti\AppData\Roaming\Intel Corporation
2013-07-04 19:16 - 2013-07-04 19:16 - 00000000 __SHD C:\ProgramData\SecuROM
2013-07-04 18:34 - 2013-07-04 19:15 - 00000000 ____D C:\Program Files\Rockstar Games
2013-07-04 16:54 - 2013-07-04 19:16 - 00000000 ____D C:\Users\Basti\AppData\Local\Rockstar Games
2013-07-04 16:45 - 2007-10-22 03:38 - 00077832 _____ (Microsoft Corporation) C:\Windows\system32\GameuxInstallHelper.dll
2013-07-04 16:45 - 2007-10-22 03:37 - 00044552 _____ (Microsoft Corporation) C:\Windows\system32\FirewallInstallHelper.dll
2013-07-04 14:51 - 2013-07-04 14:52 - 00000000 ____D C:\Users\Basti\AppData\Local\Downloader
2013-07-04 14:51 - 2013-07-04 14:51 - 00000000 ____D C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Downloader
2013-07-04 14:51 - 2013-07-04 14:51 - 00000000 ____D C:\Program Files\Downloader
2013-07-04 14:35 - 2013-07-04 14:35 - 00000000 ____D C:\ProgramData\SystemRequirementsLab
2013-07-04 13:45 - 2013-07-04 13:44 - 00263592 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-04 13:45 - 2013-07-04 13:44 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-04 13:45 - 2013-07-04 13:44 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-04 13:45 - 2013-07-04 13:44 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-07-04 13:26 - 2013-07-04 13:26 - 00000000 ____D C:\teac
2013-07-04 13:22 - 2006-11-02 07:21 - 00319456 _____ (Microsoft Corporation) C:\Windows\system32\difxapi.dll
2013-07-04 13:21 - 2013-07-04 13:21 - 00000000 ____D C:\Intel
2013-07-04 13:21 - 2011-11-29 19:30 - 00470808 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys
2013-07-04 12:58 - 2013-02-07 02:17 - 00302392 _____ (Intel Corporation) C:\Windows\system32\PROUnstl.exe
2013-07-04 12:58 - 2006-01-13 00:52 - 00001904 ____N C:\Windows\system32\SetupBD.din
2013-07-04 12:22 - 2008-02-15 17:25 - 00102400 _____ (IDT, Inc.) C:\Windows\system32\stacsv.exe
2013-07-04 12:22 - 2008-02-15 17:22 - 01613824 _____ (IDT, Inc.) C:\Windows\system32\stlang.dll
2013-07-04 12:17 - 2008-02-15 17:27 - 00330752 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt.sys
2013-07-04 12:17 - 2008-02-15 17:26 - 00328704 _____ (IDT, Inc.) C:\Windows\system32\stcplx.dll
2013-07-04 12:17 - 2008-02-15 17:25 - 00527872 _____ (IDT, Inc.) C:\Windows\system32\stapo.dll
2013-07-04 12:17 - 2008-02-15 17:24 - 00150016 _____ (IDT, Inc.) C:\Windows\system32\st325866.dll
2013-07-04 12:17 - 2008-02-15 17:23 - 00312320 _____ (IDT, Inc.) C:\Windows\system32\stapi32.dll
2013-07-04 10:41 - 2013-07-05 11:01 - 00000406 _____ C:\Windows\Tasks\DriverEasy Scheduled Scan.job
2013-07-04 10:41 - 2013-07-04 10:41 - 00000000 ____D C:\Users\Basti\AppData\Roaming\Easeware
2013-07-04 10:40 - 2013-07-04 11:36 - 00000000 ____D C:\Program Files\Easeware
2013-07-04 10:13 - 2013-07-04 10:13 - 00000000 ____D C:\Users\Basti\AppData\Local\DownloadGuide
2013-07-04 09:26 - 2013-07-04 09:30 - 00000000 ____D C:\ProgramData\FreeDriverScout
2013-07-04 09:25 - 2013-07-08 15:27 - 00000000 ____D C:\Program Files\SoftwareUpdater
2013-07-03 21:18 - 2013-07-03 21:18 - 00023456 _____ (Phoenix Technologies) C:\Windows\system32\Drivers\DrvAgent32.sys
2013-07-03 21:18 - 2013-07-03 21:18 - 00000000 ____D C:\Users\Basti\AppData\Local\eSupport.com
2013-07-03 21:15 - 2013-07-04 14:35 - 00000000 ____D C:\Program Files\SystemRequirementsLab
2013-07-02 15:50 - 2013-07-02 15:50 - 00000000 ____D C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiFi
2013-07-02 15:49 - 2013-07-02 15:49 - 00000000 ____D C:\Program Files\HiFi
2013-07-01 07:30 - 2013-07-03 08:50 - 00000000 ____D C:\Users\Basti\Desktop\CDG
2013-06-24 14:44 - 2013-06-24 14:44 - 00000000 ____D C:\Program Files\m-r-software
2013-06-22 12:24 - 2013-06-22 12:25 - 00012905 _____ C:\Users\Basti\Desktop\Safetycardliste.xlsx
2013-06-20 20:32 - 2013-06-21 22:12 - 00000000 ____D C:\Users\Basti\Desktop\UNWETTER
2013-06-20 10:14 - 2013-05-12 23:37 - 01024288 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3232018.dll
2013-06-20 10:14 - 2013-05-12 23:37 - 00893728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3232018.dll
2013-06-20 10:14 - 2013-02-25 07:27 - 00154400 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda32v.sys
2013-06-20 10:14 - 2013-02-25 07:27 - 00028448 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap32.dll

==================== One Month Modified Files and Folders =======

2013-07-17 18:21 - 2013-07-17 18:21 - 01218860 _____ (Farbar) C:\Users\Basti\Desktop\FRST.exe
2013-07-17 18:21 - 2013-07-17 18:21 - 00000000 ____D C:\FRST
2013-07-17 18:21 - 2013-07-17 17:45 - 00001587 _____ C:\Users\Basti\Desktop\TK.txt
2013-07-17 18:21 - 2007-04-17 17:33 - 00000000 ___RD C:\Users\Basti\Desktop
2013-07-17 18:19 - 2009-04-24 11:43 - 00000432 ____H C:\Windows\Tasks\User_Feed_Synchronization-{DB964A1B-A4D5-43AE-A441-0F783DE4A681}.job
2013-07-17 18:13 - 2012-04-29 14:45 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-17 18:07 - 2008-03-11 17:53 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-07-17 17:57 - 2011-04-07 09:19 - 00000000 ____D C:\Users\Basti\AppData\Roaming\Nitro PDF
2013-07-17 17:37 - 2013-07-17 17:37 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2013-07-17 17:34 - 2012-08-06 17:29 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4097939913-10406711-2179208294-1000UA.job
2013-07-17 17:34 - 2012-08-06 17:29 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4097939913-10406711-2179208294-1000Core.job
2013-07-17 17:09 - 2013-07-17 17:09 - 00000902 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-07-17 17:09 - 2013-07-17 17:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-17 17:09 - 2010-08-03 18:39 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-07-17 17:09 - 2006-11-02 13:18 - 00000000 __RHD C:\Users\Public\Desktop
2013-07-17 17:05 - 2013-07-17 17:04 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Basti\Desktop\mbam-setup-1.75.0.1300.exe
2013-07-17 16:28 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-17 16:28 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-17 16:19 - 2012-02-12 11:47 - 01505508 _____ C:\Windows\WindowsUpdate.log
2013-07-17 15:12 - 2006-11-02 12:33 - 01614716 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-17 14:36 - 2006-11-02 14:37 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-07-17 14:28 - 2013-07-16 15:41 - 00000372 _____ C:\Windows\error.log
2013-07-17 14:28 - 2013-07-16 15:41 - 00000081 _____ C:\Windows\errord.log
2013-07-17 14:28 - 2011-03-12 15:43 - 00000000 ____D C:\Windows\system32\logishrd
2013-07-17 14:28 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-16 20:30 - 2006-11-02 15:01 - 00032530 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-16 19:27 - 2007-07-14 07:51 - 00000000 ___RD C:\Users\Basti\Desktop\Programme
2013-07-16 18:01 - 2013-05-16 07:27 - 00044000 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kltdi.sys
2013-07-16 17:49 - 2013-07-16 17:49 - 00000000 ____D C:\Users\Basti\AppData\Roaming\CrystalIdea Software
2013-07-16 17:49 - 2008-03-11 17:51 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2013-07-16 17:45 - 2007-04-17 17:33 - 00000000 ____D C:\Users\Basti
2013-07-16 17:39 - 2009-06-01 09:30 - 00000000 ____D C:\Program Files\Kaspersky Lab
2013-07-16 17:14 - 2013-07-16 15:41 - 00002048 _____ C:\Windows\PFRO.log
2013-07-15 19:30 - 2013-07-15 19:30 - 00000000 ____D C:\Users\Basti\Desktop\201307
2013-07-15 19:24 - 2013-07-15 19:24 - 00000000 ____D C:\Users\Basti\Desktop\Nokia
2013-07-15 19:05 - 2013-07-15 19:05 - 00000000 ____D C:\Users\Basti\AppData\Local\TA_Software
2013-07-15 18:49 - 2013-07-15 18:49 - 00000107 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2013-07-15 18:49 - 2013-07-15 18:49 - 00000000 ____D C:\Users\Basti\AppData\Local\GMap.NET
2013-07-15 16:27 - 2013-07-13 15:06 - 00000000 ____D C:\Program Files\Steam
2013-07-14 17:59 - 2013-07-14 17:45 - 376291535 _____ () C:\Users\Basti\Desktop\777.exe
2013-07-14 17:33 - 2013-07-14 16:58 - 00000000 ____D C:\Users\Basti\Desktop\CDG-V
2013-07-14 15:54 - 2013-07-14 15:54 - 00001912 _____ C:\Users\Public\Desktop\Shortcut to Plan-G v3.03.lnk
2013-07-14 15:53 - 2013-07-14 15:53 - 00000000 ____D C:\Program Files\TA Software
2013-07-14 15:50 - 2013-07-14 15:50 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2013-07-14 15:50 - 2012-09-24 19:09 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2013-07-14 15:47 - 2007-07-17 16:38 - 00000000 ___RD C:\Users\Basti\Desktop\Spiele
2013-07-14 15:28 - 2013-01-08 20:43 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-14 15:28 - 2012-04-24 17:31 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-07-14 14:27 - 2013-07-14 14:27 - 00000000 __SHD C:\found.003
2013-07-13 15:44 - 2008-12-22 21:03 - 00000000 ____D C:\ProgramData\Codemasters
2013-07-13 15:09 - 2013-07-13 15:09 - 00000000 ____D C:\Program Files\dumps
2013-07-13 14:55 - 2008-12-27 18:31 - 00000000 ____D C:\Windows\048298C9A4D3490B9FF9AB023A9238F3.TMP
2013-07-13 14:17 - 2010-06-05 18:28 - 00001052 _____ C:\Windows\Tasks\Google Software Updater.job
2013-07-12 17:58 - 2013-07-12 17:56 - 08850873 _____ C:\Users\Basti\Desktop\aeu7.zip
2013-07-12 17:57 - 2013-07-12 17:56 - 02927694 _____ C:\Users\Basti\Desktop\aeu8.zip
2013-07-12 17:15 - 2013-07-12 17:15 - 00000000 ____D C:\Program Files\Shockwave 3D Lights Redux for FS9
2013-07-09 17:21 - 2012-05-12 17:24 - 00000000 ____D C:\Users\Basti\AppData\Roaming\HpUpdate
2013-07-08 15:27 - 2013-07-04 09:25 - 00000000 ____D C:\Program Files\SoftwareUpdater
2013-07-07 19:50 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\LogFiles
2013-07-07 19:44 - 2009-11-08 18:42 - 00000000 ____D C:\Program Files\CCleaner
2013-07-07 18:59 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-07-07 18:50 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-07-07 18:21 - 2006-11-02 14:47 - 02534160 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-07 18:16 - 2008-02-10 18:59 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-07 18:13 - 2006-11-02 17:31 - 00000000 ____D C:\Windows\system32\Drivers\de-DE
2013-07-07 18:13 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-07-07 18:08 - 2009-03-10 17:05 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-06 16:00 - 2013-07-06 15:56 - 00262144 _____ C:\Windows\system32\config\elam
2013-07-05 17:22 - 2013-07-05 17:22 - 00000000 ____D C:\Program Files\AGEIA Technologies
2013-07-05 17:22 - 2012-10-05 10:45 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-07-05 17:16 - 2012-10-05 10:52 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-05 11:10 - 2013-07-05 11:10 - 00000000 ____D C:\Program Files\Common Files\Intel Corporation
2013-07-05 11:07 - 2013-07-05 11:07 - 00000000 ____D C:\Users\Basti\AppData\Roaming\Intel Corporation
2013-07-05 11:01 - 2013-07-04 10:41 - 00000406 _____ C:\Windows\Tasks\DriverEasy Scheduled Scan.job
2013-07-05 11:01 - 2007-04-13 12:22 - 00000000 ____D C:\Windows\system32\DEU
2013-07-05 11:01 - 2007-04-13 12:21 - 00000000 ____D C:\Program Files\Intel
2013-07-04 19:16 - 2013-07-04 19:16 - 00000000 __SHD C:\ProgramData\SecuROM
2013-07-04 19:16 - 2013-07-04 16:54 - 00000000 ____D C:\Users\Basti\AppData\Local\Rockstar Games
2013-07-04 19:15 - 2013-07-04 18:34 - 00000000 ____D C:\Program Files\Rockstar Games
2013-07-04 19:15 - 2007-04-13 12:21 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-07-04 14:52 - 2013-07-04 14:51 - 00000000 ____D C:\Users\Basti\AppData\Local\Downloader
2013-07-04 14:51 - 2013-07-04 14:51 - 00000000 ____D C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Downloader
2013-07-04 14:51 - 2013-07-04 14:51 - 00000000 ____D C:\Program Files\Downloader
2013-07-04 14:35 - 2013-07-04 14:35 - 00000000 ____D C:\ProgramData\SystemRequirementsLab
2013-07-04 14:35 - 2013-07-03 21:15 - 00000000 ____D C:\Program Files\SystemRequirementsLab
2013-07-04 13:44 - 2013-07-04 13:45 - 00263592 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-04 13:44 - 2013-07-04 13:45 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-04 13:44 - 2013-07-04 13:45 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-04 13:44 - 2013-07-04 13:45 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-07-04 13:44 - 2012-12-14 20:13 - 00867240 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-07-04 13:44 - 2011-08-06 19:38 - 00789416 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-04 13:43 - 2007-04-13 12:21 - 00000000 ____D C:\Program Files\Java
2013-07-04 13:26 - 2013-07-04 13:26 - 00000000 ____D C:\teac
2013-07-04 13:21 - 2013-07-04 13:21 - 00000000 ____D C:\Intel
2013-07-04 11:36 - 2013-07-04 10:40 - 00000000 ____D C:\Program Files\Easeware
2013-07-04 11:24 - 2011-03-13 08:58 - 00195552 _____ C:\Users\Basti\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-04 10:41 - 2013-07-04 10:41 - 00000000 ____D C:\Users\Basti\AppData\Roaming\Easeware
2013-07-04 10:13 - 2013-07-04 10:13 - 00000000 ____D C:\Users\Basti\AppData\Local\DownloadGuide
2013-07-04 09:30 - 2013-07-04 09:26 - 00000000 ____D C:\ProgramData\FreeDriverScout
2013-07-03 21:18 - 2013-07-03 21:18 - 00023456 _____ (Phoenix Technologies) C:\Windows\system32\Drivers\DrvAgent32.sys
2013-07-03 21:18 - 2013-07-03 21:18 - 00000000 ____D C:\Users\Basti\AppData\Local\eSupport.com
2013-07-03 16:19 - 2011-08-02 17:53 - 00002032 _____ C:\Users\Basti\AppData\Local\d3d9caps.dat
2013-07-03 14:37 - 2013-04-20 17:57 - 00000000 ____D C:\Users\Basti\Desktop\SXF aktuell
2013-07-03 08:50 - 2013-07-01 07:30 - 00000000 ____D C:\Users\Basti\Desktop\CDG
2013-07-02 16:13 - 2010-02-03 16:35 - 00000000 ____D C:\Users\Basti\AppData\Local\Deployment
2013-07-02 15:50 - 2013-07-02 15:50 - 00000000 ____D C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiFi
2013-07-02 15:49 - 2013-07-02 15:49 - 00000000 ____D C:\Program Files\HiFi
2013-07-02 15:49 - 2010-01-11 18:31 - 00000000 ____D C:\Users\Basti\AppData\Roaming\HiFi
2013-07-02 15:47 - 2007-07-06 18:32 - 00000000 ____D C:\Windows\Downloaded Installations
2013-06-24 17:11 - 2012-08-05 15:11 - 00000000 ____D C:\Program Files\JDownloader
2013-06-24 14:44 - 2013-06-24 14:44 - 00000000 ____D C:\Program Files\m-r-software
2013-06-23 12:12 - 2013-06-10 14:44 - 00000000 ____D C:\Users\Basti\Desktop\contrails
2013-06-22 12:25 - 2013-06-22 12:24 - 00012905 _____ C:\Users\Basti\Desktop\Safetycardliste.xlsx
2013-06-21 22:12 - 2013-06-20 20:32 - 00000000 ____D C:\Users\Basti\Desktop\UNWETTER
2013-06-21 14:02 - 2013-07-05 17:07 - 21102368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2013-06-21 14:02 - 2013-07-05 17:07 - 17560352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-06-21 14:02 - 2013-07-05 17:07 - 13411896 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll
2013-06-21 14:02 - 2013-07-05 17:07 - 09069344 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-06-21 14:02 - 2013-07-05 17:07 - 07687592 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-06-21 14:02 - 2013-07-05 17:07 - 06324360 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-06-21 14:02 - 2013-07-05 17:07 - 02777888 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-06-21 14:02 - 2013-07-05 17:07 - 02002720 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-06-21 14:02 - 2013-07-05 17:07 - 01024288 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3232049.dll
2013-06-21 14:02 - 2013-07-05 17:07 - 00893728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3232049.dll
2013-06-21 14:02 - 2013-07-05 17:07 - 00016437 _____ C:\Windows\system32\nvinfo.pb
2013-06-21 14:02 - 2012-10-05 10:45 - 12427240 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll
2013-06-21 14:02 - 2012-10-05 10:45 - 02597856 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll
2013-06-21 11:52 - 2011-03-24 00:29 - 04192544 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-06-21 11:52 - 2011-03-24 00:29 - 03045664 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll
2013-06-21 11:52 - 2011-03-24 00:28 - 02555168 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-06-21 11:52 - 2011-03-24 00:28 - 00640288 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-06-21 11:52 - 2011-03-24 00:28 - 00223008 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-06-21 11:52 - 2011-03-24 00:28 - 00062752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-06-20 15:46 - 2010-02-10 20:49 - 00000000 ____D C:\Program Files\SpeedFan
2013-06-20 10:39 - 2012-10-05 10:49 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-06-19 19:14 - 2013-04-14 18:48 - 00000000 ____D C:\Users\Basti\Desktop\TXL aktuell

Files to move or delete:
====================
C:\ProgramData\ezsid.dat
C:\ProgramData\ntuser.dat

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-17 14:46

==================== End Of Log ============================
--- --- ---




Addition.txt:
Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 17-07-2013 02
Ran by Basti at 2013-07-17 18:22:27
Running from C:\Users\Basti\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

 Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer (Version: 7.1.8)
32 bit Windows Card Reader Driver (Version: 1.1.0.0)
A346 Livery Pack
Active Sky Evolution (Version: 12.00.0702)
AdblockIE (Version: 1.2)
Adobe AIR (Version: 3.3.0.3670)
Adobe Community Help (Version: 3.5.23)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Media Player (Version: 0.0.0)
Adobe Media Player (Version: 1.1)
Adobe Photoshop Elements 10 (Version: 10.0)
Adobe Photoshop Elements 6.0 (Version: 6.0)
Adobe Photoshop Elements 7.0 (Version: 7.0)
Adobe Photoshop Elements 9 (Version: 9.0)
Adobe Reader X (10.1.7) - Deutsch (Version: 10.1.7)
Adobe Shockwave Player 11 (Version: 11)
Adobe SVG Viewer (Version: 1.0)
aerofly FS (Version: 1.0.9.11)
Aerosoft's - Aerosoft Launcher (Version: 1.1.0.2)
aerosoft's - Berliner S-Bahn Teil 1
aerosoft's - German Airports 3 - 2012 (Berlin-Tegel FS2004) (Version: 1.02)
aerosoft's - Gibraltar 2004 - FS2004
aerosoft's - Mega Airport Frankfurt - FS2004
aerosoft's - Mega Airport Paris CDG (Version: 1.00)
aerosoft's - Mega Airport Zurich 2012 - FS2004 (Version: 1.01)
aerosoft's - Wonderful Madeira - FS2004
Airbus Series Vol.1 Deluxe (FS2004)
Airlines 2 (Version: 1.00.0000)
Airport Design Editor 9x Version 1.50.18.197 (Version: 1.50.18.197)
Airport Design Editor Beta 1.52.4710 (Version: 1.52.4710)
Airport Design Editor Version 1.20.4.0 (Version: 1.20.4.0)
AirSimmer A320 Basic Edition 1.3 (Version: 1.3)
Alt WAV MP3 WMA OGG Converter 7.3 (Version: 7.3)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
ArcSoft TotalMedia 3.5 (Version: 3.5.28.260)
Ashampoo Burning Studio 2013 v.11.0.5 (Version: 11.0.5)
Ashampoo Internet Accelerator 3.20 (Version: 3.2.0)
Assistant zum Anpassen des Dell-Systems (Version: 1.00.0000)
Audiograbber 1.83 SE  (Version: 1.83 SE)
AutocompletePro
BabylonObjectInstaller (Version: 2.0.0.3)
Battlefield 2(TM)
Berlin Brandenburg International
Blender (Version: 2.63-release)
Bonjour (Version: 3.0.0.10)
Brisbane Airport 2009 (Version: 1.0)
CameraHelperMsi (Version: 13.00.1774.0)
Carenado's C172N Skyhawk II FS2004
Catalyst Control Center - Branding (Version: 1.00.0000)
CCleaner (Version: 4.03)
CD-Autostart-Manager (Version: 3.00.0000)
COMPUTERBILD-Abzockschutz (Version: 1.0.36)
Convert AVI to MP4 1.3
CPUID CPU-Z 1.62
CrashBak
Crawler 3D Aquarium Screensaver (Version: 4.2.5.63)
CrystalDiskInfo 5.4.2 (Version: 5.4.2)
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.40.2.0131)
DATA BECKER web to date 5
Debut Video Capture Software
Dell Dock (Version: 2.0)
DellSupport (Version: 6.0.3030)
Dfine 2.0 (Version: 2.1.1.2)
DH Driver Cleaner Professional Edition (Version: Version 1.5)
Dream Aquarium
DriverEasy 4.5.2 (Version: 4.5.2.0)
Dual-Core Optimizer (Version: 1.1.4.0169)
DUBAÏ 2004
DUBAÏ landclass
DUBAÏ mesh
Duden Rechtschreibtrainer (Version: 1.0)
DVB-T USB 2.0
Elements 9 Organizer (Version: 9.0)
Elements STI Installer (Version: 1.0)
erLT (Version: 1.20.138.34)
Euro Truck Simulator 1.00 (Version: 1.00)
EVEREST Ultimate Edition v5.30 (Version: 5.30)
F1 2012
Facebook Messenger 2.1.4814.0 (Version: 2.1.4814.0)
FeelThere E-Jets v.2
FileZilla Client 3.7.0.1 (Version: 3.7.0.1)
FILSHtray (Version: 0.12)
Firebird SQL Server - MAGIX Edition (Version: 2.1.31.0)
FlatOut2 (Version: 1.00.0000)
Fliegensaver
Flight Info 1.0.3 (Version: 1.0.3)
FLV Player 2.0, build 24 (Version: 2.0, build 24)
Fly-Honduras (Version: 2.00)
FormatFactory 2.70 (Version: 2.70)
Fraps (remove only)
Free FLV Converter V 6.7.4 (Version: 6.7.4.0)
Free iPod Video Converter 1.34
Free ISO Creator version 2.8 (Version: 1.2)
Free Pascal 2.2.4
Free YouTube Download version 3.0.18.1123
Free YouTube to MP3 Converter version 3.11.35.1031 (Version: 3.11.35.1031)
Freemake Video Converter Version 3.2.1 (Version: 3.2.1)
FSGenesis NEXTMap Germany 19m Terrain Mesh for FS2004 (Version: 1.0.0)
FSWidgets - Network Pack (Version: Version 1.41)
GAD-Berlin Afcad files
Game Booster 3 (Version: 3.4)
Gigaget
GIMP 2.6.8
gmax (Version: 4.4.0.125)
GolfTacks
Google Earth (Version: 7.0.1.8244)
Google SketchUp 8 (Version: 3.0.4993)
Google Updater (Version: 2.4.2432.1652)
Grand Theft Auto IV
Grand Theft Auto IV (Version: 1.0.0013.131)
GutscheinRausch.de - AddOn für Firefox (Version: 2.81)
Hamster Ball
HandBrake 0.9.5 (Version: 0.9.5)
HijackThis 2.0.2 (Version: 2.0.2)
Holding Pattern Coach Class Screen Saver
HP Customer Participation Program 8.0 (Version: 8.0)
HP Imaging Device Functions 8.0 (Version: 8.0)
HP OCR Software 8.0 (Version: 8.0)
HP Photosmart Essential (Version: 1.12.0.46)
HP Photosmart.All-In-One Driver Software 8.0 .A (Version: 8.0)
HP Product Assistant (Version: 100.000.001.000)
HP Solution Center 8.0 (Version: 8.0)
HP Update (Version: 5.003.001.001)
HPDiagnosticAlert (Version: 1.00.0000)
HPSSupply (Version: 2.1.3.0000)
iClone SE (Version: 2.1)
IconManager
Install Creator Pro
Intel(R) Control Center (Version: 1.2.1.1007)
Intel(R) Network Connections 18.1.59.0 (Version: 18.1.59.0)
Intel(R) Rapid Storage Technology (Version: 11.0.0.1032)
IrfanView (remove only)
IsoBuster 2.8.5 (Version: 2.8.5)
iTunes (Version: 10.6.3.25)
iZ3D Driver Remove (Version: 1.12(3994))
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Java(TM) 6 Update 26 (Version: 6.0.260)
Java(TM) 6 Update 7 (Version: 1.6.0.70)
Java(TM) SE Runtime Environment 6 (Version: 1.6.0.0)
JDownloader 0.9 (Version: 0.9)
JoJoSaver 2.2.0 (Version: 2.2)
Junk Mail filter update (Version: 15.4.3502.0922)
Kaspersky Internet Security 2013 (Version: 13.0.1.4190)
Landscape Germany Landclass
Legacy 'The Luxury Aircraft Collection'
LEGO Digital Designer
LetsTrade Komponenten
LiveMath Plug-In & ActiveX 3.5.9 [U18] - August 2008 (Version: 3.5.9 [U18] - August 2008)
Logitech Webcam Software (Version: 2.0)
LogonStudio Vista
LWS Facebook (Version: 13.00.1777.0)
LWS Gallery (Version: 13.00.1778.0)
LWS Help_main (Version: 13.00.1783.0)
LWS Launcher (Version: 13.00.1776.0)
LWS Motion Detection (Version: 13.00.1778.0)
LWS Pictures And Video (Version: 13.00.1778.0)
LWS Video Mask Maker (Version: 13.00.1774.0)
LWS VideoEffects (Version: 13.00.1774.0)
LWS Webcam Software (Version: 13.00.1774.0)
LWS WLM Plugin (Version: 1.00.1774.0)
LWS YouTube Plugin (Version: 13.00.1777.0)
MAGIX Foto Designer 7 (Version: 7.0.1.1)
MAGIX Fotobuch 3.6 (Version: 3.6)
MAGIX Goya burnR 1.3.1.3 (D) (Version: 1.3.1.3)
MAGIX Music Maker 17 (Version: 17.0.2.30)
MAGIX Online Druck Service 2.3.2.0 (D) (Version: 2.3.2.0)
MAGIX Screenshare (Version: 4.3.6.1987)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6)
MAGIX Video deluxe 17 Premium Download-Version (Version: 10.0.1.14)
MAGIX Video deluxe 2008 PLUS 7.5.2.10 (D) (Version: 7.5.2.10)
MAGIX Web Designer 6 (Version: 6.0.1.14443)
MAGIX Xtreme Foto Designer 6 6.0.24.0 (D) (Version: 6.0.24.0)
MakeMe3D (Version: 1.2.11.1100)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Maps2Bgl 1.8b Beta FS9/FSX-Version
Media Preview (Version: 1.2.5.264)
MediaCoder 0.6.1 (Version: 0.6.1)
Meerwasser-Aquarium 3D (Version: 1.0D)
Messenger Plus! Live (Version: 4.90.0.392)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Flight Simulator 2004 - Das Jahrhundert der Luftfahrt (Version: 9.0)
Microsoft Flight Simulator SimConnect Client v10.0.60905.0 (Version: 10.0.60905.0)
Microsoft Flight Simulator X (Version: 1.00.0000)
Microsoft Flight Simulator X (Version: 10.0.60905)
Microsoft Flight Simulator X Demo (Version: 1.00.0000)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel Viewer (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Reader Text-to-Speech deutsch (Version: 01.00.0000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft Train Simulator
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Windows Media Video 9 VCM
Microsoft Word 97
Microsoft Works (Version: 08.05.0822)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
MotoGP URT 3
Mozilla Firefox 23.0 (x86 de) (Version: 23.0)
Mozilla Maintenance Service (Version: 23.0)
MSVC80_x86 (Version: 1.0.1.0)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVC90_x86 (Version: 1.0.1.2)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser und SDK (Version: 4.20.9818.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Navigraph nDAC 3 (Version: 3.0.7.2)
Neat Image v7.0 Demo Standalone
Neat Image v7.3.0 Demo plug-in for Photoshop
Nero Digital
Nitro PDF Reader (Version: 1.4.0.11)
Nokia Connectivity Cable Driver (Version: 7.1.45.0)
Nokia Map Loader (Version: 3.0.22)
Nokia Map Manager (Version: 1.1.0)
Nokia Ovi Suite (Version: 3.1.1.90)
Nokia Ovi Suite Software Updater (Version: 02.07.004.45780)
Nokia PC Suite (Version: 7.1.18.0)
Notepad++ (Version: 6.3)
Nuclear Coffee - VideoGet
Numedia CD-DVD writing as non-admin user (Version: 1.0.0)
NVIDIA 3D Vision Controller Driver (Version: 267.67)
NVIDIA 3D Vision Controller-Treiber 320.49 (Version: 320.49)
NVIDIA GeForce Experience 1.5 (Version: 1.5)
NVIDIA Grafiktreiber 320.49 (Version: 320.49)
NVIDIA HD-Audiotreiber 1.3.24.2 (Version: 1.3.24.2)
NVIDIA Install Application (Version: 2.1002.124.810)
NVIDIA PhysX (Version: 9.13.0604)
NVIDIA PhysX-Systemsoftware 9.13.0604 (Version: 9.13.0604)
NVIDIA Systemsteuerung 320.49 (Version: 320.49)
NVIDIA Update 4.11.9 (Version: 4.11.9)
NVIDIA Update Components (Version: 4.11.9)
OMSI - Der Omnibussimulator (Version: 1.01)
OMSI Addon Manager Version 1.2.4 (Version: 1.2.4)
oneworld Screensaver
OpenAL
Opera 12.13 (Version: 12.13.1734)
Ovi Desktop Sync Engine (Version: 1.5.266.0)
OviMPlatform (Version: 2.7.72.0)
Paint.NET v3.5.8 (Version: 3.58.0)
PC Connectivity Solution (Version: 11.4.21.0)
PC Inspector File Recovery (Version: 4.0)
PC Rambazamba (Version: 1.00.0000)
PC VGA Camera (Version: 1.0.2.13)
PC Wizard 2010.1.94
PC-Bibliothek
PDF24 Creator 5.2.0
PixiePack Codec Pack (Version: 1.1.400.0)
Plan-G v3 (Version: 3.0.3)
ProtectDisc Driver, Version 11 (Version: 11.0.0.10)
ProTrain 28 "Durch den Berliner Speckgürtel" 1.0 (Version: 1.0)
PSE10 STI Installer (Version: 10.0)
PSS Boeing 777 Multipack
QuickTime (Version: 7.71.80.42)
RACE 07 Offline
Real Environment Xtreme FS2004 (Version: 1.0.8)
RealFlight G5 Demo (Version: 1.00.0000)
RealPlayer
Registry Backup v1.0
Registry Medic 2008
Roxio Creator Audio (Version: 3.3.0)
Roxio Creator BDAV Plugin (Version: 3.3.0)
Roxio Creator Copy (Version: 3.3.0)
Roxio Creator Data (Version: 3.3.0)
Roxio Creator DE (Version: 3.3.0)
Roxio Creator Tools (Version: 3.3.0)
Roxio Drag-to-Disc (Version: 9.0)
Roxio Express Labeler (Version: 2.1.0)
Roxio MyDVD DE (Version: 9.0.116)
Roxio Update Manager (Version: 3.0.0)
Saitek SD6 Programming Software 6.0.7.0 (Version: 6.0.7.0)
saver01
Segoe UI (Version: 15.4.2271.0615)
SigmaTel Audio (Version: 5.10.5210.0)
SimCity 4 Deluxe
SketchUp Viewer (Version: 5.0)
Skype™ 6.0 (Version: 6.0.126)
SL-6632 Dark Tornado Joystick (Version: 1.00.0000)
SMPlayer 0.8.3 (Version: 0.8.3)
Sonic Activation Module (Version: 1.0)
SpeedFan (remove only)
Spelling Dictionaries Support For Adobe Reader 8 (Version: 8.0.0)
Splinter Cell Pandora Tomorrow (Version: 1.00.000)
Spot2Log (Version: 2.1)
Spotify (HKCU Version: 0.8.4.124.ga3559d86)
St.Maarten photoreal FS9/FSX V.1.0
STANLY Track EDDB
StartSearch Toolbar 1.3 (Version: 1.3)
Steam (Version: 1.0.0.0)
SUPERAntiSpyware (Version: 4.40.1002)
Switch Sound File Converter
swix (Version: 3.3)
SYBEX Lexikon der 1000 Flugzeuge
System Requirements Lab CYRI (Version: 6.0.3.0)
System Requirements Lab Detection (Version: 1.0.5.0)
TeamViewer 8 (Version: 8.0.16642)
Text-To-Speech-Runtime (Version: 1.0.0.0)
TOPCAT 2.70 - Take-Off and Landing Performance Calculation Tool (Version: 2.70)
Trainz: Engineer's Edition
TrueGrass
TSR Watermark Image software version 2.3.3.2 - Free version
TSS Airbus CFM56 5B FS2004
TuneUp Utilities 2012 (Version: 12.0.3500.13)
Tunngle beta
UK2000 Bristol Free FS9  (Version: 3.04)
UK2000 Heathrow Xtreme Free FS9  (Version: 2.11)
UK2000 London City Xtreme FS9  (Version: 1.00)
Universal Extractor 1.6.1 (Version: 1.6.1)
Universal Maps Downloader 6.0
Unlocker 1.9.1 (Version: 1.9.1)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817327) 32-Bit Edition
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Outlook 2007 Help (KB963677)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
URL Assistant
USB RACING WHEEL
vBus
VC_CRT_x86 (Version: 1.02.0000)
ViGlance (Version: 1001275)
VirtualDJ Home FREE (Version: 7.0.5)
VistaGlazz 2.4 (Version: 2.4)
Vistaprint Fotobücher
VLC media player 2.0.6 (Version: 2.0.6)
vroute.info (HKCU Version: 1.0.7.5)
Wajam (Version: 1.45)
Wallpaper Juggler 2.2
Weather Engine 1.0a
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows-Treiberpaket - Nokia Modem  (05/22/2008 3.8) (Version: 05/22/2008 3.8)
Windows-Treiberpaket - Nokia Modem  (05/22/2008 7.00.0.1) (Version: 05/22/2008 7.00.0.1)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
WinRAR
World of Subways Vol.2 (Version: 1.00)
Yontoo 1.10.03 (Version: 1.10.03)
YoWindow (Version: 3)
Zero Assumption Recovery Version 9
 

==================== Restore Points  =========================

16-07-2013 15:04:50 Entfernte(s) Kaspersky Internet Security 2013.
16-07-2013 15:38:11 First Restore Point
16-07-2013 15:41:29 Gerätetreiber-Paketinstallation: Kaspersky Lab Netzwerkdienst

==================== Hosts content: ==========================

2006-11-02 12:23 - 2009-08-23 10:56 - 00001243 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost
127.0.0.1                                activate.adobe.com
127.0.0.1                                practivate.adobe.com
127.0.0.1                                ereg.adobe.com
127.0.0.1                                activate.wip3.adobe.com
127.0.0.1                                wip3.adobe.com
127.0.0.1                                3dns-3.adobe.com
127.0.0.1                                3dns-2.adobe.com
127.0.0.1                                adobe-dns.adobe.com
127.0.0.1                                adobe-dns-2.adobe.com
127.0.0.1                                adobe-dns-3.adobe.com
127.0.0.1                                ereg.wip3.adobe.com
127.0.0.1                                activate-sea.adobe.com
127.0.0.1                                wwis-dubc1-vip60.adobe.com
127.0.0.1                                activate-sjc0.adobe.com


==================== Scheduled Tasks (whitelisted) =============

Task: {06E37EE9-BECB-4B1E-A579-C9A5DF8E167B} - System32\Tasks\Your File Updater => C:\Program Files\YourFileDownloader\YourFileUpdater.exe No File
Task: {1796AAFD-D0B8-463B-93DB-650DF52B75A1} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => C:\Program Files\TuneUp Utilities 2012\OneClick.exe [2012-04-05] (TuneUp Software)
Task: {1980EE1A-C3E1-4F54-9FF8-DB01A1E80ECF} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-18] (Microsoft Corp.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {434A6CFC-CCF6-49DF-A6AC-8D1CA72C29A3} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-18] (Microsoft Corporation)
Task: {4CB13415-3E92-4799-B3A1-B4DDE6C926B1} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {4CBDC86C-065A-42D9-932D-F447A0F5494F} - System32\Tasks\FreeDriverScout => C:\Program Files\Covus Freemium\Free Driver Scout\1Click.exe No File
Task: {52987533-47A0-4B2F-9384-C30C03231F61} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated)
Task: {5AA61CE3-0440-43AE-838C-399EFEA0B125} - System32\Tasks\{CE214DCD-F8B7-47B6-8C04-BC7E35B4A955} => c:\program files\mozilla firefox\firefox.exe [2013-07-14] (Mozilla Corporation)
Task: {5BA0E153-8C3F-46B3-810B-504257AEB9ED} - System32\Tasks\Microsoft\Windows\RestartManager\{652E637E-4E27-489f-8ACA-7F32174D8E1A} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {5CF84249-AB0D-4708-A4FD-58FB87393E60} - System32\Tasks\PC Rambazamba => C:\Program Files\Langmeier Software\PC Rambazamba\pcrambazamba.exe No File
Task: {67570AA5-3216-40B0-BF90-8421F26FED19} - System32\Tasks\User_Feed_Synchronization-{C89AA426-5FE7-482E-AE7A-7FD976767BC7} => C:\Windows\system32\msfeedssync.exe [2012-12-03] (Microsoft Corporation)
Task: {69A2E240-DDC1-43D2-B7F7-A045881B26D0} - System32\Tasks\{2EFF2439-B936-4A17-8232-3D56FA80C812} => c:\program files\mozilla firefox\firefox.exe [2013-07-14] (Mozilla Corporation)
Task: {6E636D21-3442-495B-A5B0-BD2AC436FEF0} - System32\Tasks\InstallShield Software-Aktualisierungsdienst => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2006-05-16] (Macrovision Corporation)
Task: {716246EB-A68F-4A9E-B8F0-25CFE30ED54E} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-18] (Microsoft Corporation)
Task: {7350C5B5-D7C7-4521-AE5B-24BE17F030D7} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe [2013-06-08] ()
Task: {8832F1D2-A813-4CFE-AA68-42093A0A591E} - System32\Tasks\{61F7FB4A-4174-4832-9DB5-16855100B9BD} => c:\program files\mozilla firefox\firefox.exe [2013-07-14] (Mozilla Corporation)
Task: {904B5149-D516-49BC-BFAF-A017AD3FB7D2} - System32\Tasks\Software Updater Ui => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Ui.exe [2013-07-04] ()
Task: {94688B98-36EE-412F-AB0F-F572B1E2F52A} - \Software Updater No Task File
Task: {97867717-E25F-4FAF-9FEB-A34EEEC7B055} - System32\Tasks\User_Feed_Synchronization-{DB964A1B-A4D5-43AE-A441-0F783DE4A681} => C:\Windows\system32\msfeedssync.exe [2012-12-03] (Microsoft Corporation)
Task: {9A2E0D59-28BD-4535-9C70-4C14FABF655E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-18] (Microsoft Corporation)
Task: {AF0BF661-4FDE-49FA-A0F0-204A076BAC9C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4097939913-10406711-2179208294-1000UA => C:\Users\Basti\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-06] (Facebook Inc.)
Task: {AFC1C4F2-B555-45C3-B70C-CEAD9C544DFA} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files\HP\C4180\HP Software Update\HPWuSchd2.exe [2006-12-10] (Hewlett-Packard Co.)
Task: {BADF337F-A206-438D-A327-10101E332C08} - System32\Tasks\Microsoft\Windows\RestartManager\{C2FBF4B4-325F-4c5c-84AB-F97B26383A01} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {C07E163E-A69F-4B83-A463-BB880205E91A} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {C5DC9E12-9778-44A4-9B34-4FF3082D005A} - System32\Tasks\InstallShield Software-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-05-16] (Macrovision Corporation)
Task: {DF871F59-E624-4EB1-8615-EEA2A084A12B} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2013-05-29] (Easeware)
Task: {E284F49D-8794-43D4-BF61-89E67725B529} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-12] (Google)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {E9C770E1-3FB7-462D-B1C1-00D057BF63A9} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {EAE0344B-AA85-4188-A800-2D803CAC5BB8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4097939913-10406711-2179208294-1000Core => C:\Users\Basti\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-06] (Facebook Inc.)
Task: {FCB396C3-93ED-486F-8399-51A12BD3E8B8} - \Microsoft\Windows Defender\MP Scheduled Scan No Task File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4097939913-10406711-2179208294-1000Core.job => C:\Users\Basti\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4097939913-10406711-2179208294-1000UA.job => C:\Users\Basti\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{DB964A1B-A4D5-43AE-A441-0F783DE4A681}.job => C:\Windows\system32\msfeedssync.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/17/2013 06:01:52 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung avp.exe, Version 13.0.1.4210, Zeitstempel 0x509157b4, fehlerhaftes Modul NTMARTA.DLL, Version 6.0.6002.18005, Zeitstempel 0x49e03833, Ausnahmecode 0xc0000005, Fehleroffset 0x0000b015,
Prozess-ID 0x1e80, Anwendungsstartzeit avp.exe0.

Error: (07/17/2013 05:57:59 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung avp.exe, Version 13.0.1.4210, Zeitstempel 0x509157b4, fehlerhaftes Modul NTMARTA.DLL, Version 6.0.6002.18005, Zeitstempel 0x49e03833, Ausnahmecode 0xc0000005, Fehleroffset 0x0000b015,
Prozess-ID 0x16a8, Anwendungsstartzeit avp.exe0.

Error: (07/17/2013 05:54:12 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung avp.exe, Version 13.0.1.4210, Zeitstempel 0x509157b4, fehlerhaftes Modul NTMARTA.DLL, Version 6.0.6002.18005, Zeitstempel 0x49e03833, Ausnahmecode 0xc0000005, Fehleroffset 0x0000b015,
Prozess-ID 0x1c98, Anwendungsstartzeit avp.exe0.

Error: (07/17/2013 05:45:32 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung mbam.exe, Version 1.75.0.1, Zeitstempel 0x511f8eb2, fehlerhaftes Modul NTMARTA.DLL, Version 6.0.6002.18005, Zeitstempel 0x49e03833, Ausnahmecode 0xc0000005, Fehleroffset 0x00008e5c,
Prozess-ID 0xda8, Anwendungsstartzeit mbam.exe0.

Error: (07/17/2013 05:36:48 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung mbam.exe, Version 1.75.0.1, Zeitstempel 0x511f8eb2, fehlerhaftes Modul NTMARTA.DLL, Version 6.0.6002.18005, Zeitstempel 0x49e03833, Ausnahmecode 0xc0000005, Fehleroffset 0x00008e5c,
Prozess-ID 0x1d58, Anwendungsstartzeit mbam.exe0.

Error: (07/16/2013 05:37:43 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {2a0b18d1-95d2-4788-b43a-c00093971026}

Error: (07/15/2013 05:29:16 PM) (Source:  ) (User: )
Description: 7

Error: (07/15/2013 05:29:16 PM) (Source:  ) (User: )
Description: 6

Error: (07/15/2013 04:49:27 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.FlightSimulator.SimConnect ,processorArchitecture="x86",publicKeyToken="67c7c14424d61b5b",type="win32",version="10.0.61242.0"1".
Die abhängige Assemblierung "Microsoft.FlightSimulator.SimConnect ,processorArchitecture="x86",publicKeyToken="67c7c14424d61b5b",type="win32",version="10.0.61242.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/15/2013 04:40:17 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung firefox.exe, Version 23.0.0.4940, Zeitstempel 0x51df3ed4, fehlerhaftes Modul xul.dll, Version 23.0.0.4940, Zeitstempel 0x51df3dea, Ausnahmecode 0xc0000005, Fehleroffset 0x00113ee8,
Prozess-ID 0x11a0, Anwendungsstartzeit firefox.exe0.


System errors:
=============
Error: (07/17/2013 06:22:26 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie chkdsk auf Volume "C:" aus.

Error: (07/17/2013 06:22:25 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie chkdsk auf Volume "C:" aus.

Error: (07/17/2013 06:22:25 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie chkdsk auf Volume "C:" aus.

Error: (07/17/2013 06:22:25 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie chkdsk auf Volume "OS" aus.

Error: (07/17/2013 06:22:25 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie chkdsk auf Volume "C:" aus.

Error: (07/17/2013 06:22:21 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie chkdsk auf Volume "OS" aus.

Error: (07/17/2013 06:22:21 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie chkdsk auf Volume "C:" aus.

Error: (07/17/2013 06:22:20 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie chkdsk auf Volume "OS" aus.

Error: (07/17/2013 06:22:20 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie chkdsk auf Volume "C:" aus.

Error: (07/17/2013 06:08:12 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie chkdsk auf Volume "OS" aus.


Microsoft Office Sessions:
=========================
Error: (07/28/2012 09:58:04 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1813 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (06/26/2012 08:39:50 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 10635 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (06/18/2012 05:31:09 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 11963 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (12/01/2011 05:55:02 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 14629 seconds with 240 seconds of active time.  This session ended with a crash.

Error: (10/13/2011 04:15:25 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1035 seconds with 540 seconds of active time.  This session ended with a crash.

Error: (07/02/2011 11:51:22 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 3860 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (12/13/2010 06:30:59 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 24 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (12/30/2009 01:39:32 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 5 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (12/23/2009 00:16:12 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 4 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (12/16/2009 08:09:12 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 4 seconds with 0 seconds of active time.  This session ended with a crash.


==================== Memory info ===========================

Percentage of memory in use: 53%
Total physical RAM: 3069.21 MB
Available physical RAM: 1414.32 MB
Total Pagefile: 19355.43 MB
Available Pagefile: 17604.07 MB
Total Virtual: 2047.88 MB
Available Virtual: 1903.55 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:288.04 GB) (Free:53.27 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:6.4 GB) NTFS
Drive e: (FS_DISC4) (CDROM) (Total:0.62 GB) (Free:0 GB) CDFS
Drive k: (Elements) (Fixed) (Total:931.51 GB) (Free:385.67 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 58000000)
Partition 1: (Not Active) - (Size=55 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=288 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (MBR Code: Windows XP) (Size: 932 GB) (Disk ID: 000F4C21)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================

DerJazzer 17.07.2013 17:37
Bitte poste poste mir (falls vorhanden) das MBAM-Log mit den Funden.

Das Log erscheint mir unauffällig, bis auf die 777.exe auf deinem Desktop. Was'n das?

Schritt 1

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.


Schritt 2

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



Schritt 3

Downloade dir bitte Farbar Service Scanner Farbar Service Scanner
  • Starte das Tool mit Doppelklick auf die FSS.exe
  • Gehe sicher, dass folgende Optionen angehakt sind.
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Klicke auf Scan.
  • Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.




Bitte poste in deiner nächsten Antwort
  • Antwort auf meine Frage
  • MBAM-Log mit den Funden
  • TDSSKiller-Log
  • AswMBR-Log
  • FSS.txt

Basti1995 17.07.2013 18:21
Hi,

ich kann nicht mal mehr Objekte in einen Ordner verschieben oder etwas löschen! (explorer.exe funktioniert nicht mehr)

Die 777.exe ist sauber! Das ist ein Addon für einen Flugsimulator.

Das Logfile von TDSSKiller:

Code:
19:07:21.0061 6360  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:07:21.0296 6360  ============================================================
19:07:21.0296 6360  Current date / time: 2013/07/17 19:07:21.0296
19:07:21.0296 6360  SystemInfo:
19:07:21.0296 6360 
19:07:21.0296 6360  OS Version: 6.0.6002 ServicePack: 2.0
19:07:21.0297 6360  Product type: Workstation
19:07:21.0297 6360  ComputerName: BASTI-PC
19:07:21.0297 6360  UserName: Basti
19:07:21.0297 6360  Windows directory: C:\Windows
19:07:21.0297 6360  System windows directory: C:\Windows
19:07:21.0297 6360  Processor architecture: Intel x86
19:07:21.0297 6360  Number of processors: 2
19:07:21.0297 6360  Page size: 0x1000
19:07:21.0297 6360  Boot type: Normal boot
19:07:21.0297 6360  ============================================================
19:07:21.0851 6360  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:07:21.0931 6360  Drive \Device\Harddisk5\DR5 - Size: 0xE8E0B00000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB00, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:07:21.0946 6360  ============================================================
19:07:21.0946 6360  \Device\Harddisk0\DR0:
19:07:21.0995 6360  MBR partitions:
19:07:21.0995 6360  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B800, BlocksNum 0x1400000
19:07:21.0995 6360  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x141B800, BlocksNum 0x24012800
19:07:21.0995 6360  \Device\Harddisk5\DR5:
19:07:21.0996 6360  MBR partitions:
19:07:21.0996 6360  \Device\Harddisk5\DR5\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705000
19:07:21.0996 6360  ============================================================
19:07:34.0646 6360  C: <-> \Device\Harddisk0\DR0\Partition2
19:07:34.0744 6360  D: <-> \Device\Harddisk0\DR0\Partition1
19:07:35.0285 6360  K: <-> \Device\Harddisk5\DR5\Partition1
19:07:35.0286 6360  ============================================================
19:07:35.0286 6360  Initialize success
19:07:35.0286 6360  ============================================================
19:07:39.0169 6956  ============================================================
19:07:39.0169 6956  Scan started
19:07:39.0169 6956  Mode: Manual;
19:07:39.0169 6956  ============================================================
19:07:39.0997 6956  ================ Scan system memory ========================
19:07:39.0997 6956  System memory - ok
19:07:39.0997 6956  ================ Scan services =============================
19:07:40.0374 6956  [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon        C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
19:07:40.0401 6956  ACDaemon - ok
19:07:40.0695 6956  [ 4E5451DD0AEC8504D7F8030DD2D4C416 ] ACEDRV07        C:\Windows\system32\drivers\ACEDRV07.sys
19:07:40.0697 6956  ACEDRV07 - ok
19:07:40.0733 6956  [ DA06D89CDFDD0D24DE75165CF6D4270B ] ACEDRV08        C:\Windows\system32\drivers\ACEDRV08.sys
19:07:40.0735 6956  ACEDRV08 - ok
19:07:40.0774 6956  [ EC818AED40E3359FE49DDB1700151E56 ] ACEDRV09        C:\Windows\system32\drivers\ACEDRV09.sys
19:07:40.0776 6956  ACEDRV09 - ok
19:07:40.0847 6956  [ 66DC3740111238C91B875D8A0021834D ] acedrv11        C:\Windows\system32\drivers\acedrv11.sys
19:07:40.0861 6956  acedrv11 - ok
19:07:40.0897 6956  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
19:07:40.0901 6956  ACPI - ok
19:07:40.0928 6956  adfs - ok
19:07:41.0081 6956  [ C245E08EC469A52A622EFDC9787A0DCC ] AdobeActiveFileMonitor10.0 C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
19:07:41.0084 6956  AdobeActiveFileMonitor10.0 - ok
19:07:41.0216 6956  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:07:41.0218 6956  AdobeARMservice - ok
19:07:41.0288 6956  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:07:41.0292 6956  AdobeFlashPlayerUpdateSvc - ok
19:07:41.0345 6956  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx        C:\Windows\system32\drivers\adp94xx.sys
19:07:41.0352 6956  adp94xx - ok
19:07:41.0404 6956  [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci        C:\Windows\system32\drivers\adpahci.sys
19:07:41.0408 6956  adpahci - ok
19:07:41.0436 6956  [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
19:07:41.0457 6956  adpu160m - ok
19:07:41.0496 6956  [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320        C:\Windows\system32\drivers\adpu320.sys
19:07:41.0499 6956  adpu320 - ok
19:07:41.0546 6956  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
19:07:41.0547 6956  AeLookupSvc - ok
19:07:41.0583 6956  [ FE3EA6E9AFC1A78E6EDCA121E006AFB7 ] Afc            C:\Windows\system32\drivers\Afc.sys
19:07:41.0584 6956  Afc - ok
19:07:41.0621 6956  [ 3911B972B55FEA0478476B2E777B29FA ] AFD            C:\Windows\system32\drivers\afd.sys
19:07:41.0626 6956  AFD - ok
19:07:41.0652 6956  [ 8B10CE1C1F9F1D47E4DEB1A547A00CD4 ] agp440          C:\Windows\system32\drivers\agp440.sys
19:07:41.0654 6956  agp440 - ok
19:07:41.0686 6956  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx        C:\Windows\system32\drivers\djsvs.sys
19:07:41.0688 6956  aic78xx - ok
19:07:41.0757 6956  [ A1545B731579895D8CC44FC0481C1192 ] ALG            C:\Windows\System32\alg.exe
19:07:41.0779 6956  ALG - ok
19:07:41.0801 6956  [ 3A99CB23A2D326FD532618705D6E3048 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:07:41.0801 6956  aliide - ok
19:07:41.0816 6956  [ 848F27E5B27C1C253F6CEFDC1A5D8F21 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
19:07:41.0817 6956  amdagp - ok
19:07:41.0845 6956  [ 4333C133DBD71C7D7FE4FB1B83F9EE3E ] amdide          C:\Windows\system32\drivers\amdide.sys
19:07:41.0846 6956  amdide - ok
19:07:41.0864 6956  [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7          C:\Windows\system32\drivers\amdk7.sys
19:07:41.0865 6956  AmdK7 - ok
19:07:41.0892 6956  [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8          C:\Windows\system32\drivers\amdk8.sys
19:07:41.0894 6956  AmdK8 - ok
19:07:41.0931 6956  [ AD8FA28D8ED0D0A689A0559085CE0F18 ] AmdLLD          C:\Windows\system32\DRIVERS\AmdLLD.sys
19:07:41.0932 6956  AmdLLD - ok
19:07:42.0008 6956  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo        C:\Windows\System32\appinfo.dll
19:07:42.0009 6956  Appinfo - ok
19:07:42.0064 6956  [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:07:42.0065 6956  Apple Mobile Device - ok
19:07:42.0109 6956  [ 5F673180268BB1FDB69C99B6619FE379 ] arc            C:\Windows\system32\drivers\arc.sys
19:07:42.0111 6956  arc - ok
19:07:42.0155 6956  [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:07:42.0157 6956  arcsas - ok
19:07:42.0261 6956  [ E54E27976E2C5A6465D44C10B1D87AC0 ] ASPI            C:\Windows\System32\DRIVERS\ASPI32.sys
19:07:42.0262 6956  ASPI - ok
19:07:42.0362 6956  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:07:42.0363 6956  aspnet_state - ok
19:07:42.0437 6956  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:07:42.0438 6956  AsyncMac - ok
19:07:42.0456 6956  [ A779CA2C76DA4FCB595E692C05E8E4EB ] atapi          C:\Windows\system32\drivers\atapi.sys
19:07:42.0457 6956  atapi - ok
19:07:42.0553 6956  [ 8C260202F8124EA7AA5C4D75B691351A ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
19:07:42.0576 6956  Ati External Event Utility - ok
19:07:42.0713 6956  [ A3387B24D17A68FA12A9282481CE6EEC ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
19:07:42.0812 6956  atikmdag - ok
19:07:42.0856 6956  [ 72BC628AF75C4C3250F2A3BAC260265A ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
19:07:42.0861 6956  atksgt - ok
19:07:42.0935 6956  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:07:42.0940 6956  AudioEndpointBuilder - ok
19:07:42.0948 6956  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
19:07:42.0951 6956  Audiosrv - ok
19:07:43.0343 6956  [ 587EFD6A3A30A35A27904D21AE1FB882 ] AVP            C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
19:07:43.0345 6956  AVP - ok
19:07:43.0431 6956  [ C975E7B4466DAC975EF6CB6B79B0B329 ] BDA_Capture_220A C:\Windows\system32\Drivers\BDA_Capture_220A.sys
19:07:43.0432 6956  BDA_Capture_220A - ok
19:07:43.0458 6956  BDA_Loader_220A - ok
19:07:43.0526 6956  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:07:43.0526 6956  Beep - ok
19:07:43.0710 6956  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE            C:\Windows\System32\bfe.dll
19:07:43.0715 6956  BFE - ok
19:07:43.0896 6956  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
19:07:43.0920 6956  BITS - ok
19:07:43.0926 6956  blbdrive - ok
19:07:43.0998 6956  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:07:44.0004 6956  Bonjour Service - ok
19:07:44.0079 6956  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:07:44.0105 6956  bowser - ok
19:07:44.0159 6956  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
19:07:44.0160 6956  BrFiltLo - ok
19:07:44.0178 6956  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
19:07:44.0179 6956  BrFiltUp - ok
19:07:44.0255 6956  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser        C:\Windows\System32\browser.dll
19:07:44.0278 6956  Browser - ok
19:07:44.0323 6956  [ B304E75CFF293029EDDF094246747113 ] Brserid        C:\Windows\system32\drivers\brserid.sys
19:07:44.0325 6956  Brserid - ok
19:07:44.0346 6956  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
19:07:44.0348 6956  BrSerWdm - ok
19:07:44.0362 6956  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
19:07:44.0363 6956  BrUsbMdm - ok
19:07:44.0377 6956  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
19:07:44.0378 6956  BrUsbSer - ok
19:07:44.0393 6956  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
19:07:44.0394 6956  BTHMODEM - ok
19:07:44.0479 6956  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:07:44.0505 6956  cdfs - ok
19:07:44.0557 6956  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
19:07:44.0572 6956  cdrom - ok
19:07:44.0637 6956  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc    C:\Windows\System32\certprop.dll
19:07:44.0659 6956  CertPropSvc - ok
19:07:44.0688 6956  [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass        C:\Windows\system32\drivers\circlass.sys
19:07:44.0689 6956  circlass - ok
19:07:44.0800 6956  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
19:07:44.0826 6956  CLFS - ok
19:07:44.0890 6956  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:07:44.0909 6956  clr_optimization_v2.0.50727_32 - ok
19:07:45.0002 6956  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:07:45.0003 6956  Suspicious file (Hidden): C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe. md5: C5A75EB48E2344ABDC162BDA79E16841
19:07:45.0003 6956  clr_optimization_v4.0.30319_32 ( HiddenFile.Multi.Generic ) - warning
19:07:45.0003 6956  clr_optimization_v4.0.30319_32 - detected HiddenFile.Multi.Generic (1)
19:07:45.0025 6956  [ DFB94A6FC3A26972B0461AB5F1D8272B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:07:45.0026 6956  cmdide - ok
19:07:45.0042 6956  [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
19:07:45.0043 6956  Compbatt - ok
19:07:45.0052 6956  COMSysApp - ok
19:07:45.0195 6956  cpuz134 - ok
19:07:45.0279 6956  [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk        C:\Windows\system32\drivers\crcdisk.sys
19:07:45.0304 6956  crcdisk - ok
19:07:45.0338 6956  [ 22A7F883508176489F559EE745B5BF5D ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
19:07:45.0339 6956  Crusoe - ok
19:07:45.0358 6956  Crypkey License - ok
19:07:45.0475 6956  [ 3EDE4C1F9672C972479201544969ADCB ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:07:45.0482 6956  CryptSvc - ok
19:07:45.0629 6956  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:07:45.0654 6956  DcomLaunch - ok
19:07:45.0681 6956  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:07:45.0683 6956  DfsC - ok
19:07:45.0799 6956  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
19:07:45.0868 6956  DFSR - ok
19:07:45.0949 6956  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
19:07:45.0979 6956  Dhcp - ok
19:07:46.0007 6956  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
19:07:46.0009 6956  disk - ok
19:07:46.0072 6956  [ A53723176D0002FEB486EFF8E17812F2 ] DLABMFSM        C:\Windows\system32\DLA\DLABMFSM.SYS
19:07:46.0073 6956  DLABMFSM - ok
19:07:46.0082 6956  [ D4587063ACEA776699251E177D719586 ] DLABOIOM        C:\Windows\system32\DLA\DLABOIOM.SYS
19:07:46.0083 6956  DLABOIOM - ok
19:07:46.0091 6956  [ 5230CDB7E715F3A3B4A882E254CDD35D ] DLACDBHM        C:\Windows\system32\Drivers\DLACDBHM.SYS
19:07:46.0092 6956  DLACDBHM - ok
19:07:46.0110 6956  [ 1CC77BF6481567B617F7D204932A10E4 ] DLADResM        C:\Windows\system32\DLA\DLADResM.SYS
19:07:46.0111 6956  DLADResM - ok
19:07:46.0129 6956  [ 24400137E387A24410C52A591F3CFB4D ] DLAIFS_M        C:\Windows\system32\DLA\DLAIFS_M.SYS
19:07:46.0131 6956  DLAIFS_M - ok
19:07:46.0142 6956  [ 29A303FECEB28641ECEBDAE89EB71C63 ] DLAOPIOM        C:\Windows\system32\DLA\DLAOPIOM.SYS
19:07:46.0143 6956  DLAOPIOM - ok
19:07:46.0149 6956  [ C93E33A22A1AE0C5508F3FB1F6D0A50C ] DLAPoolM        C:\Windows\system32\DLA\DLAPoolM.SYS
19:07:46.0149 6956  DLAPoolM - ok
19:07:46.0176 6956  [ 77FE51F0F8D86804CB81F6EF6BFB86DD ] DLARTL_M        C:\Windows\system32\Drivers\DLARTL_M.SYS
19:07:46.0177 6956  DLARTL_M - ok
19:07:46.0204 6956  [ B953498C35A31E5AC98F49ADBCF3E627 ] DLAUDFAM        C:\Windows\system32\DLA\DLAUDFAM.SYS
19:07:46.0205 6956  DLAUDFAM - ok
19:07:46.0218 6956  [ 4897704C093C1F59CE58FC65E1E1EF1E ] DLAUDF_M        C:\Windows\system32\DLA\DLAUDF_M.SYS
19:07:46.0220 6956  DLAUDF_M - ok
19:07:46.0296 6956  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:07:46.0298 6956  Dnscache - ok
19:07:46.0396 6956  [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
19:07:46.0423 6956  DockLoginService - ok
19:07:46.0559 6956  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc        C:\Windows\System32\dot3svc.dll
19:07:46.0587 6956  dot3svc - ok
19:07:46.0655 6956  [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
19:07:46.0658 6956  Dot4 - ok
19:07:46.0684 6956  [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print      C:\Windows\system32\DRIVERS\Dot4Prt.sys
19:07:46.0707 6956  Dot4Print - ok
19:07:46.0748 6956  [ C55004CA6B419B6695970DFE849B122F ] dot4usb        C:\Windows\system32\DRIVERS\dot4usb.sys
19:07:46.0749 6956  dot4usb - ok
19:07:46.0848 6956  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS            C:\Windows\system32\dps.dll
19:07:46.0851 6956  DPS - ok
19:07:46.0908 6956  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
19:07:46.0909 6956  drmkaud - ok
19:07:46.0983 6956  [ 651554E483712B708EDE864D0CA1AA73 ] DrvAgent32      C:\Windows\system32\Drivers\DrvAgent32.sys
19:07:47.0009 6956  DrvAgent32 - ok
19:07:47.0044 6956  [ C00440385CF9F3D142917C63F989E244 ] DRVMCDB        C:\Windows\system32\Drivers\DRVMCDB.SYS
19:07:47.0046 6956  DRVMCDB - ok
19:07:47.0053 6956  [ FFC371525AA55D1BAE18715EBCB8797C ] DRVNDDM        C:\Windows\system32\Drivers\DRVNDDM.SYS
19:07:47.0054 6956  DRVNDDM - ok
19:07:47.0086 6956  [ 01D5B95D0A12A916BBDC258629113258 ] DSBrokerService C:\Program Files\DellSupport\brkrsvc.exe
19:07:47.0087 6956  DSBrokerService - ok
19:07:47.0132 6956  [ 413F2D5F9D802688242C23B38F767ECB ] DSproct        C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
19:07:47.0133 6956  DSproct - ok
19:07:47.0152 6956  [ 64FA28C15DD71A80BEF3527E1EF07DF6 ] dsunidrv        C:\Program Files\DellSupport\Drivers\dsunidrv.sys
19:07:47.0153 6956  dsunidrv - ok
19:07:47.0234 6956  [ 555E54AC2F601A8821CEF58961653991 ] dtsoftbus01    C:\Windows\system32\DRIVERS\dtsoftbus01.sys
19:07:47.0264 6956  dtsoftbus01 - ok
19:07:47.0540 6956  [ 5DE0FAEC9E5D1AAE74F8568897891A01 ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
19:07:47.0572 6956  DXGKrnl - ok
19:07:47.0668 6956  [ 4195EA16F756645069642A4B464BB221 ] e1express      C:\Windows\system32\DRIVERS\e1e6032.sys
19:07:47.0671 6956  e1express - ok
19:07:47.0702 6956  [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60          C:\Windows\system32\DRIVERS\E1G60I32.sys
19:07:47.0704 6956  E1G60 - ok
19:07:47.0797 6956  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost        C:\Windows\System32\eapsvc.dll
19:07:47.0821 6956  EapHost - ok
19:07:47.0942 6956  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
19:07:47.0944 6956  Ecache - ok
19:07:48.0169 6956  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
19:07:48.0200 6956  ehRecvr - ok
19:07:48.0234 6956  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched        C:\Windows\ehome\ehsched.exe
19:07:48.0236 6956  ehSched - ok
19:07:48.0249 6956  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart        C:\Windows\ehome\ehstart.dll
19:07:48.0250 6956  ehstart - ok
19:07:48.0285 6956  [ E8F3F21A71720C84BCF423B80028359F ] elxstor        C:\Windows\system32\drivers\elxstor.sys
19:07:48.0290 6956  elxstor - ok
19:07:48.0365 6956  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt        C:\Windows\system32\emdmgmt.dll
19:07:48.0391 6956  EMDMgmt - ok
19:07:48.0428 6956  [ B4556F3D468C8DCB0B259D9D866CD4C4 ] enodpl          C:\Windows\system32\drivers\enodpl.sys
19:07:48.0452 6956  enodpl - ok
19:07:48.0574 6956  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem    C:\Windows\system32\es.dll
19:07:48.0604 6956  EventSystem - ok
19:07:48.0695 6956  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat          C:\Windows\system32\drivers\exfat.sys
19:07:48.0698 6956  exfat - ok
19:07:48.0859 6956  Fabs - ok
19:07:48.0922 6956  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat        C:\Windows\system32\drivers\fastfat.sys
19:07:48.0925 6956  fastfat - ok
19:07:48.0944 6956  [ 63BDADA84951B9C03E641800E176898A ] fdc            C:\Windows\system32\DRIVERS\fdc.sys
19:07:48.0945 6956  fdc - ok
19:07:49.0007 6956  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost        C:\Windows\system32\fdPHost.dll
19:07:49.0009 6956  fdPHost - ok
19:07:49.0031 6956  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:07:49.0033 6956  FDResPub - ok
19:07:49.0085 6956  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:07:49.0087 6956  FileInfo - ok
19:07:49.0120 6956  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
19:07:49.0121 6956  Filetrace - ok
19:07:49.0248 6956  [ 5BD96D8C5411ACE71A7EAACAF0EF2903 ] FirebirdServerMAGIXInstance C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
19:07:49.0336 6956  FirebirdServerMAGIXInstance - ok
19:07:49.0406 6956  [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:07:49.0431 6956  FLEXnet Licensing Service - ok
19:07:49.0461 6956  [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
19:07:49.0488 6956  flpydisk - ok
19:07:49.0515 6956  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:07:49.0519 6956  FltMgr - ok
19:07:49.0611 6956  [ 8CE364388C8ECA59B14B539179276D44 ] FontCache      C:\Windows\system32\FntCache.dll
19:07:49.0691 6956  FontCache - ok
19:07:49.0786 6956  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:07:49.0787 6956  FontCache3.0.0.0 - ok
19:07:49.0822 6956  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:07:49.0823 6956  Fs_Rec - ok
19:07:49.0848 6956  [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:07:49.0850 6956  gagp30kx - ok
19:07:49.0888 6956  [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM    C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:07:49.0889 6956  GEARAspiWDM - ok
19:07:49.0899 6956  [ 77EBF3E9386DAA51551AF429052D88D0 ] giveio          C:\Windows\system32\giveio.sys
19:07:49.0902 6956  giveio - ok
19:07:50.0028 6956  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc          C:\Windows\System32\gpsvc.dll
19:07:50.0061 6956  gpsvc - ok
19:07:50.0152 6956  [ 408DDD80EEDE47175F6844817B90213E ] gusvc          C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:07:50.0191 6956  gusvc - ok
19:07:50.0290 6956  [ 833051C6C6C42117191935F734CFBD97 ] hamachi        C:\Windows\system32\DRIVERS\hamachi.sys
19:07:50.0308 6956  hamachi - ok
19:07:50.0473 6956  [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:07:50.0479 6956  HdAudAddService - ok
19:07:50.0588 6956  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
19:07:50.0602 6956  HDAudBus - ok
19:07:50.0639 6956  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
19:07:50.0640 6956  HidBth - ok
19:07:50.0665 6956  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr          C:\Windows\system32\drivers\hidir.sys
19:07:50.0666 6956  HidIr - ok
19:07:50.0742 6956  [ A7C74EAFB5E6B0FC00E8FC2E0F83DDE3 ] HidNt          C:\Windows\system32\DRIVERS\HIDNt.sys
19:07:50.0743 6956  HidNt - ok
19:07:50.0807 6956  [ 84067081F3318162797385E11A8F0582 ] hidserv        C:\Windows\system32\hidserv.dll
19:07:50.0809 6956  hidserv - ok
19:07:50.0824 6956  [ 3C64042B95E583B366BA4E5D2450235E ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:07:50.0825 6956  HidUsb - ok
19:07:50.0889 6956  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:07:50.0892 6956  hkmsvc - ok
19:07:50.0910 6956  [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs        C:\Windows\system32\drivers\hpcisss.sys
19:07:50.0911 6956  HpCISSs - ok
19:07:51.0004 6956  [ E4E285A3766B4A57401FEEAF66CB07B5 ] hpqcxs08        C:\Program Files\HP\C4180\Digital Imaging\bin\hpqcxs08.dll
19:07:51.0008 6956  hpqcxs08 - ok
19:07:51.0082 6956  [ EE4C7A4CF2316701FFDE90F404520265 ] hpqddsvc        C:\Program Files\HP\C4180\Digital Imaging\bin\hpqddsvc.dll
19:07:51.0084 6956  hpqddsvc - ok
19:07:51.0123 6956  [ 30CA91E657CEDE2F95359D6EF186F650 ] HPZid412        C:\Windows\system32\DRIVERS\HPZid412.sys
19:07:51.0124 6956  HPZid412 - ok
19:07:51.0141 6956  [ EFD31AFA752AA7C7BBB57BCBE2B01C78 ] HPZipr12        C:\Windows\system32\DRIVERS\HPZipr12.sys
19:07:51.0142 6956  HPZipr12 - ok
19:07:51.0161 6956  [ 7AC43C38CA8FD7ED0B0A4466F753E06E ] HPZius12        C:\Windows\system32\DRIVERS\HPZius12.sys
19:07:51.0162 6956  HPZius12 - ok
19:07:51.0390 6956  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:07:51.0397 6956  HTTP - ok
19:07:51.0413 6956  [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp          C:\Windows\system32\drivers\i2omp.sys
19:07:51.0415 6956  i2omp - ok
19:07:51.0492 6956  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
19:07:51.0493 6956  i8042prt - ok
19:07:51.0566 6956  [ E64665E2A6CAEB52C8AE6E5EB6F3FD7C ] iaStor          C:\Windows\system32\drivers\iastor.sys
19:07:51.0570 6956  iaStor - ok
19:07:51.0681 6956  [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
19:07:51.0682 6956  IAStorDataMgrSvc - ok
19:07:51.0720 6956  [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV        C:\Windows\system32\drivers\iastorv.sys
19:07:51.0724 6956  iaStorV - ok
19:07:51.0784 6956  [ F16E31FECD8393A3DFC56D6EB7FF5D23 ] iconmgr        C:\teac\iconmgr\iconmgr.exe
19:07:51.0786 6956  iconmgr - ok
19:07:51.0865 6956  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:07:51.0866 6956  IDriverT - ok
19:07:51.0989 6956  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc          C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:07:52.0012 6956  idsvc - ok
19:07:52.0036 6956  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp          C:\Windows\system32\drivers\iirsp.sys
19:07:52.0037 6956  iirsp - ok
19:07:52.0110 6956  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
19:07:52.0144 6956  IKEEXT - ok
19:07:52.0227 6956  [ 7E3C5F1342A5533A1D772967E9AC5701 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
19:07:52.0230 6956  Intel(R) PROSet Monitoring Service - ok
19:07:52.0276 6956  [ 1C60617D54BC9F035671A44B75D9F7CC ] intelide        C:\Windows\system32\drivers\intelide.sys
19:07:52.0277 6956  intelide - ok
19:07:52.0297 6956  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:07:52.0299 6956  intelppm - ok
19:07:52.0375 6956  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
19:07:52.0379 6956  IPBusEnum - ok
19:07:52.0442 6956  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:07:52.0443 6956  IpFilterDriver - ok
19:07:52.0477 6956  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:07:52.0482 6956  iphlpsvc - ok
19:07:52.0489 6956  IpInIp - ok
19:07:52.0511 6956  [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV        C:\Windows\system32\drivers\ipmidrv.sys
19:07:52.0514 6956  IPMIDRV - ok
19:07:52.0539 6956  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT          C:\Windows\system32\DRIVERS\ipnat.sys
19:07:52.0541 6956  IPNAT - ok
19:07:52.0593 6956  [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:07:52.0616 6956  iPod Service - ok
19:07:52.0688 6956  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:07:52.0689 6956  IRENUM - ok
19:07:52.0722 6956  [ 2F8ECE2699E7E2070545E9B0960A8ED2 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:07:52.0723 6956  isapnp - ok
19:07:52.0790 6956  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
19:07:52.0793 6956  iScsiPrt - ok
19:07:52.0827 6956  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
19:07:52.0828 6956  iteatapi - ok
19:07:52.0862 6956  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid        C:\Windows\system32\drivers\iteraid.sys
19:07:52.0863 6956  iteraid - ok
19:07:53.0006 6956  [ AA1E275CC4A98FCFC65AB5F8AB5B1ACC ] iZ3DInjectionDriver C:\Program Files\iZ3D Driver\Win32\S3DInjectionDriver.sys
19:07:53.0007 6956  iZ3DInjectionDriver - ok
19:07:53.0032 6956  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:07:53.0033 6956  kbdclass - ok
19:07:53.0049 6956  [ D2600CB17B7408B4A83F231DC9A11AC3 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:07:53.0049 6956  kbdhid - ok
19:07:53.0070 6956  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
19:07:53.0073 6956  KeyIso - ok
19:07:53.0119 6956  [ EA26CB00F83686856F2C79673C00C686 ] kl1            C:\Windows\system32\DRIVERS\kl1.sys
19:07:53.0121 6956  kl1 - ok
19:07:53.0207 6956  [ BE21AC70BB25B9BA0D79AA510D6BBFCB ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
19:07:53.0241 6956  KLIF - ok
19:07:53.0296 6956  [ AF127FE7DD5ED2BBC9049FD8A00DEFC2 ] KLIM6          C:\Windows\system32\DRIVERS\klim6.sys
19:07:53.0297 6956  KLIM6 - ok
19:07:53.0367 6956  [ 24AEBAD59D1DE8A7CC36E8F09F999362 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
19:07:53.0368 6956  klkbdflt - ok
19:07:53.0413 6956  [ A58507C2827C3AE1D4CCB2746AAB349F ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
19:07:53.0414 6956  klmouflt - ok
19:07:53.0455 6956  [ 8FD802F86D4AB3FB329B8E51517BFF2A ] kltdi          C:\Windows\system32\DRIVERS\kltdi.sys
19:07:53.0457 6956  kltdi - ok
19:07:53.0498 6956  [ 8F932DF10408BCABA2FCF6163C843F8E ] kneps          C:\Windows\system32\DRIVERS\kneps.sys
19:07:53.0501 6956  kneps - ok
19:07:53.0543 6956  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:07:53.0550 6956  KSecDD - ok
19:07:53.0702 6956  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm          C:\Windows\system32\msdtckrm.dll
19:07:53.0709 6956  KtmRm - ok
19:07:53.0791 6956  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:07:53.0796 6956  LanmanServer - ok
19:07:53.0924 6956  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:07:53.0955 6956  LanmanWorkstation - ok
19:07:54.0003 6956  [ 4127E8B6DDB4090E815C1F8852C277D3 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
19:07:54.0004 6956  lirsgt - ok
19:07:54.0070 6956  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:07:54.0096 6956  lltdio - ok
19:07:54.0142 6956  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc        C:\Windows\System32\lltdsvc.dll
19:07:54.0146 6956  lltdsvc - ok
19:07:54.0232 6956  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts        C:\Windows\System32\lmhsvc.dll
19:07:54.0260 6956  lmhosts - ok
19:07:54.0307 6956  [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
19:07:54.0309 6956  LSI_FC - ok
19:07:54.0328 6956  [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS        C:\Windows\system32\drivers\lsi_sas.sys
19:07:54.0330 6956  LSI_SAS - ok
19:07:54.0361 6956  [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
19:07:54.0363 6956  LSI_SCSI - ok
19:07:54.0431 6956  [ 8F5C7426567798E62A3B3614965D62CC ] luafv          C:\Windows\system32\drivers\luafv.sys
19:07:54.0433 6956  luafv - ok
19:07:54.0505 6956  [ AF280405C10F0D20F37670B7432E5C2F ] lvpopflt        C:\Windows\system32\DRIVERS\lvpopflt.sys
19:07:54.0508 6956  lvpopflt - ok
19:07:54.0569 6956  [ 8BE71D7EDB8C7494913722059F760DD0 ] LVPr2Mon        C:\Windows\system32\DRIVERS\LVPr2Mon.sys
19:07:54.0570 6956  LVPr2Mon - ok
19:07:54.0742 6956  [ 2333057542C91AE8228BDCCC2E5F2632 ] LVPrcSrv        C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
19:07:54.0744 6956  LVPrcSrv - ok
19:07:54.0768 6956  [ E52F5A2CADCF08D07F559962F807A0A2 ] LVRS            C:\Windows\system32\DRIVERS\lvrs.sys
19:07:54.0772 6956  LVRS - ok
19:07:55.0044 6956  [ C3D02260BEB2B48DEA1EFDFCA91E4B69 ] LVUVC          C:\Windows\system32\DRIVERS\lvuvc.sys
19:07:55.0219 6956  LVUVC - ok
19:07:55.0252 6956  [ 6D8AEC91C7795E4452E71F6622E70245 ] Mac606          C:\Windows\system32\DRIVERS\Mac606.sys
19:07:55.0253 6956  Mac606 - ok
19:07:55.0318 6956  [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector  C:\Windows\system32\drivers\mbam.sys
19:07:55.0319 6956  MBAMProtector - ok
19:07:55.0427 6956  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler  C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:07:55.0434 6956  MBAMScheduler - ok
19:07:55.0499 6956  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
19:07:55.0524 6956  MBAMService - ok
19:07:55.0583 6956  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
19:07:55.0586 6956  Mcx2Svc - ok
19:07:55.0630 6956  [ D153B14FC6598EAE8422A2037553ADCE ] megasas        C:\Windows\system32\drivers\megasas.sys
19:07:55.0631 6956  megasas - ok
19:07:55.0699 6956  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS          C:\Windows\system32\mmcss.dll
19:07:55.0702 6956  MMCSS - ok
19:07:55.0719 6956  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem          C:\Windows\system32\drivers\modem.sys
19:07:55.0720 6956  Modem - ok
19:07:55.0745 6956  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
19:07:55.0746 6956  monitor - ok
19:07:55.0764 6956  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:07:55.0765 6956  mouclass - ok
19:07:55.0789 6956  [ A3A6DFF7E9E757DB3DF51A833BC28885 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:07:55.0791 6956  mouhid - ok
19:07:55.0826 6956  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
19:07:55.0827 6956  MountMgr - ok
19:07:55.0906 6956  [ 219C10137B2A5B9A703D812A361E6781 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:07:55.0908 6956  MozillaMaintenance - ok
19:07:55.0956 6956  [ 583A41F26278D9E0EA548163D6139397 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:07:55.0959 6956  mpio - ok
19:07:55.0983 6956  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:07:55.0984 6956  mpsdrv - ok
19:07:56.0009 6956  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:07:56.0023 6956  MpsSvc - ok
19:07:56.0044 6956  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
19:07:56.0045 6956  Mraid35x - ok
19:07:56.0104 6956  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:07:56.0106 6956  MRxDAV - ok
19:07:56.0141 6956  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:07:56.0143 6956  mrxsmb - ok
19:07:56.0156 6956  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:07:56.0160 6956  mrxsmb10 - ok
19:07:56.0208 6956  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:07:56.0209 6956  mrxsmb20 - ok
19:07:56.0233 6956  [ F0EC3A4E0693A34B148723B4DA31668C ] msahci          C:\Windows\system32\drivers\msahci.sys
19:07:56.0234 6956  msahci - ok
19:07:56.0257 6956  [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
19:07:56.0259 6956  msdsm - ok
19:07:56.0334 6956  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC          C:\Windows\System32\msdtc.exe
19:07:56.0338 6956  MSDTC - ok
19:07:56.0381 6956  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:07:56.0381 6956  Msfs - ok
19:07:56.0426 6956  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:07:56.0427 6956  msisadrv - ok
19:07:56.0489 6956  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
19:07:56.0492 6956  MSiSCSI - ok
19:07:56.0498 6956  msiserver - ok
19:07:56.0563 6956  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
19:07:56.0564 6956  MSKSSRV - ok
19:07:56.0584 6956  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:07:56.0585 6956  MSPCLOCK - ok
19:07:56.0637 6956  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
19:07:56.0638 6956  MSPQM - ok
19:07:56.0703 6956  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
19:07:56.0705 6956  MsRPC - ok
19:07:56.0715 6956  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
19:07:56.0716 6956  mssmbios - ok
19:07:56.0736 6956  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
19:07:56.0737 6956  MSTEE - ok
19:07:56.0808 6956  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup            C:\Windows\system32\Drivers\mup.sys
19:07:56.0810 6956  Mup - ok
19:07:56.0901 6956  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
19:07:56.0908 6956  napagent - ok
19:07:57.0023 6956  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
19:07:57.0026 6956  NativeWifiP - ok
19:07:57.0119 6956  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:07:57.0127 6956  NDIS - ok
19:07:57.0190 6956  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:07:57.0191 6956  NdisTapi - ok
19:07:57.0253 6956  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
19:07:57.0254 6956  Ndisuio - ok
19:07:57.0288 6956  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
19:07:57.0290 6956  NdisWan - ok
19:07:57.0333 6956  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
19:07:57.0334 6956  NDProxy - ok
19:07:57.0413 6956  [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
19:07:57.0415 6956  Net Driver HPZ12 - ok
19:07:57.0455 6956  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
19:07:57.0456 6956  NetBIOS - ok
19:07:57.0522 6956  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt          C:\Windows\system32\DRIVERS\netbt.sys
19:07:57.0525 6956  netbt - ok
19:07:57.0542 6956  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
19:07:57.0545 6956  Netlogon - ok
19:07:57.0614 6956  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
19:07:57.0621 6956  Netman - ok
19:07:57.0709 6956  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:07:57.0709 6956  Suspicious file (Hidden): C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe. md5: D22CD77D4F0D63D1169BB35911BFF12D
19:07:57.0710 6956  NetMsmqActivator ( HiddenFile.Multi.Generic ) - warning
19:07:57.0710 6956  NetMsmqActivator - detected HiddenFile.Multi.Generic (1)
19:07:57.0724 6956  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:07:57.0724 6956  Suspicious file (Hidden): C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe. md5: D22CD77D4F0D63D1169BB35911BFF12D
19:07:57.0725 6956  NetPipeActivator ( HiddenFile.Multi.Generic ) - warning
19:07:57.0725 6956  NetPipeActivator - detected HiddenFile.Multi.Generic (1)
19:07:57.0792 6956  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
19:07:57.0798 6956  netprofm - ok
19:07:57.0804 6956  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:07:57.0804 6956  Suspicious file (Hidden): C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe. md5: D22CD77D4F0D63D1169BB35911BFF12D
19:07:57.0805 6956  NetTcpActivator ( HiddenFile.Multi.Generic ) - warning
19:07:57.0805 6956  NetTcpActivator - detected HiddenFile.Multi.Generic (1)
19:07:57.0811 6956  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:07:57.0812 6956  Suspicious file (Hidden): C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe. md5: D22CD77D4F0D63D1169BB35911BFF12D
19:07:57.0812 6956  NetTcpPortSharing ( HiddenFile.Multi.Generic ) - warning
19:07:57.0813 6956  NetTcpPortSharing - detected HiddenFile.Multi.Generic (1)
19:07:57.0858 6956  [ 5EF7DD401771693245D46F4B0B69FE2B ] NetworkX        C:\Windows\system32\ckldrv.sys
19:07:57.0859 6956  NetworkX - ok
19:07:57.0899 6956  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960        C:\Windows\system32\drivers\nfrd960.sys
19:07:57.0901 6956  nfrd960 - ok
19:07:58.0050 6956  [ 9E8CFAC370699BACF4B0F6CA7BB0C17B ] NitroReaderDriverReadSpool C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
19:07:58.0054 6956  NitroReaderDriverReadSpool - ok
19:07:58.0073 6956  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:07:58.0078 6956  NlaSvc - ok
19:07:58.0162 6956  [ C2A0C464F810D75524BDD532E3D1C171 ] NMSAccessU      C:\Program Files\Common Files\NMSAccessU.exe
19:07:58.0163 6956  NMSAccessU - ok
19:07:58.0205 6956  [ CFE3462A9E94A57DCD9676F6B7FE7F67 ] nmwcd          C:\Windows\system32\drivers\ccdcmb.sys
19:07:58.0206 6956  nmwcd - ok
19:07:58.0247 6956  [ 8F2A94F991F8C73CEC26B4B5620D1EDC ] nmwcdc          C:\Windows\system32\drivers\ccdcmbo.sys
19:07:58.0248 6956  nmwcdc - ok
19:07:58.0308 6956  [ 99145C5D4B6C4D6F5CE83EE6ABFFE294 ] nmwcdnsu        C:\Windows\system32\drivers\nmwcdnsu.sys
19:07:58.0311 6956  nmwcdnsu - ok
19:07:58.0336 6956  [ FAEE7B61C6885B091CEC1FF06DA2E1AB ] nmwcdnsuc      C:\Windows\system32\drivers\nmwcdnsuc.sys
19:07:58.0337 6956  nmwcdnsuc - ok
19:07:58.0392 6956  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:07:58.0393 6956  Npfs - ok
19:07:58.0407 6956  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi            C:\Windows\system32\nsisvc.dll
19:07:58.0410 6956  nsi - ok
19:07:58.0420 6956  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:07:58.0421 6956  nsiproxy - ok
19:07:58.0507 6956  [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:07:58.0540 6956  Ntfs - ok
19:07:58.0567 6956  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi      C:\Windows\system32\drivers\ntrigdigi.sys
19:07:58.0568 6956  ntrigdigi - ok
19:07:58.0591 6956  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
19:07:58.0592 6956  Null - ok
19:07:58.0678 6956  [ ED53B817E63AFFBA328C2E9632FBF487 ] NVHDA          C:\Windows\system32\drivers\nvhda32v.sys
19:07:58.0681 6956  NVHDA - ok
19:07:58.0991 6956  [ 75FA3DC6C2838F35B15CF45E9E0D10A8 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:07:59.0098 6956  nvlddmkm - ok
19:07:59.0150 6956  [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:07:59.0152 6956  nvraid - ok
19:07:59.0164 6956  [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:07:59.0166 6956  nvstor - ok
19:07:59.0213 6956  [ 2784C071EC57DCDBA6D4A2A017F56CD4 ] NVSvc          C:\Windows\system32\nvvsvc.exe
19:07:59.0239 6956  NVSvc - ok
19:07:59.0333 6956  [ A9AFE5B0648C8D7A411A72D8222F7F6E ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:07:59.0374 6956  nvUpdatusService - ok
19:07:59.0391 6956  [ 055081FD5076401C1EE1BCAB08D81911 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:07:59.0393 6956  nv_agp - ok
19:07:59.0399 6956  NwlnkFlt - ok
19:07:59.0406 6956  NwlnkFwd - ok
19:07:59.0462 6956  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:07:59.0469 6956  odserv - ok
19:07:59.0523 6956  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:07:59.0524 6956  ohci1394 - ok
19:07:59.0614 6956  [ 5A432A042DAE460ABE7199B758E8606C ] ose            C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:07:59.0616 6956  ose - ok
19:07:59.0695 6956  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
19:07:59.0720 6956  p2pimsvc - ok
19:07:59.0749 6956  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
19:07:59.0756 6956  p2psvc - ok
19:07:59.0839 6956  [ 735640D311D27E0095D748F725B9E507 ] PAC7311        C:\Windows\system32\DRIVERS\PA707UCM.SYS
19:07:59.0846 6956  PAC7311 - ok
19:07:59.0882 6956  [ 8051A829DC5544C55FB647447C4B0286 ] papycpu        C:\Windows\system32\drivers\papycpu.sys
19:07:59.0883 6956  papycpu - ok
19:07:59.0889 6956  [ A4B3FB04A3F6367BC264E8ADDCAE2A48 ] papyjoy        C:\Windows\system32\drivers\papyjoy.sys
19:07:59.0890 6956  papyjoy - ok
19:07:59.0913 6956  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport        C:\Windows\system32\drivers\parport.sys
19:07:59.0915 6956  Parport - ok
19:07:59.0984 6956  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr        C:\Windows\system32\drivers\partmgr.sys
19:07:59.0986 6956  partmgr - ok
19:08:00.0008 6956  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
19:08:00.0009 6956  Parvdm - ok
19:08:00.0073 6956  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:08:00.0076 6956  PcaSvc - ok
19:08:00.0142 6956  [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfd.sys
19:08:00.0143 6956  pccsmcfd - ok
19:08:00.0155 6956  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci            C:\Windows\system32\drivers\pci.sys
19:08:00.0158 6956  pci - ok
19:08:00.0199 6956  [ 20B869152448F80AC49CF10264E91F5E ] pciide          C:\Windows\system32\drivers\pciide.sys
19:08:00.0200 6956  pciide - ok
19:08:00.0216 6956  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:08:00.0219 6956  pcmcia - ok
19:08:00.0266 6956  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:08:00.0298 6956  PEAUTH - ok
19:08:00.0524 6956  [ B1689DF169143F57053F795390C99DB3 ] pla            C:\Windows\system32\pla.dll
19:08:00.0581 6956  pla - ok
19:08:00.0652 6956  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:08:00.0659 6956  PlugPlay - ok
19:08:00.0727 6956  [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
19:08:00.0730 6956  Pml Driver HPZ12 - ok
19:08:00.0753 6956  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg    C:\Windows\system32\p2psvc.dll
19:08:00.0760 6956  PNRPAutoReg - ok
19:08:00.0773 6956  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc        C:\Windows\system32\p2psvc.dll
19:08:00.0781 6956  PNRPsvc - ok
19:08:00.0854 6956  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
19:08:00.0860 6956  PolicyAgent - ok
19:08:00.0932 6956  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:08:00.0934 6956  PptpMiniport - ok
19:08:00.0967 6956  [ 0E3CEF5D28B40CF273281D620C50700A ] Processor      C:\Windows\system32\drivers\processr.sys
19:08:00.0969 6956  Processor - ok
19:08:01.0032 6956  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc        C:\Windows\system32\profsvc.dll
19:08:01.0036 6956  ProfSvc - ok
19:08:01.0079 6956  [ 353499497510F2781D647C6DB9226A70 ] prosync1        C:\Windows\system32\drivers\prosync1.sys
19:08:01.0080 6956  prosync1 - ok
19:08:01.0099 6956  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
19:08:01.0101 6956  ProtectedStorage - ok
19:08:01.0162 6956  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
19:08:01.0164 6956  PSched - ok
19:08:01.0213 6956  [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
19:08:01.0214 6956  PxHelp20 - ok
19:08:01.0261 6956  [ CCDAC889326317792480C0A67156A1EC ] ql2300          C:\Windows\system32\drivers\ql2300.sys
19:08:01.0294 6956  ql2300 - ok
19:08:01.0319 6956  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
19:08:01.0322 6956  ql40xx - ok
19:08:01.0391 6956  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE          C:\Windows\system32\qwave.dll
19:08:01.0397 6956  QWAVE - ok
19:08:01.0467 6956  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:08:01.0468 6956  QWAVEdrv - ok
19:08:01.0585 6956  [ A3387B24D17A68FA12A9282481CE6EEC ] R300            C:\Windows\system32\DRIVERS\atikmdag.sys
19:08:01.0614 6956  R300 - ok
19:08:01.0675 6956  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:08:01.0677 6956  RasAcd - ok
19:08:01.0763 6956  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto        C:\Windows\System32\rasauto.dll
19:08:01.0767 6956  RasAuto - ok
19:08:01.0837 6956  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
19:08:01.0839 6956  Rasl2tp - ok
19:08:01.0908 6956  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
19:08:01.0914 6956  RasMan - ok
19:08:01.0989 6956  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:08:01.0990 6956  RasPppoe - ok
19:08:02.0025 6956  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
19:08:02.0027 6956  RasSstp - ok
19:08:02.0074 6956  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
19:08:02.0078 6956  rdbss - ok
19:08:02.0142 6956  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:08:02.0142 6956  RDPCDD - ok
19:08:02.0195 6956  [ 0245418224CFA77BF4B41C2FE0622258 ] rdpdr          C:\Windows\system32\drivers\rdpdr.sys
19:08:02.0199 6956  rdpdr - ok
19:08:02.0236 6956  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:08:02.0237 6956  RDPENCDD - ok
19:08:02.0296 6956  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
19:08:02.0298 6956  RDPWD - ok
19:08:02.0379 6956  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:08:02.0382 6956  RemoteAccess - ok
19:08:02.0458 6956  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:08:02.0463 6956  RemoteRegistry - ok
19:08:02.0543 6956  [ EBCDE8B48FADC6479D96A56D0A432160 ] RoxMediaDB9    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
19:08:02.0573 6956  RoxMediaDB9 - ok
19:08:02.0622 6956  [ AB2B1DE1C8F31EFCE2384B14B3DC4260 ] RoxWatch9      C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
19:08:02.0625 6956  RoxWatch9 - ok
19:08:02.0652 6956  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
19:08:02.0654 6956  RpcLocator - ok
19:08:02.0726 6956  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs          C:\Windows\system32\rpcss.dll
19:08:02.0734 6956  RpcSs - ok
19:08:02.0812 6956  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:08:02.0814 6956  rspndr - ok
19:08:02.0878 6956  [ 500649D4EB9A972334428F93E4B82AE8 ] RTL2832UBDA    C:\Windows\system32\drivers\RTL2832UBDA.sys
19:08:02.0880 6956  RTL2832UBDA - ok
19:08:02.0949 6956  [ 7F70002C79E8361C438ADB905705B1CE ] RTL2832UUSB    C:\Windows\system32\Drivers\RTL2832UUSB.sys
19:08:02.0950 6956  RTL2832UUSB - ok
19:08:03.0032 6956  [ ADAC790BAA89AC1FEE08DEEF67D18F5C ] RTL2832U_IRHID  C:\Windows\system32\DRIVERS\RTL2832U_IRHID.sys
19:08:03.0034 6956  RTL2832U_IRHID - ok
19:08:03.0113 6956  [ 478D2C9C09BAE938B344A0627A32E8A8 ] S3DSvc32        C:\Program Files\iZ3D Driver\Win32\S3DCService.exe
19:08:03.0118 6956  S3DSvc32 - ok
19:08:03.0221 6956  [ 3252D5571633E0B244541615D6252358 ] SaiH0C2D        C:\Windows\system32\DRIVERS\SaiH0C2D.sys
19:08:03.0224 6956  SaiH0C2D - ok
19:08:03.0246 6956  [ 9F6531B2CB0E4E9EF644616F5C38630B ] SaiMini        C:\Windows\system32\DRIVERS\SaiMini.sys
19:08:03.0247 6956  SaiMini - ok
19:08:03.0277 6956  [ 368713C87ADA877D26E4D025F3CF882E ] SaiNtBus        C:\Windows\system32\drivers\SaiBus.sys
19:08:03.0278 6956  SaiNtBus - ok
19:08:03.0289 6956  [ A3E186B4B935905B829219502557314E ] SamSs          C:\Windows\system32\lsass.exe
19:08:03.0291 6956  SamSs - ok
19:08:03.0346 6956  [ A3281AEC37E0720A2BC28034C2DF2A56 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
19:08:03.0347 6956  SASDIFSV - ok
19:08:03.0360 6956  [ 61DB0D0756A99506207FD724E3692B25 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
19:08:03.0362 6956  SASKUTIL - ok
19:08:03.0382 6956  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:08:03.0384 6956  sbp2port - ok
19:08:03.0465 6956  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:08:03.0470 6956  SCardSvr - ok
19:08:03.0542 6956  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
19:08:03.0567 6956  Schedule - ok
19:08:03.0633 6956  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc    C:\Windows\System32\certprop.dll
19:08:03.0634 6956  SCPolicySvc - ok
19:08:03.0695 6956  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:08:03.0700 6956  SDRSVC - ok
19:08:03.0717 6956  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:08:03.0718 6956  secdrv - ok
19:08:03.0730 6956  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
19:08:03.0737 6956  seclogon - ok
19:08:03.0815 6956  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
19:08:03.0819 6956  SENS - ok
19:08:03.0836 6956  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum        C:\Windows\system32\drivers\serenum.sys
19:08:03.0837 6956  Serenum - ok
19:08:03.0857 6956  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
19:08:03.0859 6956  Serial - ok
19:08:03.0894 6956  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
19:08:03.0895 6956  sermouse - ok
19:08:03.0954 6956  [ 8C1F87F5FDD92229D1754B98F073913F ] ServiceLayer    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
19:08:03.0979 6956  ServiceLayer - ok
19:08:04.0059 6956  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
19:08:04.0063 6956  SessionEnv - ok
19:08:04.0088 6956  [ B7018644E132A8DFB12ED90106E06739 ] sfdrv01        C:\Windows\system32\drivers\sfdrv01.sys
19:08:04.0090 6956  sfdrv01 - ok
19:08:04.0109 6956  [ 103B79418DA647736EE95645F305F68A ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
19:08:04.0110 6956  sffdisk - ok
19:08:04.0122 6956  [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:08:04.0123 6956  sffp_mmc - ok
19:08:04.0137 6956  [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
19:08:04.0138 6956  sffp_sd - ok
19:08:04.0144 6956  [ DAAD4C099EBF5094D32C373AC1AC0F3C ] sfhlp02        C:\Windows\system32\drivers\sfhlp02.sys
19:08:04.0145 6956  sfhlp02 - ok
19:08:04.0195 6956  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy        C:\Windows\system32\drivers\sfloppy.sys
19:08:04.0196 6956  sfloppy - ok
19:08:04.0203 6956  sfrem01 - ok
19:08:04.0268 6956  [ B27F70092A84B2A381D1FCDBBB82F876 ] sfsync03        C:\Windows\system32\drivers\sfsync03.sys
19:08:04.0269 6956  sfsync03 - ok
19:08:04.0316 6956  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:08:04.0321 6956  SharedAccess - ok
19:08:04.0385 6956  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:08:04.0391 6956  ShellHWDetection - ok
19:08:04.0409 6956  [ 08072B2FB92477FC813271A84B3A8698 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
19:08:04.0411 6956  sisagp - ok
19:08:04.0426 6956  [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
19:08:04.0429 6956  SiSRaid2 - ok
19:08:04.0455 6956  [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:08:04.0457 6956  SiSRaid4 - ok
19:08:04.0526 6956  [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate    C:\Program Files\Skype\Updater\Updater.exe
19:08:04.0528 6956  SkypeUpdate - ok
19:08:04.0678 6956  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc          C:\Windows\system32\SLsvc.exe
19:08:04.0769 6956  slsvc - ok
19:08:04.0849 6956  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
19:08:04.0853 6956  SLUINotify - ok
19:08:04.0918 6956  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
19:08:04.0920 6956  Smb - ok
19:08:04.0959 6956  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:08:04.0963 6956  SNMPTRAP - ok
19:08:04.0983 6956  [ 3FA2E254BFBCE52B3C6F1BF23AAB6911 ] speedfan        C:\Windows\system32\speedfan.sys
19:08:04.0989 6956  speedfan - ok
19:08:05.0005 6956  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr          C:\Windows\system32\drivers\spldr.sys
19:08:05.0006 6956  spldr - ok
19:08:05.0021 6956  SPLITCAM - ok
19:08:05.0089 6956  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler        C:\Windows\System32\spoolsv.exe
19:08:05.0094 6956  Spooler - ok
19:08:05.0185 6956  [ D15DA1BA189770D93EEA2D7E18F95AF9 ] sptd            C:\Windows\System32\Drivers\sptd.sys
19:08:05.0217 6956  sptd - ok
19:08:05.0294 6956  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv            C:\Windows\system32\DRIVERS\srv.sys
19:08:05.0299 6956  srv - ok
19:08:05.0331 6956  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:08:05.0334 6956  srv2 - ok
19:08:05.0341 6956  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:08:05.0343 6956  srvnet - ok
19:08:05.0358 6956  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
19:08:05.0366 6956  SSDPSRV - ok
19:08:05.0383 6956  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc        C:\Windows\system32\sstpsvc.dll
19:08:05.0388 6956  SstpSvc - ok
19:08:05.0470 6956  [ 71679F24D0D0B2C6403BB5AC57026E99 ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_6fa9efce\STacSV.exe
19:08:05.0472 6956  STacSV - ok
19:08:05.0518 6956  [ 68A0D39E357DD7A234B1D4F1E844C615 ] STHDA          C:\Windows\system32\drivers\stwrt.sys
19:08:05.0523 6956  STHDA - ok
19:08:05.0602 6956  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
19:08:05.0627 6956  stisvc - ok
19:08:05.0667 6956  [ 51778FD315C9882F1CBD932743E62A72 ] stllssvr        C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
19:08:05.0669 6956  stllssvr - ok
19:08:05.0692 6956  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
19:08:05.0693 6956  swenum - ok
19:08:05.0767 6956  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv          C:\Windows\System32\swprv.dll
19:08:05.0774 6956  swprv - ok
19:08:05.0812 6956  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx        C:\Windows\system32\drivers\symc8xx.sys
19:08:05.0814 6956  Symc8xx - ok
19:08:05.0835 6956  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
19:08:05.0836 6956  Sym_hi - ok
19:08:05.0859 6956  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
19:08:05.0860 6956  Sym_u3 - ok
19:08:05.0939 6956  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain        C:\Windows\system32\sysmain.dll
19:08:05.0964 6956  SysMain - ok
19:08:06.0098 6956  [ 9D40AC2003DCA9F045181241C2BF47A2 ] SystemStoreService C:\Program Files\SoftwareUpdater\SystemStore.exe
19:08:06.0102 6956  SystemStoreService - ok
19:08:06.0144 6956  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:08:06.0148 6956  TabletInputService - ok
19:08:06.0175 6956  [ 126D7B3B4C7B724491C604060E1F4E14 ] tandpl          C:\Windows\system32\drivers\tandpl.sys
19:08:06.0176 6956  tandpl - ok
19:08:06.0239 6956  [ B7AEE68D2E867CBF69B649B18FCEDBBB ] tap0901t        C:\Windows\system32\DRIVERS\tap0901t.sys
19:08:06.0240 6956  tap0901t - ok
19:08:06.0305 6956  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv        C:\Windows\System32\tapisrv.dll
19:08:06.0312 6956  TapiSrv - ok
19:08:06.0344 6956  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS            C:\Windows\System32\tbssvc.dll
19:08:06.0348 6956  TBS - ok
19:08:06.0439 6956  [ 548E198BAE21EFC21F8B5F0C1728AD27 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
19:08:06.0464 6956  Tcpip - ok
19:08:06.0492 6956  [ 548E198BAE21EFC21F8B5F0C1728AD27 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
19:08:06.0500 6956  Tcpip6 - ok
19:08:06.0560 6956  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:08:06.0561 6956  tcpipreg - ok
19:08:06.0591 6956  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:08:06.0592 6956  TDPIPE - ok
19:08:06.0625 6956  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
19:08:06.0626 6956  TDTCP - ok
19:08:06.0699 6956  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
19:08:06.0702 6956  tdx - ok
19:08:06.0831 6956  [ 9F3E7CABE86BBDECA009DE291DB6D9E2 ] TeamViewer8    C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
19:08:06.0929 6956  TeamViewer8 - ok
19:08:06.0965 6956  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
19:08:06.0967 6956  TermDD - ok
19:08:07.0043 6956  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService    C:\Windows\System32\termsrv.dll
19:08:07.0077 6956  TermService - ok
19:08:07.0100 6956  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
19:08:07.0105 6956  Themes - ok
19:08:07.0175 6956  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER    C:\Windows\system32\mmcss.dll
19:08:07.0178 6956  THREADORDER - ok
19:08:07.0225 6956  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
19:08:07.0229 6956  TrkWks - ok
19:08:07.0314 6956  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:08:07.0315 6956  TrustedInstaller - ok
19:08:07.0340 6956  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:08:07.0341 6956  tssecsrv - ok
19:08:07.0419 6956  [ 9379C2DFCB93F4A66EF5BD8EA0C3A56A ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
19:08:07.0460 6956  TuneUp.UtilitiesSvc - ok
19:08:07.0480 6956  [ F2107C9D85EC0DF116939CCCE06AE697 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys
19:08:07.0481 6956  TuneUpUtilitiesDrv - ok
19:08:07.0511 6956  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp          C:\Windows\system32\DRIVERS\tunmp.sys
19:08:07.0512 6956  tunmp - ok
19:08:07.0527 6956  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:08:07.0528 6956  tunnel - ok
19:08:07.0592 6956  [ 0F744A57BFA0B92AA5A626CF7DD2A667 ] TunngleService  C:\Program Files\Tunngle\TnglCtrl.exe
19:08:07.0617 6956  TunngleService - ok
19:08:07.0655 6956  [ C3ADE15414120033A36C0F293D4A4121 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:08:07.0656 6956  uagp35 - ok
19:08:07.0732 6956  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:08:07.0736 6956  udfs - ok
19:08:07.0765 6956  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect      C:\Windows\system32\UI0Detect.exe
19:08:07.0769 6956  UI0Detect - ok
19:08:07.0792 6956  [ 6D72EF05921ABDF59FC45C7EBFE7E8DD ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:08:07.0793 6956  uliagpkx - ok
19:08:07.0825 6956  [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci        C:\Windows\system32\drivers\uliahci.sys
19:08:07.0829 6956  uliahci - ok
19:08:07.0853 6956  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
19:08:07.0856 6956  UlSata - ok
19:08:07.0880 6956  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2        C:\Windows\system32\drivers\ulsata2.sys
19:08:07.0882 6956  ulsata2 - ok
19:08:07.0914 6956  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
19:08:07.0915 6956  umbus - ok
19:08:07.0991 6956  [ BB879DCFD22926EFBEB3298129898CBB ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
19:08:07.0992 6956  UnlockerDriver5 - ok
19:08:08.0024 6956  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
19:08:08.0031 6956  upnphost - ok
19:08:08.0070 6956  [ EC01DA44B090D2651FC032C8B9257232 ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
19:08:08.0071 6956  upperdev - ok
19:08:08.0112 6956  [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL        C:\Windows\system32\Drivers\usbaapl.sys
19:08:08.0113 6956  USBAAPL - ok
19:08:08.0204 6956  [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
19:08:08.0206 6956  usbaudio - ok
19:08:08.0248 6956  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
19:08:08.0250 6956  usbccgp - ok
19:08:08.0298 6956  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:08:08.0299 6956  usbcir - ok
19:08:08.0375 6956  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
19:08:08.0376 6956  usbehci - ok
19:08:08.0423 6956  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:08:08.0427 6956  usbhub - ok
19:08:08.0468 6956  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci        C:\Windows\system32\drivers\usbohci.sys
19:08:08.0469 6956  usbohci - ok
19:08:08.0499 6956  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:08:08.0500 6956  usbprint - ok
19:08:08.0524 6956  [ A508C9BD8724980512136B039BBA65E9 ] usbscan        C:\Windows\system32\DRIVERS\usbscan.sys
19:08:08.0525 6956  usbscan - ok
19:08:08.0598 6956  [ D575246188F63DE0ACCF6EAC5FB59E6A ] usbser          C:\Windows\system32\DRIVERS\usbser.sys
19:08:08.0599 6956  usbser - ok
19:08:08.0634 6956  [ 4ABD37CFBD710E64F01F9DA8710C73F7 ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
19:08:08.0635 6956  UsbserFilt - ok
19:08:08.0660 6956  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:08:08.0662 6956  USBSTOR - ok
19:08:08.0688 6956  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci        C:\Windows\system32\DRIVERS\usbuhci.sys
19:08:08.0689 6956  usbuhci - ok
19:08:08.0767 6956  [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
19:08:08.0770 6956  usbvideo - ok
19:08:08.0849 6956  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms          C:\Windows\System32\uxsms.dll
19:08:08.0853 6956  UxSms - ok
19:08:08.0895 6956  [ 78D5D896658251EAF9BDC3E138008E5E ] UxTuneUp        C:\Windows\System32\uxtuneup.dll
19:08:08.0899 6956  UxTuneUp - ok
19:08:08.0976 6956  [ CD88D1B7776DC17A119049742EC07EB4 ] vds            C:\Windows\System32\vds.exe
19:08:09.0007 6956  vds - ok
19:08:09.0076 6956  [ 87B06E1F30B749A114F74622D013F8D4 ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
19:08:09.0078 6956  vga - ok
19:08:09.0103 6956  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave        C:\Windows\System32\drivers\vga.sys
19:08:09.0104 6956  VgaSave - ok
19:08:09.0143 6956  [ D5929A28BDFF4367A12CAF06AF901971 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
19:08:09.0144 6956  viaagp - ok
19:08:09.0187 6956  [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7          C:\Windows\system32\drivers\viac7.sys
19:08:09.0189 6956  ViaC7 - ok
19:08:09.0216 6956  [ 58C8D5AC5C3EEF40E7E704A5CED7987D ] viaide          C:\Windows\system32\drivers\viaide.sys
19:08:09.0217 6956  viaide - ok
19:08:09.0243 6956  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:08:09.0245 6956  volmgr - ok
19:08:09.0288 6956  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
19:08:09.0293 6956  volmgrx - ok
19:08:09.0352 6956  [ 786DB5771F05EF300390399F626BF30A ] volsnap        C:\Windows\system32\drivers\volsnap.sys
19:08:09.0354 6956  volsnap - ok
19:08:09.0385 6956  [ D984439746D42B30FC65A4C3546C6829 ] vsmraid        C:\Windows\system32\drivers\vsmraid.sys
19:08:09.0388 6956  vsmraid - ok
19:08:09.0473 6956  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS            C:\Windows\system32\vssvc.exe
19:08:09.0507 6956  VSS - ok
19:08:09.0532 6956  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time        C:\Windows\system32\w32time.dll
19:08:09.0539 6956  W32Time - ok
19:08:09.0567 6956  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
19:08:09.0568 6956  WacomPen - ok
19:08:09.0599 6956  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
19:08:09.0601 6956  Wanarp - ok
19:08:09.0611 6956  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:08:09.0613 6956  Wanarpv6 - ok
19:08:09.0637 6956  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc        C:\Windows\System32\wcncsvc.dll
19:08:09.0671 6956  wcncsvc - ok
19:08:09.0694 6956  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:08:09.0698 6956  WcsPlugInService - ok
19:08:09.0732 6956  [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd              C:\Windows\system32\drivers\wd.sys
19:08:09.0733 6956  Wd - ok
19:08:09.0775 6956  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:08:09.0783 6956  Wdf01000 - ok
19:08:09.0830 6956  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:08:09.0835 6956  WdiServiceHost - ok
19:08:09.0840 6956  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost  C:\Windows\system32\wdi.dll
19:08:09.0844 6956  WdiSystemHost - ok
19:08:09.0914 6956  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient      C:\Windows\System32\webclnt.dll
19:08:09.0921 6956  WebClient - ok
19:08:09.0951 6956  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:08:09.0956 6956  Wecsvc - ok
19:08:09.0973 6956  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
19:08:09.0978 6956  wercplsupport - ok
19:08:09.0997 6956  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:08:10.0004 6956  WerSvc - ok
19:08:10.0091 6956  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend      C:\Program Files\Windows Defender\mpsvc.dll
19:08:10.0095 6956  WinDefend - ok
19:08:10.0111 6956  WinHttpAutoProxySvc - ok
19:08:10.0158 6956  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
19:08:10.0161 6956  Winmgmt - ok
19:08:10.0265 6956  [ 845AF1BA23C8D5E64DEF61BCC441604C ] WinRing0_1_2_0  C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys
19:08:10.0265 6956  WinRing0_1_2_0 - ok
19:08:10.0321 6956  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM          C:\Windows\system32\WsmSvc.dll
19:08:10.0355 6956  WinRM - ok
19:08:10.0437 6956  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc        C:\Windows\System32\wlansvc.dll
19:08:10.0461 6956  Wlansvc - ok
19:08:10.0538 6956  [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:08:10.0579 6956  wlidsvc - ok
19:08:10.0615 6956  [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi        C:\Windows\system32\drivers\wmiacpi.sys
19:08:10.0616 6956  WmiAcpi - ok
19:08:10.0695 6956  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:08:10.0698 6956  wmiApSrv - ok
19:08:10.0756 6956  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc  C:\Program Files\Windows Media Player\wmpnetwk.exe
19:08:10.0781 6956  WMPNetworkSvc - ok
19:08:10.0860 6956  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:08:10.0866 6956  WPCSvc - ok
19:08:10.0889 6956  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:08:10.0894 6956  WPDBusEnum - ok
19:08:10.0946 6956  [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
19:08:10.0947 6956  WpdUsb - ok
19:08:11.0083 6956  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:08:11.0097 6956  WPFFontCache_v0400 - ok
19:08:11.0133 6956  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
19:08:11.0134 6956  ws2ifsl - ok
19:08:11.0218 6956  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\System32\wscsvc.dll
19:08:11.0222 6956  wscsvc - ok
19:08:11.0233 6956  WSearch - ok
19:08:11.0358 6956  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
19:08:11.0407 6956  wuauserv - ok
19:08:11.0485 6956  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:08:11.0487 6956  WudfPf - ok
19:08:11.0510 6956  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:08:11.0513 6956  WUDFRd - ok
19:08:11.0582 6956  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
19:08:11.0587 6956  wudfsvc - ok
19:08:11.0624 6956  yeddef - ok
19:08:11.0642 6956  ================ Scan global ===============================
19:08:11.0710 6956  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
19:08:11.0779 6956  [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
19:08:11.0805 6956  [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
19:08:11.0875 6956  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
19:08:11.0880 6956  [Global] - ok
19:08:11.0883 6956  ================ Scan MBR ==================================
19:08:11.0896 6956  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
19:08:12.0374 6956  \Device\Harddisk0\DR0 - ok
19:08:12.0379 6956  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk5\DR5
19:08:12.0385 6956  \Device\Harddisk5\DR5 - ok
19:08:12.0385 6956  ================ Scan VBR ==================================
19:08:12.0413 6956  [ F7297495F7C9157D4AEE0F3209B095F9 ] \Device\Harddisk0\DR0\Partition1
19:08:12.0414 6956  \Device\Harddisk0\DR0\Partition1 - ok
19:08:12.0421 6956  [ 1AEFFC4B827172B5C9984DB34F64F57E ] \Device\Harddisk0\DR0\Partition2
19:08:12.0422 6956  \Device\Harddisk0\DR0\Partition2 - ok
19:08:12.0430 6956  [ 118CF0F08453417A3A938C836AE64423 ] \Device\Harddisk5\DR5\Partition1
19:08:12.0433 6956  \Device\Harddisk5\DR5\Partition1 - ok
19:08:12.0433 6956  ============================================================
19:08:12.0433 6956  Scan finished
19:08:12.0433 6956  ============================================================
19:08:12.0446 6564  Detected object count: 5
19:08:12.0446 6564  Actual detected object count: 5
19:09:57.0391 6564  clr_optimization_v4.0.30319_32 ( HiddenFile.Multi.Generic ) - skipped by user
19:09:57.0391 6564  clr_optimization_v4.0.30319_32 ( HiddenFile.Multi.Generic ) - User select action: Skip
19:09:57.0395 6564  NetMsmqActivator ( HiddenFile.Multi.Generic ) - skipped by user
19:09:57.0395 6564  NetMsmqActivator ( HiddenFile.Multi.Generic ) - User select action: Skip
19:09:57.0396 6564  NetPipeActivator ( HiddenFile.Multi.Generic ) - skipped by user
19:09:57.0396 6564  NetPipeActivator ( HiddenFile.Multi.Generic ) - User select action: Skip
19:09:57.0399 6564  NetTcpActivator ( HiddenFile.Multi.Generic ) - skipped by user
19:09:57.0399 6564  NetTcpActivator ( HiddenFile.Multi.Generic ) - User select action: Skip
19:09:57.0401 6564  NetTcpPortSharing ( HiddenFile.Multi.Generic ) - skipped by user
19:09:57.0401 6564  NetTcpPortSharing ( HiddenFile.Multi.Generic ) - User select action: Skip
19:10:15.0147 4176  Deinitialize success
Das Logfile vonaswMBR.exe:

Code:
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-07-17 19:14:53
-----------------------------
19:14:53.584    OS Version: Windows 6.0.6002 Service Pack 2
19:14:53.585    Number of processors: 2 586 0xF02
19:14:53.586    ComputerName: BASTI-PC  UserName: Basti
19:15:09.258    Initialize success
19:16:09.453    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-2
19:16:09.457    Disk 0 Vendor: WDC_WD32 21.0 Size: 305245MB BusType: 8
19:16:09.694    Disk 0 MBR read successfully
19:16:09.696    Disk 0 MBR scan
19:16:09.699    Disk 0 Windows VISTA default MBR code
19:16:09.714    Disk 0 Partition 1 00    DE Dell Utility Dell 8.0      54 MB offset 63
19:16:09.723    Disk 0 Partition 2 00    07    HPFS/NTFS NTFS        10240 MB offset 112640
19:16:09.738    Disk 0 Partition 3 80 (A) 07    HPFS/NTFS NTFS      294949 MB offset 21084160
19:16:09.756    Disk 0 scanning sectors +625139712
19:16:10.034    Disk 0 scanning C:\Windows\system32\drivers
19:16:34.414    Service scanning
19:16:53.066    Service kl1 C:\Windows\system32\DRIVERS\kl1.sys **LOCKED** 5
19:16:53.268    Service KLIM6 C:\Windows\system32\DRIVERS\klim6.sys **LOCKED** 5
19:16:53.423    Service klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys **LOCKED** 5
19:16:53.591    Service klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys **LOCKED** 5
19:16:53.635    Service kltdi C:\Windows\system32\DRIVERS\kltdi.sys **LOCKED** 5
19:16:53.703    Service kneps C:\Windows\system32\DRIVERS\kneps.sys **LOCKED** 5
19:17:11.147    Modules scanning
19:17:46.377    Disk 0 trace - called modules:
19:17:46.405    ntkrnlpa.exe CLASSPNP.SYS disk.sys sfsync03.sys hal.dll prosync1.sys iastor.sys
19:17:46.410    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89877968]
19:17:46.417    3 CLASSPNP.SYS[837938b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-2[0x86994028]
19:17:46.422    Scan finished successfully
19:18:07.365    Disk 0 MBR has been saved successfully to "C:\Users\Basti\Desktop\MBR.dat"
19:18:07.393    The log file has been saved successfully to "C:\Users\Basti\Desktop\aswMBR.txt"
Und das Logfile von FSS(.txt):

Code:
Farbar Service Scanner Version: 13-07-2013
Ran by Basti (administrator) on 17-07-2013 at 19:20:10
Running from "C:\Users\Basti\Desktop"
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.
Checking LEGACY_SDRSVC: ATTENTION!=====> Unable to open LEGACY_SDRSVC\0000 registry key. The key does not exist.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Security Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
RpcSs Service is not running. Checking service configuration:
The start type of RpcSs service is OK.
The ImagePath of RpcSs service is OK.


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2013-07-07 17:12] - [2013-04-24 06:00] - 0133120 ____A (Microsoft Corporation) 3EDE4C1F9672C972479201544969ADCB

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****
Viele Grüße,
Basti

DerJazzer 17.07.2013 19:12
Was ist mit dem Log von MBAM?

Basti1995 17.07.2013 19:18
Welches Programm soll das MBAM Log erzeugen?

Habe ich etwas übersehen?

DerJazzer 17.07.2013 19:20
Ich zitiere dich mal kurz:
Zitat:
Ich habe mir eben Malwarebytes Anti-Malware runtergeladen, dabei und auch während des Nutzens, den KIS ausgeschaltet. M. A-M fand 21 "infizierte Objekte",
Dazu wird es in der Loganzeige von Malwarebytes AntiMalware (MBAM) ein Log zu geben, das die Funde enthält. Das hätte ich gern ;)

Basti1995 17.07.2013 19:25
Ach Gott - entschuldige bitte, bei dem Durcheinander komme ich echt durcheinander :(

Hier das gewünschte MBAM Logfile:
Code:
Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.07.17.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Basti :: BASTI-PC [Administrator]

Schutz: Deaktiviert

17.07.2013 19:46:51
mbam-log-2013-07-17 (19-46-51).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 341199
Laufzeit: 8 Minute(n), 5 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 13
HKCR\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3} (PUP.VShareRedir) -> Keine Aktion durchgeführt.
HKCR\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000} (PUP.VShareRedir) -> Keine Aktion durchgeführt.
HKCR\MyNewsBarLauncher.IE5BarLauncherBHO.1 (PUP.VShareRedir) -> Keine Aktion durchgeführt.
HKCR\MyNewsBarLauncher.IE5BarLauncherBHO (PUP.VShareRedir) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Keine Aktion durchgeführt.
HKCR\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Keine Aktion durchgeführt.
HKCR\MyNewsBarLauncher.IE5BarLauncher.1 (PUP.VShareRedir) -> Keine Aktion durchgeführt.
HKCR\MyNewsBarLauncher.IE5BarLauncher (PUP.VShareRedir) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Daten: ;áÃzÊ;XA³0öm»Áµ -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Daten:  -> Keine Aktion durchgeführt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 1
C:\Program Files\Object (PUP.FCTPlugin) -> Keine Aktion durchgeführt.

Infizierte Dateien: 4
C:\Program Files\STARTSEARCH PLUGIN\SSBARLCHER.DLL (PUP.VShareRedir) -> Keine Aktion durchgeführt.
C:\Program Files\Object\status.txt (PUP.FCTPlugin) -> Keine Aktion durchgeführt.
C:\Program Files\Object\enable.txt (PUP.FCTPlugin) -> Keine Aktion durchgeführt.
C:\Program Files\Object\status2.txt (PUP.FCTPlugin) -> Keine Aktion durchgeführt.

(Ende)

DerJazzer 17.07.2013 19:31
Kein Problem ;)

Also das Log zeigt nichts sonderlich gefährliches, und auch die anderen Logs sind sauber...

Schritt 1

Zitat:
ich kann nicht mal mehr Objekte in einen Ordner verschieben oder etwas löschen! (explorer.exe funktioniert nicht mehr)
Welche Fehlermeldung kommt genau?
Auf die Fehlermeldung hin freezt der Desktop, hab ich recht? Versuche mal über Taskmanager -> Neuer Task --> "explorer.exe" eingeben die explorer.exe neu zu starten. Berichte.

Basti1995 17.07.2013 19:44
Leider brachte das Neuerstellen der explorer.exe nichts!

Fehlermeldungenn kommt z.B.:

- wenn ich etwas in den Papierkorb verschieben möchte
- etwas in einen Ordner verschieben möchte

Dann kommt nur "explorer.exe funktioniert nicht mehr", daraufhin schließt sich das Programm und der Explorer, der Explorer wird im Anschluss neugestartet!

Die Meldung vom KIS2013 hatte ich bereits unten geschrieben:
Zitat:
"Der Serviceteil des Programms wurde aus dem Arbeitsspeicher des Computers entladen."
Was kann ich bloß tun?

Würde eine Systemwiederherstellung helfen?

Und auch die infizierten Registrierungsschlüssel sind nicht gefährlich?? (siehe MBAM-Log)

EDIT:
Auch eine Systemwiederherstellung geht nicht mehr! :(
http://i33.servimg.com/u/f33/14/25/50/03/fehler10.jpg

EDIT2:
Ich habe eben den Rechner neugestartet, nun geht wieder alles soweit, auch KIS funktionierte wieder..dann zeigte mir Windows an, das Probleme mit dem Computer waren, ich klickte alle and und dann auf "Lösungen suchen", auf einmal gab es nur noch einen BlueScreen! :O Das Hochfahren dauerte seehr lange, aber immerhin ist er wieder hochgefahren! Anbei ein Bild:
https://fbcdn-sphotos-h-a.akamaihd.n...380c4de8a96a75

DerJazzer 17.07.2013 20:47
Liste der Anhänge anzeigen (Anzahl: 1)
Merkwürdig... Ehrlichgesagt zweifele ich immer mehr daran, dass das Problem im Malware-Bereich zu suchen ist...
Zitat:
Und auch die infizierten Registrierungsschlüssel sind nicht gefährlich?? (siehe MBAM-Log)
Das sind alles nur PUPs (also Potenziell Unwanted Programs), also auch nur Potenziell gefährlich.

Bitte downloade dir die angehängt Datei, führe sie aus und bestätige den Sicherheitshinweis.

Poste bitte danach ein neues FSS (Farbars Service Scanner) - Log.

Basti1995 18.07.2013 15:28
Hi,

ich kann die Datei nicht installieren -> Zugriff nicht erlaubt.

Was soll ich tun?

DerJazzer 18.07.2013 15:45
Ist das nicht das Admin-Konto?

Probier mal die Datei per Rechtsklick --> "Als Administrator ausführen" zu starten.

Basti1995 18.07.2013 15:48
Es ist das Admin-Konto, den Button "Als Admin ausführen" gibt es leider nicht, ich war selber verwundert!


Alle Zeitangaben in WEZ +1. Es ist jetzt 00:20 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131