Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Email Account gehackt, Trojaner installiert?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 18.11.2011, 22:33   #1
kornhulio
 
Email Account gehackt, Trojaner installiert? - Standard

Email Account gehackt, Trojaner installiert?



Hallo,
von meinem GMX werden seit kurzem Spam Emails an zufällige und teilweise ungültige Email Adressen versendet. Ich habe von GMX auch bereits eine Email erhalten das mein account wohlmöglich gehackt wurde und das Versenden von Emails vorerst deaktiviert wurde. Ich habe mein Passwort bereits geändert, befürchte aber, dass eventuell Trojaner oder ähnliches auf meinem Rechner installiert sein könnten. Die OTL Logs sind weiter unten gepostet. Gmer habe ich nicht ausgeführt da ich ein 64 Bit System habe. Ich hoffe ihr könnt mir weiterhelfen. Vielen Dank im voraus schonmal

OTL Extras logfile created on: 18.11.2011 22:08:52 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = F:\Downloads
64bit- Professional (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,91 Gb Total Physical Memory | 1,89 Gb Available Physical Memory | 48,24% Memory free
7,82 Gb Paging File | 5,13 Gb Available in Paging File | 65,63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 109,22 Gb Total Space | 59,56 Gb Free Space | 54,53% Space Free | Partition Type: NTFS
Drive D: | 4,24 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 136,72 Gb Total Space | 118,10 Gb Free Space | 86,38% Space Free | Partition Type: NTFS
Drive F: | 205,08 Gb Total Space | 136,38 Gb Free Space | 66,50% Space Free | Partition Type: NTFS

Computer Name: EDDY-PC | User Name: Eddy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- F:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "E:\Programme\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "E:\Programme\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "E:\Programme\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "E:\Programme\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416024FF}" = Java(TM) 6 Update 24 (64-bit)
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}" = Intel(R) PROSet/Wireless WiFi-Software
"{56BAC4EE-B1DA-42A7-ACA5-7A353F2ED1DA}" = Validity Sensors DDK
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{975DFE7C-8E56-45BC-A329-401E6B1F8102}" = Dell Backup and Recovery Manager
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A139EC3F-DF45-99FE-DE96-4E6E2CE36CE7}" = ATI AVIVO64 Codecs
"{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}" = PaperPort Image Printer 64-bit
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B542E96F-9AC3-212D-BAB4-D66BC295AEDE}" = ccc-utility64
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.0
"{C0C2D40A-1231-46FA-8F02-B45E6BF2036A}" = DigitalPersona Fingerprint Software 5.20
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E033338C-BDDC-63E2-918F-15169BCD4492}" = ATI Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Dell Support Center" = Dell Support Center
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"ProInst" = Intel PROSet Wireless

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{022DF03A-678C-AC30-3819-BCD3227564C8}" = Catalyst Control Center InstallProxy
"{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}" = ScanSoft PaperPort 11
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F48FF9D-281D-7F2C-8F66-45C40DC7E013}" = CCC Help Japanese
"{184BF682-537C-4CAE-8789-6696508A4032}" = Brother MFL-Pro Suite MFC-5895CW
"{193407D5-C986-22F3-1694-4F9625E503AA}" = ccc-core-static
"{1C433C00-DA63-51AB-4D8E-9377432763C5}" = CCC Help Dutch
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2419CAAE-0B3E-6896-D47D-04026ECA00F1}" = CCC Help Swedish
"{2434D575-4014-8528-FC00-0EF27CE0F50E}" = CCC Help Chinese Traditional
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3612864B-2293-CD9D-5BF3-4598102C33CA}" = CCC Help Spanish
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{38A09062-500A-3CE0-E843-F8ED59CC8D24}" = CCC Help Portuguese
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{453AD50D-00F8-D8B4-4F29-390B0E13A617}" = CCC Help Korean
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{55D0A664-DD43-9976-D01D-8A9DF99DBBAF}" = CCC Help Finnish
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5CCB3104-F556-C34D-A953-EF7383002A7C}" = CCC Help German
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669EE176-1A65-12C0-7AA1-38FB30FEDE93}" = CCC Help English
"{66E1241C-B39B-496A-BDDF-23121D2AFF98}" = Catalyst Control Center - Branding
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83D47EC0-35CD-E315-14F5-4533D3F727EF}" = CCC Help Chinese Standard
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = AccelerometerP11
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{891D6D33-1824-1C11-DB44-205736478E74}" = PX Profile Update
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A943BFF-F4FB-A63D-073D-8F747E1F6A36}" = CCC Help Danish
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A4A712B1-C542-0AA9-A7ED-0453EB18DAAC}" = Catalyst Control Center Localization All
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.5
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B12B2D78-0FDC-29D3-7DDB-375C5FC8FAD9}" = CCC Help Norwegian
"{BED0B8A2-2986-49F8-90D6-FA008D37A3D2}" = Trend Micro Client/Server Security Agent
"{C181E444-FEF3-4DB7-8A6E-F09791C18346}" = Eu3 - DEMO
"{C1C10CA1-0DC0-650A-4434-98516DE45B4D}" = Catalyst Control Center Profiles Mobile
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C3B09208-B8B9-9890-AF04-F17D6383D7B7}" = CCC Help Italian
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C5EB9B5A-2964-D5A3-869A-520448200FC3}" = PowerXpressHybrid
"{C5F626FE-14BE-6A63-BCC1-43633997AB99}" = CCC Help French
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5D03B2E-B2D4-477F-A60D-8E1969D821FA}" = Adobe Flash Player 10 ActiveX
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver
"{F2ED896D-9825-6718-4824-A2E497324703}" = CCC Help Russian
"{F84906ED-BB54-4889-B131-FED9C9056FC8}" = Intel(R) Wireless Display
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"avast" = avast! Free Antivirus
"Dell Webcam Central" = Dell Webcam Central
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.5
"Mozilla Firefox 7.0.1 (x86 de)" = Mozilla Firefox 7.0.1 (x86 de)
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Steam App 10500" = Empire: Total War
"vShare.tv plugin" = vShare.tv plugin 1.3
"WinLiveSuite" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 03.11.2011 17:55:25 | Computer Name = Eddy-PC | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC

Error - 03.11.2011 17:55:25 | Computer Name = Eddy-PC | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC

Error - 03.11.2011 17:55:25 | Computer Name = Eddy-PC | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC

Error - 03.11.2011 17:55:25 | Computer Name = Eddy-PC | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC

Error - 03.11.2011 17:55:25 | Computer Name = Eddy-PC | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC

Error - 03.11.2011 17:55:25 | Computer Name = Eddy-PC | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC

Error - 03.11.2011 17:55:25 | Computer Name = Eddy-PC | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC

Error - 03.11.2011 17:55:25 | Computer Name = Eddy-PC | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC

Error - 03.11.2011 17:55:25 | Computer Name = Eddy-PC | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC

Error - 03.11.2011 17:55:25 | Computer Name = Eddy-PC | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC

[ System Events ]
Error - 02.11.2011 01:12:58 | Computer Name = Eddy-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053

Error - 05.11.2011 23:03:22 | Computer Name = Eddy-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Steam Client Service erreicht.

Error - 05.11.2011 23:03:22 | Computer Name = Eddy-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053

Error - 09.11.2011 17:58:01 | Computer Name = Eddy-PC | Source = DCOM | ID = 10010
Description =

Error - 11.11.2011 09:22:51 | Computer Name = Eddy-PC | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 11.11.2011 14:13:04 | Computer Name = Eddy-PC | Source = Tcpip | ID = 4199
Description = Das System hat einen Adressenkonflikt der IP-Adresse 192.168.1.2 mit
dem Computer mit der Netzwerkhardwareadresse 00-1F-1F-A6-F8-91 ermittelt. Netzwerkvorgänge
könnten daher auf diesem System unterbrochen werden.

Error - 11.11.2011 14:19:40 | Computer Name = Eddy-PC | Source = DCOM | ID = 10010
Description =

Error - 13.11.2011 05:48:39 | Computer Name = Eddy-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Steam Client Service erreicht.

Error - 13.11.2011 05:48:39 | Computer Name = Eddy-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053

Error - 13.11.2011 09:38:26 | Computer Name = Eddy-PC | Source = BROWSER | ID = 8032
Description =


< End of report >



OTL logfile created on: 18.11.2011 22:08:48 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = F:\Downloads
64bit- Professional (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,91 Gb Total Physical Memory | 1,89 Gb Available Physical Memory | 48,24% Memory free
7,82 Gb Paging File | 5,13 Gb Available in Paging File | 65,63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 109,22 Gb Total Space | 59,56 Gb Free Space | 54,53% Space Free | Partition Type: NTFS
Drive D: | 4,24 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 136,72 Gb Total Space | 118,10 Gb Free Space | 86,38% Space Free | Partition Type: NTFS
Drive F: | 205,08 Gb Total Space | 136,38 Gb Free Space | 66,50% Space Free | Partition Type: NTFS

Computer Name: EDDY-PC | User Name: Eddy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.11.18 22:07:22 | 000,584,192 | ---- | M] (OldTimer Tools) -- F:\Downloads\OTL.exe
PRC - [2011.11.18 22:05:38 | 000,050,477 | ---- | M] () -- F:\Downloads\Defogger.exe
PRC - [2011.11.13 10:48:27 | 000,419,624 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2011.11.09 06:16:46 | 000,924,632 | ---- | M] (Mozilla Corporation) -- F:\Programme\Mozilla Firefox\firefox.exe
PRC - [2011.10.15 13:29:30 | 001,242,448 | ---- | M] (Valve Corporation) -- E:\Spiele\Total War Empire\steam.exe
PRC - [2011.09.06 21:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- E:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2011.09.06 21:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- E:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2010.12.29 19:54:10 | 000,740,688 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
PRC - [2010.12.15 16:46:50 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
PRC - [2010.11.17 18:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010.11.17 16:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2010.11.06 05:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.11.06 05:54:20 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.11.03 18:01:34 | 000,983,104 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2010.11.03 18:01:20 | 001,298,496 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2010.11.03 17:53:28 | 000,897,088 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2010.11.03 17:53:06 | 000,979,008 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
PRC - [2010.10.06 03:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.10.06 03:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.09.14 04:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010.09.14 04:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010.08.20 00:06:56 | 000,487,562 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2010.07.05 19:37:32 | 000,045,056 | ---- | M] (Trend Micro Inc.) -- C:\Program Files (x86)\Trend Micro\Client Server Security Agent\HostedAgent\svcGenericHost.exe
PRC - [2010.07.05 19:37:28 | 000,017,920 | ---- | M] (Trend Micro Inc.) -- C:\Program Files (x86)\Trend Micro\Client Server Security Agent\HostedAgent\HostedAgent.exe
PRC - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2009.07.06 20:22:04 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
PRC - [2009.05.16 01:44:06 | 000,435,584 | ---- | M] (Trend Micro Inc.) -- C:\Program Files (x86)\Trend Micro\Client Server Security Agent\CNTAoSMgr.exe
PRC - [2009.02.24 14:47:06 | 000,143,360 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe


========== Modules (No Company Name) ==========

MOD - [2011.11.18 22:05:38 | 000,050,477 | ---- | M] () -- F:\Downloads\Defogger.exe
MOD - [2011.11.13 10:48:26 | 014,410,024 | ---- | M] () -- E:\Spiele\Total War Empire\bin\libcef.dll
MOD - [2011.11.13 10:48:26 | 000,914,216 | ---- | M] () -- E:\Spiele\Total War Empire\bin\avcodec-52.dll
MOD - [2011.11.13 10:48:26 | 000,194,344 | ---- | M] () -- E:\Spiele\Total War Empire\bin\chromehtml.dll
MOD - [2011.11.13 10:48:26 | 000,155,432 | ---- | M] () -- E:\Spiele\Total War Empire\bin\avformat-52.dll
MOD - [2011.11.13 10:48:26 | 000,091,432 | ---- | M] () -- E:\Spiele\Total War Empire\bin\avutil-50.dll
MOD - [2011.11.09 06:16:46 | 001,989,592 | ---- | M] () -- F:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2011.10.24 09:37:42 | 008,522,400 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011.10.23 22:26:55 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\018d2569cf208acbe8ad73908705f607\System.Runtime.Remoting.ni.dll
MOD - [2011.10.23 22:26:55 | 000,014,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\9cdcbab4b98eff0399edc83e8728c516\IAStorCommon.ni.dll
MOD - [2011.10.23 22:26:54 | 003,325,952 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\3136e12cfb8809d39813e76c766c782c\WindowsBase.ni.dll
MOD - [2011.10.23 22:26:52 | 000,475,648 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\5146ed6dcbec6f5cafc972c011e13663\IAStorUtil.ni.dll
MOD - [2011.10.23 22:26:49 | 012,431,360 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d76221993c2fdfb991b8c12ae50a30eb\System.Windows.Forms.ni.dll
MOD - [2011.10.23 22:26:41 | 001,586,688 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e245eb9c1067cabd5673fe832d28613\System.Drawing.ni.dll
MOD - [2011.10.23 22:26:23 | 005,452,800 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\275680f2b9db0501d53c50ea7d7a43f0\System.Xml.ni.dll
MOD - [2011.10.23 22:26:19 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e9ebeb7959f1c916ebf6fca8f7077d6c\System.Configuration.ni.dll
MOD - [2011.10.23 22:26:17 | 007,949,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\95b9866ab6e4437ef5dc5855ebab4e33\System.ni.dll
MOD - [2011.10.23 22:26:11 | 011,490,304 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
MOD - [2011.05.10 16:22:20 | 000,315,392 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2011.05.10 16:22:15 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.12.15 16:46:50 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
MOD - [2010.11.25 04:44:02 | 000,375,280 | ---- | M] () -- c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll
MOD - [2010.11.17 16:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2009.02.27 15:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011.01.27 15:27:22 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.12.03 16:26:34 | 003,143,472 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2010.11.29 21:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2010.09.23 00:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011.11.13 10:48:27 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.09.06 21:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- E:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.01.25 10:57:18 | 000,296,448 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Programme\IDT\WDM\stacsv64.exe -- (STacSV)
SRV - [2010.12.29 19:54:24 | 000,440,144 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Programme\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV - [2010.12.27 23:50:30 | 031,124,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- E:\Programme\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010.12.17 20:41:32 | 001,515,792 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2010.12.17 20:28:46 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV - [2010.12.17 20:26:50 | 000,836,880 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2010.12.03 16:14:58 | 002,696,496 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2010.11.25 11:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010.11.25 11:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010.11.06 05:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010.11.03 18:01:34 | 000,983,104 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2010.11.03 18:01:20 | 001,298,496 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2010.11.03 17:53:28 | 000,897,088 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2010.10.06 03:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010.10.06 03:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010.09.14 04:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010.09.14 04:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010.08.26 02:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010.07.05 19:37:32 | 000,045,056 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files (x86)\Trend Micro\Client Server Security Agent\HostedAgent\svcGenericHost.exe -- (svcGenericHost)
SRV - [2010.06.22 19:27:44 | 002,057,096 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files (x86)\Trend Micro\Client Server Security Agent\tmlisten.exe -- (tmlisten)
SRV - [2010.06.22 19:18:54 | 001,835,912 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files (x86)\Trend Micro\Client Server Security Agent\ntrtscan.exe -- (ntrtscan)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.07.15 23:39:26 | 000,595,960 | ---- | M] (Trend Micro Inc.) [On_Demand | Running] -- C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmPfw.exe -- (TmPfw)
SRV - [2009.07.15 23:36:48 | 000,917,768 | ---- | M] (Trend Micro Inc.) [On_Demand | Running] -- C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmProxy.exe -- (TmProxy)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.03.03 11:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\IDT\WDM\AESTSr64.exe -- (AESTFilters)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.09.06 21:38:18 | 000,601,944 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011.09.06 21:38:16 | 000,301,912 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011.09.06 21:36:41 | 000,058,200 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011.09.06 21:36:41 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011.09.06 21:36:30 | 000,065,368 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011.09.06 21:36:14 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011.03.11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.27 15:57:46 | 008,283,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.01.27 14:51:56 | 000,295,424 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.01.25 10:57:18 | 000,520,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011.01.08 02:42:34 | 012,262,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2011.01.08 02:42:34 | 012,262,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010.12.21 15:08:48 | 008,505,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel(R)
DRV:64bit: - [2010.12.13 15:34:14 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler)
DRV:64bit: - [2010.12.10 22:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.12.10 22:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.12.03 23:32:24 | 000,316,024 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2010.12.01 11:02:22 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2010.11.29 21:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010.11.06 05:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.11.04 11:07:06 | 000,058,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2010.11.04 09:31:44 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2010.10.30 01:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.10.26 20:08:08 | 000,406,632 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.10.20 00:12:58 | 000,274,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2010.10.15 09:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2010.09.21 15:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010.09.14 04:45:52 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010.09.14 04:45:50 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010.09.14 04:45:48 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010.09.14 04:45:44 | 000,760,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010.08.20 17:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)
DRV:64bit: - [2010.08.12 16:51:30 | 000,175,168 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2010.03.19 09:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009.12.31 11:04:57 | 000,360,712 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2009.09.23 02:46:18 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2009.09.23 02:32:39 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2009.09.23 02:32:33 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2009.07.15 23:38:10 | 000,339,984 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmwfp.sys -- (tmwfp)
DRV:64bit: - [2009.07.15 23:37:58 | 000,200,720 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmlwf.sys -- (tmlwf)
DRV:64bit: - [2009.07.15 23:37:36 | 000,107,536 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.06.10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2010.07.31 00:36:38 | 000,025,072 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Programme\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020101}_0)
DRV - [2010.05.11 05:10:54 | 000,265,744 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmXPFlt.sys -- (TmFilter)
DRV - [2010.05.11 05:10:08 | 000,042,000 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmPreFlt.sys -- (TmPreFilter)
DRV - [2010.05.11 04:57:28 | 002,007,056 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Trend Micro\Client Server Security Agent\VSApiNt.sys -- (VSApiNt)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/USSMB/8
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..network.proxy.type: 0

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: E:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: E:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2011.05.10 14:16:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\FirefoxExtension [2011.05.10 14:17:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: E:\Programme\AVAST Software\Avast\WebRep\FF [2011.10.14 18:45:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: F:\Programme\Mozilla Firefox\components [2011.11.09 06:16:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: F:\Programme\Mozilla Firefox\plugins [2011.10.27 17:44:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: F:\Programme\Mozilla Firefox\components [2011.11.09 06:16:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: F:\Programme\Mozilla Firefox\plugins [2011.10.27 17:44:58 | 000,000,000 | ---D | M]

[2011.10.14 17:45:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eddy\AppData\Roaming\mozilla\Extensions
[2011.10.14 17:49:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eddy\AppData\Roaming\mozilla\Firefox\Profiles\03f7fmlx.default\extensions
() (No name found) -- C:\USERS\EDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\03F7FMLX.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg.dll (Trend Micro Inc.)
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - E:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - E:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [DBRMTray] C:\Dell\DBRM\Reminder\DbrmTrayicon.exe (Microsoft)
O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] E:\Programme\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] E:\Programme\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [OfficeScanNT Monitor] C:\Program Files (x86)\Trend Micro\Client Server Security Agent\pccntmon.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RoxWatchTray] c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Steam] E:\Spiele\Total War Empire\Steam.exe (Valve Corporation)
O4:64bit: - HKLM..\RunOnce: [DBRMTray] C:\Dell\DBRM\Reminder\TrayApp.exe (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - E:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - E:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: An OneNote s&enden - E:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - E:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06F77D90-E4D8-4B8A-8E95-E4024565C123}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D5F3B849-8135-430B-A6CE-5F8216231F53}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg32.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe) - C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe (DigitalPersona, Inc.)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - E:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011.11.18 20:02:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2011.11.18 20:02:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011.11.18 20:01:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2011.11.18 20:01:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2011.11.18 20:00:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2011.11.18 19:59:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2011.11.18 19:59:20 | 000,000,000 | ---D | C] -- C:\Users\Eddy\AppData\Local\Microsoft Help
[2011.11.18 19:58:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011.11.18 06:10:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend Micro Client-Server Security Agent
[2011.11.16 22:01:22 | 000,000,000 | ---D | C] -- C:\Users\Eddy\AppData\Local\Google
[2011.11.12 16:12:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.10.30 19:31:42 | 000,000,000 | ---D | C] -- C:\Users\Eddy\AppData\Roaming\pdfforge
[2011.10.30 19:31:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2011.10.27 17:46:44 | 000,000,000 | ---D | C] -- C:\Users\Eddy\AppData\Local\Apple Computer
[2011.10.27 17:46:41 | 000,000,000 | ---D | C] -- C:\Users\Eddy\AppData\Roaming\Apple Computer
[2011.10.27 17:44:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011.10.27 17:44:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011.10.27 17:43:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2011.10.27 17:43:48 | 000,000,000 | ---D | C] -- C:\Users\Eddy\AppData\Local\Apple
[2011.10.27 17:43:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011.10.27 17:43:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011.10.26 18:25:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch)
[2011.10.26 18:16:29 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications
[2011.10.26 12:27:23 | 000,000,000 | ---D | C] -- C:\Users\Eddy\AppData\Local\Diagnostics
[2011.10.25 20:50:53 | 000,000,000 | ---D | C] -- C:\Users\Eddy\AppData\Roaming\SoftGrid Client
[2011.10.25 20:50:53 | 000,000,000 | ---D | C] -- C:\Users\Eddy\AppData\Local\SoftGrid Client
[2011.10.25 20:50:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2011.10.25 20:50:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011.10.25 20:50:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Application Virtualization Client
[2011.10.25 20:50:03 | 000,000,000 | ---D | C] -- C:\Users\Eddy\AppData\Roaming\TP
[2011.10.24 14:04:41 | 000,000,000 | R--D | C] -- C:\Users\Eddy\AppData\Roaming\Brother
[2011.10.24 13:50:54 | 000,000,000 | ---D | C] -- C:\Users\Eddy\AppData\Local\Scansoft
[2011.10.24 13:47:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
[2011.10.24 13:45:27 | 000,073,728 | ---- | C] (Brother Industories Ltd. P&S Company) -- C:\windows\SysWow64\BRCrypt.dll
[2011.10.24 13:45:27 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\BrFaxRx
[2011.10.24 13:45:16 | 000,118,784 | ---- | C] (Brother Industries,LTD.) -- C:\windows\SysWow64\BrMfNt.dll
[2011.10.24 13:45:15 | 000,179,712 | ---- | C] (Brother Industries, Ltd.) -- C:\windows\SysNative\BrfxDA5b.dll
[2011.10.24 13:45:14 | 000,207,872 | ---- | C] (brother) -- C:\windows\SysNative\NSSRH64.dll
[2011.10.24 13:45:14 | 000,082,944 | ---- | C] (Brother Industries, Ltd.) -- C:\windows\SysNative\BrNetSti.dll
[2011.10.24 13:45:14 | 000,058,368 | ---- | C] (Brother Industries,Ltd.) -- C:\windows\SysNative\BrWiaNCp.dll
[2011.10.24 13:45:14 | 000,047,616 | ---- | C] (Brother Industries,Ltd) -- C:\windows\SysNative\Brnsplg.dll
[2011.10.24 13:45:05 | 000,176,128 | ---- | C] (Brother Industries, Ltd.) -- C:\windows\SysWow64\BroSNMP.dll
[2011.10.24 13:45:05 | 000,073,728 | ---- | C] (Brother Industries Ltd.) -- C:\windows\SysWow64\BrDctF2.dll
[2011.10.24 13:45:05 | 000,005,632 | ---- | C] (Brother Industries Ltd.) -- C:\windows\SysWow64\BrDctF2L.dll
[2011.10.24 13:45:05 | 000,003,072 | ---- | C] (Brother Industries Ltd.) -- C:\windows\SysWow64\BrDctF2S.dll
[2011.10.24 13:45:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Brother
[2011.10.24 13:45:03 | 001,560,576 | ---- | C] (Brother Industries, Ltd.) -- C:\windows\SysNative\BrWia09b.dll
[2011.10.24 13:44:58 | 000,167,936 | ---- | C] (brother) -- C:\windows\SysWow64\NSSearch.dll
[2011.10.24 13:41:32 | 000,000,000 | ---D | C] -- C:\Users\Eddy\AppData\Roaming\InstallShield
[2011.10.24 13:39:51 | 000,000,000 | ---D | C] -- C:\Program Files\Nuance
[2011.10.24 13:39:27 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2011.10.24 13:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSoft PaperPort 11
[2011.10.24 13:38:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ScanSoft Shared
[2011.10.24 13:38:33 | 000,000,000 | ---D | C] -- C:\ProgramData\ScanSoft
[2011.10.24 13:38:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ScanSoft
[2011.10.24 13:37:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother
[2011.10.21 08:50:35 | 000,000,000 | ---D | C] -- C:\Users\Eddy\AppData\Roaming\skypePM
[2011.10.21 08:49:34 | 000,000,000 | ---D | C] -- C:\Users\Eddy\AppData\Roaming\Skype

========== Files - Modified Within 30 Days ==========

[2011.11.18 22:06:35 | 000,000,000 | ---- | M] () -- C:\Users\Eddy\defogger_reenable
[2011.11.18 21:00:50 | 001,529,582 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2011.11.18 21:00:50 | 000,667,478 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2011.11.18 21:00:50 | 000,627,984 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2011.11.18 21:00:50 | 000,134,308 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2011.11.18 21:00:50 | 000,110,594 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2011.11.18 20:57:12 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011.11.18 06:15:53 | 000,013,664 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.11.18 06:15:53 | 000,013,664 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.18 06:09:13 | 000,000,031 | ---- | M] () -- C:\tmuninst.ini
[2011.11.18 06:07:35 | 3148,226,560 | -HS- | M] () -- C:\hiberfil.sys
[2011.11.10 06:07:24 | 000,322,456 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2011.10.26 21:42:52 | 001,560,176 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011.10.24 13:47:43 | 000,002,142 | ---- | M] () -- C:\Users\Public\Desktop\Brother Creative Center.lnk
[2011.10.24 13:47:20 | 000,000,236 | ---- | M] () -- C:\windows\Brpfx04a.ini
[2011.10.24 13:47:20 | 000,000,093 | ---- | M] () -- C:\windows\brpcfx.ini
[2011.10.24 13:46:15 | 000,000,425 | ---- | M] () -- C:\windows\BRWMARK.INI
[2011.10.24 13:46:15 | 000,000,027 | ---- | M] () -- C:\windows\BRPP2KA.INI
[2011.10.24 13:45:27 | 000,000,066 | ---- | M] () -- C:\windows\Brfaxrx.ini
[2011.10.24 13:45:27 | 000,000,050 | ---- | M] () -- C:\windows\SysNative\bridf09d.dat
[2011.10.21 08:50:36 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat

========== Files Created - No Company Name ==========

[2011.11.18 22:06:35 | 000,000,000 | ---- | C] () -- C:\Users\Eddy\defogger_reenable
[2011.10.30 19:31:40 | 000,087,040 | ---- | C] () -- C:\windows\SysNative\pdfcmnnt.dll
[2011.10.27 17:43:47 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011.10.25 20:50:27 | 001,560,176 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011.10.24 13:47:43 | 000,002,142 | ---- | C] () -- C:\Users\Public\Desktop\Brother Creative Center.lnk
[2011.10.24 13:47:20 | 000,000,236 | ---- | C] () -- C:\windows\Brpfx04a.ini
[2011.10.24 13:47:20 | 000,000,093 | ---- | C] () -- C:\windows\brpcfx.ini
[2011.10.24 13:46:15 | 000,000,425 | ---- | C] () -- C:\windows\BRWMARK.INI
[2011.10.24 13:46:15 | 000,000,027 | ---- | C] () -- C:\windows\BRPP2KA.INI
[2011.10.24 13:45:27 | 000,000,050 | ---- | C] () -- C:\windows\SysNative\bridf09d.dat
[2011.10.24 13:45:16 | 000,106,496 | ---- | C] () -- C:\windows\SysWow64\BrMuSNMP.dll
[2011.10.24 13:45:16 | 000,000,066 | ---- | C] () -- C:\windows\Brfaxrx.ini
[2011.10.24 13:45:15 | 000,000,000 | ---- | C] () -- C:\windows\brdfxspd.dat
[2011.10.24 13:45:14 | 000,143,360 | ---- | C] () -- C:\windows\SysNative\BrSNMP64.dll
[2011.10.24 13:39:28 | 000,031,864 | ---- | C] () -- C:\windows\maxlink.ini
[2011.10.21 08:50:36 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.05.10 16:03:41 | 000,017,776 | ---- | C] () -- C:\windows\EvtMessage.dll
[2011.05.10 16:03:19 | 000,960,940 | ---- | C] () -- C:\windows\SysWow64\igkrng600.bin
[2011.05.10 16:03:19 | 000,207,376 | ---- | C] () -- C:\windows\SysWow64\igfcg600m.bin
[2011.05.10 16:03:19 | 000,145,804 | ---- | C] () -- C:\windows\SysWow64\igcompkrng600.bin
[2011.05.10 16:03:18 | 000,002,975 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2011.05.10 16:02:03 | 000,000,096 | ---- | C] () -- C:\windows\LaunApp.ini
[2011.05.10 16:02:00 | 000,000,271 | ---- | C] () -- C:\windows\WisPriority.ini
[2011.05.10 16:02:00 | 000,000,035 | ---- | C] () -- C:\windows\DELL_LANGCODE.ini
[2011.05.10 16:02:00 | 000,000,033 | ---- | C] () -- C:\windows\DELL_OSTYPE.ini
[2011.05.10 16:02:00 | 000,000,032 | ---- | C] () -- C:\windows\WisHWDest.ini
[2011.05.10 16:02:00 | 000,000,028 | ---- | C] () -- C:\windows\WisLangCode.ini
[2011.05.10 16:02:00 | 000,000,023 | ---- | C] () -- C:\windows\WisSysInfo.ini
[2011.05.10 13:55:35 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2011.05.10 13:48:47 | 000,002,975 | ---- | C] () -- C:\windows\SysWow64\atipblup.dat
[2011.05.10 13:44:31 | 000,008,192 | ---- | C] () -- C:\windows\SysWow64\drivers\IntelMEFWVer.dll
[2011.03.21 03:49:03 | 000,000,324 | ---- | C] () -- C:\windows\Prelaunch.ini
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:59:36 | 000,982,196 | ---- | C] () -- C:\windows\SysWow64\igkrng500.bin
[2009.07.13 22:59:36 | 000,139,824 | ---- | C] () -- C:\windows\SysWow64\igfcg500.bin
[2009.07.13 22:59:36 | 000,097,448 | ---- | C] () -- C:\windows\SysWow64\igfcg500m.bin
[2009.07.13 22:59:35 | 000,417,344 | ---- | C] () -- C:\windows\SysWow64\igcompkrng500.bin
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011.10.14 16:59:58 | 000,000,000 | ---D | M] -- C:\Users\Eddy\AppData\Roaming\DigitalPersona
[2011.10.30 19:31:42 | 000,000,000 | ---D | M] -- C:\Users\Eddy\AppData\Roaming\pdfforge
[2011.10.26 21:41:13 | 000,000,000 | ---D | M] -- C:\Users\Eddy\AppData\Roaming\SoftGrid Client
[2011.10.15 15:55:54 | 000,000,000 | ---D | M] -- C:\Users\Eddy\AppData\Roaming\The Creative Assembly
[2011.10.25 20:51:04 | 000,000,000 | ---D | M] -- C:\Users\Eddy\AppData\Roaming\TP
[2009.07.14 06:08:49 | 000,026,040 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*. >
[2011.10.14 17:01:05 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2011.05.10 14:12:19 | 000,000,000 | ---D | M] -- C:\Apps
[2009.04.28 17:27:08 | 000,000,000 | -HSD | M] -- C:\Boot
[2011.10.14 16:56:50 | 000,000,000 | ---D | M] -- C:\Dell
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011.10.14 16:59:24 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2011.05.10 13:43:54 | 000,000,000 | ---D | M] -- C:\Intel
[2011.05.10 13:45:28 | 000,000,000 | ---D | M] -- C:\logs
[2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2011.10.25 20:50:13 | 000,000,000 | R--D | M] -- C:\Program Files
[2011.11.18 20:01:47 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2011.11.18 19:58:45 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.10.14 16:59:24 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.05.10 14:18:45 | 000,000,000 | -HSD | M] -- C:\Recovery
[2011.11.18 22:12:38 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.10.14 16:59:38 | 000,000,000 | R--D | M] -- C:\Users
[2011.10.24 13:47:20 | 000,000,000 | ---D | M] -- C:\Windows

< %PROGRAMFILES%\*.exe >

< %LOCALAPPDATA%\*.exe >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.manifest /3 >


< MD5 for: EXPLORER.EXE >
[2011.03.21 03:52:40 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2011.03.21 03:58:53 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.03.21 03:52:40 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=6D4F9E4B640B413C6F73414327484C80 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe
[2011.03.21 03:50:26 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2011.03.21 03:58:53 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2011.03.21 03:50:26 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2011.03.21 03:58:53 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2011.03.21 03:50:26 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2011.03.21 03:58:53 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.03.21 03:52:40 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=CA17F8620815267DC838E30B68CB5052 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2011.03.21 03:50:26 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2011.03.21 03:52:40 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe

< MD5 for: REGEDIT.EXE >
[2009.07.14 02:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
[2009.07.14 02:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe
[2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe
[2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\windows\SysNative\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WININIT.EXE >
[2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\windows\SysNative\wininit.exe
[2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2011.03.21 03:58:53 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2011.03.21 03:58:53 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\windows\SysNative\winlogon.exe
[2011.03.21 03:58:53 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< End of report >

Alt 20.11.2011, 12:36   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Email Account gehackt, Trojaner installiert? - Standard

Email Account gehackt, Trojaner installiert?



Bitte nun routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________

__________________

Alt 20.11.2011, 17:23   #3
kornhulio
 
Email Account gehackt, Trojaner installiert? - Standard

Email Account gehackt, Trojaner installiert?



Hier die logs von malwarebyte und ESET.

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 8199

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

20.11.2011 16:02:05
mbam-log-2011-11-20 (16-02-05).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|F:\|Q:\|)
Durchsuchte Objekte: 377531
Laufzeit: 49 Minute(n), 35 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)


ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internet# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=cbc486693c9d3c4d85c830e8dcee92f5
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-20 05:19:22
# local_time=2011-11-20 06:19:22 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=512 16777215 100 0 16770826 16770826 0 0
# compatibility_mode=5893 16776573 100 94 8013 73434205 0 0
# compatibility_mode=8192 67108863 100 0 6315 6315 0 0
# scanned=217231
# found=0
# cleaned=0
# scan_time=5207
__________________

Alt 21.11.2011, 09:04   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Email Account gehackt, Trojaner installiert? - Standard

Email Account gehackt, Trojaner installiert?



Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle posten, die in Malwarebytes im Reiter Logdateien sichtbar sind.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 21.11.2011, 10:15   #5
kornhulio
 
Email Account gehackt, Trojaner installiert? - Standard

Email Account gehackt, Trojaner installiert?



Nein dort ist nur diese eine Logdatei. Habe den vollständigen Suchlauf ausgeführt. Sollte es noch weitere Logdateien geben?


Alt 21.11.2011, 10:44   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Email Account gehackt, Trojaner installiert? - Standard

Email Account gehackt, Trojaner installiert?



Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!




Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________
--> Email Account gehackt, Trojaner installiert?

Alt 21.11.2011, 11:02   #7
kornhulio
 
Email Account gehackt, Trojaner installiert? - Standard

Email Account gehackt, Trojaner installiert?



Hier das logfile


11:57:41.0264 4128 TDSS rootkit removing tool 2.6.19.0 Nov 16 2011 12:18:50
11:57:42.0009 4128 ============================================================
11:57:42.0009 4128 Current date / time: 2011/11/21 11:57:42.0009
11:57:42.0009 4128 SystemInfo:
11:57:42.0009 4128
11:57:42.0009 4128 OS Version: 6.1.7600 ServicePack: 0.0
11:57:42.0009 4128 Product type: Workstation
11:57:42.0009 4128 ComputerName: EDDY-PC
11:57:42.0009 4128 UserName: Eddy
11:57:42.0009 4128 Windows directory: C:\windows
11:57:42.0009 4128 System windows directory: C:\windows
11:57:42.0009 4128 Running under WOW64
11:57:42.0009 4128 Processor architecture: Intel x64
11:57:42.0009 4128 Number of processors: 4
11:57:42.0009 4128 Page size: 0x1000
11:57:42.0009 4128 Boot type: Normal boot
11:57:42.0009 4128 ============================================================
11:57:42.0438 4128 Initialize success
11:58:36.0749 5776 ============================================================
11:58:36.0749 5776 Scan started
11:58:36.0749 5776 Mode: Manual; SigCheck; TDLFS;
11:58:36.0749 5776 ============================================================
11:58:37.0349 5776 1394ohci (969c91060cbb5d17cb8440b5f78b4c51) C:\windows\system32\DRIVERS\1394ohci.sys
11:58:37.0462 5776 1394ohci - ok
11:58:37.0739 5776 Acceler (e0065cbf1a25c015c218457d2cd522b9) C:\windows\system32\DRIVERS\Accelern.sys
11:58:37.0780 5776 Acceler - ok
11:58:38.0075 5776 ACPI (794ff35015209b9d44f1360c42c9776d) C:\windows\system32\DRIVERS\ACPI.sys
11:58:38.0120 5776 ACPI - ok
11:58:38.0390 5776 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\windows\system32\DRIVERS\acpipmi.sys
11:58:38.0455 5776 AcpiPmi - ok
11:58:38.0749 5776 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
11:58:38.0796 5776 adp94xx - ok
11:58:39.0077 5776 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
11:58:39.0121 5776 adpahci - ok
11:58:39.0389 5776 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
11:58:39.0426 5776 adpu320 - ok
11:58:39.0738 5776 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\windows\system32\drivers\afd.sys
11:58:39.0822 5776 AFD - ok
11:58:40.0090 5776 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\DRIVERS\agp440.sys
11:58:40.0122 5776 agp440 - ok
11:58:40.0421 5776 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\DRIVERS\aliide.sys
11:58:40.0449 5776 aliide - ok
11:58:40.0742 5776 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\DRIVERS\amdide.sys
11:58:40.0771 5776 amdide - ok
11:58:41.0052 5776 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
11:58:41.0112 5776 AmdK8 - ok
11:58:41.0609 5776 amdkmdag (b797496bca3bce8020f1cb573e0e5993) C:\windows\system32\DRIVERS\atikmdag.sys
11:58:41.0858 5776 amdkmdag - ok
11:58:42.0168 5776 amdkmdap (1ba2b45e0fdce093ec27bd11b3194861) C:\windows\system32\DRIVERS\atikmpag.sys
11:58:42.0239 5776 amdkmdap - ok
11:58:42.0513 5776 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
11:58:42.0573 5776 AmdPPM - ok
11:58:42.0857 5776 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\windows\system32\drivers\amdsata.sys
11:58:42.0889 5776 amdsata - ok
11:58:43.0156 5776 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
11:58:43.0193 5776 amdsbs - ok
11:58:43.0466 5776 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\windows\system32\drivers\amdxata.sys
11:58:43.0496 5776 amdxata - ok
11:58:43.0782 5776 ApfiltrService (7380b9072ebc65a54da3074e14bf34b9) C:\windows\system32\DRIVERS\Apfiltr.sys
11:58:43.0819 5776 ApfiltrService - ok
11:58:44.0104 5776 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\windows\system32\drivers\appid.sys
11:58:44.0189 5776 AppID - ok
11:58:44.0473 5776 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
11:58:44.0504 5776 arc - ok
11:58:44.0772 5776 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
11:58:44.0805 5776 arcsas - ok
11:58:45.0077 5776 aswFsBlk (5a68b880c16ad5a6aa20b49a47ffff24) C:\windows\system32\drivers\aswFsBlk.sys
11:58:45.0104 5776 aswFsBlk - ok
11:58:45.0366 5776 aswMonFlt (230613be2d3da8053879be5ed2848f2d) C:\windows\system32\drivers\aswMonFlt.sys
11:58:45.0393 5776 aswMonFlt - ok
11:58:45.0676 5776 aswRdr (0dc1996ae4178d7d14744ef6b3082313) C:\windows\system32\drivers\aswRdr.sys
11:58:45.0703 5776 aswRdr - ok
11:58:45.0997 5776 aswSnx (b6ff911c23775cdfdd49612d92637af4) C:\windows\system32\drivers\aswSnx.sys
11:58:46.0052 5776 aswSnx - ok
11:58:46.0318 5776 aswSP (5a590d8516376aed1829fc07d3bdaa4b) C:\windows\system32\drivers\aswSP.sys
11:58:46.0354 5776 aswSP - ok
11:58:46.0614 5776 aswTdi (3239c0082fb0c1c4ee323730b85690a5) C:\windows\system32\drivers\aswTdi.sys
11:58:46.0643 5776 aswTdi - ok
11:58:46.0888 5776 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
11:58:46.0963 5776 AsyncMac - ok
11:58:47.0228 5776 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\DRIVERS\atapi.sys
11:58:47.0257 5776 atapi - ok
11:58:47.0567 5776 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
11:58:47.0641 5776 b06bdrv - ok
11:58:47.0921 5776 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
11:58:47.0978 5776 b57nd60a - ok
11:58:48.0244 5776 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
11:58:48.0335 5776 Beep - ok
11:58:48.0617 5776 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
11:58:48.0663 5776 blbdrive - ok
11:58:48.0974 5776 bowser (19d20159708e152267e53b66677a4995) C:\windows\system32\DRIVERS\bowser.sys
11:58:49.0027 5776 bowser - ok
11:58:49.0290 5776 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
11:58:49.0347 5776 BrFiltLo - ok
11:58:49.0603 5776 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
11:58:49.0648 5776 BrFiltUp - ok
11:58:49.0909 5776 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
11:58:49.0960 5776 Brserid - ok
11:58:50.0215 5776 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
11:58:50.0273 5776 BrSerWdm - ok
11:58:50.0536 5776 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
11:58:50.0598 5776 BrUsbMdm - ok
11:58:50.0867 5776 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
11:58:50.0910 5776 BrUsbSer - ok
11:58:51.0194 5776 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\drivers\BthEnum.sys
11:58:51.0251 5776 BthEnum - ok
11:58:51.0521 5776 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
11:58:51.0572 5776 BTHMODEM - ok
11:58:51.0830 5776 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys
11:58:51.0886 5776 BthPan - ok
11:58:52.0180 5776 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\windows\System32\Drivers\BTHport.sys
11:58:52.0250 5776 BTHPORT - ok
11:58:52.0522 5776 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\windows\System32\Drivers\BTHUSB.sys
11:58:52.0570 5776 BTHUSB - ok
11:58:52.0845 5776 btmaux (16c1bac9760c9fa85a30f3fa0fbb1b7a) C:\windows\system32\DRIVERS\btmaux.sys
11:58:52.0872 5776 btmaux - ok
11:58:53.0165 5776 btmhsf (0c468d8da95be16bfdd380bb9de88259) C:\windows\system32\DRIVERS\btmhsf.sys
11:58:53.0206 5776 btmhsf - ok
11:58:53.0465 5776 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
11:58:53.0555 5776 cdfs - ok
11:58:53.0813 5776 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\windows\system32\DRIVERS\cdrom.sys
11:58:53.0880 5776 cdrom - ok
11:58:54.0158 5776 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
11:58:54.0203 5776 circlass - ok
11:58:54.0389 5776 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
11:58:54.0435 5776 CLFS - ok
11:58:54.0589 5776 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
11:58:54.0643 5776 CmBatt - ok
11:58:54.0895 5776 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\DRIVERS\cmdide.sys
11:58:54.0925 5776 cmdide - ok
11:58:55.0179 5776 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\windows\system32\Drivers\cng.sys
11:58:55.0235 5776 CNG - ok
11:58:55.0489 5776 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
11:58:55.0518 5776 Compbatt - ok
11:58:55.0771 5776 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\windows\system32\DRIVERS\CompositeBus.sys
11:58:55.0820 5776 CompositeBus - ok
11:58:56.0093 5776 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
11:58:56.0124 5776 crcdisk - ok
11:58:56.0426 5776 CSC (4a6173c2279b498cd8f57cae504564cb) C:\windows\system32\drivers\csc.sys
11:58:56.0493 5776 CSC - ok
11:58:56.0805 5776 CtClsFlt (fbe228abeab2be13b9c3a3a112d4d8dc) C:\windows\system32\DRIVERS\CtClsFlt.sys
11:58:56.0858 5776 CtClsFlt - ok
11:58:57.0160 5776 DfsC (9c253ce7311ca60fc11c774692a13208) C:\windows\system32\Drivers\dfsc.sys
11:58:57.0209 5776 DfsC - ok
11:58:57.0482 5776 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
11:58:57.0574 5776 discache - ok
11:58:57.0850 5776 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
11:58:57.0880 5776 Disk - ok
11:58:58.0169 5776 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
11:58:58.0221 5776 drmkaud - ok
11:58:58.0506 5776 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\windows\System32\drivers\dxgkrnl.sys
11:58:58.0590 5776 DXGKrnl - ok
11:58:58.0936 5776 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
11:58:59.0057 5776 ebdrv - ok
11:58:59.0344 5776 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
11:58:59.0407 5776 elxstor - ok
11:58:59.0670 5776 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\DRIVERS\errdev.sys
11:58:59.0729 5776 ErrDev - ok
11:59:00.0027 5776 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
11:59:00.0142 5776 exfat - ok
11:59:00.0410 5776 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
11:59:00.0510 5776 fastfat - ok
11:59:00.0820 5776 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
11:59:00.0883 5776 fdc - ok
11:59:01.0155 5776 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
11:59:01.0187 5776 FileInfo - ok
11:59:01.0439 5776 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
11:59:01.0560 5776 Filetrace - ok
11:59:01.0819 5776 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
11:59:01.0859 5776 flpydisk - ok
11:59:02.0106 5776 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\windows\system32\drivers\fltmgr.sys
11:59:02.0147 5776 FltMgr - ok
11:59:02.0477 5776 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
11:59:02.0508 5776 FsDepends - ok
11:59:02.0763 5776 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys
11:59:02.0793 5776 Fs_Rec - ok
11:59:03.0057 5776 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\windows\system32\DRIVERS\fvevol.sys
11:59:03.0101 5776 fvevol - ok
11:59:03.0371 5776 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
11:59:03.0404 5776 gagp30kx - ok
11:59:03.0646 5776 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
11:59:03.0700 5776 hcw85cir - ok
11:59:03.0975 5776 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\windows\system32\drivers\HdAudio.sys
11:59:04.0038 5776 HdAudAddService - ok
11:59:04.0296 5776 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\windows\system32\DRIVERS\HDAudBus.sys
11:59:04.0351 5776 HDAudBus - ok
11:59:04.0606 5776 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
11:59:04.0654 5776 HidBatt - ok
11:59:04.0919 5776 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
11:59:04.0984 5776 HidBth - ok
11:59:05.0250 5776 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
11:59:05.0307 5776 HidIr - ok
11:59:05.0594 5776 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\windows\system32\DRIVERS\hidusb.sys
11:59:05.0642 5776 HidUsb - ok
11:59:05.0920 5776 HpSAMD (0886d440058f203eba0e1825e4355914) C:\windows\system32\DRIVERS\HpSAMD.sys
11:59:05.0953 5776 HpSAMD - ok
11:59:06.0230 5776 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\windows\system32\drivers\HTTP.sys
11:59:06.0375 5776 HTTP - ok
11:59:06.0629 5776 hwpolicy (f17766a19145f111856378df337a5d79) C:\windows\system32\drivers\hwpolicy.sys
11:59:06.0657 5776 hwpolicy - ok
11:59:06.0928 5776 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
11:59:06.0967 5776 i8042prt - ok
11:59:07.0246 5776 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\windows\system32\DRIVERS\iaStor.sys
11:59:07.0289 5776 iaStor - ok
11:59:07.0586 5776 iaStorV (b75e45c564e944a2657167d197ab29da) C:\windows\system32\drivers\iaStorV.sys
11:59:07.0639 5776 iaStorV - ok
11:59:07.0909 5776 iBtFltCoex (fc85972037815fa7b413e790b426acb2) C:\windows\system32\DRIVERS\iBtFltCoex.sys
11:59:07.0954 5776 iBtFltCoex - ok
11:59:08.0508 5776 igfx (78527e6a4d78b1153925914c55872beb) C:\windows\system32\DRIVERS\igdkmd64.sys
11:59:08.0833 5776 igfx - ok
11:59:09.0097 5776 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
11:59:09.0128 5776 iirsp - ok
11:59:09.0411 5776 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\windows\system32\DRIVERS\IntcDAud.sys
11:59:09.0457 5776 IntcDAud - ok
11:59:09.0717 5776 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\DRIVERS\intelide.sys
11:59:09.0745 5776 intelide - ok
11:59:10.0252 5776 intelkmd (78527e6a4d78b1153925914c55872beb) C:\windows\system32\DRIVERS\igdpmd64.sys
11:59:10.0639 5776 intelkmd - ok
11:59:10.0899 5776 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
11:59:10.0947 5776 intelppm - ok
11:59:11.0196 5776 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\windows\system32\DRIVERS\ipfltdrv.sys
11:59:11.0314 5776 IpFilterDriver - ok
11:59:11.0568 5776 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\windows\system32\DRIVERS\IPMIDrv.sys
11:59:11.0614 5776 IPMIDRV - ok
11:59:11.0891 5776 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
11:59:11.0980 5776 IPNAT - ok
11:59:12.0261 5776 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
11:59:12.0312 5776 IRENUM - ok
11:59:12.0561 5776 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\DRIVERS\isapnp.sys
11:59:12.0590 5776 isapnp - ok
11:59:12.0839 5776 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\windows\system32\DRIVERS\msiscsi.sys
11:59:12.0878 5776 iScsiPrt - ok
11:59:13.0140 5776 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
11:59:13.0170 5776 kbdclass - ok
11:59:13.0428 5776 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\windows\system32\DRIVERS\kbdhid.sys
11:59:13.0476 5776 kbdhid - ok
11:59:13.0736 5776 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\windows\system32\Drivers\ksecdd.sys
11:59:13.0770 5776 KSecDD - ok
11:59:14.0036 5776 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\windows\system32\Drivers\ksecpkg.sys
11:59:14.0071 5776 KSecPkg - ok
11:59:14.0318 5776 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
11:59:14.0422 5776 ksthunk - ok
11:59:14.0703 5776 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
11:59:14.0796 5776 lltdio - ok
11:59:15.0088 5776 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
11:59:15.0122 5776 LSI_FC - ok
11:59:15.0391 5776 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
11:59:15.0425 5776 LSI_SAS - ok
11:59:15.0694 5776 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
11:59:15.0725 5776 LSI_SAS2 - ok
11:59:15.0991 5776 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
11:59:16.0025 5776 LSI_SCSI - ok
11:59:16.0255 5776 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
11:59:16.0354 5776 luafv - ok
11:59:16.0614 5776 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
11:59:16.0645 5776 megasas - ok
11:59:16.0905 5776 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
11:59:16.0947 5776 MegaSR - ok
11:59:17.0219 5776 MEIx64 (1c6e73fc46b509eff9d0086aa37132df) C:\windows\system32\DRIVERS\HECIx64.sys
11:59:17.0245 5776 MEIx64 - ok
11:59:17.0532 5776 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
11:59:17.0618 5776 Modem - ok
11:59:17.0862 5776 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
11:59:17.0920 5776 monitor - ok
11:59:18.0159 5776 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
11:59:18.0189 5776 mouclass - ok
11:59:18.0440 5776 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
11:59:18.0488 5776 mouhid - ok
11:59:18.0722 5776 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\windows\system32\drivers\mountmgr.sys
11:59:18.0753 5776 mountmgr - ok
11:59:18.0837 5776 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\windows\system32\DRIVERS\mpio.sys
11:59:18.0872 5776 mpio - ok
11:59:19.0125 5776 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
11:59:19.0233 5776 mpsdrv - ok
11:59:19.0500 5776 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\windows\system32\drivers\mrxdav.sys
11:59:19.0561 5776 MRxDAV - ok
11:59:19.0824 5776 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\windows\system32\DRIVERS\mrxsmb.sys
11:59:19.0872 5776 mrxsmb - ok
11:59:20.0135 5776 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\windows\system32\DRIVERS\mrxsmb10.sys
11:59:20.0194 5776 mrxsmb10 - ok
11:59:20.0454 5776 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\windows\system32\DRIVERS\mrxsmb20.sys
11:59:20.0505 5776 mrxsmb20 - ok
11:59:20.0766 5776 msahci (bccf16d5fb1109162380e3e28dc9e4e5) C:\windows\system32\DRIVERS\msahci.sys
11:59:20.0796 5776 msahci - ok
11:59:21.0049 5776 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\windows\system32\DRIVERS\msdsm.sys
11:59:21.0085 5776 msdsm - ok
11:59:21.0368 5776 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
11:59:21.0454 5776 Msfs - ok
11:59:21.0706 5776 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
11:59:21.0793 5776 mshidkmdf - ok
11:59:22.0054 5776 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\DRIVERS\msisadrv.sys
11:59:22.0082 5776 msisadrv - ok
11:59:22.0350 5776 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
11:59:22.0421 5776 MSKSSRV - ok
11:59:22.0655 5776 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
11:59:22.0725 5776 MSPCLOCK - ok
11:59:22.0977 5776 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
11:59:23.0071 5776 MSPQM - ok
11:59:23.0318 5776 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\windows\system32\drivers\MsRPC.sys
11:59:23.0365 5776 MsRPC - ok
11:59:23.0399 5776 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
11:59:23.0408 5776 mssmbios - ok
11:59:23.0662 5776 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
11:59:23.0741 5776 MSTEE - ok
11:59:23.0992 5776 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
11:59:24.0039 5776 MTConfig - ok
11:59:24.0300 5776 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
11:59:24.0332 5776 Mup - ok
11:59:24.0635 5776 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
11:59:24.0715 5776 NativeWifiP - ok
11:59:25.0012 5776 NDIS (a3151b3463eea7e47f618f115d0d142e) C:\windows\system32\drivers\ndis.sys
11:59:25.0096 5776 NDIS - ok
11:59:25.0364 5776 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
11:59:25.0461 5776 NdisCap - ok
11:59:25.0727 5776 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
11:59:25.0785 5776 NdisTapi - ok
11:59:26.0039 5776 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\windows\system32\DRIVERS\ndisuio.sys
11:59:26.0135 5776 Ndisuio - ok
11:59:26.0399 5776 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\windows\system32\DRIVERS\ndiswan.sys
11:59:26.0493 5776 NdisWan - ok
11:59:26.0739 5776 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\windows\system32\drivers\NDProxy.sys
11:59:26.0846 5776 NDProxy - ok
11:59:27.0113 5776 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
11:59:27.0213 5776 NetBIOS - ok
11:59:27.0588 5776 NetBT (9162b273a44ab9dce5b44362731d062a) C:\windows\system32\DRIVERS\netbt.sys
11:59:27.0692 5776 NetBT - ok
11:59:28.0176 5776 NETwNs64 (5d262402b0634c998f8cbcead7dd8676) C:\windows\system32\DRIVERS\NETwNs64.sys
11:59:28.0667 5776 NETwNs64 - ok
11:59:28.0940 5776 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
11:59:28.0970 5776 nfrd960 - ok
11:59:29.0245 5776 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
11:59:29.0354 5776 Npfs - ok
11:59:29.0617 5776 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
11:59:29.0725 5776 nsiproxy - ok
11:59:30.0020 5776 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\windows\system32\drivers\Ntfs.sys
11:59:30.0130 5776 Ntfs - ok
11:59:30.0394 5776 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
11:59:30.0461 5776 Null - ok
11:59:30.0546 5776 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\windows\system32\DRIVERS\nusb3hub.sys
11:59:30.0581 5776 nusb3hub - ok
11:59:30.0861 5776 nusb3xhc (d40a13b2c0891e218f9523b376955db6) C:\windows\system32\DRIVERS\nusb3xhc.sys
11:59:30.0913 5776 nusb3xhc - ok
11:59:31.0188 5776 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\windows\system32\drivers\nvraid.sys
11:59:31.0223 5776 nvraid - ok
11:59:31.0505 5776 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\windows\system32\drivers\nvstor.sys
11:59:31.0541 5776 nvstor - ok
11:59:31.0820 5776 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\DRIVERS\nv_agp.sys
11:59:31.0857 5776 nv_agp - ok
11:59:32.0121 5776 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\DRIVERS\ohci1394.sys
11:59:32.0169 5776 ohci1394 - ok
11:59:32.0461 5776 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
11:59:32.0501 5776 Parport - ok
11:59:32.0753 5776 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\windows\system32\drivers\partmgr.sys
11:59:32.0785 5776 partmgr - ok
11:59:32.0972 5776 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms
11:59:33.0021 5776 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
11:59:33.0292 5776 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\windows\system32\DRIVERS\pci.sys
11:59:33.0327 5776 pci - ok
11:59:33.0578 5776 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys
11:59:33.0607 5776 pciide - ok
11:59:33.0867 5776 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
11:59:33.0907 5776 pcmcia - ok
11:59:34.0165 5776 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
11:59:34.0196 5776 pcw - ok
11:59:34.0457 5776 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
11:59:34.0591 5776 PEAUTH - ok
11:59:34.0886 5776 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\windows\system32\DRIVERS\raspptp.sys
11:59:34.0961 5776 PptpMiniport - ok
11:59:35.0215 5776 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
11:59:35.0263 5776 Processor - ok
11:59:35.0542 5776 Psched (ee992183bd8eaefd9973f352e587a299) C:\windows\system32\DRIVERS\pacer.sys
11:59:35.0622 5776 Psched - ok
11:59:35.0886 5776 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\windows\system32\Drivers\PxHlpa64.sys
11:59:35.0913 5776 PxHlpa64 - ok
11:59:36.0195 5776 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
11:59:36.0279 5776 ql2300 - ok
11:59:36.0539 5776 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
11:59:36.0574 5776 ql40xx - ok
11:59:36.0827 5776 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
11:59:36.0891 5776 QWAVEdrv - ok
11:59:37.0149 5776 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
11:59:37.0237 5776 RasAcd - ok
11:59:37.0528 5776 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
11:59:37.0600 5776 RasAgileVpn - ok
11:59:37.0845 5776 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\windows\system32\DRIVERS\rasl2tp.sys
11:59:37.0951 5776 Rasl2tp - ok
11:59:38.0217 5776 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
11:59:38.0326 5776 RasPppoe - ok
11:59:38.0591 5776 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
11:59:38.0705 5776 RasSstp - ok
11:59:38.0974 5776 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\windows\system32\DRIVERS\rdbss.sys
11:59:39.0046 5776 rdbss - ok
11:59:39.0308 5776 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
11:59:39.0363 5776 rdpbus - ok
11:59:39.0622 5776 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
11:59:39.0700 5776 RDPCDD - ok
11:59:39.0967 5776 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\windows\system32\drivers\rdpdr.sys
11:59:40.0016 5776 RDPDR - ok
11:59:40.0282 5776 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
11:59:40.0361 5776 RDPENCDD - ok
11:59:40.0612 5776 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
11:59:40.0708 5776 RDPREFMP - ok
11:59:40.0971 5776 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\windows\system32\drivers\RDPWD.sys
11:59:41.0088 5776 RDPWD - ok
11:59:41.0353 5776 rdyboost (634b9a2181d98f15941236886164ec8b) C:\windows\system32\drivers\rdyboost.sys
11:59:41.0391 5776 rdyboost - ok
11:59:41.0707 5776 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys
11:59:41.0766 5776 RFCOMM - ok
11:59:42.0047 5776 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
11:59:42.0151 5776 rspndr - ok
11:59:42.0462 5776 RSUSBSTOR (be29b0a3ac1e8bd02ffab8cee86badfa) C:\windows\system32\Drivers\RtsUStor.sys
11:59:42.0498 5776 RSUSBSTOR - ok
11:59:42.0776 5776 RTL8167 (2777226ee8bf50b059d7a7c90177e99c) C:\windows\system32\DRIVERS\Rt64win7.sys
11:59:42.0820 5776 RTL8167 - ok
11:59:43.0080 5776 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\windows\system32\DRIVERS\vms3cap.sys
11:59:43.0129 5776 s3cap - ok
11:59:43.0388 5776 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\windows\system32\DRIVERS\sbp2port.sys
11:59:43.0422 5776 sbp2port - ok
11:59:43.0673 5776 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\windows\system32\DRIVERS\scfilter.sys
11:59:43.0772 5776 scfilter - ok
11:59:44.0047 5776 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
11:59:44.0136 5776 secdrv - ok
11:59:44.0406 5776 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
11:59:44.0450 5776 Serenum - ok
11:59:44.0721 5776 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
11:59:44.0778 5776 Serial - ok
11:59:45.0042 5776 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
11:59:45.0094 5776 sermouse - ok
11:59:45.0376 5776 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\DRIVERS\sffdisk.sys
11:59:45.0420 5776 sffdisk - ok
11:59:45.0682 5776 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\DRIVERS\sffp_mmc.sys
11:59:45.0728 5776 sffp_mmc - ok
11:59:45.0987 5776 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\windows\system32\DRIVERS\sffp_sd.sys
11:59:46.0024 5776 sffp_sd - ok
11:59:46.0276 5776 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
11:59:46.0328 5776 sfloppy - ok
11:59:46.0614 5776 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\windows\system32\DRIVERS\Sftfslh.sys
11:59:46.0682 5776 Sftfs - ok
11:59:46.0950 5776 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\windows\system32\DRIVERS\Sftplaylh.sys
11:59:46.0986 5776 Sftplay - ok
11:59:47.0255 5776 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\windows\system32\DRIVERS\Sftredirlh.sys
11:59:47.0280 5776 Sftredir - ok
11:59:47.0541 5776 Sftvol (393b22addd89979eb1c60898f51c3648) C:\windows\system32\DRIVERS\Sftvollh.sys
11:59:47.0566 5776 Sftvol - ok
11:59:47.0862 5776 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
11:59:47.0892 5776 SiSRaid2 - ok
11:59:48.0146 5776 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
11:59:48.0178 5776 SiSRaid4 - ok
11:59:48.0455 5776 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
11:59:48.0567 5776 Smb - ok
11:59:48.0856 5776 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
11:59:48.0886 5776 spldr - ok
11:59:49.0175 5776 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\windows\system32\DRIVERS\srv.sys
11:59:49.0243 5776 srv - ok
11:59:49.0519 5776 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\windows\system32\DRIVERS\srv2.sys
11:59:49.0588 5776 srv2 - ok
11:59:49.0865 5776 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\windows\system32\DRIVERS\srvnet.sys
11:59:49.0917 5776 srvnet - ok
11:59:50.0216 5776 stdcfltn (92e7f6666633d2dd91d527503daa7be0) C:\windows\system32\DRIVERS\stdcfltn.sys
11:59:50.0243 5776 stdcfltn - ok
11:59:50.0532 5776 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
11:59:50.0562 5776 stexstor - ok
11:59:50.0862 5776 STHDA (ef5acde92ba3f691bbfef781cb063501) C:\windows\system32\DRIVERS\stwrt64.sys
11:59:50.0924 5776 STHDA - ok
11:59:51.0195 5776 StillCam (decacb6921ded1a38642642685d77dac) C:\windows\system32\DRIVERS\serscan.sys
11:59:51.0247 5776 StillCam - ok
11:59:51.0534 5776 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\windows\system32\DRIVERS\vmstorfl.sys
11:59:51.0565 5776 storflt - ok
11:59:51.0839 5776 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\windows\system32\DRIVERS\storvsc.sys
11:59:51.0869 5776 storvsc - ok
11:59:52.0122 5776 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
11:59:52.0151 5776 swenum - ok
11:59:52.0507 5776 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\windows\system32\drivers\tcpip.sys
11:59:52.0605 5776 Tcpip - ok
11:59:52.0928 5776 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\windows\system32\DRIVERS\tcpip.sys
11:59:52.0974 5776 TCPIP6 - ok
11:59:53.0235 5776 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\windows\system32\drivers\tcpipreg.sys
11:59:53.0334 5776 tcpipreg - ok
11:59:53.0583 5776 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
11:59:53.0690 5776 TDPIPE - ok
11:59:53.0955 5776 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\windows\system32\drivers\tdtcp.sys
11:59:54.0037 5776 TDTCP - ok
11:59:54.0297 5776 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\windows\system32\DRIVERS\tdx.sys
11:59:54.0394 5776 tdx - ok
11:59:54.0653 5776 TermDD (c448651339196c0e869a355171875522) C:\windows\system32\DRIVERS\termdd.sys
11:59:54.0684 5776 TermDD - ok
11:59:54.0940 5776 TmFilter (2d5adaf5bf9f3eb97bda7c250a638ebf) C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmXPFlt.sys
11:59:54.0985 5776 TmFilter - ok
11:59:55.0278 5776 tmlwf (35a6aeb61c7cf21b10cc05bda47339b5) C:\windows\system32\DRIVERS\tmlwf.sys
11:59:55.0311 5776 tmlwf - ok
11:59:55.0525 5776 TmPreFilter (3dc786f0a14a6262c3f0f366b34f687f) C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmPreFlt.sys
11:59:55.0550 5776 TmPreFilter - ok
11:59:55.0848 5776 tmtdi (21cc12b7f8b44e91d03ead5b17aaf0b2) C:\windows\system32\DRIVERS\tmtdi.sys
11:59:55.0877 5776 tmtdi - ok
11:59:56.0146 5776 tmwfp (a4670e50c15d7bce7226e4b62700df09) C:\windows\system32\DRIVERS\tmwfp.sys
11:59:56.0192 5776 tmwfp - ok
11:59:56.0471 5776 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\windows\system32\DRIVERS\tssecsrv.sys
11:59:56.0558 5776 tssecsrv - ok
11:59:56.0835 5776 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\windows\system32\DRIVERS\tunnel.sys
11:59:56.0918 5776 tunnel - ok
11:59:57.0188 5776 TurboB (fd24f98d2898be093fe926604be7db99) C:\windows\system32\DRIVERS\TurboB.sys
11:59:57.0215 5776 TurboB - ok
11:59:57.0475 5776 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
11:59:57.0508 5776 uagp35 - ok
11:59:57.0771 5776 udfs (31ba4a33afab6a69ea092b18017f737f) C:\windows\system32\DRIVERS\udfs.sys
11:59:57.0828 5776 udfs - ok
11:59:58.0106 5776 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\DRIVERS\uliagpkx.sys
11:59:58.0137 5776 uliagpkx - ok
11:59:58.0387 5776 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\windows\system32\DRIVERS\umbus.sys
11:59:58.0434 5776 umbus - ok
11:59:58.0691 5776 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
11:59:58.0737 5776 UmPass - ok
11:59:59.0023 5776 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\windows\system32\DRIVERS\usbccgp.sys
11:59:59.0081 5776 usbccgp - ok
11:59:59.0357 5776 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\DRIVERS\usbcir.sys
11:59:59.0415 5776 usbcir - ok
11:59:59.0691 5776 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\windows\system32\drivers\usbehci.sys
11:59:59.0741 5776 usbehci - ok
12:00:00.0023 5776 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\windows\system32\DRIVERS\usbhub.sys
12:00:00.0084 5776 usbhub - ok
12:00:00.0348 5776 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\windows\system32\drivers\usbohci.sys
12:00:00.0395 5776 usbohci - ok
12:00:00.0662 5776 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
12:00:00.0707 5776 usbprint - ok
12:00:00.0964 5776 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\windows\system32\DRIVERS\USBSTOR.SYS
12:00:01.0014 5776 USBSTOR - ok
12:00:01.0287 5776 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\windows\system32\drivers\usbuhci.sys
12:00:01.0331 5776 usbuhci - ok
12:00:01.0615 5776 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\windows\system32\Drivers\usbvideo.sys
12:00:01.0669 5776 usbvideo - ok
12:00:01.0979 5776 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\DRIVERS\vdrvroot.sys
12:00:02.0009 5776 vdrvroot - ok
12:00:02.0309 5776 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
12:00:02.0355 5776 vga - ok
12:00:02.0630 5776 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
12:00:02.0731 5776 VgaSave - ok
12:00:03.0001 5776 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\windows\system32\DRIVERS\vhdmp.sys
12:00:03.0038 5776 vhdmp - ok
12:00:03.0295 5776 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\DRIVERS\viaide.sys
12:00:03.0327 5776 viaide - ok
12:00:03.0583 5776 vmbus (1501699d7eda984abc4155a7da5738d1) C:\windows\system32\DRIVERS\vmbus.sys
12:00:03.0623 5776 vmbus - ok
12:00:03.0879 5776 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\windows\system32\DRIVERS\VMBusHID.sys
12:00:03.0927 5776 VMBusHID - ok
12:00:04.0188 5776 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\windows\system32\DRIVERS\volmgr.sys
12:00:04.0221 5776 volmgr - ok
12:00:04.0481 5776 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\windows\system32\drivers\volmgrx.sys
12:00:04.0525 5776 volmgrx - ok
12:00:04.0786 5776 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\windows\system32\DRIVERS\volsnap.sys
12:00:04.0829 5776 volsnap - ok
12:00:05.0131 5776 vpcbus (abd9b4a7e2d0ae51a3b8df1af3152d61) C:\windows\system32\DRIVERS\vpchbus.sys
12:00:05.0173 5776 vpcbus - ok
12:00:05.0448 5776 vpcnfltr (8acda395841538ce9713a67fe8b2a3eb) C:\windows\system32\DRIVERS\vpcnfltr.sys
12:00:05.0482 5776 vpcnfltr - ok
12:00:05.0756 5776 vpcusb (31924e31bc315773e6d149b157db46d5) C:\windows\system32\DRIVERS\vpcusb.sys
12:00:05.0794 5776 vpcusb - ok
12:00:06.0051 5776 vpcvmm (510d250a08c09850f5c78ca2011b3b62) C:\windows\system32\drivers\vpcvmm.sys
12:00:06.0098 5776 vpcvmm - ok
12:00:06.0380 5776 VSApiNt (742421e475fed2b000efb5bdad9cfeae) C:\Program Files (x86)\Trend Micro\Client Server Security Agent\VSApiNt.sys
12:00:06.0513 5776 VSApiNt - ok
12:00:06.0800 5776 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
12:00:06.0841 5776 vsmraid - ok
12:00:07.0103 5776 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
12:00:07.0152 5776 vwifibus - ok
12:00:07.0424 5776 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
12:00:07.0490 5776 vwififlt - ok
12:00:07.0753 5776 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
12:00:07.0802 5776 vwifimp - ok
12:00:08.0067 5776 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
12:00:08.0120 5776 WacomPen - ok
12:00:08.0395 5776 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys
12:00:08.0495 5776 WANARP - ok
12:00:08.0498 5776 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys
12:00:08.0530 5776 Wanarpv6 - ok
12:00:08.0821 5776 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
12:00:08.0852 5776 Wd - ok
12:00:09.0116 5776 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
12:00:09.0178 5776 Wdf01000 - ok
12:00:09.0457 5776 wdkmd (94dc2bf6cbaaa95e369c3756d3115a76) C:\windows\system32\DRIVERS\WDKMD.sys
12:00:09.0485 5776 wdkmd - ok
12:00:09.0770 5776 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
12:00:09.0858 5776 WfpLwf - ok
12:00:10.0102 5776 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
12:00:10.0133 5776 WIMMount - ok
12:00:10.0450 5776 WinUSB (4d52c872018af7e18d078978dcc3f6f2) C:\windows\system32\DRIVERS\WinUSB.sys
12:00:10.0498 5776 WinUSB - ok
12:00:10.0778 5776 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys
12:00:10.0819 5776 WmiAcpi - ok
12:00:11.0118 5776 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
12:00:11.0200 5776 ws2ifsl - ok
12:00:11.0466 5776 WudfPf (c63907207b837a5c05cf6d1606aa0008) C:\windows\system32\drivers\WudfPf.sys
12:00:11.0513 5776 WudfPf - ok
12:00:11.0783 5776 WUDFRd (d885a873d733020f8b9b9ff4b1666158) C:\windows\system32\DRIVERS\WUDFRd.sys
12:00:11.0832 5776 WUDFRd - ok
12:00:12.0127 5776 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\windows\system32\DRIVERS\yk62x64.sys
12:00:12.0196 5776 yukonw7 - ok
12:00:12.0262 5776 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
12:00:12.0487 5776 \Device\Harddisk0\DR0 - ok
12:00:12.0494 5776 Boot (0x1200) (de4cfc9a6bceac4db23f9f39b2598578) \Device\Harddisk0\DR0\Partition0
12:00:12.0496 5776 \Device\Harddisk0\DR0\Partition0 - ok
12:00:12.0521 5776 Boot (0x1200) (cb30233e1566a8beebee7c4916004825) \Device\Harddisk0\DR0\Partition1
12:00:12.0524 5776 \Device\Harddisk0\DR0\Partition1 - ok
12:00:12.0547 5776 Boot (0x1200) (25c3fdae1f52b4ef29acea9a3fb7492e) \Device\Harddisk0\DR0\Partition2
12:00:12.0550 5776 \Device\Harddisk0\DR0\Partition2 - ok
12:00:12.0575 5776 Boot (0x1200) (1053f5b693a80b72ffb301f36ae40b04) \Device\Harddisk0\DR0\Partition3
12:00:12.0578 5776 \Device\Harddisk0\DR0\Partition3 - ok
12:00:12.0579 5776 ============================================================
12:00:12.0580 5776 Scan finished
12:00:12.0580 5776 ============================================================
12:00:12.0601 4640 Detected object count: 0
12:00:12.0601 4640 Actual detected object count: 0

Alt 21.11.2011, 11:13   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Email Account gehackt, Trojaner installiert? - Standard

Email Account gehackt, Trojaner installiert?



Auch unauffällig. Passwort zum Mailacc wurde geändertn? Tritt das Problem noch auf?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 21.11.2011, 16:50   #9
kornhulio
 
Email Account gehackt, Trojaner installiert? - Standard

Email Account gehackt, Trojaner installiert?



Ja das Passwort habe ich geändert. Ich wollte nur sicher gehen, dass das alte Passwort nicht über irgendwelche Trojaner oder ähnliches auf meinem Rechner ausgespäht wurde. Kann das Passwort auch über Bruteforce Attacken oder andere Methoden geknackt worden sein? Ich habe den Account heute wieder frei schalten lassen. Ich werde beobachten ob das Problem wieder auftritt oder nicht.

Antwort

Themen zu Email Account gehackt, Trojaner installiert?
64 bit system, 64-bit, adobe, autorun, bho, browser, c:\windows\system32\rundll32.exe, desktop, document, email, email account, error, excel, excel.exe, failed, flash player, format, helper, igdpmd64.sys, install.exe, ip-adresse, logfile, microsoft office starter 2010, microsoft office word, mozilla, realtek, registry, required, rundll, scan, security, shell32.dll, shortcut, software, spam, studio, system, trojaner, usb, usb 2.0, usb 3.0, version=1.0, visual studio, webcheck, windows



Ähnliche Themen: Email Account gehackt, Trojaner installiert?


  1. Spam Mail vom eigenen Yahoo Account erhalten - Account gehackt?
    Log-Analyse und Auswertung - 28.08.2015 (8)
  2. Email Account gehackt: Email Versand an meine Kontakte mit meinem Namen, aber anderer Email Adresse.
    Log-Analyse und Auswertung - 29.07.2015 (3)
  3. Passwort von Mail Account gehackt - Email mit Virenlink an Kontakte = PC infiziert?
    Überwachung, Datenschutz und Spam - 19.02.2015 (6)
  4. AOL Email Account gehackt?
    Diskussionsforum - 23.10.2014 (7)
  5. Mein Email Account wurde vermutlich gehackt
    Plagegeister aller Art und deren Bekämpfung - 05.08.2014 (12)
  6. Email Account gehackt? Mail Delivery
    Plagegeister aller Art und deren Bekämpfung - 29.05.2014 (24)
  7. E-Mail Account gehackt - unauthorisierte Mails von meinem Account werden verschickt
    Log-Analyse und Auswertung - 19.04.2014 (5)
  8. EMail-Account gehackt, kann mir bitte jmd sagen was ich jetzt alles tun sollte?
    Plagegeister aller Art und deren Bekämpfung - 13.04.2014 (3)
  9. BSI Email Account gehackt. PC mit Trojaner befallen?
    Log-Analyse und Auswertung - 08.04.2014 (1)
  10. GMX Account gehackt von Trojaner
    Log-Analyse und Auswertung - 13.07.2012 (1)
  11. eMail Account gehackt? Versende unkontrolliert Spam-eMails mit dubiosen Links
    Log-Analyse und Auswertung - 09.07.2012 (5)
  12. Amazon Account gehackt. Trojaner?
    Log-Analyse und Auswertung - 16.10.2011 (1)
  13. battle.net/WoW Account gehackt, Trojaner
    Log-Analyse und Auswertung - 17.02.2011 (5)
  14. Keylogger email account gehackt! wer weiß was
    Log-Analyse und Auswertung - 18.03.2010 (1)
  15. WOW Account gehackt - habe ich Trojaner?
    Log-Analyse und Auswertung - 04.10.2009 (7)
  16. WoW-Account gehackt, Trojaner am Werk?
    Log-Analyse und Auswertung - 13.08.2009 (4)
  17. Account wurde gehackt - Trojaner???
    Log-Analyse und Auswertung - 20.11.2007 (8)

Zum Thema Email Account gehackt, Trojaner installiert? - Hallo, von meinem GMX werden seit kurzem Spam Emails an zufällige und teilweise ungültige Email Adressen versendet. Ich habe von GMX auch bereits eine Email erhalten das mein account wohlmöglich - Email Account gehackt, Trojaner installiert?...
Archiv
Du betrachtest: Email Account gehackt, Trojaner installiert? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.